MacBlog

04 February 2018 – 3 minute read

Express Setup, Location Services, Time Zone, and High Sierra

I recently ran into a snag with our Device Enrollment Program (DEP) workflow. Users were not being prompted to enable Location Services to automatically set the time zone, nor was the explicit Time Zone selection screen displayed during Setup Assistant.

The result was that devices wound up configured with the default Cupertino, CA location, and a Pacific time zone. We’re on the East coast – so we’d have to script a change of settings, or worse, have the user manually modify them.

As it turns out, this is an effect of the new “Express Setup” option in macOS High Sierra.

Continue reading ❭

30 January 2018 – 6 minute read

Automatically Renaming Computers from a Google Sheet with Jamf Pro

In a post-imaging, DEP-only world, maintaining your organization’s computer naming convention can be a challenge.

We can ease the pain with a little bit of Python, some clever interaction with the jamf binary, and a remotely-hosted Google Sheet.

Continue reading ❭

08 January 2018 – 8 minute read

Wait, is my Mac Up to Date?

So you’ve trained your users to use Jamf Pro’s Self Service to install third-party software, but how can we encourage users to self-manage macOS operating system updates?

Let’s create a user-centric, Self Service workflow for checking the status of available software updates.

Continue reading ❭

11 December 2017 – 7 minute read

Integrating DetectX Swift with Jamf Pro for Scheduled Malware Scanning

Sqwarq’s DetectX is an amazing shareware security tool that checks your Mac for malware, keyloggers, adware and potentially unwanted programs.

Recent updates to DetectX add the ability for administrators to initiate a scheduled scan from a management platform.

Neat! Let’s integrate it with Jamf Pro to scan and report on your fleet.

Continue reading ❭

06 December 2017 – 4 minute read

Creating a Naming Scheme for Jamf Pro

For maintaining a consistent, repeatable and intuitive administrative workflow, you need a naming scheme for objects in your Jamf Pro Server.

Here’s my take on a good strategy.

Continue reading ❭

29 November 2017 – 3 minute read

Off Root

Some quick notes on yesterday’s root privilege escalation vulnerability. Apple Released a Fix Security Update 2017-001 was released around 8am PST on November 29, 2017. This update resolves the issue leading to the privilege escalation. Installing the update recompiles and reinstalls opendirectoryd. The update does not require a reboot. The update also disables root again. While waiting on this fix, the smart move was to enable root and configure a strong password on the account.

Continue reading ❭

28 November 2017 – 3 minute read

On Root

Today was a very bad day for Apple. @lemiorhan tweeted a severe security vulnerability affecting all current versions of macOS High Sierra. A simple procedure allowed any user to perform a trivial root privilege escalation. Yikes. So how do we mitigate it?

Continue reading ❭