Tag Archives: ios

Mac OS X Mac OS X Server Mac Security Mass Deployment public speaking

MacAdmins 2015

I was super-bummed that I missed the MacAdmins conference at Penn State University. But, all is not lost as MacAdmins will be held July 8-10 in 2015 at the Penn Stater Conference Center and I’ll be able to see all those awesome people there next year!

In the meantime, something fun and new is the 2014 MacAdmins Playlist to maybe get exposed to some new stuff: http://spoti.fi/VTdxLX.

As an aside, here’s a fun pic of @derflounder and I (and others) doing a round table from a few years ago on the Penn State site:

Screen Shot 2014-07-15 at 1.25.10 PM

 

iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment Minneapolis

Come One, Come All: To The JAMF Nation User Conference

If you do deployments of Apple products, there are a few conferences to look at. Based on where you are and what industry you are in, some of these are better than others. But if you use the Casper Suite or are considering doing so, it would be really hard to beat JNUC, the JAMF Nation User Conference.

jamf-nation-user-conference-2014_1140_464_84_1399405603

And yes, I’d of said all this and posted this even if I hadn’t of come to work here a week and a half ago! So come one, come all to Minneapolis. And if you’re really nice, we’ll hook you up with some good old fashioned Minnesota lutefisk!

iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment

DeviceScout

DeviceScout is a tool that leverages JAMF’s Casper Suite to show administrators vital statistics and show alerts on client systems. These alerts display some of the critical aspects of systems, from encryption to disk capacity to backups, there are a number of pretty cool aspects of DeviceScout.

Screen Shot 2014-04-18 at 2.55.47 PM

Using the device view, you can view serial numbers, device types, check-in status, boot volumes, memory, etc. It’s a lot of insight into what you have on your systems. I’m a huge fan of such visibility. You will need to be running Casper to leverage DeviceScout, but it provides a very simple interface for management and even techs to see what’s going on in your enterprise in as quick a manner as possible. Inventory, security status, backup status and a support menu at your fingertips.

With very simple pricing, check out what they have to offer at http://www.devicescout.com.

Mac OS X Mac OS X Server Mac Security Mass Deployment public speaking

MacSysAdmin 2014!

Well, it’s that time of the year when one of my favorite conferences opens up registration! Come one, come all to MacSysAdmin for good times, good people and lots of fun Macinnerdiness! I hope to see you there! The official page is up at http://www.macsysadmin.se.
Screen Shot 2014-04-13 at 8.02.49 PM

Mac OS X Mac OS X Server Mac Security Mass Deployment public speaking

MacIT Early Bird Registration

If you haven’t signed up for one of my favorite conferences ever, MacIT (alongside Macworld) then you should give it a go. If you’ve never been, it’s great and if you’ve been then it’s great to catch up with old friends. I hope to see you there!

————————————

MacIT®, taking place March 26-29, 2014, in San Francisco, CA at Moscone Center North (alongside Macworld/iWorld), is the definitive event for understanding Apple technology implementation and management in enterprise environments. Our esteemed faculty of industry experts provide detailed, impartial analysis of the technology and solution chains you face when putting iOS, OS X and Apple hardware products to work in large enterprise.

MacIT 2014 features sessions on: MDM, BYOD, IPv6, VMs, SNMP, Mavericks, iOS7 and more!

MacIT 2014 opens with a thought-provoking keynote: What the Enterprise Needs from Apple – IT Execs Speak Out.

In this special panel discussion led by IDG Communications’ Chief Content Officer John Gallant, leading IT executives and a top Apple analyst share their views on what the enterprise needs from Apple. What gaps exist in current Apple offerings? How does IT want to deal with – or not deal with – Apple? How can enterprise IT and Apple build a more fruitful partnership that makes life easier for the business and helps Apple build even better products for a future in which the line is increasingly blurred between work and the rest of our lives? The session will highlight opportunities for Apple and other companies to improve the Apple ecosystem at work.

unnamed
MacIT is uniquely positioned to help today’s IT/IS and Network managers face and conquer the mobile implementation challenges they face daily.

Register today to join your IT colleagues, technology leaders and industry experts, at the definitive event for deploying and managing Apple in the enterprise.

Register by February 28th to Save!

For the full conference program and list of speakers, visit www.macitconf.com
We look forward to seeing you next March!

iPhone Mac OS X Mac OS X Server Mass Deployment

Install Fonts Using Apple Configurator

I guess someone asked for it, although it wasn’t me… But you can install fonts on Apple devices, using Apple Configurator. To do so, first open Apple Configurator and click on an existing profile or create a new profile for the font installation.

Screen Shot 2013-12-18 at 3.02.29 PMScroll down in the list along the left sidebar until you see Font. Click on Font and then click on Configure.

Screen Shot 2013-12-18 at 3.02.37 PMYou are then presented with a dialog box to select a font file. Browse to the font you’d like to deploy and then click on Select.

Screen Shot 2013-12-18 at 3.03.46 PM

Click on the plus sign (+) in the upper right corner of the screen if you’d like to deploy more fonts with this profile, or click Save to save the changes.

Screen Shot 2013-12-18 at 3.03.59 PM

Now deploy the profile and the device will get the desired font(s)!

iPhone

Testing iOS Services Using Services Test

The good folks at Amsys have built a nice little app called Services Test for verifying outbound connectivity to critical services to make iOS devices work.  If you are having problems connecting to these services or activating devices, simply open the App and tap on the play button in the upper right hand corner of the screen.

photo 1

Click on the Info button to see what each of these servers do during the activation and management process.

photo 3

The app can also test a few common server services, including connecting to an OS X Server, Casper and AirWatch. These are typical services used in an iOS and Mac environment.

photo 2

Overall, this is a really nice little app for testing connectivity to typical iOS services and a very nice tool Amsys is providing to the community!

 

iPhone Mac OS X Server Mass Deployment

Disable Options At Initial Config Time Using Apple Configurator

In Apple Configurator 1.4.3, which just dropped, you can reduce the setup time for iOS devices. This is pretty helpful in Configuration Centers and when warehousing/performing thin setups of devices. To access this new feature, open Configurator and go to the Prepare screen. From there, you will have the Setup tab. Click on Setup and then in the resultant screen, you will see each of the initial screens in iOS that you can now skip.

Screen Shot 2013-12-18 at 2.46.56 PMSo put this in perspective, if you check the Location Services box and then prepare a device, even if not restoring a backup, you then won’t be prompted for whether or not you want to enable Location Services. Instead, the device will accept the default option. Nice, small new feature, that will save a lot of people a lot of time, even if not using Apple Configurator to Supervise devices.

Mac OS X Server

Configure Messages Server in Mavericks Server

Getting started with Messages Server couldn’t really be easier. Messages Server in Mavericks Server uses the open source jabber project as their back-end code base (and going back, OS X has used jabber since the inception of iChat Server all the way through Server 3). The jabberd binary is located at /Applications/Server.app/Contents/ServerRoot/private/var/jabberd and the autobuddy binary is at /Applications/Server.app/Contents/ServerRoot/usr/bin/jabber_autobuddy. Given the importance of having multiple binaries that do the same thing, another jabberd binary is also stored at /Applications/Server.app/Contents/ServerRoot/usr/libexec/jabberd, where there are a couple of perl scripts used to migrate the service between various versions as well. Note that the man page says it’s in /etc. But I digress.

Setting up the Messages service is simple. Open the Server app and click on Messages in the Server app sidebar.

Screen Shot 2013-10-05 at 3.42.19 PM

I brought you some supper but if you’d prefer a lecture, I’ve a few very catchy ones prepped…sin and hellfire… one has man page lepers.

Once open, click on the checkbox for “Enable server-to-server federation” if you have multiple iChat, er, I mean, Messages servers and then click on the checkbox for “Archive all chat messages” if you’d like transcripts of all Messages sessions that route through the server to be saved on the server. You should use an SSL certificate with the Messages service. If enabling federation so you can have multiple Messages servers, you have to. Before enabling the service, click on the name of the server in the sidebar of Server app and then click on the Settings tab. From here, click on Edit for the SSL Certificate (which should be plural btw) entry to bring up a screen to select SSL Certificates.

Screen Shot 2013-10-05 at 3.49.12 PM

Well they tell you: never hit a man with a closed fist. But it is, on occasion, hilarious.

At the SSL Certificates screen (here it’s plural!), select the certificate the Messages service should use from the available list supplied beside that entry and click on the OK button. If you need to setup federation, click back on the Messages service in the sidebar of Server app and then click on the Edit button. Then, click on the checkbox for Require server-to-server federation (making sure each server has the other’s SSL certificate installed) and then choose whether to allow any server to federate with yours or to restrict which servers are allowed. I have always restricted unless I was specifically setting up a server I wanted to be public (like public as in everyone in the world can federate to it, including the gorram reavers that want to wear your skin).

Screen Shot 2013-10-05 at 3.50.37 PM

This is what I do, darlin’. This is what I do.

To restrict the service, then provide a list of each server address capable of communicating with your server. Once all the servers are entered, click the OK button.

Obviously, if you only have one server, you can skip that. Once the settings are as you wish them to be, click on the ON/OFF switch to light up the service. To see the status of the service, once started, use the fullstatus option with serveradmin followed by the jabber indicator:

sudo serveradmin fullstatus jabber

The output includes whether the service is running, the location of jabber log files, the name of the server as well as the time the service was started, as can be seen here:

jabber:state = "RUNNING"
jabber:roomsState = "RUNNING"
jabber:logPaths:PROXY_LOG = "/private/var/jabberd/log/proxy65.log"
jabber:logPaths:MUC_STD_LOG = "/var/log/system.log"
jabber:logPaths:JABBER_LOG = "/var/log/system.log"
jabber:proxyState = "RUNNING"
jabber:currentConnections = "0"
jabber:currentConnectionsPort1 = "0"
jabber:currentConnectionsPort2 = "0"
jabber:pluginVersion = "10.8.211"
jabber:servicePortsAreRestricted = "NO"
jabber:servicePortsRestrictionInfo = _empty_array
jabber:hostsCommaDelimitedString = "mavserver.pretendco.lan"
jabber:hosts:_array_index:0 = "mavserver.pretendco.lan"
jabber:setStateVersion = 1
jabber:startedTime = ""
jabber:readWriteSettingsVersion = 1

There are also a few settings not available in the Server app. One of these that can be important is the port used to communicate between the Messages client and the Messages service on the server. For example, to customize this to 8080, use serveradmin followed by settings and then jabber:jabberdClientPortSSL = 8080, as follows:

sudo serveradmin settings jabber:jabberdClientPortSSL = 8080

To change the location of the saved Messages transcripts (here, we’ll set it to /Volumes/Pegasus/Book:

sudo serveradmin settings jabber:savedChatsLocation = “/Volumes/Pegasus/Book”

To see a full listing of the options, just run settings with the jabber service:

sudo serveradmin settings jabber

The output lists each setting configurable

jabber:dataLocation = "/Library/Server/Messages"
jabber:s2sRestrictDomains = no
jabber:jabberdDatabasePath = "/Library/Server/Messages/Data/sqlite/jabberd2.db"
jabber:sslCAFile = "/etc/certificates/mavserver.pretendco.lan.10E6CDF9F6E84992B97360B6EE7BA159684DCB75.chain.pem"
jabber:jabberdClientPortTLS = 5222
jabber:sslKeyFile = "/etc/certificates/mavserver.pretendco.lan.10E6CDF9F6E84992B97360B6EE7BA159684DCB75.concat.pem"
jabber:initialized = yes
jabber:enableXMPP = no
jabber:savedChatsArchiveInterval = 7
jabber:authLevel = "STANDARD"
jabber:hostsCommaDelimitedString = "mavserver.pretendco.lan"
jabber:jabberdClientPortSSL = 5223
jabber:requireSecureS2S = no
jabber:savedChatsLocation = "/Library/Server/Messages/Data/message_archives"
jabber:enableSavedChats = no
jabber:enableAutoBuddy = no
jabber:s2sAllowedDomains = _empty_array
jabber:logLevel = "ALL"
jabber:hosts:_array_index:0 = "mavserver.pretendco.lan"
jabber:eventLogArchiveInterval = 7
jabber:jabberdS2SPort = 0

To stop the service:

sudo serveradmin stop jabber

And to start it back up:

sudo serveradmin start jabber

It’s also worth noting something that’s completely missing in this whole thing: Apple Push Notifications… Why is that important? Well, you use the Messages application to communicate not only with Mac OS X and other jabber clients, but you can also use Messages to send text messages. Given that there’s nothing in the server that has anything to do with texts, push or anything of the sort, it’s worth noting that these messages don’t route through the server and therefore still require an iCloud account. Not a huge deal, but worth mentioning that Messages server doesn’t have the same updates built into the Messages app. Because messages don’t traverse the server, there’s no transcripts.

iPhone Mac OS X Mac OS X Server Mac Security Xsan

AFP548.com Podcast, Episode 2

I’m honored that the good people at AFP548 decided to have me in the second episode of their podcast. Thanks to all the people (@sacrilicious @bruienne etc) involved and hopefully you enjoy it! It’s available at http://www.afp548.com/2013/10/16/episode-two-eco-sphere or: