Information and registration for MacSysAdmin 2016 is available:
http://macsysadmin.se/2016/Home.html
October 4-7, 2016 in Gothenburg, Sweden, MacSysAdmin continues to be a fantastic event for the Mac admin community. I highly recommend it!
Adobe
Flash Player 20 and Analytics
Flash Player was a frequent topic on this blog in the past. But Adobe has improved its packaging, and tools like AutoPkg have taken away much of the pain around deploying frequent Flash Player updates.
Yesterday, Adobe released Flash Player 20. A new addition is an executable at /Library/Application Support/Adobe/FPFeedbackService. Poking at this executable using strings makes it clear the tool reports analytics back to Adobe.
Some fine people on the MacAdmins Slack channel poked at it some more with Hopper and determined it can be turned off by adding DisableAnalytics=1 to a configuration file at /Library/Application Support/Macromedia/mms.cfg.
If you wish to disable Flash analytics in your fleet, then, one approach would be to install a properly configured mms.cfg file. The https://github.com/munki/munki-pkg-projects repo has a project you can use to build such a package: https://github.com/munki/munki-pkg-projects/tree/master/AdobeFlashConfiguration
The AdobeFlashConfiguration project is designed for use with the munki-pkg tool.
More info on Flash analytics here: https://osxbytes.wordpress.com/2015/12/09/flash-player-20-0-0-235-adds-phone-home-analytics/
XProtect Updater Redux
In the past 24 hours, Apple has released an update to the XProtect malware definitions. If your Macs have received the latest XProtect definitions, Adobe Flash Player will be blocked unless it is the version current as of yesterday (11.5.502.149).
If you have already updated your clients to that version of the Flash Player, good for you!
If you don’t want to be surprised by this sort of thing and have to scramble to address it, might I point you here?
Adobe reserialization tool
Fix for Adobe CS6 activation issue
Adobe has posted some information and a fix for the recent issue with Adobe Photoshop CS6 registration/activations:
http://blogs.adobe.com/oobe/2013/01/32767-days-left-but-whos-counting.html
This issue appears to have been triggered by the Photoshop CS6 13.0.2 and/or 13.0.3 updates. The official recommendation on a fix is to update Photoshop CS6 to 13.0.4, then use the APTEE tool to remove and reapply serialization. See the above post for more details.
The APTEE tool is not exactly easy to use to deploy this fix in an enterprise environment; you need to install it on all your machines and also run a script (which you must write, test, and debug) on all your machines to perform the unserialization/reserialization.
Later today I will post a tool to help you create a standard Apple package to perform these steps. If you have some way to distribute and install Apple packages on your machines, you’ll be able to do the unserialization/reserialization by installing a package.
Check back later!
Adobe CS6 Serialization problem links
Adobe CS6 Serialization fun
Recently (starting some time after the first of the year), we’ve started having users call and tell us that their formerly working install of Adobe Photoshop CS6 was now asking for a sign-in:
We could not figure out why this was happening. An uninstall and reinstall of our AAMEE3-generated installation package seemed to get things working. But then the same users would call back the next day with the same issue.
Still more on Flash Installers
A follow up from today’s earlier post: some commenters mention that the disk image they downloaded contains a package like “normal”.
I’ve found at least five versions of the 11.5.502.146 installer:
All of these were downloaded today. Which version you get seems to depend on which browser you use!
Safari may lead you to one (if you decline the suggestion to also install Chrome you get a different one); Chrome returns another, and Firefox returns still another! And if you register to redistribute Flash and use the special URL you are given if/when you are approved for redistribution, you get yet another version.
And yet none of these are simply Apple packages. Sigh. They are either disk images that contain an application that contains a package, or disk images that contain an application that downloads another disk image that contains an application that contains a package.
On a related note, I recently watched Inception.
New Year, New Flash Post
Today Adobe released yet another Flash update. If you need to deploy it in an enterprise environment and head to http://get2.adobe.com/flashplayer/ to grab it, you might be surprised that what you download no longer includes an Apple package, and if you aren’t careful, the thing you download will try to install Google Chrome as well.
If you want the previous installer format, which was a disk image containing an application that contained an Apple package, you can still get it.
If you have not yet, you need to sign up to redistribute Adobe Flash here. Once you are approved, you’ll get a special link to download versions of the Flash installer that act like the previous ones.
At least for now.
Flashpoint and Counterpoint
TGB is back with more interesting comments.
Thanks for your comments, TGB! Let me respond to a few:
Vendor-supplied DMGs are standard for distribution, however they are not standard for deployment.
You say that only because your deployment software doesn’t support deploying directly from a drag-n-drop disk image. I think this is a case where we should bow to reality — since a lot of software is distributed this way, your software deployment system should make it easy to deploy software distributed in this format.
Default settings are part of deployment. They simply are.
Most consumers seem to be able to purchase, install and use third-party software with the default settings as chosen by the vendor. We find that also to be the case in our environment — we don’t have to customize settings very often. But when we do, we have lots of available tools to do so. Not having to (re)package the software itself gives us more time to spend on adding value for our organization.
I’m completely comfortable packaging Flash by hand.
That’s great. So am I. But not every admin is, judging by all the packaging questions I’ve seen. More importantly, what’s the value of hundreds or thousands of admins repeating the same task, but perhaps doing it slightly differently? Let’s have the vendor do that work.
I don’t work in a rigid corporate environment.
Neither do I!
Managing OS X 