jazzace.ca

Anthony’s Mac Labs Blog

Mac Admins at Penn State Wrap-Up

Posted 2018 July 22

It's a little belated, but after taking some post-conference vacation time and catching up a bit at work, I thought that this year’s Mac Admins Conference at Penn State was worth a blog post on its own. Lots of things to discuss.

Software and Hardware to talk about

Something interesting often drops during this conference each year. This year, it was both an update to macOS (10.13.6 and security updates for 10.11 and 10.12) and new MacBook Pro computers (now with a prophylactic keyboard!). I guess it was a good time to find out how good your “while I’m away” workflows and processes were working.

Apple continued its pattern of having some patches that only applied to certain OSes (mostly 10.13, but sometimes just 10.12 and/or 10.11). It’s difficult to tell if some of those 10.13 patches are only needed on that version of the OS or if Apple is not porting some patches back. Best security practice seems to be to run the current version of macOS whenever possible.

I heard that some people ordered the new MacBook Pro online while still at the Conference. As expected, these models incorporated the T2 chip that debuted in the iMac Pro. If you are buying these models any time soon, I hope you don’t plan on using NetInstall/NetBoot for deployment. Having said this,…

NetInstall is Still Supported

Yes, you read that correctly. NetInstall is a supported method to install macOS on High Sierra and Mojave, just not on all hardware.

In a previous blog post, I suggested that NetInstall was more dead than I anticipated. I get to walk that back a bit, but not much, based on some new information I received from an Apple employee—and yes, I confirmed I could say this publicly.

I asked directly about the presence of NetInstall support on slides shown in the session and found out that the removal of NetInstall from the infamous “Imaging is Dead” Apple Support article was, in essence, an editorial decision. An alternative to removing the reference would have been to create a matrix of those Macs that still supported NetInstall (or those that didn’t). From a documentation perspective, I would have preferred the latter, but I understand that they are clearly stating that NetInstall is not the future by making the editorial decision to omit it. I also asked this question on the Tuesday of the Conference, before the new T2 MacBook Pro models were announced, so the fact that Apple knew those models were coming would have also influenced what they posted in that article.

Nevertheless, the UI for NetInstall is still scheduled to be removed from the “Fall 2018” version of Server (likely the version released with 10.14), so the writing is on the wall.

Apple Out In Full Force

Apple had a record number of sessions at the Conference, with a full day session on Workshop Day and 8 individual sessions during the rest of the week. I was thrilled to see Apple sending former community members Mike Boylan and Pepijn Bruienne to the conference. It shows a level of interest and caring that flies in the face of what some of the critics in the community have been saying. Did the Apple employees give “Apple Employee Answers” sometimes? Yes, of course they did. The comment came up more than once about the speed (or lack thereof) of Installation-only (re-)deployment methods (as opposed to block copying); the response was that they heard the need for greater speed. What I read between the lines was: Apple is committed to their security direction for Mac hardware and macOS and they will listen to Admins about what isn’t working well enough in Apple’s new deployment world; they will work on improving those workflows but they are not reversing course.

I think Apple is doing itself a great service by increasing its on-the-ground presence in the Mac Admins community; this particular conference showed it in spades. This is a change I started to notice about a year ago. Apple was eager to work with us here in Calgary when we set up the MacDeployment Meetup, hosting the first couple meetups at an Apple Store. They also had an Education event in our area last Fall and co-sponsored a business event in the Spring. We have already talked to Apple about having a presentation from them at a future MacDeployment Conference and have received very positive signs.

It’s About The People

I have so much respect for the people who run this Conference. As a conference organizer myself, there are things that I notice that show an incredible attention to detail and an Apple-esque desire to continue to make iterative improvements even when they already provide a great experience. I’ve made some great friends through this conference and I really benefit from the opportunity to meet people in person that I only otherwise communicate with online. There was no other reason that got me to travel to the United States in the past year (or in the upcoming year) other than this Conference. I’ve said it before but it bears repeating: this is where I found my professional peer group. I have no higher praise.

I was also thrilled that we had the largest Canadian contingent in recent memory: close to a dozen. It’s a far cry from my first visit in 2012 when I was a lone dot on the map from Western Canada and there were only a couple more east of that.

Content Galore

I don’t think any other conference matches this one for the breadth of content available. I always find myself wanting to see more sessions than is humanly possible, which is why the conference videos that follow made some tough decisions a little bit easier. I attended some sessions that stretched me quite a bit; others gave me ideas and techniques I could take home and implement right away. The best presenters in our community come to PSU, but the organizers also make certain that new voices get a chance to speak and that speakers reflect and represent the diversity in our community. I feel fortunate to be periodically selected by organizers to share what I’ve learned. The sessions that I attended that I got immediate takeaways from were Dennis Wurster and Nate Felton’s session on Auditing Your Operations and Thomas Reed’s session on the current Mac threat landscape (malware, adware, coin miners, etc.). The stretch sessions for me that others might find valuable were Jesse Peterson’s session on Digital Certificates, Chris Miller’s entertaining session on Taming rf Unicorns, and Tim Schutt’s session on Munki Barrel. The links to slide decks and videos (as they become available) for conference sessions are found at macadmins.psu.edu/conference/resources/.

For the session I presented on AutoPkg, I clearly over-prepared, which caused me to rush through some content and entirely omit other content. Over the next little while, I’m going to author a few articles on this blog that will provide some of the missing content and provide a better conceptual package than I had time to present there. Some of the material may even make it into the AutoPkg wiki in a edited form. Until the video of the session is posted, I encourage you to check out the GitHub repository I built for the session, which includes a link to the slide deck (PDF), which itself has a number of links to resources you may find useful.