Monday, April 13, 2020

setup Shared iPad for Business

Shared iPad can also be used in business, Multiple users can use the iPad and the USer experiences can be like a personal device, even though the device is shared.

To set up the Shared iPad it requires an MDM solution, Apple Business Manager and Managed Apple ID created using Microsoft Azure.

Shared iPad Support on:
iPad Pro
iPad 5th Gen
iPad Air 2
iPad mini 4th Gen

iPadOS 13.4

Following setup had to be done in MDM:

When Setting up the AutoEnrollment configuration select Shared iPad.

Sign into shared iPad:

1. Once the Device is configured Enter the  Manage Apple ID Username and Password
2.Create a Shared iPad Password
3. Next time when you use the iPad, use Manage Apple ID user name and shared iPad Password.

 Shared iPad Temporary Session

IiPadOS 13.4 or later, any user can initiate a temporary session without the need for a username or password by tapping Guest at the login screen. All their data — including browsing history — is deleted when the user signs out.

Using Temporary Sessions with Shared iPad also prevents users from modifying account settings or signing into Apple services. For example, users can’t create new mail accounts in Settings or sign in to the App Store.


Note: Shared iPad Temporary session can be disable using MDM.



Wednesday, January 16, 2019

Script Jamf


Assest Tag:

Cat: None

#!/bin/bash
assetTag=$(osascript -e 'text returned of (display dialog "Please type in your asset tag" default answer "JS#####" buttons {"OK"} default button 1)')
sudo jamf recon -assetTag $assetTag

Policy > files and Process : Clean OS install:
"/Applications/Install macOS Mojave.app/Contents/Resources/startosinstall" --eraseinstall --newvolumename "Macintosh HD" --agreetolicense


upload sys log:

cat: system tools

#!/bin/bash
serial=$(system_profiler SPHardwareDataType | awk '/Serial Number/{print $4}')
jamfID=$(curl -sku username:password -H "Accept: application/xml" https://brilyant.jamfcloud.com/JSSResource/computers/serialnumber/$serial | xpath "/computer/general/id/text()")
curl -sku api:apple123 https://brilyant.jamfcloud.com/JSSResource/fileuploads/computers/id/$jamfID -F name=@/private/var/log/system.log -X POST

wallpaper

cat: Dock
#!/bin/bash
# $3 is the logged in user - default for most policies.
sudo -u $3 /usr/bin/osascript <<ENDofOSAscript
tell Application "Finder"
set the desktop picture to {"Library:Desktop Pictures:<apppp>.jpg"} as alias
end tell
ENDofOSAscript
exit 0


Versions:


#!/bin/sh
FILE_PATH="$1"
FILE_NAME="${FILE_PATH##*/}"
PKG_PATH="${FILE_PATH%/*}"
TMP_PATH=`/usr/bin/mktemp -d /tmp/PKGINFO.XXXX`
DEBUG=false



if [ ! -f "$FILE_PATH" ] || [ "$FILE_NAME##*." == "pkg" ]; then
echo "ERROR: Unable to find valid package file."
echo "USAGE: ${0##*/} /path/to/package"
exit $LINENO
fi


if $DEBUG; then
echo "FILE:   $FILE_NAME"
echo "FOLDER: $PKG_PATH"
echo "TEMP:   $TMP_PATH"
fi



PKG_TITLE=`/usr/sbin/installer -verbose -pkginfo -pkg "$FILE_PATH" | /usr/bin/grep -m 1 Title | /usr/bin/awk -F " : " '{print $2}'`



if ! PKG_INFO=(`/usr/bin/xar -t -f "$FILE_PATH" | /usr/bin/grep PackageInfo`); then
echo "ERROR: Unable to find package file information."
exit $LINENO
fi



pushd "$TMP_PATH" > /dev/null


for PKG_FILE in ${PKG_INFO}; do
if ! /usr/bin/xar -x -f "$FILE_PATH" "$PKG_FILE"; then
echo "ERROR: Unable to extract package file information."
exit $LINENO
else
TMP_INFO+=("$TMP_PATH/$PKG_FILE")
if $DEBUG; then echo "INFO:   ${TMP_INFO[@]}"; fi
fi
done


for FILE_INFO in $TMP_INFO; do
PKG_VERSION+=(`/usr/bin/xpath "$FILE_INFO" "string(/pkg-info[1]/@version)" 2> /dev/null`)
echo "TITLE:   $PKG_TITLE"
echo "VERSION: ${PKG_VERSION[@]}"
done

popd > /dev/null



/bin/rm -rf "$TMP_PATH"


