In October 6-9 2020 we proudly present

MacSysAdmin Online

MacSysAdmin Online



Patrik Jerneheim - MacSysAdmin
Hello and welcome to the MacSysAdmin Online 2020 Conference. Get the latest on the hows and whats around the when and wheres of this online event.

Please join us for a short session about what to expect from the 2020 MacSysAdmin Online Conference.

Snakes on a Plan

Greg Neagle - Walt Disney Animation Studios
Mac sysadmins have used Python for important tasks on macOS for many years. But the continuing evolution of both Python and macOS might cause you to need to make some tough decisions. Greg will outline some of the issues, and offer some recommendations on how to adapt to the one constant in our field: change.

The Internet

Nurani Nimpuno
You use it every day. Rely upon it for your business and social life. Take it for granted just like electricity and tap water. But how much do you really know about the Internet? Who owns it? Who runs it? Is it a democratic institution?

We asked Nurani Nimpuno, Head of Outreach & Communications at Netnod, to bring us clarity.

Practical Scripting

Armin Briegel -
We will dive into the details of Installomator – a script I wrote and published on GitHub earlier this year. We will look at “real” code from Installomator and explain the motivation and choices that went into it. From this, we will explore some strategies and tricks to make your shell script code safer, more concise, and more readable.

The Year of Data

Andrina Kelly - Jamf
We’ve all spent a lot of time taking a look at a wide variety of charts and graphs this year, trying to understand what the data means to us, how does it impact us, and what should we be doing based on what we’ve learnt from that data. We'll take a look at data, what makes it useful, and how we can make data work for us in a way that gives us insights.


A better way of asset tagging

Mathijs de Ruiter - Fondo
This session is all about ways to automate your asset management by using webhooks. A lot of organizations want to have their asset tags in MDM. By using webhooks and some API magic we can make this process event driven so we don't have to bother the user. As a bonus we will look at ways to replace physical asset labels.

Raiders of the Lost Certificate

Paul Suh
In modern computing and networking digital certificates are fundamental to a lot of security functions. If you want to use VPN or 802.1X there is a big chance you won't make it without certificates. When using a MDM solution such as Apple's Profile Manager you definitely have to use certificates.

In this session we'll look at PKI, how certificates work, where they are used and stored in both iOS and Mac OS, how to push them to those devices, how to make self-assigned certificates and how to acquire certificates from an organizational or public Certificate Authority.

The OWC MacSysAdmin Raffle

The two first happy winners in this very exclusive and outright awesome OWC MacSysAdmin Raffle will get this portable little gadget. Are you one...

...and our Lucky Winners are

Björn Willemsen (NL)
Lars Carlestam (SE)


Security Awareness

Kim Burton - Duo Security
Security awareness is an important skill for any team: a security educated company protects its customers, the employees protect the business, and they take that knowledge home to protect their communities. But how do you encourage and enable that awareness? This talk will explore the creation of a positive security culture and the development of a security education program, no matter the size of your team or resources. Using Duo Security’s program as an example, the audience will also become familiar with ideas and methods that have been successful at Duo, in the hope that in sharing our practices more teams can confidently work towards developing their team’s security knowledge.

Upgrade, Now!

Jonathan Levin
A history of OS X hacks. Jonathan will give a detailed explanation of past vulnerabilities in OS X - against which no security product would help. How is it that hackers can infiltrate a system, without directly knowing or even needing the root password? Details of actual past hacks, with examples, will be provided.

Join Jonathan in this session where we learn from the past to secure the future.

macOS Security Compliance Project

Allen Golbig - NASA Glenn Research Center
Bob Gendler - NIST Natl Inst of Standards & Technology
Dan Brodjieski - Defense Information Systems Agency
The macOS Security Compliance Project is an open source effort that can be used to create customized security baselines of technical security controls, which are mapped to various compliance frameworks.

Mac Admins will learn more about the macOS Security Compliance Project and how they can leverage the project to build their own security compliance guidance.

The OWC Sponsor Session

Tim Standing - Other World Computing
Rick Rockhold - Other World Computing
Join us for a tech session with our sponsor OWC.

This One Goes to 11

Greg Neagle - Walt Disney Animation Studios
After nearly twenty years seemingly stuck on version 10, macOS finally goes to version 11. Or has it? Come learn about the dual personality of macOS Big Sur and how it might affect you as a Mac sysadmin.

A True Virus on macOS

Patrick Wardle - Objective See - Jamf
Unlike years ago, modern malware rarely possesses true viral capabilities. But alas, 2020 is full of (unfortunate) surprises! This talk will provide a comprehensive analysis of a recent macOS threat named EvilQuest. Though initially thought to be a rather mundane piece of ransomware, further analysis revealed something far more powerful and insidious.

So listen in, as we detail its infection vector, persistence mechanism, and anti-analysis logic, as well as its (surprising) viral capabilities, file exfiltration logic, remote tasking capabilities, and ransomware logic. We'll wrap up the talk by discussing IoCs and (generic) behavior-based detection approaches.

Certificates - How Do They Work?

Marko Jung
Marko looks into how they did a full certificate authorization 802.1X EAP-TLS based Wi-Fi based on Windows AD, Casper and a Aruba wireless NAC at the University of Oxford.

The OWC MacSysAdmin Raffle

Our two winners in Wednesday's OWC MacSysAdmin Raffle will win this bus powered box. Will you be one...

...and our Lucky Winners are

Anthony Reimer (CA)
Jonathan Blows (UK)


Single Sign-On Extensions v2

Joel Rennich - Jamf
It’s been a year… and if you’ve not been paying attention, which after everything that’s happened in 2020 who can blame you…, and we’re starting to finally see signs of life with Single Sign-On Extensions for both iOS and macOS!

In this session we’ll do a quick review of what we covered last year, although you’re probably better off watching that session if you want a full dive and let’s face it… you’re probably out of TV shows to stream anyway.

Accelerate Your Enrollment Testing

Kevin M. White
When your users experience a properly configured macOS system courtesy of automatic device enrollment (formerly DEP), it can feel like magic! However, every good magician knows it takes a lot of planning, testing, and refining to make a magic trick work smoothly every time.

Repeated testing of your automatic enrollment workflows is necessary both during your initial rollout and as software changes and updates throughout your deployment lifecycle. In this session you will learn methods to iterate your automatic enrollment testing as quickly as possible. Techniques covered in this session include testing automatic enrollment for both virtual and real macOS computers.

Wireguard for Mac Admins

Ed Marzcak - Duo Security
Wireguard is a modern VPN that is secure and fast. Its minimal profile has been adopted into the Linux kernel. Even better: for Apple people, there are official Wireguard clients for iOS and Macintosh platforms. Come along on this journey to setup a Wireguard server for your home or small business on a Raspberry Pi: a low-cost computer capable of running Linux. Combined with an ad-blocking DNS server, your clients can be protected wherever they roam, access devices on your home network, and use services that require traffic to originate from your home location.

Once you have the basics down, you can expand to crypto-routing your way across multiple sites, and automate installations. With on-demand access, and split-tunnel routing, you can keep your staff (or family) with access to everything they need, while dropping traffic from unauthorized devices.


From Start to Finish

Dave Hornby - Jamf
Kelli Conlin - Jamf
Matt Woodruff - Jamf
Join this session to understand the setup, the configuration, and the deployment of Jamf Protect. Learn about how different plans and behavioural analytics can be finely tuned to assess for different types of threats depending on the area of the business devices are deployed to. Following on from that, what happens when a threat is discovered? Well we need incident assessment and response!

Learn how to integrate Jamf Protect with Jamf Pro and create custom remediation steps based on the level of threat. Need further information? Don’t worry, we’ve got you covered with a look in to specific SIEM integration, as well as the creation of Unified Log filters to gain even more insight into events occurring within your macOS estate.

Can’t We All Just Get Along?

Andrina Kelly
Diana Birsan
You’re looking at this great new tool that promises to solve an issue for you, but wouldn’t it be great if it tied into your existing infrastructure? All the right buzz words are there, API, SDK, REST, SOAP - but how do they work and when should you use them? We’ll get applications talking to each other and even build a custom tool to show how to tie into these handy frameworks.

