🔒 Patreon Special

IT Pros: exclusive shows await you on Patreon, focusing on the more challenging aspects of running your practice and working with clients and employees.

241: "Not Dead Yet" With Weldon Dodd of Rewind Tech - Denver, CO

/

Topics:

-To start the new year, we are very pleased to be joined on our first live show of 2018 by Weldon Dodd of Rewind Technology in Denver, CO.  Weldon hangs with the crew as another host in case Sam goes missing again.
https://rewindtech.com

-Some things never change, the old HCS land grab jokes are in full swing

-Joe discusses the first zero day exploit of 2018, actually launched via tweet on New Year's Eve. Check out the IOHIDeous narrative on GitHub, kind of interesting! The vulnerability exists in a process called IOHIDUserClient which the macOS limits to having only a single instance at any given time, which happens to be spawned by WindowServer. So in order to exploit the vulnerability, we need to kill the WindowServer process. But terminating it requires admin privileges and essentially reboots the GUI, so this is not a viable mode of exploitation. But it turns out that by logging out the user, WindowServer releases its IOHIDUserClient temporarily, giving the exploit enough time to spawn its own instance of IOHIDUserClient and leverage it to compromise the system. The exploit can use "launchctl reboot logout" which does not display a warning dialog. The exploit can also use an AppleScript command to send loginwindow an event called "AppleEventReallyLogOut" (osascript -e 'tell application "loginwindow" to «event aevtrlgo»'), and loginwindow apparently doesn't care who sent the event, but it does display a dialog box as if the user selected "Log Out" from the Apple menu.

-Jerry wonders if this will be on the CCP test

-Sam recalls a story working after hours at a client when the alarm goes off

-Weldon shares his story of a Promise RAID gone wrong. Friends don't let clients pull drives out of RAID drive bays.  It also leads to a further discussion about how to handle RAID solutions and future expansion.

-A handy virtualization app for Synology, which Sam has used in conjunction with CrashPlan, is Docker: https://www.synology.com/en-us/dsm/feature/docker

-Jerry is busy building Minecraft worlds on Synology. He ends up needing a volume formatted as Btrfs.  Read more here: https://www.synology.com/en-us/dsm/Btrfs

-Time Machine and Synology has had a spotty past

-Sam discusses a Wi-Fi upgrade in NYC and replaced aging equipment with Ubiquiti Unifi. He also has some advice on utilizing a Cloud Key.

-He also mentions a handy workaround to test network settings remotely while still needing to reconnect to the remote computer.  Joe recalls a similar solution for another problem.

-Jerry talks about the Unifi In Wall units that he has set up recently: https://inwall.ubnt.com

Thanks as always to our Patreon sponsors!

IMG_0890.JPG

Listen to the outtakes and learn the origin of this picture!

238: Interview With Pepijn Bruienne Of DUO Security & The Mac Admins Podcast

/
pb.jpg

Pepijn Bruienne is a Research and Development Engineer at Duo Security in Ann Arbor, Michigan. He breaks Macs to help his employer's customers be more secure. With more than a decade and a half of experience in a variety of Mac Admins areas, his skills include Systems Administration, Operations Management, Mac/Linux/Windows Server and Desktop integration, software deployment, configuration management and process automation.

Pepijn is also co-host of the popular Mac Admins Podcast and friend to our show.  Subscribe today and listen to Pepijn and the crew discuss all things in the Apple IT world.  Listen to the first Command Control Power/Mac Admins crossover show here:
https://podcast.macadmins.org/2017/10/01/episode-53-cultural-exchange-with-sam-valencia/

Mac-Admins-Podcast-Retro-Colors-1.png

237: Beeping not Clicking

/

- Justin Esgar of the ACEs Conference and Will O'Neal, President of Mid-Atlantic Computer Solutions, join us to discuss ACEs 2018 in Baltimore, MD

