Apple Archives - Travelling Tech Guy

Jamf acquired Zuludesk!

Jamf Doubles Down in Education, Acquiring ZuluDesk, a Leading Apple Education Technology Solution

Yes, you read that right! Zuludesk is now part of the Jamf family!

Exiting news because, where until recently Jamf and Zuludesk were competitors (read: more specifically in the world of Education), forces have now been combined!

At this moment, I don’t have any additional information to share outside the public press release but I’m sure this acquisition and combined forces will bring an exciting new future for the world of macOS and iOS management!

For now I just wanted to help spreading this awesome news! Stay tuned for more. Exciting times ahead!

PRESS RELEASE

Grtz,
TTG

Script to manage Secure Tokens on macOS 10.14.2+

Just a quick post before heading into the weekend, and leaving Secure Tokens far behind me for a couple of days. I just want to share this attempt to make a script to manage Secure Tokens prior to enabling FileVault.

The idea is to make sure that you have an Administrator Account with a Secure Token in case you want to be able to manipulate the tokens/FileVault later. This is especially important in case you are limiting the end user to creating a non-admin/standard account or using managed mobile accounts at automated enrolment.

Mojave 10.14.2 and Secure Tokens, it works!

macOS 10.14.2 brings a welcome change to our Secure Token saga!

Well, kind off. Not everything but there are some welcome changes!

!!! ALREADY AN UPDATE to what I wrote here -  see comments !!!

Update 2: 9/12/18 - promote the non-admin Secure Token holder. see comments !!!

When I wrote my previous post on Secure Tokens, I mainly focused on enabling FileVault with Configuration Profiles on 10.14.1. The main issue was that if no account on the mac had a Secure Token, the profile would fail to enable FileVault. This due to the fact the first account logging into the Mac has to be a LOCAL Administrator.

This, amongst many other FileVault related issues, caused some concerns for many Mac Sys Admins. Additional bugs on 10.14.1 seemed to make the mayhem complete, leaving many of us in a state wondering if something was expected behaviour, or “a feature”… In all fairness, there were moments where I thought I finally understood how Secure Tokens work, and other moments where I just lost all hope…

Hence my intensive search for a recommended workflow to avoid as much of the issues as possible. I ended up testing almost every scenario with different types of accounts, on both 10.14.1 and 10.14.2.

I had to wait until 10.14.2 came out of beta, but now that 10.14.2 is released, let’s see what this early Filevault Santa bring us!

NoMAD Login AD and DEPNotify

Combining DEPNotify with NoLoAD (Nomad Login AD)

While continuing my journey in finding efficient workflows to manage Secure Tokens and FileVault on Mojave, I side-tracked to testing NoMAD Login AD in combination with DEPNotify.

I’ll come back to which workflow I’m using it for in my next post, but for now, just imagine a more general scenario where you want to create a local account based on AD credentials. But also avoiding the BIND and all its disadvantages (including potential keychain, FileVault and Secure Token issues) and use the power of DEPNotify to inform the user about what’s going on when they login.

NoMAD Login AD is your friend here! Similar to NoMAD Login+ Okta, where you base the account on Okta users. With NoMAD Login AD you benefit from having the local account credentials to be the same as the AD account. A good start for adding Jamf Connect/NoMAD later in the deployment.

Create an iOS Shortcut to create a VM in ESXI

Ok, this one falls under the category ‘just for fun while actually being very handy’: Create an iOS Shortcut to create a VM in ESXI 🙂

When troubleshooting and testing deployments, you need some virtual machines to make your life easy… Snapshotting them before you configure them is of course a smart thing to do, but there are situations where you just need to create a new VM and start over.

I already discussed the methods of creating a ‘DEP capable’, sorry Apple, I mean ‘Automated MDM enrollment capable’, VM on both Parallels and VMWare but what about ESXI? Well I’m not going to spend too much time on this because it’s actually exactly the same as VMWare Fusion!

M	T	W	T	F	S	S
« Jan
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28