Categories
IT

Deploying the Slack token on macOS with JAMF

Slack has a Windows/macOS compatible feature that allows the use of a file called Signin.slacktoken helping the users be redirected to the right workspace to sign in.

This file has to be placed in the Downloads folder of your target user. You can either offer them to download it (self service) or you can deploy it with a MDM solution such as JAMF.

The latter is what I’ll describe here.

Slack’s documentation on this feature can be found on their website and I invite you to read it.

I’ll even re-use their first step:

Step 1 : Download a default sign-in file .

  1. From your desktop, click your workspace name in the top left.
  2. Select Settings & administration from the menu, then click Workspace settings.
  3. Click the Authentication tab.
  4. Next to Automatically Open This Workspace for Members, click Download.

If you open this file in a text editor you’ll see something like:

{"default_signin_team":"XXXXXXX"}

Step 2:

If you wanna be able to deploy this file with JAMF, you need to make a DMG package.

For this you can use the JAMF composer software for example. Import you file in the app:

Select “Build ass DMG” puis in the admin of your JAMF Pro instance, go to Settings => Computer Management => Packages and upload your new package.

Then name it under your convention:

In the “Options” tab, tick “Fill existing user home directories (FEU)” to adapt the deployment folder to the one of your target user.

Next up you just have to create a Policy to deploy this Package

Go to “Computers” then “Policies” then create a new Policy.

In Packages, pick your package.

Then, up to you to choose how and when you wanna run this Policy.. for example with DEPNotify while onboarding users, the idea being to deploy the file before a user can run Slack otherwise .. it is not gonna be super useful.

Cherry on the cake (basic but still).. I chose to hide this rather technical file and therefore I’ve added the command:

chflags hidden $HOME/Downloads/Signin.slacktoken

in Files and Processes for this Policy:

Maintenant au déploiement sur les machines cibles, le fichier se dépose tout seul dans le dossier Téléchargements et quand on clique sur “Se connecter” dans l’application Slack, on est automatiquement renvoyé vers le sous domaine type votresociete.slack.com qui aidera l’utilisateur à s’authentifier sur votre Slack.

Now, once deployed on the target machines, the file automatically gets added to the Downloads folders of the user and when you click “Connect” in Slack, you get redirected to the subdomain yourcompany.slack.com ..helping your users authentic on the right workplace.

Tadaaaaam

If you wanna go a different way, you can checkout this script that also helps.

Thanks NickTheITGuy for the write up idea.

This post is also available in fr_FR.