Lastboot:


#!/bin/bash

bootTime=$(sysctl kern.boottime | awk '{print $5}' | tr -d ,)
#echo "$bootTime"

bootTimeFormatted=$(date -jf %s $bootTime +%F\ %T)

echo "<result>$bootTimeFormatted</result>"



Application launch


#!/bin/bash


open -a (Name of application).app

uptime:


#!/bin/bash

##defers policy
returnCode=$("/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper" -windowType hud -description "Click Restart to Resrat your Mac or Choose a better time." -button1 "Restart" -button2 "Cancel" -showDelayOptions "0, 300, 3600")
selectedTime=${returnCode%?}
echo $selectedTime
buttonClicked=${returnCode: -1}


if [[ $returnCode == 3001 ]]; then
sleep 300s;
elif [[ $returnCode == 36001 ]]; then
sleep 3600s;

fi
#### push restart policy
reboot



Changing the name to SL No:

#!/usr/bin/env bash

# Get the Serial Number of the Machine
sn=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}')

# Set the ComputerName, HostName and LocalHostName
scutil --set ComputerName $sn
scutil --set HostName $sn
scutil --set LocalHostName $sn

Message:

osascript -e 'tell app "Finder" to display dialog "you have sucessfully rebooted"'

Last boot
#!/bin/bash

assetTag=$(osascript -e 'text returned of (display dialog "Please type in your asset tag" default answer "JS#####" buttons {"OK"} default button 1)')
sudo jamf recon -assetTag $assetTag


Battery Serial Number
#!/bin/sh

echo "<result>$(ioreg -r -c "AppleSmartBattery" | grep "BatterySerialNumber" | awk '{print $3}' | sed s/\"//g)</result>"

uptime days

#!/bin/bash
# Commands required by this script
declare -x awk="/usr/bin/awk"
declare -x sysctl="/usr/sbin/sysctl"
declare -x perl="/usr/bin/perl"

declare -xi DAY=86400
declare -xi EPOCH="$($perl -e "print time")"
declare -xi UPTIME="$($sysctl kern.boottime |
$awk -F'[= ,]' '/sec/{print $6;exit}')"

declare -xi DIFF="$(($EPOCH - $UPTIME))"

if [ $DIFF -le $DAY ] ; then
echo "<result>1</result>"
else
echo "<result>$(($DIFF / $DAY))</result>"
fi


Active power management

#!/bin/sh
echo "<result>`/usr/bin/pmset -g 2>&1 | grep \* | awk '{$NF=""; print $0}'`</result>"


Email ID

#!/bin/bash

pathData="/usr/local/dashboard/data/EmailAddresses.dat"

function DashboardStructure {
  # Ensure the appropriate directories are in place.
  mkdir -p /usr/local/dashboard/{bin,data,logs}
  CheckAppleMail
  CheckOutlook
}

function CheckAppleMail {
  if [ `ps aux | grep -c "Mail.ap[p]"` -gt "0" ]; then
    accountsMail=$(/usr/bin/osascript <<-EOF
    tell application "Mail"
    user name of every account
    end tell
    EOF)
    for account in $accountsMail; do
      if [ `echo $account | grep -c "@"` -gt "0" ]; then
        echo $account | tr -d "," >> "$pathData"
      fi
    done
  fi
}

function CheckOutlook {
  if [ `ps aux | grep -c "Microsoft Outlook.ap[p]"` -gt "0" ]; then
    accountsOutlook=`/usr/bin/osascript <<-EOT
    tell application "Microsoft Outlook"
    user name of every exchange account
    end tell
    EOT`
    for account in $accountsOutlook; do
      if [ `echo $account | grep -c "@"` -gt "0" ]; then
        echo $account | tr -d "," >> "$pathData"
      fi
    done
    accountsOutlookIMAP=$(/usr/bin/osascript <<-EOF
    tell application "Microsoft Outlook"
    user name of every imap account
    end tell
    EOF)
    for account in $accountsOutlookIMAP; do
      if [ `echo $account | grep -c "@"` -gt "0" ]; then
        echo $account | tr -d "," >> "$pathData"
      fi
    done
  fi
}

function ReportResult {
  if [ -e "$pathData" ]; then
    cat "$pathData" | sort -u > "$pathData.tmp"
    mv "$pathData.tmp" "$pathData"
    echo "<result>`cat $pathData`</result>"
  else
    echo "<result>N/A</result>"
  fi
}






