Weekly News Summary for Admins — 2020-07-24

You can’t really tell it from the weather here in the Netherlands, but summer is here!

Summer brings more beta testing: the third beta of the new Apple systems dropped this week. It also brings vacation. This newsletter will be on vacation until late August. As usual, I will keep gathering interesting posts and links and return with a big August summary.

Hope you get to enjoy your summer and vacation. Stay safe!

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

News and Opinion

macOS 11 Big Sur and iOS 14

Coronavirus and Remote Work

MacAdmins on Twitter

  • Rich Trouton: “I’ve bought a share of Jamf stock. Now I can show up at both JNUC and shareholder meetings with my gripes.”

Bugs and Security

Support and HowTos

Scripting and Automation

Updates and Releases

To Watch

To Listen

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-07-17

No summer break yet for MacAdmins. As expected, the updates for macOS Catalina 10.15.6 and iOS 13.6 and siblings were published.

As a big reprieve for MacAdmins, the functionality of softwareupdate --ignore has been re-instated for system software updates, but only when the Mac is supervised (i.e. enrolled in MDM with Automated Deployment or user-approved MDM). This allows MacAdmins to block major updates from being installed or even notified about. This is likely a direct result of all the feedback MacAdmins have passed on to Apple.

However, this reprieve is only temporary because it is not implemented in the macOS Big Sur beta. So, keep providing feedback through all your channels to Apple, that macOS requires a managed means to block software updates for longer than 90 days, preferable indefinitely.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

News and Opinion

macOS 11 Big Sur and iOS 14

macOS Catalina 10.15 and iOS 13 Updates

MacAdmins on Twitter

  • Rosyna Keller: “Please, please don’t normalize right-clicking on your app to get it to run. This is a tactic malware uses to get past Gatekeeper. Screenshot from actual malware. Even after Flash died at the end of this year, this type of social engineering will continue. I hope Adobe runs PSAs.” (Image, thread)

Bugs and Security

Support and HowTos

Scripting and Automation

Apple Documentation

To Listen

Just for Fun

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-07-10

This week brought more reactions to WWDC news regarding macOS 11 Big Sur, iOS 14, and the Apple Silicon transition. Apple released beta 2 for all the above (excluding the DTK), which were later released as the first public beta. We also got GM betas for macOS Catalina 10.15.6 and iOS 13.6. And a new ransomware named EvilQuest, later changed to ThiefQuest.

Busy week.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

WWDC Reactions

News and Opinion

macOS 11 Big Sur and iOS 14

Coronavirus and Remote Work

MacAdmins on Twitter

  • Victor (groob): “Erasing macOS beta 1 in recovery and selecting ”Install macOS“ installs beta2. Neat!”
  • Mr. Macintosh: “Mobile Accounts are treated as Network Accounts in Big Sur Beta 1 & 2. FB7870925 Not that you needed another reason to move to Local Accounts”

Bugs and Security

Support and HowTos

Scripting and Automation

Apple Support

Updates and Releases

To Listen

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-07-03

The week after WWDC: time for opinion and reaction pieces. And time to dig into the betas and find the first bugs and annoying changes.

But Apple hasn’t forgotten the Catalina/iOS 13 updates either. We got new betas for 10.15.6 and iOS 13.6.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

👩🏽‍💻WWDC Reactions

📰News and Opinion

🌅 macOS 11 Big Sur and iOS 14

⚙️macOS Catalina 10.15 and iOS 13 Updates

🐦MacAdmins on Twitter

  • robb: “Because SF Symbols are characters in the Private Use Area, they render just fine in your Terminal”
  • Steve Troughton-Smith: “Now that in-app purchase is available to Family Sharing, there aren’t many reasons at all to use a paid-up-front model (asides enterprise & education distribution). You can also effectively do free trials & paid upgrades w/ IAP. Definitely going to transition all my apps to it”
  • Victor (groob): “I see a lot of macadmins asking Apple to allow enabling screen recording via MDM. I get it, it’s a burden for helpdesk to explain approving Zoom to all your users. But when your manager asks you to spy on your WFH co-workers, how will you respond?” (thread, link)
  • Rico Becker: “Apple has restricted access to ~/Library/Containers/ in Finder on macOS Big Sur. It’s only showing one folder in my case. In Terminal I can see that everything is still there. Any way to reactive the normal behavior?”
  • Carl Ashley: “Munki life hack: Use admin notes in your pkginfo to store either human or machine readable comments indicating if a package has passed OS compatibility testing coughBig Surcough.”

