UniFi Identity Enterprise - Bulk Deploy Identity Enterprise Desktop App

macOS

Administrators can use preset configurations to easily deploy the Identity Enterprise desktop app for macOS.

  • Administrators can push a PLIST (Property List) file to the /Library/Preferences folder of the Identity Enterprise desktop app installed on macOS devices to allow predefined Identity Enterprise desktop app configurations.

  • The PLIST file must be named: com.ui.uid.desktop.user.preferences.plist

Available Configurations

Notes:

  • The Identity Desktop app for macOS must be 0.56.3 or later.
  • A key is ignored in the PLIST file if the key is not configured or if the key value is empty.
Plist Key Value Description
Value Type: String
Workspace Enter your workspace domain
  • If the workspace key is configured, the workspace domain will be shown on the app by default.
  • If the workspace key is not configured, users will be prompted to enter the workspace domain when they log in to the app for the first time.
Value Type: Boolean
LockWorkspace 1: (True)
Lock the workspace domain and disallow users from changing this configuration.
Allow users to change the workspace domain on their app, or disallow users from changing it.
  • If this key is set to False: The workspace domain last saved is displayed on the app. No workspace domain is displayed on the app if no domain information is configured.
  • If this key is set to True and when the workspace key is configured: The workspace domain configured by the administrator will overwrite the workspace domain last saved on the app. Users will not be able to change this configuration.
  • This deployment only takes effect when the workspace key is configured.
0: (False)
Allow user to change the workspace domain.
CheckUpdate 1: (True) Automatically check for updates every 24 hours when the app is launched. Set whether the app will automatically check for updates.
0: (False)
Disable automatic check for updates.
LockCheckUpdate 1: (True)
Lock the Check for Updates setting and disallow users from changing it.
Allow users to change the Check for Updates setting on their app, or disallow them from changing it.
0: (False)
Allow users to change the Check for Updates setting.
VPNProxyMode 1: True
Set VPN to the Global mode.
  • If this key is not configured, UniFi Identity Cloud settings, by default, are synced to the app and users are allowed to change the VPN Proxy mode on the app. If needed, administrators can configure a default Proxy mode when deploying the app in bulk.
  • If you want to lock this setting, we recommend using this key along with the LockVPNProxyMode key shown below.
0: False
Set VPN to the Intranet mode.
LockVPNProxyMode 1: True
Lock the VPN Proxy setting and disallow users from changing it.
Allow users to change the VPN Proxy setting on the app, or disallow them from changing it.
0: False
Allow users to change the VPN Proxy setting.
ConnectToWiFiOnStartup 1: True Automatically connect to One-Click WiFi, if available, when the app starts.
0: False
AutoReconnectWiFi 1: True Automatically reconnect to One-Click WiFi if it is disconnected but users did not manually turn it off.
0: False
ConnectVPNOnStartup 1: True Automatically connect to One-Click VPN, if available, when the app starts.
0: False
AutoReconnectVPN 1: True Automatically reconnect to One-Click VPN if it is disconnected but users did not manually turn it off.
0: False
ShowWES 1: True Show WiFi Experience Score (WES) under the WiFi section of the app when connected to WiFi.
0: False
LaunchAtStartup 1: True Automatically launch the app when a macOS device starts up.
0: False
ScanWiFiBeforeConnect 1: True Automatically scan for One-Click WiFi SSID before the app attempts to connect to WiFi.

Bulk Deployment Steps

  1. Log out of the Identity Enterprise desktop app for macOS if has been installed and is running.
  2. Create a PLIST file to customize the preset configurations according to your needs.
  3. Push the PLIST file to the Identity Enterprise desktop app for macOS.
  4. The configurations will take effect following the next launch of the Identity Enterprise desktop app on macOS devices.

Deploy Via a PLIST File

PLIST File Example

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CheckUpdate</key>
<false/>
<key>VPNProxyMode</key>
<true/>
<key>Workspace</key>
<string>Your Workspace Domain Here</string>
</dict>
</plist>

Create a PLIST File

  1. Create your com.ui.uid.desktop.user.preferences.plist file using the example above as the template.
  2. After you have configured the desired keys and values, run the following commands to complete the PLIST file.
    1. Convert the PLIST file to XML format, which can then be edited by a text editor. 
      plutil -convert xml1 com.ui.uid.desktop.user.preferences.plist
    2. Once the file is done, execute the command below to convert it into a binary file. 
      plutil -convert binary1 com.ui.uid.desktop.user.preferences.plist

Deploy Via a Script

You can use the script below for JAMF, Intune, AirWatch, and other third-party device management solutions to push the PLIST file containing preset configurations and bulk deploy the Identity Enterprise desktop app for macOS.

