Summary macOS has a setting under System Settings > Security and Privacy > Advanced called “Require an administrator password to access system-wide settings” (I’m going to call it “require admin setting” from here out). The help section describes this option as “Prevent users from changing locked system settings without an administrator’s password.” Unfortunately the settingContinue reading “Tricking require an admin password to access system-wide settings”
Author Archives: Isaac
Jamf Pro Framework Not Installing or Redeploying
Starting on or around Monday June 26th we recently ran into some issues where the Jamf Pro Binary located at /usr/local/bin/jamf was missing on newly enrolled computers. The computers would be MDM enrolled but and would receive configuration profiles but the Jamf Management Framework, including Self Service and the jamf binary would be missing. BecauseContinue reading “Jamf Pro Framework Not Installing or Redeploying”
Capturing Jamf Protect Diagnostics to S3
While it doesn’t happen often at all sometime your staff will have issues performance issues with Jamf Protect. This was apparent for us recently with an issue that was patched in 3.1.4.425, which was compounded by a Unified Logging filter that generated a lot of information. In the process of gathering logs for support weContinue reading “Capturing Jamf Protect Diagnostics to S3”
Detecting Zoom Installer Used
The ZoomIT installer installs a modified IT version of Zoom which the standard installer packages will not update. Instead the users will see this error, even if this is pushed down from MDM. The following command can be used to identify if the IT version of Zoom is installed or not. If it returns 1,Continue reading “Detecting Zoom Installer Used”
Enforcing and Fixing Jamf Protect
Summary This is an updated version of my previous article to utilize Jamf Pro’s built in automatic installation workflows instead of uploading your own package file. One issue with these provided workflows is that they run “once per computer”, when a plan configuration profile is push to a computer. This means it will attempt toContinue reading “Enforcing and Fixing Jamf Protect”
AirWatch & Okta – Group departed employee devices
It’s important to identify devices that are owned by previous employees and take action on them, either removing or quarantining them so that they don’t continue to have access to company resources. I you have Okta’s LDAP configured in Airwatch you can do this via a User Group and some custom filters in the devicesContinue reading “AirWatch & Okta – Group departed employee devices”
IT Notes 