MacSysAdmin 2018 links

October 3, 2018 GregN

Here are some links from my presentation at MacSysAdmin 2018 in Göteborg, Sweden, “Imaging is Dead: What Now?”

Der Flounder, “Imaging will be dead soonish”: https://derflounder.wordpress.com/2017/01/10/imaging-will-be-dead-soon-ish/

AutoDMG: https://github.com/MagerValp/AutoDMG

Imagr: https://github.com/grahamgilbert/imagr

DeployStudio: http://www.deploystudio.com

Apple, “Upgrade macOS on a Mac at your institution”: https://support.apple.com/en-us/HT208020

Apple, “APFS and Imaging”: https://help.apple.com/deployment/macos/#/apd545ec8b69

Apple, “Restore Apple T2 firmware on iMac Pro”: https://help.apple.com/configurator/mac/2.7.1/#/apdebea5be51

Apple, “Restore Apple T2 firmware on 2018 MacBook Pro”: https://help.apple.com/configurator/mac/2.7.1/#/apd0020c3dc2

Apple, “How to create a bootable installer for macOS”: https://support.apple.com/en-us/HT201372

createbootvolfromautonbi.py: https://github.com/munki/macadmin-scripts/blob/master/createbootvolfromautonbi.py

Bootstrappr: https://github.com/munki/bootstrappr

Installr: https://github.com/munki/installr

Erik Gomez, Custom DEP series: http://blog.eriknicolasgomez.com/2017/03/08/Custom-DEP-Part-1-An-Introduction/
http://blog.eriknicolasgomez.com/2017/03/08/Custom-DEP-Part-2-Creating-a-custom-package-and-deploying-Munki/
http://blog.eriknicolasgomez.com/2017/03/08/Custom-DEP-Part-3-Best-Practices/
http://blog.eriknicolasgomez.com/2017/03/08/Custom-DEP-Part-4-The-Future/
http://blog.eriknicolasgomez.com/2017/04/05/Custom-DEP-Part-5-Dynamic-InstallApplication/
http://blog.eriknicolasgomez.com/2017/04/27/Custom-DEP-Part-6-Vendor-Announcement-and-Presentation/
http://blog.eriknicolasgomez.com/2017/07/27/Custom-DEP-Part-7-Getting-started-with-AirWatch-9.1.3/

Victor Vranchan, “Munkiing around with DEP”: https://groob.io/posts/dep-micromdm-munki/

installinstallmacos.py: https://github.com/munki/macadmin-scripts/blob/master/installinstallmacos.py

Armin Briegel, “macOS Installation for Apple Administrators”: https://scriptingosx.com/macos-installation-for-apple-administrators/

Notes on adding support for Dark Mode

August 30, 2018August 31, 2018 GregN1 Comment

This week I added support for macOS Mojave’s new Dark Mode to the GUI apps in Munki: https://github.com/munki/munki/commit/dea412d72e277265bc98dea2b358be5a830739b6

I initially thought adding Dark Mode support would be problematic. Most of the documentation and advice I’d seen seemed to imply that you had to build against the 10.14 SDK to get support for Dark Mode.
Continue reading “Notes on adding support for Dark Mode” →

PSU MacAdmins 2018 Links

July 11, 2018July 11, 2018 GregN

Here are some links from my presentation at the 2018 MacAdmins Conference at Penn State, “Imaging is Dead: Now What?”

Der Flounder, “Imaging will be dead soonish”: https://derflounder.wordpress.com/2017/01/10/imaging-will-be-dead-soon-ish/

AutoDMG: https://github.com/MagerValp/AutoDMG

Imagr: https://github.com/grahamgilbert/imagr

DeployStudio: http://www.deploystudio.com

Apple, “Upgrade macOS on a Mac at your institution”: https://support.apple.com/en-us/HT208020

Apple, “APFS and Imaging”: https://help.apple.com/deployment/macos/#/apd545ec8b69

Apple, “Restoring an iMac Pro with Configurator”: https://help.apple.com/configurator/mac/2.6/index.html?localePath=en.lproj#/apdebea5be51

Apple, “How to create a bootable installer for macOS”: https://support.apple.com/en-us/HT201372

createbootvolfromautonbi.py: https://github.com/munki/macadmin-scripts/blob/master/createbootvolfromautonbi.py

Bootstrappr: https://github.com/munki/bootstrappr

Victor Vranchan, “Munkiing around with DEP”: https://groob.io/posts/dep-micromdm-munki/

Armin Briegel, “macOS Installation for Apple Administrators”: https://scriptingosx.com/macos-installation-for-apple-administrators/

installinstallmacos.py: https://github.com/munki/macadmin-scripts/blob/master/installinstallmacos.py

Unwelcome Apple surprise

April 11, 2018April 11, 2018 GregN

This morning while reviewing new updates on my reposado server I saw this new update:

091-76348   macOS High Sierra                           2018-04-10 []

I didn’t think much of it; various “Install macOS High Sierra” updates have appeared in the softwareupdate catalogs since early in the High Sierra beta cycle: the App Store, when installing the “Install macOS High Sierra” application, downloads resources from these catalogs. (See https://managingosx.wordpress.com/2017/09/26/some-stuff-about-install-macos-high-sierra-app/ for more info).

