Apple added the ability to use Touch ID for sudo on the command line interface back in 2017 with High Sierra.
Since that time there have been numerous scripts published to make enabling this feature easier.
So with apologies to the United States Marine Corps…
This is my script. There are many like it, but this one is mine.
Read on for the details.
Earlier this year Camera Bits consolidated the different Photo Mechanic (PM) versions into a single “All-in-One” download.
The cataloging feature of Photo Mechanic Plus is now simply activated (or not) by the license used to activate the application. (This is exactly how Microsoft handles Office for Mac.)
There are now subscriptions as well as perpetual licenses available which all use the same download.
Thankfully the ability to programmatically activate and deactivate is still there so only a few changes are needed in our Munki scripts.
Read on for the required changes…
MacAdmins have grown accustomed to Microsoft adding new, useful managed preferences to AutoUpdate and Office over the years.
So it comes as a surprise when widely used preferences are removed seemingly on a whim with no warning.
Recently I’ve written about two unexpected changes to Microsoft AutoUpdate (MAU):
Yesterday a member in the MacAdmins Slack spotted a new Microsoft document that contains even more changes to MAU preferences.
Read on for a little commentary plus what I think are the most noteworthy changes…
Version 4.70 of Microsoft AutoUpdate for Mac, released this week, brought an unexpected change to the Required Data Notice dialog.
I originally wrote about how to disable this dialog back in July 2019.
• Disabling Microsoft AutoUpdate’s new Required Data Notice in managed environments
This week’s change caught many MacAdmins by surprise but thankfully the cause and solution were quickly found by collaboration in Slack.
Read on for the details and solution…
macOS 14.4 includes a change that has the potential to impact a number of MacAdmins.
For the past couple years, launchctl kickstart has been widely used in an attempt to fix stuck macOS processes.
This first use came to prominence in relation to softwareupdate but more recently has been used for mdmclient as well.
MDM vendor Addigy even released a free tool, MDM Watchdog that uses kickstart to attempt to automatically remediate these issues.
Read on for details on why this might not work going forward.
Microsoft began offering curated deferral channels for AutoUpdate a little over two years ago. These feeds allowed MacAdmins to delay updates to Office apps for a set number of days, without having to run a custom manifest server themselves.
Unfortunately these deferral channels have recently stopped working, leaving many MacAdmins scrambling to adjust.
Thankfully the community has engaged Microsoft and have pushed for a solution.
Read on for the details on why this happened and how to adjust your configuration.
Munki has been a staple management tool for many MacAdmins for a decade.
However in recent releases of macOS, Munki needs to be granted Privacy Preferences Policy Control permissions to access certain disk locations or update some apps.
Thankfully this has become very easy in the past year thanks to the MacAdmins community.
Read on for details and an example configuration profile.
Apple released macOS 14 Sonoma this week, and on top of the numerous consumer facing features, there are also a number of interest to MacAdmins.
• What’s new for enterprise in macOS Sonoma
While there are many improvements to features like Declarative Device Management (DDM) and MDM, one of the most interesting to me only got a short mention with no details.
Automated Device Enrollment can be enforced after Setup Assistant.
This feature, which I’m calling Retroactive Automated Device Enrollment, was announced during WWDC and I extensively tested it during the beta cycles.
I think there is some amazing potential here. Read on for details…
We are always looking for ways to reduce friction for end users. Our job in IT is to empower users to get their work done with as few technological distractions as possible.
Many times Apple makes this harder due to features or functionality in macOS. One such example is Keyboard Setup Assistant (KSA) which automatically launches anytime a new input device is detected.
While this is very helpful for consumers who have purchased a new peripheral; in a corporate setting it can be an annoyance multiplied thousands of times over.
YubiKeys present to macOS as keyboards and trigger KSA. When rolling them out we decided to use a Munki NoPkg to save our co-workers from having to dismiss this useless dialog.
Read on for the details…
MunkiReport 5.8 was released today and primarily includes compatibility with Python 3 and PHP 8.
Just like last year’s release of 5.7, this new version of MunkiReport requires admins to deploy a specific Python package to clients before updating.
It will also likely require a coordinated update on your web server to enable PHP 8.
Read on for the details…