Command to add a secure token to a macOS user account

If you run sysadminctl -secureTokenStatus firstuseraccount and see a secure token is enabled for that first account but run sysadminctl -secureTokenStatus seconduseraccount and see a secure token is not enabled for that second account, you can try adding a secure token to the second account, so it can turn on FileVault or become a FileVault-enabled… Continue reading Command to add a secure token to a macOS user account

Copying the Rosetta 2 installer for offline installations

I honestly don’t know why this gets asked about as often as it does, but I’ve seen several instances in which Mac admins want to know how to get the Rosetta 2 installer .pkg to be installed offline. The installer is about 6.2 MB, so I don’t think bandwidth is the issue, but maybe it… Continue reading Copying the Rosetta 2 installer for offline installations

Adobe Package Downloader error on Big Sur

If you get a The installation cannot continue as the installer file may be damaged. Download the installer file again. error when trying to run the Adobe Package Downloader.app on Big Sur, the quickest workaround (as of the writing of this blog post) is to copy the Adobe Package Downloader.app (or, more precisely, the .dmg… Continue reading Adobe Package Downloader error on Big Sur

Unloading Santa’s system extension when uninstalling using Munki

What the problem is System extensions in place of kernel extensions For macOS 10.15+, Apple has deprecated kernel extensions in favor of system extensions, but system extensions can’t be unloaded silently by script. If you try to unload Santa’s system extension using the command: systemextensionsctl uninstall EQHXZ8M8AV com.google.santa.daemon you’ll get this: At this time, this… Continue reading Unloading Santa’s system extension when uninstalling using Munki

Known Networks settings moved in Big Sur

In earlier (10.15 and lower) versions of macOS, Apple put the list of known networks in the /Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist file. In Big Sur (macOS 11.x), Apple moved the known networks to the /Library/Preferences/com.apple.wifi.known-networks.plist file.

Semi-automating profile installation in Big Sur

It’s pretty well known among Mac admins that, starting with Big Sur (macOS 11), Apple has removed the ability for the profiles command to silently install .mobileconfig profiles. Apple wants you to use an MDM to deliver profiles silently… or have users themselves manually install profiles. If you try to install them silently the old… Continue reading Semi-automating profile installation in Big Sur

Munki can get into a notification loop if root is using the Persian calendar

The Problem At some point, this blog post may be obsolete, because I’m hoping this will be fixed soon, but in the meantime, I’ve filed an issue on GitHub: Using Persian calendar results in notification loop at every next Munki run If you have users who claim to see notifications multiple times a day, even… Continue reading Munki can get into a notification loop if root is using the Persian calendar

How to check the Carbon Black version installed

Update Thanks to Clay Haynes for pointing out you can get the version more easily by running /Applications/VMware\ Carbon\ Black\ EDR.app/Contents/MacOS/CbOsxSensorService -v Back story In Carbon Black 6.3.0 and 7.0.1, it isn’t super obvious how to check for the version installed. For example, if you run defaults read /Applications/VMware\ Carbon\ Black\ EDR.app/Contents/Info.plist, you’ll see CFBundleInfoDictionaryVersion… Continue reading How to check the Carbon Black version installed

Scripting changing user icons: dsimport prompts for password in zsh

2 June, 2021 Update Special shoutout to Armin Briegel for pointing out that the zsh version runs just fine if you use a different variable name from USERNAME. I’ve tried it with USERACCOUNT instead, and I’ve confirmed it works fine with zsh. Original Post Apple is moving toward making zsh the default shell instead of… Continue reading Scripting changing user icons: dsimport prompts for password in zsh

Using installinstallmacos.py to get beta installers

Usually, if you use installinstallmacos.py, you’ll get the already-released installers: # ProductID Version Build Post Date Title 1 001-15219 10.15.5 19F2200 2020-06-15 macOS Catalina 2 001-04366 10.15.4 19E2269 2020-05-04 macOS Catalina 3 061-86291 10.15.3 19D2064 2020-03-23 macOS Catalina 4 041-91758 10.13.6 17G66 2019-10-19 macOS High Sierra 5 001-57224 10.15.7 19H4 2020-10-27 macOS Catalina 6 061-26589… Continue reading Using installinstallmacos.py to get beta installers