Weekly News Summary for Admins — 2021-05-28

Less than two weeks to WWDC and we got the macOS Big Sur 11.4 and iOS 14.6 updates with siblings.


(Sponsor: SentinelOne)

Performance vs Security

Apple is inventing new names, new architecture, and new challenges. Here’s why your macOS EDR solution shouldn’t be running under Rosetta 2. Let’s dive in!

Read the blog post


If you think your company or product is a good fit to sponsor this newsletter, please contact me!

Even without the updates this would have been a long summary as we have many interesting posts and updates.

Apple has published a new set of interactive tutorials: Deployment and Management. These look very interesting. I have only been able to briefly skim over it—Apple claims it will take close to 12 hours (!) to work through them all.

The tutorials are based on using Profile Manager in macOS Server, which is… well… They also focus on iOS clients, with very little macOS specific information. But they should still be able to give a good introduction to several concepts and workflows.

Definitely a promising new offering from Apple and I am looking forward to working through this and hope there will be more like this coming for Apple Adminstrators!


If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here! (Same content, delivered to your Inbox once a week.)

News and Opinion

Upcoming Conferences

We have four (!) virtual conferences coming up! Each with a different format and approach, but I am sure all will be interesting.

I will be speaking about “Presenting Online” (very meta) at MacDeployment and about “Packages” at MacDevOps YVR. Looking forward to seeing you there.

(Continually updated list of MacAdmin related conferences.)

macOS and iOS Updates

Guides

(all user guide updates via @Schoun)

Security

(Perma-list of relevant Apple Support pages..)

Reactions

MacAdmins on Twitter

  • mikeymikey: “Hey. You. Vendor for macOS that is trying to rely on python. … you do know that python3 is not -actually- part of macOS, right? Like … it -only- works if the user also has Xcode / the developer command-line tools installed (neither of which are included by default in macOS)”
  • John C. Welch: “If you want to see if a company really cares about details, their installer/uninstaller is the fastest, most reliable thing to check.”

Security and Privacy

Support and HowTos

Scripting and Automation

Apple Support

Updates and Releases

To Watch

To Listen

Just for Fun

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2021-05-21

This is the first sponsored News Summary. Some background: I left my job as a Systems Engineer earlier this year. The plan is to focus more on writing books, freelance consulting, and some other ideas. Whether you like it or not, as a freelancer you have to spend your time on things that make money. Since I want to continue this newsletter, taking on sponsors seemed like a good solution.

I want to have sponsors whose offerings are relevant to MacAdmins and I am really grateful that SentinelOne stepped up to give it a go!


(Sponsor) eBook: macOS Threat Hunting & Incident Response

Here’s a detailed eBook from SentinelOne, covering macOS security, including real examples and step-by-step instructions. An essential read about Threat Hunting and Incident Response.

The eBook is provided for free, you can download your copy here.


Just to clarify: I am not sharing any subscriber information directly with the sponsors. But please follow the links and read their offerings carefully, so that they see the worth of sponsoring here! 😉 I think SentinelOne is starting out with an interesting eBook free offer!

I am also looking forward to more interesting sponsors in the future! (If you think your company or product is a good fit to sponsor this newsletter, please contact me!)

In other MacAdmin news this week: we got the first reviews for the M1 iMac and the iPads Pro. Apple is starting to release news ahead of WWDC. (just a bit over two weeks left.) We got an announcement for lossless and spatial audio in Apple Music and an amazing preview for new features for people with disabilities.

On the system update news: macOS 11.4 and iOS 14.6 have not been released yet, but macOS 11.5 beta and iOS 14.7 beta have been released in the beta channels.


If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

News and Opinion

MacAdmins on Twitter

  • ConfiantIntel: “OSX/Bundlore Loader found (0 detections in VT) compiled for ARM (targeting the new M1 MacBook!) , and notarized by Apple.” (Thread)
  • Nathaniel Strauss: “MDM initiated software update on M1 MacBook Air. Failed twice during download phase. Restarted. Failed at the end of prepare phase. Restarted. Couldn’t get process to run at all. Will not be using MDM software updates in the short term.”
  • Tim Perfitt: “We are pretty much feature complete for MDS 4. Here are the exciting new features.” (Image with text)

Security and Privacy

Support and HowTos

Scripting and Automation

Apple Support

Updates and Releases

To Watch

To Listen

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2021–05–14

No new updates this week. Nevertheless, MacAdmins seem to be taking the time to catch up and get some work done, as we got many interesting posts this week. We also got beta3 for 11.4.

MacDeployment is scheduled for June 1–2 and you can register to attend for free! I will be doing “An Online Presentation on Presenting Online.” I have also updated my conference overview page.


To support this weekly news summary, please consider:

macOS Terminal and Shell Book Cover

macOS Terminal and Shell: 
You have always wanted to ‘learn Terminal,’ right? This book teaches how (and why) to use the command line on macOS. Get it on Apple Books!

(If you have already bought the book, please leave a review on the Apple Books Store. Thank you!)


If you are interested in sponsoring this newsletter, please contact me!

Kandji has commissioned Jason Snell of Six Colors to create an Enterprise Report Card for Apple. This is a chance for Mac Admins to give feedback on how they see Apple.

The deadline to add your score and comments is today May 14, 2021. The results will be compiled to run in early June before WWDC. The contact information is for the survey only and you can choose to remain anonymous.

This is a great chance for MacAdmins to provide some feedback!

📰News and Opinion

🐦MacAdmins on Twitter

  • Rich Trouton: “I learned something usefule about macOS login keychain behavior today: When you’re logged in and open Terminal, your login keychain unlocks for that Terminal session. When you’re connecting to your Mac via SSH and provide your password, your login keychain unlocks for that SSH session. When you’re connecting to your Mac via SSH and are using passwordless login, your login keychain does not unlock for that SSH session. Makes sense, right? No password, no automatic unlock. Still caught me off guard when something I was expecting to work did not work.”
  • Brent Simmons: “Right now is actually a pretty great time for Mac apps. Old faves like BBEdit, NetNewsWire, Acorn, OmniOutliner, and many others are still around — and there are amazing newcomers like Sketch and Nova and plenty of others. The best may be yet to come. :)”
  • Marco Arment: “Instead, what we keep hearing from Apple is ‘You owe us for your entire business, you should be thankful for everything we’ve done for you, we don’t need you, we’re doing you a favor by allowing you, and your apps add absolutely no value to our highly profitable hardware.’” (Thread)
  • Tim Perfitt: “M1 Mac mini arrived! I shall use this thread for my findings.” (Thread)

🔐Security and Privacy

🔨Support and HowTos

🤖Scripting and Automation

🍏Apple Support

♻️Updates and Releases

🎧To Listen

🎈Just for Fun

📚 Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2021-05-07

After the long awaited big updates last week, Apple followed up this week with another, albeit much smaller, update. macOS 11.3.1 et al are security updates for some pretty serious bugs, that may already be exploited.

Less than one month until WWDC!

MacDevOpsYVR has started releasing their speaker list and I am proud to say that I will be doing a 15 minute talk, title ‘The Encyclopedia of Packages.’ You should check out the speaker list, it is very interesting. MacDeployment is now scheduled for June 1-2. I have updated my conference overview page!


To support this weekly news summary, please consider:

macOS Terminal and Shell Book Cover

macOS Terminal and Shell:
You have always wanted to ‘learn Terminal,‘ right? This book teaches how (and why) to use the command line on macOS. Get it on Apple Books!

(If you have already bought the book, please leave a review on the Apple Books Store. Thank you!)


If you are interested in sponsoring this newsletter, please contact me!

Kandji has commissioned Jason Snell of Six Colors to create an Enterprise Report Card for Apple. This is a chance for Mac Admins to give feedback on how they see Apple.

The deadline to add your score and comments is May 14, 2021. The results will be compiled to run in early June before WWDC. The contact information is for the survey only and you can choose to remain anonymous.

This is a great chance for MacAdmins to provide some feedback!

News and Opinion

macOS and iOS Updates

🐦MacAdmins on Twitter

  • Maxwell: “Every system library and framework is in the shared cache, and now there are 4 shared caches in system/library/dyld. x64h, arm, rosetta and x86 for that 1 trash can Mac Pro they still haven’t canned. each about a gig but they compress well.”
  • Craig Hockenberry: “One thing I’ve noticed as of late is Apple locking things down without looking at the bigger picture of how sometimes more security actually makes things less secure. Let me explain…” (Thread)

Security and Privacy

Support and HowTos

Scripting and Automation

Apple Support

Updates and Releases

To Watch

To Listen

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

MacAdmin Support Pages

For the editions of the newsletter that comes out right after a update for macOS or iOS, there are a set of links to Apple Support pages that I include regularly. Apple updates these support pages with new information after an update.

Some of these “What’s New” pages are fairly well hidden in user guides or the developer documentation. The search on Apple’s support page is often not very effective in finding them, so I have built myself a list of links over time.

I have also included links to some support pages that I frequently use or refer others to, as well as some third party links with great reference pages.

Since I plan on updating this list when necessary, I have made a separate page:

MacAdmin Support Pages

I might have missed something or be unaware of some extra useful links, please let me know in the comments, or ping me on Twitter or in the MacAdmins Slack!

Weekly News Summary for Admins — 2021-04-30

Finally!

After a beta phase that seemed longer than the initial macOS Big Sur beta (it wasn’t) we finally got macOS 11.3 this week. And iOS 14.5 and siblings. I am sure you are all already unlocking your iPhone with a mask on and tracking the AirTags you ordered.

Lot’s of information about macOS 11.3 for MacAdmins, which I have gathered here.

Oh yes, and Apple had a another blow-out quarter…


To support this weekly news summary, please consider:

macOS Terminal and Shell Book Cover

macOS Terminal and Shell:
You have always wanted to ‘learn Terminal,‘ right? This book teaches how (and why) to use the command line on macOS. Get it on Apple Books!

(If you have already bought the book, please leave a review on the Apple Books Store. Thank you!)


📰News and Opinion

🌅macOS Big Sur 11.3 and iOS 14.5

Reactions

🐦MacAdmins on Twitter

  • Tim Perfitt: “If you use Terminal, you must use tab completion. Not so you can look fancy or be faster (which is awesome) but because it checks it while you do it and is FAR more accurate.”
  • Tim Perfitt: “Some very interesting findings for installing macOS on an M1 today by @RandomApps. As you may know, we lost the ability to run startosinstall in recovery on an M1. It turns out you can get back almost all the automation with a couple of carefully placed files.” (Thread)

🔐Security and Privacy

🔨Support and HowTos

🤖Scripting and Automation

♻️Updates and Releases

🎧To Listen

📚 Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2021-04-23

The Spring Loaded Apple Event delivered: we got a new podcast app with subscriptions, a purple iPhone, AirTags (for when we all can go out and lose things again), new Apple silicon iMacs, and a new iPad Pro. And the M1 Mac mini silently got a new option for 10GigE.

The new iMac comes in seven colors, very reminiscent of the colored G3 iMacs. It’s specs mostly match the current M1 Macs, with a few differences. The low-end model has only two USB-C/Thunderbolt ports. The higher model has two USB-C/Thunderbolt ports, two USB-c ports, and an Ethernet port in the power brick.

Overall, I consider this a promising update for the iMac. But now that Apple has transitioned all the entry level Macs, I am very curious to see how the ‘Pro’ Macs will transition and am looking forward to WWDC.


To support this weekly news summary, please consider:

macOS Terminal and Shell Book Cover

macOS Terminal and Shell:
You have always wanted to ‘learn Terminal,‘ right? This book teaches how (and why) to use the command line on macOS. Get it on Apple Books!

(If you have already bought the book, please leave a review on the Apple Books Store. Thank you!)


📰News and Opinion

🍏Spring Loaded Event

🐦MacAdmins on Twitter

  • tlark: “So Apple patched the Apache vuln in a Big Sur security patch, but did not list it in the security docs. Apple has not patched it for previous OSes. I only know about this b/c we collect vuln scan data. Anything older than Apache 2.4.46 is vuln” (Thread)

🔐Security and Privacy

🔨Support and HowTos

🤖Scripting and Automation

♻️Updates and Releases

🎧To Listen

🎈Just for Fun

📚 Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Installomator Updated: v0.5

It has been a while, mainly because I was busy with other things, but there finally is a new release version of Installomator!

The reason work has progressed—quite significantly—even though I was distracted is that Søren Theilgaard and Isaac Ordonez have joined the project as conributors. All of the work from 0.4 to 0.5 was from one of them. We ahve some great plans to move this tool forward, as well.

Many of these new app labels have been provided from others, either through GitHub issues, pull requests, or through comments in the #installomator channel on MacAdmins Slack. Thanks to all who contributed.

What’s new in v0.5:

  • Major update and now with help from @Theile and @Isaac
  • Added additional BLOCKING_PROCESS_ACTION handlings
  • Added additional NOTIFY=all. Usuful if used in Self Service, as the user will be notified before download, before install as well as when it is done.
  • Added variable LOGO for icons in dialogs, use LOGO=appstore (or jamf or mosyleb or mosylem or addigy). It’s also possible to set it to a direct path to a specific icon. Default is appstore.
  • Added variable INSTALL that can be set to INSTALL=force if software needs to be installed even though latest version is already installed (it will be a reinstall).
  • Version control now included. The variable appNewVersion in a label can be used to tell what the latest version from the web is. If this is not given, version checking is done after download.
  • For a label that only installs a pkg without an app in it, a variable packageID can be used for version checking.
  • Labels now sorted alphabetically, except for the Microsoft ones (that are at the end of the list). A bunch of new labels added, and lots of them have either been changed or improved (with appNewVersion og packageID).
  • If an app is asked to be closed down, it will now be opened again after the update.
  • If your MDM cannot call a script with parameters, the label can be set in the top of the script.
  • If your MDM is not Jamf Pro, and you need the script to be installed locally on your managed machines, then take a look at Theiles fork. This fork can be called from the MDM using a small script.
  • Script buildCaseStatement.sh to help with creating labels have been improved.
  • Fixed a bug in a variable name that prevented updateTool to be used
  • added type variable for value "updateronly" if the label should only run an updater tool.

And if you are counting, there are now more than 260 application labels in Installomator. However, that number is a bit inflated, because several vendors have multiple downloads for Intel and Apple Silicon apps.

Get the script and find the instructions on the GitHub repo.

If you have any feedback or questions, please join us in the #installomator channel on MacAdmins Slack.

Thanks again to all those who contributed!

(Installomator Icon credit: Mischa van der Bent)

Weekly News Summary for Admins — 2021-04-16

This week Apple finally sent out the invitations for an event next week. The “Spring Loaded” event will take place next week, April 20, at 10am PDT.

Release of iOS 14.5, macOS 11.3, and siblings are likely on or around that day then. We did get an eighth beta this week. Next week should be interesting.


To support this weekly news summary, please consider:

macOS Terminal and Shell Book Cover

macOS Terminal and Shell:
You have always wanted to ‘learn Terminal,‘ right? This book teaches how (and why) to use the command line on macOS. Get it on Apple Books!

(If you have already bought the book, please leave a review on the Apple Books Store. Thank you!)


In other news, Parallels and Docker now have officially released Apple silicon native solutions. Ironically, Parallels cannot (yet?) host macOS Big Sur guest systems, only Windows 10 for ARM (preview) and ARM Linux systems.

The Docker does not come as a Universal download, but as two seperate downloads, which seems a common thing in this transition. Why is it that so many apps are separate downloads in this transition?

📰News and Opinion

🔐Security and Privacy

🔨Support and HowTos

🤖Scripting and Automation

♻️Updates and Releases

📺To Watch

🎧To Listen

🎈Just for Fun

📚 Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Scripting OS X — Weekly News Summary for Admins — 2021-04-09

Another week and no update from Apple. We did get another round of betas (beta7, 20E5229a) for macOS, iOS and siblings.

But we did get an announcement of Apple Tiles… no, wait… third party support for “Find My…” tracking. Apple’s plan to keep releasing something every week continues.


To support this weekly news summary, please consider:

macOS Terminal and Shell Book Cover

macOS Terminal and Shell:
You have always wanted to ‘learn Terminal,‘ right? This book teaches how (and why) to use the command line on macOS. Get it on Apple Books!

(If you have already bought the book, please leave a review on the Apple Books Store. Thank you!)


📰News and Opinion

🐦MacAdmins on Twitter

  • Tim Perfitt: “MDS 4 is coming along. The current build adds a fancy new button.” (Thread)
  • Joel Rennich: “It’s Wednesday… so that means more fun with Single Sign On Extensions! This time we’re doing a bit of an “off-label” use of the SSOE and making it authoritative for a ZTNA service instead of an IdP which lets Xcode use modern auth directly for repos.” (Thread)
  • Kelsey Hightower: “Software isn’t enterprise ready until it has a “contact sales” pricing tier.”

🔐Security and Privacy

🔨Support and HowTos

🤖Scripting and Automation

🍏Apple Support

♻️Updates and Releases

📺To Watch

🎧To Listen

🎈Just for Fun

  • James Thomson: “This isn’t necessarily pretty, but it does work! You can roll dice from an AppleScript, check if they are still rolling, and get the final result. All in a UIKit-based Catalyst app.”

📚 Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book as well!