Dan K. SnelsonAs a follow-up to Your Internal Beta Test Program: Opt-in, Opt-out via Self Service, learn how to architect invitation-only betas for your elite testers for when your organization pilots new endpoint security solutions, like Jamf Protect, while maintaining your current offerings.
Presentation
Why Beta Test?
Below is a recap of the Your Internal Beta Test Program: Opt-in, Opt-out via Self Service from JNUC 2019.
Three Great Motivators
- Fear
- Duty
- Love
We started out by reviewing the Three Great Motivators for beta testing: Fear, Duty and Love. If the word “love” makes you uncomfortable, substitute the word “professionalism.” (Professionals perform their jobs when they feel the least like doing it.)
Fear
If we’re only motivated by fear, we test policies because we’re afraid what may happen if we don’t test policies.
Duty
When we’re motivated by duty, we test policies because it’s our duty to test policies and — after all — we are responsible administrators and responsible administrators perform all their job functions — as assigned — because that’s the duty of a responsible administrator.
However, duty has the same key limitation as fear: When the instrument which causes the sense of duty is no longer present, the motivation quickly stops.
For example, while we may feel a sense of duty to test all of our polices, but, there’s a group of developers who have local admin rights and they auto-update Microsoft Office all the time and they haven’t reported anything bad about the latest version, so I feel no duty to test it with a wider audience; I’ll just push it out.
No sense of duty, no motivation to test.
Love
When we’re motivated by love, we test policies because we love our users. We love what our enterprise is trying to accomplish and we don’t want to hinder its progress due to lack of diligence on our part.
We actually love to test. We love feedback. We love finding out something didn’t work for a use-case we hadn’t thought of ourselves.
Now, the reason why love is at the top is because it is the top.
Love is the great, self-sustaining motivator; because I love my users — especially my opt-in Beta Testers — I don’t want to slow them down in their primary job functions. (None of our opt-in Beta Testers are paid to test, they all have real jobs; we leave the dedicated testing nonsense to the Microsoft Windows side o’ the house.)
Now, if you don’t currently have any users worthy of your love, hopefully, as they opt-in to your internal Beta Test Program, and you get to know them, you will begin to love them.
Overview
The “Invitation-only” workflow purposely includes built-in checkpoints and “the ball” will naturally go back-and-forth between you, the Jamf Pro administrator, and your “elite” beta testers.
Workflow
1. Invite
In Step No. 1, the Jamf Pro Administrator invites specific Jamf Pro Computer Records of elite testers to participate.
Once invited, the elite testers will receive a prompt, inviting them to request access.
2. Request
Step No. 2 is for your elite tester to request access via Self Service (i.e., you want to confirm they’re reading and understanding your instructions).
3. Approve
After your elite tester has requested access to the pilot, a Jamf Pro administrator completes Step No. 3 by granting approval.
4. Enroll
Once approved, elite testers will receive prompts inviting them to enroll in the pilot, which is Step No. 4. (Also, when piloting endpoint security software, Step No. 4 is where the current offering is uninstalled.)
5. Install
Step No. 5, Install, can be automatically handled by a Jamf Pro Policy Execution, or, the elite tester could manually install via Self Service.
Configuration
Frequently Asked Questions
macOS 10.15.Catalina and earlier Exclusion
Q: Why is there an exclusion of macOS 10.15.Catalina and earlier for some policies?
A: Policies which leverage swiftDialog will only execute on macOS Big Sur 11 or later.
Sophos Endpoint Removal Script
Q: Where can I find your Sophos Endpoint Removal script?
A: I’m not planning on sharing my Sophos Endpoint Removal script; the MacAdmin’s Slack #sophos channel may prove helpful.
Troubleshooting
Property List Writer / Reader
Please ensure filepath is identical in both the Extension Attribute and the Script. For example:filepath="/Library/Preferences/org.churchofjesuschrist.plist"
Note: When using Property-List-Writer.sh in Jamf Pro policies, also include the Maintenance payload, with the Update Inventory option enabled.
Support
All support for this workflow should be asked by opening an issue on GitHub.