-
Enforcing an older force_install_after_date when importing a new Munki item version
Problem Munki has the ability to force updates to install by a certain date, using the force_install_after_date flag, but what do you do when you have an older version you want enforced, but you also want to import a newer version into the Munki repo? If you have Slack 4.29 you want force-installed in two […]
-
“Origin checking failed … does not match any trusted origins” CSRF errors in Crypt Server
Recent changes to Crypt Server have included guards against cross-site request forgery (CSRF) attacks. If you don’t have your Crypt Server configured correctly, you may run into issues when trying to view a secret (Get Key). You can get an error like: Forbidden (403) CSRF verification failed. With DEBUG = True passed as an environment […]
-
Using the distribution-style flag in munkipkg for PreStage Enrollment in Jamf
Even though Jamf has its own package creation tool (Jamf Composer), there are lots of great reasons to use munkipkg instead for creating custom packages, as Elliot Jordan outlines in You might like MunkiPkg. One of the keys munkipkg has is the distribution-style key (more details in the munkipkg README), which is usually fine to […]
-
Managed Software Center may get stuck on “Starting Adobe installer…”
If you import an Adobe installer into your Munki repo, you may get it stuck on the installation part where Managed Software Center (or Munki’s logs) will just say Starting Adobe installer… and get stuck on that perpetually (I waited “only” a half hour, but it could possibly stay indefinitely). I searched in the MacAdmins […]
-
Modifying a distribution .pkg that has max macOS version requirements
What’s the problem? A vendor has the option, when creating a macOS distribution package, to put in a minimum and/or maximum macOS version. That can make things slightly annoying if you’re trying, for example, to test out the current vendor package on a beta macOS version (or even a fully released macOS version that the […]
-
Deploying default Chrome settings to Macs
You can, of course, manage certain Chrome settings via Google Workspace Admin, but what if you don’t want to manage things like the homepage, but you just want to set defaults for new deployments, and you still want users to be able to change those settings later? Google has something called an Initial Preferences file […]
-
“looks like a filename, but the file does not exist” error when deploying a Cloud Function
Caveat This fits in the category of “What it ended up being for me, and it may help someone else” and not “I’m an expert on all gcloud errors, and this is always the solution,” so please resist the urge to comment with “This didn’t solve it for me. What’s the solution to my problem?” […]
-
Making a custom Nudge launch agent
Introduction Nudge releases generally come as Nudge, Nudge logger, and the Nudge launch agent. As of this writing, the Nudge launch agent will launch up Nudge every 30 minutes. The package is also signed: If you’re creating your own launch agent, you may want to code-sign it, or you may not have to, depending on […]
-
Ensure your VMware Fusion Macs enroll in Jamf as Computers, not Devices
It used to be that you could create a VMware Fusion virtual machine Mac, enroll it in Jamf (either by spoofing the serial number for Automated Device Enrollment or just using an auto-generated VM serial for manual enrollment). Recently (not sure when, exactly), you may have noticed if you try to enroll a VMware Fusion […]
-
Using Nudge’s targetedOSVersionsRule
With a single .json file or a single MDM-delivered configuration profile, you can have various deadlines and desired OS versions for Nudge, depending on the current macOS version of the client. Let’s say, for example, you want an earlier deadline for client machines on a very old build but a later deadline for other client […]