- listeners get a 10% discount on ACEs Conference: https://acesconf.com/go/ccp

- Sam helped his Mom with iOS 11 update

- Jerry has MacBook Pro followup: he upgraded to a two year old machine

- buying on eBay

- selling used Macs on eBay or Mac Of All Trades

- Johnny Ive responds to criticism of MacBook Pro

- iPhone X impressions

- Sam fixed a failing drive that was beeping, not clicking: Opened up 2.5” hard drive to repair (moved the heads into park position while turning platter counterclockwise (it was beeping, NOT clicking)

https://www.youtube.com/watch?v=WNJqTPutrJ4

The Piezoelectric Effect

- Text Expander Snippet For Email Advice

- High Sierra PSA courtesy of Jason Campbell, ZMS Consulting:

“Scenerio: A Mac workstation running High Sierra is working off a Mac server. The Mac server is running macOS Server.app 5. 

Issue: The lock files generated when opening files that live on the Mac server aren’t deleting when the file is closed. This causes ‘file in use’ messages when trying to open the file again. It times out in about 10 minutes but still another reason to hold off on upgrading businesses to High Sierra. Apple engineers are aware of this and are working to resolve.”

Credit to Jeff Satterwhite for finding the issue. He’s the owner of Post Mod Tech out of Austin, TX. He’s a longstanding ACN member and FileMaker developer. 

Thanks to our Patrons for sponsoring Command Control Power!

232: CalDav Migration Madness & A Lost Package Perfect Storm

/

We're sponsored this week by Watchman Monitoring, a favorite tool of ours that should be in every professional consultant's toolkit.

Visit WatchmanMonitoring.com/cmdctrlpwr and sign up for your free trial to find out how Watchman Monitoring can keep an eye on your client machines and notify you of over 100 issues. Be sure to tweet @cmdctrlpwr #CCPsentme to support the show!

TOPICS:

CS-1hIWWoAAGeFt.png

- Joe's switch to Google G Suite: BusyCal list view, 9999 days, sort by repeating events, calendar, etc.; Google Calendar: how are the interface arrows still not Retina?!

BusyCal took about 5 hours to delete all calendar events on Google G Suite, to reset calendar database (to resolve duplication without having to delete recreate all calendars and reconfigure all sharing settings)

Empty Trash in each of Google Calendars

Two Options in BusyCal: Option 1) File: Import (imports to a new local calendar), can be adjusted, reviewed, split, etc. locally and then events dragged and dropped into calendars on server; or Option 2) Drag and drop .ics file onto BusyCal icon in Dock, choose existing server calendar to import into

Google Calendar adds gross text to the end of the Notes field on every calendar event by default, unless you turn off this feature first:

-::~:~::~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~::~:~::-

Please do not edit this section of the description.

This event has a Google Hangouts video call.

Join: https://plus.google.com/hangouts/_/psimac.com/joe...

Gmail can only delegate the entire email account, rather than specific mailboxes (maybe because there's no concept of "Mailboxes", only "Labels"?). Does it even show in IMAP?

229: Interview wIth Taylor Boyko of SimpleMDM

/

October 10, 2017

TOPICS:

INTERVIEW:

SimpleMDM is the Apple iOS and macOS device manager that you've been waiting for. With modern, intuitive functionality, SimpleMDM gives you access to a cloud-hosted platform with advanced functionality usually reserved for convoluted enterprise suites. For instance, macOS native package installation, allowing you to install management tools like Chef, Munki or Puppet without having to install a cumbersome agent first. SimpleMDM provides additional features like location tracking, filevault key escrow, and support for multiple VPP and DEP accounts for integration into your zero-touch deployment workflow.

SimpleMDM sports a robust API, multiple admin users, 2-factor authentication and SAML support to integrate seamlessly with your admin environment.

Start your 30-day free trial today at SimpleMDM and have access to their US-based engineering team without having to deal with an aggressive sales team. Priced simply, with volume discounts, SimpleMDM won't require advanced math to calculate your annual spend. You can sign up to at simplemdm.com/ccp, and be sure to join #simplemdm in the Mac Admins Slack.

https://simplemdm.com/ccp

FOLLOWUP: