The planning for ACES Conference 2016 seems to be in full gear. I’ve been slated to speak not on JAMF or Bushel stuff, but on my time in the Apple Consultants Network (ACN) community. One of the biggest challenges we had as we grew, was to responsibly pick vendors that matched with our customer requirements while also allowing us to scale efficiently. If you’re an ACN, this is a great conference for you. Check it out at https://acesconf.com!
-
-
Using the Caching Service Command Line Interface
The Caching Server in OS X Server 5 is pretty simple, right? You open up the server app and then click on the On button and you’re… off… to… the… races… Yup. There are also a few options that you can configure using the Server app. You can configure which IP addresses (or networks) are able to access your server. You can configure where the cache is stored. You can configure the amount of Cached used. And you can clear out that cache. Boom. Including the ON button, you’ve only got 5 things you can do here. Pretty easy. To script kicking off the service as just a proxy that…
-
The Second Edition of the Enterprise Mac Administrator’s Guide Now Available for Pre-Order!
The latest and greatest of the Enterprise Mac Admin’s Guide is now available for Pre-Order at http://www.amazon.com/Enterprise-Mac-Administrators-Guide-Second/dp/1484217055/ref=sr_1_1?s=books&ie=UTF8&qid=1445529968. This is an interesting update. If you happened to see the previous edition, I’d described more about Casper than most of the other third party products on the market. In this edition, there’s still an equal amount of information on Casper, but now there’s also more information on FileWave, and a whole chapter on the open source toolchain of products, including Munki and AutoPKG. The main reason I decided to update this title was actually the change from focusing on directory services (which still has plenty of page count) to focusing on profile management.…
-
The Third Edition of Enterprise Mac Security Now Available For Pre-Order!
The third edition of the Enterprise Mac OS X Security book is now available for pre-order on Amazon at http://www.amazon.com/gp/product/148421711X! Another title with Apress, for this edition I welcome Dan O’Donnell as a coauthor and in addition to modernizing everything, added a lot more on FileVault, signing, iCloud and Apple services. I don’t know how long the editorial process for this book will take, but it’s listed on Amazon with a ship date of December 3rd!
-
Configure Xsan Clients With OS X Server 5 For El Capitan And Yosemite
Yosemite brought Xsan 4, which included a whole new way to add clients to an Xsan. Xsan Admin is gone. From now on, instead of scanning the network using Xsan Admin. we’ll be adding clients using a Configuration Profile. This is actually a much more similar process to adding Xsan clients to a StorNext environment than it is to adding clients to Metadata Controllers running Xsan 3 and below. But instead of making a fsnameservers file, we’re plugging that information into a profile, which will do that work on the client on our behalf. To make the Xsan configuration profile, we’re going to use Profile Manager. With OS X Server 5, this trend…
-
Encrypting OS X Server 5 Volumes In El Capitan
Encrypting a volume in OS X couldn’t be easier. In this article, we will look at three ways to encrypt OS X El Capitan volumes in OS X Server 5. The reason there are three ways is that booted volumes and non-booted volumes have different methods for enabling encryption. Encrypting Attached Storage For non-boot volumes, just control-click or right-click on them and then click on Encrypt “VOLUMENAME” where the name of the volume is in quotes. When prompted, provide an encryption password for the volume, verify that password and if you so choose, provide a hint. Once the encryption process has begun, the entry previously clicked on says Encrypting “VOLUMENAME” where…
-
Run A Web Server On Apache Using OS X Server 5
Web Services in Mac OS X, Mac OS X Server, Linux and most versions of Unix are provided by Apache, an Open Source project that much of the Internet owes its origins to. Apache owes its name to the fact that it’s “a patchy” service. These patches are often mods, or modules. Configuring web services is as easy in OS X Server, running on Yosemite and El Capitan, as it has ever been. To set up the default web portal, simply open the Server app, click on the Websites service and click on the ON button. After a time, the service will start. Once running, click on the View Server Website…
-
OS X Server 5 Logs
OS X running the Server app has a lot of scripts used for enabling services, setting states, changing hostnames and the like. Once upon a time there was a script for OS X Server called server setup. It was a beautiful but too simplistic kind of script. Today, much of that logic has been moved out into more granular scripts, kept in /Applications/Server.app/Contents/ServerRoot/System/Library/ServerSetup, used by the server to perform all kinds of tasks. These scripts are, like a lot of other things in OS X Server. Some of these include the configuration of amavisd, docecot and alerts. These scripts can also be used for migrating services and data. Sometimes the scripts…
-
Use The profiles Command Line In El Capitan
You might be happy to note that other than the ability to interpret new payloads, the profiles command mostly stays the same in El Capitan, from Yosemite. You can still export profiles from Apple Configurator or Profile Manager (or some of the 3rd party MDM tools). You can then install profiles by just opening them and installing. Once profiles are installed on a Mac, mdmclient, a binary located in /usr/libexec will process changes such as wiping a system that has been FileVaulted (note you need to FileVault if you want to wipe an OS X Lion client computer). /System/Library/LaunchDaemons and /System/Library/LaunchAgents has a mdmclient daemon and agent respectively that start…
-
Install A vpptoken In OS X Server 5 for El Capitan and Yosemite
In order to use the Apple Volume Purchase Program, you will need an MDM solution (Profile Manager, Casper, MobileIron, Meraki, FileWave, etc). Also, token options were traditionally for one to one (1:1) environments until iOS 9, which marked a change where you can now leverage per-device licensing. This removes the requirement that you need an Apple ID running on each device that you choose to install apps on. Suddenly, VPP is for multi-tenant environments. You can also use codes and options for iOS 7 and up as well as OS X 10.9 and up, but those will use Apple IDs. Also, if you install your vpptoken on OS X Server and you’re running that…