AD Group scoping in Jamf for macOS

Scoping Jamf policies for AD groups is a breeze when your users are logging in with AD credentials. But what if you’re O365/AAD only? The Jamf agent won’t recognize an AAD logon unless you’re using Jamf Connect. Sure, it’s unusual to have one without the other, but I have a solution here if you’re running lean. In a rush? Find the script here. Create a new standard user in Jamf for the script to access the API, granting it Auditor privileges....

February 3, 2020 · 3 min · Nathan Manzi

OneDrive Folder Redirection (KFM) for macOS

So you’re running a macOS shop, and using Office 365 for identity, email, and data storage. You want to decrease risk of data loss, manage the security of corporate data, and provide staff the ability to share files in a controlled manner. You also want to make it super easy for staff to adopt. OSS to the rescue! Microsoft OneDrive has a super great feature (for Windows) called Known Folder Move....

February 3, 2020 · 2 min · Nathan Manzi

Installing a .nupkg on an offline machine

The ability to find and install PowerShell modules from online sources like Nuget makes life for a Windows admin a smidge nicer. On the flipside, arbitrary trust of online package repositories and granting servers outbound internet access can be a nightmare for those tasked with protecting a network. You might find yourself needing to install a PowerShell module (as a nupkg file) on a system with restricted (or no) internet access, as one of our security consultants found himself needing to do....

January 22, 2020 · 2 min · Nathan Manzi