krypted.com

Tiny Deathstars of Foulness

You can easily create a backup of an iOS device using Apple Configurator. Once you’ve created a backup, it can be restored onto a number of devices. This contains iOS data and data outside of the secure enclave. These backups allow you to restore an iOS device, add apps (not using the backup), set backgrounds, set app locations on the home screen, etc.

To do so, open Apple Configurator and then click on the Prepare icon.

Screen Shot 2015-08-15 at 12.02.27 AM

At the Prepare screen, click into the Restore field and then click on the Create Backup button.

Screen Shot 2015-08-15 at 12.02.31 AM

At the pop-up menu, select the device you’re backing up (usually there’s only one) and then click on the Create Backup button.

Screen Shot 2015-08-15 at 12.02.41 AM

Then choose the location you’d like to place the backup file.

Screen Shot 2015-08-15 at 12.04.14 AM

Click Save and the backup starts.

Screen Shot 2015-08-15 at 12.04.30 AM

Once the backup is complete, you will have an iosdevicebackup file in the location you saved the file to. This is stored on the iOS device and can then be restored to other devices.

August 15th, 2015

Posted In: Apple Configurator, iPhone

Tags: , , , , ,

2 Comments

You may have noticed a few new articles on Apple Configurator 1 recently (which isn’t assuming anyone actually notices what I’m writing about). While preparing for the massive change that is Apple Configurator 2, I’ve taken the liberty to put a page up compiling many of my articles that align into a guide on Apple Configurator 1, to offer up an outline for what I’ll be working on for Apple Configurator 2. This guide is now available at http://krypted.com/guides/apple-configurator/.

August 13th, 2015

Posted In: Apple Configurator, iPhone

Tags: , , , , ,

There’s a quick and easy IT Business Edge slideshow at http://www.itbusinessedge.com/slideshows/the-5-mobile-apps-you-really-need-for-smb-success.html that I helped with about 5 Mobile Apps You Really Need for SMB Success.

Screen Shot 2015-08-10 at 2.55.35 PM

Hope you enjoy!

August 10th, 2015

Posted In: Bushel, iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Network Infrastructure

Tags: , , , ,

Little article I/Bushel contributed to from Tech Republic covering considerations for small businesses looking to move to the Apple platform. It’s available at http://www.techrepublic.com/article/5-considerations-for-smbs-that-want-to-move-to-apple/#ftag=RSS56d97e7.

Screen Shot 2015-08-10 at 3.01.19 PM

August 9th, 2015

Posted In: Articles and Books, Interviewing, iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , ,

So one of the projects I’m very involved in is a simple, new Apple Device Management (or MDM really) solution, called Bushel. By default, we give people 3 devices for free. If you’re in a position to refer people to Bushel, you can also use links that you send to people that will get you even more free devices (up to 10).

But some people want to sell things and earn commissions from them. And we fully support that. So you can become a Bushel affiliate and earn commissions from any referrals you send us.

Screen Shot 2015-07-09 at 4.39.37 PM

To sign up to become a Bushel affiliate at http://www.bushel.com/affiliates. There, you can find links to refer customers/friends, marketing assets if you want to use our logos and see commissions that you’re earning. So… Join us and sell our stuff; we’d love to have you!

June 16th, 2015

Posted In: iPhone, Mac OS X, Mac OS X Server, Mass Deployment

Tags: , , , ,

Apple’s Volume Purchase Program allows you to export a VPP token and then import that token into a server to create a connection between an MDM solution (e.g. Bushel, Apple’s Profile Manager, Casper, etc) and apps you purchase through the VPP portal. But what’s in a token? The VPP token is a base64 encoded file. You can cat the file and it will show you a bunch of garbly-gook (technical term):

base64 --decode /Users/charlesedge/Desktop/kryptedcom.vpptoken

But there’s more to it than all that. We can run the base64 command to see:

base64 --decode /Users/charlesedge/Desktop/kryptedcom.vpptoken

In some cases, this file can display improperly, if it fails use the following command:

echo `cat /Users/charlesedge/Desktop/kryptedcom.vpptoken` | base64 --decode

The contents of the file are then displayed, as follows:

{"token”:”AbCDe1f2gh3DImSB1DhbLTWviabcgz3y7wkDLbnVA2AIrj9gc1h11vViMDJ11qoF6Jhqzncw5hW3cV8z1/Yk7A==","expDate":"2015-07-03T08:30:47-0700","orgName”:”Krypted.com"}

This is a comma separated set of keys, including token, expedite and orgName. Do not edit any of this or you may spontaneously combust. The token establishes the trust but the expiration date will show you when a vpptoken expires and will need to be renewed by. The orgName is what you entered in the VPP portal when you setup the account and is also escaped and then used as the file name. These two pieces of data can help you if you have a bunch of vpptokens that you need to keep track of.

May 19th, 2015

Posted In: iPhone

Tags: , , , , , , ,

Verbose logging can help you isolate a number of problems with Profile Manager. Turn on verbose logging by writing a debugOutput key with a value of 3 into /Library/Preferences/com.apple.ProfileManager.plist using the defaults command:

defaults write /Library/Preferences/com.apple.ProfileManager debugOutput 3

Once set, restart the daemon using killall:

killall -u _devicemgr

To disable, just write the key with a blank value:

defaults delete /Library/Preferences/com.apple.ProfileManager debugOutput

Then restart the daemon again:

killall -u _devicemgr

May 1st, 2015

Posted In: iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , ,

Bushel is a Mobile Device Management (MDM) solution. We can manage all kinds of cool things, but there are a few things we can’t do. These include:

  • Controlling where app badges are on screens
  • Enrolling without first entering a wi-fi password
  • Supervising devices that aren’t managed using Apple’s Device Enrollment Program (DEP)
  • Updating iOS devices (iPads, iPhones, iPod Touches) to the latest operating system

Apple Configurator can do many of these tasks, but has limitations. There’s a tool out there called GroundControl. GroundControl is super-simple to use, like Bushel. GroundControl can deploy a backup to a device, which is how it controls where badges are on screens. GroundControl can also provide the wi-fi credentials to get on a network, places devices into supervision (so Bushel can easily manage Activation Lock Bypass on non-DEP enabled devices), and can erase and update devices. In short, GroundControl closes a lot of the gaps we have. On the flip side, GroundControl cannot manage settings over the air, which is what Mobile Device Management is all about.

So let’s look at what all this looks like. Before we get started, if you’re going to follow along, know that you’ll need to wipe an iOS device in order to supervise the device, which GroundControl will want to do by default. And when we’re done, if you want to unsupervise your test device, you’ll need to wipe it as well. So, get a GroundControl account and login. Once logged in, we’ll create a Payload, associate it with a Launchpad and create a Policy to deploy it. The payload is a collection of all the tasks you’ll perform on a device. Click Payloads and then New Payload, to create your first payload. When prompted, use the “Add an item…” button to add tasks to what a given payload will do.

Screen Shot 2015-04-14 at 9.00.44 AM

In this example, we’ve uploaded a Backup. and will now add a Restore from Backup task.

Screen Shot 2015-04-14 at 9.01.08 AM

Then choose an image to restore or use the Upload new Restore Image option to upload a new one.

Screen Shot 2015-04-14 at 9.01.26 AM

Next, we’re going to add a Wi-Fi payload so that our devices will automatically join our wireless networks. To do so, use the Add WiFi button in the “Add an Item…” menu. When prompted, provide the information for your wireless network, or upload a profile with the information in it.

Screen Shot 2015-04-14 at 9.01.52 AM

When you have entered all of the required information for your wireless network, click Save. Then let’s add an enrollment profile, which will automatically enroll devices into Bushel. To do so, open your Bushel account and click on Enroll this device. When prompted, provide a name and email address and then click on the button to Download Configuration Profile.

