Backing up a Jamf Pro database hosted in Amazon Web Services’ RDS service to an S3 bucket
For those using Amazon Web Services to host Jamf Pro, one of the issues you may run into is how to get backups of your Jamf Pro database which you can access. AWS’s RDS service makes backups of your database to S3, but you don’t get direct access to the S3 bucket where they’re stored.
In the event that you want a backup that you can access of your RDS-hosted MySQL database, Amazon provides the option for exporting a database snapshot to an S3 bucket in your AWS account. This process will export your data in Apache Parquet format instead of a MySQL database export file.
However, it’s also possible to create and use an EC2 instance to perform the following tasks:
- Connect to your RDS-hosted MySQL database.
- Create a backup of your MySQL database using the mysqldump tool.
- Store the backup in an S3 bucket of your choosing.
For more details, please see below the jump.
Creating root-level directories and symbolic links on macOS Catalina
One of the changes which came with macOS Catalina was the introduction of a read-only root volume for the OS. For users or environments which were used to using adding directories to the root level of the boot drive, this change meant they could no longer do that.
To address this need, Apple added a new method for creating directories at the root level which leverages Apple File System’s new firmlink functionality. Firmlinks are new in macOS Catalina and are similar in function to Unix symbolic links, but instead of only allowing travel one way (from source to destination) firmlinks allow bi-directional travel.
The use of firmlinks is exclusively reserved for the OS’s own use, but Apple has also made available what are called synthetic firmlinks. These synthetic firmlinks are how the OS enables folks to create directories and symbolic links on the read-only boot volume. For more details, please see below the jump.
A beginner’s guide to the Jamf Pro Classic API
When working with Jamf Pro, one way to save yourself a lot of clicking in the admin console is to use one of the two current Jamf Pro APIs. Both APIs are REST APIs, which means they can perform requests and receive responses via HTTP protocols like GET, PUT, POST and DELETE. That means that the curl tool can be used to send commands to and receive information from a Jamf Pro server.
The two APIs are as follows:
- Classic API
- Jamf Pro API (formerly known as the Universal API)
Classic API
This API is the original one which Jamf Pro started with and it is slated for eventual retirement. This API is designed to work with XML and JSON.
The base URL for the Classic API is located at /JSSResource on your Jamf Pro server. If your Jamf Pro server is https://server.name.here:8443, that means that the API base URL is as follows:
https://server.name.here:8443/JSSResource
To help you become familiar with the API, Jamf includes documentation and “Try it out” functionality at the following URL on your Jamf Pro server:
https://server.name.here:8443/api
The Classic API is designed to work with usernames and passwords for authentication, with the username and password being passed as part of the curl command.
Examples: https://developer.jamf.com/apis/classic-api/index
Jamf Pro API
This API is in beta and is designed to be an eventual replacement for the Classic API. This API is designed to work with JSON.
The base URL for the Jamf Pro API is located at /uapi on your Jamf Pro server. If your Jamf Pro server is https://server.name.here:8443, that means that the API base URL is as follows:
https://server.name.here:8443/uapi
To help you become familiar with the API, Jamf includes documentation and “Try it out” functionality at the following URL on your Jamf Pro server:
https://server.name.here:8443/uapi/docs
The Jamf Pro API is designed to work with token-based authentication, with a Jamf Pro username and password used to initially generate the necessary token. These tokens are time-limited and expire after 30 minutes. However, you can generate a new token for API authentication using the existing token’s credentials. The new token generation process does the following:
- Creates a new token with the same access rights as the existing token.
- Invalidates the existing token.
Jamf Pro API examples: https://developer.jamf.com/apis/jamf-pro-api/index
For more details, please see below the jump.
Apple Device Management book now available for purchase from Apple Books
For the folks who have asked about eBook purchasing options for the Apple Device Management book I wrote with my colleague Charles Edge, I’m happy to say that you can now also get our book from Apple Books.
That means that you can now get it in digital format from the following vendors:
- Amazon (for Amazon’s Kindle)
- Apple Books
- Apress
If you’re looking for a digital copy, there are lots of options available. Hopefully, you’ll find one that works best for you.
Apple Device Management book now available for purchase from Amazon and Apress
I’ve been working on a new book with my colleague Charles Edge and I’m delighted to announce it’s now available for regular sale from both Amazon and Apress, our publisher!
Amazon: https://www.amazon.com/Apple-Device-Management-Managing-AppleTVs/dp/1484253876
Apress: https://www.apress.com/us/book/9781484253878
This quality item is suitable for any gift-giving occasion (including the ones occurring this week!) in addition to being the perfect something for yourself. For those who have asked about it being available in electronic format, it’s available in the following formats depending on the seller:
- Amazon: Available for the Kindle
- Apress: Available in PDF and ePub format
Deploying Terminal profile settings using macOS configuration profiles
A number of Mac admins have their Terminal appearance settings configured just the way they like them, but it can be a bit of manual work to export and import them. After having to manually configure and export these settings more than a few times, I wanted to see if it was possible to export these settings in a way to make it easy to convert into a configuration profile.
With a little work and research, I was able to write a script which handled exporting the Terminal profile I wanted into a properly formatted plist file. For more details, please see below the jump.
Enabling or disabling all Jamf Pro policies using the API
Every so often, it may be useful to be able to enable or disable all of your current Jamf Pro policies. In those cases, depending on how many policies you have, it can be tedious to have to do them one at a time using the admin console.
However, with the right API calls in a script, it’s straightforward to perform these tasks using the Jamf Pro API. For more information, please see below the jump.
Recent Comments