VMware ESXi 5.5 on the Mac Pro (2013)
Articles,Server 3 comments

VMware ESXi 5.5 on the Mac Pro (2013)

VMware now supports ESXi on the latest Mac Pro - virtualizing OS X has never been easier.

Securing a Munki deployment with Puppet SSL certificates
Articles 2 comments

Securing a Munki deployment with Puppet SSL certificates

Munki and Puppet have become very popular tools in the last few years, and make a great team for Mac management.  While Puppet is inherently secure due to its use of client-certificate based SSL for all communication, most Munki deployments still run over plaintext HTTP.  One of the best features […]

Hidden AirPlay feature in the AppleTV 6.1 (iOS 7.1) update
Articles,iOS 6 comments

Hidden AirPlay Feature

Here’s one that will make educators and education network administrators realllllly happy. There’s a hidden gem in the AppleTV 6.1 update that was released today. In addition to Bonjour over UDP negotiation for AirPlay, iOS 7.1 devices will also look for AirPlay sources using Bonjour over bluetooth when doing its […]

Exploring Apple’s new Device Enrollment Program
Articles,iOS,Management 2 comments

Exploring Apple’s new Device Enrollment Program

On February 26, 2014 Apple announced its new Device Enrollment Program (DEP). You can read about the features of the DEP here. In a nutshell, for US customers who have purchased devices directly from Apple, you can: 1) Force enrollment with your MDM when device is set up (every time) […]

Clean Migration of Existing Open Directory Users to a New Mavericks Server
Articles,OS X,Server 0 comments

Clean Migration of Existing Open Directory Users to a New Mavericks Server

For many reasons, you may find yourself needing to start a new Mavericks Open Directory server from scratch. In this article, I’ll go over how to import your existing users from an older Open Directory server and import them to your new Mavericks server. I will also use a tool […]

Stop Remediating While you Audit

Stop Remediating While you Audit

Let’s talk about orchestration. This term is different than just applying the normal set of configuration profiles you want near-permanently enforced on the workstations under your management. Too much theory isn’t necessarily helpful, but sometimes I come across something that feels right, and then experience validates it as a real, […]

Read more

Enhancing Sal with Facter and Profiles

In a previous post, I showed how to set up Sal. Sal‘s basic functionality is useful on its own, for the basic Munki reporting – what are the completed installs, pending updates, what OS versions, how many devices checked in the past 24 hours, etc. In this post, I’m going […]

Read more

Using Puppet with WebHelpDesk to Sign Certs, with Docker

In a previous post, I showed how to use Munki with Puppet SSL Client certificates in a Docker image. In that example, the Puppetmaster image is set to automatically sign all certificate requests. Good for testing, but not a good idea for production use. Instead, we should look into Puppet […]

Read more

Running Munki with Puppet SSL Client Certificates

Previously, I showed how you can run Munki in a Docker container. Then, I talked about how to build Munki to use Puppet for SSL certificates. Assuming you’ve got a running Puppetmaster image (which I talked about building here), let’s run the Munki-Puppet image we just built. Running the Container: […]

Read more

Building Munki with Puppet for SSL Client Certificates

Note: this is based on the README for the Munki-SSL docker container. In a previous post, we ran a Docker container serving Munki repo content via Nginx. That works fine, but only serves insecure HTTP content. It’s generally in everyone’s best interest to use a secure connection between the Munki […]

Read more

Building a Puppetmaster with Docker

This is based on the README I wrote for the macadmins/puppetmaster image. Puppet is an industrial-strength cross-platform configuration management engine. Though you’ll find lots of existing Puppetmaster images on the Docker registry, this one will serve as the baseline for other expanded uses of Puppet – such as using it […]

Read more

Running Munki in Docker

In the previous post, I built a container that serves static files at http://munki/repo using Nginx. Now that we have build the Docker image, let’s put it to use. Data Containers We’re going to hook up the Munki image to a data-only container. Data-only containers are a way of keeping […]

Read more

Building Munki with Docker

Munki is an incredible tool for Mac software deployment, and the setup process is fairly straightfoward – configure a web server, create your repo, run the tools to populate it with software, and configure clients. It’s the “configure a web server” aspect that may give some pause, as setting up […]

Read more

When Yosemite has Fallen, and it Can’t Get Up

When Yosemite has Fallen, and it Can’t Get Up

UPDATE January 20, 2015 – Some are reporting an opendirectoryd-related fix, featuring the very cool-looking darwinup. Let’s hope it makes it into .2, and we’re not all chomping at the bit for 10.10.3! People are noticing a symptom, branded LoginLockout (credit @andrewrose), where Yosemite seemingly freezes during startup. The keyboard shows […]

Read more

Git-Fat Intro Part Two – Setup and Migration

Git-Fat Intro Part Two – Setup and Migration

In our last installment, we introduced a solution for syncing large or already compressed files around without strictly commit’ing them to git proper when collaborating on a munki repo. This was by leveraging the git-fat add-on/script, which only relies on python(2.7) and rsync. Let’s talk about how, if you followed […]

Read more