Managing Macs with JAMF's Casper Suite

•

0 likes•1,984 views

The document discusses managing Macs at NC State University using Jamf's Casper Suite. It provides an overview of the Casper Suite and NC State's implementation, then describes three scenarios: deploying a new Mac, upgrading an existing Mac, and installing a critical update. For new Mac deployment, it outlines the NetBoot, imaging, and post-imaging configuration process. For upgrades, it discusses continuous integration using additions, uninstalls, upgrades, and maintenance policies. For critical updates, it explains using extension attributes, smart groups, and targeted policies.

Technology News & Politics

The Friendly Ghost
in the Machine:
Managing Macs with JAMF’s Casper Suite
Jason_Robinson@ncsu.edu
Everette_Allen@ncsu.edu

Tuesday, November 19, 13

Casper Suite - Overview

JSS (JAMF Software Server)
- web application (Tomcat and MySQL)
jamf binary
- installed on managed clients
Other components (Recon, Composer, Remote)

Tuesday, November 19, 13

Casper Suite 8
NCSU implementation

•

JSS setup - 2 Xserves with 4 T Xraid SAN
storage, 2 REL Virtual Machines (VMware) on
independent chassis under virtual ip address,
clustered.

•

Distributed support model on campus decisions made at college / department level

•

NC State manages 3532 total devices
(OS X 2778 and iOS 754)

Tuesday, November 19, 13

3 Scenarios

1. Deploy a new Mac
2. Upgrade an existing Mac
3. Install a critical update

Tuesday, November 19, 13

Scenario 1 - Deploy a new Mac
Workﬂow:

•
•
•
•
Tuesday, November 19, 13

Unbox, plug in to network
(thunderbolt-ethernet adapter)
NetBoot
Casper Imaging runs automatically
Complete post-imaging tasks

Scenario 1 - Deploy a new Mac

NetBoot server, custom NetBoot image

•
•
•
•

Tuesday, November 19, 13

Recent OS X (10.8.5 / 10.9)
Auto login as root
Casper Imaging runs at login
MAC address ﬁlters on NetBoot image

Scenario 1 - Deploy a new Mac

Conﬁguration (on JSS)

•
•
•
•

Tuesday, November 19, 13

Packages (e.g. Ofﬁce, Chrome, etc.)
Scripts (e.g. set network time server)
Directory Bindings
Management account

Scenario 1 - Deploy a new Mac

PreStage (on JSS)

•
•
•

Tuesday, November 19, 13

installs the Conﬁguration
sets Department (CALS-NEW)
limits scope (by Network Segment)

Scenario 1 - Deploy a new Mac
Post-imaging tasks
• Edit location information in JSS
• Add to Groups in JSS
• Add to network
• Migrate account(s)

Tuesday, November 19, 13

Scenario 1 - Deploy a new Mac
Why use thunderbolt-ethernet adapters?
So we don't have to:
• wait for DHCP updates (hourly)
• update MAC ﬁlter on NetBoot server
• update Scope of the PreStage on the JSS

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Additions, Uninstalls, Upgrades: Set Priority
• Sweep out /Users
• Repair and Maintenance

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Additions - New install of package

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Additions - New install of package
• Uninstalls/Deletes - Script or uninstall

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Additions - New install of package
• Uninstalls/Deletes - Script or uninstall
• Upgrades - Prioritized packages with
before/after scripts

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Sweep out /Users ??

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Sweep out /Users ??
• Are user ﬁles in /Uses on boot drive

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Sweep out /Users ??
• Are user ﬁles in /Uses on boot drive
• Do we really want to “nuke” all users ﬁles

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Repair and Maintenance

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Repair and Maintenance
• Policy to do all cache cleans, maintenance, etc

Tuesday, November 19, 13

Scenario 2 - Update Existing Mac
aka Continuous Integration

Repair and Maintenance
• Policy to do all cache cleans, maintenance, etc
• Apply all Apple updates

Tuesday, November 19, 13

Scenario 3 - Apply a critical update

Goal: Apply a critical security update to
managed Macs quickly and efﬁciently.
Quickly = The next time a computer checks
in w/ the JSS.
Efﬁciently = Install on all clients that need
it, and only those that need it.

