I spoke about my experiences with Walmart at the MacSysAdmin 2018 conference.
I was afforded the honor of speaking about my experiences with Walmart at the MacSysAdmin conference this year.
The session video can be viewed here.
A PDF of the slides is available here.
The conference hosted a great many informative presentations by speakers at the top of their profession. Archives for all sessions are available here.
Apple have released updates to macOS High Sierra, macOS Sierra and OS X El Capitan today.
The updates for Sierra and El Capitan include mitigations for the Meltdown and Spectre vulnerabilities.
You can use the information below to search or report on the disposition of your inventory/fleet and read more from Apple.
For more information: About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan
The Mac Admin reader David noted that the preference file and key referenced in Setting A Default Paper Size no longer manages the default paper size setting in OS X v10.9 Mavericks.
The new file is
~/Library/Preferences/org.cups.PrintingPrefs.plist
This makes the new preference domain: org.cups.PrintingPrefs
The Key that governs the preference remains the same: DefaultPaperID
The values remain the same, repeated below for your convenience.
| Paper Size | String |
| US Legal | na-legal |
| US Letter | na-letter |
| A4 | iso-a4 |
| A5 | iso-a5 |
| JIS B5 | jis-b5 |
| B5 | iso-b5 |
| Envelope #10 | na-number-10-envelope |
| Envelope DL | iso-designated-long-envelope |
| Tabloid | tabloid |
| A3 | iso-a3 |
| Tabloid Oversize | arch-b |
| ROC 16K | roc16k |
| Envelope Choukei 3 | cho-3-envelope |
| Super B/A3 | arch-b-extra |
IT staff, and even consumers often want to have a physical bootable install disk for OS X. In OS X Mavericks, Apple have provided a relatively simple command line tool for creating bootable install media.
To create the install media, mount a volume that you would like to use as an install disk. This volume needs to be able to hold at least 5.36 GB of data to house the install media. Note that this volume will be erased and reconfigured as an OS X installer. With the desired volume mounted, open the Terminal application and execute the following command:
sudo /Applications/Install OS X Mavericks.app/Contents/Resources/createinstallmedia --volume /Volumes/TargetVolumeName --applicationpath /Applications/Install OS X Mavericks.app --nointeraction
Replace “TargetVolumeName” with the name of the volume you want to turn into a bootable OS X Mavericks installation disk.
See the screenshot below for the Terminal output from the command above.
A perennial topic of discussion amongst Mac system administrators is which operating system should be deployed to which Mac. There is a mountain of misinformation floating around the community and the Internet on this topic. Here, I hope to set a few things straight.
On any particular Mac, the earliest version of OS X supported by Apple is the version that shipped with the Mac in question. Installing an earlier version of OS X will either fail to install, fail to boot after installation, or cause unexpected issues after boot. Regardless of how well the install goes or whether or not the computer boots, Apple will not support this configuration. Answers to support requests will generally amount to “install the correct operating system”. See the link below for Apple’s notes on this topic and a list of which OS X versions shipped with each Mac computer (note, as of this writing, the chart has not been updated to include 2013 iMac models).
http://support.apple.com/kb/HT1159
It is widely held in the Mac sysadmin community that once Apple releases a new version of OS X, this new version includes the software components necessary to support the new OS X version on earlier hardware.
There are two situations in which this generally applies.
I call this an “open secret” because you will find nothing in Apple’s documentation to support this claim, however it is generally correct. I say “generally correct”, because occasionally it isn’t, particularly when hardware and OS X releases come close together.
The only 100% certain way to ensure an OS X installation is appropriate for and supported on a Mac computer is to use the OS X installer supplied by Apple for the computer in question, which includes a factory-installed Recovery System (Recovery HD) and OS X Internet Recovery. See the link below for Apple’s explanation of OS X Recovery:
http://support.apple.com/kb/HT4718
There are those in the community who, for various reasons, hack new releases of OS X, and insert components from the new release into a previous release in an effort to run an earlier operating system than Apple intended or supports on a particular Mac. The people doing this are clever and deserving of “geek cred”, but I would never recommend using such a hacked distribution in a production environment.
Running a “hacked operating system” may run afoul of the organization’s operating rules either self-imposed or legally required. Even in the absence of such restrictions, my recommendation stands. Vendor support is a key component in service level agreements. If you choose to deploy an OS with unsupported modifications, you are ultimately personally responsible for every system failure. This is not a position I want to be in or that I recommend you place yourself in.
I was recently in a conversation with someone who needed to deploy configuration profiles to OS X clients, but they did not have the ability or authority within their organization to open the network ports required to implement a Mobile Device Management (MDM) solution. This post describes how to install configuration profiles with an installer package.
The first step is to create and export your configuration profile as a .mobileconfig file. These files can be created on a computer running OS X Server, using Profile Manager. For more details on creating and downloading configuration profiles, see Apple’s Profile Manager Help documentation.
Once you have the .mobileconfig file, you’ll want to create a package that will deploy this file to a known location on your client systems. I recommend a folder in the root Library named for your organization such as…
/Library/myOrg
For instructions on creating packages, refer to the documentation for your favorite package building tool. My favorite is Composer.
Simply deploying the .mobileconfig file to this location won’t install it. Apple provides a command line tool called profiles. The profiles command can be used as part of a postinstall script included in the package that deploys the .mobileconfig file. Below, find the two lines to include in this script…
#!/bin/bash
/usr/bin/profiles -I -F "/Library/MyOrganization/Company Wi-Fi.mobileconfig"
If the .mobileconfig profile should be deleted once installed, the following command can be added to a third line in the script…
rm "/Library/MyOrganization/Company Wi-Fi.mobileconfig"
Of course, “/Library/MyOrganization/Company Wi-Fi.mobileconfig” should be replaced in each command with the quoted path to the .mobileconfig file deployed by the package.
I hope this is helpful.
The Mac Admin 