Managing Microsoft Remote Desktop 10 Bookmarks with handy Jamf Scripts

Microsoft introduced a handy feature in version 10 of their Remote Desktop client with little fanfare; the ability to manage bookmarks, feeds and gateways using the command line. I think it deserves some more attention.

Continue reading “Managing Microsoft Remote Desktop 10 Bookmarks with handy Jamf Scripts”

COVID-19, Folding@home, MacAdmins and You

Coronavirus is wrecking lives throughout the world and scientists are working hard to find ways to fight it. As MacAdmins, we can help. If you’ve seen images of the virus itself, you’ll notice it’s strewn with lots of little “spikes”. Known as the “Demogorgon” (scientists come up with cool names!), these protein structures act like a “key” to unlock our cells, allowing the virus to get inside them and do its work.

I’m no biologist by any means, and these folks explain it way better than I ever could. Understanding how these proteins behave, or “fold” is the key to developing ways to stop them. The Folding@home project has been running for many years and now it’s providing the distributed compute power needed to run simulations that help gain this understanding in the context of COVID-19.

By downloading (and optionally configuring) a client, your Mac (or Macs) can help in the war effort. You can help anonymously, or set up an identity to keep track of your stats (the number of work units you’ve processed and points you’ve gained). You can even join a team where your stats are accumulated with other members’. Folks in the MacAdmins community have stepped up to donate computing resources already. Eric Holtam has created the MacAdmins Folding@home Team, and we have a channel; #foldingathome in the MacAdmins Slack, ready to rock the lockdown.

If you want to get involved:

  1. Join us in the #foldingathome channel on the MacAdmins Slack.
  2. Download and install the client.
  3. Get your passkey.
  4. Join the MacAdmins Team (ID 257618).
  5. Read the rest of this post.
Continue reading “COVID-19, Folding@home, MacAdmins and You”

Uninstalling Adobe Flash Player – in a Flash!

It’s been a while since my last post. That’s because I joined dataJAR as a Systems Engineer in October after 15 years of working at the University of East London. It’s been a huge change and I’m loving every minute. I’m learning a huge amount from a fantastic team of wonderful people as I settle into the new role.

So, we’re approaching a milestone in computing history. All good things must come to an end and love it or hate it, Adobe’s Flash Player is no exception. As we enter a new decade, we say goodbye to this venerable piece of the interwebs, as it goes End of Life later this year.

As an admin, the announcement of Flash Player’s demise a mixed bag. Pleasure/pain, perhaps. Pleasure, in that you won’t have to manage the deployment of updates for one of the most frequently updated software titles ever (weren’t you using Autopkg so you didn’t have to anyway?). Then, as the serotonin wears off, the pain sets in. Because the slow realisation dawns on you; how are you going to automate the removal of this on all the computers you manage? Since it won’t get any more updates, that means any as-yet-undiscovered security vulnerabilities will remain unpatched. So it has to go. And there are a few ways to do the deed…

Continue reading “Uninstalling Adobe Flash Player – in a Flash!”

Adobe Shared Device Licensing – the 90 minute sign-in reminder is dead!

A major pain point of Adobe’s new Shared Device Licensing (SDL) is was a dialog that would appear 90 minutes following sign-in to a Creative Cloud application. This dialog would prompt the user to confirm that they were still themselves, offering the option to sign-out or continue.

It would also interrupt background processing and rendering in applications like After Effects and Premiere Pro. This impacts people in environments where they would quite reasonably leave a video render churning away overnight, for example. I support shared-use video edit suites where students do this.

On 2019-08-23, Adobe announced, via this forum thread, that the infamous dialog is no more! Although the official Shared Device Licensing Deployment Guide is now out of date as it still has an FAQ that mentions it…

Even better, is this appears to apply to installations that pre-date the announcement. I tested it specifically with Premiere Pro 13.1.4 and Photoshop 20.0.4 and an SDL “license only” package I created in July. For those playing at home, the Creative Cloud Desktop App (CCDA) was the current version, having auto-updated itself. I left the applications open for over 90 minutes. The dialog did not appear during app usage or if I closed and re-opened an app. It didn’t come back when opened a different Creative Cloud app either.

Thank you, Adobe!

2015 MacBook Pro battery recall checker script

So this happened. And it’s not good. And now you might be worrying about how many MacBook Pros you manage that may be at risk.

Here’s a script that might help. Feed it a text file containing the serial numbers of all the 2015 MacBook Pros in your fleet and remediate the ones that are “eligible”. Data is output in CSV format, which you could redirect to a file.

How to use it (once you’ve downloaded and made it executable):

./ /path/to/inputfile.txt

To output directly to a CSV file:

./ /path/to/inputfile.txt > /path/to/outputfile.csv

If you can’t see the script in this post (WordPress has issues embedding from GitHub on some mobile platforms), here’s a direct link for you:

# Check a list of serial numbers for eligibility in the 2015 MacBook Pro battery replacement recall
# Returns only eligible serial numbers
# The text file must be formatted with Unix (LF) line breaks
# Usage: /path/to/inputfile.txt
# To output directly to a CSV file: /path/to/inputfile.txt > /path/to/outputfile.csv
# Written by Neil Martin
# With thanks to Nick Tong for his original Jamf EA which gave me the inspiration for this script.
# 2019-06-21
# 2019-06-30 revised to read file directly and avoid problems with filenames containing spaces – thanks to Ben Goodstein.
# Edit the variable below to the filename of your text file containing a list of serial numbers to check
# Do not edit below this line
# Verify the file exists
if [[ ! -e "$file" ]]; then
echo "Serial number list file not found or specified"
echo "Ensure that the filename and path specified are correct"
echo "Script usage: ./ /path/to/file.txt"
exit 1
# Loop through the list and submit data to Apple
while read -r serial || [[ -n "$serial" ]]; do
guid=$(uuidgen | tr "[:upper:]" "[:lower:]")
resp=$(curl -d "$postData" -H "Content-Type: application/json" -X POST "" 2>&1)
if [[ "$resp" == *'"status":"E00"'* ]]; then
echo "$serial,eligible"
elif [[ "$resp" == *'"status":"E01"'* ]]; then
echo "$serial,ineligible"
elif [[ "$resp" == *'"status":"E99"'* ]]; then
echo "$serial,error please recheck"
elif [[ "$resp" == *'"status":"FE01"'* ]]; then
echo "$serial,empty serial"
elif [[ "$resp" == *'"status":"FE02"'* ]]; then
echo "$serial,invalid serial"
elif [[ "$resp" == *'"status":"FE03"'* ]]; then
echo "$serial,error please recheck"
echo "$serial,unknown result please recheck"
done < "$file"
view raw hosted with ❤ by GitHub

Thanks to Nick Tong for the inspiration behind this. He wrote a Jamf Extension Attribute you can use that’ll tell you which MacBooks are eligible for recall the next time they submit inventory.

Customising the Creative Cloud Desktop App – what Adobe doesn’t tell you


That file ^^. If you’ve ever deployed the Adobe Creative Cloud Desktop App (CCDA) or any Adobe application that uses it, you might have come across this little nugget. On macOS it lives in /Library/Application Support/Adobe/OOBE/Configs/ and on Windows it’s in C:\Program Files (x86)\Common Files\Adobe\OOBE\Configs\. This is especially interesting if you wanted to have a bit more control over what’s shown or hidden post-deployment (because sometimes we change our minds).

Ben Toms goes into the gory details here. So do read that if this is something you’re encountering for the first time.

You’ll find there’s more to this once you scratch beneath the surface…

Continue reading “Customising the Creative Cloud Desktop App – what Adobe doesn’t tell you”

Dad Jokes as a (Self) Service (DJaaS?)

There’s a new craze sweeping the community. “Dad jokes”. The special kind of joke that makes you roll your eyes and cringe because it’s so bad, yet at the same time you feel a great wave of embarrassment because you find it funny.

So why am I blogging about this? I have kids, so any new way to annoy them will naturally peak my interest. But what have dad jokes got to do with systems administration? Let’s see…

Continue reading “Dad Jokes as a (Self) Service (DJaaS?)”

The Great Adobe Purge of 2019 – a helping hand with Autopkg

Before we begin…

Read this:

Then read that:

Then realise that the macOS “package” Adobe provides is actually a zip file that contains this lot:

…which means admins need to do work to deliver and run this on our endpoints. 😦

Here are a couple of Autopkg recipes I put together to try and make things a bit easier:

Continue reading “The Great Adobe Purge of 2019 – a helping hand with Autopkg”

MacADUK: Improve your automated MDM enrolments! Resources.

I was lucky enough to share the stage with Joel Rennich at this year’s Apple Admin and Developer Conference UK. We spoke about how to achieve more automation and improve the ways we get Macs enrolled into our MDM solutions. The icing on the cake was a deep dive into some new functionality baked into NoMAD Login AD with the release of version 1.3.0.

Check out the video:

All my slides, documentation, example scripts and other bits and bobs are all available here:

I hope you enjoyed yourself and got something useful to take away. Thanks to the conference organisers and Joel for a great time! 🙂

The Adobe User Sync Tool – I’ve got that “syncing” feeling

At last week’s London Apple Admins meet-up, I spoke about how to get started with the Adobe User Sync Tool (UST). Thanks again to Steve and ThoughtWorks for hosting us and dataJAR for the delicious food and drink!

In my environment, the UST is the core behind automating the process of getting our 30,000-ish directory users up and running with the identities they need to use in the world of Adobe Creative Cloud. With the advent of Shared Device Licensing, this becomes even more important.

Continue reading “The Adobe User Sync Tool – I’ve got that “syncing” feeling”