Parallels ConfigMgr Plugin v4.5: New Features
The release of the Parallels ConfigMgr v4.5 plugin brings several new features. We will go over a few of them in this post. For more reading about Parallels, search the WME blog. There are several other posts on the subject.
Installation
Installation is pretty simple. You must uninstall the previous version of the plugin first, then run the v4.5 installer. Here here’s the new available feature list:
You must have the first two, but you can enable the NetBoot Server option if you like. This can also be run on your PXE-enabled distribution point if it is not on this server. The last option, OS X Software Update Point, is the exciting new feature of this release. We will discuss this feature in detail later in the post.
After installation, the wizard to set up the ConfigMgr proxy will launch. This looks very similar to previous versions of the plugin. If you installed the OS X Software Update Point, you will also be presented with its configuration wizard.
OS X Software Update Point Setup
The first exciting new feature is the ability to push OS X software updates. There is some setup to this, but once complete, you will be able to apply OS X Software Updates from your ConfigMgr console. First, you must have System Center Update Publisher 2011 set up with an active signing certificate. I would suggest completing this setup first before trying to go through the OS X Software Update Point configuration.
Running Server 2012 R2? Read this section:
You will know you need to do these steps if you try and run the OS X Software Update Point configuration and it stops here:
If you running Server 2012 R2 and you do not already have a certificate authority in your environment, you must do two things to create a self-signed certificate for SCUP. First, do the steps for Windows 8 and Windows Server 2012 found here: https://technet.microsoft.com/en-us/library/hh134747.aspx#PublishToServer2012 (there steps work for 2012 R2 as well). Second, add this registry key to your WSUS server:
HKEY_LOCAL_MACHINE\Software\Microsoft\Update Services\Server\Setup\
Create DWORD value: EnableSelfSignedCertificates = 1
Now, the create button in SCUP will work.
Configuration Wizard
First, you will have to provide the configuration wizard with a service account. This account will need to be in the WSUS Administrators group (even if the account is an administrator on box).
You must ensure that the self-signed certificate from the WSUS store is also in the trusted root and trusted publishers stores (the certificate must exist in all three locations for the OS X Software Update Point to work). The configuration wizard will stop with these errors if this is misconfigured:
After everything is correct, the configuration wizard will run.
ConfigMgr Console
After the configuration wizard runs, you will need to synchronize updates in your ConfigMgr console twice. The first sync will add the Apple product category, while the second will sync your Apple updates.
To start, run an update sync. In mature environments, this could take an hour or two to complete You can follow the SMS_WSUS_SYNC_MANAGER component from the console, or the wsyncmgr log to see when sync is complete. After the first sync is complete, from the ConfigMgr console, go to Administration > Site Configuration > Sites and select your site. From the ribbon, either expand settings, or select “Configure Site Components” and select “Software Update Point”:
From the Software Update Point properties box, select the Classifications tab and ensure that the box for updates is checked. Now, on the Products tab, check the two Apple boxes:
After that, run another Software Update sync. When it completes, you should see Apple products:
Other New Features
The OS X Software Update was the major release in this version. There were also other improvements, such as the ability to automatically enroll Macs as part of your AD discovery. This new option is available from the site configuration screen:
You can limit this automatic install to only Macs in certain collections as well, which could be helpful in some environments:
This ability also brings with it automatic client upgrades for Macs.