Notes:

  • UniFi Identity Enterprise MDM (Mobile Device Management) feature does not support using scripts yet, but we are actively developing this feature.
  • If you are using UniFi Identity Enterprise MDM, you can pack a PLIST file to the /Library/Preferences/ folder of the Identity Enterprise desktop app on macOS devices for bulk deployment.
#! /bin/sh
###################################################
#
#   Deploy and configure the UI Desktop for macOS
#
###################################################

preferencesPath="/Library/Preferences/com.ui.uid.desktop.user.preferences.plist"

function createPlistIfNeed {
    if [ -e ${preferencesPath} ];then
        echo "Exist"
    else
        echo "Does not exist"
        cat  ${preferencesPath} <>
		
		
		
		
		
EOF
    fi
}

function writeSomeKeys {
	/usr/bin/defaults write $preferencesPath Workspace -string ‘Your Workspace Domain Here’
	/usr/bin/defaults write $preferencesPath VPNProxyMode -bool true
	/usr/bin/defaults write $preferencesPath CheckUpdate -bool false
}

createPlistIfNeed
writeSomeKeys</>

Windows

Windows Installer (MSI) allows you to bulk install or bulk configure the Identity Enterprise desktop app on multiple Windows devices through tools and services such as Microsoft Intune.

Notes:

  • You must have Windows admin privileges to install the Identity Enterprise desktop app on a single Windows device.
  • The Identity Enterprise desktop app must be 0.56.2 or later.

Download the MSI File for Windows

  1. Go to your Identity Enterprise Workspace > DOWNLOAD.
  2. Go to Identity Enterprise Desktop and click Download MSI File for Windows.

Deploy and Configure the Identity Enterprise Desktop App

Run the following command as an administrator:

cd [to the location where the MSI file is downloaded]
UI_Desktop-v0.5xxxxx.msi /quiet [options]

Command Line Options:

The following options can be configured for the main command line deployed in the Identity Enterprise desktop app for Windows. Refer to Microsoft's article for MSI installations for more information.

Note: All the command parameters shown in the table below must be written in capital letters, except for your domain name.

Registry Key Command Parameter Value Description
Value Type: String
Workspace WORKSPACE Enter your workspace domain
  • If the parameter is configured, the workspace domain will be shown on the app by default.
  • If the parameter is not configured, users will be prompted to enter the workspace domain when they log in to their app on Windows devices for the first time.
Value Type: Integer
LockWorkspace LOCK_WORKSPACE 1: (Enable)
Lock the workspace domain and disallow users from changing this setting.
Allow users to change the workspace domain on their app, or disallow them from changing it.
0: (Disable) Default Value
Allow users to change the workspace domain on their app for Windows.
CheckUpdate CHECK_UPDATE 1: (Enable)
Automatically check for updates once every 24 hours when the desktop app is launched.
Set whether the app should automatically check for updates.
0: (Disable)
Disable automatic check for updates.
LockCheckUpdate LOCK_CHECK_UPDATE 1: (Enable) Lock the Check for Updates setting and disallow users from changing it. Allow users to change the Check for Updates setting on their app, or disallow them from changing it.
0: (Disable) Default Value
Allow users to change the Check for Updates setting.
VpnProxyMode VPN_PROXY_MODE 1: (Global)
Set VPN to the Global mode.
  • f this key is not configured, UniFi Identity Cloud settings, by default, are synced to the app, and users are allowed to change the VPN Proxy mode on their app. If needed, administrators can configure a default Proxy mode when deploying the app in bulk.
  • If you want to lock this setting, we recommend using this key along with the LockVPNProxyMode key shown below.
0: (Intranet)
Set VPN to the Intranet mode.
LockVpnProxyMode

LOCK_VPN_PROXY_MODE

1: (Enable)
Lock the VPN Proxy setting and disallow users from changing it.
Allow users to change the VPN Proxy setting on their app, or disallow them from changing it.
0: (Disable) Default Value
Allow users to change the VPN Proxy setting.
ConnectWiFiOnStartup

CONNECT_WIFI_ON_STARTUP

1: Enable Automatically connect to One-Click WiFi, if available, when the app starts.
0: Disable

AutoReconnectWiFi

AUTO_RECONNECT_WIFI
1: Enable Automatically reconnect to One-Click WiFi if it is disconnected but users did not manually turn it off.
0: Disable

ConnectVpnOnStartup

CONNECT_VPN_ON_STARTUP
1: Enable Automatically connect to One-Click VPN, if available, when the app starts.
0: Disable

AutoReconnectVpn

AUTO_RECONNECT_VPN
1: Enable Automatically reconnect to One-Click VPN if it is disconnected but users did not manually turn it off.
0: Disable

ShowWes

SHOW_WES
1: Enable Show WiFi Experience Score (WES) under the WiFi section of the app when connected to WiFi.
0: Disable

LaunchAtStartup

LAUNCH_AT_STARTUP
1: Enable Automatically launch the app when a Windows device starts up.
0: Disable
ScanWiFiBeforeConnect SCAN_WIFI_BEFORE_CONNECT 1: Enable Automatically scan for the app attempts to connect to WiFi.
0: Disable

Example
Suppose you want to:

  1. Make a silent installation of the Identity Enterprise desktop app on Windows devices.
  2. Enable Automatically Check for Updates.
  3. Set the VPN Proxy to the Global mode.

To achieve this, enter the following command in your command line:

UI_Desktop-v0.49.1.3.msi /quiet CHECK_UPDATE=1 WORKSPACE=acme VPN_PROXY_MODE=1 LAUNCH_AT_STARTUP=1

Register Key Location

HKEY_LOCAL_MACHINE\SOFTWARE\Ubiquiti Labs\UI
Was this article helpful?
1 out of 3 found this helpful