Skip to content

How Unbounce onboards their macOS fleet with SimpleMDM

SimpleMDM Favicon
SimpleMDM|November 13, 2018
Unbounce Case Study
Unbounce Case Study

Our customer spotlight series shares the unique strategies our customers use for their Mac deployments. It also offers insight into the different ways Macadmins are solving common problems.

What is Unbounce?

Name: Unbounce
Website: unbounce.com
Headquarters:
Vancouver, Canada and Berlin, Germany
Category: Marketing, AI copywriting
Description:
"Unbounce helps you get more outta your marketing. From pre-optimized landing pages to great copy that’s written for you, we pair your know-how with AI to help you transform your ideas into campaigns that get results."

Since 2009, Unbounce has helped marketers and digital agencies increase website and campaign conversions. Unbounce’s landing page and conversion marketing platform allow marketers to quickly create, launch, and test high-converting landing pages, popups, and sticky bars without developers. With unrivaled customer support, global hosting and 99.95% server uptime, Unbounce has powered over 250 million conversions for marketers around the world.

Tim Fitzgerald is a Systems Administrator at Unbounce. He is responsible for developing and managing Unbounce’s macOS deployment for a rapidly growing user base, which currently consists of multiple office locations and a number of remote employees. Tim’s guidance and skills have been instrumental in successfully moving Unbounce’s deployment onto MDM as well as implementing and maintaining their Munki infrastructure.

Unbounce's goals

  • A fast, secure, and touchless deployment process

  • An end-result that provides users immediately with all the software and accounts they need

  • The ability to reliably deploy Macs for remote employees without the need for an on-site technician

Tools used in Unbounce's stack

Unbounce uses a variety of macOS tools in their environment:

  • SimpleMDM

  • Apple DEP

  • Apple VPP

  • AWS + CloudFront

  • Munki

  • CloudFront-Middleware

  • DEPNotify

  • InstallApplications

Solutions

From unboxing to enrollment

Like many others, Tim’s goal for his macOS deployment is to set up devices quickly and with as little end-user interaction as possible. The deployment process starts with devices being enrolled using Apple DEP as soon as they are unboxed and activated. As specified by the DEP enrollment settings, many of the initial Setup Assistant panes are skipped, a local administrator account is created automatically and hidden from other local user accounts, and the end user is prompted to interactively create an administrator account.

Bootstrapping configurations & software

During the enrollment via DEP, devices are assigned to a “bootstrap” device group, which applies an initial Munki configuration profile and a wireless network profile. Then, it installs the InstallApplications package.

The InstallApplications package installs a variety of items during the Setup Assistant stage, including Munki tools, an AWS CloudFront Middleware package, certificates, and a DEPNotify package. The certificates are used for authentication via CloudFront when accessing the Munki repository on AWS. This CloudFront Middleware provides an additional layer of security so that only MDM-enrolled devices can access the company’s Munki repo, as well as reduces potential costs by limiting the number of requests made to the AWS-hosted repository.

When the user account is created and the user logs in, the DEPNotify package runs a script to launch a DEPNotify window. This window includes Unbounce’s branding and a greeting message welcoming the user to Unbounce. This script reads from the Munki logs to retrieve information about package/application download statuses and then updates the DEPNotfiy window to keep the user informed about the setup progress. While this is happening, a second script runs that automatically configures the dock settings/icons. Upon completion, DEPNotify provides the user with contact information for the Unbounce IT team in case they have any questions or issues.

Role-specific device configuration

At this point, the main bootstrapping process is finished. From here, an MDM administrator will assign the device to its destination device group, which is determined based on who will be using the Mac. This group then assigns a variety of additional configuration profiles, including a FileVault profile, Passcode Policy profile, a custom configuration to enforce ‘Always-On’ Firewall, a custom Energy Saver configuration, and a second Munki configuration based on which department the device will be used in.

This second Munki profile specifies which additional software will be installed via Munki – for example, Mac assigned to developers will receive development-specific apps/software, designers will receive their design software, etc.

Upon completion, the machine is prepped and ready for the employee to start working on immediately, with all the software they need to complete their job tasks.


Ready to see for yourself how simple Apple device management can be? Start a free 30-day trial or request a demo.

SimpleMDM Favicon
SimpleMDM

SimpleMDM is a mobile device management solution that helps IT teams securely update, monitor, and license Apple devices in a matter of minutes — all while staying on top of Apple updates automatically.

Related articles