Dad Jokes as a (Self) Service (DJaaS?)

There’s a new craze sweeping the community. “Dad jokes”. The special kind of joke that makes you roll your eyes and cringe because it’s so bad, yet at the same time you feel a great wave of embarrassment because you find it funny.

So why am I blogging about this? I have kids, so any new way to annoy them will naturally peak my interest. But what have dad jokes got to do with systems administration? Let’s see…

Continue reading “Dad Jokes as a (Self) Service (DJaaS?)”

The Great Adobe Purge of 2019 – a helping hand with Autopkg

Before we begin…

Read this:

Then read that:

Then realise that the macOS “package” Adobe provides is actually a zip file that contains this lot:

…which means admins need to do work to deliver and run this on our endpoints. 😦

Here are a couple of Autopkg recipes I put together to try and make things a bit easier:

Continue reading “The Great Adobe Purge of 2019 – a helping hand with Autopkg”

MacADUK: Improve your automated MDM enrolments! Resources.

I was lucky enough to share the stage with Joel Rennich at this year’s Apple Admin and Developer Conference UK. We spoke about how to achieve more automation and improve the ways we get Macs enrolled into our MDM solutions. The icing on the cake was a deep dive into some new functionality baked into NoMAD Login AD with the release of version 1.3.0.

Check out the video:

All my slides, documentation, example scripts and other bits and bobs are all available here:

I hope you enjoyed yourself and got something useful to take away. Thanks to the conference organisers and Joel for a great time! 🙂

The Adobe User Sync Tool – I’ve got that “syncing” feeling

At last week’s London Apple Admins meet-up, I spoke about how to get started with the Adobe User Sync Tool (UST). Thanks again to Steve and ThoughtWorks for hosting us and dataJAR for the delicious food and drink!

In my environment, the UST is the core behind automating the process of getting our 30,000-ish directory users up and running with the identities they need to use in the world of Adobe Creative Cloud. With the advent of Shared Device Licensing, this becomes even more important.

Continue reading “The Adobe User Sync Tool – I’ve got that “syncing” feeling”

Adobe Shared Device Licensing – Answers to questions you probably didn’t want to ask

Shared Device Licensing (which I’ll refer to as SDL from now on) for Adobe Creative Cloud is here! If you want the skinny on it, go check out Mr Mule’s fantastic write up.

So yesterday, it showed up in my Admin Console. Naturally, I spent much of my time mucking about with it, trying out all sorts of experiments to see what the results would be, or if something would break. Here’s an FAQ-style breakdown…

Continue reading “Adobe Shared Device Licensing – Answers to questions you probably didn’t want to ask”

ESET Endpoint Antivirus – Privacy Preferences Policy Control

A quick one – if you’re deploying ESET Endpoint Antivirus or Security to Macs running macOS 10.14.x Mojave, you (or your users!) will have encountered this dialog:

To compound the problem, if you follow the instructions in that dialog and you’re not logged in as a local administrator, you’ll soon hit a roadblock.

This is all part of Apple’s new Privacy Preferences Policy Control (PPPC), or Transparency Consent Control (TCC), depending on what you want to call it. If you’d like to know more about that, check out Carl’s blog post and join the #tcc channel on the MacAdmins Slack.

But what can we do about ESET?

Continue reading “ESET Endpoint Antivirus – Privacy Preferences Policy Control”

Jamf and Product Issues – we’ve got a list!

Nothing in this world is perfect, and the same goes for EMM solutions (and this is fine – we’re only human after all). With Jamf, if you open a support case, it may sometimes end with no resolution, but instead you’re given a PI or D number – which means that an issue or defect has been identified with the product and logged.

Admins generally feel that an aggregated list of these issues is useful to them when they’re troubleshooting certain situations – it’s a good sanity check, for example – e.g. “ahh it’s not just me!”. Continue reading “Jamf and Product Issues – we’ve got a list!”

Hello ESET Endpoint Antivirus! Deployment, management and migrating from SCEP.

Following Microsoft’s announcement that System Centre Endpoint Protection (SCEP) for macOS and Linux is to be discontinued by the end of this year, their recommended migration path is to switch to ESET Cyber Security. In fact, ESET are granting anyone wishing to switch a year’s subscription for free, which is nice.

It’s been difficult to find a central repository of information around how to migrate, what the options are and how to deploy and configure ESET. Things seem to be scattered around forum posts, knowledge base articles, or behind a wall of reverse engineering and poking. So let’s have a look (with a Jamf-twist although these things should be possible with other popular deployment tools)… Continue reading “Hello ESET Endpoint Antivirus! Deployment, management and migrating from SCEP.”

Adobe device licensing and expiry dates and Jamf – Oh my!

It’s all Ben’s fault.

Screen Shot 2018-11-30 at 05.47.04

The problem:

Adobe device license serial numbers have an expiry date. Adobe have the AdobeExpiryCheck command line tool you can run that’ll tell you if you have a device license serial number and what the expiry date is. This tool returns results that look like this:

Screen Shot 2018-11-30 at 05.53.15

That’s a huge load of text and a date that’s in a format we might want to change if we were to say, want to make it useful for our management tool of choice. Oh, and the AdobeExpiryCheck tool comes as a zip file download, so isn’t really mass-deployment friendly, if we want to get it on our entire fleet of computers.

Down the rabbit hole we go. Continue reading “Adobe device licensing and expiry dates and Jamf – Oh my!”

Farewell SCEP!

No, not the certificate thing. Microsoft System Center Endpoint Protection for macOS and Linux, as announced at Microsoft’s Blog. There were rumours of its impending demise on Twitter back in March but nothing concrete from Microsoft until now.

So, no more support after the end of 2018 and definition updates may stop any time after that. There is the mention that you might be able to get ESET Endpoint Security for Mac if you contact your Microsoft TAM. The cost implications, or what it means to “qualify” are unclear.

As far as I know, ESET Endpoint Security for Mac uses a command line tool esets_set which is functionally on par with scep_set. That means my blog posts for managing SCEP (Part 1, Part 2, Part 3, and More Reporting) would probably be relevant for it.

Linux is left with no migration path – so if you manage SCEP on that platform, you’re on your own.

Goodbye SCEP, it was nice knowing you!