Category Archives: Mass Deployment

Mac OS X Mac OS X Server Mac Security Mass Deployment Network Infrastructure

Simple Preflight and Sanity Checking in Scripts

I was recently building some preflight scripts and was looking to record some information about a machine live, before proceeding with a script. I found the cheapest way to determine information about architectures and chipsets when scripting preflight scripts for OS X to be the arch and machine commands respectively. For example, to verify the architecture is i386, use the arch command with no options:

/usr/bin/arch

Which simply outputs “i386”:

i386

To check the machine type, simply use the machine command:

/usr/bin/machine

Which outputs as follows:

x86_64h

Mac OS X Mac OS X Server Mac Security Mass Deployment Network Infrastructure Programming Ubuntu Unix

Opposite Day: Reversing Lines In Files

The other day, my daughter said “it’s opposite day” when it was time to do a little homework, trying to get out of it! Which reminded me of a funny little command line tool called rev. Rev reads a file and reverses all the lines. So let’s touch a file called rev ~/Desktop/revtest and then populate it with the following lines:

123
321
123

Now run rev followed by the file name:

rev ~/Desktop/revtest

Now cat it:

cat !$

Now rev it again:

rev !$

You go go forward and back at will for fun, much more fun than homework… Enjoy!

Mac OS X Mac OS X Server Mac Security Mass Deployment

Refresh OS X CRLs

I recently found an existing image with a lot of stale crl information. We couldn’t rebuild the image, so we decided to instead refresh all of the crl information. This information is stored in /var/db/crls/crlcache.db. Deleting the file turned out to be problematic so we needed to clear items out of the tables instead. While this could be done using a few different tools, it turns out there’s a command built into os x to take care of this process for us called crlrefresh.

To use crlrefresh to clean up stale crlinformation and fetch new crlinformation for all CRL and certificates, use:

crlrefresh rpvv

Active Directory Mass Deployment Microsoft Exchange Server VMware Windows Server Windows XP

Enable AutoAdminLogon For Windows Deployments

There are 3 registry keys that admins in the Windows world use to enable automatic logins, often required for deployments that require a logged in user to setup user environments, such as configuring app deployments as part of a mass deployment.

The required keys in the registry are:
read more »

Bushel iPhone Mass Deployment

How To View What Payloads Do To Devices

You can see exactly what Bushel, and other MDM platforms do to your OS X devices using the System Information utility. As with all Mobile Device Management (MDM) solutions that interface with OS X, you can use the About this Mac menu item under the Apple menu at the top of the screen to bring up the System Information utility. When you open this tool, you will see a lot of information that can be derived about your devices. Scroll down the list and click on Profiles. Here, you will see all of the Device and User profiles that have been installed on your computer, the payloads within each profile and the keys within each payload.

Screen Shot 2014-12-01 at 12.00.11 PM

Inside each profile there are a few pieces of information that define how the profile operates on the computer. Click on one to see the specific details for each Payload. Payloads are a collection of settings that a policy is changing. For example, in the above  screenshot, allowSimple is a key inside the com.apple.mobiledevice.passwordpolicy payload. This setting, when set to 1 allows simple passcode to be used on the device. When used in conjunction with the forcePIN key (as seen, in the same payload), you must use a passcode, which can be simple (e.g. 4 numeric characters).

Using these settings, you can change a setting in Bushel and then see the exact keys in each of our deployed payloads that changed when you change each setting. Great for troubleshooting issues!

Bushel iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment

Bushel Goes Into Invitation Mode!

Yesterday the Bushel team finished some new code. This code allows you to refer your friends to Bushel! This skips the codes that everyone was waiting for and lets people create accounts immediately!

Screen Shot 2014-11-24 at 10.07.02 PM

From your home screen, click on Invite Friends. Or from the Account screen, scroll down to the section that says “Invite friends to join Bushel”. From here, you can post codes to Facebook, Tweet codes, post codes to LinkedIn and even email them.

We’re not going into general availability just yet. But we’re definitely making it easier long-term to sign up and use Bushel! We hope you love it as much as we do!

Since we’re still architecting how these final screens look, the final features and stress testing the servers, also if you’re testing the system please feel free to fill out our feedback form so we know what you think of what we’re doing and where we’re going!

Or if you’re still waiting for a code, use this link to skip that process https://signup.bushel.com?r=fd0fcf9e6d914a739d29c90421c0fb45.

Articles and Books Mac OS X Mac OS X Server Mac Security Mass Deployment

My Take Control Of OS X Server Book Now Available!

Thanks to all the awesome work from Adam and Tanya Engst, Tidbits announced today that my Take Control of OS X Server is now available! To quote some of the Tidbits writeup:

Some projects turn out to be harder than expected, and while Charles Edge’s “Take Control of OS X Server” was one of them, we’re extremely pleased to announce that the full 235-page book is now available in PDF, EPUB, and Mobipocket versions to help anyone in a home or small office environment looking to get started with Apple’s OS X Server.

As you’ll likely remember, we published this book chapter by chapter for TidBITS members, finishing it in early September (see “‘Take Control of OS X Server’ Streaming in TidBITS,” 12 May 2014). Doing so got the information out more quickly, broke up the writing and editing effort, and elicited reader comments that helped us refine the text.

Normally, we would have moved right into final editing and published the book quickly, but from mid-September on, our attention has been focused on OS X 10.10 Yosemite, iOS 8, and our new Take Control Crash Course series. We were working non-stop, and while we wanted to release “Take Control of OS X Server,” we felt it was more important to finish the books about Apple’s new operating systems for the thousands of people who rely on Take Control for technical assistance.

