Mac, Dev and Ops: The calm before the storm

Standard

Tomorrow I’ll be presenting at my first MacDevOpsYVR.

Mat and JD invited myself and fellow London Apple Admin attendee, host, speaker and MacDevOpsYVR 2021 presenter Piero, onto the MacDevOpsYVR Podcast for a chin wag.

The podcast can be found here, if you want to listen to the other folks chatting and me prattling on.

At the time of writing, tickets are still available for MacDevOpsYVR 2021 and can be purchased from here.

The schedule can be found here, and starts today June 9th.

See you there!

MacDeployment 2021: Administering Apple Silicon

Standard

Yesterday, it was my honour to remotely speak at MacDeployment 2021, on the subject of Administering Apple Silicon.

And amazingly, all the talks from MacDeployment 2021 are already available online! (in fact, they were available soon afterwards).

A link to the video, slide deck, GitHub repo and links to the other videos etc from MacDeployment 2021 can be found below.

Many thanks to the MacDeployment 2021 team for the great event.

Psst if you watch the video and get to the last section, please check the macOS Big Sur 11.5 beta release notes on Appleseed for IT.
Continue reading

dataJAR Tech Series: What’s new with macOS Big Sur and Apple Silicon?

Standard

Last month, I presented at a dataJAR tech series event where I discussed some of the new management features available in macOS Big Sur and how these can affect Mac administration workflows, as well as changes that might trip you up in regards to managing Apple silicon.

The video for the talk and a PDF of the slides, can be found here.

You’ll also find a talk there from Riley Bruce, Security Community Evangelist Manager, Code42 titled “Understanding Insider Risk Management on macOS”

Jamf Pro 10.28.0 and Apple APNs changes

Standard

As forewarned by Apple, Richard Purves and recently one of my dataJAR colleagues Richard Mallion, Apple is making a change to APNs on March 31, 2021.

As detailed within the dataJAR blog post, this change is between MDM servers and Apple and not managed devices.

Since Jamf Pro 10.23.0, there has been a toggle to enable this change to HTTP/2 for APNs communication.

However with Jamf Pro 10.28.0 release earlier this week, Jamf Pro will default to HTTP/2 and if you’re self hosting Jamf Pro this release will flip over the APNs communication to use HTTP/2.

If you’re Jamf Cloud, then this change has already been made for you.

So, this short post is just to bring attention to this change for those that need it.

And if you’d like to know more, for more info see the aforementioned blog post on the dataJAR blog.

iMovie, and the iMovie_27_Sep provisioning profile

Standard

With the recent release of iMovie 10.2.3, an additional surprise item is installed, a provisioning profile.

See below for more information on this provisioning profile, and impact.

Continue reading

jamJAR: Three years on

Standard

During JNUC 2020, dataJAR gave a couple of talks.

My talk was titled “jamJAR: Three years on”, which detailed the evolution of jamJAR and some changes made with the then soon to be released version 2.0.

Below you’ll find a link to the talks video and all other JNUC 2020 videos, a link to the talks GitHub repo and, why this blog post was been delayed.

Read more

Apple Silicon, the softwareupdate binary and password prompts

Standard

With Apple recently releasing macOS 11.0.1, many Mac Admins over at the MacAdmins.org Slack started to see password prompts like the above.

Some digging has revealed that this password prompt is shown when the softwareupdate binary is called, and only on Apple Silicon devices.

Calling the softwareupdate binary is something which we Mac Admins have done for years, and it’s likely folks have workflows in place calling the softwareupdate binary which is then triggering this prompt.

So, what’s the fix? Short term, don’t call the softwareupdate binary on Apple Silicon devices and raise this issue with Apple. 

Longer term? Unsure. There is still documentation around Apple Silicon devices to be posted  by Apple, and until we have documentation we can but guess.

Apple School Manager Terms Update – December 3, 2020

Standard

Looks like my last post was a little premature, as overnight we received emails like the above for Apple School Manager.

Like the Apple Business Manager email received beforehand, this email forewarns of a change to the Apple School Manager terms on December 3, 2020.

This time, however, the email was from a more expected address (no-reply@email.apple.com), and the email contained no link to the terms for review beforehand.

Digging around though, the PDF may possibly be found here.

Anyway, if you are an Administrator of an Apple School Manager instance mark down a little task on December 3, 2020 to approve these new terms.

If you don’t agree to the terms in a timely manner, you’re likely to see issues with ADE/DEP as detailed previously.

Apple Business Manager Terms Update – December 3, 2020

Standard

If you have an account which is an Administrator of an Apple Business Manager instance, you might receive or soon receive an email like the above.

This email does seem legit, (despite coming from “noreply@me.com” where previous came from “no-reply@apple.com”), and I expect the process if not agreed to be the same as six months ago.

One nice change is that this time the email contains this link, which allows you to get the new terms in a PDF for review ahead of time.

So, pass this along to your legal teams as needed and mark down a little task on December 3, 2020 to approve these new terms.

Blocking macOS Big Sur

Standard

As forewarned in my prior post, here’s a post detailing methods to block tof macOS Big Sur.

In truth, the majority of this post will be rehashing items mentioned in previous post titled: Blocking macOS Catalina with Jamf Pro.

But there are a couple of amendments, with most not being Jamf Pro specific.

Continue reading