Categories
Mac admin'ing

Fixing Jamf device signature error

Even though this Jamf Nation thread is five years old, as of this writing, it’s still got the solution to the Device Signature Error - A valid device signature is required to perform the action error message.

In my experience, the actual working solution is to run sudo jamf enroll -prompt and then enter credentials when prompted. Repeatedly running sudo jamf recon (even after a reboot) or sudo jamf policy doesn’t fix the issue, nor does verifying that the system clock time is correct.

Now why this comes up in the first place on a freshly factory-reset computer that DEP-enrolled in Jamf—who knows but Jamf?

Categories
Mac admin'ing

Fix for custom user icons freezing up System Preferences

Even though there is some flexibility in terms of what sizes and resolutions you can use for custom user icons (to select for user pictures), if your icon’s resolution is way off, you may see a frozen blank, grey screen when trying to change the picture from that too-high-res picture to something else:

To get out of that, you’ll have to force-quit System Preferences, and then delete the picture manually with the terminal:
sudo dscl . delete /Users/username JPEGPhoto

The fix to prevent this from happening again is rather simple. Just make sure your image matches the size and pixels-per-inch that the macOS system user icons have:


Then, you should be able to select another image after your image is selected.

Categories
Mac admin'ing

Upping the logging level in Munki

As noted in the Troubleshooting section of the Munki wiki, you can increase the logging level for Munki clients.

The default logging level is 1, which looks like this:
Dec 12 2019 20:04:20 -0800 GoogleChrome version 79.0.3945.79 (or newer) is already installed.

If you increase the logging level to 4, it will look like this:
Dec 12 2019 20:08:23 -0800 DEBUG1: Found GoogleChrome, version 79.0.3945.79 in catalog testing
Dec 12 2019 20:08:23 -0800 DEBUG1: Found Info.plist at /Applications/Google Chrome.app/Contents/Info.plist
Dec 12 2019 20:08:23 -0800 DEBUG1: Checking /Applications/Google Chrome.app/Contents/Info.plist for CFBundleShortVersionString 79.0.3945.79...
Dec 12 2019 20:08:23 -0800 DEBUG1: Using version_comparison_key CFBundleShortVersionString
Dec 12 2019 20:08:23 -0800 DEBUG1: Installed item has version 79.0.3945.79
Dec 12 2019 20:08:23 -0800 DEBUG1: Installed item is the same.
Dec 12 2019 20:08:23 -0800 DEBUG1: Found Info.plist at /Applications/Google Chrome.app/Contents/Info.plist
Dec 12 2019 20:08:23 -0800 DEBUG1: Checking /Applications/Google Chrome.app/Contents/Info.plist for CFBundleShortVersionString 79.0.3945.79...
Dec 12 2019 20:08:23 -0800 DEBUG1: Using version_comparison_key CFBundleShortVersionString
Dec 12 2019 20:08:23 -0800 DEBUG1: Installed item has version 79.0.3945.79
Dec 12 2019 20:08:23 -0800 DEBUG1: Installed item is the same.

which looks very similar to the output from a manual sudo managedsoftwareupdate -vvv run:

Found GoogleChrome, version 79.0.3945.79 in catalog testing
Found Info.plist at /Applications/Google Chrome.app/Contents/Info.plist
Checking /Applications/Google Chrome.app/Contents/Info.plist for CFBundleShortVersionString 79.0.3945.79...
Using version_comparison_key CFBundleShortVersionString
Installed item has version 79.0.3945.79
Installed item is the same.
Found Info.plist at /Applications/Google Chrome.app/Contents/Info.plist
Checking /Applications/Google Chrome.app/Contents/Info.plist for CFBundleShortVersionString 79.0.3945.79...
Using version_comparison_key CFBundleShortVersionString
Installed item has version 79.0.3945.79
Installed item is the same.

So if you want to see the equivalent of managedsoftwareupdate -vvv in the /Library/Managed Installs/Logs/ManagedSoftwareUpdate.log, I’d recommend using LoggingLevel 4.