Deploy AirWatch via SCCM to Enroll Devices

In this section, we will deploy the AirWatch SCCM integration client along with the VMware AirWatch Agent to all devices in the Win10 Collection we created earlier to automatically enroll them into VMware AirWatch.  This leverages the pre-staging work we did in the previous exercise.  

The enrollment will run as the staging user we created, but during the enrollment process the device will be assigned to the aduser account since we pre-staged the serial number and username into AirWatch.

1. Edit AirWatch Enrollment Script

  1. Click the File Explorer shortcut from the task bar.
  2. Click shared(\\sccm) (Z:).
  3. Click AWDeploy.
  4. Right-click AirWatchEnrollment.ps1.
  5. Click Edit.

1.1. Open File - Security Warning

Click Open.

1.2. Open Find in File Dialog

  1. Click Edit.
  2. Click Find in Script.

1.3. Find the Group ID

 

  1. Enter "groupid" for the Find What field.
  2. Click Find Next.

1.4. Enter Your Group ID in the PowerShell Script

Retrieve your Group ID from the AirWatch Console.  If you do not remember your Group ID, refer to the previous steps for instructions on retrieving it.

  1. Replace the GROUPID parameter with the your Group ID value from the AirWatch Console.
  2. Click the Save icon.

2. Launch Create Application Wizard

  1. Click the System Center Configuration Manager icon from the task bar to return to the SCCM Console.
  2. Click Software Library.
  3. Expand Overview if it is collapsed.
  4. Expand Application Management.
  5. Click Applications.

3. Create Application

  1. Click Create.
  2. Click Create Application.

4. Manually Specify Application Settings

  1. Select Manually specify the application information.
  2. Click Next.

4.1. Application Information

  1. Enter "AirWatch Enrollment" for the Name.
  2. Enter "AirWatch" for the Publisher.
  3. Enter "1.0" for the Software version.
  4. Click Next.

5. Update Application Icon

Next to Icon, click Browse.

  1. Click shared (\\sccm).
  2. Open the AWDeploy folder.
  3. Click airwatch.png.
  4. Click Open.

5.2. Click Next

Click Next.

6. Configure Deployment Type Settings

Click Add.

6.1. Specify Deployment Type

  1. Select Script Installer from the drop-down menu.
  2. Click Next.

6.2. General Information for Deployment Type

  1. Enter "AirWatch" for the Name.
  2. Click Next.

6.3. Browse Content Location

Click Browse next to Content location.

6.4. Select Folder

  1. Click the navigation bar and enter "\\sccm\shared".  Press Enter.
  2. Select the AWDeploy folder
  3. Click Select Folder.

7. Send PowerShell Command to Lab Console

Click to select the Installation Program text box.  The upcoming steps will have you paste the PowerShell command in this text box, but it MUST be selected first.

7.1. Send PowerShell Command Text to Console

  1. Click SEND TEXT from the VMware Learning Platform page, which is located just above your console view. This option allows you to copy and paste text to the virtual machine.
  2. Copy and paste the following command into the Send Text to Console text box:   powershell -executionpolicy bypass -file AirWatchEnrollment.ps1
  3. Click Send

7.2. Confirm the Command pasted for Installation Program field

  1. The command powershell -executionpolicy bypass -file AirWatchEnrollment.ps1 should now be entered into the Installation Program text box.
  2. Click Next.

8. Select Custom Script

  1. Select Use a custom script to detect the presence of this deployment type.
  2. Click Edit.

8.1. Specify Script Type

  1. Select PowerShell for the Script Type.
  2. Click the Script Contents text field to select it.  In the following steps, we will be pasting a PowerShell command in this field using the Send Text feature.

8.2. Send PowerShell Command Text to Console

  1. Click SEND TEXT from the VMware Learning Platform page, which is located just above your console view. This option allows you to copy and paste text to the virtual machine.
  2. Copy and paste the command below into the Send Text to Console text box.
  3. Click Send.
#Compliance Script
#Checking first for Airwatch Enrollment
$PATH = "HKLM:\SOFTWARE\Microsoft\Provisioning\OMADM\Accounts\*"
$val = (Get-ItemProperty -Path $PATH -ErrorAction SilentlyContinue).PSChildname
#Now checking whether enrollment is with a real user or the staging user
$path2 = "HKLM:\SOFTWARE\Microsoft\Enrollments\$val"
$val2 = (Get-ItemProperty -Path $PATH2 -ErrorAction SilentlyContinue).UPN
if (!($val2 -eq "[email protected]" -or $val2 -eq "[email protected]" -or $val2 -eq $null))
{
    Write-Host "Installed"
    Exit 0
}
Else
{
   Exit 0
}

8.3. Confirm the Command pasted for the Script Contents

  1. Confirm that the command for the Script Contents was pasted successfully.
  2. Click OK.

This script checks if the device is enrolled into AirWatch and checks if user-switching has happened.

9. Complete Deployment Type Wizard

Click Summary and follow the steps to complete the wizard.

9.1. Modify Installation Behavior

  1. Select Install for System for the Installation Behavior.  This will run the deployment as the System account rather than the local user.
  2. Click Summary.

9.2. Confirm Deployment Settings

Click Next.

9.3. Close Create Deployment Type Wizard

After the Create Deployment Type wizard completes, click Close.

10. Complete Application Wizard

Click Next to continue with the Create Application Wizard.

10.1. Confirm the Application Settings

Click Next.

10.2. Close the Create Application Wizard

Click Close.

11. Deploy AirWatch Enrollment Script to Device Collection

In the SCCM console,

  1. Right-click AirWatch Enrollment in the Applications list.
  2. Click Deploy.

11.1. Browse Collections

Next to the Collection text box, click Browse.

11.2. Select Collection

  1. Select Device Collections from the drop-down menu.
  2. Select Win10
  3. Click OK.

11.3. Click Next

Click Next.

12. Add Distribution Point

  1. Click Add.
  2. Click Distribution Point.

12.1. Add Distribution Points

  1. Select the SCCM.CORP.LOCAL check box.
  2. Click OK.

12.2. Click Next

Click Next.

13. Complete Deploy Software Wizard

  1. In the Purpose drop-down menu, select Available.
  2. Click Next.

13.1. Specify Schedule for Deployment

Click Next.

13.2. Display in Software Center

  1. In User Notifications drop-down menu, select Display in Software Center, and show all notifications.
  2. Click Next.

13.3. Alert Options

Click Next.

13.4. Confirm the Summary and Run the Deploy Software Wizard

Click Next.

13.5. Deploy Software Wizard Completed Successfully

Click Close.

You have successfully created an SCCM application to enroll Windows 10 devices into Airwatch.

13.6. Close the SCCM Server Session

Click the Close button on the sccm.corp.local RDP session popup at the top of your screen.

NOTE - If the sccm.corp.local RDP bar does not display, you may need to hover your mouse at the top and center of the screen for it to display.

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.