krypted.com

Tiny Deathstars of Foulness

The msiexec command can be used to run an installer on Windows in a zero touch fashion. To do so, run the following command: msiexec /i "python-2.7.14.amd64.msi" /passive TARGETDIR="C:\python"

April 22nd, 2018

Posted In: Windows Server

Tags: , ,

Let’s start out with what’s actually available in the Server Admin CLI: serveradmin. The serveradmin command, followed by settings, followed by san shows a few pieces of information:

/Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin settings san

The results would be similar to:

san:computers = _empty_array san:primaryController = "95C99FB1-80F2-5016-B9C3-BE3916E6E5DC" san:ownerEmail = "krypted@me.com" san:sanName = "krypted" san:desiredSearchPolicy:_array_index:0 = "" san:serialNumbers = _empty_array san:dsType = 0 san:ownerName = "Charles Edge" san:managePrivateNetwork = yes san:metadataNetwork = "10.0.0.0/24" san:numberOfFibreChannelPorts = 2 san:role = "CONTROLLER"

Here, we see the metadata network, the GUID of the primary (active) MDC, the name of the SAN, an array of serial numbers (if applicable – rarely encountered these days), the owner info plugged in earlier and the metadata network interface being used. Next, we’ll take a peak at the fsm process for each volume:

bash-3.2# ps aux | grep fsm

The results would be as follows:

root 7030 0.7 0.7 2694708 62468 ?? Ss 10:18AM 0:03.08 /System/Library/Filesystems/acfs.fs/Contents/bin/fsm BettyWhite mdm.pretendco.lan 0 root 6834 0.1 0.0 2478548 2940 ?? S 10:10AM 0:01.37 fsmpm -- -- /var/run/fsmpm-sync.6800 1800

Next, we can look at the version rev, which shows that the Server Revision:

bash-3.2# cvversions File System Server: Server Revision 6 Branch Head Created on Tue Sep 13 09:59:14 PDT 2017 Built in /SourceCache/XsanFS/XsanFS-527/buildinfo Host OS Version: Darwin 14.0.0 Darwin Kernel Version 14.0.0: Sat Sep 1 02:15:10 PDT 2017; root:xnu-2788.0.0.0.5~1/RELEASE_X86_64 x86_64


Next, we’ll check out the contents of /Library/Preferences/Xsan. First the volume configuration file:

bash-3.2# cat BettyWhite.cfg # Globals AllocationStrategy Round FileLocks Yes BufferCacheSize 32M Debug 0x0 CaseInsensitive Yes EnableSpotlight Yes EnforceACLs Yes SpotlightSearchLevel ReadWrite FsBlockSize 16K GlobalSuperUser Yes InodeCacheSize 8K InodeExpandMin 0 InodeExpandInc 0 InodeExpandMax 0 InodeDeleteMax 0 InodeStripeWidth 0 JournalSize 16M MaxConnections 139 MaxLogSize 10M MaxLogs 4 NamedStreams Yes Quotas Yes QuotaHistoryDays 7 ThreadPoolSize 256 UnixIdFabricationOnWindows Yes UnixNobodyUidOnWindows -2 UnixNobodyGidOnWindows -2 WindowsSecurity Yes # Disk Types [DiskType LUN2Type] Sectors 488355807 SectorSize 512 # Disks [Disk LUN2] Type LUN2Type Status UP # Stripe Groups [StripeGroup All] Status Up StripeBreadth 16 Metadata Yes Journal Yes Exclusive No Read Enabled Write Enabled Rtmb 0 Rtios 0 RtmbReserve 0 RtiosReserve 0 RtTokenTimeout 0 MultiPathMethod Rotate Node LUN2 0 Affinity All The configuration for the SAN itself is in XML, which can be seen by viewing the config.plist:

bash-3.2# cat config.plist computers desiredSearchPolicy dsType 0 managePrivateNetwork metadataNetwork 10.0.0.0/24 ownerEmail krypted@me.com ownerName Charles Edge primaryController 95C99FB1-80F2-5016-B9C3-BE3916E6E5DC role CONTROLLER sanName krypted serialNumbers

The automount file controls which systems automatically mount which volumes and is in a plist as well:

bash-3.2# cat automount.plist BettyWhite AutoMount rw MountOptions atimedelay no dircachesize 10485760 threads 12

The aux-data is also a plist:

bash-3.2# cat BettyWhite-auxdata.plist Config ClientDelayAccessTimeUpdates 0 ClientDirCacheSize 10485760 ClientThreadCount 12 StoragePoolIdealLUNCount 4 StoragePoolStripeBreadth 16 FailoverPriorities controllerUUID 95C99FB1-80F2-5016-B9C3-BE3916E6E5DC enabled 1

Next, cvadmin remains basically unchanged, with the addition of restartd/startd/stopd (managing the fem and the removal of :

Xsanadmin (BettyWhite) > help Command summary: activate, debug, dirquotas, disks, down, fail, filelocks, fsmlist, help, latency-test, multipath, paths, proxy, qos, quit, quotas, quotacheck, quotareset, ras, repfl, repquota, repof, resetrpl, rollrj, select, show, start, stat, stop, up, who, ? activate [ | ] Activate a File System . This command may cause an FSM to activate. If the FSM is already active, no action is taken. debug [ [+/-] ] Get or Set (with ) the FSS Debug Flags. Enter debug with no value to get current setting and bit meanings. Value should be a valid number. Use 0x to indicate hexadecimal. If the ‘+’ or ‘-’ argument is used, only specified flags will be modified. ‘+’ will set and ‘-’ will disable the given flags. dirquotas <create|mark|destroy> The ‘create’ command turns the given directory into the root of a Directory Quota namespace. The command will not return until the current size value of the directory is tallied up. The ‘mark’ command also turns the given directory into the root of a Directory Quota namespace, but the current size value is left uninitialized. The command ‘quotacheck’ should be run later to initialize it. The ‘destroy’ command destroys the namespace associated with the given directory. The directory’s contents are left unchanged. disks [refresh] Display the acfs Disk volumes visible to this machine. If the optional “refresh” is used, the volumes will. be re-scanned by the fsmpm. disks [refresh] fsm Display the acfs meta-data Disk volumes in use by the fsm. If the optional “refresh” is used, additional paths to these volumes may be added by the fsm. down Bring down stripe group . fail [ | ] Failover a File System . This command may cause a stand by FSM to activate. If the FSM is already active, the FSM will shut down. A stand-by FSM will take over or the FSM will be re-launched if it is stand-alone. fsmlist [] [on ] Display the state of FSM processes, running or not. Optionally specify a single to display. Optionally specify the host name or IP address of the system to list the FSM process(es) on. help (?) This message. latency-test [ | all] [] Run an I/O latency test between the FSM process and one client or all clients. The default test duration is 2 seconds. multipath < balance | cycle | rotate | static | sticky > Change the Multi Path method for stripe group to “balance”, “cycle”, “rotate”, “static”, or “sticky”. paths Display the acfs Disk volumes visible to this machine grouped according to the “controller” identity. proxy [ long ] proxy who Display Disk Proxy Servers, and optionally the disks they serve, for this filesystem The “who” option displays all proxy connections for the specified host. qos Display per-stripe group QOS statistics. quit Exit filelocks Query cluster-wide file/record lock enforcement. Enter filelocks with no value to get current setting. Currently Cluster flocks are automatically used on Unix. Windows file/record locks are optional. quotas Get the current state of the quota system quotas get <user|group|dir|dirfiles> Get quota parameters for user, group, or directory . quotas set <user|group|dir|dirfiles> Set current quota parameters for user, group, or directory . can be the name of a user or group or the path to a directory. For users and groups, it can also be an integer interpreted as a uid or gid. Setting the hardlim, softlim, and timelim to 0 disables quota enforcement for that user, group, or directory. The values for hardlim and softlim are expressed in bytes when setting user, group, or dir values. When setting dirfiles values, they are numbers of regular file inodes. The value for timelim is expressed in minutes. quotacheck Recalculate the amount of space consumed (the current size field of the quota record) by all users, groups, and directory namespaces in the file system. This command can be run on an active file system although file updates (writes, truncates, etc.) will be delayed until quotacheck has completed. quotareset Like quotacheck, but deletes the quota database before performing the check. All limits and directory namespaces will be lost. Use with extreme caution. ras enq “detail string” Generate an SNFS RAS event. For internal use only. ras enq “detail string” Generate a generic RAS event. For internal use only. repquota Generate quota reports for all users, groups, and directory namespaces in the file system. Three files are generated: 1. quota_report.txt – a “pretty” text file report. 2. quota_report.csv – a comma delimited report suitable for Excel spreadsheets. 3. quota_regen.in – a list of cvadmin commands that can be used to set up an identical quota database on another Xsan. repfl Generate a report of currently held locks on all connected acfs clients. repof Generate a report of currently open files on all connected acfs clients. resetrpl [clear] Repopulate Reverse Path Lookup (RPL) information. The optional “clear” argument causes existing RPL data to be cleared before starting repopulation. Note: “resetrpl” is only available when cvadmin is invoked with the -x option. Running resetrpl may significantly delay FSM activation. This command is not intended for general use. Only run “resetrpl” when recommended by Technical Support. restartd [once] Stop and start the process. For internal use only. rollrj Force the FSM to start a new restore journal. This command is only used on a managed file system select [ | | none] Select the active File System . Typing “select none” will de-select the current FSS. If the FSM is inactive (standing by) it cannot be selected. Using this command with no argument shows all active FSSs. show [ ] [ long ] Show all stripe groups or a specific stripe group . Adding the modifier “long” shows more verbose information. start [on] [] Start the File System Service for . When running on an HA MDC, the local service is started and then an attempt is made to start the service on the peer MDC. Optionally specify the hostname or IP address to start the FSM on that MDC only. startd [once] Start the process. For internal use only. stat Display the general status of the file system. stats [clear] Display read/write statistics for the file system. If clear, zero the stats after printing. stop [on] [] | Stop the File System Services for or . Stopping by name without specifying a hostname will stop all instances of the service, and will cancel any pending restart of the service on the local system. Stopping by name on a particular system will stop or cancel a restart of the service on that system. Stopping by number only stops the service associated with the index. Indexes are displayed on the left side as “nn>” when. using the “select” command. stopd Stop the process. For internal use only. up Bring up stripe group . If there are no stripe groups that have exclusively numeric names, the stripe group index number shown in the “show” command may be used in place of . who [] [long] List clients attached to file system. In the short form, “who” returns the following information: - acfs I.D. – Client License Identifier - Type – Type of client connection FSM – File System Manager (FSM) connection ADM – Administrative (cvadmin) connection CLI – File system client connection. May be followed by a CLI type character: S – Disk Proxy Server C – Disk Proxy Client H – Disk Proxy Hybrid Client - Location – Client’s hostname or IP address - Up Time – Total time client has been connected to FSM - License Expires – Date client’s license will expire In the long form, “who” returns network path, build, latency and reconnect information, if available. Administrative and FSM clients return a limited set of information. Xsanadmin (BettyWhite) > select List FSS File System Services (* indicates service is in control of FS): 1>*BettyWhite[0] located on 10.0.0.1:57724 (pid 7030)

September 26th, 2017

Posted In: Mac OS X Server, Xsan

Tags: , , , ,

Prepare for your network administrators to cringe… I’ve spoken on these commands but never really put them together in this way, exactly. So I wanted to find a coworker on a network. So one way to find people is to use a ping sweep. Here I’m going to royally piss off my switch admins and ping sweep the subnet: ping 255.255.255.255 Next, I’m going to run arp to translate: arp -a Finally, if a machine is ipv6, it wouldn’t show up. So I’m going to run: ndp -a Now, I find the hostname, then look at the MAC address, copy that to my clipboard, find for that to get the IP and then I can flood that host with all the things. Or you could use nmap… :-/

January 7th, 2017

Posted In: Mac OS X, Network Infrastructure

Tags: , , , , , ,

Use the following keys to do fun things when typing a command in bash (mostly keybindings):
  1. Use the up arrow to run the previous command
  2. Continue using the arrow to scroll to commands further in the history
  3. Use Control-r to search through your command history
  4. Control-w deletes the last word
  5. Control-u deletes the line you were typing
  6. Control-a moves the cursor to the beginning of the line
  7. Control-e moves the cursor to the end of the line
  8. Control-l clears the screen
  9. Control-b moves the cursor backward by a character
  10. Control-u moves the cursor forward by a character
  11. Control-_ is an undo
  12. “man readline” shows the bash keybindings (ymmv per OS)
  13. Tab completes an argument
  14. !! repeats the last command. Useful when using sudo in front of the last line from bash
  15. !$ repeats the last argument for a command
  16. $_ shows the last word from the previous command
  17. “cd -” is like a back button
  18. !!:p outputs the last command with arguments
  19. cd !!:* cd into the argument from the previous command
  20. Escape-. expands the argument from the last command
  21. pbcopy and pbpaste accesses the clipboard from Terminal
  22. Use ; to separate commands in a single line
  23. Use | to pipe output to another command
  24. Use > to send output to a new file, or >> to append output to the end of a file or < to bring input from a file
  25. “Open .” opens the current working directory in a Finder window
Enjoy!

March 21st, 2016

Posted In: Mac OS X, Mac OS X Server, Programming

Tags: , , , ,

Previously, I’ve used a few methods to create files in OS X using touch, dd, etc. But the easiest way to create empty files is using the mkfile command, which instantly creates a file of any size. To use the mkfile command, use the following general syntax: mkfile -n size[b|k|m|g] filename Using the above, to create a 2GB file called “TESTFILE” on the desktop, use the following command: mkfile -n 2g ~/Desktop/TESTFILE The file is created instantly and occupies the desired space on the disk. If you cat the file you should see a whole lot of zeros. I use dd for testing throughput (e.g. to large storage arrays) as there are more options, but mkfile is a useful tool as well. When you use Disk Utility to generate files, you’re basically just piping to mkfile, so this gives you a programmatic way to do so from the command line. Enjoy.

March 17th, 2016

Posted In: Mac OS X

Tags: , , , ,

Posted a new swift command line tool to accept serial number data from an Apple device and respond with warranty information about a device at https://github.com/krypted/swiftwarrantylookup. This is based on pyMacWarranty, at https://github.com/pudquick/pyMacWarranty. Screen Shot 2016-03-15 at 10.34.41 PM

March 16th, 2016

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Swift

Tags: , , , , , , , , ,

When I need to look at what day a date is on, I typically open the Calendar app. But sometimes I’m in the middle of a task in the command line and don’t want to do so. Luckily, there’s a cal binary in OS X. To use cal, simply invoke it and ask for a julian calendar using the -j option: cal -j Which outputs a calendar view: March 2016 Su Mo Tu We Th Fr Sa 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 The days you see above are numbered as the day in order in that year. To see the full year, use -jy: cal -jy To just see one month, use the -m followed by the number of the month. So to see July: cal -j -m 7 To see all of 2018, use the -y and the year: cal -j -y 2018 To see the dy of the month, we’ll use ncal, which also shows which day of the week each day fall on: ncal -J The output would be as follows: March 2016 Mo 1 8 15 22 29 Tu 2 9 16 23 30 We 3 10 17 24 31 Th 4 11 18 25 Fr 5 12 19 26 Sa 6 13 20 27 Su 7 14 21 28 When I’m scripting, especially with outputting to logger, I’ll usually use date. But cal and ncal are nice little doohickeys for quickly finding days and dates and the such. Happy calendaring!

March 15th, 2016

Posted In: Mac OS X

Tags: , ,

The hostinfo command displays information about your host; namely your kernel version, the number of processors the kernel is configured for, the number of physical processors active, the number of logical processors active, the type of those processors, which ones are active, the amount of memory available, tasks, threads, and average load. Run hosting without any arguments or options: hostinfo The output would be as follows (ymmv per system): Mach kernel version: Darwin Kernel Version 15.0.0: Wed Aug 26 19:41:34 PDT 2015; root:xnu-3247.1.106~5/RELEASE_X86_64 Kernel configured for up to 4 processors. 2 processors are physically available. 4 processors are logically available. Processor type: x86_64h (Intel x86-64h Haswell) Processors active: 0 1 2 3 Primary memory available: 16.00 gigabytes Default processor set: 395 tasks, 1711 threads, 4 processors Load average: 1.78, Mach factor: 2.21 There are a bunch of other commands that can provide far more detailed information about your system. However, hostinfo has remained basically unchanged for 13 years, so if I can get something there, I can trust it’s fairly future-proofed in my scripts.

