MacTech 02132018

MacTech Groups Agenda
Tuesday, Feb 13, 2018
2:30 to 4:30 — Room B16-B Hillsborough Bld.

 

  • Announcements – 5 min

 

    1. OIT only supports OS X 10.11.6 and macOS 10.13.2 or newer
    2. Status page for jamfcloud.com services see http://status.jamfsoftware.com
    3. OIT Macintosh Support Web Site go.ncsu.edu/mac for updates.
    4. Slack group ncstateit.slack.com #macintosh
    5. Apple Sales: Paul Petrogeorge-paulpetro@apple.com & Sys Eng: Dave Anderson-andersen1@apple.com
    6. macOS versions that shipped with Intel Hardware: support.apple.com/kb/HT1159
    7. Vintage and Obsolete Apple Products: support.apple.com/kb/HT1752?viewlocale=en_US
    8. Apple Education Support Line 800-800-2775 use this number only. Always verify Apple Care Coverage.
    9. Antivirus for university owned devices – go.ncsu.edu/antivirus
    10. Unity Macintosh Workflow uses Active Directory configuration with local home directory at /Users/$uid$
    11. OIT supports only Apple, Intel (i386) hardware for Mac OS and software. Only unmodified iOS is supported.
    12. Please remember to check prices at www.apple.com/education/pricelists/ to verify best price with NC State Marketplace
    13. Authorized NC State personnel wanting to get training and tools for Apple Certified Technician should request invitation by opening a help desk ticket at  help@ncsu.edu  Must login to GSX  monthly!!
    14. UNC Combined Pricing Initiative (CPI) oit.ncsu.edu/campus-it/it-purchasing/unc-combined-pricing-initiative-cpi-program-at-nc-state/
    15. JAMF Pro Enterprise service go.ncsu.edu/jamf,  go.ncsu.edu/casperinfo and go.ncsu.edu/uwc for details
    16. Endpoint Protection Standard Draft https://docs.google.com/a/ncsu.edu/document/d/1z1ZQm8HrEX27xjImjQtLPAZ15N1mfGjvsjHH1HTGLcM/edit?usp=sharing  

  1. Training Needs – 5 min
    1. OIT-Managing OS X with Jamf Pro – Request –
      reporter.ncsu.edu/link/courseview?courseID=OIT-JPro01-JPro01&deptName=OIT
    2. OIT-Casper Best Practices for Packagers – Request – webapps.ncsu.edu/classmate/workshop/index/details/workshopId/351
    3. OIT-Advanced OS X Management with Jamf Pro – Request – webapps.ncsu.edu/classmate/workshop/index/details/workshopId/881
    4. CrashPlan for Sub-Org Administrators – Request – reporter.ncsu.edu/link/courseview?courseID=OIT-CPlan1-CPlan1&deptName=OIT
    5. Local Based Commercial Training – training.computertree.com/course/
    6. JAMF Pro Training – www.jamf.com/training/

  2. Service Updates- 10 min
    1. Jamf Pro – V 10.2.0 released Feb 13, 2018 and available on nccloudtest.jamfcloud.com
      JDS will be removed in the second half of 2018. Should move to production Feb  28, 2018 with JCDS master before Mar 15, 2018.  GSX Cert in process of being renewed.
      Service Now Plugin for JAMF Pro partially working in SNow Dev (imports but will not update).
    2. CrashPlan -Code42 forcing V6.5.x upgrade by May 2018. Looking at options. Will require a client reinstall and full backup.  Old 5.x servers will remain available until Cold Storage purges, ~ 1 year.
    3. NetInstall – is being removed from macOS server.  https://support.apple.com/en-us/HT208312 Secure Boot and hardware based encryption on macOS devices going forward limits this service.  Apple pushing Internet Reinstall, DEP and VPP.  
    4. AutoPKGR – Has issue with Jamf Pro v10 that requires manual PKG upload but working on this with Jamf and the original author.  JSS Importer 1.0 is out but has issue with JDS and all cloud DPs.
    5. Antivirus – New version has not come forth yet. Current: NCSU-Campus-System Center Endpoint Protection for macOS Installer.pkg at nc.jamfcloud.com/packages.html?id=3853
    6. DEP/VPP/Apple School – Planning move to Spring 2018Apple School Manager.
    7. Endpoint Protection – Approved by CAS but not time line.
      Draft “BluePrint for macOS Endpoint Protection” (https://docs.google.com/document/d/1Pdv8Z3aU374i1cNwvvrEd3yRnmeU2qXRolpYwP8jaUs/edit),  Also looking at creating Service Now “Endpoint Compliance” report for all points of the standard.

  3. Jamf Pro 10.2.0 testing and move to production- 10 min
    Jamf Pro version 10.2.0 is now available for testing on nccloudtest.jamfcloud.com.  We will be moving to JCDS master shortly after this upgrade as the JDS is EOL. We are working with Jamf on best path to sync JDS to JCDS one final time.  Release notes at
    http://docs.jamf.com/10.2.0/jamf-pro/release-notes/What’s_New.html
     Discussion

  4. Testing help needed for granular profiles- 10 min
    https://drive.google.com/open?id=1KUWhCiOA-kzqfCVoZulkRFCxSahPajh_
    Discussion

  5. 64 bit Applications Enforce June 2018 – 5 min
    https://developer.apple.com/news/?id=06282017a – Discussion

  6. New kernel extension approval coming
    https://developer.apple.com/library/content/technotes/tn2459/_index.html
    —–
    How This Affects Enterprise App Distribution:
    For enterprise deployments where it is necessary to distribute software that includes kernel extensions without requiring user approval, there are two options:

    –If your workflow is based on imaging, boot into Recovery OS and use the spctl kext-consent command. For detailed information about the spctl command, run the command spctl help. This command can either disable the user approval requirement completely or specify a list of Team IDs whose KEXTs may be loaded without user approval. The spctl command works in any installation environment, including Recovery OS and from NetBoot/NetInstall/NetRestore images.
    Note that the Team ID list maintained by spctl is separate from the system-wide policy database.

    –For workflows that leverage mobile device management (MDM), all systems with a valid MDM profile installed will not require user approval to load any properly-signed kernel extension.

    To reiterate, all third-party KEXTs that were already installed at the time of upgrading to macOS High Sierra are automatically approved and don’t require any user action
    —–
    Discussion

  7. Q&A – 15 min
    You ask we try to answer

Next meeting:
MacPolicy – Tue. May 8, 2018 in Room B16-B Hillsborough from 1:30-2:30 pm.
MacTech – Tue. Mar 13, 2018 in Room B16-B Hillsborough from 2:30-4:30 pm.
MacPolicy – 2nd Tuesday each quarter in Feb, May, Aug, Nov.
MacTech – 2nd Tuesday each month: Jan, Feb, Mar, Apr, May, Jun, Aug, Sep, Oct, Nov, Dec
MacPolicy and MacTech will not meet in July.  
Meetings usually held in B16-B Hillsborough Bld.
Please mark your calendar.