The talks this year were graphic recorded by the amazing Ashton Rodenhiser (website, twitter). The graphic at the top of this post was made by her while I was presenting.
As always, I had a lot of fun at this conference. Many thanks to the organizers and all the other speakers. Until next year!
The M2 13″ MacBook Pro (the strange left over design with the TouchBar) can be ordered starting today, and the benchmarks look quite amazing. I am waiting for the M2 MacBook Air. I want that shiny midnight blue newness…
If your company or product is a good fit as a sponsor for this news summary, please contact me!
John C. Welch: “For ASOC folks: if you copy /Applications/Xcode.app/Contents/Developer/Library/Xcode/Templates/Project Templates/macOS/Other/AppleScrip App.xctemplate from Xcode 13.x to /Applications/Xcode-beta.app/Contents/Developer/Library/Xcode/Templates/Project Templates/Other/ then you can still create ASOC apps with Xcode 14 beta.”
James Dempsey: “Ah, Xcode Server—you arrived with Xcode 5 as part of OS X Server, then became part of Xcode itself in Xcode 9, and are now deprecated in Xcode 14. Thank you for nine wonderful years of never quite working right for me.”
If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!
WWDC! As usual, we get the previews and betas for the upcoming systems from Apple. Monterey seemed to be a some what quieter “tok”, to Big Sur’s “tik” release, mostly focusing on consolidation and stability. macOS Ventura, iOS 16 and iPadOS 16 look like substantive “tik” releases, full of new features and behaviors.
(Sponsor: Mosyle)
The only Apple Unified Platform for Business
Mosyle is the only solution that fully integrates Enhanced MDM, Endpoint Security, Internet Privacy & Security, Single Sign-On, and Application Management on a single Apple-only platform.
Click here to learn why Mosyle is all you need to work with Apple.
AppleSeed for IT has two documents, the “macOS 13 beta 1 Release Notes” and “What’s new for Enterprise and Education” which also full of useful information for Apple Admins, only some of which was covered in the sessions relevant for admins. (Which I list below.)
Lots to process and test. There will be much feedback to file. Spin up those test devices and VMs!
If you think your company or product is a good fit to sponsor this newsletter, please contact me!
Mr. Macintosh: “Confirmed by @khronokernel on March 8th Apple is following a new Model ID format: DeviceID – Model ID – Description (Product ID); J413AP = Mac14,2 – MacBook Air (M2, 2022); J493AP = Mac14,7 – MacBook Pro (13-inch, M2, 2022)” (All new Macs now get a Model ID of MacXX,Y.)
Bart Reardon: “Two sides of #WWDC22 : Developers: ‘Shiny!’ Admins: ‘WTF DID YOU BREAK'”
Rosyna Keller: “Main new news is that notarization submissions via altool and via the app distribution workflow for non-Mac App Store apps in Xcode 13.x and earlier are deprecated (and slower) and are walking into the sunset in Fall of 2023” (Thread)
John C. Welch: “I honestly think custom, complex, customer created workflows that aren’t created by devs for devs is going to be dead in the Apple world outside of companies like MS and Adobe that can just build that into their apps. Like in two years.” (Thread)
mikeymikey: “There are important implementation changes with macOS 13 with regards to underlying components used routinely in non-consumer managed environments, such as SMB and SCEP For details regarding this, please sign in with AppleSeed for IT and read the IT macOS 13 Beta 1 Release Notes”
If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!
Scheduling my vacation right before WWDC resulted in a big summary. Lots of interesting links that should keep you distracted until the keynote on Monday.
(Sponsor: Mosyle)
The only Apple Unified Platform for Business
Mosyle is the only solution that fully integrates Enhanced MDM, Endpoint Security, Internet Privacy & Security, Single Sign-On, and Application Management on a single Apple-only platform.
Click here to learn why Mosyle is all you need to work with Apple.
WWDC is not the only conference that is imminent. The MacAdmins Campfire Sessions have started this week and will continue for the next few weeks!
You may have noticed this newsletter was not sent out at the usual time. I am still traveling and in different time zones. Next week, I should be back in the normal rhythm, jet lag permitting. And we will have all the news from WWDC. Until then!
Rosyna Keller: “When creating a zip file for submission to the notarization service, make sure to use the ditto command line tool, the Finder, or Archive Utility to create the zip file. The zip command line tool is unfriendly to macOS metadata (especially detached code signatures).”
If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!
With WWDC starting very soon, the MacAdmin conference season ramping up. I keep track of all the major MacAdmin conferences on my conferences page but I thought a summary of where I am going to present might be interesting:
MacDevOps YVR, June 15–17, Online
Yes, it is very disappointing that the uncertainties of the pandemic still make in-person conferences impractical. That said, I really enjoy the online format of MacDevOps YVR. Presentations are held on YouTube with Q&A and “Hallway Track” interactions on Discord. This year, most of the presentations, including my talk on ‘The Encyclopaedia of macOS Automation” will be restricted to 15 minute quick talks, which is an interesting challenge. Registration is still open!
Jamf Nation Live, Munich, Germany, June 23
Not a conference, but close. I will be presenting at the Jamf Nation Live event at the Allianz Arena near Munich on June 24. You will get the privilege of seeing me try to present in German for the first time in 17 years. Registration is still open. There are other Jamf Nation Live events in London (June 10), Amsterdam (June 16), and Paris (June 21).
Jamf Nation User Conference, San Diego, USA, September 27–29
Jamf Nation User Conference (JNUC) is going to be a hybrid event this year. You can choose to attend in person in San Diego, CA or online. Several sessions will be online only but some will be on stage. I am proud that my session on “Use Swift with the Jamf API” has been accepted to be presented on stage. Registration for both in person and online is still open.
The updates for macOS 12.4, iOS 15.5 and all the siblings dropped yesterday. Usually I would gather a list of links for these updates in the news summary on Friday, but since I will be on a vacation break and they will seem stale in two weeks, you will get them now. Enjoy!
Update 2022-05-19: added Apple Business and School Manager User Guides.
We have updated Installomator. This brings Installomator to 465(!) applications! Many thanks to everyone who contributed.
Note: Both Google and Mozilla recommend using the pkg installers instead of the dmg downloads for managed deployments. So far, Installomator has provided labels for both. (googlechrome and googlechromepkgor firefox and firefoxpkg, respectively) Since there are problems with the dmg downloads, a future release of Installomator will disable the firefox and googlechrome dmg labels. You should switch to using the firefoxpkg or googlechromepkg labels instead.
Last week I mentioned that Apple often releases a few things before WWDC, because they don’t fit in the keynote. I should have been careful what I wished for: the iPod touch — the last remnant of the iPod line — is being discontinued.
(Sponsor: Mosyle)
The only Apple Unified Platform for Business
Mosyle is the only solution that fully integrates Enhanced MDM, Endpoint Security, Internet Privacy & Security, Single Sign-On, and Application Management on a single Apple-only platform.
Click here to learn why Mosyle is all you need to work with Apple.
The functionality of the iPod has been assimilated by the iPhone, Apple Watch, HomePod, and AirPods, all of which can now play your Music nearly anywhere, anytime. The iPod may be gone, but the Music lives on.
The news summary will be taking a short vacation break. It will resume in three weeks, on “WWDC Eve”, June 3, with a summary of everything else that happens between now and then. Let’s hope Apple is done with canceling products.
Jack Rhysider: “If you’re in IT, I highly encourage you to write a blog. Here are 17 reasons why you should be blogging.” (Thread, if you start a Mac IT blog, be sure to let me know!)
William Smith: “For Jamf admins, ensure your configuration profiles with the Exchange (macOS) and Exchange ActiveSync (iOS) payloads are set to ‘Use OAuth for authentication’ before the October 1st deadline.”
If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!
The month of May is like “advent for Apple fans.” WWDC is looming in a few weeks. Most of the dust from previous system releases has settled. Things have been fixed, or we have gotten used to the workarounds. Anticipation and dread for the next round of releases is rising. Sometimes, Apple even opens a door or two and releases something which didn’t fit in the keynote.
(Sponsor: Mosyle)
The only Apple Unified Platform for Business
Mosyle is the only solution that fully integrates Enhanced MDM, Endpoint Security, Internet Privacy & Security, Single Sign-On, and Application Management on a single Apple-only platform.
Click here to learn why Mosyle is all you need to work with Apple.
Also the dates and location for this year’s Objective by the Sea were announced: It will go from October 3–7, in Spain, near Barcelona.
As always, I keep a list of conferences, their dates and other important links, such as calls for presentation and session video archives from previous conferences on my conferences page.
tlark: “ATTN MDM vendors. Please take a long good look at Munki, it is what IT admin/eng want. We don’t want complex systems that require GUI clicking. We just reduced our level of effort by ripping out third party app deployment/patching from our MDM and deployed Munki in AWS” (Thread)
If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!
In the last post, we discussed how to run shell commands and scripts from an Apple Script environment. In this post, we will look at how we can run AppleScript commands and scripts from the shell environment.
Open Scripting Architecture
The key to running AppleScript from the shell is the osascript command. OSA is short for ‘Open Scripting Architecture’ which is the framework that powers AppleScript. This framework allows AppleScript to have its native language, but also use JavaScript syntax.
