MacTech Groups Agenda
Tue, Sep12, 2023
3:00 to 4:30 pm
In person Room B16-B Hillsborough Building
or
https://ncsu.zoom.us/j/98050685794?pwd=bU9aQUVqaW5ydU5JS0k1bzA5V0Jqdz09

Announcements – 5 min OIT only supports macOS 12.x or newer after Dec 31, 2023 
NOTE: Many vendors are dropping support for 10.x versions of macOS.  If there is hardware that can not update to macOS 12 or newer, it is time to plan for replacement.
Status page for jamfcloud.com services see http://status.jamfsoftware.com
OIT Macintosh Support Web Site go.ncsu.edu/mac for updates.
Slack group ncstateit.slack.com #macintosh
Apple Sales: Paul Petrogeorge-paulpetro@apple.com & Sys Eng: Dave Andersen-andersen1@apple.com
Vintage and Obsolete Apple Products: support.apple.com/kb/HT1752
Apple Education Support Line 800-800-2775 use this number only. Always verify Applecare Coverage.
Antivirus for university owned devices – go.ncsu.edu/antivirus
Unity MultiUser Workflow uses XCreds with local home directory  See go.ncsu.edu/jamfcheat#xcreds
OIT supports only Apple branded Apple Silicon(arm64) and Intel (intel64) hardware for macOS and software. Only unmodified iOS/iPadOS/tvOS is supported. NOTE: watchOS and xrOS are best effort with no official support.
Please remember to verify prices at www.apple.com/education/pricelists/ with NC State Marketplace
Authorized NC State personnel wanting to get training and tools for Apple Certified Technician should request an invitation by opening a help desk ticket at  help@ncsu.edu Must login to GSX monthly!!
JAMF Pro Enterprise service go.ncsu.edu/jamf,  go.ncsu.edu/jamfinfo and go.ncsu.edu/uwc for details
Required Jamf Pro Implementation of Endpoint Protection Standard – go.ncsu.edu/jamfeps
JAMF Pro Cheat Sheet at go.ncsu.edu/jamfcheat for details on common configuration management tasks
JNUC 2023- will be held in Austin, TX- Sep. 19-21, 2023 Several NCSU folks are attending.    community.jamf.com/t5/jamf-nation-user-conference/jamf-nation-user-conference-2023-registration-is-open/td-p/283510
UNC CAUSE 2023- will be held in Winston Salem, NC – Oct. 25-27, 2023Training – 5 minVirtual Quick Start Jamf Pro at NCSU course – 1 Hour – available by scheduling Everette at calendly.com/ncsuegaHands On only:OIT-Managing Apple Devices with Jamf Pro -Hands On Only Sep 28, 2023  1:30-4:30 HLB B3
reporter.ncsu.edu/link/instanceview?courseID=OIT-JPro01-JPro01&deptName=OIT&instanceID=000012OIT-Jamf Pro Best Practices for Packagers -Hands On Only Oct 24, 2023 HLB B3
reporter.ncsu.edu/link/instanceview?courseID=OIT-JPro03-JPro03&deptName=OIT&instanceID=000010OIT-Advanced Apple Device Management with Jamf Pro -Hands On Only Nov 7, 2023 1:30-4:30 HLB B3
reporter.ncsu.edu/link/instanceview?courseID=OIT-JPro02-JPro02&deptName=OIT&instanceID=000011JAMF Pro Training – www.jamf.com/training/ Apple Training – training.apple.com/it  – Certified IT Professional and Certified Support Professional

 

Service Updates – 30 min 

Configuration Management  – Jamf Pro production is currently 10.48.1, test on nccloudtest is 10.50.0, and beta is not currently available.  We will skip directly to version 10.50 when we vote to do the production update.  PLEASE TEST 10.50!
We continue to do on-going clean up of unused objects in the Jamf Pro database and are working with Jamf support on several known product issues (PI). Please remove any unused Smart Groups and switch any Smart Groups that are not used in a Scope to an Advanced Report. Please verify that any Configuration Profiles for kernel or system extensions have the correct exclusions based on the processor types they run on. Expect more clean up lists shortly. Jamf Pro is the only approved Configuration Management system for macOS, iOS, iPadOS, and tvOS.  See oit.ncsu.edu/it-security/eps-implementation/config-mgt-systems/
Discussion

Patch Management – The Jamf App Catalog which has 142 titles.
learn.jamf.com/bundle/jamf-app-catalog/page/Release_History_App_Installers.html

Jamf Connect Updates – the latest version of Jamf Connect, 2.27.0.  See the release notes at
learn.jamf.com/bundle/jamf-connect-documentation-current/page/Release_History.html
NOTE: Jamf Connect 2.20.0 is last version that supports macOS 10.x
Discussion

XCreds Project – No change. Latest installer is NCSU-Campus-XCreds-3.1.5084 in Jamf Pro Distribution.
Note: XCreds requires a free, Campus wide, license configuration profile.
The license for XCreds is available for the entire campus use at no cost and will remain so.
See go.ncsu.edu/jamfcheat#xcreds for implementation details.

Backup for Endpoints – CrashPlan version 11.1.1.2 is in production, macOS PPPC see:
support.crashplan.com/hc/en-us/articles/8695023896845-Grant-CrashPlan-permissions-to-macOS-devices                                                                                                                          
NOTE: All updates to existing clients are pushed from the web service.
For NEW installs only, use the package in JAMF is “NCSU-Campus-Install_CrashPlan-11.1.1.2.pkg” The “NCSU-Campus-Install Code42CrashPlan License and Config.pkg” is required in the policy as before for new installs.  An installer for 11.1.0 will be available when we can get it.

Internet Recovery – No change
https://support.apple.com/en-us/HT204904.
Also see: https://mrmacintosh.com/restore-macos-firmware-on-an-apple-silicon-mac-boot-to-dfu-mode/

Software Packaging
Any needs?

AntiMalware – No Change
DetectX Swift 1.0983 (universal) is still available. See oit.ncsu.edu/help-support/apple/jamf-pro/detectx-setup-in-jamf-pro/   
For Sites that have paid for a Crowdstrike Falcon license use NCSU-Campus-Crowdstrike-6.49.162.01.pkg for new installs.  Patching is done directly from the MCNC Crowdstike server.   Note that a PPPC configuration profile is needed for silent installation on devices with non-admin users.  See details at:
help.redcanary.com/hc/en-us/articles/4535994057879-How-to-Manually-Create-a-Jamf-Pro-Configuration-Profile-for-all-CrowdStrike-macOS-Sensor-Versions

Apple School Manager – No change. REMINDER Make sure you *unassign* any devices you have sent to surplus.

Endpoint Protection Standard  – Required Jamf Pro Implementation of Endpoint Protection Standard is at  go.ncsu.edu/jamfeps  

— 

Apple OS Security Updates – 1 min
Just a reminder that Apple has released security updates that combat known security issues that are in the wild.
support.apple.com/en-us/HT201222
www.cisa.gov/news-events/alerts/2022/09/13/apple-releases-security-updates-multiple-products
All users should be encouraged to do these updates in a timely manner especially on iOS.

***WARNING Jamf LAPS testing on nccloudtest.jamfcloud.com only  – 30 min
BE AWARE that we will turn on the new JAMF LAPS feature globally(only option) on the test server nccloudtest.jamfcloud.com on Thu Sep 14, 2023 after 0900. This means ANY account created in the PreStage with admin permissions will have it’s password rotated 60 min after creation and every week thereafter.   This is for testing with eye to vote on enabling in production sometime after the 10.50 update. THIS CAN ONLY BE TURNED ON GLOBALLY! So everyone will have to use it IF we vote to turn it on.
READ THESE:
https://learn.jamf.com/bundle/technical-paper-laps-current/page/Local_Administrator_Password_Solution.html
https://community.jamf.com/t5/tech-thoughts/how-to-securely-manage-local-admin-passwords-with-jamf-pro-and/ba-p/289969
This is a big, big change for folks still using a local admin account with a static password that everyone has always known.  It means folks will have to look up the admin password before logging into a device for support (like looking up the FileVault key). It also means these accounts will for the first time be reasonably secure.
Jamf has said that a future version “late summer 2023” will have a web interface to look up the password but today that has to be done via the API.  We will not enable this in production until that GUI feature is available. To help with this in testing ONLY we have added the script “Retrieve JAMF LAPS Password.zsh” (see https://gist.github.com/talkingmoose/fe84537a3a6951caa7fcb767d15ee3e6).
Discussion

New Apple OS Updates are upon us – 5 min
With today’s announcements Apple will be releasing updates to macOS14 and iOS/iPadOS 17 in the next few weeks.  If you have not already tested your software workflows it is past time.  Remember you will not be able to prevent updates unless you set a deferral profile and then only for 90 days max.  End users running macOS 13 or better will be able to update  WITHOUT being administrator or elevating permissions. Remember that anyone with a school.apple.com account can login to appleseed.apple.com and download the latest pre-releases and there is a good reference on the Mr. Macintosh web site at:
mrmacintosh.com/macos-sonoma-full-installer-database-download-directly-from-apple/
Discussion

Apply Profiles for CrowdStrike Before Install – 5 min
We have seen several reports that new installations of CrowdStrike Falcon on macOS 13 and newer are unable to complete and report after install if the configuration profile for the system extension filter is not in place at install time.  These can be safely added to a Jamf Pro PreStage to make sure they are in place.  To create the profiles see:help.redcanary.com/hc/en-us/articles/4535994057879-How-to-Manually-Create-a-Jamf-Pro-Configuration-Profile-for-all-CrowdStrike-macOS-Sensor-Versions
Indication that the installs is not is an error from “sudo /Applications/Falcon.app/Contents/Resources/falconctl stats” saying “No such file or directory”.
Discussion

Apple Announcements at “Wanderlust” event  –  30 min
Recap of today’s “Wanderlust” event and announcements.
Discussion

Q&A – 15 min
You ask we try to answer 

Next meeting:
MacTech – Tue. Oct 10, 2023  In person/Zoom hybrid
MacTech – 2nd Tuesday each month: Jan, Feb, Mar, Apr, May, Jun, Aug, Sep, Oct, Nov, Dec
MacTech does not meet in July.
Meetings usually held in B16-B Hillsborough Bld.
Please mark your calendar.