A primer in Profile Manager: Turn on Profile Manager
How to set up and manage devices using OS X Server’s Profile Manager service.
This is episode six in our series on setting up and managing devices using Server’s Profile Manager service. You may also want to look at:
- A primer in Profile Manager
- The setup
- The Server app
- Manage your server remotely
- Set up Open Directory
We have (finally) arrived at the day you’ve all been waiting for: It’s time to turn on Profile Manager.
Turn on Profile Manager
The plan here is to use a Mac other than your server for setting up, connecting to, and managing Profile Manager. It’s not necessary for this lesson, you can perform these tasks on your server, but you will need a second computer for every episode following this one.
On a second computer:
- Download and Open the Server app.
- Locate your Server in the list of servers, select it and click Continue.
- Authenticate using the directory administrator ID and password you created in the last lesson.
- You should now see a window asking you to verify your server’s SSL certificate. (If you don’t, it may be because you’ve already trusted the certificate in a previous lesson or you’re using a certificate signed by a trusted certificate authority.) Click the button that says Show Certificate.
- In the resulting window, if you want, you can click the disclosure triangle next to Trust and Details to look at your certificate, otherwise, put a check in the box that says Always trust
com.apple.servermgrdwhen connecting to
yourserevername.yourdomain.comand click continue.
- Authenticate as an administrator and click Update Settings.
A new remote management session for your server should now be open. Locate and click Profile Manager under the section that says Services.
As is the case with so many of the Server app’s services, you don’t have to do much to get Profile manager up and running. In this case, all you need to do is turn the service on and it will begin working. We need to do more to configure it, but you can get started with just the flick of a switch.
- Click the switch that turns Profile Manager on.
Take note of the Status section at the top of the Profile Manager window. Initially, it will say Starting but very shortly it should say, “Available at
Test to see if Profile Manager is working
Now that the Profile Manager service is started it’s time to test and make sure it’s running.
- Open Safari.
yourserver.yourdomain.com/profilemanagerin the address field and press the return key.
- At the login window, enter your Server Administrator userid and password.
- Select Users in Profile Manager’s Library sidebar, locate and select your administrative user.
You should only see your server administrator in this list, although, it is possible you’ll see other users if you already had users on your computer when you installed Server or if you’re bound to another Directory Server in your environment. If you do see other users, use the search field to find and select your server admin.
This browser-based Profile Manager is used to manage users and devices, which allows you to changes to settings and provide access to server resources remotely. We’ll begin looking at more of Profile Manager’s management features in a subsequent lesson, but for now, we’re going to look at another Profile Manager features.
- Click the menu at the upper-right of Profile Manger in your browser—it should display your server administrator’s name.
- Click Log Out.
Testing My Devices
Profile Manager offers a feature allowing your users to enroll their personal devices in your management system. This feature is great for when you want to provide access to company resources on personal devices while guaranteeing that your users aren’t exposing private data. We’ll talk more about the “whys” and “hows” of introducing personal devices into your corporate system, but for now, let’s just check and make sure it’s working properly.
- In your browser’s address bar, type
yourserver.yourdomain.com/mydevices. Take note that you need to type,
- Log in using your administrative userid and password.
You’ll see a different Web page titled My Devices that your users can use to enroll their personal devices in your system. Before they can log in to this portal, you’ll need to create Open Directory accounts for them. Also, take note that you can, at this time, only download a Trust Profile using this portal. This is because we haven’t yet turned on Device Management for your server in Profile Manager.
We’ll get to that in the next episode.