The Adobe User Sync Tool – I’ve got that “syncing” feeling

At last week’s London Apple Admins meet-up, I spoke about how to get started with the Adobe User Sync Tool (UST). Thanks again to Steve and ThoughtWorks for hosting us and dataJAR for the delicious food and drink!

In my environment, the UST is the core behind automating the process of getting our 30,000-ish directory users up and running with the identities they need to use in the world of Adobe Creative Cloud. With the advent of Shared Device Licensing, this becomes even more important.

Continue reading “The Adobe User Sync Tool – I’ve got that “syncing” feeling”

Adobe Shared Device Licensing – Answers to questions you probably didn’t want to ask

Shared Device Licensing (which I’ll refer to as SDL from now on) for Adobe Creative Cloud is here! If you want the skinny on it, go check out Mr Mule’s fantastic write up.

So yesterday, it showed up in my Admin Console. Naturally, I spent much of my time mucking about with it, trying out all sorts of experiments to see what the results would be, or if something would break. Here’s an FAQ-style breakdown…

Continue reading “Adobe Shared Device Licensing – Answers to questions you probably didn’t want to ask”

ESET Endpoint Antivirus – Privacy Preferences Policy Control

A quick one – if you’re deploying ESET Endpoint Antivirus or Security to Macs running macOS 10.14.x Mojave, you (or your users!) will have encountered this dialog:

To compound the problem, if you follow the instructions in that dialog and you’re not logged in as a local administrator, you’ll soon hit a roadblock.

This is all part of Apple’s new Privacy Preferences Policy Control (PPPC), or Transparency Consent Control (TCC), depending on what you want to call it. If you’d like to know more about that, check out Carl’s blog post and join the #tcc channel on the MacAdmins Slack.

But what can we do about ESET?

Continue reading “ESET Endpoint Antivirus – Privacy Preferences Policy Control”

Jamf and Product Issues – we’ve got a list!

Nothing in this world is perfect, and the same goes for EMM solutions (and this is fine – we’re only human after all). With Jamf, if you open a support case, it may sometimes end with no resolution, but instead you’re given a PI or D number – which means that an issue or defect has been identified with the product and logged.

Admins generally feel that an aggregated list of these issues is useful to them when they’re troubleshooting certain situations – it’s a good sanity check, for example – e.g. “ahh it’s not just me!”. Continue reading “Jamf and Product Issues – we’ve got a list!”

Hello ESET Endpoint Antivirus! Deployment, management and migrating from SCEP.

Following Microsoft’s announcement that System Centre Endpoint Protection (SCEP) for macOS and Linux is to be discontinued by the end of this year, their recommended migration path is to switch to ESET Cyber Security. In fact, ESET are granting anyone wishing to switch a year’s subscription for free, which is nice.

It’s been difficult to find a central repository of information around how to migrate, what the options are and how to deploy and configure ESET. Things seem to be scattered around forum posts, knowledge base articles, or behind a wall of reverse engineering and poking. So let’s have a look (with a Jamf-twist although these things should be possible with other popular deployment tools)… Continue reading “Hello ESET Endpoint Antivirus! Deployment, management and migrating from SCEP.”

Adobe device licensing and expiry dates and Jamf – Oh my!

It’s all Ben’s fault.

Screen Shot 2018-11-30 at 05.47.04

The problem:

Adobe device license serial numbers have an expiry date. Adobe have the AdobeExpiryCheck command line tool you can run that’ll tell you if you have a device license serial number and what the expiry date is. This tool returns results that look like this:

Screen Shot 2018-11-30 at 05.53.15

That’s a huge load of text and a date that’s in a format we might want to change if we were to say, want to make it useful for our management tool of choice. Oh, and the AdobeExpiryCheck tool comes as a zip file download, so isn’t really mass-deployment friendly, if we want to get it on our entire fleet of computers.

Down the rabbit hole we go. Continue reading “Adobe device licensing and expiry dates and Jamf – Oh my!”

Farewell SCEP!

No, not the certificate thing. Microsoft System Center Endpoint Protection for macOS and Linux, as announced at Microsoft’s Blog. There were rumours of its impending demise on Twitter back in March but nothing concrete from Microsoft until now.

So, no more support after the end of 2018 and definition updates may stop any time after that. There is the mention that you might be able to get ESET Endpoint Security for Mac if you contact your Microsoft TAM. The cost implications, or what it means to “qualify” are unclear.

As far as I know, ESET Endpoint Security for Mac uses a command line tool esets_set which is functionally on par with scep_set. That means my blog posts for managing SCEP (Part 1, Part 2, Part 3, and More Reporting) would probably be relevant for it.

Linux is left with no migration path – so if you manage SCEP on that platform, you’re on your own.

Goodbye SCEP, it was nice knowing you!