dataJAR Tech Series: What’s new with macOS Big Sur and Apple Silicon?

Standard

Last month, I presented at a dataJAR tech series event where I discussed some of the new management features available in macOS Big Sur and how these can affect Mac administration workflows, as well as changes that might trip you up in regards to managing Apple silicon.

The video for the talk and a PDF of the slides, can be found here.

You’ll also find a talk there from Riley Bruce, Security Community Evangelist Manager, Code42 titled “Understanding Insider Risk Management on macOS”

Jamf Pro 10.28.0 and Apple APNs changes

Standard

As forewarned by Apple, Richard Purves and recently one of my dataJAR colleagues Richard Mallion, Apple is making a change to APNs on March 31, 2021.

As detailed within the dataJAR blog post, this change is between MDM servers and Apple and not managed devices.

Since Jamf Pro 10.23.0, there has been a toggle to enable this change to HTTP/2 for APNs communication.

However with Jamf Pro 10.28.0 release earlier this week, Jamf Pro will default to HTTP/2 and if you’re self hosting Jamf Pro this release will flip over the APNs communication to use HTTP/2.

If you’re Jamf Cloud, then this change has already been made for you.

So, this short post is just to bring attention to this change for those that need it.

And if you’d like to know more, for more info see the aforementioned blog post on the dataJAR blog.

iMovie, and the iMovie_27_Sep provisioning profile

Standard

With the recent release of iMovie 10.2.3, an additional surprise item is installed, a provisioning profile.

See below for more information on this provisioning profile, and impact.

Continue reading

jamJAR: Three years on

Standard

During JNUC 2020, dataJAR gave a couple of talks.

My talk was titled “jamJAR: Three years on”, which detailed the evolution of jamJAR and some changes made with the then soon to be released version 2.0.

Below you’ll find a link to the talks video and all other JNUC 2020 videos, a link to the talks GitHub repo and, why this blog post was been delayed.

Read more

Apple Silicon, the softwareupdate binary and password prompts

Standard

With Apple recently releasing macOS 11.0.1, many Mac Admins over at the MacAdmins.org Slack started to see password prompts like the above.

Some digging has revealed that this password prompt is shown when the softwareupdate binary is called, and only on Apple Silicon devices.

Calling the softwareupdate binary is something which we Mac Admins have done for years, and it’s likely folks have workflows in place calling the softwareupdate binary which is then triggering this prompt.

So, what’s the fix? Short term, don’t call the softwareupdate binary on Apple Silicon devices and raise this issue with Apple. 

Longer term? Unsure. There is still documentation around Apple Silicon devices to be posted  by Apple, and until we have documentation we can but guess.

Apple School Manager Terms Update – December 3, 2020

Standard

Looks like my last post was a little premature, as overnight we received emails like the above for Apple School Manager.

Like the Apple Business Manager email received beforehand, this email forewarns of a change to the Apple School Manager terms on December 3, 2020.

This time, however, the email was from a more expected address (no-reply@email.apple.com), and the email contained no link to the terms for review beforehand.

Digging around though, the PDF may possibly be found here.

Anyway, if you are an Administrator of an Apple School Manager instance mark down a little task on December 3, 2020 to approve these new terms.

If you don’t agree to the terms in a timely manner, you’re likely to see issues with ADE/DEP as detailed previously.

Apple Business Manager Terms Update – December 3, 2020

Standard

If you have an account which is an Administrator of an Apple Business Manager instance, you might receive or soon receive an email like the above.

This email does seem legit, (despite coming from “noreply@me.com” where previous came from “no-reply@apple.com”), and I expect the process if not agreed to be the same as six months ago.

One nice change is that this time the email contains this link, which allows you to get the new terms in a PDF for review ahead of time.

So, pass this along to your legal teams as needed and mark down a little task on December 3, 2020 to approve these new terms.

Blocking macOS Big Sur

Standard

As forewarned in my prior post, here’s a post detailing methods to block tof macOS Big Sur.

In truth, the majority of this post will be rehashing items mentioned in previous post titled: Blocking macOS Catalina with Jamf Pro.

But there are a couple of amendments, with most not being Jamf Pro specific.

Continue reading

On Managed Software Updates for macOS

Standard

In starting to write a blog post on how to block and delay the latest macOS release, I realised that the subject of delaying updates via Managed Software Updates was probably worthy of its own post.

This its that post, see below the break for details.

Continue reading

Project Updates – October 2020

Standard

Other the past month, all of the dataJAR open source projects have received updates.

See below for details on these updates.

Continue reading