Tuesday, November 19, 13

Scenario 3 - Apply a critical update
Extension Attribute

•

Runs a script to collection information,
stores the result in the JSS.

#!/bin/bash
JavaPluginVersion=$(/usr/bin/defaults read
"/Library/Internet Plug-Ins/
JavaAppletPlugin.plugin/Contents/info"
CFBundleVersion)
echo "<result>$JavaPluginVersion</result>"

Tuesday, November 19, 13

Scenario 3 - Apply a critical update

Smart Group

•

Tuesday, November 19, 13

Based on the Extension Attribute, this group
contains an up-to-date list of all clients that
need the update

Scenario 3 - Apply a critical update

Policy

•
•

Tuesday, November 19, 13

Installs the update package
Scope is limited to the Smart Group

Scenario 3 - Apply a critical update
Reusable - Build once, re-use with only
minor changes for future updates.
Example:

•
•
•

Tuesday, November 19, 13

upload new .pkg
edit Smart Group criteria
ﬂush policy history

More Resources:

jamfsoftware.com
jamfnation.com
slideshare.net
Jason_Robinson@ncsu.edu
Everette_Allen@ncsu.edu

Tuesday, November 19, 13

Similar to Managing Macs with JAMF's Casper Suite

The goal of this test plan is to test SPECTRE and MELTDOWN performance impact on Intel CPU. We will run CPU intensive workloads in Virtual Machine(s) running on non-patched and patched ESXi host and observe performance impact. We will test impact on network, storage and memory performance because these I/O intensive workloads requires CPU caching which is impacted by vulnerabilities remediation. Qualification of performance is very specific and hard subject. The performance impact varies across different hardware and software configurations. However, performed tests are very well described in this document so the reader can understand all conditions of the test and observed results. The reader can also perform tests on his specific hardware and software configurations.

Spectre meltdown performance_tests - v0.3

David Pasek

Use of Spark MLib for Predicting the Offlining of Digital Media-(Christopher ...

Spark Summit

Automatic deployment on .NET web stack (Minsk .NET meetup 12.02.14)

Is Antipov

Installation of pfSense on Soekris 6501

robertguerra

Installation of pfSense on Soekris 6501

robertguerra

Hotspot Garbage Collection - Tuning Guide

jClarity

Hyper-Efficient Mac Deployment

Nick McSpadden

Van jaconson netchannels

Susant Sahani

Open Programmable Architecture for Java-enabled Network Devices

Tal Lavian Ph.D.

[20160621]Constructing Infrastructure Wireless Network Using Open Source

Kyunghee Univ

I have a very noisy secondary application written by a very, very bad developer that accesses my servers, mostly with read queries, and occasionally with write updates. Reads and writes are obsessive and create an impact on the MAIN application. My task is to limit the impact of this secondary application without having the main one affected. To do that I will create two resource groups, one for WRITE and another for READ. The first group, Write_app2, will have no cpu affiliation, but will have lowest priority.

Mysql8 advance tuning with resource group

Marco Tusa

Raspberry with laptop

Prof Kingstan

Even with the best infrastructure, failures will occur without warning and are almost guaranteed. Building applications that can resist this fact of life can be both art and science. In this talk, I'll try to eliminate the art portion and focus more on the science. Starting at high level architecture decisions, I will take you through each layer and finally down to actual application code. Using Cassandra as the back end database, we can build layers of fault tolerance that will leave end users completely unaware of the underlying chaos that could be occurring. With a little planning, we can say goodbye to the Fail Whale and the fragility of the traditional RDBMS. Topics will include: - Application strategies to utilize active-active, diverse, datacenters - Replicating data with the highest integrity and maximum resilience - Utilizing Cassandra's built-in fault tolerance - Architecture of private, cloud or hybrid based applications - Application driver techniques when using Cassandra

Building Antifragile Applications with Apache Cassandra

Patrick McFadin

Implementation of MAC-level sleep-scheduling

Olivier Cervello

GemStone/S Update

ESUG

Adobe AEM Maintenance - Customer Care Office Hours

Andrew Khoury

Deploying Windows 7 is a snap when you’re doing it to a brand new computer. But brand new computers are only part of the problem. What you also need is Windows 7 migration and upgrades. You also want a solution that refreshes Windows 7 with a minimum of effort. Part of doing that requires automatically offloading user data from their old computer, then injecting it onto their new one. There are free tools from Microsoft to do this, and they’re even customizable! Microsoft MVP and deployment expert Greg Shields shares the secrets of Microsoft’s User State Migration Toolkit, a sometimes-missed solution for automating user data migration that you’ll absolutely want in your deployment solution.

TechMentor Fall, 2011 - Automating User Data Migration Duing Windows 7 Migrat...

Concentrated Technology

More and more Enterprises are relying on Apache Kafka to run their businesses. Cluster administrators need the ability to mirror data between clusters to provide high availability and disaster recovery. MirrorMaker 2, released recently as part of Kafka 2.4.0, allows you to mirror multiple clusters and create many replication topologies. Learn all about this awesome new tool and how to reliably and easily mirror clusters. We will first describe how MirrorMaker 2 works, including how it addresses all the shortcomings of MirrorMaker 1. We will also cover how to decide between its many deployment modes. Finally, we will share our experience running it in production as well as our tips and tricks to get a smooth ride.

Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...

HostedbyConfluent

BMC: Bare Metal Container ＠Open Source Summit Japan 2017

Kuniyasu Suzaki

High performance Infrastructure Oct 2013

Server Density

Similar to Managing Macs with JAMF's Casper Suite (20)

Spectre meltdown performance_tests - v0.3

Use of Spark MLib for Predicting the Offlining of Digital Media-(Christopher ...

Automatic deployment on .NET web stack (Minsk .NET meetup 12.02.14)

Installation of pfSense on Soekris 6501

Hotspot Garbage Collection - Tuning Guide

Hyper-Efficient Mac Deployment

Van jaconson netchannels

Open Programmable Architecture for Java-enabled Network Devices

[20160621]Constructing Infrastructure Wireless Network Using Open Source

Mysql8 advance tuning with resource group

Raspberry with laptop

Building Antifragile Applications with Apache Cassandra

Implementation of MAC-level sleep-scheduling

GemStone/S Update

Adobe AEM Maintenance - Customer Care Office Hours

TechMentor Fall, 2011 - Automating User Data Migration Duing Windows 7 Migrat...

Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...

BMC: Bare Metal Container ＠Open Source Summit Japan 2017

High performance Infrastructure Oct 2013

Recently uploaded

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

In the thrilling conclusion to 2023, ransomware groups had a banner year, really outdoing themselves in the "make everyone's life miserable" department. LockBit 3.0 took gold in the hacking olympics, followed by the plucky upstarts Clop and ALPHV/BlackCat. Apparently, 48% of organizations were feeling left out and decided to get in on the cyber attack action. Business services won the "most likely to get digitally mugged" award, with education and retail nipping at their heels. Hackers expanded their repertoire beyond boring old encryption to the much more exciting world of extortion. The US, UK and Canada took top honors in the "countries most likely to pay up" category. Bitcoins were the currency of choice for discerning hackers, because who doesn't love untraceable money?

Ransomware_Q4_2023. The report. [EN].pdf

Overkill Security

The action of the next cyber saga takes place in the mystical lands of the Asia-Pacific region, where the main characters began their digital activities in the middle of 2021 and qualitatively strengthened it in 2022. Corporate espionage, document theft, audio recordings, and data leaks from messaging platforms were all a matter of one day for Dark Pink. Their geographical focus may have started in the Asia-Pacific region, but their ambitions knew no bounds, targeting a European government ministry in a bold move to expand their portfolio. Their victim profile was as diverse as a UN meeting, targeting military organizations, government agencies, and even a religious organization. Because discrimination is not a fashionable agenda. In the world of cybercrime, they serve as a reminder that sometimes the most serious threats come in the most unassuming packages with a pink bow.

