Basic default behavior in Nudge (Swift, not Python)

A couple of years ago, I published an Introduction to Nudge. At the time, Nudge was written in Python and worked in Catalina. The new version of Nudge is written in Swift and works for Big Sur and Monterey (and presumably Alcatraz and beyond). This new version of Nudge has a whole bunch of configurable… Continue reading Basic default behavior in Nudge (Swift, not Python)

Signs you may have conflicting MDM profiles in macOS

Jamf doesn’t currently let you easily separate out individual parts of a profile, so if you deploy a Restrictions profile, you have to enforce all the parts of the Restrictions profile. Sure, you can download the profile, un-sign it, modify it, re-sign it, and then re-upload it, but that’s not very easy to then modify… Continue reading Signs you may have conflicting MDM profiles in macOS

Command to add a secure token to a macOS user account

If you run sysadminctl -secureTokenStatus firstuseraccount and see a secure token is enabled for that first account but run sysadminctl -secureTokenStatus seconduseraccount and see a secure token is not enabled for that second account, you can try adding a secure token to the second account, so it can turn on FileVault or become a FileVault-enabled… Continue reading Command to add a secure token to a macOS user account

Copying the Rosetta 2 installer for offline installations

I honestly don’t know why this gets asked about as often as it does, but I’ve seen several instances in which Mac admins want to know how to get the Rosetta 2 installer .pkg to be installed offline. The installer is about 6.2 MB, so I don’t think bandwidth is the issue, but maybe it… Continue reading Copying the Rosetta 2 installer for offline installations

Adobe Package Downloader error on Big Sur

If you get a The installation cannot continue as the installer file may be damaged. Download the installer file again. error when trying to run the Adobe Package Downloader.app on Big Sur, the quickest workaround (as of the writing of this blog post) is to copy the Adobe Package Downloader.app (or, more precisely, the .dmg… Continue reading Adobe Package Downloader error on Big Sur

Unloading Santa’s system extension when uninstalling using Munki

What the problem is System extensions in place of kernel extensions For macOS 10.15+, Apple has deprecated kernel extensions in favor of system extensions, but system extensions can’t be unloaded silently by script. If you try to unload Santa’s system extension using the command: systemextensionsctl uninstall EQHXZ8M8AV com.google.santa.daemon you’ll get this: At this time, this… Continue reading Unloading Santa’s system extension when uninstalling using Munki

Known Networks settings moved in Big Sur

In earlier (10.15 and lower) versions of macOS, Apple put the list of known networks in the /Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist file. In Big Sur (macOS 11.x), Apple moved the known networks to the /Library/Preferences/com.apple.wifi.known-networks.plist file.

Semi-automating profile installation in Big Sur

It’s pretty well known among Mac admins that, starting with Big Sur (macOS 11), Apple has removed the ability for the profiles command to silently install .mobileconfig profiles. Apple wants you to use an MDM to deliver profiles silently… or have users themselves manually install profiles. If you try to install them silently the old… Continue reading Semi-automating profile installation in Big Sur

Munki can get into a notification loop if root is using the Persian calendar

The Problem At some point, this blog post may be obsolete, because I’m hoping this will be fixed soon, but in the meantime, I’ve filed an issue on GitHub: Using Persian calendar results in notification loop at every next Munki run If you have users who claim to see notifications multiple times a day, even… Continue reading Munki can get into a notification loop if root is using the Persian calendar

How to check the Carbon Black version installed

Update Thanks to Clay Haynes for pointing out you can get the version more easily by running /Applications/VMware\ Carbon\ Black\ EDR.app/Contents/MacOS/CbOsxSensorService -v Back story In Carbon Black 6.3.0 and 7.0.1, it isn’t super obvious how to check for the version installed. For example, if you run defaults read /Applications/VMware\ Carbon\ Black\ EDR.app/Contents/Info.plist, you’ll see CFBundleInfoDictionaryVersion… Continue reading How to check the Carbon Black version installed