UniFi Identity Enterprise - Bulk Deploy Identity Enterprise Desktop App
macOS
Administrators can use preset configurations to easily deploy the Identity Enterprise desktop app for macOS.
-
Administrators can push a PLIST (Property List) file to the /Library/Preferences folder of the Identity Enterprise desktop app installed on macOS devices to allow predefined Identity Enterprise desktop app configurations.
-
The PLIST file must be named: com.ui.uid.desktop.user.preferences.plist
Available Configurations
Notes:
- The Identity Desktop app for macOS must be 0.56.3 or later.
- A key is ignored in the PLIST file if the key is not configured or if the key value is empty.
Plist Key | Value | Description |
Value Type: String | ||
Workspace | Enter your workspace domain |
|
Value Type: Boolean | ||
LockWorkspace | 1: (True) Lock the workspace domain and disallow users from changing this configuration. |
Allow users to change the workspace domain on their app, or disallow users from changing it.
|
0: (False) Allow user to change the workspace domain. |
||
CheckUpdate | 1: (True) Automatically check for updates every 24 hours when the app is launched. | Set whether the app will automatically check for updates. |
0: (False) Disable automatic check for updates. |
||
LockCheckUpdate | 1: (True) Lock the Check for Updates setting and disallow users from changing it. |
Allow users to change the Check for Updates setting on their app, or disallow them from changing it. |
0: (False) Allow users to change the Check for Updates setting. |
||
VPNProxyMode | 1: True Set VPN to the Global mode. |
|
0: False Set VPN to the Intranet mode. |
||
LockVPNProxyMode | 1: True Lock the VPN Proxy setting and disallow users from changing it. |
Allow users to change the VPN Proxy setting on the app, or disallow them from changing it. |
0: False Allow users to change the VPN Proxy setting. |
||
ConnectToWiFiOnStartup | 1: True | Automatically connect to One-Click WiFi, if available, when the app starts. |
0: False | ||
AutoReconnectWiFi | 1: True | Automatically reconnect to One-Click WiFi if it is disconnected but users did not manually turn it off. |
0: False | ||
ConnectVPNOnStartup | 1: True | Automatically connect to One-Click VPN, if available, when the app starts. |
0: False | ||
AutoReconnectVPN | 1: True | Automatically reconnect to One-Click VPN if it is disconnected but users did not manually turn it off. |
0: False | ||
ShowWES | 1: True | Show WiFi Experience Score (WES) under the WiFi section of the app when connected to WiFi. |
0: False | ||
LaunchAtStartup | 1: True | Automatically launch the app when a macOS device starts up. |
0: False | ||
ScanWiFiBeforeConnect | 1: True | Automatically scan for One-Click WiFi SSID before the app attempts to connect to WiFi. |
Bulk Deployment Steps
- Log out of the Identity Enterprise desktop app for macOS if has been installed and is running.
- Create a PLIST file to customize the preset configurations according to your needs.
- Push the PLIST file to the Identity Enterprise desktop app for macOS.
- The configurations will take effect following the next launch of the Identity Enterprise desktop app on macOS devices.
Deploy Via a PLIST File
PLIST File Example
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CheckUpdate</key>
<false/>
<key>VPNProxyMode</key>
<true/>
<key>Workspace</key>
<string>Your Workspace Domain Here</string>
</dict>
</plist>
Create a PLIST File
- Create your com.ui.uid.desktop.user.preferences.plist file using the example above as the template.
- After you have configured the desired keys and values, run the following commands to complete the PLIST file.
- Convert the PLIST file to XML format, which can then be edited by a text editor.
plutil -convert xml1 com.ui.uid.desktop.user.preferences.plist
- Once the file is done, execute the command below to convert it into a binary file.
plutil -convert binary1 com.ui.uid.desktop.user.preferences.plist
- Convert the PLIST file to XML format, which can then be edited by a text editor.
Deploy Via a Script
You can use the script below for JAMF, Intune, AirWatch, and other third-party device management solutions to push the PLIST file containing preset configurations and bulk deploy the Identity Enterprise desktop app for macOS.
Notes:
- UniFi Identity Enterprise MDM (Mobile Device Management) feature does not support using scripts yet, but we are actively developing this feature.
- If you are using UniFi Identity Enterprise MDM, you can pack a PLIST file to the /Library/Preferences/ folder of the Identity Enterprise desktop app on macOS devices for bulk deployment.
#! /bin/sh ################################################### # # Deploy and configure the UI Desktop for macOS # ################################################### preferencesPath="/Library/Preferences/com.ui.uid.desktop.user.preferences.plist" function createPlistIfNeed { if [ -e ${preferencesPath} ];then echo "Exist" else echo "Does not exist" cat ${preferencesPath} <> EOF fi } function writeSomeKeys { /usr/bin/defaults write $preferencesPath Workspace -string ‘Your Workspace Domain Here’ /usr/bin/defaults write $preferencesPath VPNProxyMode -bool true /usr/bin/defaults write $preferencesPath CheckUpdate -bool false } createPlistIfNeed writeSomeKeys</>
Windows
Windows Installer (MSI) allows you to bulk install or bulk configure the Identity Enterprise desktop app on multiple Windows devices through tools and services such as Microsoft Intune.
Notes:
- You must have Windows admin privileges to install the Identity Enterprise desktop app on a single Windows device.
- The Identity Enterprise desktop app must be 0.56.2 or later.
Download the MSI File for Windows
- Go to your Identity Enterprise Workspace > DOWNLOAD.
- Go to Identity Enterprise Desktop and click Download MSI File for Windows.
Deploy and Configure the Identity Enterprise Desktop App
Run the following command as an administrator:
cd [to the location where the MSI file is downloaded]
UI_Desktop-v0.5xxxxx.msi /quiet [options]
Command Line Options:
The following options can be configured for the main command line deployed in the Identity Enterprise desktop app for Windows. Refer to Microsoft's article for MSI installations for more information.
Note: All the command parameters shown in the table below must be written in capital letters, except for your domain name.
Registry Key | Command Parameter | Value | Description |
Value Type: String | |||
Workspace | WORKSPACE | Enter your workspace domain |
|
Value Type: Integer | |||
LockWorkspace | LOCK_WORKSPACE | 1: (Enable) Lock the workspace domain and disallow users from changing this setting. |
Allow users to change the workspace domain on their app, or disallow them from changing it. |
0: (Disable) Default Value Allow users to change the workspace domain on their app for Windows. |
|||
CheckUpdate | CHECK_UPDATE | 1: (Enable) Automatically check for updates once every 24 hours when the desktop app is launched. |
Set whether the app should automatically check for updates. |
0: (Disable) Disable automatic check for updates. |
|||
LockCheckUpdate | LOCK_CHECK_UPDATE | 1: (Enable) Lock the Check for Updates setting and disallow users from changing it. | Allow users to change the Check for Updates setting on their app, or disallow them from changing it. |
0: (Disable) Default Value Allow users to change the Check for Updates setting. |
|||
VpnProxyMode | VPN_PROXY_MODE | 1: (Global) Set VPN to the Global mode. |
|
0: (Intranet) Set VPN to the Intranet mode. |
|||
LockVpnProxyMode |
LOCK_VPN_PROXY_MODE |
1: (Enable) Lock the VPN Proxy setting and disallow users from changing it. |
Allow users to change the VPN Proxy setting on their app, or disallow them from changing it. |
0: (Disable) Default Value Allow users to change the VPN Proxy setting. |
|||
ConnectWiFiOnStartup |
CONNECT_WIFI_ON_STARTUP |
1: Enable | Automatically connect to One-Click WiFi, if available, when the app starts. |
0: Disable | |||
AutoReconnectWiFi |
AUTO_RECONNECT_WIFI |
1: Enable | Automatically reconnect to One-Click WiFi if it is disconnected but users did not manually turn it off. |
0: Disable | |||
ConnectVpnOnStartup |
CONNECT_VPN_ON_STARTUP |
1: Enable | Automatically connect to One-Click VPN, if available, when the app starts. |
0: Disable | |||
AutoReconnectVpn |
AUTO_RECONNECT_VPN |
1: Enable | Automatically reconnect to One-Click VPN if it is disconnected but users did not manually turn it off. |
0: Disable | |||
ShowWes |
SHOW_WES |
1: Enable | Show WiFi Experience Score (WES) under the WiFi section of the app when connected to WiFi. |
0: Disable | |||
LaunchAtStartup |
LAUNCH_AT_STARTUP |
1: Enable | Automatically launch the app when a Windows device starts up. |
0: Disable | |||
ScanWiFiBeforeConnect | SCAN_WIFI_BEFORE_CONNECT | 1: Enable | Automatically scan for the app attempts to connect to WiFi. |
0: Disable |
Example
Suppose you want to:
- Make a silent installation of the Identity Enterprise desktop app on Windows devices.
- Enable Automatically Check for Updates.
- Set the VPN Proxy to the Global mode.
To achieve this, enter the following command in your command line:
UI_Desktop-v0.49.1.3.msi /quiet CHECK_UPDATE=1 WORKSPACE=acme VPN_PROXY_MODE=1 LAUNCH_AT_STARTUP=1
Register Key Location
HKEY_LOCAL_MACHINE\SOFTWARE\Ubiquiti Labs\UI