How XING chose SimpleMDM as their Apple MDM solution

SimpleMDM Favicon
SimpleMDM|December 3, 2018
Xing Case Study
Xing Case Study

Our customer spotlight series shares the unique strategies our customers use for their Mac deployments. It also offers insight into the different ways Macadmins are solving common problems.

What is XING SE?

Name: XING SE (now known as NEW WORK SE)
Headquarters: Hamburg, Germany
Category: Recruiting services, corporate events, business networking
Description: "NEW WORK SE offers a wide range of brands, products and services for a better working life. By doing so, NEW WORK SE is continuing its success story that reaches back almost 20 years."

XING SE is a premier social network company that focuses on business networking, career search, and other business- and career-related services. XING was founded in 2003 in Hamburg, Germany, and currently has over 1,500 employees and serves upwards of 15 million members, primarily in Europe.

Who are David Schöfberger & Christopher Maack?

David Schöfberger and Christopher Maack are both IT System Administrators at XING, located in Vienna and Hamburg respectively. Together they are responsible for the management of in-house Macs and many more iOS devices. David was nice enough to share XING’s internal processes and configurations currently being used.

Their goals

  • Migrate from an older system that required many manual processes to a more scalable, automated solution

  • Unify the deployment system across all company locations

  • Reduce the time necessary to deploy/configure a new Mac

Tools used


David and Christopher were in search of a future-proof solution that they could deploy across multiple locations. When they came across SimpleMDM, they were confident that it could effectively manage a large number of Mac and iOS devices in a unified manner.

Though working towards a touchless deployment, XING currently involves an on-site IT technician in the setup process to handle a few quick tasks for reasons relating to macOS reliability, such as ensuring FileVault encryption was successful. XING plans to move toward a zero-touch deployment in time.

From purchase to user delivery

XING purchases Macs from their vendor, who is responsible for adding the devices to their DEP account. Once the Macs are received, they are unboxed, connected to the internet, and activated using DEP. The technician proceeds through the DEP-customized Setup Assistant screens, and the device is enrolled into a default device group. This group only applies a few basic profiles and certificates.

After the initial enrollment is complete, the technician renames the device and reassigns it to the destination group via the SimpleMDM interface. The destination group applies additional configuration profiles, some of which are based on the office location and employee’s role. The native profiles include:

  • FileVault profile

  • Firmware Password profile

  • Privacy Preferences profile to automatically configure permissions for certain software

  • Kernel Extensions profile to automatically permit certain kernel extensions

Several custom configuration profiles are also applied via the destination group:

  • Region-specific Active Directory profiles for binding accounts. This allows users to log in with known credentials.

  • One or more profiles for each required Munki catalog.

  • A profile to configure the Dock on macOS.

  • A Google Chrome profile that enables integrated authentication with a web proxy.

  • A Login Window profile that hides the “Guest” login option and displays the full name of user accounts.

When the login window is displayed, the technician logs in to the admin account that was auto created during enrollment with DEP. They confirm that Munki – Managed Software Center is installed and showing in the Dock. The technician then logs out of the admin account, enables FileVault following a prompt, and then reboots the device. The reboot kicks off a script that runs to ensure the Managed Software Center automatically installs all required software. After logging out of the admin account, the option to log in with an Active Directory user is shown. They log in to Active Director with new user credentials and set the secure token for FileVault. The device is then passed off to the user. After logging in, the user can reset their own password for the account.

Prior to using SimpleMDM, David states that the deployment process took more than 30 minutes. With SimpleMDM, the time has been cut down to less than 10.

API & Webhook integrations

David and Christopher have created a handful of custom integrations. To help with their migration process onto SimpleMDM, they used a script deployed via Munki to check if the SimpleMDM management profile was installed on their Macs, and if one was not present, Munki would install the enrollment profile which added the device to their default group.

Additionally, David and Christopher use the SimpleMDM API to send information to Nagios and Icinga, the internal systems they use for reporting. These integrations allow them to check for certificate expiration dates and send notifications, monitor their usage of device licenses in MDM, and ensure their users’ Macs are assigned to the appropriate device groups.

David and Christopher are also writing integrations that utilize SimpleMDM’s webhooks to send custom notifications based on events, such as new device enrollments. These integrations help their device administrators keep a closer eye on their deployment and stay on top of any potential issues before they arise.

Ready to see for yourself how simple Apple device management can be? Start a free 30-day trial or request a demo.

SimpleMDM Favicon

SimpleMDM is a mobile device management solution that helps IT teams securely update, monitor, and license Apple devices in a matter of minutes — all while staying on top of Apple updates automatically.

Related articles