This issue of “AD users losing Admin rights when off the Domain” is a wee head scratching moment that comes up from time to time.
Having recently updated the script I use workaround this issue, I decided it was time for a blog post.
The script, an explanation of the script & the issue itself are detailed below.
For a number of years, OS X VMWare Fusion VM’s either hosted locally or on ESXi have supported NetBoot. Rich Trouton has covered this before here & here.
(Incidentally whilst this post refers to VMWare OS X VM’s, you can also NetBoot Parallels OS X VM’s & Kyle Bareis has a post on NetBooting VM’s created with that here.)
On occasion, the odd question still pops up on how to do this. So I’m posting this in the hope of rebroadcasting the message for any that have missed it.
For a number of years now I have used the icons found within the CoreTypes.bundle for dialogs, scripts, slides & Self Service.
I thought it was common practice to use them, but after a few conversations at JNUC2015 it appears I was wrong.
So the below is a quick write up on them.
As blogged here, here & here I’ve had some fun deploying & creating Safari Extensions.
Recently I needed to update our deployed Extension Bar & like a daft person I didn’t follow Apple’s advised Extension update method..
However, past me was not that daft & had already discovered that all that is needed to “update” an existing Extension is to replace it. Which is pretty much what the below script does.
Many thanks to Peter Bukowinski & Erik Berglund for helping me with this in the #bash channel in the macadmins Slack.
Sophos’s Enterprise Anti-Virus 9.2.x has been blogged about a few times & in the Mac Admin space most prominently by Gilbert Palau & Rich Trouton, but here comes another tale & post on the same subject.
Our saga with Sophos Enterprise Anti-Virus 9.2.x started on Feb 27th, which incidentally was the day after they change their installed to an app bundle which Rich had blogged about & at the time Sophos did not have any deployment articles on.
So what did they change & why the pitchforks & stink eye from the Mac Admin community?
Imagr may be the new kid on the Mac imaging block, but for those of us using the Casper Suite it can offer an alternative imaging method with little extra effort.
The post expands upon the above, explaining the niche use cases for Imagr for those of us using the Casper Suite
For a number of years we have used Portfolio as an archive server for old projects to be archived from our various data servers.
This would free up space on those servers, & with the added benefits of using the built-in meta-tagging ability to view cataloged files via a web browser.
With the release of the most recent version, we moved from a Windows 2008r2 VM which was starting to creak under the 20+TB of data we had archived to a Mac Pro 64GB RAM, 1TB SSD & 2x24TB LaCie 8big Rack Thunderbolt 2.
However, a few months in & not all data had been cataloged & the Mac Pro was pretty much idling. So I had a hunt through Portfolio’s various files with Extensis support on the phone & came up with the below locations in which the memory allocation can be amended from the defaults to improve performance by utilising more resources.
As posted by Tim Sutton, the installation of “Security Update 2015-002” on a 10.8.5 or 10.9.5 Mac will leave the /mach_kernel file visible. That’s fine, until someone deletes the file & then can’t boot their Mac.
As ever, Rich Trouton has blogged a method to hide the file via Casper.
However, Rich does love an EA & I’m not so inclined therefore the following is an EA free method to achieve the same end.
On January 29th, Microsoft released Outlook for iOS and Android.
This release has caused somewhat of a stir due to some reported security issues with the app which existed before it’s rebranding from “Accompli”
I’ll be honest, I found a number of the posts on this app to be somewhat alarmist, but a post with the somewhat alarmist title: Warning – Microsofts Outlook app for iOS breaks your company security raised a point that caused me some concern.
This point was: “Shared Exchange ActiveSync ID and device type”
This post will explain why the concern, my findings & how to block “Outlook for iOS and Android” via Exchanges Allow/Block/Quarantine List.
For a number of years I have used the same Imaging workflow, during which time I thought the process was fairly common (with FSTAB being an exception).
However, after speaking to a few fellow Casper Admins it has become clear that my workflow isn’t as common as I thought. So the post below outlines what we do.