Backblaze Mass Silent Install with Jamf (Mac)

The Backblaze installer can be deployed silently using Jamf, a managed software installation tool (https://www.jamf.com).

The following instructions are for macOS deployments and will allow your group administrator to create Backblaze accounts for each computer, to backup each of those computers, and to have those accounts all be managed under one Backblaze group. 

 

Prerequisites:

Jamf Setup

  • Jamf Pro server (formerly JSS) is either hosted on a server or in the Jamf Cloud.

  • Jamf Pro - this suite includes tools such as Jamf Admin/Imaging/Remote, Composer and Recon (these tools were formerly known as Casper tools).

  • Before you start, please make sure that you have a good understanding of how a Jamf policy is set up, how to set up a script for a Jamf policy, and how to set up environment variables in the policy that will be passed into the script when the script is executed on the remote machine. Jamf provides detailed documentation regarding policy configuration.

Backblaze Setup

  • A Backblaze account set up for the admin with the groups service enabled.

  • A group has been created in the Backblaze account.

    We strongly encourage the admin to edit the group properties of the group to automatically approve membership requests. This can be done in the Group Management area of the group admin account by clicking Edit Group button, checking the box for Automatically approve member requests from ANY domain, and clicking the Update Group button. Or input your company domain name into the Automatically Accepted domains section and click the Update Group button.

    If desired, this setting can easily be disabled after the mass deploy is completed.

  • The admin knows the group ID and group token.

    The group ID and group token values can be found by:
    • Signing in to the group admin’s Backblaze account.
    • Go to the Invite & Approve page. Select the appropriate group from the pull down list.
    • Click on the Advanced Instructions button in the Advanced Deployment section.
    • Under Advanced Deployment Instructions, choose the Mac tab.

      The group ID and group token are listed in the example usage command. In the listed example, the backblaze installer is shown with several flags, one of which is the “-createaccount” flag, which takes 4 parameters. The last two parameters are the group ID and the group token.

      For example, if you see this:

      sudo /Volumes/Backblaze\ Installer/Backblaze\ Installer.app/Contents/MacOS/bzinstall_mate -nogui -createaccount user@corp.com password-goes-here 11001 wdloryiyqyrmnizvy54q7lar27

      the group ID is 11001 and the group token is wdloryiyqyrmnizvy54q7lar27.

  • Download the Backblaze installer for Mac, install_backblaze.dmg (which can be found here).

Setting up Jamf to deploy Backblaze on Mac:

  • Create an API User Account for BackBlaze to complete API call

    Give the account only read access to “Users”


  • Upload the Backblaze Silent Install script into Jamf Pro server repository (JSS)

    Update our sample Backblaze Silent Install script with the exact url of your JSS and with your username:password pair (the user that has read privileges to “Users” in your system).

    Here is our sample Backblaze Silent Install script.

 

#!/bin/bash

#These are for debugging
set -x
set -euo pipefail

backblaze_grpID="$4"
backblaze_grpToken="$5"

#By default $3 is the username parameter for scripts in Jamf

userName="$3"
response=$(curl https://myjss.com/JSSResource/users/name/$userName --user username:password)


#Jamf API’s can return XML or JSON, this parses and grabs the email from XML.
emailAddr=$(echo $response | /usr/bin/awk -F'<email_address>|</email_address>' '{print $2}')
echo About to run the Backblaze installer with this command:


#Note the directory to which your Backblaze installer is installed can be specified within the policy, JAMF default for the policy is to run on boot drive

echo /Applications/Backblaze\ Installer.app/Contents/MacOS/bzinstall_mate -nogui  -createaccount "$emailAddr" none "$backblaze_grpID" "$backblaze_grpToken"

/Applications/Backblaze\ Installer.app/Contents/MacOS/bzinstall_mate -nogui  -createaccount "$emailAddr" none "$backblaze_grpID" "$backblaze_grpToken"

echo Finished running Backblaze silent installer

 

  • Upload the Backblaze Installer dmg file into Jamf Pro server repository (JSS)

  • Create the Policy

    • Create a new policy (i.e. Backblaze)
    • Set trigger as desired
    • Specify the path where the Backblaze dmg will be mounted, i.e /Applications
    • Add install_backblaze.dmg as a package in this policy
    • Add the Backblaze Silent Install script as a script in this policy
    • Set the environment variables $4 and $5 which will be used by the script. This is the mechanism through which the script determines the Backblaze group ID and key. Use “Group ID” for the name of parameter 4 and use “Group Token” for the name of parameter 5.
    • Upload an icon if desired (helpful for Self-Service; the icon is provided inside the .dmg file, in Contents/
      Resources/BzLogo.icns)
    • Set scope as desired

  •  Jamf client

    The Jamf client must be registered on each remote computer so that the username variable is set. This is the mechanism by which the script’s variable $3 contains a valid value.

Once the policy runs, the Backblaze client will be installed and start backing up the computer immediately.

 Example:

Screen_Shot_2017-10-11_at_3.46.05_PM.png


Once Installed:

If you added members to a non-auto accept group, the group admin will need to accept these users from the Requesting Membership list on the Invite & Approve page of the group admin account.

Please ask your group members to follow the Forgot Password directions from this help article to set an initial password if you used “none” for the password in the script.

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk