Introduced in macOS 26 Apple Business Manager (ABM) supports migrating devices from one MDM to another. One unintended feature of this is the ability to use the migration to repair broken MDM communications, including mismatched APNs topics with expired MDM profiles. This saves IT from performing a device erase or going into recovery mode. ThisContinue reading “Fixing MDM Communications With Apple Business Manager Migration”
Category Archives: Uncategorized
Major macOS deferrals may rollback security fixes
Apple provides the ability to defer major macOS upgrades to prevent early adoption of major OS versions on managed devices. Having a major deferral in place that’s longer than an existing minor deferral may leave computers with an immediately pending macOS update after a macOS Upgrade, which could cause computers to rollback already applied securityContinue reading “Major macOS deferrals may rollback security fixes”
Undocumented change in Jamf Pro 11.11 limits policy logs
In Jamf’s November 2024 Jamf Pro 11.11 update Jamf silently added in a 25 KB limit to policy log output. This will limit the your ability to troubleshoot scripts that fail to run with an output more than 25 KB. Jamf support notes that this is to prevent “server degradation”. There is no public documentationContinue reading “Undocumented change in Jamf Pro 11.11 limits policy logs”
How to run unsigned apps in macOS 15.1
Apple uses code signatures to verify app are created by a specific developer and haven’t been tampered with. This is done through Apple’s Gatekeeper process which blocks execution of known bad code or code with no signature at all. In versions of macOS prior to 15.1 you bypass this block by going to System SettingsContinue reading “How to run unsigned apps in macOS 15.1”
Capturing Jamf Protect Diagnostics to S3
While it doesn’t happen often at all sometime your staff will have issues performance issues with Jamf Protect. This was apparent for us recently with an issue that was patched in 3.1.4.425, which was compounded by a Unified Logging filter that generated a lot of information. In the process of gathering logs for support weContinue reading “Capturing Jamf Protect Diagnostics to S3”
Detecting Zoom Installer Used
The ZoomIT installer installs a modified IT version of Zoom which the standard installer packages will not update. Instead the users will see this error, even if this is pushed down from MDM. The following command can be used to identify if the IT version of Zoom is installed or not. If it returns 1,Continue reading “Detecting Zoom Installer Used”
Enforcing and Fixing Jamf Protect
Summary This is an updated version of my previous article to utilize Jamf Pro’s built in automatic installation workflows instead of uploading your own package file. One issue with these provided workflows is that they run “once per computer”, when a plan configuration profile is push to a computer. This means it will attempt toContinue reading “Enforcing and Fixing Jamf Protect”
IT Notes 