Slides from the “MDM: From “Nice to Have” To Necessity” session at...
For those who wanted a copy of my MDM talk at the MacDeployment 2019 conference, here are links to the slides in PDF and Keynote format. PDF – https://tinyurl.com/MacDeploy2019PDF Keynote –...
View ArticleClik here to view.
Managing macOS Mojave’s FileVault 2 with fdesetup
Since its initial release in OS X Mountain Lion 10.8.x, Apple’s main tool for managing FileVault 2 encryption has been fdesetup. With the transition from managing Core Storage-based encryption on HFS+...
View ArticleZoom vulnerability and remediation script
Zoom is a popular video conferencing suite which is used by a number of shops because it provides a consistent cross-platform experience. Recently, it was discovered that Zoom was setting up a local...
View ArticleSlides from the “Installer Package Scripting” session at Penn State MacAdmins...
For those who wanted a copy of my installer scripting talk at Penn State MacAdmins 2019, here are links to the slides in PDF and Keynote format. PDF – https://tinyurl.com/PSUMacAdmins2019PDF Keynote –...
View ArticleClik here to view.
Checking if Apple’s Zoom remediation update has been installed on your Mac
As part of the Zoom vulnerability issue, further problems have been discovered as security researchers look into the local webserver installed by older versions of the Zoom app for macOS. RCE Alert!...
View ArticleZhumu vulnerability and remediation
As more security researchers look into the Zoom vulnerability issue, it now appears that Zhumu (Zoom’s affiliate for China) has a client for macOS with the same local webserver vulnerability as that...
View ArticleAdditional Zoom remediation from Apple via MRT
Apple had released an MRT update on July 12th to cover the vulnerabilities disclosed for Zoom and RingCentral , but then additional Zoom variants popped up on the radar. To fix all of the variants,...
View ArticleClik here to view.
Suppressing Microsoft AutoUpdate’s Required Data Notice screen
Suppressing Microsoft AutoUpdate’s Required Data Notice screen As part of the latest update to Microsoft AutoUpdate app, a new screen has appeared which requires the logged-in user to click on it. This...
View ArticleClik here to view.
Building customized postinstall scripts for AutoPkg recipes
As part of some recent work, I needed to build a deployable installer package for an application named Zscaler. This application does not use an installer package, nor can it be installed as a...
View ArticleClik here to view.
Enabling debug logging for the JAMFSoftwareServer log on Jamf Pro limited...
As part of working on an issue with Jamf Support, I needed to enable debug logging for the JAMFSoftwareServer.log log file on my Jamf Pro server. This is normally a pretty straightforward process: 1....
View ArticleSession videos now available from Penn State MacAdmins Conference 2019
The good folks at Penn State have posted the session videos from Penn State MacAdmins Conference 2019. The sessions slides are all accessible from the Penn State MacAdmins’ Resources page at the link...
View ArticleClik here to view.
The Jamf Pro Push Proxy service, service token renewal and Jamf Nation...
Jamf Pro has the ability to push notifications to devices with Self Service installed. This function is enabled using a Jamf-specific service known as the Jamf Push Proxy. To enable this service to...
View ArticleClik here to view.
Monitoring Jamf Infrastructure Managers on Red Hat Enterprise Linux
A vital component of a Jamf Pro server setup is usually its LDAP connection to a directory service (usually an Active Directory server.) This connection allows the Jamf Pro server to not only leverage...
View ArticleApple Device Management book now available for pre-order from Amazon
Over the past year, I’ve been working with my colleague Charles Edge on a new book and I’m delighted to announce it’s now available for pre-ordering on Amazon: That book that @rtrouton and I wrote for...
View ArticleClik here to view.
Disable screenshots and screen recordings on macOS Mojave
In certain circumstances, like taking school tests or handling sensitive documents, it may be necessary to disable the ability to create screenshots or make screen recordings. For those who need to do...
View ArticleClik here to view.
Creating macOS configuration profiles with encrypted payloads
Recently, I was asked to create a configuration profile with an encrypted payload. This is a payload where the settings installed by the profile are not readable when you look at the .mobileconfig...
View ArticleClik here to view.
Identifying Self Service policies with blank descriptions
As part of setting up Self Service policies in Jamf Pro, it’s nice to include a description for your customers of what they’re getting when they select a particular Self Service policy. However,...
View ArticleClik here to view.
Google Keystone update breaks Macs’ ability to boot if System Integrity...
On the evening of Monday, September 23rd, a number of film and TV editors started reporting that their workstations were not rebooting successfully. The problem was initially blamed on the Media...
View ArticleClik here to view.
Notarization on macOS Catalina and IT auditing
One of the changes Apple is introducing in macOS Catalina is the notarization requirement for code in the following categories: All apps signed after June 1st, 2019 Signed executable code which are...
View ArticleClik here to view.
Downloading macOS Mojave from the Mac App Store
Now that macOS Catalina has been released, it’s become more difficult to access the macOS Mojave installer for those who still need it. Fortunately, Mojave has not been removed from the MAS and it is...
View Article