Installing using MDM on Mac

Deploying to a Mac device with MDM requires 3 separate configurations:
1.Root Certificate
2.Network Extension Permission
3.Custom Profile Permission
1. Root Certificate
Root certificate inside of your installer zip should be deployed inside your MDM tool
​
2. Network Extension Permission
The network extension should be allowed with dope.security's identifier 63JU25B8Q7
​
3. Custom Profile Permission
Add a custom MDM profile with the following details:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDisplayName</key>
			<string>DopeSecurityApp</string>
			<key>PayloadIdentifier</key>
			<string>com.apple.vpn.managed.3FC862E3-0F98-45DA-9BA0-B00D74C6E82E</string>
			<key>PayloadType</key>
			<string>com.apple.vpn.managed</string>
			<key>PayloadUUID</key>
			<string>798346BB-9A01-40B3-8EA6-377B26B0018B</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>UserDefinedName</key>
			<string>DopeSecurityApp</string>
			<key>VPN</key>
			<dict>
				<key>AuthenticationMethod</key>
				<string>Password</string>
				<key>ProviderBundleIdentifier</key>
				<string>security.dope.DopeSecurityApp.Redirector</string>
				<key>ProviderDesignatedRequirement</key>
				<string>anchor apple generic and identifier "security.dope.DopeSecurityApp.Redirector" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = 63JU25B8Q7)</string>
				<key>RemoteAddress</key>
				<string>localhost</string>
			</dict>
			<key>VPNSubType</key>
			<string>security.dope.DopeSecurityApp</string>
			<key>VPNType</key>
			<string>VPN</string>
			<key>VendorConfig</key>
			<dict>
				<key>Group</key>
				<string>63JU25B8Q7.security.dope.DopeSecurityApp</string>
			</dict>
		</dict>
		<dict>
			<key>AllowedTeamIdentifiers</key>
			<array>
				<string>63JU25B8Q7</string>
			</array>
			<key>PayloadDisplayName</key>
			<string>System Extension Policy</string>
			<key>PayloadIdentifier</key>
			<string>com.apple.system-extension-policy.190E1DB5-015F-4CAF-8AD5-9F0C293663DE</string>
			<key>PayloadType</key>
			<string>com.apple.system-extension-policy</string>
			<key>PayloadUUID</key>
			<string>1CAA9256-333E-4F53-BF59-F54984275562</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>RemovableSystemExtensions</key>
			<dict>
				<key>63JU25B8Q7</key>
				<array>
					<string>security.dope.DopeSecurityApp.Redirector</string>
				</array>
			</dict>
		</dict>
	</array>
	<key>PayloadDisplayName</key>
	<string>DopeSecurityApp</string>
	<key>PayloadIdentifier</key>
	<string>DOPE.D66FA254-FEC6-4BBD-80CC-7CFB4A93CF8E</string>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>06FCAA24-ACA8-41C4-9D61-AA4E3BC303BE</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>
​
If you want need a DMG, you can run this command:
hdiutil create -format UDZO -srcfolder dope_security_mac_1.0.6001 dope_1-0-6001.dmg
Billing Details
Using JAMF
Last modified 1mo ago