Unable to enable FileVault on macOS Mojave

February 8, 2019 2 comments

As part of FileVault on Apple File System, Apple introduced a new account attribute called Secure Token. Secure Token can present some interesting complications for Mac admins and among them is this scenario:

“The laptop is decrypted, but we can’t re-enable FileVault now.”

Usually, this happens because the account password was changed outside of the Users & Groups preference pane in System Preferences and now Secure Token and the account password are out of sync with each other.

Up until today, the only fix I knew of for that situation was to back up the data and wipe the drive. However, it looks like there is a workaround that fixes the password problem and sorts out the Secure Token attribute for the account on a decrypted laptop. For more details, please see below the jump.

Read more…

Providing access to macOS software updates via Jamf Pro’s Self Service

February 5, 2019 8 comments

For a number of OS releases, Apple made both macOS software updates and Mac App Store (MAS) updates available via the MAS Updates page. I was able to use this to provide an easy way for customers to check for available software updates using Jamf Pro’s Self Service

As of macOS Mojave though, Apple moved macOS software updates to the Software Update preference pane in System Preferences.

Screen Shot 2019 02 05 at 10 56 41 AM

Opening the Software Update preference pane will automatically trigger a check for available macOS updates, so it’s possible to approximate the previous behavior by running the following command without root privileges:

open /System/Library/PreferencePanes/SoftwareUpdate.prefPane

When this command is run via the command line, the following actions take place:

  1. System Preferences launches
  2. The Software Update preference pane automatically loads
  3. The Mac automatically checks for macOS updates.

For folks using Jamf Pro, this command can be leveraged to provide a way for customers to easily check for macOS software updates on their own schedule. For more details, see below the jump.

Read more…

Detecting installed 32-bit applications on macOS Mojave

January 30, 2019 Leave a comment

Over the past couple of OS releases, Apple has made it increasingly clear that 32-bit applications are on the way out. Starting with macOS High Sierra 10.13.4, launching a 32-bit application for the first time will result in a message similar to this being displayed:

macOS High Sierra 10.13.4 and later

Macos high sierra 32 bit app alert

macOS Mojave 10.14.x

Macos mojave 32 bit app alert

When the Learn More… button in the alert window is clicked, the following Apple KBase article opens in your default web browser:

32-bit app compatibility with macOS High Sierra 10.13.4 and later
https://support.apple.com/HT208436

To help identify if and where 32-bit applications have been installed, you can use /Applications/Utilities/System Information.app‘s list of installed software to identify which installed applications show up with the following status:

64-Bit (Intel): No

Screen Shot 2019 01 30 at 4 02 22 PM

 

To assist with automating this task, a script is available which uses the /usr/sbin/system_profiler command line tool to detect all 32-bit apps installed in /Applications, /Library or /usr/local and output the list to a logfile stored in /var/log. For more details, please see below the jump.

Read more…

Building macOS installer disk images for virtual machines with create_macos_vm_install_dmg

January 25, 2019 1 comment

A while back, I wrote a couple of scripts which built installers for Mac virtual machines:

However, Apple made some changes to the macOS installer starting in macOS Sierra 10.12.4 which broke the method I was using to build the installers. Recently though, I figured out that I could use Apple’s createinstallmedia tool to help me with building installers for Mac virtual machines again. After a substantial re-write, create_macos_vm_install_dmg is able to create bootable disk images for virtual machines running macOS Sierra, High Sierra and Mojave.

One change from the previous version of the create_macos_vm_install_dmg script is that the resulting installer no longer runs an automated installation. Instead, it will be necessary to follow the prompts to select the language and drive to install the OS onto. For more details, please see below the jump.

Read more…

Unlock your FileVault-encrypted boot drive using Disk Utility on macOS Mojave

January 18, 2019 Leave a comment

In the event that you need to unlock an unbootable FileVault-encrypted boot drive on macOS Mojave, it’s possible to do so using Disk Utility and the password to a FileVault-enabled account on the drive.

For more details, see below the jump.

Read more…

Unlock or decrypt your FileVault-encrypted boot drive from the command line on macOS Mojave

January 15, 2019 2 comments

As part of working with FileVault on macOS Mojave, it may be necessary to decrypt an encrypted boot drive in order to fix a problem. On Mojave all boot volumes will use Apple File System (APFS), so to unlock or decrypt an encrypted boot drive from the command line, you will need to do the following:

  1. Identify the relevant encrypted APFS volume
  2. Unlock the encrypted APFS volume
  3. If needed, decrypt the encrypted APFS volume

For more details, see below the jump.

Read more…

Enabling automatic macOS software updates for OS X Yosemite through macOS Mojave

December 28, 2018 4 comments

A while back, I wrote a post on how to enable automatic OS X updates on OS X Yosemite. The methods used to enable automatic macOS updates changed as of macOS Mojave, so let’s take a look at the changes. For more details, please see below the jump.

Read more…

%d bloggers like this: