What is Jamf and how can it help with Setapp for Teams?
Jamf is a solution for system administrators that allows them, among many other tasks, to manage Apple software on Macs, iPads, iPhones, and Apple TVs.
With Setapp for Teams, you can use Jamf to:
- Remotely install Setapp on the Macs that belong to the members of your team.
- Apply and update the same Setapp configuration on every computer quickly and easily.
Using JAMF distribution saves time since your team members don't spend a minute setting up Setapp on their Macs. Instead, a single person, the IT Admin of your organization, installs and configures Setapp for the entire team.
To start distributing Setapp for Teams using Jamf, you need to complete these steps:
- Prepare the Setapp for Teams config file.
- Create a Setapp for Teams distribution package using Jamf Composer.
- Create a Jamf installation policy for the distribution package.
Setapp for Teams config file
With the config file, you can apply the same Setapp settings on all Macs in your team.
The file template is available on the “Jamf distribution” page of your online Setapp account.
The template title is
team_config.template.yml. To add the file to the distribution package, you must rename it to
team_config.yaml. (remove ".template" from the title).
If you plan to use the config file in Setapp distribution process, we recommend preparing the file before you start creating the distribution package with Jamf Composer. Preparing means specifying the settings in the config file; these settings are discussed in the sections below.
company_name key-value pair specifies the organization name that is displayed for team members in the Setapp desktop app. The value must use quotation marks, like in the example below:
team_key key-value pair contains the unique team identifier. It is used every time a new team member registers after receiving an invite. The value must use quotation marks, like in the example below:
The config file template comes with a placeholder that must be manually replaced with a valid key, generated for your team. You can get the key on the "Jamf distribution" page your online account, in the "Add your personal Jamf key" section.
Replacing the team key. If a team key has been revoked or reissued, it must be replaced in the config file because registering new team members won't be possible using the outdated key.
forbidden_apps key-value pair specifies the apps you don’t want your team members to install. For example, if you have a company policy of avoiding torrents, you can specify such applications using
forbidden_apps; as a result, torrents won’t be displayed in the Setapp desktop application, so your teammates won’t be able to install them.
An item in the
forbidden_apps key-value pair consists of an app identifier followed by a comment with the app name (for human readability).
The config file template contains all the apps, available in Setapp. By default, every app item is commented (has the “#” symbol at the beginning of the line), which means all apps are allowed. To forbid an app, uncomment the corresponding line (remove the first “#” symbol), like in the example below:
- 263 # CleanMyMac X
Create a distribution package
In this article, we're describing just one of the possible ways to create a Jamf distribution package for Setapp for Teams. If you're an experienced Jamf user, you can follow your own workflows and use this guide as a reference for the settings and configurations, used particularly in Setapp for Teams.
If you still have questions on using Jamf and Jamf Composer, you might find these resources useful:
- Jamf Composer User Guide.
- "Building a Package Using Snapshots in Composer" video, provided by the Jamf team.
Before you start
1. Verify your accounts. Make sure your Jamf Pro, Jamf Nation, and Apple Developer accounts are active.
2. Install Jamf Composer. Jamf’s Composer.app, along with other apps, is available as a part of the Jamf Pro suite. To download the suite, sign in to your Jamf Nation account, then go to My Assets and click Download in the Jamf Pro section.
3. Get Setapp resources. To create a Setapp distribution package, you'll need the following resources, available on the "Jamf distribution" page of the online Setapp for Teams account:
- Setapp for Teams installer.
- Personal (team) Jamf key.
- Config file.
To access the "Jamf distribution" page, you must have a team owner account in Setapp for Teams. If you don't have the account, you can ask the actual Setapp team owner in your company to download the resources and share them with you.
4. Remove the previous Setapp installation (if any). If Setapp has been previously installed on the Mac that you’re using to create the distribution package, uninstall it. When creating a package, you’ll need to perform a clean Setapp install so that Jamf Composer could correctly identify the files for the package. Installing Setapp over a previously installed version might cause difficulties.
To uninstall Setapp, follow these steps:
- Open Setapp.
- In the menu bar, choose Help > Uninstall...
- Click Uninstall Completely.
See "Uninstalling Setapp and applications" for more details. Note that when you uninstall Setapp, your subscription stays active. To stop being charged with the Setapp membership fee, you’ll need to cancel subscription.
Step 1: Create a package source
We recommend using the Composer's Normal Snapshot flow that captures the new files that appear on your hard drive after installing Setapp.
Follow instructions in the "Creating Package Sources" article (Jamf's Composer User Guide).
After creating the initial snapshot and starting a new package, install Setapp. Use this article as a reference. On the last step of Setapp installation, don’t click Launch to avoid creating unnecessary service files on your Mac (and, later, in the package source).
Step 2: Build a package from source
We recommend building the Setapp for Teams distribution package as DMG, not PKG. With DMG, during the distribution process, the Setapp config file is placed in the corresponding user's directory and a separate folder with the Admin's name is not created for the config file.
Follow instructions in the "Building Packages from Package Sources" article (Jamf's Composer User Guide).
These Setapp resources must be added to the package:
To reduce the package size, remove the rest of Setapp resources from the package using Jamf Composer. The screenshot of the Composer.app window below shows the resources required for the package:
Adding the config file. It's important to use Jamf Composer when adding the config file to the distribution package. Avoid placing the file manually to the
~/Library/Application Support/Setapp/Config directory on your Mac — the Setapp app might process and then delete the file.
To add the config file, follow these steps:
- In Jamf Composer, create the "Config" directory:
- Make sure the config file has been renamed to
team_config.yaml(“.template” removed from the file name).
- Drag the config file to the "Config" directory in the Jamf Composer window.
Step 3: Sign the package with a Developer ID certificate
This is a common procedure, covered in these Apple developer articles:
- "Sign a Mac Installer Package with a Developer ID certificate".
- "Notarizing Your App Before Distribution".
That's it! After signing, your Setapp for Teams package is ready to be distributed using Jamf.
Distributing Setapp for Teams using Jamf Pro
Setapp for Teams can be distributed with Jamf as a common macOS application; it doesn't require special permissions or flows.
Use the "Software Distribution" section of the Jamf Pro Administrator's Guide as a reference.
Create Jamf installation policy
For detailed instructions, see "Managing Policies" (Jamf Pro Administrator's Guide).
When specifying the policy options, choose "Fill existing user home directories (FEU)" and make sure the "Fill user templates (FUT)" option is not selected.