SupportDocumentation

Deploying a Package via MDM

This chapter reviews the package deployment process as experienced in Jamf Pro. Refer to your MDM system's documentation to recreate the steps outlined here.

Creating and deploying a PPPC configuration profile

For the ultimate Single Application Mode experience, make sure to configure and deploy to the same target computers a configuration profile that will pre-determine the PPPC (Privacy Preferences Policy Control) access permissions for the Parallels Desktop app. This way, your users won't see any notifications about access to Desktop, Documents, or Downloads folders, etc.

  1. From your Jamf dashboard, go to Computers -> Content Management -> Configuration Profiles and use Ctrl + N to create a new profile.

  2. Fill out the mandatory fields in the General tab, such as Name, Description, and Distribution Method, as you see fit. Make sure to set the Level parameter to Computer Level.

  3. Scroll down the left-side bar to reach the Privacy Preferences Policy Control tab and click on it.

  4. Under App Access, set the Identifier to com.parallels.desktop.console, Identifier Type to Bundle ID, and leave the Validate the Static Code Requirement box unchecked. In the Code Requirement field, paste the following value, making sure to copy it carefully: identifier "com.parallels.desktop.console" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = "4C6364ACXT"

    If you want to verify the value of this parameter independently, launch macOS Terminal on a Mac with a copy of Parallels Desktop installed and execute the following command: codesign -display -r - /Applications/Parallels\ Desktop.app

  5. Under App or Service, use the + Add button to, at the very minimum, allow the app to access the Desktop (SystemPolicyDesktopFolder), Documents (SystemPolicyDcomuentsFolder), and Downloads (SystemPolicyDownloadsFolder) folders. You may also want to enable Accessibility and ScreenCapture for other Parallels Desktop functionality, such as error reporting.

  6. At the very top of the Configuration Profiles page, switch to the Scope tab and select the target computers or user groups.

  7. In the bottom-right corner, click Save.

We suggest ensuring this profile is successfully deployed to all target computers before deploying the installation package.

Adding and deploying the Autodeploy package

Follow these steps:

  1. From your Jamf dashboard, go to Settings -> Computer management -> Packages and use Ctrl + N to add the previously created deployment package to the system.

  2. To deploy the added package, go to Computers -> Content Management -> Policies and use Ctrl + N to create a new package deployment policy. In the General tab, make sure to set Execution Frequency to One per computer, and in the Packages section, choose the recently added deployment package. Choose the target computers in the Scope tab.

Monitoring and managing Windows VM updates from Jamf

To monitor the update status of Windows installations in Parallels Desktop virtual machines from Jamf, do the following:

  1. Copy this script from Parallels' GitHub page.

  2. From your Jamf dashboard, go to Settings -> Computer Management -> Extension Attributes and use Ctrl + N to create a new extension attribute. Set the Input type to Script and paste the script into the respective field.

To keep Windows up to date on Parallels Desktop virtual machines, do the following:

  1. Copy this script from Parallels' GitHub page.

  2. From your Jamf dashboard, go to Settings -> Computer Management -> Scripts and use Ctrl + N to create a new script. Fill out the details on the General tab, then switch to the Script tab and paste the script there.

  3. Switch to the Options tab and add the following labels for clarity:

    • Parameter 4: Mode (check, list-updates, install, uninstall, check-and-install)

    • Parameter 5: Unattended ( true | false)

    • Parameter 6: Auto Reboot ( true | false)

    • Parameter 7: Verbose ( true | false ) Provides more output

    • Parameter 8: Force on all VMs ( true | false ) Forces update checks on all VMs regardless of their current state

  4. Click Save.

  5. To apply the script, go to Computers -> Content Management -> Policies and use Ctrl + N to create a new policy. On the General page, under the Trigger section, check all the boxes except for Custom. Set Execution Frequency to Once every day.

  6. Switch to the Scripts page and use the + button to add the previously created script to the policy. Set Priority to After, and assign the following values:

    • Mode: check-and-install

    • Unattended: true

    • Auto Reboot: true

    • Verbose: true

    • Force on all VMs: true

  7. Switch to the Scope tab and use it to target all the computers included in this deployment's scope.

  8. Click Save.

From your Jamf dashboard, go to Computers -> Content Management -> Policies and create a policy to monitor and enforce Windows updates across your Parallels Desktop for Mac deployments.

PreviousPreparing a Deployment Package

Last updated