Justin Rummel . com

VPP 2.0 Presentation

| Comments

Yesterday I was able to present to the local DC, VA, MD Mac User Group MacDMV on VPP. I felt it was a great success for our first knowledge focus event, and glad things are now in-gear. As I mentioned during my presentation, I’ve uploaded my slides to GitHUB so you can download the Markdown source.

Yes… Markdown slides!

I wanted to do something a little different than Keynote (and no PowerPoint is not an option). I didn’t want Keynote as I wanted to share my information for everyone, not just Mac users who happen to have Keynote installed on their machine. I could have done PDF, but if other’s wanted to copy/paste… again it’s not as easy if you are not using a Mac. With my enjoyment of using Markdown as a note taking tool (along as the blog posts for this site), I wanted to find something that would parse Markdown syntax and make it a “presentation”. I found landslide.

The README file explains landslide’s features pretty well. What I want to jot down is a quick step-by-step to get my presentation from markdown to your machine in the way everyone else was able to see it on Wednesday night.

1
2
3
4
5
6
7
8
9
10
11
12
cd ~/Desktop/
git clone https://github.com/adamzap/landslide.git
cd landslide
python setup.py build
sudo python setup.py install

# At this point you now have the landslide command line utility

cd ~/Desktop/
git clone https://github.com/justinrummel/MacDMV.git
cd MacDMV/VPP-2.0/
landslide slides.md -t themes/light/; open presentation.html

And you are done! You should now be able to see my presentation.

MacDMV: New DC, MD, VA Mac Admin Group

| Comments

Last Friday I was feeling a little jealous of the San Francisco area Mac Admin’s group Macbrained on getting a group of individuals together to discuss new items in the Apple world (Mavericks and iOS7). I know many Mac Admin’s in the DC Metro area and believe that a DC group would thrive! I was venting my frustrations to @natewalck on ##osx-server of which he replied: “make one!”. Tom happened to be in the channel as well… and in about 10 minutes we purchased a domain, established email accounts, and created a twitter user for future broadcasts.

We are still in the beginning stages, but we are targeting to find a good location in January to host the first meeting. At this time, we need to find out the level of interest from the DC, MD, VA (DMV) area so we can find a suitable venue. If there are items you would like to discuss, let us know! Anything is open! iOS 7 changes, Mavericks changes, security, CLI, Government (or other high security requirement areas) focus topics… you name it, lets talk about it.

So please sign up for more information at MacDMV, or email/tweet Tom or myself with questions or concerns.

Source

2013 Berryman Adventure Race

| Comments

Over the weekend of September 28th, 2013 I had the opportunity to do the Berryman Adventure race with my Brother-in-law Shawn which is a multi-sport race for Run, Bike, and Canoe… BUT you have to take everything with you. Food, water, clothes, paddles, etc. The Berryman Adventure races is an orienteering race where the night before we get a list of lat/long locations that we have to find using traditional methods of locating things; a map and a compass. Between each checkpoints you do not have the luxury of nice foot paths that are carved to take you from point “A” to point “B”. You have to “Bushwhack” your way through trees, streams, animals, twigs, brush, poison ivy, etc, and make your own path.

“The Berryman Adventure is a TRUE backwoods, old school adventure race - offering a single course taking teams 12 to 16 hours to complete”.

While we were bushwhacking, biking, and canoeing through the Mark Twain National Forest, I was trying to keep a mental list of all the interesting items we experienced or witnessed throughout the day. However, once I started reviewing the list… I soon realized that I was creating a list of misery, horror, and epic proportions of PAIN which would most likely scare anyone from trying to do these types of races in the future. So while you are reading a list, just remember I’m glad these things happened and that I was able to overcome the obstacles and finish the race.