During that time, we had the entire book copyedited by Caroline Rose, who’s best known for writing and editing Inside Macintosh Volumes I through III at Apple and being the editor in chief at NeXT. Plus, we went over the book carefully to ensure that it used consistent terminology and examples, optimized the outline, and improved many of the screenshots.

The main problem with this delay was that Apple has now updated OS X Server from version 3.2.2 (Mavericks Server, which is what we used when writing the book) to 4.0 (Yosemite Server, which is all that works in Yosemite). Updating the book for Yosemite Server would delay it even longer. Luckily for us, veteran system administrators say that you should never upgrade OS X Server on a production machine right away. And even luckier, the changes in Yosemite Server turn out to be extremely minor (a sidebar in the Introduction outlines them), so those who want to get started now can use the instructions in the book with no problem. It’s also still possible to buy Mavericks Server and install it on a Mac running Mavericks, as long as you have the right Mac App Store link from the book. We are planning to update the book for Yosemite Server (which mostly involves retaking screenshots and changing the “mavserver” name used in examples) in early 2015 — it will be a free update for all purchasers.

Screen Shot 2014-11-24 at 7.59.44 PM

You can find out more about the book at http://www.takecontrolbooks.com/osx-server. An update will be due out in early 2015, so stay tuned for more!

Bushel iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment Minneapolis

Bushel: The Device Enrollment Program (DEP) In Action

Apple’s Device Enrollment Program (DEP for short) allows you to automatically setup devices with the settings you need on devices that your organization purchases. In Bushel, we give you the ability to link an Apple DEP account up with your Bushel account. This allows devices to add themselves automatically to your Bushel when the devices are activated. We tend to think this is the coolest thing since sliced bread and so we want to make sure you know how to use the feature.

Setup Device Enrollment Program in Bushel

To get started, log into your Bushel and click on Devices. Here, click the button for Device Enrollment Program.

XcKrpO-M0gXF27l0exLKtVbNMLdI1itn8ThiXRqW3xQ

Download your certificate and go to deploy.apple.com and log into your Device Enrollment Program account. Click on Manage Servers in the Deployment Programs sidebar.

Screen-Shot-2014-10-14-at-2.12.49-PM

Next, click on Add MDM Server and provide the certificate we gave you and a name. Once Bushel has been added to your Device Enrollment Program (DEP) account, click on Assign by Serial Number to add your first device. Assuming the device is part of your DEP account, enter the serial number for the device and choose which server (the one you just added) that the device should reach out to on activation to pull settings from.

Screen-Shot-2014-10-14-at-2.13.53-PM

Once you’ve added the server, you’ll be greeted by a screen that says Assignment Complete. You can now wipe the device and upon reactivation the device will pull new settings from your Bushel.

Screen-Shot-2014-10-14-at-2.13.58-PM

The Device Enrollment Program in Bushel

Click OK and you can add more devices. Once your devices are added into the Apple DEP portal they will automatically appear in the DEP screen of your Bushel. Click on a device to assign a username and email address, if you will be using email.

xdWSZrVkYs6wWHgmzfmdkOdmZjSXVMDqrypOkqCaC3w-1

Good luck!

Mac OS X Mass Deployment

Upgrade to OS X Yosemite

Installing OS X has never been easier than in Yosemite. In this article, we’ll look at upgrading a Mac from OS X 10.9 (Mavericks) to OS X 10.10 (Yosemite). The first thing you should do is clone your system. The second thing you should do is make sure you have a good backup. The third thing you should do is make sure you can swap back to the clone should you need to do so and that your data will remain functional on the backup. Once you’re sure that you have a fallback plan, let’s get started by downloading OS X Yosemite from the App Store. Once downloaded, you’ll see Install OS X Yosemite sitting in LaunchPad, as well as in the /Applications folder.

Screen Shot 2014-11-04 at 5.09.18 PM

Open the app and click Continue (provided of course that you are ready to restart the computer and install OS X Yosemite).

Install1

At the licensing agreement, click Agree (or don’t and there will be no Mavericks for you).

Install2

At the pop-up click Agree again, unless you’ve changed your mind about the license agreement in the past couple of seconds.

Install3

At the Install screen, click Install and the computer will reboot.

Install4

And you’re done. Now for the fun stuff!

Install5

Articles and Books Mac OS X Mac OS X Server Mac Security Mass Deployment

Yosemite Server Guide/Page Live

A blog is a great way to communicate information. But pedagogy, yo… Blogs are not great ways to teach in a guided manner. But they can be. So with a little Table of Contents, or a Guide of sorts, you can easily communicate in a fashion similar to a book. And this makes the third annual OS X Server Guide that I’m publishing in this manner; the guides for Mavericks and Mountain Lion are  still available. I doubt I’ll ever actually bother to take them down.

I’ve been working on getting the annual guide up for a few weeks and while there are still some posts remaining, but it’s basically done (some articles just haven’t gone up yet, but they’re basically written). So, if you’re fighting the good fight (and I do think it’s a good fight) and rolling Yosemite Server, click over on http://krypted.com/guides/yosemite-server for the latest guide, covering OS X Server 4 running on OS X Yosemite (which I still like to call Yosemite Server).

Screen Shot 2014-11-04 at 7.49.04 PM

Oh, and if you’re keeping track (doubtful): yah, I know I never finished the Windows Server Guide, but I did write and finish the Xsan one and there might have been a divorce, 2 books, a product release, job change and a few benders mixed in there – one of which might still be ongoing… So I’ll eventually get back to it. Or not….