November 23rd, 2015

Posted In: Mac OS X

Tags: , , , ,

You might be happy to note that other than the ability to interpret new payloads, the profiles command mostly stays the same in El Capitan, from Yosemite. You can still export profiles from Apple Configurator or Profile Manager (or some of the 3rd party MDM tools). You can then install profiles by just opening them and installing. Once profiles are installed on a Mac, mdmclient, a binary located in /usr/libexec will process changes such as wiping a system that has been FileVaulted (note you need to FileVault if you want to wipe an OS X Lion client computer). /System/Library/LaunchDaemons and /System/Library/LaunchAgents has a mdmclient daemon and agent respectively that start it up automatically. This, along with all of the operators remains static from 10.10. To script profile deployment, administrators can add and remove configuration profiles using the new /usr/bin/profiles command. To see all profiles, aggregated, use the profiles command with just the -P option: /usr/bin/profiles -P As with managed preferences (and piggy backing on managed preferences for that matter), configuration profiles can be assigned to users or computers. To see just user profiles, use the -L option: /usr/bin/profiles -L You can remove all profiles using -D: /usr/bin/profiles -D The -I option installs profiles and the -R removes profiles. Use -p to indicate the profile is from a server or -F to indicate it’s source is a file. To remove a profile: /usr/bin/profiles -R -F /tmp/HawkeyesTrickshot.mobileconfig To remove one from a server: /usr/bin/profiles -R -p com.WestCoastAvengers.HawkeyesTrickshot The following installs HawkeyesTrickshot.mobileconfig from /tmp: /usr/bin/profiles -I -F /tmp/HawkeyesTrickshot.mobileconfig If created in Profile Manager: /usr/bin/profiles -I -p com.WestCoastAvengers.HawkeyesTrickshot You can configure profiles to install at the next boot, rather than immediately. Use the -s to define a startup profile and take note that if it fails, the profile will attempt to install at each subsequent reboot until installed. To use the command, simply add a -s then the -F for the profile and the -f to automatically confirm, as follows (and I like to throw in a -v usually for good measure): profiles -s -F /Profiles/SuperAwesome.mobileconfig -f -v And that’s it. Nice and easy and you now have profiles that only activate when a computer is started up. As of OS X Yosemite, the dscl command got extensions for dealing with profiles as well. These include the available MCX Profile Extensions: -profileimport -profiledelete -profilelist [optArgs]
-profileexport -profilehelp To list all profiles from an Open Directory object, use 
-profilelist. To run, follow the dscl command with -u to specify a user, -P to specify the password for the user, then the IP address of the OD server (or name of the AD object), then the profilelist verb, then the relative path. Assuming a username of diradmin for the directory, a password of moonknight and then cedge user: dscl -u diradmin -P moonknight 192.168.210.201 profilelist /LDAPv3/127.0.0.1/Users/cedge To delete that information for the given user, swap the profilelist extension with profiledelete: dscl -u diradmin -P apple 192.168.210.201 profilelist /LDAPv3/127.0.0.1/Users/cedge If you would rather export all information to a directory called ProfileExports on the root of the drive: dscl -u diradmin -P moonknight 192.168.210.201 profileexport . all -o /ProfileExports In Yosemite we got a few new options (these are all still in 10.11 with no new operators), such as -H which shows whether a profile was installed, -z to define a removal password and -o to output a file path for removal information. Also, as in Yosemite it seems as though if a configuration profile was pushed to you from MDM, you can’t remove it (fyi, I love having the word fail as a standalone in verbose output):
bash-3.2# profiles -P _computerlevel[1] attribute: profileIdentifier: 772BED54-5EDF-4987-94B9-654456CF0B9A _computerlevel[2] attribute: profileIdentifier: 00000000-0000-0000-A000-4A414D460003 _computerlevel[3] attribute: profileIdentifier: C11672D9-9AE2-4F09-B789-70D5678CB397 charlesedge[4] attribute: profileIdentifier: com.krypted.office365.a5f0e328-ea86-11e3-a26c-6476bab5f328 charlesedge[5] attribute: profileIdentifier: odr.krypted.com.ADD7E5A6-8EED-4B11-8470-C56C8DC1E2E6 _computerlevel[6] attribute: profileIdentifier: EE08ABE9-5CB8-48E3-8E02-E46AD0A03783 _computerlevel[7] attribute: profileIdentifier: F3C87B6E-185C-4F28-9BA7-6E02EACA37B1 _computerlevel[8] attribute: profileIdentifier: 24DA416D-093A-4E2E-9E6A-FEAD74B8B0F0 There are 8 configuration profiles installed bash-3.2# profiles -r 772BED54-5EDF-4987-94B9-654456CF0B9A bash-3.2# profiles -P _computerlevel[1] attribute: profileIdentifier: F3C87B6E-185C-4F28-9BA7-6E02EACA37B1 _computerlevel[2] attribute: profileIdentifier: EE08ABE9-5CB8-48E3-8E02-E46AD0A03783 _computerlevel[3] attribute: profileIdentifier: 24DA416D-093A-4E2E-9E6A-FEAD74B8B0F0 _computerlevel[4] attribute: profileIdentifier: 00000000-0000-0000-A000-4A414D460003 _computerlevel[5] attribute: profileIdentifier: 772BED54-5EDF-4987-94B9-654456CF0B9A _computerlevel[6] attribute: profileIdentifier: C11672D9-9AE2-4F09-B789-70D5678CB397 charlesedge[7] attribute: profileIdentifier: odr.krypted.com.ADD7E5A6-8EED-4B11-8470-C56C8DC1E2E6 charlesedge[8] attribute: profileIdentifier: com.krypted.office365.a5f0e328-ea86-11e3-a26c-6476bab5f328 There are 8 configuration profiles installed bash-3.2# profiles -rv 772BED54-5EDF-4987-94B9-654456CF0B9A profiles: verbose mode ON profiles: returned error: -204 fail

October 6th, 2015

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , , , ,

Apple Configurator 2 is now out and there are some really cool new features available to people deploying Apple Configurator. Apple Configurator 2 now supports feature called Blueprints. A Blueprint is a set of configuration options (such as profiles, apps, etc) that are easily applied to devices by applying a given Blueprint. So basically a canned set of options that can be configured on a device. For example, you can have a Blueprint called Training that have training apps and settings for a training room network and then you can have another Blueprint for Kiosks, that have different apps for a kiosk, one app for a kiosk, an SSID for a kiosk wireless network, and throw that single app into Single User Mode. Pretty cool, since before you needed to have all this stuff in, select the appropriate options and then deploy them. Now, you can more quickly train student workers or deployment staff to get devices initially configured before deployment them in a school or company. To install the new Apple Configurator, open up the App Store, search for Apple Configurator and then click on the Get button. It’s only 61MB so installs quickly. Screen Shot 2015-10-01 at 2.51.36 PM Once installed, open Apple Configurator 2  from /Applications. Screen Shot 2015-10-01 at 2.51.14 PM Another great new feature of Apple Configurator 2 is the command line interface for Apple Configurator: cfgutil. Go ahead and click on the Apple Configurator 2 menu and select Install Automation Tools from the menu. Screen Shot 2015-10-01 at 2.55.05 PM When prompted, Screen Shot 2015-10-01 at 2.55.09 PM Once installed, you’ll find cfgutil at /usr/local/bin/cfgutil. I’ve been working on some documentation for using the command line interface, so I’ll get it posted when I’m done. But for now, let’s go back to Apple Configurator 2 and click on Blueprints to make a new Blueprint. Screen Shot 2015-10-01 at 4.09.38 PM From Blueprints, click on your new Blueprint. Screen Shot 2015-10-01 at 4.09.47 PM From the Blueprint. you can add Apps, create Profiles and assign devices. Here, we’re going to click Profiles in the sidebar. Initially there won’t be any Profiles on the device. Click on New. Screen Shot 2015-10-01 at 4.24.23 PM Click on File then click on New Profile. Screen Shot 2015-10-01 at 4.27.14 PM The General screen just requires a new name. There are a few new options for profiles, as you can see by clicking on Restrictions and scrolling to the bottom. Screen Shot 2015-10-01 at 4.26.48 PM There are a lot of new options for iOS devices. Many require device supervision. I’ll cover setting up devices and enabling supervision later. Using Advanced options, you can also clear passcode, obtain unlock tokens, start single app mode, and enable encrypted backups. Plenty of fun things to cover!

October 1st, 2015

Posted In: Apple Configurator, iPhone

Tags: , , , , , , ,

Next Page »