Configuration profile reference for macOS devices
Configuration profiles are XML files that lets you configure settings on macOS devices. These profiles can be created and deployed by administrators to enforce security policies, manage restrictions, and customize the user experience. With Hexnode UEM, you may remotely deploy configuration profiles on macOS devices. This document provides a repository of custom configuration profiles that can be valuable for Mac administrators in their workflow.
Create and deploy configuration profiles
To prepare a configuration profile, identify the specific restrictions, policies, or settings you want to apply to the devices. You can use profile creator tools like Profile Creator, Apple Configurator, iMazing, or even text editors to create the configuration profiles.
To deploy a configuration profile on a Mac using Hexnode UEM, you will need a signed or unsigned non-encrypted file which can be of the following extensions- .mobileconfig, .xml, and .plist.
Once you’ve prepared the configuration profile, follow these steps:
- Navigate to Policies > New Policy or existing policy > macOS.
- Select Deploy Custom Configuration > Configure > Choose File; you can either select a profile stored on your device or choose one that is already added to the portal. Click OK.
- Navigate to Policy Targets to select the Devices/Device Groups/Users/User Groups/Domains to associate the policy with. Save the policy to deploy it.
- To view the profile output status on the device, go to the Action History sub-tab on the device details page.
Wildcards for macOS configuration profiles
Hexnode supports the use of the following wildcards:
In configuration profiles, wildcards are used as placeholders to represent dynamic values that can vary based on the device or user.
For example, you need to configure mail accounts for multiple users. Since each user has a unique account name, the value of the EmailAccountName key will vary for each user. In such instances, you can utilize a wildcard to represent corresponding value.
One common wildcard option is %username%. By incorporating %username% as the wildcard for the EmailAccountName field value in the configuration profile, the actual device user’s name will be substituted when the profile is deployed.