Help Center
14 DAY FREE TRIAL
Search Close Search
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Get Started
  3. macOS

Category filter

Getting started with Mac app management

Jump To

To get started with Mac app management, administrators must leverage tools that offer granular control at the application level. Hexnode UEM enables IT teams to secure app data, enforce corporate policies, and limit data sharing between applications. This guide outlines the essential lifecycle of managing applications on macOS devices, from installation to restriction.

Prerequisites: Device Enrollment

Before you can manage applications, the target Macs must be under management.

App Distribution and Installation

Once enrolled, you can build your app inventory and deploy them to devices.

Add and Distribute Apps

  • App Inventory: Administrators can add Volume Purchase Program (VPP) apps, Store apps, and custom Enterprise apps (PKG/DMG files) to the Hexnode repository.
  • App Groups: Bundle related applications together to streamline distribution to specific departments or user roles.

Silent App Installation

To minimize user disruption, you can install applications without user interaction.

  • Requirement: Apps must be purchased/acquired via VPP (Volume Purchase Program).
  • Outcome: The app appears on the device without prompts, effectively bypassing the need for the user to enter an Apple ID or manually initiate the download.

Enforce Required Apps

Ensure compliance by designating specific applications as “Required.”

  • Feature: Required Apps Policy.
  • Function: Automatically pushes essential software to the device. If a user deletes a required app, Hexnode will detect the absence and reinstall it automatically.

App Security and Restrictions

Controlling which apps can run is vital for maintaining security and productivity.

Blocklisting and Allowlisting

  • Blocklisting: Define a list of unauthorized applications. If a user attempts to install or run these, the OS will prevent access.
  • Allowlisting: A stricter security model that blocks all applications by default, allowing only the specific apps approved by the administrator to run.

App Configuration

Pre-configure application settings to ensure apps are ready for use immediately upon installation.

  • Method: XML Configuration.
  • Details: Deploy XML files containing key-value pairs to set up user accounts, login server URLs, and other app-specific preferences remotely.

Maintenance and Updates

Keeping software up to date is a critical part of the get started with Mac app management process.

Enterprise App Updates

Hexnode UEM facilitates the silent update of in-house (Enterprise) applications.

  • Manual: Push the “Install Application” action with the new version.
  • Automated: Use policies to roll out updates automatically as soon as a new version is added to the app inventory.

Enforce OS Updates

While distinct from app updates, keeping the OS current ensures app compatibility.

  • Requirement: Devices must be enrolled via Apple ADE (Automated Device Enrollment).
  • Capability: Remotely deploy and enforce the latest macOS version updates.

Troubleshooting Mac App Management

When you get started with Mac app management, you may encounter specific deployment errors.

1: VPP Apps Are Not Installing Silently

Symptoms: The user is prompted to sign in to the App Store, or the install stays pending.

Possible Cause: The VPP sToken has expired, or the device is not associated with the VPP account properly.

Solution: Renew the VPP sToken in the Hexnode portal. Ensure the license type is set to “Device-assignable” rather than “User-assignable” for true silent installation without Apple IDs.

2: Enterprise App Installation Failed

Symptoms: Custom apps (PKG/DMG) fail to install.

Possible Cause: The app package is not signed with a valid Developer ID certificate, or the file path in the manifest is incorrect.

Solution: Ensure all enterprise apps are notarized by Apple and signed with a valid certificate. Verify the download URL is accessible from the device’s network.

3: App Configuration Not Reflecting

Symptoms: App installs but settings (like server URL) are empty.

Possible Cause: Syntax errors in the XML code or the app does not support the AppConfig standard.

Solution: Validate the XML using an online validator. Check the app developer’s documentation to confirm they support Managed App Configuration keys.

Frequently Asked Questions (FAQ)

Q: Can I block native Apple apps (like Mail or FaceTime) on macOS?

Yes, using the Blocklisting feature in Hexnode, you can restrict access to pre-installed system applications.

Q: Do I need the device physically present to update an Enterprise app?

No. If you have the new .pkg or .dmg file, you can upload it to the Hexnode portal and push the update remotely to all target devices.

Q: What is the difference between VPP apps and Store apps?

Store apps usually redirect the user to the App Store to download manually. VPP apps are licenses purchased (even if free) by the company, allowing the enterprise to push the app silently and retain ownership of the license.

Q: How do I get started with Mac app management if my devices are already distributed?

A: You can send an enrollment link (via email or SMS) to users. Once they click the link and install the MDM profile, you can immediately begin deploying apps and policies.

Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Get Started