Cyberprint. Dark Pink Apt Group [EN].pdf

Overkill Security

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

DBX First Quarter 2024 Investor Presentation

Dropbox

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

Exploring Multimodal Embeddings with Milvus

Zilliz

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Recently uploaded (20)

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

How to Troubleshoot Apps for the Modern Connected Worker

Ransomware_Q4_2023. The report. [EN].pdf

Cyberprint. Dark Pink Apt Group [EN].pdf

FWD Group - Insurer Innovation Award 2024

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

DBX First Quarter 2024 Investor Presentation

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Exploring Multimodal Embeddings with Milvus

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

AWS Community Day CPH - Three problems of Terraform

CNIC Information System with Pakdata Cf In Pakistan

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Boost Fertility New Invention Ups Success Rates.pdf

Exploring the Future Potential of AI-Enabled Smartphone Processors

[BuildWithAI] Introduction to Gemini.pdf

Apidays New York 2024 - The value of a flexible API Management solution for O...

Strategies for Landing an Oracle DBA Job as a Fresher

Managing Macs with JAMF's Casper Suite

1. The Friendly Ghost in the Machine: Managing Macs with JAMF’s Casper Suite Jason_Robinson@ncsu.edu Everette_Allen@ncsu.edu Tuesday, November 19, 13

2. Casper Suite - Overview JSS (JAMF Software Server) - web application (Tomcat and MySQL) jamf binary - installed on managed clients Other components (Recon, Composer, Remote) Tuesday, November 19, 13

3. Casper Suite 8 NCSU implementation • JSS setup - 2 Xserves with 4 T Xraid SAN storage, 2 REL Virtual Machines (VMware) on independent chassis under virtual ip address, clustered. • Distributed support model on campus decisions made at college / department level • NC State manages 3532 total devices (OS X 2778 and iOS 754) Tuesday, November 19, 13

4. 3 Scenarios 1. Deploy a new Mac 2. Upgrade an existing Mac 3. Install a critical update Tuesday, November 19, 13

5. Scenario 1 - Deploy a new Mac Workﬂow: • • • • Tuesday, November 19, 13 Unbox, plug in to network (thunderbolt-ethernet adapter) NetBoot Casper Imaging runs automatically Complete post-imaging tasks

6. Scenario 1 - Deploy a new Mac NetBoot server, custom NetBoot image • • • • Tuesday, November 19, 13 Recent OS X (10.8.5 / 10.9) Auto login as root Casper Imaging runs at login MAC address ﬁlters on NetBoot image

7. Scenario 1 - Deploy a new Mac Conﬁguration (on JSS) • • • • Tuesday, November 19, 13 Packages (e.g. Ofﬁce, Chrome, etc.) Scripts (e.g. set network time server) Directory Bindings Management account

8. Scenario 1 - Deploy a new Mac PreStage (on JSS) • • • Tuesday, November 19, 13 installs the Conﬁguration sets Department (CALS-NEW) limits scope (by Network Segment)

9. Scenario 1 - Deploy a new Mac Post-imaging tasks • Edit location information in JSS • Add to Groups in JSS • Add to network • Migrate account(s) Tuesday, November 19, 13

10. Scenario 1 - Deploy a new Mac Why use thunderbolt-ethernet adapters? So we don't have to: • wait for DHCP updates (hourly) • update MAC ﬁlter on NetBoot server • update Scope of the PreStage on the JSS Tuesday, November 19, 13

11. Scenario 2 - Update Existing Mac aka Continuous Integration Tuesday, November 19, 13

12. Scenario 2 - Update Existing Mac aka Continuous Integration Additions, Uninstalls, Upgrades: Set Priority • Sweep out /Users • Repair and Maintenance Tuesday, November 19, 13

13. Scenario 2 - Update Existing Mac aka Continuous Integration Additions, Uninstalls, Upgrades: Set Priority • Sweep out /Users • Repair and Maintenance Tuesday, November 19, 13

14. Scenario 2 - Update Existing Mac aka Continuous Integration Additions, Uninstalls, Upgrades: Set Priority • Sweep out /Users • Repair and Maintenance Tuesday, November 19, 13

15. Scenario 2 - Update Existing Mac aka Continuous Integration Tuesday, November 19, 13

16. Scenario 2 - Update Existing Mac aka Continuous Integration Additions - New install of package Tuesday, November 19, 13

17. Scenario 2 - Update Existing Mac aka Continuous Integration Additions - New install of package • Uninstalls/Deletes - Script or uninstall Tuesday, November 19, 13

18. Scenario 2 - Update Existing Mac aka Continuous Integration Additions - New install of package • Uninstalls/Deletes - Script or uninstall • Upgrades - Prioritized packages with before/after scripts Tuesday, November 19, 13

19. Scenario 2 - Update Existing Mac aka Continuous Integration Tuesday, November 19, 13

20. Scenario 2 - Update Existing Mac aka Continuous Integration Sweep out /Users ?? Tuesday, November 19, 13

21. Scenario 2 - Update Existing Mac aka Continuous Integration Sweep out /Users ?? • Are user ﬁles in /Uses on boot drive Tuesday, November 19, 13

22. Scenario 2 - Update Existing Mac aka Continuous Integration Sweep out /Users ?? • Are user ﬁles in /Uses on boot drive • Do we really want to “nuke” all users ﬁles Tuesday, November 19, 13

23. Scenario 2 - Update Existing Mac aka Continuous Integration Sweep out /Users ?? • Are user files in /Uses on boot drive • Do we really want to “nuke” all users files • Do we need a backup first Tuesday, November 19, 13

24. Scenario 2 - Update Existing Mac aka Continuous Integration Sweep out /Users ?? • Are user files in /Uses on boot drive • Do we really want to “nuke” all users files • Do we need a backup first • NO UNDO!! Tuesday, November 19, 13

25. Scenario 2 - Update Existing Mac aka Continuous Integration Tuesday, November 19, 13

26. Scenario 2 - Update Existing Mac aka Continuous Integration Repair and Maintenance Tuesday, November 19, 13

27. Scenario 2 - Update Existing Mac aka Continuous Integration Repair and Maintenance • Policy to do all cache cleans, maintenance, etc Tuesday, November 19, 13

28. Scenario 2 - Update Existing Mac aka Continuous Integration Repair and Maintenance • Policy to do all cache cleans, maintenance, etc • Apply all Apple updates Tuesday, November 19, 13

29. Scenario 2 - Update Existing Mac aka Continuous Integration Repair and Maintenance • Policy to do all cache cleans, maintenance, etc • Apply all Apple updates • Only update inventory and reboot on last policy Tuesday, November 19, 13

30. Scenario 3 - Apply a critical update Goal: Apply a critical security update to managed Macs quickly and efﬁciently. Quickly = The next time a computer checks in w/ the JSS. Efﬁciently = Install on all clients that need it, and only those that need it. Tuesday, November 19, 13

31. Scenario 3 - Apply a critical update Extension Attribute • Runs a script to collection information, stores the result in the JSS. #!/bin/bash JavaPluginVersion=$(/usr/bin/defaults read "/Library/Internet Plug-Ins/ JavaAppletPlugin.plugin/Contents/info" CFBundleVersion) echo "<result>$JavaPluginVersion</result>" Tuesday, November 19, 13

32. Scenario 3 - Apply a critical update Smart Group • Tuesday, November 19, 13 Based on the Extension Attribute, this group contains an up-to-date list of all clients that need the update

33. Scenario 3 - Apply a critical update Policy • • Tuesday, November 19, 13 Installs the update package Scope is limited to the Smart Group

34. Scenario 3 - Apply a critical update Reusable - Build once, re-use with only minor changes for future updates. Example: • • • Tuesday, November 19, 13 upload new .pkg edit Smart Group criteria ﬂush policy history

35. Questions? Tuesday, November 19, 13

36. More Resources: jamfsoftware.com jamfnation.com slideshare.net Jason_Robinson@ncsu.edu Everette_Allen@ncsu.edu Tuesday, November 19, 13

Managing Macs with JAMF's Casper Suite

Recommended

Recommended

More Related Content

Similar to Managing Macs with JAMF's Casper Suite

Similar to Managing Macs with JAMF's Casper Suite (20)

Recently uploaded

Recently uploaded (20)

Managing Macs with JAMF's Casper Suite