krypted.com

Tiny Deathstars of Foulness

So one of the projects I’m very involved in is a simple, new Apple Device Management (or MDM really) solution, called Bushel. By default, we give people 3 devices for free. If you’re in a position to refer people to Bushel, you can also use links that you send to people that will get you even more free devices (up to 10).

But some people want to sell things and earn commissions from them. And we fully support that. So you can become a Bushel affiliate and earn commissions from any referrals you send us.

Screen Shot 2015-07-09 at 4.39.37 PM

To sign up to become a Bushel affiliate at http://www.bushel.com/affiliates. There, you can find links to refer customers/friends, marketing assets if you want to use our logos and see commissions that you’re earning. So… Join us and sell our stuff; we’d love to have you!

June 16th, 2015

Posted In: iPhone, Mac OS X, Mac OS X Server, Mass Deployment

Tags: , , , ,

Apple’s Volume Purchase Program allows you to export a VPP token and then import that token into a server to create a connection between an MDM solution (e.g. Bushel, Apple’s Profile Manager, Casper, etc) and apps you purchase through the VPP portal. But what’s in a token? The VPP token is a base64 encoded file. You can cat the file and it will show you a bunch of garbly-gook (technical term):

base64 --decode /Users/charlesedge/Desktop/kryptedcom.vpptoken

But there’s more to it than all that. We can run the base64 command to see:

base64 --decode /Users/charlesedge/Desktop/kryptedcom.vpptoken

In some cases, this file can display improperly, if it fails use the following command:

echo `cat /Users/charlesedge/Desktop/kryptedcom.vpptoken` | base64 --decode

The contents of the file are then displayed, as follows:

{"token”:”AbCDe1f2gh3DImSB1DhbLTWviabcgz3y7wkDLbnVA2AIrj9gc1h11vViMDJ11qoF6Jhqzncw5hW3cV8z1/Yk7A==","expDate":"2015-07-03T08:30:47-0700","orgName”:”Krypted.com"}

This is a comma separated set of keys, including token, expedite and orgName. Do not edit any of this or you may spontaneously combust. The token establishes the trust but the expiration date will show you when a vpptoken expires and will need to be renewed by. The orgName is what you entered in the VPP portal when you setup the account and is also escaped and then used as the file name. These two pieces of data can help you if you have a bunch of vpptokens that you need to keep track of.

May 19th, 2015

Posted In: iPhone

Tags: , , , , , , ,

There’s another new conference in town! Well, not my town, but Vancouver. MacDev Ops is a hot topic. One that will only increase in the coming years. Thanks to Mat X and Brian Warsing for bringing about a brilliant conference.

Screen Shot 2015-03-23 at 10.43.50 PM

The conference will be held on June 19, 2015 and is an easy $99 if you sign up soon. Also, submit a talk if DevOps is your thing. They’re looking to bring the following topics to the table:

  • Puppet, Chef and other automation from Desktop to Cloud and back
  • Software deployment with Munki and AutoPkg: the app ecosystem surrounding it
  • Cool tools: demo of awesome Mac Admin projects from GitHub
  • DevOps: How to adopt Automation and Best practices in IT operations
  • Dev skills: workshops on Ruby, Git, Python, Javascript for Mac Admins
  • MDM: Profiles and Mac configuration management in the cloud

This is sure to be a good one. Check it out here!

March 23rd, 2015

Posted In: Mac OS X, Programming, Unix

Tags: , , , , , , , , , ,

My third podcast in the last couple of months, this time with Chuck Joiner again, of MacVoices. And we talked a pretty good bit about Bushel and Mobile Device Management. Thanks to Chuck formatting this whole thing pretty awesome and helping bring my explanations to a point where they actually make sense!

http://www.macvoices.com/macvoices-15055-charles-edge-jamf-software-discusses-mobile-device-management-bushel/

January 29th, 2015

Posted In: Bushel, Product Management

Tags: , , , , , , , , , , ,

To manage a device from Bushel, it must first be added to your Bushel. The technical whiz-bang name for that process is Enrollment. We currently provide 3 ways to enroll devices into your Bushel. All three are available on the Enrollment page when you’re logged into Bushel.