But then I saw this cry for help on the munki-discuss list: https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/munki-discuss/I9nA-340mO4/KVQTJMEGCgAJ

Apologies if this has been asked and answered already, but we’re in a desperate time crunch. This morning, on the second day of standardized testing for our district, High Sierra is appearing as a “regular update” instead of an App Store option, so naturally MSC offers it:

It appeared that “macOS High Sierra” was being offered as an Apple software update (which Munki was then offering to install).

Continue reading “Unwelcome Apple surprise” →

Updated notes on deploying images to iMac Pro

April 5, 2018April 5, 2018 GregN

A brief update to https://managingosx.wordpress.com/2018/01/25/early-notes-on-deploying-images-to-imac-pro/ :

This is much easier now with 10.13.4, which has updated asr restore to handle some of the tasks needed when restoring an image to iMac Pro.

I still recommend using AutoDMG to generate a deployment image from a 10.13.4 Install macOS High Sierra.app (and optionally your own additional packages).

The one restore workflow I know works is this:

Start up the iMac Pro in Target Disk Mode. Connect it to another Mac running 10.13.4. Make sure that Mac also has an active Internet connection that can reach Apple’s servers.

As root:

asr restore --source osx_updated_180402-10.13.4-17E199.apfs.dmg --target /Volumes/Macintosh\ HD\ 1 --erase

Where --source points to the AutoDMG-generated deployment image, and --target points to the iMac Pro’s internal disk (mounted via Target Disk Mode). The restore session should look something like this:

# asr restore --source osx_updated_180402-10.13.4-17E199.apfs.dmg --target /Volumes/Macintosh\ HD --erase
Validating target...done
Validating source...done
Erase contents of /dev/disk4s1 (/Volumes/Macintosh HD)? [ny]: y
Retrieving scan information...done
Validating sizes...nx_kernel_mount:1359: : checkpoint search: largest xid 72, best xid 72 @ 143
done
Restoring  ....10....20....30....40....50....60....70....80....90....100
Verifying  ....10....20....30....40....50....60....70....80....90....100
Inverting target volume...done
Remounting target volume...done
Personalization over TDM succeeded

and you should have a working macOS 10.13.4 volume on the iMac Pro.

Using Munki to revert or downgrade software

March 15, 2018March 15, 2018 GregN

Introduction

It might come as little surprise to find out that I use Munki in my organization to manage software installations on macOS.

Munki is really good at keeping software up-to-date. Every time it runs, it compares the versions it has on the server against the versions installed on the local machine and updates any software at a lower version than it has on the server.

Its default behavior when an item on the local machine has a higher version than that on the server is to leave it alone. This is great when you have users that for whatever reason need to test newer versions (or perhaps they are actually developing the newer version of the software).

I also use AutoPkg to automate finding new software updates and to import them into my Munki repo. For us, AutoPkg checks on approximately 50 items each day, importing anything new into my Munki repo into a testing catalog.

On Tuesday of this week, Mozilla released Firefox 59. AutoPkg found the new release and imported it into Munki as expected. On Wednesday, I noticed that AutoPkg had imported Firefox 60! I looked at the installed application, and its version was actually 60.0b3. Someone at Mozilla had goofed and pointed the “latest firefox release” link at the 60 beta. Later in the day this goof was remedied and the link once again returned Firefox 59.

But my AutoPkg run had occurred while the Mozilla site was offering 60.0b3, and so it was downloaded and added to my Munki’s repo’s testing catalog. 25 Macs in my organization (including my own laptop) now had Firefox 60.0b3 installed.

(Side note: because of the way Munki does version comparisons, when the final release of Firefox 60 comes out, if it is versioned as “60.0”, Munki would not “upgrade” from 60.0b3 to 60.0 – “60.0b3” compares as higher than “60.0”.)

I wanted to configure Munki to downgrade any install of Firefox 60.0b3 to Firefox 59. Since by default Munki leaves higher versions alone, this is not exactly obvious how to do.

Continue reading “Using Munki to revert or downgrade software” →