Quick post: Calendar Spam

Introduction

Since iCloud calendar spam suddenly appears to be a thing and a bunch of folks both asked me about it and offered possible solutions I whipped up a quick infographic on how to deal with it, or at least how to make it less annoying by being able to filter it.

What’s this anyway?

By default iCloud automatically adds calendar invites to a user’s pending events list, generally a good thing if someone wants to genuinely invite you to a meeting or some other event. As with anything else that involves computers, someone figured out that this would also make a fine way to advertise their knock-off watches, sunglasses and other merchandise by mass-sending calendar invites that include links of varying degrees of ill repute.

Just stop.

Agreed. So to wrap up other more long-winded explanations on how to do this I whipped out trusty Preview.app (in keeping with my stdlib or GTFO credo) and put together the following Twitter-friendly graphical how-to.

Calendar spam infographic

Read more...

Kext Friends Forever

Introduction

After this past weekend’s kext-ageddon it once again became clear that Apple seems to have a problem with QA when it comes to OS X, as discussed on this week’s Accidental Tech Podcast episode. While there are many areas of OS X where poor QA will likely go unnoticed by users until a later update fixes whatever QA missed, Apple has been unfortunate as of late with the specific areas of its OS X that were hit by poor QA.

There were several App Store certificate expiration occurences that caught developers and users off-guard, the most recent one happening in mid-February as summarized here by Michael Tsai.

Read more...

Skipping Wifi setup in Setup Assistant

Introduction

A question came up in the Mac Admins Slack #general channel regarding skipping the Wifi setup pane in Setup Assistant. The user “tuxudo” wondered if any methods exist to skip the Wifi setup pane during a Setup Assistant run. The main use for suppressing the Wifi setup pane is to avoid confusion when deploying Macs that lack active wired networking and receive their Wifi configuration through a profile. Unfortunately the Wifi setup pane will still appear in this scenario as Setup Assistant has no knowledge of installed Wifi profiles. This can lead to support calls and changes being made that diverge from the desired Wifi configuration.

Read more...

Introducing DEPy - a DEP Python module

Introduction

Apple has been heavily promoting the use of its Device Enrollment Program (DEP henceforth) for almost two years now since its introduction in February 2014. The promise of the program is “zero-touch” deployment of iOS and OS X devices directly to the customer, bypassing the common pitstop with an IT department for the required initial setup and preparation of the device before passing it on to the user. Most major MDM players quickly integrated the DEP functionality into their products while generally maintaining the feature’s black box status.

Read more...

Installing OS X PKGs using an MDM service

Just the facts? Go here!

Introduction

With each annual iteration of OS X Apple improves the capabilities of its tightly integrated MDM, DEP and VPP trinity which has also made it increasingly compelling for Mac admins to take a look at what these management options could mean for them.

Read more...

Disable Spotlight indexing of network volumes

Introduction

Based on a user request a question came up today regarding disabling the automatic Spotlight indexing of network volumes. While users can manually add local and network volumes to the Spotlight Privacy exception list this is not a very obvious process and it requires a tech to walk them through the process, usually more than once. When left unconfigured, Spotlight and its mds family of tools will continuously index network volumes, putting extra strain on network infrastructure and further degrading the already less-than-stellar SMB performance in OS X.

Read more...

Penn State MacAdmins Conference 2015 slides available

The slides for the two talks I gave at this year’s PSU Mac Admins Conference are now available as PDFs at these links:

Free your Netboot server with BSDPy
Connect the dots with Docker

Thanks to all attendees that showed up for either one or both of my talks, hope to see you all again next year!

Read more...

MDM-azing - setting up your own MDM server

Pardon the pun, but I’ve been meaning to use that Shamen reference ever since MDM became A Thing.

It is not for a lack of Mobile Device Management solutions that I wanted to figure out the process of setting up my own MDM server of course. Quite the opposite as there are many vendors out [there] (https://meraki.cisco.com/solutions/mobile-device-management) offering MDM solutions with varying levels of customer satisfaction. It’s fair to say that often MDM solutions tend to nudge over to the far ends of the spectrum capped by “Overly complicated” on one end and “Checkbox feature” on the other. Barring a few free ones most are also pricey, further lowering one’s sense of getting bang for one’s buck. Another issue can be integration with existing systems, which often leads to companies deciding to buy into complete solutions from one vendor. Not a perfect situation by any stretch of the imagination for those of us who have perfectly functional management tools just looking to enhancement their toolset with the benefits of Apple’s OS X MDM integration. There have been previous flurries of interest and activity in the Mac Admin community around creating a true OSS MDM solution. These attempts mostly fizzled due to uncertainty about the exact process of creating an MDM service and lack of sources of information. After some asking around it was determined that Apple keeps certain key bits of information behind the iOS Enterprise Developer paywall, such as the Mobile Device Management Protocol Reference document. Even more importantly the ability to sign the required MDM CSR for such a service is also only available to organizations subscribing to the same $300/year program.

Read more...