• Articles and Books,  iPhone,  Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment,  public speaking

    MacSysAdmin 2012!

    May 7, 2012

    MacSysAdmin has quickly become one of my favorite conferences to attend. I love the high level of technical acumen and the chance to row a canoe from Minneapolis to Gothenburg, Sweden, which is a serious workout, let me tell you! The 2012 lineup boasts one of the politest guys I know in Arek Dreyer, my coworker Zack Smith, Andrew Renz (of Code 42/CrashPlan fame), the well dressed (and spoken) Ed Marczak, the great Greg Neagle (Munki/Repasado/awesome guy), Alan Gordon’s alter-ego Alan Gordon, the JAMFerific Andrina Kelly, the ostentatious Duncan McCracken, Rick Wylie, Gary Larizza, Luis Giraldo in all his wireless awesomeness, Sébastien Tomasi (representing the file set goodness that is…

    Read More
  • Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    WWDC Tickets On Sale

    April 25, 2012

    Apple has put tickets on sale for the WorldWide Developer Conference, from June 11th to June 15th in San Francisco’s Moscone Center. Last year, the conference sold out really quickly, so might want to jump on buying tickets if you want to go. One thing can be pretty easily assumed, there will be plenty of talk about Mountain Lion (and maybe a new beta/DP as well).

    Read More
  • Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Moving Managed Preferences to Profiles

    April 6, 2012

    If you’ve been following my postings for the past few weeks you may have noticed that I’m putting the pieces together for a strategy to transition existing managed preferences in environments to profiles, most notably those managed using Lion Server’s Profile Manager as more than just a mobile device management tool, but also as a computer management tool. To put the articles into a bit more order, let’s look at the order that you’d likely use them to actually do an integration: If needed, upgrade any existing Open Directory deployments to Lion: https://krypted.com//mac-os-x/upgrading-open-directory-from-snow-leopard-server-to-lion-server Start off with getting Profile Manager installed (Part 1): https://krypted.com//iphone/setting-up-profile-manager-in-lion-server Then integrate Profile Manager with your internal directory…

    Read More
  • Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Automating Profile Manager Enrollment Through DeployStudio

    April 4, 2012

    When planning to migrate from managed preferences to profiles, one of the important aspects to consider is automated enrollment. One of the more important aspects of automating a traditional managed preferences environment is to automate the binding to directory services. You do not bind to Profile Manager; however, you do enroll devices. Much like binding computers to Lion Server’s Open Directory (by default), certificates and host names are important aspects of the enrollment process. Much as with local managed preferences, management via profiles can be done through the command line and without any involvement from a centralized source. I had written an article awhile back on using profiles from the…

    Read More
  • iPhone,  Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Integrating Mac OS X Lion Server's Profile Manager With Active Directory

    April 3, 2012

    Over the years, the terms Magic, Golden, Triangle, Augments, Directory, Domains and Active have given the administrators of Mac OS X environments fits. So when you think about using Active Directory to manage iOS devices through the Profile Manager service, built into Lion Server, you may think that it’s a complicated thing to piece together. You may remember those days when you had to manually craft service principals because xgrid wouldn’t play nice with Acive Directory, or you might think of twisting augmented records to support CalDAV. But you’re gonna’ have to forget all that, ’cause getting Profile Manager to talk to Active Directory is one of the easiest things…

    Read More
  • Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Disable AutoUpdates in Google Chrome

    April 1, 2012

    More and more deployments seem to come with sending Google Chrome out to client systems. Chrome is yet another application with built-in updating to make the process of owning software a bit less tedious for end users. However, in large deployments, we usually need to disable such a feature. Given how talented they are, the Googlers that built the automatic updaters went ahead and showed great foresight and made it easy to disable. Simply set the checkInterval key in com.google.Keystone.Agent to 0, done using defaults here: defaults write com.google.Keystone.Agent checkInterval 0 Once disabled, use defaults to set the checkInterval key to how frequently you’d like the check to run (in…

    Read More
  • iPhone,  Mac OS X Server,  Mass Deployment

    Talking A Look Under Apple Configurator's Hood

    March 28, 2012

    Apple Configurator has now been in my grubby hands long enough for me to start looking at it a little deeper than I did in the introductory article I did awhile back. Architecturally, Apple Configurator keeps its data in ~/Library/Application Support/com.apple.configurator. Here, you’ll find a directory called IPSWs, another called Resources, file called AppleConfigurator.storedata and another called Users.storedata. The IPSWs directory is where operating system versions, per model of iOS are stored. These look something like iPad2,1_5.1_9B176_Restore.ipsw, which is iOS 5.1 for a standard iPad 2. iPad 1, the retina display iPad, as well as each iPod Touch and iPhone 4 each have their own entry as well. The IPSWs…

    Read More
  • iPhone,  Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Using Payload Variables in Profile Manager

    March 26, 2012

    Profile Manager allows you to leave certain fields that are user-centric blank and it will prompt at the time that the profile is installed for the blank information. These are usually user-centric fields, such as short name and password. You can also create a profile in Profile Manager for each user you want to setup mail, Exchange, iCal, Address Book and other services that are tied to a specific user. You can enter the username for each and leave the password blank and the user will be prompted for the password but have the username filled in. And then there are payload variables. Note: Before we get started on Payload…

    Read More