Computers are Easy - People are Hard

Andrew Robinson - Hofstede Insights Japan
Looking at our technology tools through the lens of culture. Culture, especially national culture, has a deep impact on how we see the world, interact with the people around us and the tools we make, deploy and use in our jobs. In today’s increasingly diverse workplace, the need to work better together is important.

In this presentation we will review a framework by which we can compare and evaluate culture, with an emphasis on technology work and those tools we use — impacting our meetings, projects, onboarding & service desk tasks, and working on multicultural teams.

IPv6: Connectivity Into the Future

Rick Wylie
As you read this, the world is close to running out of public IP addresses, if it hasn't already done so! So why do we care? Well apart from the fact that TCP/IP is the protocol that runs the Internet and most of the things we do, and will do, the current implementation IPv4, is running out if steam and has to be replaced by IPv6 to support the ever-growing Internet and general network expansion.

As systems administrators we are constantly challenged with change to make sure our systems do not pass into obselensense. This is true for IPv6, and a number of other emerging interconnectivity technologies that need to be considered for the future.

Ricks session will discuss the concepts, strategies and challenges in the "Apple-world" we will need to address as the worlds networks migrate to the IPv6. The session will also discuss the importance of other disk and network based interconnection technologies.

The OWC MacSysAdmin Raffle

Two lucky winners in Thursday's OWC MacSysAdmin Raffle will be rewarded with these speedy devices. Can't wait...

...and our Lucky Winners are

Andi Hürzeler (CH)
Laurent Pertois (FR)


Am I Still Relevant?

Duncan McCracken - Mondada
One of the most important questions an IT professional has to ask themselves on an ongoing basis. “Technology changes quickly, people don’t” - Joe Cox, former Apple SE (Melbourne). Our jobs are not what they were 10 years ago and additionally this year has come with many challenges that are unrelated to technology, which is causing us to change the way we do everything.

Duncan is going to review his last 10 years of MacSysAdmin presentations, to figure out what is still useful and what isn’t in an attempt to answer this question.

The Anatomy of an API

Charles Edge - Jamf
APIs make the world go 'round these days. The Application Programming Interface (or API) is a set of functions made available to access features of operating systems and services like web services. In this session, we’ll look at the various components of an API, types of APIs, a tad bit on how they came to be and their history on the Apple platform.

We’ll send some commands to a few different APIs, look at the results, and help you get started on your path to connect all the different tubes that the Internets, our favorite apps, and our operating systems are built on!

Design Thinking for Mac Admins

Emily Kausalik-Whittle
In his seminal text The Design of Everyday Things, Don Norman points out that “good design is actually a lot harder to notice than poor design, in part because good designs t our needs so well that the design is invisible, serving us without drawing attention to itself.”

All interactions are designed, some better than others. How can design thinking, or adopting a user-centered approach, bene t the devices and people we support as Mac Admins?

In this session we’ll discuss key concepts in design thinking as it applies to managing and deploying devices, applications, features, and tools to our customers, as well as a few examples of how “good” design and “bad” design can impact the relationships we form with our customers and the relationships our customers form with their devices.

Munki 5 and More

Greg Neagle - Walt Disney Animation Studios
In this quick session, Greg will highlight recent changes to Munki, the popular open-source software management tool for macOS, and preview some upcoming changes as well.

Thunderbolt 3 and the transition to Thunderbolt 4

Tim Standing - Other World Computing
Prepare for a deep dive into the world of bits and bytes.

Getting Started with Amazon Web Services

Rich Trouton
With macOS Server on its way out, many are moving their Mac and iOS support services out to cloud services like Amazon Web Services (AWS). Learn how to get started with AWS and how you can use Amazon to provide robust highly available services for your Mac and iOS users without having to build it all yourself.

IPv6: Success for Migration

Rick Wylie
In a follow on from last year’s IPv6 session, Rick will discuss strategies for a successful IPv6 upgrade and migration for organisations.

The session will cover setting up IPv6 tunnels as well as native environment configuration and look at tools and hardware suitable for IPV6 support.

The session will cover a number of hands on examples that will allow attendees to gain insight into IPv6 and its configuration and successful implementation.

The OWC MacSysAdmin Raffle

The fortunate winner in Friday's OWC MacSysAdmin Raffle will get one of these connectable boxes. Stay tuned...

...and our Lucky Winner is

Robin Laurén (FI)