🐞Bugs and Security

🔨Support and HowTos

🤖Scripting and Automation

🎧To Listen

📚 Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-06-26

Phew, it’s really summer here in NL, hot and humid. And it’s been a ‘hot’ week for many other reasons, too.

This news summary took a while and is a bit later than usual… you will see why…

If I missed anything, let me know and I will catch up next week.

macOS 11 Big Sur

The WWDC Keynote didn’t disappoint. iOS 14, iPadOS 14, watchOS 7, the new tvOS, and Xcode 12 are going to be exciting updates.

Unsurprisingly, the transition of the Mac platform to ’Apple Silicon’—an as of yet unspecified custom chipset—was announced. The parallels to the Intel transition announcement in 2005 were obvious and likely entirely intentional. Apple is conveying the message: “we’ve done this before, we know what we are doing.” The Developer Kit contains a the same A12z chip that is used in the iPad Pro, but Apple was adamant that the final production Macs with Apple Silicon will have chips customized for the Mac platform and requirements and not use iPad Pro chips.

The first Apple Silicon Macs are supposed to ship before the end of this year and the transition is supposed tos take two years. Existing Macs with Intel processors will be supported with new versions of macOS for “years to come.”

What was surprising is that Apple finally moved on from the ‘10’ (or ‘X’) version number. After nearly twenty years of ‘ten-dot’ versions (more when you consider Mac OS X Server and the Mac OS X public beta) macOS ‘Big Sur’ is labelled as version 11.0. At least in the marketing material and user facing UI. Internal documentation, APIs and sw_vers use 10.16, but that may still change during the beta phase. macOS 11 Big Sur also has a new user interface design, very similar to iPadOS and iOS.

The new version number and the unified interface language is Apple’s way of telling us, that the time where macOS (Mac OS X) stands somewhat apart from the iOS based platforms is over. macOS will be unified with the other platforms in hardware (Apple Silicon), APIs (Catalyst and SwiftUI), software, and user interface.

Apple is also declaring what they consider the strengths and differences of macOS. “You can continue to install out side of the App Store.” “The Unix tools are important.” “Yes, Terminal is still there.” “Peripherals and external boot.” These and similar phrases have been frequently stated in WWDC sessions this week, including the State of the Union. We are getting assurances that the Mac will remain the Mac, while also being more like its iOS-based siblings. And the information we did get from the in-depth sessions has been supportive of those assurances.

We will have to see how this will actually play out over the “years to come.” But it is encouraging that Apple is addressing and assuaging these concerns.

Fleetsmith acquired by Apple

If all of this weren’t enough, there was another surprise announcement this week. Fleetsmith, developer and vendor of the Mac management system of the same name, was acquired by Apple.

Fleetsmith is well-known for having awesome swag at conferences. They have also been popular with MacAdmins for having a large catalog of third-party applications with up-to-date installers and configuration sets as part of their solution. This meant that admins would not have to manually download, re-package, upload and configure an update for some third-party software, but instead could rely on Fleetsmith to do that work.

Soon after the announcement of the acquisition, all these third-party application disappeared from Fleetsmith. Since the support contains such things as extensions approval and privacy preferences control, which were also removed from the catalog and hence the managed Mac clients, this would break many installations. Remote Access software might have deployed and managed this way, and was now defunct on the client machines, effectively locking out the admins and preventing remote access as a fix. The affected admins now have to re-build the third-party support and configurations manually as custom packages, to make the clients work again.

Third-party support was yanked so unceremoniously probably because hosting and redistributing third-party installers is very complicated, if not outright impossible from a legal standpoint. It has been speculated that this is the reason that Jamf’s Patch Management feature has never lived up to the initial expectations and promises. A small company like Fleetsmith might be able to ‘fly under the radar’ and get away with it, but a larger, rich company like Apple, would not want to take this risk.

