I recently worked on something where a design requirement was to build a good snapshot restore option but not to use Time Machine backups. You can capture a snapshot of a Mac without enabling Time Machine. To do so, you’d still use the same binary as you would with Time Machine, /usr/bin/tmutil. To do so, simply use the snapshot verb as follows: /usr/bin/tmutil snapshot Once you’ve run that, you get output similar to the following: Created local snapshot with date: 2019-04-12-110248 Now you have a snapshot that can be used to restore a Mac using the steps shown in this article: https://maclovin.org/blog-native/2017/restoring-from-a-snapshot-with-apfs. You can make a snapshot at the provisioning…
-
-
Approve Or Deny GSuite Access For Devices
The Google Directory integration with GSuite allows you to manage which devices have access to GSuite. This allows you to control access based on a variety of factors. Below, you’ll find a Google Cloud Function that is meant to respond to a webhook. This function takes an action to set a device into ‘approve’ or ‘deny’ as a state within Google Directory. Before using the function you’ll want to set CustomerID, ResourceID, and EMAIL_ACCOUNT for your GSuite account before using. To setup a GSuite Account for Google Functions and grab the ResourceID (or JWT), see: https://krypted.com//cloud/setup-google-cloud-functions/ To obtain the customer ID: https://krypted.com//uncategorized/get-your-customerid-from-g-suite/ Once you have all that, you can upload…
-
Manage the Look of Launchpad
You can control the number of columns and rows in LaunchPad. To do so, edit the com.apple.doc defaults domain with the key springboard-rows for the number of rows to display and springboard-columns to control the number of columns displayed. So to set the number of rows LaunchPad will show per screen, send the write verb into defaults for com.apple.dock along with the springboard-rows and an -int of 4: defaults write com.apple.dock springboard-rows -int 4 Likewise, to set columns to 8: defaults write com.apple.dock springboard-columns -int 8 Then just killall for Dock: killall Dock In some cases you will also need to send a resetlaunchpad boolean into com.apple.dock (for TRUE) along…
-
Obtain A List Of Devices or Apps In ZuluDesk Using Bash
The curl command can be used to authenticate to an API using a variety of authentication types such as Bearer, OAuth, Token, and of course Basic. To authenticate to the ZuluDesk API, first create an API token. This is done by logging into ZuluDesk, clicking Organization, then Settings, then API, an then clicking on the Add API Key button. Once you have your API key, your header will look as follows: GET /users HTTP/1.1 User-Agent: curl/7.24.0 X-Server-Protocol-Version: 2 Authorization: Basic YOURTOKENHERExxx000111222== Content-Length: 0 The curl command can do this would be as follows, simply converting these into separate values in the -H or header. The URL provided will do a…
-
MacAdmins: “Walk Softly But Carry A Mac Deploy Stick” with Tim Perfitt
-
Pull iTunes App Categories via Bash
I love bash one-liners. Here’s one it took me a bit to get just right that will pull the Category of an app based on the URL of the app. curl -s 'https://itunes.apple.com/us/app/self-service-mobile/id718509958?mt=8' | grep -Eo '"applicationCategory":.*?[^\\]",' If you don’t already have the URL for an app, it can be obtained via a lookup using curl https://itunes.apple.com/lookup?id=718509958 If you’ll be performing these kinds of operations en masse from within server-side scripting, Apple has a number of programs, including the Affiliate Program, which allow you to do so more gracefully. But as a quick and dirty part of a script, this could solve a need. More importantly, hey, parse some json…
-
Register A Webhook In Jamf Pro
A webhook is a small web trigger that when fired can easily send amount of small json to a web listener. Most modern software solutions support webhooks. They provide an easy way to trigger events from a piece of software to happen in another piece of software. An example of this is when a smart group change happens in Jamf Pro, do something elsewhere. To start, you register a webhook in Jamf Pro by opening an instance of Jamf Pro, clicking on Settings, clicking on Global Management, and then clicking on Webhooks. From the Webhooks screen, click New. At the New Webhook screen, you will see a number of fields.…
-
Change The Default Shell Of Your Mac
You can change the default shell that opens for your user on a Mac. The common shells are /bin/bash, /bin/csh, /bin/ksh, /bin/sh, /bin/tcsh, and /bin/zsh. To set one as the default, use the chsh command with the -s option. For example, to set tchs: chsh -s /bin/tcsh
-
NFS. Not… Dead… Yet…
NFS may just never die. I’ve seen many an xsan covert to NFS-based storage with dedicated pipes and less infrastructure requirements. I’m rarely concerned about debating the merits of technology but usually interested in mapping out a nice workflow despite said merits. So in the beginning… there is rpc. Why? Because before we establish a connection to an nfs share, we first want to check that we can talk to the system hosting it. Do so with rpcinfo: rpcinfo server.pretendco.com Now that we’ve established that we can actually communicate with the system, let’s use the mount command (for more on creating mounts see `man exports`). Here, we’ll mount -t nfs…
-
Limit Upload and Download Streams for Google Drive File Stream on macOS
Google Drive File Stream allows you to access files from Google’s cloud. It’s pretty easy for a lot of our coworkers to saturate our pipes. So you can configure a maximum download and upload speed in kilobytes per second. To do so write a com.google.drivefs.settings defaults domain into /Library/Preferences/com.google.drivefs.settings and use a key of BandwidthRxKBPS for download and BandwidthTxKBPS for upload (downstream and upstream as they refer to them) as follows: defaults write com.google.drivefs.settings BandwidthRxKBPS -int 200 defaults write com.google.drivefs.settings BandwidthTxKBPS -int 200