Hi all,

Since the release of macOS Catalina I have mixed feelings about using a VM to test macOS deployments. First of all there is the performance. Even on a high end Macbook Pro it feels a bit slow, but more problematic is the inconsistent behaviour I see from time to time.

A few, non-exhaustive examples are:

  • Inconsistent behaviour with Setup Assistant showing or hiding screens you select in the Jamf Pro pre-stage
  • Enrolment customisation not passing user info correctly to Jamf Connect
  • FileVault deferral issues like deferring the _mbsetupuser

Depending what you are testing, this may all be ignorable glitches, but still things to keep in mind. As general advise I’d always crosscheck your testing on a physical machine before putting anything into production, especially when you see some weird behaviour.

That said, I still wanted to test the creation of a Big Sur VM, and to do so I started with VMWare Fusion 12.

I basically followed the exact same workflow as my earlier post on VM’s and Automated Enrolment, which all seems to work fine. Except one glitch which I think VMWare is aware of: Fusion 12 fails to create the installation medium when you select the macOS Big Sur Installer:

I’ve ran into this issue in the past, where are reboot of the host Mac fixed it, but not this time. To work around this I had to create an ISO file from the installer and use that to create the VM in Fusion 12:

hdiutil create -o /tmp/BigSur -size 17000m -volname BigSur -layout SPUD -fs HFS+J

hdiutil attach /tmp/BigSur.dmg -noverify -mountpoint /Volumes/BigSur

sudo /Applications/Install\ macOS\ Big\ Sur.app/Contents/Resources/createinstallmedia --volume /Volumes/BigSur --nointeraction

sudo hdiutil detach /Volumes/Install\ macOS\ Big\ Sur -force

==> Or force eject the mounted installer volume in Finder (Thanks Kevin for reminding me about the -force option)

hdiutil convert /tmp/BigSur.dmg -format UDTO -o ~/Desktop/BigSur.cdr

mv ~/Desktop/BigSur.cdr ~/Desktop/BigSur.iso

Now, use that .iso instead of selecting the original installer:

Do NOT click ‘Finish’, click ‘Customize Settings’ instead and save the VM where you want. This will make sure that the VM does not automatically boot when it’s fully created.

Once the VM is created you will be presented with the following window, do not click ‘play’, do not boot the VM yet!

Instead go to the location of the VM file in Finder and ctrl-click to select ‘Show Package Content’:

Next, edit the .vmx file with your preferred text editor:

And just like in my previous post (and also for macOS Catalina), I only had to add the following keys to make a VM which can do Automated MDM Enrolment and enrol correctly into Jamf Pro:

serialNumber.reflectHost = "FALSE"
serialNumber = "C02N49ZVXXXX"
hw.model.reflectHost = "FALSE"
hw.model = "MacBookAir6,1"
smbios.reflectHost = "FALSE"

Replace the serialNumber with an existing serialnumber in your ABM/ASM, and match the hw.model. Make sure not to leave any empty lines, and check for typo’s!

Save the file.

At this point you are ready to boot the VM for the first time, but let’s first disable network connectivity!

To avoid issues with assigning the VM to a different prestage later, put your host Mac offline or disable the Network Adapter in the network settings of the VM before proceeding. This to avoid the VM talking to Apple when it reaches the 'select your country' screen with internet connectivity.

Once network connectivity has been disabled we can proceed and start our VM again:

To be 100% sure it all worked fine, I did wipe the virtual drive via Disk Utility, but it should not be required.

Next, I installed macOS, waited till the VM rebooted and presented me the first setup screen to select my country…

STOP ! Here we SHUT DOWN the VM again: VMWare Fusion>Menu>Virtual Machine>Shut Down

This to make sure the Serial Number is retained.

Make a snapshot here! This will allow you to re-use the same VM again, and because we disabled the network connectivity you should also be able to re-assign it easily to another prestage!

After shutting it down and taking a snapshot, re-enable network connectivity now and start the VM again. Now it should pickup the prestage as it will immediately talk to Apple. Make sure to set the network adapter to ‘bridge’ mode! This to avoid double-NAT, as this made my VM skip the automated enrolment… Obviously, also make sure the serial number you used is correctly assigned to a prestage in Jamf Pro and the prestage has synced with Apple.

That’s it! A VM with macOS Big Sur doing Automated MDM enrolment!

As always, if you liked the post, hit the like button, tell your friends about it and leave a comment down below!

Brgds,
TTG