List of in order of time to the best of my memory:

  • To the guys who cranked the Licensed to Ill Beasty Boys album at 6am, THANKS! The loud music blasting from your truck set the fun atmosphere and attitude for the rest of the day.
  • Upon “GO”, it was interesting to watch 57 teams comprising of almost 150 people split into two different directions. Over the past year doing Triathlons where there is only one way to go… this was different.
  • And in about 15 seconds our mass group split again with one taking the gravel car path while we, team Roadkill, decided to jump off that path and bushwhack straight up the hilltop.
  • While bushwhacking I was educated in what poison ivy looks like. No not the bad way, but just that it was everywhere. Also, when you are attacked by a swarm of bees (and not SyncServer mac nerds) you don’t care how you dance, or sound when you scream (not us, but witnessed).
  • We finished the first five checkpoints (of 39 checkpoints total) in about an hour, and that is when I realized that waterproof socks are required. Running in wet socks (and shoes) is a perfect mix to generate blisters on your feet, and I felt it starting after the first hour. Luckily we came to the section of the multi-sport where I felt confident I could excel, the bike.
  • I thought Missouri was flat. I was wrong.
  • Once we were finished with the 18 mile ride, we got to the canoes. We had to arrange our bikes on the canoe and TAKE THEM WITH US to the next several checkpoints.
  • From this point we had done all three sports, the rest of the trip went
    • Bike
    • Canoe
    • Bushwhack
    • Canoe
    • Bike

It was great to finish. However the downpour at 4pm really put a damper on the spirits and at that time the goal shifted to “just finish the race” vs. catching more checkpoints. Maybe I should looking into doing a Half Ironman now that I know I can take an entire day of physical (and mental) punishment.

UPDATE 2013-10-02

I just remembered a couple of items that I did learn from my first race that I wanted to write down so I can review for next year:

  • In-addition to some waterproof socks, if you want to do ANY night work get a decent front headlight on your bike to see the roads. Are there ones with Fog options? Bring a hand flashlight along with the headlamp.
  • Need better pants to protect my legs. The compression socks did OK (better than nothing), but I’m still in ITCHING HELL from my knees to my ankles.
  • To the guy that passed us peddling uphill, JEALOUS! FYI; he has a “42” on his rear cog. That would be nice.
  • If you want to see a map of our adventure, it’s available via this Google Map link. You’ll notice at the beginning the GPS tracker had a little trouble finding us while we were standing still… but once we started moving on the bikes it locked on.

Also, if you want to read about the race from other racers, I found:

  • Rock Racing Xtreme Adventure that has some pictures and a video clip of the downpour in the canoes
  • Emily Korsch’s Outdoor Adventure who was also on the 2nd place team Alpine Shop, PLUS she is competing at USARA National Championships starting TOMORROW in Nashville, IN.

Casper Suite 9: JDS Ubuntu Server Install Example

| Comments

Overview

In the last article Casper Suite 9: Cloud and JDS Distribution Points I gave you information about things to take into consideration before installing a JAMF Distribution Server (JDS) into your Casper Suite 9 environment. In this article I’ll take you through an example install of a JDS in Ubuntu.

JAMF Distribution Server (JDS) Install

I’m going to measure my success in this example by the brevity of the article. So here it goes!

Step 1; Get an install of Ubuntu

I am using Ubuntu Server 12.04 LTS as it’s one of the items identified that is supported for a JDS. You can install the JDS on:

  • Ubuntu 10.04 LTS Server
  • Ubuntu 12.04 LTS Server
  • Red Hat Enterprise Linux (RHEL) 6  1
  • OS X Server with Server.app 2.2  2

First thing I did is Download Ubuntu Server 12.04 LTS AMD64 ISO file. With the “Server” edition there is no GUI, so I hope you are ready for some Command Line navigation.

I then used the ISO to create a new VM, and YES Fusion could make this easy for me, but I like going through the steps of the installer so I can set the hostname and configure other detailed options that are prompted for me (such as installing SSH at the end).

Step 2; Run the script

Once your VM is running (with proper networking, DNS, hostname), copy JAMF’s JDS Linux install script file to your server and run!

There you go! I did this twice (JDS1 and JDS2) and now my JSS reports both distribution points.

JDS installed on JSS screenshot

Summary

The output gist log has some very interesting output items and shows you how much JAMF is working for you to make things easy.

