Archive
Additional roles in Apple Business Manager or Apple School Manager with option to administer AppleSeed for IT program
As a follow-up to my previous post on using Apple Business Manager to enroll in the AppleSeed for IT program, my colleague Mark let me know that in addition to the Administrator role, it appears there are two other roles which can administer the AppleSeed for IT program for an organization.
Note: One of those roles is exclusive to Apple School Manager, so for Apple Business Manager there is only one other role in addition to the Administrator role which can administer the AppleSeed for IT program.
- People Manager role (available in Apple Business Manager and Apple School Manager):
If you look in the People Manager role in either Apple Business Manager and Apple School Manager, there is an Administer AppleSeed for IT checkbox option.
This option is disabled by default, but it is the same checkbox option which is checked for the Administrator role, which in turn allows the Administrator role to administer the AppleSeed for IT program for an organization.
- Site Manager role (available only in Apple School Manager):
If you look in the Site Manager role in Apple School Manager, there likewise is an Administer AppleSeed for IT checkbox option. This option is enabled by default, so it looks like the Site Manager role in Apple School Manager by default has the same ability as the Administrator role to administer the AppleSeed for IT program for an organization.
Deploying Apple beta program tokens using Blueprints in Jamf Pro
As discussed in a previous post, Apple provides tokens which allow devices to be enrolled in Apple’s beta programs without the need for the user to sign in with an Apple Account on the device.
You can use Blueprints in Jamf Pro to distribute these tokens, using the Software Update Settings component in Blueprints. Let’s see how this works using the following software update configuration as an example:
- Macs are enrolled in the macOS Tahoe beta program.
- Macs cannot opt out of participating in the macOS Tahoe beta program.
For more details, please see below the jump.
Obtaining Apple beta program tokens
As discussed in an earlier post, you can sign up for Apple’s AppleSeed for IT program using a user with the Administrator role in Apple Business Manager or Apple School Manager and subsequently obtain tokens which allow devices to be enrolled in Apple’s beta programs without the need for the user to sign in with an Apple Account on the device.
Apple has documentation available on how to obtain these tokens using an API call to the following endpoint:
https://mdmenrollment.apple.com/os-beta-enrollment/tokens
However, the documentation does not include the specifics on how to set up the API call or the necessary OAuth authentication for it. Fortunately, the folks at HCS Technology Group have published a technical article showing how to obtain the necessary tokens using the following:
- An ADE token from your organization’s Apple Business Manager or Apple School Manager instance.
- The getBetaTokens script written by the folks from Microsoft.
For more details, please see below the jump.
Der Flounder 
Recent Comments