Earlier, we discussed how exactly to use Microsoft Intune to set up Veeam Agent for Mac . Today we will keep on with this series with how exactly to configure Veeam Realtor for Mac pc via Microsoft Intune.

Just how that macOS manages and configures various areas of centrally
the working applications and program is through “Construction Profiles”. A Configuration
Profile can be an XML record (.mobileconfig) which has settings to enable you to
standardize various functions within macOS. For instance, the administrator can create
a profile(s) to:

• Determine when to check on and install improvements
• Which Wi-Fi system to utilize
• Firewall configurations
• Configure applications…

including Veeam Real estate agent intended for Macintosh

• And far, a lot more

 

You might be wondering, “Why carry out I have to feel the configuration process?” simply Quite, to ensure that Veeam Broker for Mac pc to know concerning the Veeam back-up server, authenticate and create a connection, you need to import configuration information that was generated/exported when making the “Computer systems with pre-installed agents” security group .

Similar to the installation, Veeam offers 2 solution to configure Veeam
Realtor for Mac :

Typically
utilized when configuring a small amount of macOS systems that want protection

• Automated
  • ConfigurationProfile deployment via Cell phone Device Administration (MDM)

Typically used when
configuring numerous macOS systems that want protection

One MDM solution that’s growing inside popularity is Microsoft Intune. It is a cloud-based services that delivers MDM capabilities for laptop computers, phones, tablets and computer systems… including Macs! And when you were thinking how exactly to leverage Microsoft Intune to automate the construction of Veeam Real estate agent for Macintosh , you attended to the proper place!

This blog will undoubtedly be broken down in to the following sections:

• Pre-requisites for an effective configuration
• The objective of the XML and mobileconfig documents
• Creation of the

Configuration Profile template – Total Disk Gain access to

• Creation of the Construction Profile template – Veeam
  construction
• Creation of the Construction Profile in Microsoft
  Intune
• Verify that the User profile is deployed and working

 

Pre-requisites for a

prosperous configuration:

To make sure that Veeam Broker for Mac pc could be deployed via Microsoft
Intune, listed below are prerequisites:

• Mac computer(s) are

signed up for Intune

• Consumer signed-in to
  Company Portal Program on Macintosh

• Veeam Realtor for

Mac pc has been installed however, not configured

The objective of the XML and

mobileconfig data files:

Let’s dig in to the various documents that Veeam Real estate agent for Macintosh and
Microsoft Intune utilizes for configuration.

Veeam XML Configuration

Files

You can find two XML files generated
within the “Computers with pre-installed agents” protection group creation
process:

• <Name of Security Team>.xml
• <Title of Protection Team>_escaped.xml

 

Both XML files support the
same information, just formatted differently. Each XML document contains
information related (however, not limited) to:

• Veeam backup server edition, name and Ip
• Port for connecting to the Veeam back-up server on
• Certificate details

Why is there two XML files
containing exactly the same data however in different formats? According to the MDM
solution, some support some other and non-escaped support escaped types. For example:

• Microsoft Intune and simpleMDM assistance escapedvariations of the XML document
• JAMF supports non-escaped variations of the XML document

For the purposes of the blog,
we will be utilizing the document with “escaped” in the name as this is exactly what Microsoft
Intune requires.

mobileconfig

(Configuration User profile)

A mobileconfig document (also XML)
can be used to configure software and devices jogging macOS.

This is referred to as the “Configuration also
Profile”.

Creating the Configuration User profile templates – Full Disk Entry

After installation, Veeam Broker for Mac pc requires permission to
entry all folders and data files on the operational program. That is accomplished through the
“Security and Privacy” environment “Full Disk Accessibility” (FDA):

Users may manually configure this environment via “System Preferences” or
use Microsoft Intune / Construction User profile to grant this authorization.

To produce a Configuration User profile for FDA, copy the XML beneath and simply
save it to the file with the expansion “mobileconfig” – for instance: “ Veeam Realtor for Mac
Configuration User profile for FDA.mobileconfig ”.

