Archive for November, 2012

“Managing FileVault 2 on OS X Mountain Lion with the Casper Suite” session video from JNUC 2012 now available

November 30, 2012 Leave a comment

JAMF Software has posted the session video for my Managing FileVault 2 on OS X Mountain Lion with the Casper Suite session from JAMF Nation User Conference 2012. For those interested, there’s a streaming version of the video available here on the JAMF News site.

For offline viewing, a high-res version is also available.

“OpenBSM: Your Mac’s Unseen Auditor” in MacTech’s Fall 2012 issue

November 21, 2012 Leave a comment

For those interested in using Apple’s OpenBSM audit software, I have an article in MacTech’s Fall 2012 issue. It’s titled OpenBSM: Your Mac’s Unseen Auditor and is a guide to both configuring OpenBSM and accessing the audit logs.

Categories: MacTech, OpenBSM

Clearing the quarantine extended attribute from downloaded applications

November 20, 2012 5 comments

When I’m packaging an application for deployment, I normally download the latest version from the vendor. If it’s a drag-and-drop install, where the application is a self-contained bundle, it will get the extended attribute associated with it.

The quarantine attribute is added by the OS so that it can ask for user confirmation the first time the downloaded program is run. Gatekeeper in Lion and Mountain Lion also uses the attribute to determine if an application should be checked (and blocked if needed.)

To avoid issues with both unwanted messages and Gatekeeper, I normally clear this attribute as part of my packaging. Here’s how to check to see if your application has the attribute associated with it:

1. Open Terminal

2. Run the following command:

xattr /path/to/

If the attribute is associated with the application, you should see the following output:

computername:Applications username$ xattr /path/to/
computername:Applications username$

Note: Other attributes may also be listed, with being a common one.

To remove the quarantine attribute, you would then run the following command:

sudo xattr -r -d /path/to/

That will recursively remove the attribute from the application. The -r option will allow the quarantine attribute of all files inside the application to be selected, while the -d option causes the given attribute name (and associated value) to be removed.

Adding program icon artwork to Casper’s Self Service

November 15, 2012 1 comment

One of my favorite touches of JAMF’s Self Service application is that it allows you to add graphics files to be displayed for the various policy options. I like it because it gives users a visual cue when they’re searching for a particular application installer or other Self Service-hosted policy. It also helps make the Self Service application look nice, which is something else I appreciate.

Getting high-quality art for Self Service can be surprisingly easy. In many cases, you can use the artwork directly from the application itself, by using Preview’s “New from Clipboard” function . See below the jump for how to do this.

Read more…

Categories: Casper, Mac administration

Fully automating installation of automatically-generated installers

November 11, 2012 Leave a comment

As part of your Mac’s standard build process for your environment, you may need to install certain packages that are generated for you by another process. A good example may be your workplace’s central antivirus management console, or a systems management tool.

Generally, these applications are installed once and then the centralized management server takes care of managing and updating them on your Macs afterward. For that first install though, they still need to be installed on your Macs and it’s usually a manual process for Mac admins to copy the latest installer from wherever it’s stored and add it to the build process.

However, if you have access to where the installer is stored, you can script the process of installation and fully automate the process of getting the latest installer and installing it on your Mac. See below the jump for an example of how to do this with Sophos Antivirus.

Read more…

FileVault 2 session at MacIT 2013

November 4, 2012 Leave a comment

I’ll be speaking about FileVault 2 at MacIT 2013, which is being held from January 31 – February 2nd, 2013 in San Francisco. For those interested, my talk will be on Thursday, January 31.

For a description of what I’ll be talking about, please see IT824: FileVault 2 Decoded on the Day 1 Agenda page.

%d bloggers like this: