At TechEd North America I came across the booth from Parallels and they were advertising with a product called Parallels Mac Management for ConfigMgr. Parallels Mac Management for SCCM was awarded with the “The Best of TechEd award”. So for me worthwhile looking at and of course everything that integrates with ConfigMgr 2012 attracts my attention 😉 This blog is a review of Parallels Mac Management, let’s have a look. In Part 1 we will have a look at the features, the components and how we are able to deploy the client.
In earlier blogs I wrote (here, here, here and here) about the native Mac OS X support in Configuration Manager 2012 R2, I have also showed the Parallels integration while being at the ConfigMgr.ch Community Event. Parallels Mac Management for ConfigMgr adds enhanced Mac OS X support to Configuration Manager 2007 and Configuration Manager 2012. In the table below you see the main features of the plugin to Configuration Manager.
Subject | Parallels Mac Management for SCCM | ConfigMgr 2012 R2 native |
Support for Mac OS X 10.6 – 10.9 | X | X |
Network discovery and automatic enrollment | X | |
Manual enrollment | X | X |
Hardware and software inventory | X | X |
Deployment of software via packages and programs | X | |
Deployment of software via App Model | X | |
Deploy Mac OS X Configuration Profiles | X | |
Easy to use OS X Configuration Profile editor | X | |
Deploy scripts as ConfigMgr Configuration Items | X | X |
Deploy Mac OS X pre-built images | X | |
Enable FileVault 2 encrption | X | |
In console Remote Assistance | X |
In a scheduled new version the following features will be added;
Subject |
Show warranty status |
Self-Service Application Portal for Macs |
Deployment of software via App Model |
Parallels Infrastructure
Besides the features above one very big advantage of the Parallels implementation is the fact that no Public Key Infrastructure is needed to be able to manage the Mac OS X devices. The Mac OS X devices are not threaten as a mobile device but as a “normal” configuration manager client. So what do we need to be able to enroll Mac OS X devices in ConfigMgr 2012?
Parallels Mac Management for Configuration Manager integration consist of the following components;
- Configuration Manager Proxy agent
- Netboot integration of PXE enabled Distribution Point
- Plugin with Configuration Manager console
- Parallels Configuration Manager Client
Configuration Manager Proxy agent
The Configuration Manager Proxy Agent is the middle-tier between the Parallels Configuration Manager client and the Configuration Manager 2012 Management Point. The Configuration Manager Proxy needs to be installed in each primary site or when using Secondary Sites you are able to choose if you want to install the Configuration Manager Proxy in the Secondary Site, installation in the Primary Sites are still mandatory. Try to install the Configuration Manager Proxy on the server where an SMS Provider is installed, this saves you manual configuration.
Netboot integration of PXE enabled Distribution Point
Netboot is used to boot an Apple Mac from the network, the netboot integration allows Mac OS X users to boot from the network via one (or more) of your PXE enabled distribution points.
Plugin with Configuration Manager console
The plugin allows you to manage the features from the Configuration Manager Console mentioned above.
Parallels Configuration Manager Client
The client is not the Mac OS X client available from Microsoft. As mentioned, Parallels Mac Management for ConfigMgr comes with its own client which communicates via a self-signed certificate with the Configuration Manager Proxy with the Management Point.
Network discovery + automatic enrollment
To be able to discover Mac OS X devices we need to be sure that the following prerequisites are in place:
- “Local” admin user (domain joined machines can use a domain user that is administrator)
- Remote Logon needs to be enabled
After the prerequisites are in place we are able to enable the network discovery by configuring the TCP ports to scan, the subnets, the administrative account and the schedule.
After enabling network discovery, based on a subnet the Network Discovery process finds a Mac in the configured Subnet and will be registered as an IP Address. Next the discovery process pushes a client and the client will be installed and the client register itself to Configuration Manager.
Unfortunately the user is not able to trigger the client to connect to the Configuration Manager Proxy, but in the Console you are able to trigger a Machine Policy Retrieval and Evaluation Cycle.
Manual enrollment
Manual enrollment can be done by providing the user an URL where the installation source can be downloaded. By executing the DMG file, the client will be installed via a Wizard and enrolled into Configuration Manager 2012 R2.
More on this soon! Next time we will have a look at the manageability options that are offered and how you can use these to manage your Mac OS X devices.
I’m not sure what you mean with this “Not threaten as a mobile client” Otherwise this is an excellent series of articles!
Hi David,
Thanks for your note. When using native Mac OS X support of ConfigMgr, Mac OS X clients are registered as Mobile Clients. The Parallels plugin register the clients as normal ConfigMgr clients.
Hope this helps.
Cheers,
Peter
FYI port 22 on each Mac client has to be open (which is not open by default) in order for the discovery to succeed
thanks for the feedback Russ.