Thursday, January 10, 2019

Useful link for Jamf Pro starters

Youtube knowledge base :
https://www.youtube.com/playlist?list=PLlxHm_Px-Ie3dNKXGmRIuxFgmiy2KZDH5


Guide:
http://docs.jamf.com/10.9.0/jamf-pro/administrator-guide/Preface.html

Network Ports Used by Jamf Pro :
https://www.jamf.com/jamf-nation/articles/34/network-ports-used-by-jamf-pro

integrate Jamf Pro with Active Directory Certificate Services (AD CS) : http://docs.jamf.com/technical-papers/jamf-pro/integrating-ad-cs/10.6.0/Introduction.html

Finding a Process Name Using Terminal:
https://www.jamf.com/jamf-nation/articles/98/finding-the-name-of-processes-when-configuring-restricted-software

Starting and Stopping Tomcat :
https://www.jamf.com/jamf-nation/articles/117/starting-and-stopping-tomcat

Enabling Debug Mode:
 https://www.jamf.com/jamf-nation/articles/454/enabling-debug-mode

Classic API
https://developer.jamf.com/#/advancedmobiledevicesearches/findAdvancedMobileDeviceSearches

Obtaining an Installer Certificate from Apple:
https://www.jamf.com/jamf-nation/articles/301/obtaining-an-installer-certificate-from-apple

Integration of Jamf with Intune:
http://docs.jamf.com/technical-papers/jamf-pro/microsoft-intune/10.9.0/Introduction.html

  • Jamf Pro includes three components: 
    1. Java: a runtime environment required by Apache Tomcat and the Jamf Pro web application 
    2. Apache Tomcat: a web server 
    3. MySQL: an open source relational database management system 
  • The physical location of the Jamf Pro server depends on each organization’s needs. There are two options: 
    1. Hosted by Jamf in a cloud environment 
    2. Hosted by an organization in their server environment using macOS, Ubuntu, Red Hat Enterprise Linux (RHEL), or Windows Server 
  • Navigating Jamf Pro: 
    • Dashboard, Sidebar, Objects, and Buttons 
    • Computers, Devices, and Users 
    • Settings button 
    • Keyboard shortcuts

    • Buildings and Departments can be created to organize the devices managed by Jamf Pro.

Jamf Pro Navigational Aid

Computers
Devices
Users
Settings


Jamf Pro Server Environment
Server OS
Tomcat Version
Database Configuration
Java
Recommended
Windows Server 2016
Tomcat 8.5
MySQL 5.7 – InnoDB
Oracle Java 1.8
Ubuntu Server 18.04 LTS
MySQL 5.7 on Amazon RDS – InnoDB
OpenJDK 1.8
macOS 10.14*
Red Hat Enterprise Linux 7.x
Minimum Required
Windows Server 2012 R2
Tomcat 7
MySQL 5.6 – InnoDB
Ubuntu Server 16.04 LTS
macOS 10.13*
Red Hat Enterprise Linux 6.x
* macOS is not recommended for clustered environments.




Web Browsers
The following table lists the browser requirements for enrollment and access to web applications:
macOS
iOS
Windows
Linux
Recommended
Safari
Safari
Microsoft Internet Explorer 11
Minimum Required
Google Chrome
Google Chrome
Google Chrome
Mozilla Firefox
Mozilla Firefox
Microsoft Edge


Computer and Mobile Device Management
The following table lists operating system requirements for managed computers and mobile devices:
macOS*
iOS
tvOS
Recommended
macOS 10.14.x
iOS 12.x
tvOS 12.x
iOS 11.x
tvOS 11.x
Minimum Required
macOS 10.13.x
iOS 10.x
macOS 10.11.x
iOS 9.x
* Also indicates macOS versions required to run Composer on Mac computers.


Jamf Pro Server Requirements

The server used to host Jamf Pro should meet the minimum requirements for operating system, Tomcat version, database configuration, and Java installation. For detailed information on these requirements, see "Jamf Pro Server Environment" on the Jamf Pro System Requirements page. 
The Jamf Pro installers have additional requirements for each platform: 
Mac
  • A 64-bit capable Intel processor 
  • 2 GB of RAM 
  • 400 MB of disk space available 
  • Ports 8443 and 9006 available 
Linux
  • A 64-bit capable Intel processor 
  • 2 GB of RAM 
  • 400 MB of disk space available 
  • The "wget" utility installed 
  • Ports 8443 and 8080 available 
Windows
  • A 64-bit capable Intel processor 
  • 2 GB of RAM 
  • 400 MB of disk space available 




