Having the ability to create a custom onetouch installation package that can be deployed Via a MDM or MAM solution such as Microsoft Intune would be great so that an end user can go, download the app, and have it automatically configured right out of the box for them and the network they need.
Yes - this!! ZeroTier could get a major boost from schools and enterprises if MDM support was added. ZeroTier Configuration File | ZeroTier Documentation indicates the configuration files for desktop but mobile isn’t supported yet?
Could the starter version of this feature just be a guide on how to package and/or use with MDMs? Which MDMs are most important or popular in the areas you see?
Here I use Mosyle MDM. I’ve created a workaround for desktops by using a shell script that is run during the setup of the computer. I’m guessing most MDM would give this ability I suppose?
Hi @IT-MBD Sorry to revive an old thread, but are you able to share the script you are using? I’m also using Mosyle and trying to come up with a solution. I do have a script that installs the agent, but ideally I would like the device to also be automatically authorized for the set network, and have the hostname assigned to the device in Central. Right now, I end up with a bunch of unathorized devices, with no easy way to identify what each device is.
Hello. Well the Mosyle server installs the app as mandatory during the enrollment setup (I have installed the Zerotier .pkg on my web server and added it in Mosyle under Custom PKG) and then created a Custom command with this bash script:
/usr/local/bin/zerotier-cli join YOUR_NETWORK_ID
/usr/local/bin/zerotier-cli set YOUR_NETWORK_ID allowGlobal=1
/usr/local/bin/zerotier-cli set YOUR_NETWORK_ID allowManaged=1
/usr/local/bin/zerotier-cli set YOUR_NETWORK_ID allowDNS=0
/usr/local/bin/zerotier-cli set YOUR_NETWORK_ID allowDefault=0
And then set execution to Only based on schedule or events and Upon enrollment only and I only have to authorize it from the ZT admin console and that’s it.
Hope this helps!
Thanks, appreciate you sharing that. I am building out a script that will (should) also authorize the device to the network. I’ve found some older scripts that I am working to modify to achieve this. Once I get it all sorted I will be happy to share it.
I finally found some time to work on my script. In my testing it appears to be working. Feel free to take a look: Public-Scripts-and-Stuff/Scripts/ZeroTier/deployZeroTier.sh at main · nberanger/Public-Scripts-and-Stuff · GitHub
Currently it will do the following:
- Install ZeroTier in the background
- Connect it to a specified network
- Authorize the device on that network
- Assign the local hostname to the device in ZeroTier Central
- Send a formatted Slack notification with the deployment status (if a webhook is provided)
I am using Mosyle to push it out to my Mac devices but it should work with any MDM solution that supports running bash scripts.
If you do check it out, would love to hear what you think.
Cheers!
1 Like