Java 8 Update 181 LDAP Changes & Jamf Pro Connectivity

Standard

Recently we updated all our datajar.mobi instances to Jamf 10.7.1, for Mojave support.

All went well. Except for a couple of instances where their Jamf Infrastructure Manager was being used as an LDAP Proxy.

Well, turns out this was a change to Java 8 Update 181, which we updated to at the same time. And, that this is an issue not just with Jamf Infrastructure Manager, but could be with LDAPS in general.

Below details these changes, & overcoming this issue.

Continue reading

The Great (caching) Purge

Standard

caching-purge

Earlier tonight, myself & a few others on the #osx-server channel in the macadmins.org Slack started to receive alerts from our macOS Servers running a Caching Service.

Sadly, it was not just the harmless “Caching service unavailable” alerts that you see at times.

Continue reading

iCloud, Spotlight & Login Window issues with JSS 9.9+ & the Security & Privacy profile payload

Standard

configProfile

Recently, myself & a few folks have been dealing with issues from profiles deployed via the JSS.

Kitzy has a workaround for the issues affecting 9.82 & screen savers asking for passwords, here.

This was seemingly fixed in 9.9, but other issues have since cropped up & I’ve detailed them below.

Continue reading

Issues Accessing Airwatch API After 8.3.1.0 Update

Standard

post_airwatch

As mentioned before we have some scripts that access Airwatch’s REST API.

Sadly a recent update to our SaaS instance to 8.3.1.0 lead to our scripts failing.

Below is a little post with the resolution.

Continue reading

10.8.x Clients, JSS 9.73+ API & sslv3 alert handshake failure

Standard

mac-os-x-mountain-lion-imac-macbook-air1

After being nerd sniped by @unknown_err in a channel on the MacAdmins.org Slack, I started writing some client side API scripts.

This lead to an issue with 10.8.x clients connecting to my JSS.

The below is why I saw these SSL errors & a two resolutions, one client side & another server side.

Continue reading

10.11.2: Cannot Enable ARD or VNC if /Library/Application Support/Apple/Remote Desktop is missing

Standard

No-ScreenSharing

A issue was opened recently for AutoCasperNBI, where 10.11.2 NBI’s generated for not accessible over ARD or VNC.

Some digging revealed this this only affected NBI’s with the “Reduce Image Size” option selected.

NBI’s for 10.7.x – 10.11.1 work fine over ARD or VNC with that option selected, so some investigation was needed. Below is the investigative work, but you can also skip straight to the resolution.

Continue reading

Some Mac App Store Apps “Damaged” Prompting For “Redownload”

Standard

AppStore

Early today people launching some Mac App Store purchased apps where greeted with errors upon launching them.

This has been pretty widely reported, & after reading a few other articles I started to panic. After which I wanted to try see how this would affect us Mac admins & if I could help detect affected apps.

Continue reading

ditto: “Operation not permitted” from SIP protected locations on El Capitan

Standard

Terminal

When trying to bring 10.11 support to AutoCasperNBI & AutoImagrNBI I stumbled across an odd issue.

On the flight to JNUC2015 I loaded up my 10.11 GM VM & figured it out.

Incredulous, I double checked this with James Ridsdale, Darren Wallace & David Acland. All of whom were located near me on the flight & all had their various MacBooks out running Keynote, Terminal &/or were running VM’s (spot the IT Crowd).

Below is what I found, steps to reproduce & a link to the bug on Open Radar.

Continue reading

JSS Setting Software Update Server To http://:/index.sucatalog

Standard

SoftwareUpdate

Recently we found that the JSS was setting our clients Software Update Catalog URL to http://:/index.sucatalog.

Well, as detailed previously, we moved from using Software Update servers to Caching.

The move to caching servers actually meant I shot myself in the foot some & caused my own issue. JAMF Support got me things sorted & below is how & my guess work as to what was happening.

Continue reading

Citrix Receiver Error: “You have not chosen to trust “Some CA”, the issuer of the server’s security certificate”

Standard

We recently replaced a the certificate on one of out Citrix Access Gateways, everything went well connecting to the CAG via a PC worked fine, but from a Mac we got the below error message.
Screen Shot 2014-10-26 at 10.44.22Luckily for us, Citrix not only have a solution posted on this issue but also give detail as to why it can occur. The solution can be found here.