Redirect with nginx before hitting a load balancer


At work I often am presented tasks with no obvious solution. Today’s problem was We want to redirect x.rderewianko.com/some/url/here to y.rderewianko.com/some/url/here. Simple right? Wrong! x.company.com points to a Elastic Load Balancer that we don’t manage and is managed by a 3rd party that we pay to manage.   So the question became, can we put something in front of that,…

JSS Hardcoded account information is bad


Jamf Admins, lets take a minute to talk about hardcoded values in scripts. It’s great that we’re a social community that publishes shares and modifies each other’s work on GitHub, but please sanitize that information. Take this as an example: For privacy to the original poster i’ve removed identifying information. Note: Even though mm2270 is listed as the author of…

Mind Blown! – Run Terminal at the Setup Assistant


Yesterday in macadmins slack it came up that you can open terminal in Setup Assistant. This to me is mind blowing, while I wasn’t the original one that discussed it I feel it’s a worthy post. Chris Collins did a much better job of blogging what the use of this is than I would so hat tip to him! You…

10.13 Root Password Oh my! #iamroot


EDIT 11-29-2017 08:33: APPLE has released a security update 2017-001. Your best bet is to go install that now. https://support.apple.com/en-us/HT208315   On twitter today, a tweet came up talking about how you can login to a 10.13 machine, with the account root and no password. You can use this prompt at the Login Window, Screen Saver, System Preferences,a ARD session,…

Hackathon JNUC2017!


With great pleasure I’d like to introduce you to a hackathon project I given the opportunity to work on with Ron Sanders and Tj Thurman.   Together with these brilliant people we created a script that allows you enable your employees to order accessories through self service. Known as GYoS or “Get Your own Stuff”   While we had bigger hopes…

Download Sierra through CLI


EDIT: Apple’s readded sierra to MAS https://itunes.apple.com/us/app/macos-sierra/id1127487414?mt=12 One of the changes that came with High Sierra’s release and affected fellow macadmins was the removal of Sierra from the app store.   For now, there’s a work around as Apple still has Sierra in the Software Update Catalogue Sign into the Mac App Store with an account that had Sierra Download…

Permanently Disabling Timemachine


Time machine is great for HOME use. In the enterprise it does not have a place. When I first started with my current job, we did use time machine and provided everyone a 1 tb external (while this worked while we were alot smaller, it was not scalable, secure or maintainable). Since then we’ve gone to using CrashPlan to enable…

How to create a VM that’ll work with DEP on VMware Fusion


This often comes up in #Macadmins How Do I setup a VM that’ll work with DEP.   Todo this in Parallels: Jeremy Baker has a great post on that here Todo this in VMware: We’ll need a few things: VMware Fusion (pro or standard) A Bootable DMG of what we’re going to use with DEP vfuse A Serial Number of a…

Deploy Office After DEP Configuration


In order to speed up our initial DEP process we decided to move deploy Microsoft Office on next checkin rather than part of the initial build. Doing this gave us the ability to DEP a machine in under 10 mins to get our employees up and running.   Todo this we have a few different moving parts. We deploy a…

Limit jss enrollment to a specific LDAP group


Where I work, we realized we wanted allow open enrollment, but only to Administration staff. While you could do this with a custom quickadd we wanted to keep the enrollment page in jss open as another option. Login to your Jamf Pro Server Click the Gear on the Left hand side by your name Select User Initiated Enrollment under the…