Either way, the abrupt way this change was pushed, without any previous warning about the changes of support and features, was handled extremely poorly and rightfully enraged many affected customers. This immediately cast a shadow on a deal that might otherwise have been celebrated or at least been followed with interest.

Apple has been standing on the sidelines of the MDM business. While they do create and sell Profile Manager as part of macOS Server, Profile Manager is usually considered a reference implementation of the MDM protocol only and it is not recommend for production use at scale (any scale, really). Now they are preparing to get more involved by providing their own, professional level MDM based on Fleetsmith’s solution. (One can imagine that there is an AirPower sized, failed ‘Profile Manager 2’ project on some servers at Apple somewhere.)

Apple has started putting some management functionality in Apple Business/School Manager. It is conceivable Apple would want to extend that to a full blown cloud-based MDM solution. But where would such a first-party management solution leave the existing MDM solutions?

There are many features the MDM protocol does not and cannot (yet) provide for Mac management. But a setup like this would relegate the current management system vendors back to local management agents, much like what Munki provides.

This is all speculation at this point of course. This could also be an ‘acquihire’ or Apple could continue Fleetsmith as a semi-independent subsidiary, much like Claris FileMaker, or follow some path in between these extremes.

There were also other MDMs that had news to share this week:
Five years behind, Five years ahead – Victor Vrantchan, MicroMDM
Kolide MDM — For Those That Don’t Need To Be “Managed”

These “years to come” will surely be interesting, as a Mac user and as a MacAdmin.


If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

Apple Newsroom

News and Opinion

WWDC 2020, macOS 11 Big Sur and iOS 14

WWDC Sessions for MacAdmins

Some of these will be released later today. Many of these, thanks to Balmes Pavlov

Apple Developer Documentation

MacAdmins 2020 Campfire Sessions

MacAdmins on Twitter

  • Erik Gomez: “Exciting update for the macadmins/python project: This is the first automated package, driven by GitHub Actions. Thanks to @natewalck we have a signing certificate too! Unsigned, Signed and Raw framework can be downloaded here. ”
  • Damien Sorresso: “If you’re trying to mount the root volume as writeable on macOS Big Sur, here’s some stuff to know.” (thread)
  • Mark Villacampa: “Apple will be contributing patches to widely used open source projects to add support for Apple Silicon”
  • Thomas Reed: “I wonder how many workflows are going to break because macOS is now numbered 11.x instead of 10.x…”
  • Daniel Jalkut: “This caveat is buried deeply enough in the macOS Big Sur release notes that a lot of people are going to be bit by it. Creating a new volume in an existing APFS container had become the de facto best way to install a second OS.”
  • Federico Viticci: “Shortcuts got some very cool updates in iOS/iPadOS 14” (follow link for details and images)
  • Gio: “Xcode 12 creates new repos with main instead of master. Well done Apple”
  • James Thomson: “Looks like you might not be able to access a Big Sur disk under Catalina. Not ideal if you’re dual booting between the two.”
  • Rich Trouton: “For folks wanting to build macOS Big Sur VMs, I’ve updated my script for creating macOS installer disk images for virtualization software. It now will create installer disk images for Sierra through Big Sur beta 1”
  • Mr. Macintosh: “What’s new in managing Apple Devices on Big Sur!” (Thread)
  • Victor (groob): “With macOS 11 MDM can – configure a new User Account – choose to set that account as MDM managed – have flexible securetoken workflows. These changes means that’s it’s finally possible to have 1:1 managed user workflows which are purely MDM/ no network accounts.”
  • Not a Kitteh: “So what differentiates the Mac from the iPad in the future? From the SOTU, Apple says: – flexibility – configurability – external, bootable storage – drivers for peripherals – run any software”
  • Mr. Macintosh: “Big Sur Cryptographically signed system volume: ’”‘Signed system volume that protects against malicious tampering. It also means that your Mac knows the exact layout of your system volume, allowing it to begin software updates in the background’”

Support and HowTos

Scripting and Automation

Updates and Releases

To Watch

To Listen

Just for Fun

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-06-12

WWDC is looming! We got a bit more detail on the schedule for the first day (June 22). over the following week, Apple will release recorded sessions each day at 10am Pacific Time. Talk about an ‘info dump!’ There will also be ‘1–1 Developer labs’ which you can sign up for and new Developer forums (fora?) which go online June 18.

The rumors are running hot with Mark Gurman all but confirming the ARM transition for Macs to happen over the next year, and a new iMac design.

Apple has also announced the demise of iBooks Author and iTunes U. Neither comes as a great surprise, since both have been very much abandoned with only minimal updates over the last few years.

Don’t be concerned about the future of my books. I had already switched to Pages for ‘Moving to zsh’ and the next book I am working on. Once Apple offers the import function, I will move and update the older books to Pages as well. Even so, the existing books in the Apple Books Store will remain there to be bought and read, even after iBooks Author has ‘expired.’

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

News and Opinion

MacAdmins 2020 Campfire Sessions

These are the slides and notes for yesterday’s session. The recorded videos of my and William Smith’s session ‘An Introduction to regex’ will be made available soon.

Last week’s sessions’ recordings are now available:

You can still register for the upcoming sessions. You can see the schedule here.

WWDC 2020

macOS Catalina 10.15 and iOS 13 Updates

MacAdmins on Twitter

  • Mr. Macintosh: “WWDC20 only 2 weeks away! I will be reporting again live with a new 10.16 Need to Know Changes Article. The page will be a perfect bookmark for all the latest info.” (Thread)
  • Seamus Johnson on LinkedIn: “Happy 18th Birthday Jamf!” (read post for more)

Bugs and Security

Support and HowTos

Scripting and Automation

Apple Support

Updates and Releases

To Watch

To Listen

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-08-05

“So, do you think one day robots will have human rights?”

“Perhaps,” the robot said, “but first I want to see all humans have human rights.”

“What do you mean? All humans do have human rights. It’s in the name.”

“Then I first want to see all humans considered human.”

“Oh. Yeah.”

(Micro SF/F stories)

📰News and Opinion

🔥MacAdmins 2020 Campfire Sessions

These are the slides and notes for yesterday’s sessions. The recorded videos will be made available soon.

You can still register for the upcoming sessions. You can see the schedule here. (Yes, that is me presenting next week on “Moving to zsh.”)

⚙️macOS Catalina 10.15 and iOS 13 Updates

🦠Coronavirus and Remote Work

🐦MacAdmins on Twitter

  • Arroz: “macOS supplemental update: 1.59 GB. iOS minor update: 77 MB. It almost seems like someone cared enough to implement an efficient incremental update… for just one of the platforms.”
  • Victor (groob): “Apple should remove package scripts. Rather than removing though, I’d love to see a stricter API. Scripts would be great with an embedded language like starlark.”
  • Darren Wallace: “New Apple Business Manager (only) Terms and Conditions incoming on the 16th June 2020. Must be agreed to continue with Automated Enrolments and Volume Distribution. The updated terms should already be viewable here.
  • Tim Sutton: “Whoever at Apple decided that all of system_profiler’s datatypes arguments should redundantly contain SP and DataType, and that they be case-sensitive..”
  • Eric Holtam: “Any developer that wants to know how to provide release notes see BBEdit. This. This is how you provide release notes.

🐞Bugs and Security

🔨Support and HowTos

🤖Scripting and Automation

♻️Updates and Releases

📺To Watch

🎧To Listen

🎈Just for Fun

📚 Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-05-29

Update week, part 2. macOS Catalina 10.15.5 dropped this week. Among many other changes, it contains an important change to softwareupdate --ignore which seriously affects MacAdmins.

As always, many thanks to those who are providing better update information than Apple. Especially: Mr Macintosh and Howard Oakley.

The conference schedule has been seriously affected by the pandemic. The silver lining here is that with all the conferences. Thanks to the MacDeployment YYC twitter post we have a virtual conference line up:

I will be presenting at at least two of these: a Campfire Session on June 11 on ‘Moving to zsh’ and ‘Practical Scripting’ at MacSysAdmin Online.

MacAD.UK is, as of now, still scheduled to occur in person on November 3 and 4.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

macOS Catalina 10.15 and iOS 13 Updates

Update Information

MacAdmins on Twitter

  • William Smith: “A gift to your future self (and others)… Use shortcuts like -s and -v for command options in your daily Terminal work to save you time and keystrokes. But use the full names of command options in your scripts to better explain what you’re doing.”
  • Tim Perfitt: “I wrote a shell script that gets the DEP record if you give it a Mac serial number. Here is what it does: Puts serial into VMWare image config Starts up VM SSH’es into VM and runs command to print DEP record (ssh keys set up prior) shuts down VM runtime is about 30 secs.”
  • Hannes Juutilainen: “If a folder name ends with .noindex it will not be indexed by Spotlight. And if a folder name ends with .nobackup it will not be included in Time Machine backups.”
  • Joel Rennich: “So… you’d like to find out if your IdP vendor supports Apple’s Single Sign On extensions? All SSOEs need to have an Apple App Site Association file hosted at the endpoint URL that the SSOE wants to be authoritative for.” (Thread)
  • Joel Rennich: “The only publicly available Apple SSO Extension that I’m aware of is Microsoft’s MSAL library with their latest Authenticator app from the App Store. Currently in public preview and only on iOS.”
  • Graham Gilbert: ““Major new releases of macOS are no longer hidden when using the softwareupdate(8) command with the --ignore flag” tldr: if you don’t patch, you’re vulnerable. We’re trying to improve your security. Finally something I agree with, well done @apple” (counterpoint)
  • Simon Carlson-Thies (LinkedIn): “Zoom has a seriously odd way of dealing with preferences…” (link for more)

Bugs and Security

Support and HowTos

Scripting and Automation

Updates and Releases

To Listen

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-05-22

Update week, part 1! iOS 13.5 and siblings have arrived. macOS Catalina 10.15.5 GM was released to seed and beta testers, so probably next week?

I will be talking at the “Virtuele Macbeheerders bijeenkomst” (Virtual MacAdmins Meeting, which you probably could have guessed) about Installomator next week. Warning: other than mine, all sessions will be in Dutch, but they sound very interesting.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

📰News and Opinion

⚙️macOS Catalina 10.15 and iOS 13 Updates

🦠Coronavirus and Remote Work

🐦MacAdmins on Twitter

  • Mactroll: “A heavily contrived, but still fun, example of using a Managed Apple ID with a Single Sign on Extension. A story in a few parts, but first the video…” (Video, thread)
  • Mactroll: “More SSO Extension fun! This time signing into an O365 application, Powerpoint, and activating the subscription.” (video, thread)
  • William Smith: “MacAdmins, support for Microsoft Office 2016 for Mac ends October 13, 2020 (five months). Plan to move to a Microsoft 365 subscription for your organization or upgrade your volume license to Office 2019. Announcement from December 2019
  • Patrick Fergus: “Support for 27 languages in Outlook for iOS being removed at the end of June 2020. Office 365 Message center MC213632.”
  • Jeff Johnson: “This is an interesting chart. 10.15 adoption seems to be significantly lower than 10.14 or 10.13.” (Chart, thread)

🐞Bugs and Security

🔨Support and HowTos

🤖Scripting and Automation

🍏Apple Support

♻️Updates and Releases

📺To Watch

🎧To Listen

🎈Just for Fun

📚 Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-05-15

Lots of security related news with a new thunderbolt exploit (mostly on Windows, but macOS is not entirely unaffected) and a nasty exploit for Acrobat Reader DC.

Many were expecting 10.15.5 to drop this week, but unless it comes on Friday afternoon, we will have to be more patient. But Apple continues to release something new every week, with a new “major” update to Logic Pro X. (What do versions numbers even mean anymore?)

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

#! On Scripting OS X

📰News and Opinion

🦠Coronavirus and Remote Work

🐦MacAdmins on Twitter

🐞Bugs and Security

Macs are fully vulnerable to all of the Thunderbolt security flaws when running Bootcamp, and ‘partly affected’ when running macOS.

🔨Support and HowTos

🤖Scripting and Automation

🍏Apple Support

♻️Updates and Releases

📺To Watch

🎧To Listen

📚 Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!