Archive
Apple Device Management Second Edition book now available for purchase from Amazon, Apple Books and Apress
As covered previously, I worked with my colleague Charles Edge to update our Apple Device Management book with new information for a new second edition. I’m delighted to announce it’s now available for regular sale from Amazon, Apple Books and Apress, our publisher!
- Amazon: https://a.co/d/bnCAr5W
- Apple Books: https://books.apple.com/us/book/apple-device-management/id6445786866
- Apress: https://rd.springer.com/book/10.1007/978-1-4842-9156-6
Just like First Edition, Second Edition is a quality item stuffed with useful information. Also like First Edition, Second Edition is suitable for any gift-giving occasion in addition to being the perfect something for yourself. For those who have asked about it being available in electronic format, it’s available in the following formats depending on the seller:
- Amazon: Available for the Kindle
- Apple Books: Available in ePub format
- Apress: Available in PDF format
One thing to be aware of is that First Edition was also initially available via Apple Books, then later disappeared. I don’t know if that will happen with Second Edition, but if you want to get it for Apple Books my advice is to get it now and avoid disappointment and future regret.
Providing Jamf Pro computer inventory information via macOS configuration profile
Jamf Pro can store and make available a lot of information about a particular computer and who is using it as part of the computer’s inventory record, but it can be challenging to access that information from the computer itself.
It is possible to use an API call to access this information, using either the Jamf Pro API or Jamf Pro’s Classic API, but that means providing a way to authenticate to the API. This may pose some security issues as you will need to both:
- Provide a way for the computer to access those authentication credentials
- Protect the authentication credentials from potentially malicious third parties
Fortunately, there is an alternative way to provide at least some inventory information without needing to make an API call. Jamf Pro provides a number of variables which can be used in macOS configuration profiles and it’s possible to leverage those variables to build a profile whose task is providing information from the computer’s inventory record in Jamf Pro in a way which can be accessed from the managed computer. For more details, please see below the jump.
Certificate expiration affecting macOS App Store and VPP apps
Mac admins who have previously installed macOS apps from the Mac App Store (MAS) or the Volume Purchase Program (VPP) may be seeing some of those apps displaying warning messages on launch that the application is damaged.
When observed, this behavior may be appearing because the certificates Apple has been using to digitally sign apps have recently expired, on February 6th 2023 or February 7th 2023. (Both expiration dates have appeared in signing certificates on the apps I’ve checked.)
When the code signing is detected as being invalid, Apple’s security tools are blocking launch as a consequence. In most cases, it appears that the code signing is still appearing as valid despite being past the expiration date.
Update: February 13, 2023 – I’ve received feedback from @macmuleblog after posting that they have seen damaged apps from VPP where they had a valid code signing certificate, so the root cause for the damaged apps may be different than what I initially posted. My apologies for any confusion caused.
Both the Apple Mac OS Application Signing certificate used to sign the apps, and the Apple Worldwide Developer Relations Certification Authority intermediate certificate are showing expiration dates that are now in the past.
In the cases where I’ve experienced applications reporting as damaged, uninstalling the app and reinstalling it seems to have addressed the issue. Hopefully Apple is working on getting the issue handled by re-issuing apps which are signed with a certificate signed with a new expiration date in the future.
Update: February 13, 2023 – It looks like Apple had previously begun the code signing effort I requested above. When I checked Microsoft’s To Do app, I saw that the Apple Mac OS Application Signing certificate used to sign the app and the Apple Worldwide Developer Relations Certification Authority intermediate certificate are showing expiration dates in the future.
Der Flounder 
Recent Comments