Screen Shot 2015-04-14 at 1.34.54 PM

When the profile downloads, use the “Add an Item…” menu back in the GroundControl web interface and select “Add Configuration Profile.” Here, choose Upload new Configuration Profile in the Add Configuration Profiles screen.

Screen Shot 2015-04-14 at 9.02.21 AM

When prompted, select the profile you just downloaded.

Screen Shot 2015-04-14 at 9.02.32 AM

Back at the Configuration Profiles screen, click on Save. Then, click Save Payload to save the changes you just made to your payload. Next, click LAUNCHPADS in the top menu bar. Here, click Download LaunchPad Mac 1.7.1 (or whatever version you see once a new one is released). Once downloaded, run and click on the button to Start Service.

Screen Shot 2015-04-14 at 1.42.52 PM

Once started, you’ll see the LaunchPad listed in the web interface.

Screen Shot 2015-04-14 at 9.03.17 AM

Click on your LaunchPad.

Screen Shot 2015-04-14 at 9.03.32 AM

Click on Edit LaunchPad. At the Edit Launchpad screen, choose the appropriate timezone and provide any tags that might be needed. You can also use the Name field to define which station that a given launchpad might run on.

Screen Shot 2015-04-14 at 9.03.50 AM

Click Save and then click on Policies. The policy binds the payload to the launchpad. Here, we’ll use the default. click on it to

Screen Shot 2015-04-14 at 9.04.08 AM

At the Select a Default Payload screen, select the payload you just created and then click Save.

Screen Shot 2015-04-14 at 9.04.17 AM

With the GroundControl Launchpad screen open, make sure the service is started and then plug in an iPad that is wiped and not yet activated into the system.

Screen Shot 2015-04-14 at 9.04.44 AM

The device should skip activation, install your backup (aka image) and then apply the payloads you’ve configured. The end result should be a device enrolled into Bushel, complete with email, security settings and more.

Overall, we find that Bushel is perfectly useable as a standalone tool. And we find that Apple Configurator can be a great tool according to what you need. But as Bushel makes it easier to own devices for Non-IT device administrators than does Profile Manager, GroundControl makes it easier to setup a lot of devices than does its free alternative. If you’ll be working with a lot of iOS devices, then we couldn’t recommend GroundControl more!

April 14th, 2015

Posted In: Bushel, iPhone

Tags: , ,

I recently got the announcement of the new official Microsoft Office Accreditation through MacTech. I was lucky enough to sit in on the previous version of this, so thought I’d push out the information on it. It’s attached to the MacTech Pro Events that MacTech has been running:

MacTech_Pro_Events-150

As you know, Microsoft released a public preview of Office 2016 for Mac. MacTech and Microsoft have created a new accreditation for Apple techs called “Microsoft Office for Mac and iOS Accredited Support Professional, 2015.” Prior to the public Office 2016 announcement, we did a preview of this new course under NDA in Seattle earlier this month.

We’re now announcing the new accreditation — which covers not only Office for Mac (2011 and 2016), but also Office for iOS and Office 365. In short, anyone that supports others using Microsoft Offie on OS X or iOS should get attend and get this accreditation.

If you’re interested, check it out here http://pro.mactech.com/microsoft-office-accreditation/

PS – You can actually hear Neal’s voice when you read it! 😉

March 20th, 2015

Posted In: certifications, iPhone, Mac OS X, Microsoft Exchange Server

Tags: , , , , ,

The latest book, Learning iOS Security is now available on Amazon, Packt, etc. One of my better writing experiences, so thanks to all for making it so! Buy it here, if you’re into iOS Security and all that kind of fun stuff.

Screen Shot 2015-03-03 at 9.34.27 AM

March 3rd, 2015

Posted In: Articles and Books, iPhone

Next Page »