Hands-Off Authorization for Deployment Systems
Multi-seat licenses of Ableton Live now offer administrators the ability to package and deploy Live to client machines via MDM, without the need to manually authorize Live on each client computer. This “Hands-Off” method significantly reduces IT overhead and streamlines the deployment process.
What is Hands-Off Authorization?
How to use Hands-Off Authorization
Configurable script options
Troubleshooting
What is Hands-Off Authorization?
This deployment method includes running a post-installation script that will launch Ableton Live once using a special command-line argument on each target machine. After the initial launch, Live should be authorized for all users on any machine where this post-installation script has been run.
How to use Hands-Off Authorization
- On the institution’s Ableton.com Account page, select the relevant multi-seat license in the License dropdown chooser. Click “Generate new token.”
- Copy the generated token to your clipboard.
- Direct downloads of the post-installation scripts for macOS and Windows are available via this link: https://downloads.ableton.com/support/Hands_Off_Authorization.zip
- On macOS, use the script named authorize-live12.sh
- On Windows, use the script named authorize-live12.bat - Open the post-installation script for your operating system, and edit the Edition, Version, Token, and LogFilesDir values as appropriate (see “Configurable script options” below).
- Check that everything looks correct in the deployment package, and configure the package to run the post-installation script as administrator after installation. The script will create shared Unlock and Preferences folders, then will launch the Live application, passing the authorization token via a command-line argument to authorize the software. After a few seconds, Live will close automatically and will be authorized for all users on the machine.
Note: Live will run as a graphical application during the authorization step. This may not be possible if no user is logged in when the post-installation script runs. You may have to configure your deployment to temporarily log in during deployment, or to run the post-installation script once when the first user logs in.
Configurable script options
Setting the right edition
The Edition value should be set to one of the following, according to your license:
- Ableton Live 12 Suite
- Ableton Live 12 Standard
- Ableton Live 12 Intro
macOS
EDITION=Ableton Live 12 Suite
Windows
set EDITION=Ableton Live 12 Suite
Setting the right version
The version is shown either on your account page from where you download Ableton Live, or at the bottom of the splash screen when the software starts up.
macOS
VERSION=12.0.20
Windows
set VERSION=12.0.20
Setting the token
Use the token that you copied from your account page (see above).
macOS
TOKEN=hhu2epdmmj77tucr
Windows
set TOKEN=hhu2epdmmj77tucr
Note: If your MDM system supports parameters, you can use these to inject the token into the script, which may help prevent anyone from retrieving the token on the target machines (Ableton Live doesn’t log or save the token, but the deployment system may leave this script or other temporary files around).
Setting a logging directory
During authorization, Live will write diagnostics information to a file called Log.txt. This file is usually located in the current user’s home directory (i.e. the user executing the post-installation script), but this may not always be practical or possible.
You can specify a different directory where you will be able to easily locate the file in case of issues. Leave empty to let Live output the log file in its default location.
macOS
LOGFILESDIR=/var/tmp/AbletonLogFiles/
Windows
set LOGFILESDIR=C:\Temp\AbletonLogFiles\
Troubleshooting
If Live is not authorized at the end of the process, the script will exit with an exit code of 1, passing the error to your MDM.
To resolve this:
- Check that you’ve set the correct edition, version, and token in the post-installation script.
- On the target machine, examine the Log.txt file for errors. In particular, search for lines containing the string ERROR:licensing, where you may find more information.
If Live can't start because the script is running when the login screen is showing, two solutions may solve the issue:
- Try configuring your deployment to temporarily log in prior to installing and authorizing Live.
- Alternatively, try configuring your deployment to run the post-installation script once when a user logs in (they may see Live showing up for a few seconds). If the script runs with administrator privileges, it should still be authorized for all users afterward.
Notes:
- For macOS only, If Live is deployed and the post-installation script runs while in Rosetta Mode on an Apple Silicon machine, but then users launch Live natively, Live’s authorization code will be different, and thus Live will prompt users for authorization.
- Auto-updates to Live are not compatible with the multi-user configuration, so the scripts include the Options.txt entry -_DisableAutoUpdates in order to disable automatic updates. Manual updates can be applied as needed by downloading the updated Live version from the administrator Ableton.com Account and deploying it to the client machines. The authorization token and post-installation script are unnecessary for deploying updates.
- The authorization token is only necessary during the initial deployment. Once the software has been authorized, the token is irrelevant and can be revoked on the Ableton.com Account page, if desired. Revoking the token does not stop Live from working on already authorized machines, but it could ensure that the token is not used to authorize Live on machines not under your administration.