Backblaze Mass Silent Install with Munki

The Backblaze installer can be deployed silently to all your Mac OS client machines using Munki, a managed software installation tool for Mac OS X machines ( Below we list one possible way to deploy Backblaze with Munki to serve as an example; Munki admins may choose other methods.



A company that is using Munki to deploy software would now like to install Backblaze on each of the computers as their backup software. The system admin wants the flexibility of each computer having its own unique Backblaze account so that either the admin or the user can tend to their own restores in the event that a restore is needed.


Additionally, the admin wants a convenient way to manage all of these Backblaze accounts and chooses to create a Backblaze Business Backup group account. Munki will push out the Backblaze software to each client, will install the Backblaze software on each client, which will in turn create a unique Backblaze account and add that account into the group determined by the admin. The computer will start backing up its files immediately and the group admin will soon be able to see this computer’s account from the Backblaze web UI for group admins. 




  • The Munki server is installed and a Munki repo has been created on a machine that the admin uses.

  • The Munki client has been or will be installed on each of the Mac computers in the organization. Each Munki client will be set up to communicate with the Munki server: 

    $ sudo defaults write /Library/Preferences/ManagedInstalls\ SoftwareRepoURL http://<IP-address-of-the-Munki-server-goes-here>/munki_repo

  • The admin has created a Backblaze Business Backup account ( ).

  • The admin has created at least one group. We strongly encourage the admin to edit the group properties of the group to automatically approve membership requests. This can be done in the Group Management area of the group admin account by clicking Edit Group button, checking the box for Automatically approve member requests from ANY domain, and clicking the Update Group button. Or input your company domain name into the Automatically Accepted domains section and click the Update Group button.

    If desired, this setting can easily be disabled after the mass deploy is completed.

  • The admin has noted the group ID and group token values for that group. The group ID and group token values can be found by:
    • Signing in to the group admin’s Backblaze account.
    • Go to the Invite & Approve page. Select the appropriate group from the pull down list.
    • Click on the Advanced Instructions button in the Advanced Deployment section.
    • Under Advanced Deployment Instructions, choose the Mac tab.

      The group ID and group token are listed in the example usage command. In the listed example, the backblaze installer is shown with several flags, one of which is the “-createaccount” flag, which takes 4 parameters. The last two parameters are the group ID and the group token.

      For example, if you see this:
      sudo /Volumes/Backblaze\ Installer/Backblaze\ -nogui -createaccount password-goes-here 11001 wdloryiyqyrmnizvy54q7lar27

      the group ID is 11001 and the group token is wdloryiyqyrmnizvy54q7lar27.

  • The admin has a list / database / knowledge of all Mac Serial numbers of the computers in the organization and the email address of the user for each computer. One can think of it like this:

Mac Serial Number

Email Address

Group ID

Group Token











  • The Munki repo already has a catalog.

  • The Munki repo already has a manifest, for example a common one for all users, like “company-wide”.


Steps to Add Backblaze into Munki:

These steps can all be done manually, or it may be worth your while to create a script file to do them.


  1. Download the Backblaze installer for Mac (

  2. Create a copy of the backblaze installer for every computer.
    Name: install_backblaze_<serialnumber>.dmg
    The installers will be identical to each other, only their names will differ.
    Import all of these .dmg files into the Munki repo (as Munki packages).

  3. Create a Munki manifest file for every computer in the organization.
    The name of the manifest will be the computer’s Mac Serial Number.
    The manifest will set a catalog.
    The manifest will have at least one managed install, the Backblaze installer, install_backblaze_<serialnumber>.dmg.
    The manifest will have at least one included manifest. In this example, the included manifest is “company-wide” manifest.
    Import all of these manifests into the Munki repo.

  4. Create a pkginfo file for every install_backblaze_<serial number>.dmg Munki package.
    Name: include the serial number in the plist file’s name. For example, Backblaze-Installer-<serialnumber>.plist
    Set the unattended install flag.
    Include a post-install script. This is how the Backblaze client actually gets installed and where the Backblaze account, group ID, and group Token are set.
    Verify that the pkginfo file references its corresponding Munki package. 
    Import all of these pkglist files into the Munki repo.

    Please note that when used within the Munki post-install script, one needs to use “/Applications” as the path of the installer, not “/Volumes/Backblaze\ Installer”.

    Also please note, that sudo is not used.

    If the password is "none" (without the quotes), an automatically generated password will be used and the user can request a password reset on our Backblaze website. We suggest using this method for the initial password of your created Backblaze accounts for added security. 

    $ #!/bin/bash
    echo "${bb_username},${bb_grpID},${bb_grpToken}" 
    echo About to run the Backblaze installer with this command:
    echo /Applications/Backblaze\ -nogui  -createaccount "$bb_username" none "$bb_grpID" "$bb_grpToken"
    /Applications/Backblaze\ -nogui  -createaccount "$bb_username" none "$bb_grpID" "$bb_grpToken"
    echo Finished running Backblaze silent installer




Error Codes:


Please note that error codes will be shown in the Munki output log file on each client (usually set to /Library/Managed Installs/ManagedSoftwareUpdate.log).

A successful return will look like this:  “BZERROR:1001” .

You will get the following error if the client has System Preferences running while the installer is trying to install: “BZERROR:190”.


Once Installed:


If you added members to a non-auto accept group, the group admin will need to accept these users from the Requesting Membership list on the Invite & Approve page of the group admin account.

Please ask your group members to follow the Forgot Password directions from this help article to set an initial password.

Once Backblaze is installed on the end user’s computer, they will receive a Welcome to Backblaze email that will let them know that their data will be securely backed up to Backblaze. The email will describe the service and offer them some tips and guidelines.


Using Backblaze B2 as a Munki Repo:

An open source utility has been created to securely access a munki repo hosted on Backblaze. Details can be found on this github repo.

Have more questions? Submit a request


Article is closed for comments.
Powered by Zendesk