Author Archive

Recovering Automator workflows from Automator applications

August 1, 2015 1 comment

Every so often, source code for an application gets lost, mislaid or not given to a customer. In that case, the application’s user may need to do a lot of work to decompile the application and see if the source code can be recovered from the application itself.

I recently had a colleague ask about a similar situation with an Automator application, where they had the Automator application itself but didn’t have access to the Automator workflow that created it.

After some testing, here’s how we were able to access the workflow using only the compiled application.

1. Save a copy of the Automator application to a convenient location.

Screen Shot 2015 08 01 at 8 16 21 AM

2. Right-click on the application and select Show Package Contents.

Screen Shot 2015 08 01 at 8 16 47 AM

3. Save a copy of Contents/document.wflow to a convenient location.

Screen Shot 2015 08 01 at 8 17 00 AM

4. Rename document.wflow to preferred_file_name_here.workflow.

5. When prompted, confirm that you want to change the extension from .wkflow to .workflow.

Screen Shot 2015 08 01 at 8 17 28 AM

At this point, you should be able to open the newly-renamed .workflow document in Automator and examine the workflow.

Screen Shot 2015 08 01 at 8 17 42 AM


Screen Shot 2015 08 01 at 8 17 56 AM

Update 8-1-2015: Steve Hayman pointed out that there’s an even easier way. For details, see below the jump.

Read more…

Categories: Automator, Mac OS X

Gatekeeper automatically re-enables after 30 days on Yosemite and later

July 31, 2015 1 comment

On OS X 10.10.x and later, disabling Gatekeeper does not mean it is permanently off. After a set amount of time (currently 30 days), Gatekeeper will automatically re-enable itself with the Allow apps downloaded from: Mac App Store and identified developers setting.

Screen Shot 2015 07 31 at 4 49 06 AM

I was able to track down which part of the OS this was coming from and it looks like it’s defined as part of syspolicyd:

Screen Shot 2015 07 31 at 7 00 01 AM


After doing some research, it looks like Gatekeeper’s automatic re-enablement function can be disabled by running the following command with root privileges:

defaults write /Library/Preferences/ GKAutoRearm -bool false

This would allow Gatekeeper to be set to Allow apps downloaded from: Anywhere and have it stay that way.

Screen Shot 2015 07 31 at 4 48 58 AM


For those who want to set this with a management profile, I’ve created a .mobileconfig file and posted it here on Github:

Update – 7-31-2015: My colleague Tom Burgin points out that this may not be manageable via a profile after all, due to the way Apple has set the value that it’s reading:

If a management profile isn’t being respected, the defaults command listed above is the way to apply this to machines.

I’ve filed a bug report about this. For those interested in duping this bug, the bug report ID is 22094327. I’ve also cross-posted it to OpenRadar:

Updated CasperCheck now available

July 29, 2015 2 comments

JAMF announced today that, due to changes that are coming in OS X 10.11, Casper’s jamf binary will be moving its location in a future release of Casper. For those not familiar with Casper, the jamf binary is the agent software which Casper installs on Macs in order to manage them.

Update – 7-30-2015: JAMF clarified that the new location is going to be /usr/local/bin/jamf, instead of /usr/local/jamf as I originally understood it to be. I’m updating this post and CasperCheck with the new path information.

Current location:


Future location:


From today’s announcement, it also appears that the jamf binary will not be moving on all versions of OS X:

Mac OS X 10.5.x – 10.6: The jamf binary will be staying in /usr/sbin/
Mac OS X 10.7.x and later: The jamf binary will be moving to /usr/local/bin

Now that this information is public, I’m releasing an update to CasperCheck that should be able to handle checking for the Casper agent in both its current and its future locations. For more information, see below the jump.

Read more…

Mining OS X for Apple’s artwork

July 29, 2015 3 comments

When building a presentation in Keynote, I often use Apple’s icons and other images included in OS X to illustrate my slides. This is because Apple’s already done a lot of work creating high-res images for OS X and it’s often helpful to use Apple’s own artwork when illustrating how something works. However, this artwork can also be hard to find as it can be buried deep within applications and other resource files. To help me get this artwork all together in one place, I’ve developed a script to search OS X for icons and other relevant images in various file formats, copy them when found, then organize the copied artwork. For more information, see below the jump.

Read more…

Mac Admin & Developer Conference UK

July 21, 2015 Leave a comment

I’m happy to announce that I’ll be speaking at the inaugural Mac Admin & Developer Conference UK, which is taking place in London from February 9th – 10th, 2016.

You can see the entire list of speakers at If you’re interested in speaking as well, the call for speakers is open!

Customizing Automator application icons

July 19, 2015 Leave a comment

As part of my work with packaging, I’ve built a few Automator-based applications to assist me and other Mac admins.

Along with building the applications themselves, I wanted to provide custom icons for these apps. This would help them be instantly distinguishable from other Automator applications and also help make them look more polished.

I recently decided to change out the application icon for Payload-Free Package Creator, as its icon had been created on Mavericks and now appeared a little dated when used on Yosemite. With input from my colleague Elliot Jordan, the new icon for Payload-Free Package Creator now looks like this.

Payload Free Package Creator logo

For more information on how I went from this PNG file to an icon set for the application, please see below the jump.

Read more…

Categories: Automator, Mac OS X

Penn State MacAdmins Conference music playlists

July 16, 2015 Leave a comment

The folks at Penn State MacAdmins always have great music for their conference and have been kind enough to share the playlists via Spotify.

For those who want the playlists, please see the links below:

Penn State MacAdmins 2013 playlist:

Penn State MacAdmins 2014 playlist:

Penn State MacAdmins 2015 playlist:


Get every new post delivered to your Inbox.

Join 224 other followers

%d bloggers like this: