Welcome

2021
Patrik Jerneheim - MacSysAdmin
Hello and welcome to the MacSysAdmin 2021 Online Conference. Get the latest on the hows and whats around the when and wheres of this online event.

Please join us for a short session about what to expect from the MacSysAdmin 2021 Online Conference.

Let's Swift Again

2021
Armin Briegel - scriptingosx.com
Swift allows an administrator to unlock the full potential of the native macOS Frameworks. However, there are a lot of steps necessary to to build and deploy a functional tool or application that may be unfamiliar to MacAdmins.

In this session, we will build a simple interactive tool in Swift with a non-trivial Interface and command line integration. We will use Swift Package Manager to add functionality with external frameworks, Automate the installer package creation with Xcode and scripts and discuss deployment strategies.

Time Machine to APFS

2021
Howard Oakley - Eclectic Light Company
By macOS Catalina, Time Machine to HFS+ disks had reached a crisis. This talk explains those problems, and how backing up to APFS has breathed new life into one of the most important features of macOS.

AutoPkg in the Cloud

2021
Rich Trouton - SAP
To ensure that SAP’s Jamf Pro management service for macOS has the latest software installers available, the Mac@SAP team has long used the open-source AutoPkg and JSSImporter tools to detect and download updates to specified software, perform whatever actions are needed to create software installers and upload them to our Jamf Pro server in Jamf Cloud.

To improve this service while also reducing management overhead, the Mac@SAP team recently moved their AutoPkg to macOS instances hosted in the cloud by Amazon Web Services. However, with change comes new challenges. To satisfy a requirement that all installer packages created for Jamf Pro be signed with an Apple Developer ID Installer certificate, all software where an installer package needs to be created by AutoPkg are signed using an Apple Developer ID Installer certificate issued to SAP. To securely provide this signing certificate to the new AutoPkg instances in AWS, a support system using TwoCanoes Software’s Signing Manager tool has also been set up in AWS to support AutoPkg’s ability to sign these installer packages.

This session will cover how SAP is using AWS's services, AutoPkg, JSSImporter and Signing Manager to swiftly and securely provide software to our Jamf Pro server and from there, to our users' Macs.

A Pragmatic Approach
to Endpoint Security

2021
Graham Gilbert - Airbnb
When trying to keep macOS secure, it can be tricky balancing the needs of your organization with the needs of your users. It is vital that your users aren't so hamstrung by your security posture that they aren't able to use their computer. We will look at the tools and techniques Airbnb uses to secure it's macOS fleet, combining open source with in house software to allow us to be Hosts to our employees and to the Airbnb community.

Empire or Federation?

Which star do I want to be?

2021
Andrew Robinson - Hofstede Insights Japan
There is a critical time for an employee or organization member — critical for the IT team, too. What is that inflection point in time and how can technology tools and some personalized manual work greatly improve the experience for all involved?

All of this while asking the age-old questions - local admin or non privileged user; The Federation or The Galactic Empire?

The OWC Sponsor Session

2021
Tim Standing - Other World Computing

Join us for a tech session with our sponsor OWC.

Coming soon!

What about mutual TLS?

2021
Henry Stamerjohann - Zentral Pro Services
There is no doubt that the Transport Layer Security (TLS) encryption protocol is essential for most services that users and devices connect to nowadays.

It sounds interesting that a client-side certificate can also be included in a managed Mac scenario, providing a further safeguard for trusted communication in both directions. Because with such a mutual TLS connection, a true two-way validation takes place, where both parties, the client and the server, authenticate each other via their public/private key pair. Consequently, the server can authenticate the identity of the client, and only authorised clients can connect.

Ok, this sounds really exciting, but how does this work in detail, and what are those use cases that benefit from mutual TLS? Can we make use of this in general operations on our managed Macs?

Let's find out - this talk will present some case studies and explore them in more detail.

Why Your Security Team Says, 'No'

2021
Ed Marczak - Enterprise Security
Do you work with a Security Team that often tells you, “no”, when you suggest a great new project? Of course you do! If you work with a Security Team, there is often a good reason for this, but it can be frustrating to hear. Why do we need computer security? What does a Security Team look like, and what do they do? Both IT and Security can do a lot more to hear each other, be transparent, and come up with optimal solutions that support end-users while keeping company data safe.

This talk is aimed at both Enterprise IT and Security professionals to help them bridge the gap that so often keeps these groups from seeing eye-to-eye.

Inclusive Design for Mac Admins

2021
Emily Kausalik-Whittle
macOS has an incredible list of built-in accessibility features to make the operating system inclusive and accessible to as many people as possible, including those with disabilities. Mac admins play an important role in ensuring electronic information and technology (EIT) is accessible. This session provides an overview of macOS's built-in accessibility features, discusses how and why to plan for accessibility in engineering efforts, where accessibility and inclusion intersect with how we administer devices, and highlights tools available to make testing for accessibility and inclusion a part of Mac administration efforts.

Fireside Chat

The 2021 Great Resignation

2021
Andrina & Ian Kelly - Jamf
He had steeled himself just a little for the Jump through hyper-space, a phenomenon one did not experience in simple interplanetary trips. The Jump remained, and would probably remain forever, the only practical method of travelling between the stars. Travel through ordinary space could proceed at no rate more rapid than that of ordinary light (a bit of scientific knowledge that belonged among the items known since the forgotten dawn of human history), and that would have meant years of travel between even the nearest of inhabited systems. Through hyper-space, that unimaginable region that was neither space nor time, matter nor energy, something nor nothing, one could traverse the length of the Galaxy in the interval between two neighboring instants of time.

AutoPkg Everything

how ETH Zürich extends their
AutoPkg framework beyond packages
2021
Graham Pugh - ETH Zürich
At ETH Zürich, our needs for automation have led to us developing AutoPkg processors that allow us to write recipes not only for importing packages for testing, but also for interacting with our Test Reporting system and for staging approved software to production. We are also extending our use of AutoPkg recipes beyond the deployment of just packages, so that we can version control and test our configurations (including scripts and profiles where possible) using the same processes as our package deployments.

Graham will explain the workflows that are used at ETH, give an overview of the processors he has developed to achieve it, and hopefully inspire others to extend their AutoPkg framework beyond the basics!

Provisioning in a Pandemic

2021
Greg Neagle - Walt Disney Animation Studios
When Walt Disney Animation told all their employees to work from home starting in March 2020, the Technology team needed to figure out how to support this new normal. One of the problems to solve was deploying Macs to remote users. Greg walks us through his team’s challenges and successes.

Managing macOS
with Microsoft Intune

2021
Neil Johnson - Microsoft
Marc Nahum - Microsoft
You have Intune licenses, and you have macOS devices to manage, where do you start? What can you do with Intune? And what are we planning in the future.

JumpCloud
Review & Roadmap

2021
Chase Doelling - JumpCloud
Managing macs remotely is a new twist on an old onboarding challenge. See how JumpCloud is supporting your entire environment of mac and non-mac devices including: zero touch deployments, Monterey support, iOS enrollments, and more.

User Trust & IT Codes of Ethics

2021
Tom Bridge - JumpCloud
What's IT management? IT management is the art and practice of keeping systems, people and networks working together aligned on a common set of goals for the accomplishment of a task. Sometimes this is a business process task. Sometimes this is as simple as making money as a business. Sometimes this task is more focused around philanthropic goals or nonprofit aims.

No matter what it is though, its task is pretty clear. Keep the computer systems and their attended functions and security focuses working together to accomplish that mission.

DIY ZTNA

2021
Joel Rennich - Jamf
In this session we'll cover some of the basics of providing Zero Trust Network Access and show some examples of this at work using some open source tools. Included in the session will be modern authentication via an Identity Provider of your choice, how to use that to secure applications that don't know anything about modern authentication and then how to make it fairly seamless for your users.

This will in no way be a comprehensive treatment of ZTNA and you shouldn't expect it to be such. Definitions and opinions about ZTNAs are like utfarts, in that almost all places have at least one, and most places have many, but this session should give you some ideas to begin forming your own opinions.

Also, we may cover faster than light travel.