Screen Shot 2014-09-11 at 11.41.46 AM

The first and best way to enroll devices into your Bushel is an Apple program called the Device Enrollment Program, or DEP for short. DEP is a way of tying devices to your Bushel so that they cannot be removed from the device, even if the device is wiped. Other than through DEP,  all enrollment into your Bushel is optional on the devices and so devices can be unenrolled at will. DEP requires an actual DEP account with Apple, which you can sign up for at https://deploy.apple.com/qforms/open/register/index/avs.

The second way to enroll devices into your Bushel is via Open Enrollment. When you Configure Open Enrollment you create a link that allows your users to enroll without logging into the portal. Simply open Open Enrollment from the Enrollment page and click Enable. Once enabled, you’ll see the URL to enroll devices.

Screen Shot 2014-09-11 at 11.43.44 AM

The third way to enroll devices is manually. Simply log into your Bushel, click on Enrollment and then click on the Enroll button for Enroll This Device. When prompted for “Who will this device belong to?” enter the username (e.g. the user’s name in front of their email address most likely or the username for your email system if it’s something different than that). Also provide the email address itself in the Email Address field and then click Enroll This Device. Now, if you want to enroll the device you’re using, simply complete the screen prompts for the profile installation and you’ll be good to go. Or, you can save the mobileconfig file that’s downloaded and send it to others in order to allow them to install it as well. Simply cancel the installation process (most easily done from a Mac) and distribute the Enroll.mobileconfig file as needed. You can also put a user’s name in front of the file name, so you know which will enroll each user. If you need to enroll 3 or 4 people in other countries or cities, this might be the best option!

Screen Shot 2014-09-11 at 11.48.46 AM

OK, so we basically gave 4 ways to enroll. But that’s because we’re trying to make it as easy as possible to enroll devices into your Bushel.

January 7th, 2015

Posted In: Bushel, iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , ,

When you add a bunch of devices to an MDM, we call it mass enrolling. Adding iPads, iPhones and iPods to your Bushel can be done through Apple Configurator. Apple Configurator automates the enrollment process, but when working with Bushel the enrollment profile has the username and email address, if you’re using email. This means that you would only want to use a mass enrollment option with Bushel if you are not using email, if all of your users will have the same generic email address or if your users will enter their own email information.

As mentioned, an enrollment profile automatically adds your devices to your Bushel. To obtain the enrollment profile:

  • Log into your Bushel.
  • Click on Devices.
  • Click on Enroll for Enroll This Device.
  • Click on Enroll This Device.Bushel Enroll iPhone, iPad or iPod touch.
  • Once the profile is downloaded, it will automatically attempt to enroll the computer you are downloading it from in the Profiles System Preferences pane.

Screen Shot 2014-10-17 at 11.05.41 AM

  • Click on Cancel.
  • Click on the downloads link in Safari.
  • Click on your Downloads folder.

Screen Shot 2014-10-17 at 11.08.55 AM

  • You have now downloaded the .mobileconfig file that will enroll devices into your Bushel

Add the Profile To Apple Configurator:

To deploy the profile through Apple Configurator:

  • Open Apple Configurator.
  • Click on Supervise in the row of icons along the top of the screen.
  • Drag the profile (by default currently called MDM-iOS5.mobileconfig) from the Finder into the list of Profiles.Screen Shot 2014-10-17 at 11.21.09 AM
  • The profile then appears in Apple Configurator (in this example, called jasper Bushel Profile but would be called your organization’s name followed by Bushel Profile for you).

Deploy The Bushel Enrollment Profile Through Apple Configurator

Once the profile is installed in Apple Configurator, let’s deploy it. In this example, don’t configure any other options. To deploy:

  • Open Apple Configurator.
  • Click on Prepare.
  • Click on the Install Profiles button in the Profiles section of the Settings pane.Screen Shot 2014-10-17 at 11.24.37 AM
  • Click Next.Screen Shot 2014-10-17 at 11.25.02 AM
  • Check the box for the enrollment profile.Screen Shot 2014-10-17 at 11.25.48 AM
  • Click Next.
  • Follow the prompts on the screen of the device to install the profile.

If you then wish to remove the device from your Bushel (aka unenroll), simply remove the enrollment profile by opening the Settings app, scrolling down to the Profiles section and tapping on the Remove button for the profile you just installed.

December 18th, 2014

Posted In: Bushel

Tags: , ,

Casper 9.62 is now out! And holy buckets, look at all the stuff that got fixed in this release:

Casper-Suite-9.62-Release-Notes_320_414_84_1416419790

http://resources.jamfsoftware.com/documents/products/documentation/Casper-Suite-9.62-Release-Notes.pdf?mtime=1416856726

PS – There’s also some api improvement goodness!

December 4th, 2014

Posted In: iPhone, Mac OS X, Mac OS X Server, Mac Security

Tags: , , , , ,

You can see exactly what Bushel, and other MDM platforms do to your OS X devices using the System Information utility. As with all Mobile Device Management (MDM) solutions that interface with OS X, you can use the About this Mac menu item under the Apple menu at the top of the screen to bring up the System Information utility. When you open this tool, you will see a lot of information that can be derived about your devices. Scroll down the list and click on Profiles. Here, you will see all of the Device and User profiles that have been installed on your computer, the payloads within each profile and the keys within each payload.

Screen Shot 2014-12-01 at 12.00.11 PM

Inside each profile there are a few pieces of information that define how the profile operates on the computer. Click on one to see the specific details for each Payload. Payloads are a collection of settings that a policy is changing. For example, in the above  screenshot, allowSimple is a key inside the com.apple.mobiledevice.passwordpolicy payload. This setting, when set to 1 allows simple passcode to be used on the device. When used in conjunction with the forcePIN key (as seen, in the same payload), you must use a passcode, which can be simple (e.g. 4 numeric characters).

Using these settings, you can change a setting in Bushel and then see the exact keys in each of our deployed payloads that changed when you change each setting. Great for troubleshooting issues!

December 2nd, 2014

Posted In: Bushel, iPhone, Mass Deployment

Tags: , , , , , , ,

Yesterday the Bushel team finished some new code. This code allows you to refer your friends to Bushel! This skips the codes that everyone was waiting for and lets people create accounts immediately!

Screen Shot 2014-11-24 at 10.07.02 PM

From your home screen, click on Invite Friends. Or from the Account screen, scroll down to the section that says “Invite friends to join Bushel”. From here, you can post codes to Facebook, Tweet codes, post codes to LinkedIn and even email them.

We’re not going into general availability just yet. But we’re definitely making it easier long-term to sign up and use Bushel! We hope you love it as much as we do!

Since we’re still architecting how these final screens look, the final features and stress testing the servers, also if you’re testing the system please feel free to fill out our feedback form so we know what you think of what we’re doing and where we’re going!

Or if you’re still waiting for a code, use this link to skip that process https://signup.bushel.com?r=fd0fcf9e6d914a739d29c90421c0fb45.

November 25th, 2014

Posted In: Bushel, iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , ,

Slowly but surely information about what I left 318 to do has been leaking out. And I wouldn’t say leaking. More like being broadcast to the world. I’ve worked on a few little things here and there at JAMF Software since my arrival. But my core duty is to shepherd the development and strategy behind a new Mobile Device Management tool called Bushel. A little more about Bushel is available here, and I’ll likely post more about it here when the time is right:

http://tech.mn/news/2014/11/04/jamf-software-bushel-apple-device-management/

And to access the Bushel site:

http://www.bushel.com

And some of the writing that are now finding their way onto the Bushel blog:

http://blog.bushel.com

bushel-wordmark-dark@2x

November 18th, 2014

Posted In: Bushel

Tags: , , , , , ,

Next Page »