The osascript command allows us to run AppleScript commands from Terminal and shell. The most common use is the user interaction commands from AppleScript, like display dialog:
osascript -e 'display dialog "Hello from shell"'
The -e option tells osascript that it will get one or more lines of statements as arguments. The following argument is AppleScript code. You can have multiple -e options which will work like multiple lines of a single AppleScript:
> osascript -e 'display dialog "Hello from shell"' -e 'button returned of result'
OK
osascript prints the value of the last command to stdout. In this case, it is the label of the button clicked in the dialog. (The ‘Cancel’ button actually causes the AppleScript to abort with an error, so no label will be returned for that.)
When you have multiple lines of script, using multiple -e statements will quickly become cumbersome and unreadable. It is easier to use a heredoc instead:
osascript <<EndOfScript
display dialog "Hello from shell"
return button returned of result
EndOfScript
This also avoids the problem of nested quotation marks and simplifies shell variable substitution.
Shell variables and osascript
There are a few ways to pass data into osascript from the shell.
Since the shell substitutes variables with their value before the command itself is actually executed, this works in a very straightforward manner:
computerName=$(scutil --get ComputerName)
newName=$(osascript -e "text returned of (display dialog \"Enter Computer Name\" default answer \"$computerName\")")
echo "New Name: $newName"
This works well, but because we want to use shell variable substitution for the $computerName, we have to use double quotes for the statement. That means we have to escape the internal AppleScript double quotes and everything starts to look really messy. Using a heredoc, cleans the syntax up:
computerName=$(scutil --get ComputerName)
newName=$(osascript <<EndOfScript
display dialog "Enter Computer Name" default answer "$computerName"
return text returned of result
EndOfScript
)
echo "New name: $newName"
Generally, variable substitution works well, but there are some special characters where it might choke. A user can put double quotes in the computer name. In that case, the above code will choke on the substituted string, since AppleScript believes the double quotes in the name end the string.
If you have to expect to deal with text like this, you can pass data into osascript using environment variables, and using the AppleScript system attribute to retrieve it:
computerName=$(scutil --get ComputerName)
newName=$(COMPUTERNAME="$computerName" osascript <<EndOfScript
set computerName to system attribute "COMPUTERNAME"
display dialog "Enter Computer Name" default answer computerName
return text returned of result
EndOfScript
)
echo "New name: $newName"
The shell syntax
VAR="value" command arg1 arg2...
sets the environment variable VAR for the process command and that command only. It is very useful.
Retrieving environment variables in AppleScript using system attribute is generally a good tool to know.
Interpret this!
osascript can also work as a shebang. That means you can write entire scripts in AppleScript and receive arguments from the shell. For example, this script prints the path to the front most Finder window:
#!/usr/bin/osascript
tell application "Finder"
if (count of windows) is 0 then
set dir to (desktop as alias)
else
set dir to ((target of Finder window 1) as alias)
end if
return POSIX path of dir
end tell
You can save this as a text file and set the executable bit. I usually use the .applescript extension.
To access arguments passed into a script this way, you need to wrap the main code into a run handler:
#!/usr/bin/osascript
on run arguments
if (count of arguments) is 0 then
error 2
end if
return "Hello, " & (item 1 of arguments)
end
You can combine this into a longer script:
macOS Privacy and osascript
When you ran the above script, you may have gotten this dialog:
If you didn’t get this dialog, you must have gotten it at an earlier time and already approved the access.
AppleEvents between applications are controlled by the macOS Privacy architecture. Without this, any process could use AppleEvents to gather all kinds of data from any process. These dialogs are easy enough to deal with when running from Terminal. But if you put your AppleScript code (or shell scripts calling AppleScript) into other apps or solutions, it could get messy quite quickly.
Mac Admins generally want their automations to run without any user interactions. You can avoid these dialogs by creating PPPC (Privacy Preferences Policy Control) profiles that are distributed from an MDM server. In this case you have to pre-approve the application that launches the script, which can sometimes also be challenge. The other option is to find solutions that avoid sending AppleEvents altogether.
Management scripts often run as a privileged user or root. In this case, certain features of AppleScript may behave strangely, or not at all. I generally recommend to run osascript in the user context, as detailed in this post: Running a Command as another User
Conclusion
AppleScript’s bad reputation may be deserved, because its syntax is strange, and often very inconsistent. Nevertheless, it has features which are hard to match with other scripting languages. You can use the strategies from this and the previous posts to combine AppleScript with Shell Scripting and other languages to get the best of both worlds.
