MacOS Setup Checklist

Recently, we onboarded a new client that had no IT documentation.  They had a stellar inhouse IT staff, but they were underwater with office moves and keeping the lights on.  We quickly dove in to handle the commoditized tasks to allow them space to focus on other tasks.

We have a three-phase process for a new user setup.

  1. IT request is made from our gix Engage application.  This prompts our clients to provide all the access and application requirements
  2. Setup and Validation: We have a detailed setup checklist.  Below is an example of a MacOS basic setup.
  3. End user validation and sign off.

This checklist is for a very basic machine.  The only two oddity is associated with Meraki MDM.

Meraki MDM: Meraki MDM is a platform that allows your to control computer settings and deploy configurations and applications.  Meraki MDM is nice because it is operating system agnostic.  However, JAMF is much more fully featured for pure MacOS management.

For a client of this nature, 95% MacOS and an active Domain Controller – we would typically recommend JAMF for the Macs and Group Policy for the windows OS.

Out of box process

  1. Navigate through each of the setup pages. Skip anything unnecessary.
  2. Sign into a network.
  3. Sign in with Apple ID: XXXX
  4. Create a computer account settings:
    1. Full Name: Admin
    2. Account Name:
    3. Password:
  5. Allow my Apple ID to reset this password (Checked)
  6. Use iCloud Keychain (Checked)
  7. Do not enable location settings
  8. Select time zone that the user is located
  9. Don’t share Mac Analytics
  10. Skip Screen Time
  11. Don’t share iCloud analytics
  12. Enable Ask Siri (Unchecked)
  13. Turn on FileVault disk encryption (Checked)
  14. Allow my iCloud account to unlock my disk (Checked)
  15. Skip Touch ID
  16. Skip Pay
  17. Choose Your Look: Auto
  18. Open System Preferences> Users & Groups
  19. Create user per the onboarding form. Save the password and provide it to *Create the user as an admin so you can install the required software easier. Revoke admin privileges after setup is complete.)
  20. Save and restart.
  21. Sign in with the new user.
  22. Skip Sign In with Your Apple ID, but finish the remaining setup as you did for the administrator account above.
  23. Clean up Dock. (Drag app out until the Remove icon appears, then release). Remove all apps except Finder, System Preferences, Downloads, and Trash.
  24. Install Chrome and pin it to the Dock.
  25. Pick a name for the device- Sign into Meraki XXX. Sort by name and pick the next name in line. The nomenclature is as follows:
  26. Mac Laptops: XXX-ML001
  27. Mac Desktops: XXX-MD001
  28. Change the name of the Mac. System Preferences> Sharing. Under Computer Name, select “Edit…” to change the name.
  29. Navigate to to install the MDM XXXXX | Open the file after it’s downloaded. Navigate to System Preferences> Profiles and hit Install. Check to make sure that the device was added to Meraki.
  30. Install Slack from Chrome and pin it to the Dock.
  31. Download the remote agent through Automate (choose link). If it doesn’t allow download, go into System Preferences> Security & Privacy and select “Open Anyway”.
  32. Clear Downloads and Empty Trash.
  33. Let XXXXX know that the setup is complete. Provide the user’s Mac password.

IT Orientation setup:

  1. Sign into Okta and set up MFA.
  2. Sign into and install the office suite.
  3. Sign into Slack.
  4. Install and sign into any Adobe products that are needed (Adobe Pro or CC)
  5. *Needs editing. We need to get an installer that allows us to install w/o sign in for Adobe Pro, Adobe CC, and Microsoft Office.