Hi,

 

hanging in here in addition to my original thread

https://community.meraki.com/t5/Endpoint-Management-Systems/Feature-Request-macOS-EWS-support/m-p/39...

 

I'm also trying to get this run. Had the same issue as you on Mojave. But now I even can't get the profile installed. Meraki answers with Error:71 "Payload needs to be in a user profile".

 

According to Apple docs https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf <PayloadScope> is optional and per default User scoped.

 

Have you figured out how to get this run?

 

This is my .mobilconfig, as you can see very simple. (feel free to use it, just add your own identifiers)

 

 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>EmailAddress</key>
			<string>$OWNERMAIL</string>
			<key>PayloadDisplayName</key>
			<string>Exchange</string>
			<key>PayloadIdentifier</key>
			<string>com.company.macos.exchange.XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX.com.apple.ews.account.XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</string>
			<key>PayloadOrganization</key>
			<string></string>
			<key>PayloadType</key>
			<string>com.apple.ews.account</string>
			<key>PayloadUUID</key>
			<string>XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>UserName</key>
			<string>$OWNERUSERNAME</string>
		</dict>
	</array>
	<key>PayloadDisplayName</key>
	<string>EWS_macOS</string>
	<key>PayloadIdentifier</key>
	<string>com.company.macos.exchange.XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</string>
	<key>PayloadOrganization</key>
	<string>Organization Name</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

 

 

Hi

I did not had any opportunity to test any further, did you have any success with your profile since there still is the issue with it being considered machine bound where it should be user bound?

No success on getting it run. Always the same issue as detailed above.

 

Just wondering, why my old profile got installed a few months ago. Now I even can't install the old profile too.

Lately I’ve been running into issues with Meraki alike yours, like profiles/apps that wouldn’t get pushed. 

I opened many cases with support, and during investigation, with no mitigation process involved, everything got back to normal. 

Unsure if it’s related to the current issue you’re facing.

I've opened a case about this bug, maybe do it as well and let them link your case to mine 🙂

04684676

 

I'll try also to contact our Meraki representative, since this was a killer feature in the last two competitions when trying to sell Meraki vs other MDM solutions.

 

One thing is the bug detected and discussed here, the other thing, it seems not to be a high prio on the development road. No one made a response to my first thread and the feature firstly had been announced on the WWDC18. A native support by Meraki would be nice, but in first we need a solution for the bug here.

Totally agreed.

We first need to sort out the remaining open cases with support as I have some outstanding ones.
Definitely interested to hear back from you!

Just an update, Support is trying to recreate the issue. Message from 3rd January

Thanks a lot for the update!

Did support eventually found a way to provision an Exchange Online account to a Mac via EWS?

Due to covid things took a bit longer and support is still investigating.

First the developers meant, the behavior is as expected. After I could prove that this isn't true and provided some logs, the devs are investigating again.

Thank you very much, because I still experience exactly the same issue and behaviour (needs to be a user profile).

Let’s hope they can find a way around this. Really surprised we are the only ones experiencing this though, I’d have thought Microsoft Office 365/Exchange online on Mac would be a big deal for many.

Yes I thought the same, but seems most of the community are using SM just for iOS devices.

I eventually understood that too when I see the number of bugs that need opening support cases… 

Got an update from support

 

"I've just been informed and confirmed that there is a new field in the Mac custom profiles called Deploy Channel with the option of Device or User. They are still making additional improvements but this should allow you to deploy your Profile."

Thanks a lot! Sounds really promising. 

Did you get the change to try it out with, say, Exchange? 

still have troubles. I'm now not able to delete the old profile from the device

We aren’t quite there yet. Thanks for letting me know!

@grldP-NS do you see this option already in the custom profile interface?

Could you try deploying the profile on a test device.

 

Following configs worked for me

 

Deploy the profile by using user tags for the scope. Owner (in SM) and logged in user should be the same. The user should be actively logged in on the device.

 

The point that still fails -> Variables are not recognized properly

 

Last reply from support.

 

„Yes the screen being locked could interfere with the profile deployment. Also if a user was not logged into the device there would be no user channel to deploy the profile to.“

 

We deployed the profile on two devices with success

Finally! thanks a lot.