Agnosys

Agnosys was founded on April 7, 1999. Agnosys is a Qualiopi Certified Authorized Training Center, a member of the Apple Consultants Network (ACN). Agnosys' core business is training on Apple technologies. They offer a range of trainings in support, integration, deployment and maintenance of Apple products, some of which are preparatory to obtaining official Apple certifications.

Integrating EasyLAPS with FileWave

What

This article focuses on EasyLAPS, a tool developed to routinely rotate the local administrator account password of a Mac and store it in a Mobile Device Management (MDM) solution, including FileWave. EasyLAPS main function is to maintain unique passwords across a Mac fleet, centralized in the MDM console.

When/Why

EasyLAPS is beneficial when the need arises to manage and rotate local administrator passwords across a number of Mac devices, ensuring unique passwords are utilized and safely stored within the MDM. This tool is particularly useful for enhancing the security of your network by preventing unauthorized access and reducing the risk of password-related security breaches.

How

EasyLAPS operates in two different functioning logics, both supported by FileWave:

Logic #1: In this mode, the password is stored in encrypted form both in the MDM and in the EasyLAPS Keychain. EasyLAPS manages the password rotation using the locally stored password, with the new generated password then stored in the MDM. The public key used for encryption is part of the EasyLAPS configuration file, while the private key is not present on the device and must be kept securely. This mode is most suitable when a large number of technicians have access to the MDM console, and only those possessing a copy of the EasyLAPS-Toolkit with the private key can access the rotated password.

Logic #2: Here, the password is stored in clear text in the MDM and not stored locally unless a password reversion fails. EasyLAPS uses the MDM-stored password to manage the rotation to the new generated one, which is then stored in the MDM. This logic is best when a limited number of technicians have access to the MDM console and can access a rotated password.

After the first successful rotation, the new password is visible in the device inventory record.

EasyLAPS operates a true rotation of the local administrator password, so the account keeps its cryptographic status. That means that once the password is changed, the account is still a Crypto user and Volume owner, able to unlock the device, install macOS updates, make changes to the startup security policy, initiate an Erase All Content and Settings, and more. 

Complete documentation on how to use EasyLAPS with FileWave is provided upon purchase, offering detailed instructions and support. Please note that EasyLAPS supports a variety of MDM solutions with FileWave included. 

image.png

Integrating MacOnboardingMate (MOM) with FileWave

What

This article is about MacOnboardingMate (MOM), a tool that streamlines the onboarding and migration of Mac devices across different Mobile Device Management (MDM) solutions, including FileWave.

When/Why

MOM is utilized when a Mac needs to be onboarded to an MDM solution or migrated from one MDM to another. This is relevant when a new device is added to your network, a device is being transferred to a different MDM platform, or when you are initiating an MDM switch project. MOM retains the Automated Device Enrollment configuration during migration, a key feature for most organizations.

How

MOM operates in two different execution modes: Launcher and AutoLauncher.

Launcher is used when MOM is manually run outside of an MDM, while AutoLauncher is used when MOM is operated from within an MDM, either automatically or manually through a Self Service.

MOM will facilitate the onboarding or migration process, managing both the unenrollment from the previous MDM and the enrollment into FileWave. For onboarding, MOM is run from within the FileWave MDM and started during the Setup Assistant. For migration to FileWave, MOM is executed from the MDM that the device leaves.

MOM's latest version includes a new user interface based on swiftDialog. The previous interface, based on DEPNotify, is still available to ensure a smooth transition for existing users. MOM White glove provisioning combined with macOS Automated Device Enrollment offers a similar experience as Windows Autopilot for pre-provisioned deployment.

The tool supports multiple languages, currently available in English and French, and can be localized to other languages as required. An important advantage of using MOM is its "turnkey" nature, requiring no scripting knowledge for implementation or upgrade. If necessary, it can be augmented with scripts at key steps of the workflows, offering flexibility and customizability.

Complete documentation on how to use MOM with FileWave is provided upon purchase, offering detailed instructions and support.  Please note that MOM supports a variety of MDM solutions with FileWave included.

MOM_FileWave_1.png
 MOM_FileWave_2.png
MOM_FileWave_3.png
  

Demos

Demo : Migration of a Mac between two MDM (DEPNotify)

Demo : Onboarding of a Mac enrolled during the Setup Assistant (DEPNotify)

Demo : Onboarding of a Mac enrolled from an opened user’s session (DEPNotify)

Integrating Telepod with FileWave

What

This article discusses Telepod, an automaton created to streamline the lifecycle of an iOS device. Telepod enables the backup and restoration of new iOS devices without iCloud, remotely monitored by IT support. It can work as part of a Mobile Device Management (MDM) solution, like FileWave, to retain the Automated Device Enrollment configuration during MDM migrations.

When/Why

Telepod is essential when setting up new iOS devices, replacing existing devices, or migrating devices between MDM solutions. It offers a streamlined and efficient method to manage iOS device lifecycles, which is particularly useful in large-scale environments where multiple devices need to be managed simultaneously.

How

Telepod operates through highly customizable workflows, launched from an assistant available in the Self Service of a Mac enrolled in an MDM solution. Currently, there are four types of workflows:

  1. Migration (MDM switching): This migrates a device from one MDM to another. No data transfer occurs, and devices are enrolled in the new MDM using Device Enrollment.

  2. Replacement: This replaces a current device with a new one. It supports two main use cases: device switching under the current MDM and MDM switching to a new MDM.

  3. Setup: This sets up a new device from the backup of another device acting as a model.

  4. Backup: This creates a backup of a device acting as a model, allowing other new devices to be set up.

Data is transferred locally over a wired connection for Backup, Replacement, and Setup workflows, bypassing the need for iCloud. Backups can be stored centrally in a distribution point, making them available worldwide.

Telepod's latest version includes a new user interface based on swiftDialog. The previous interface, based on DEPNotify, is still available to ensure a smooth transition for existing users.

The tool supports multiple languages, currently available in English and French, and can be localized to other languages as required. Telepod is a "turnkey" software, meaning no scripting knowledge is required for implementation or upgrade.

Complete documentation on how to use Telepod with FileWave is provided upon purchase, offering detailed instructions and support. Please note that Telepod supports a variety of MDM solutions with FileWave included.

telepod_2_replacement_filewave_001_Telepod initialization.png telepod_2_replacement_filewave_002_Workflow selection.png
telepod_2_replacement_filewave_003_Workflow introduction.png telepod_2_replacement_filewave_004_Workflow started.png
telepod_2_replacement_filewave_005_Current device selection.png telepod_2_replacement_filewave_006_Current device backup.png
telepod_2_replacement_filewave_007_New device selection.png telepod_2_replacement_filewave_008_New device customization.png
telepod_2_replacement_filewave_009_Backup restoration.png telepod_2_replacement_filewave_010_New device prepared.png
telepod_2_replacement_filewave_011_Workflow completed.png telepod_2_replacement_filewave_012_Received Webhooks.png

Demo

Demo : Replacement / Device switching (DEPNotify)