It can be tough to get information about larger Mac deployments. I’ve written a few books on it. Apple has built some pages on it. But many prefer to consume their content through video. As such, Sean Collins has teamed up with Lynda.com to put together an IT Administrator’s Guide for El Capitan. With topics ranging from SIP to DEP, and all the acronyms in the middle, Sean’s soothing voice will guide you through what you need to get started with a new Mac deployment.
Many a job can seem daunting, but with this latest addition to our arsenal, you’ll instantly feel less intimidated. It’s like the Sun A of the Mac world. But afterwards, when you go into corpse pose, you won’t fall asleep, because the content is too good. Check it out here:
krypted January 15th, 2016
There is a nice review of my iOS in the Enterprise book up on MacDirectory. It is available at:
Overall the review was good. I understand not liking the font choice for the book. Luckily this type of thing isn’t something we authors have a choice about, so I take it as an overall good review!
krypted April 25th, 2011
I’ve been watching the MacTech Conference and then Boot Camps for some time. After hearing of the resounding success of the Conference last summer I was then stoked to hear that the January Boot Camp went extremely well. A MacTech Boot Camp is a regional, single-track seminar designed specifically for consultants and techs. MacTech Conference is a multi-day conference for IT professionals with a focus on enterprise and development whereas the Boot Camps are for consultants and techs focused on home users and small to medium sized businesses. Both are going really well.
Krypted.com is now a media sponsor of MacTech Boot Camps! This means I get discounts to offer my readers! There is a Dallas Boot Camp coming up on April 27th and a Boston Boot Camp on May 18th. You can get a discount ($200 off) by signing up at http://www.mactech.com/bootcamp/special-reg_krypted. There is also one is Los Angeles on July 27th and one in Chicago on August 31st to round out the summer. You can get early bird pricing and a discount for those ($200 off) at http://www.mactech.com/bootcamp/special-reg_krypted.
There’s a lot of information covered in the Boot Camps, with each city hosting about 9 sessions of 45 minutes each. For a list of topics, see http://www.mactech.com/bootcamp/topics. The 2011 curriculum includes:
Certification testing is also available the day before the Boot Camps start through third party testing centers. This lets you get a lot of education out of the way at once (and at a discount) so you can focus on other stuff for the rest of the summer! For more on certification options: http://www.mactech.com/bootcamp/certification.
And let’s not forget that the second MacTech conference is going back to the Los Angeles area, from November 2nd through 4th at the Universal Sheraton! 3 days, meals included lots of very technical, enterprise oriented fun will be had by all!
krypted April 12th, 2011
An excerpt-turned-article of mine just appeared in iPhone Life Magazine. IT’s called The Inevitability of the iPhone in the Enterprise:
Hope you enjoy!
krypted January 21st, 2011
Posted In: iPhone
Josh Barrett, of tabletlegal.com posted a mini-review of my latest book, the Enterprise iPhone and iPad Administrator’s Guide. It’s an interesting look at iPads making their way into law firms despite the often reluctant IT admins who have to support them. Big thanks to Josh for a favorable review!
krypted January 20th, 2011
Posted In: Articles and Books
The Mac OS X App Store was released earlier this month as a part of the Mac OS X 10.6.6 update. The App Store, with over 1,000 applications (including a couple of server tools), allowing people to download and install applications on Mac OS X computers without needing to understand how to click through the screens of a standard package installer, drag applications from disk images into the /Applications folder or basically how to do practically anything except for click and provide a valid credit card number. As with the App Store that debuted with the iPhone, the App Store for Mac OS X is clearly aimed at residential customers, but being that these computers are used in enterprises around the world, the impact to managed environments cannot be discounted. I decided to do plenty of testing and reading before I wrote this up, so hopefully you’ll find it helpful, if not very timely.
The first and probably most important aspect of the App Store to most who are charged with managing large numbers of Mac OS X computers is that only administrative users can install software from the App Store. This little fact makes the App Store itself a non-issue for most enterprises, who do not make typical users administrative users. Because only administrative accounts can download and install applications, there is little risk created from leaving the App Store on client computers.
Applications installed from the App Store can only be deployed into the /Applications directory. These applications are owned by System, with read-only access given to the wheel group and everyone else. No ACLs are used, so while a single user purchases the software any user on the system can open it. If you copy the software to another computer then you will be prompted to authorize it using the same Apple ID that was used to purchase it.
When an administrative user purchases an application, they are not prompted for a system password, only an App Store password, which uses the same Apple ID used for the iTunes Store and the iOS App Store. Application updates are handled using the familiar Updates screen borrowed from the iOS App Store, which includes the nifty Update All option.
As far as controlling the user’s experience with the App Store, there are a few options. Administrators can remove the App Store application bundle (which can be replaced any time) from /Applications. Administrators can also black list the application using managed preferences/parental controls. A Dock item is added by default and can be removed as well. Removing both the Dock item and the Application bundle will then remove the App Store menu item from the Apple menu. You can also block the hosts at apple.com, which includes itunes.apple.com, ax.itunes.apple.com, ax.init.itunes.apple.com, albert.apple.com, metrics.sky.com and possibly gs.apple.com. These will communicate over ports 80 and 443, according to the operation being used. There is also a launch daemon at /System/Library/LaunchAgents/com.apple.storeagent.plist that should be unloaded and likely removed if you’re going to outright disable the App Store. However, the only real way I would personally disable is using a managed preference.
There is also a property list file for the App Store that can be used to manage the application in Workgroup Manager in ~/Library/Preferences/com.apple.storeagent.plist. However, there isn’t much that can be done here at this time.
Because applications are tied to users, when a user moves computers you will want to backup and restore the applications for the user. To do so, here’s the captain obvious article for ya’: http://support.apple.com/kb/HT4482.
The App Store is not a replacement for a good patch management system. Software distribution cannot be managed centrally using the App Store and Software Update Server in Mac OS X Server does not currently cache applications from the App Store. Trying to think of a way to shoehorn the App Store into a software distribution system such as JAMF’s Casper Suite, Absolute Manage or FileWave is just asking for a world of pain, so let’s pretend that we never brought it up. If your organization isn’t able to license one of the aforementioned products, check out Star Deploy from http://www.stardeploy.com/StarDeploy/Home.html or munki from http://code.google.com/p/munki. Finally, I think that Apple’s done a great job with the App Store for a version 1 release. I think that my wife loves it and that over time if Apple chooses to do more with it then great; otherwise, all of the options we’ve been using, from the installer command on, are still at our disposal.
krypted January 18th, 2011
The Enterprise iPhone and iPad Administrator’s Guide is now shipping (and rapidly moving up in Amazon’s rankings)! There have also been a couple of sightings in Border’s.
Apress also sent out a press release and an email blast regarding the book in the past week. So, feel free to buy it using the link below!
krypted December 9th, 2010
Tired of carrying around that RSA SecurID token thingie from 1994, all beige and chewed on routinely by kids and dogs alike? RSA now has an iPhone app for that. Using the SecurID token you can have the exact same functionality using the iPhone that you would otherwise have to use a keychain dongle for. If you’re like me and have been trying to reduce the items you carry on your person for a long time this is a fantastic new option. And in a way, RSA is just helping to make a case for using an iPhone in highly secured Enterprise environments (not that they’re not helping to make the same case with their Blackberry version of a SecurID application).
The application is free, but you’re organization will have likely already purchased a seed that costs much more than an iPhone app that they charge for would have made them… Tokens will need some conversion and then users will need to click on a link to install them (I’ll cover that later if I can find the time) but once you have it setup then it will be a bit easier to deploy. I’d like to find a way to insert it into a provisioning profile but again I’ll just need a bit more time to figure that out. Look for further posts at a later date.
krypted July 23rd, 2009
The basic steps to use BRU, Tivoli, Atempo, Bakbone and PresSTORE are all covered in the latest edition of Michael Dhaliwal’s Enterprise Backup Whitepaper, available on his personal site.
krypted April 5th, 2009