Never Had To Fight

Getting AppleCare info from Apple Business Manager API

November 6, 2025

Thanks so much to Dmitriy for posting this image to #toronto on the Mac Admins Slack. Also thanks to Arek to posting about it on LinkedIn, where I saw it. Both of them are awesome Mac Admins that I’ve had the pleasure of learning from. They’re also pretty great guys, too. With this new update to ABM shows AppleCare coverage, but the question is, can I get that data from the API? The answer is Yes. To get AppleCare information, make a call to https://api-business.apple.com/v1/orgDevices/REDACTED/appleCareCoverage The returned results looks like this:

SFIcons

December 20, 2024January 6, 2025

I’ve wanted to make a simple app for quite some time, but I have had a hard time learning Swift. The Problem I sometimes need to create an icon for my Munki repo. I often use SF Symbols when I do that, and it’s really easy. But I want to make it look more like a macOS icon. So I played with making an app that layered the SF Symbol over a coloured square with rounded corners. The problem was getting the image out of there. Failed Solution So instead I decided to ask Google Gemini to help me make it. It SUCKED! Solution I switched to ChatGPT and it… Read More »SFIcons

macOS Device Compliance

April 9, 2024

I use two Smart Groups in Jamf to define how many devices are in compliance in regards to macOS version. The Smart Groups are pretty simple: The problem is that only gives us a snapshot of a moment in time, rather than historical data. My solution was to log that data in a Google Sheet. I created a new Okta Workflow. The Workflow kicks off once a day at 1 am PST. I want to store the date and time, so I need to convert it into the appropriate format. This will give me 2024-04-09 and 10:49:00 PST (based on time I’m writing this). It stores that values as dateReturn… Read More »macOS Device Compliance

Automating MDM Renewals Using Jamf and Okta Workflows

March 13, 2024March 13, 2024

Hi, We have some computers that are in Jamf. Sometimes Jamf doesn’t like to play nice and renew the MDM on the device. To start you’re going to need an Advanced Computer Search in Jamf. The fortunately have a criterion called “MDM Profile Expiration Date” and we set that to less than 11 days. Alright, you got that? Great! Next you need to get the ID for that Advanced Computer Search. You can find that in the URL In the example above, it’s 888. In Okta Workflows, create a new flow, give it a name and tell it that it’s a Scheduled Flow. I’m not explaining every little thing. Here’s… Read More »Automating MDM Renewals Using Jamf and Okta Workflows

Toronto Mac Admins Meetup

February 1, 2024February 1, 2024

We had a Toronto Mac Admins meetup this past Tuesday (January 30, 2024). I’m gonna embed the video for you folks.

Mac Admins @ Penn State University

August 10, 2023August 10, 2023

I was recently at Penn State University in State College, PA for the annual MacAdmins conference. I was there with my co-worker Rebecca. The two of use presented two topics and they’ve made their way to YouTube.

Running GlobalProtect CLI only on Linux

May 25, 2023May 25, 2023

I just spent 3 hours on a Zoom with a colleague trying to figure out what the issues our Linux users were facing when running GlobalProtect. To install the CLI-only version, you must first you download the files, untar/detar/whatever it… Then you run the installer script Woo hoo! It’s installed! Kinda, there’s a few things missing. Default Browser In the document /opt/paloaltonetworks/globalprotect/pangs.xml, add the following line in the <settings> section… Point to your Portal In the document /opt/paloaltonetworks/globalprotect/pangs.xml, add the following line in the <PanSetup> section… Save the document and exit. Reboot You don’t need me to tell you how to do that… reboot your computer. globalprotectcallback: URLs Create the… Read More »Running GlobalProtect CLI only on Linux

Custom Commands for Mosyle

May 15, 2022May 13, 2022

Hat Tip to another Adam. I recently discovered these when poking around in Adam Codega’s Github. There’s a couple especially I want to draw attention to. BatteryHealthCA.sh This little script will get the battery service level, plus tell you the number of power cycles the battery has had. It will appear as something like “Normal (256)”. Battery condition is normal and has had 256 cycles. From there in Mosyle, you can create a Smart Device Group where the criteria is for that field is like “Service Recommended” as you can see below. Here’s the direct link. KernelPanicCA.sh This script will tell you how many kernel panics a device has had… Read More »Custom Commands for Mosyle

fdesetup

May 13, 2022May 13, 2022

I’ve used a few different MDMs in my time as a MacAdmin, I’ve written about my transition from WorkspaceONE to Mosyle and I really much prefer it. I noticed today that one user isn’t using FileVault. I have a deferral set to 5 times. Which now I’m thinking might be a bit high. I was wondering how many times that user has deferred FileVault. I saw you could use fdesetup to see info about deferral. So I made a quick and dirty script for that. I used Mosyle to blast it out to all devices with Filevault off (that required having a smart group), and told it to run on… Read More »fdesetup

AutoPKG storage on external drive

December 22, 2021December 22, 2021

Ran into a quick problem that I thought I’d quickly blog about. AutoPKG’s data folders are all sitting on an external drive. First off, “Ignore ownership on this volume” was checked off, and AutoPKG doesn’t like that. That was a first for me, I’ve always had AutoPKG running on the internal drive. I turned that on, gave myself ownership and read & write and then propagated permissions down. On the next run I got: Got some quick help from MacAdmins #AutoPKG channel. Suggested I give python full disk access. That solved the problem. Python was already in the PPPC panel for Full Disk Access, so I checked it off, but… Read More »AutoPKG storage on external drive