Monday, December 3, 2018

Jamf Now

Today just tried Jamf Now:
Create your Jamf Now Account : https://www.jamf.com/products/jamf-now/?r=05efa215693a43be887ba2a161aa1bc7

Jamf Now is Basic For SMB and to get start for becoming a Pro on Jamf.

what all was possible when i tried:

Setting:
Binding : Apple school Manager and Apple Business Manager
Binding : VPP
Auto enrolments and open enrolments
Add Team Mates

Configuration Policies :

iOS Device:

  • Apps Push
  • Web clips
  • Security : Password
  • Email configurations
  • Wifi configurations
  • Restrictions: Apps, Security & Privacy, Network & cellular, iCloud, siri, Email wallpaper
  • Single App mode
  • OS update


Mac Device:

  • Apps Push
  • Security : Password and Enable file Vault 2
  • Restrictions: Apps to a certain limit, iCloud
  • wallpaper
  • OS update


I suggest this for testing on for iOS Device and SME.

Monday, October 15, 2018

Scan a Document on a Mac using iPhone and iPad

With New Continuity feature on macOS Mojave and iOS 12 many app on Mac works with continuity camera including Pages Numbers and Keynote. you can now Take a Photo or Scan a Document using iPhone camera or Scan a document.

How to add a Photo or Scan a document:


  • Open your document
  • Right click on a Space with in the document Insert From iPhone or from Menu Insert > Insert from iPhone.
  • Hover to Import from iPhone or iPad
  • Click what you want to do i.e Take a Photo or Scan a Document
  • You can see the camera of iPhone or iPad is active
  • Click Save once done
  • Photo or Scan a Document will appear in your Document page.


Thursday, October 4, 2018

Create Bootable installer for Mac OS 10.14 Mojave

First copy the "Install macOS Mojave" file from Application folder to a External Hard drive which we are not going to use for creating Bootable Installer.
Second Step We will now need to start with a Erase Pen drive or external hard drive in order to make it a bootable drive.

  1. Plug the Pen drive or External hard drive to your Mac.
  1. Open Disk Utility from Utility folder in Application Folder in your finder.
  1. Erase the Pen drive or External hard Drive name it as Mojave
Third Step Create Bootable installer for Mac OS 10.14 Mojave
   
      Open Terminal and Enter 


sudo /Applications/Install\ macOS\ Mojave.app/Contents/Resources/createinstallmedia --volume /Volumes/Untitled -- /Applications/Install\ macOS\ Mojave.app

Press return Key and Enter Admin Password.
Type Y and the process Start of Erasing of Disk and then coping of files to the Pen Drive or External Drive, wait to get the process to complete.


Wednesday, September 19, 2018

How to set up and use Screen Time on iOS 12

iOS 12 is designed to make your iPhone and iPad experience even faster, more responsive, and more delightful.


Screen Time
New tools empower you to understand and make choices about how much time you spend using apps and websites.
After updating to iOS 12, the Settings app will have a new section titled Screen 
How to Activate Screen Time
Open Settings > Scroll to Screen Time which in next to Do Not Disturb > Once you Tap the screen will ask you for First Time is this iPhone/iPad for yourself or your child? > the it will ask for Downtime.

For kids
Use your family’s Apple IDs to set up Screen Time for your kids to keep an eye on how much time they spend on apps and websites. They can request more time for you to approve.

Activity reports
Get reports weekly or check Today View anytime to see app usage, notifications, and device pickups.Time.breaks down usage for the current day, as well as the past 7 days. Screen Time will also break down how often you pick up your phone, which apps you used the most after picking up your phone, and how many notifications you receive on a per-app basis.

Downtime
Set a specific time, like bedtime, when apps and notifications are blocked. You can choose which apps are on and off limits. 
Always allowed
Create exceptions for apps you’d like your kids to have access to even during Downtime, such as Messages or education apps.
App limits
Set the amount of time you and your kids can spend each day on specific apps and websites.
Content & Privacy Restrictions
You can block inappropriate content like iTune & App store purchase, Privacy and also block change of passcode changes, mobile data changes.
You can also set Screen Time passcode :
Open Screen Time > Scroll down below Content & Privacy Restrictions > Use Screen Time passcode > Toggle the switch to green and set passcode.
you can also enable combined screen time which are signed with the same icloud id. also setup screen time for Family.
To turn off screen Time
Open Screen Time > Scroll down below  >Turn off Screen  > enter passcode (if setup). 
https://www.apple.com/ios/ios-12/features/