     <?xml version="1.0" encoding="UTF-8"?>

PayloadIdentifier
com.veeam.Real estate agent.fda-permissions
PayloadScope
Program
PayloadType
Construction
PayloadUUID
31294b70-d005-11ea-87d0-0242ac130003
PayloadOrganization
Veeam back-up server
PayloadVersion
1
PayloadDisplayName
Total Disk Gain access to for Veeam Broker for Macintosh
PayloadDescription
This profile allows Veeam Agent for Mac to acquire Full Disk Access
PayloadContent

PayloadType
com.apple.TCC.configuration-profile-plan
PayloadUUID
28afcd34-d005-11ea-87d0-0242ac130003
PayloadIdentifier
com.veeam.Agent.fda-permissions.28afcd34-d005-11ea-87d0-0242ac130003
PayloadEnabled
Providers

SystemPolicyAllFiles

Allowed
CodeRequirement
identifier “com.veeam.Realtor” and anchor apple generic and certificate 1[industry.1.2.840.113635.100.6.2.6] /* is present and certificate leaf[field /.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject matter.OU] = NX3JU8SRVL
Identifier
com.veeam.Real estate agent
IdentifierType
bundleID

Please be aware that FDA is necessary for macOS version 10.14.x (Mojave) and above. In case you are running 10.13.x (High Sierra), FDA is enabled within the installation automatically.

Creating the Configuration User profile templates – Veeam Construction

You shall should also develop a Configuration Profile / mobileconfig
utilizing the sample XML beneath or update a preexisting mobileconfig to add the
Veeam Broker for Mac pc information.

      Sample XML for mobileconfig

file:

     <?xml version="1.0" encoding="UTF-8"?>

PayloadIdentifier
dummy PayloadID
PayloadRemovalDisallowed

PayloadScope
Program
PayloadType
Construction
dummy PayloadUUID
00000000-0000-0000-0000-000000000000
PayloadOrganization
dummy PayloadOrg
PayloadVersion
1
PayloadDisplayName
dummy PayloadDisplayName
PayloadContent

PayloadType
com.apple.ManagedClient.choices
PayloadUUID
00000000-0000-0000-0000-000000000000
PayloadIdentifier
dummy PayloadID inside of PayloadContent
PayloadEnabled
Identifier
com.veeam.Realtor
IdentifierType
bundleID
PayloadContent

com.veeam.Real estate agent

Forced

mcx_preference_configurations

CatchAllConfig
PASTE XML FROM THE CONFIG Document HERE

After the mobileconfig document is saved (ie: Veeam Agent for Mac
Configuration User profile.mobileconfig ), we have to duplicate the contents from the
exported “escaped” configuration document:

Following the file is open up, select all contents:

And duplicate the contents of the document to your clipboard:

Once copied, paste the complete contents of the document in to the highlighted previously
portion of the mobileconfig. For instance:

 

Creating the Configuration User profile in Microsoft Intune

To recap, we’ve created two mobileconfig documents:

• Veeam Broker for Macintosh Configuration User profile for FDA.mobileconfig
• Veeam Realtor for Mac pc Configuration User profile.mobileconfig

In the illustrations below, screen
shots are given referencing the “ Veeam Real estate agent for Macintosh Configuration
User profile.mobileconfig ”. Nevertheless, exactly the same steps / another profile shall
need to be designed for the “ Veeam Broker to get Mac pc Configuration Profile
for FDA.mobileconfig ” configuration user profile.

To ensure that the Configuration Profiles to be deployed, we have to help make our way to Microsoft’s Endpoint Manager and access the “Devices” blade:

Thoughts is broken in the “Gadgets” blade, select “Construction Profiles” and
then “Create Profile”:

 

When the “Develop a profile” dialog is presented, choose the following
options:

System: macOS
User profile kind: Templates
Template name: Custom

Then you provides a name and description of the “Custom Profile”

You will give a name and description of the “Configuration then
Profile”

After that you will configure the assignments (predicated on groups / users /
devices) the Configuration User profile includes and exclude:

You are now prepared to review and create the Configuration Profile:

 

 

Verify that the Configuration

User profile is deployed

The Configuration Profiles are manufactured and assigned in Microsoft as soon as
Intune, they will be added to these devices profiles of the applicable customers /
groups / devices under “Program Preferences” in macOS:

 

 

If you evaluation the “Custom Configurations” for Veeam Agent for Mac “Configuration Profile”, you shall start to see the Veeam backup server connection information.

Bottom line

 

As more agencies embrace the
Apple platform, you’re seeing business critical information reside on macOS techniques.
This could be through IT departments providing Macintosh based notebooks and computers as
well as institutions embracing the Bring YOUR PERSONAL Device (BYOD) model. That is
why it is very important protect that information with Veeam Realtor for Mac .

As the true amount of macOS devices in
your organization increases, leveraging a Mobile Application Mobile and Management
Device Management solution such as Microsoft Intune to set up and configure Veeam
Real estate agent for Mac will make sure your it scales efficiently.