Manualshelf

Intel Unite Solution - Enterprise Deployment Guide

ManualsBrandsHP ManualsDesktopsHP EliteDesk 800 65W G3 Desktop Mini PC
51525354555657585960
Intel Unite® Solution Enterprise Deployment Guide v3.1.7 59 of 83
11 Intel Unite Solution for macOS
11.1 Background
The Intel Unite software for macOS is packaged as a primary app package and can leverage IT specific
preferences values. In this manner, the app supports a multitude of common deployments from general
Mac management software and techniques, to manual installation and setting of preferences.
11.2 General Connection Workflow
By default, the app will use DNS Auto Discovery (e.g. DNS SRV records) to determine the proper Enterprise
Server to connect to. The overall workflow is as follows:
(Optional) Enterprise Server as defined in preferences
Auto Discovery to the following domains:
_uniteservice._tcp
_uniteservice._tcp.yourSubDomain.yourDomain.yourTLD
i. Example: _uniteservice._tcp.corp.acme.com
_uniteservice._tcp.yourDomain.yourTLD
i. Example: _uniteservice._tcp.acme.com
Attempt connection to HTTPS followed by HTTP if failure
uniteservice.yourDomain.yourTLD
11.3 Preferences Values
IT can modify and customize the Intel Unite app to meet their own infrastructure or security needs by
setting the following settings to the com.intel.Intel-Unite.plist located in each user’s ~/Library/Preferences
folder:
Define a Default Enterprise Server
defaults write com.intel.Intel-Unite EnterpriseServer myServer.mydomain.myTLD
Define an Enterprise Server Public Key for Certificate Pinning
defaults write com.intel.Intel-Unite EnterpriseServerPublicKey "Public Key String"
Force a Client to Only Allow Trusted Server Certificates
defaults write com.intel.Intel-Unite ClientOnlyAllowsTrustedCertificates -bool true
Force a Client to Connect in Standalone Mode
defaults write com.intel.Intel-Unite Standalone -bool true
Each of these settings can be set or modified manually by opening the macOS Terminal
(/Applications/Utilities) and entering the command followed by a return. Discussion and details of each
command are as follows:
Define a Default Enterprise Server
Setting a Default Enterprise Server will stop the Auto Discovery process from taking place. If your
Mac Clients live solely on your own network, this can be a useful setting to "pin" the Intel Unite app
to your particular Enterprise Server for security reasons or troubleshooting.
Define an Enterprise Server Public Key for Certificate Pinning