Weekly News Summary for Admins — 2020-06-26

Phew, it’s really summer here in NL, hot and humid. And it’s been a ‘hot’ week for many other reasons, too.

This news summary took a while and is a bit later than usual… you will see why…

If I missed anything, let me know and I will catch up next week.

macOS 11 Big Sur

The WWDC Keynote didn’t disappoint. iOS 14, iPadOS 14, watchOS 7, the new tvOS, and Xcode 12 are going to be exciting updates.

Unsurprisingly, the transition of the Mac platform to ’Apple Silicon’—an as of yet unspecified custom chipset—was announced. The parallels to the Intel transition announcement in 2005 were obvious and likely entirely intentional. Apple is conveying the message: “we’ve done this before, we know what we are doing.” The Developer Kit contains a the same A12z chip that is used in the iPad Pro, but Apple was adamant that the final production Macs with Apple Silicon will have chips customized for the Mac platform and requirements and not use iPad Pro chips.

The first Apple Silicon Macs are supposed to ship before the end of this year and the transition is supposed tos take two years. Existing Macs with Intel processors will be supported with new versions of macOS for “years to come.”

What was surprising is that Apple finally moved on from the ‘10’ (or ‘X’) version number. After nearly twenty years of ‘ten-dot’ versions (more when you consider Mac OS X Server and the Mac OS X public beta) macOS ‘Big Sur’ is labelled as version 11.0. At least in the marketing material and user facing UI. Internal documentation, APIs and sw_vers use 10.16, but that may still change during the beta phase. macOS 11 Big Sur also has a new user interface design, very similar to iPadOS and iOS.

The new version number and the unified interface language is Apple’s way of telling us, that the time where macOS (Mac OS X) stands somewhat apart from the iOS based platforms is over. macOS will be unified with the other platforms in hardware (Apple Silicon), APIs (Catalyst and SwiftUI), software, and user interface.

Apple is also declaring what they consider the strengths and differences of macOS. “You can continue to install out side of the App Store.” “The Unix tools are important.” “Yes, Terminal is still there.” “Peripherals and external boot.” These and similar phrases have been frequently stated in WWDC sessions this week, including the State of the Union. We are getting assurances that the Mac will remain the Mac, while also being more like its iOS-based siblings. And the information we did get from the in-depth sessions has been supportive of those assurances.

We will have to see how this will actually play out over the “years to come.” But it is encouraging that Apple is addressing and assuaging these concerns.

Fleetsmith acquired by Apple

If all of this weren’t enough, there was another surprise announcement this week. Fleetsmith, developer and vendor of the Mac management system of the same name, was acquired by Apple.

Fleetsmith is well-known for having awesome swag at conferences. They have also been popular with MacAdmins for having a large catalog of third-party applications with up-to-date installers and configuration sets as part of their solution. This meant that admins would not have to manually download, re-package, upload and configure an update for some third-party software, but instead could rely on Fleetsmith to do that work.

Soon after the announcement of the acquisition, all these third-party application disappeared from Fleetsmith. Since the support contains such things as extensions approval and privacy preferences control, which were also removed from the catalog and hence the managed Mac clients, this would break many installations. Remote Access software might have deployed and managed this way, and was now defunct on the client machines, effectively locking out the admins and preventing remote access as a fix. The affected admins now have to re-build the third-party support and configurations manually as custom packages, to make the clients work again.

Third-party support was yanked so unceremoniously probably because hosting and redistributing third-party installers is very complicated, if not outright impossible from a legal standpoint. It has been speculated that this is the reason that Jamf’s Patch Management feature has never lived up to the initial expectations and promises. A small company like Fleetsmith might be able to ‘fly under the radar’ and get away with it, but a larger, rich company like Apple, would not want to take this risk.

Either way, the abrupt way this change was pushed, without any previous warning about the changes of support and features, was handled extremely poorly and rightfully enraged many affected customers. This immediately cast a shadow on a deal that might otherwise have been celebrated or at least been followed with interest.

Apple has been standing on the sidelines of the MDM business. While they do create and sell Profile Manager as part of macOS Server, Profile Manager is usually considered a reference implementation of the MDM protocol only and it is not recommend for production use at scale (any scale, really). Now they are preparing to get more involved by providing their own, professional level MDM based on Fleetsmith’s solution. (One can imagine that there is an AirPower sized, failed ‘Profile Manager 2’ project on some servers at Apple somewhere.)

Apple has started putting some management functionality in Apple Business/School Manager. It is conceivable Apple would want to extend that to a full blown cloud-based MDM solution. But where would such a first-party management solution leave the existing MDM solutions?

There are many features the MDM protocol does not and cannot (yet) provide for Mac management. But a setup like this would relegate the current management system vendors back to local management agents, much like what Munki provides.

This is all speculation at this point of course. This could also be an ‘acquihire’ or Apple could continue Fleetsmith as a semi-independent subsidiary, much like Claris FileMaker, or follow some path in between these extremes.

There were also other MDMs that had news to share this week:
Five years behind, Five years ahead – Victor Vrantchan, MicroMDM
Kolide MDM — For Those That Don’t Need To Be “Managed”

These “years to come” will surely be interesting, as a Mac user and as a MacAdmin.


If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

Apple Newsroom

News and Opinion

WWDC 2020, macOS 11 Big Sur and iOS 14

WWDC Sessions for MacAdmins

Some of these will be released later today. Many of these, thanks to Balmes Pavlov

Apple Developer Documentation

MacAdmins 2020 Campfire Sessions

MacAdmins on Twitter

  • Erik Gomez: “Exciting update for the macadmins/python project: This is the first automated package, driven by GitHub Actions. Thanks to @natewalck we have a signing certificate too! Unsigned, Signed and Raw framework can be downloaded here. ”
  • Damien Sorresso: “If you’re trying to mount the root volume as writeable on macOS Big Sur, here’s some stuff to know.” (thread)
  • Mark Villacampa: “Apple will be contributing patches to widely used open source projects to add support for Apple Silicon”
  • Thomas Reed: “I wonder how many workflows are going to break because macOS is now numbered 11.x instead of 10.x…”
  • Daniel Jalkut: “This caveat is buried deeply enough in the macOS Big Sur release notes that a lot of people are going to be bit by it. Creating a new volume in an existing APFS container had become the de facto best way to install a second OS.”
  • Federico Viticci: “Shortcuts got some very cool updates in iOS/iPadOS 14” (follow link for details and images)
  • Gio: “Xcode 12 creates new repos with main instead of master. Well done Apple”
  • James Thomson: “Looks like you might not be able to access a Big Sur disk under Catalina. Not ideal if you’re dual booting between the two.”
  • Rich Trouton: “For folks wanting to build macOS Big Sur VMs, I’ve updated my script for creating macOS installer disk images for virtualization software. It now will create installer disk images for Sierra through Big Sur beta 1”
  • Mr. Macintosh: “What’s new in managing Apple Devices on Big Sur!” (Thread)
  • Victor (groob): “With macOS 11 MDM can – configure a new User Account – choose to set that account as MDM managed – have flexible securetoken workflows. These changes means that’s it’s finally possible to have 1:1 managed user workflows which are purely MDM/ no network accounts.”
  • Not a Kitteh: “So what differentiates the Mac from the iPad in the future? From the SOTU, Apple says: – flexibility – configurability – external, bootable storage – drivers for peripherals – run any software”
  • Mr. Macintosh: “Big Sur Cryptographically signed system volume: ’”‘Signed system volume that protects against malicious tampering. It also means that your Mac knows the exact layout of your system volume, allowing it to begin software updates in the background’”

Support and HowTos

Scripting and Automation

Updates and Releases

To Watch

To Listen

Just for Fun

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.