Deploying Automox via VMware Workspace ONE

The recommended deployment of the Automox agent consists of 3 configurations:

Create or Modify Existing Notification Profile

macOS supports notification configuration profiles to ensure delivery of Automox notifications.

If no notification payload currently exists, create a new profile with Custom Settings with the following content to allow all Automox and Microsoft Office notification to run:

<dict>
       <key>NotificationSettings</key>
       <array>
           <dict>
               <key>AlertType</key>
               <integer>2</integer>
               <key>BadgesEnabled</key>
               <true/>
               <key>BundleIdentifier</key>
               <string>com.automox.automox-notifier</string>
               <key>CriticalAlertEnabled</key>
               <false/>
               <key>GroupingType</key>
               <integer>0</integer>
               <key>NotificationsEnabled</key>
               <true/>
               <key>ShowInLockScreen</key>
               <true/>
               <key>ShowInNotificationCenter</key>
               <true/>
               <key>SoundsEnabled</key>
               <true/>
           </dict>
           <dict>
               <key>AlertType</key>
               <integer>1</integer>
               <key>BadgesEnabled</key>
               <true/>
               <key>BundleIdentifier</key>
               <string>com.microsoft.Word</string>
               <key>CriticalAlertEnabled</key>
               <false/>
               <key>GroupingType</key>
               <integer>0</integer>
               <key>NotificationsEnabled</key>
               <true/>
               <key>ShowInLockScreen</key>
               <true/>
               <key>ShowInNotificationCenter</key>
               <true/>
               <key>SoundsEnabled</key>
               <true/>
           </dict>
           <dict>
               <key>AlertType</key>
               <integer>1</integer>
               <key>BadgesEnabled</key>
               <true/>
               <key>BundleIdentifier</key>
               <string>com.microsoft.Excel</string>
               <key>CriticalAlertEnabled</key>
               <false/>
               <key>GroupingType</key>
               <integer>0</integer>
               <key>NotificationsEnabled</key>
               <true/>
               <key>ShowInLockScreen</key>
               <true/>
               <key>ShowInNotificationCenter</key>
               <true/>
               <key>SoundsEnabled</key>
               <true/>
           </dict>
           <dict>
               <key>AlertType</key>
               <integer>1</integer>
               <key>BadgesEnabled</key>
               <true/>
               <key>BundleIdentifier</key>
               <string>com.microsoft.Powerpoint</string>
               <key>CriticalAlertEnabled</key>
               <false/>
               <key>GroupingType</key>
               <integer>0</integer>
               <key>NotificationsEnabled</key>
               <true/>
               <key>ShowInLockScreen</key>
               <true/>
               <key>ShowInNotificationCenter</key>
               <true/>
               <key>SoundsEnabled</key>
               <true/>
           </dict>
           <dict>
               <key>AlertType</key>
               <integer>1</integer>
               <key>BadgesEnabled</key>
               <true/>
               <key>BundleIdentifier</key>
               <string>com.microsoft.Outlook</string>
               <key>CriticalAlertEnabled</key>
               <false/>
               <key>GroupingType</key>
               <integer>0</integer>
               <key>NotificationsEnabled</key>
               <true/>
               <key>ShowInLockScreen</key>
               <true/>
               <key>ShowInNotificationCenter</key>
               <true/>
               <key>SoundsEnabled</key>
               <true/>
           </dict>
           <dict>
               <key>AlertType</key>
               <integer>1</integer>
               <key>BadgesEnabled</key>
               <true/>
               <key>BundleIdentifier</key>
               <string>com.microsoft.onenote.mac</string>
               <key>CriticalAlertEnabled</key>
               <false/>
               <key>GroupingType</key>
               <integer>0</integer>
               <key>NotificationsEnabled</key>
               <true/>
               <key>ShowInLockScreen</key>
               <true/>
               <key>ShowInNotificationCenter</key>
               <true/>
               <key>SoundsEnabled</key>
               <true/>
           </dict>
           <dict>
               <key>AlertType</key>
               <integer>1</integer>
               <key>BadgesEnabled</key>
               <true/>
               <key>BundleIdentifier</key>
               <string>com.microsoft.OneDrive</string>
               <key>CriticalAlertEnabled</key>
               <false/>
               <key>GroupingType</key>
               <integer>0</integer>
               <key>NotificationsEnabled</key>
               <true/>
               <key>ShowInLockScreen</key>
               <true/>
               <key>ShowInNotificationCenter</key>
               <true/>
               <key>SoundsEnabled</key>
               <true/>
           </dict>
           <dict>
               <key>AlertType</key>
               <integer>1</integer>
               <key>BadgesEnabled</key>
               <true/>
               <key>BundleIdentifier</key>
               <string>com.microsoft.OneDrive-mac</string>
               <key>CriticalAlertEnabled</key>
               <false/>
               <key>GroupingType</key>
               <integer>0</integer>
               <key>NotificationsEnabled</key>
               <true/>
               <key>ShowInLockScreen</key>
               <true/>
               <key>ShowInNotificationCenter</key>
               <true/>
               <key>SoundsEnabled</key>
               <true/>
           </dict>
           <dict>
               <key>AlertType</key>
               <integer>1</integer>
               <key>BadgesEnabled</key>
               <true/>
               <key>BundleIdentifier</key>
               <string>com.microsoft.autoupdate.fba</string>
               <key>CriticalAlertEnabled</key>
               <true/>
               <key>GroupingType</key>
               <integer>0</integer>
               <key>NotificationsEnabled</key>
               <true/>
               <key>ShowInLockScreen</key>
               <true/>
               <key>ShowInNotificationCenter</key>
               <true/>
               <key>SoundsEnabled</key>
               <true/>
           </dict>
       </array>
       <key>PayloadDescription</key>
       <string>Configures notifications</string>
       <key>PayloadDisplayName</key>
       <string>Configures notifications</string>
       <key>PayloadIdentifier</key>
       <string>com.apple.notificationsettings.AE35A3DC-56BC-48EB-8C4D-F4C5AE4D1C5C</string>
       <key>PayloadType</key>
       <string>com.apple.notificationsettings</string>
       <key>PayloadUUID</key>
       <string>AE35A3DC-56BC-48EB-8C4D-F4C5AE4D1C5C</string>
       <key>PayloadVersion</key>
       <integer>1</integer>
   </dict>

If you have an existing Notifications profile (macOS only supports a single notifications profiles), add the previous content in your existing NotificationSettings array.

Create an Automox Privacy Preferences Profile

Automox leverages Microsoft's AutoUpdate Tool to handle Microsoft Office updates. To ensure the Automox agent is also granted access to this, you must create a Privacy Preferences Profile.

  1. Devices → Profiles and Resources → Profiles

  2. Add Profile

  3. Apple macOS

  4. Device Profile

  5. Select Privacy Preferences

  6. Add App

Identifier: /usr/local/bin/amagent 

Identifier Type: Path 

Code Requirement: identifier "com.automox.agent" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = DAEQ58A4ES 

Static Code Validation: Off 

Apple Events: Allow 

Receiver Identifier: com.microsoft.autoupdate2 

Receiver Identifier Type: Bundle ID 

Receiver Code Requirement: identifier "com.microsoft.autoupdate2" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9 

 

For best results, be sure to install the latest version of the Automox Agent.

Deploy the Automox Agent as a Native Application 

  1. Install the VMware Workspace ONE Admin Assistant https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/1904/Software_Distribution/GUID-AWT-ADMINASSIST.html

  2. Download the latest Automox Agent

  3. Pull the Automox Agent pkg file into the Admin Assistant

  4. Open the generated plist file

     

  5. Find the display_name and name keys and remove the trailing version characters (they should simply read AutomoxAgent).
    (Workspace ONE does not support dashes - in display names)

    Before: 

     

    After:

     

  6. It is also recommended that the version keys are also modified to remove the “-” and just have “.” (example: 1.0.41). This will allow the version information to properly display in Workspace ONE.
    NOTE: Do not modify the installer_item_location value as that points to the installer pkg file.

  7. Save file.

  8. Add a Native Application to Workspace ONE.

  9. Upload the Automox pkg installer file.

     

  10. Upload the plist as the "Metadata File"

     

  11. For automated installations, add the following code to the "Post Install Script"

    #!/bin/bash
    
    /usr/local/bin/amagent --setkey "ENTER_AUTOMOX_ACCESS_KEY_HERE"
    
    /usr/local/bin/amagent --setgrp "Default Group/ENTER_GROUP_NAME_HERE"
    
    launchctl kickstart -k system/com.automox.agent
    
    

 

Was this article helpful?
0 out of 0 found this helpful