  • Validating JDS is being installed on a supported OS
  • Validating JDS space requirements
  • Validating JDS component paths (as listed on JAMF’s kb Components Installed on JDS Instances)
  • Install Apache if needed
  • Install OpenSSL if needed
  • Installing PHP and enabling the mod for Apache
  • Apache rewrite rules and other .conf items

Hidden from the display output, the script is also doing:

  • Utilizing machine based SSL certificates for Secure JSS/Client to JDS communication
  • Installing the jamfds binary

If you really want to go digging, once your run the script and are prompted for your JDS name… STOP. Search in the same directory and you’ll find a new directory called “base”. Inside that is all the scripts that are emebedded into JAMF’s “.run” file.

Notes


  1. Red Hat Linux (RHL) Support is something new for JAMF.  

  2. There is an interesting Discussion on JAMF Nation as the Admin Guide states Lion and Server 2.2, but Server 2.2 is not available for Lion.  

Casper Suite 9: Cloud and JDS Distribution Points

| Comments

Overview

The Casper Suite has been able to provide installation packages to Managed OS X clients by AFP, SMB, and/or HTTP(s) for a long time, but now JAMF Software has introduced two new methods to provide packages: JAMF Distribution Server (JDS) and Cloud Distribution Point (CDP). Both of these DP installation methods make deploying web based package distribution EXTREMELY easy and quick to stand up in a test or production environment vs. needing to configure multiple services in a Windows or OS X Server setting.

Cloud Distribution Points (CDP)

Cloud Distribution Points are easy to describe as they utilize a Cloud hosting provider to store your DMG or PKG to install on your client machines no matter where they are located. JDS servers are ideal for locations that have security restrictions on port forwarding through a firewall, who don’t want to have non-rack-mountable Mac Mini Server in their DMZ, or a physically diverse workforce where it doesn’t make sense to host installation packages in-house. There are a couple of limitations and requirements for a CDP as follows:

  • You can only have one CDP in your environment. This makes sense as you are trying to get something available outside of your internal network. You need to pick a cloud hosting provider that can support the bandwidth requirements for the number of devices you are trying to support. At this time you have three choices

    • Rackspace
    • Amazon Web Services (S3 and CloudFront)
    • Akamai

All communication between your JSS, your CDP, and your clients will be over HTTPS (port 443) to ensure a proper secure environment.

  • You can only store Packages, in-house iOS apps, and in-house eBooks (no scripts). Scripts can now be stored in the “jamfsoftware” database so you don’t really need to have them as a flat file to download.

  • CDP can be the Master Distribution Point, or you can selectively sync items to your cloud storage.

JAMF Distribution Server (JDS)

A JDS is something very new. From the Admin guide JAMF Software describes a JDS as “instance is a distribution point that is managed by the JAMF Software Server (JSS), similar to a computer or mobile device”. A JDS is a completely separate server that you install on OS X Server (10.6 or greater) or Linux (Ubuntu 10.04 LTS, 12.04LTS, and Red Hat). Some items to note are:

  • JDS can be installed multiple times. In this respect it is like a traditional Distribution Point vs. the one install of a CDP.

  • The first install is your root install. This is important! All additional JDS will be “fed” from the root JDS as the primary source of packages (you can change which server is the ROOT at a later time if you wish).

  • If you have multiple JDS servers installed, you can select the parent/child relationship to help manage which files are synced.

  • This is being done with WebDAV and SSL Certificates. So you want to make sure you know what your are doing with your environment. Either start buying from a third-party vendor (Network Solutions, Verisign, StartSSL) OR make sure you know how to install your internal ROOT CA and Intermediate CA into your JDS Server. 1

A JDS has a complete copy of items to be installed within it’s local repository, therefore it doesn’t make sense to have a traditional Distribution Point a JDS installed on the same server, so pick one: JDS or traditional Distribution Point. You find the file locations of a JDS on JAMF’s kbase Components Installed on JDS Instances.

When moving your scripts and packages to your new JDS, there are some special characters that can’t be used in the file name: / : ? < > \ * | ” [ ]. All scripts are now stored within the jamfsoftware MySQL database vs. a flat “.sh/.py/.perl/.rb” file. There are also a couple of “gotchas” when using the JDS as listed in JAMF’s kbase Migrating Packages and Scripts

- You must use the script editor in the JSS to make changes to the contents of scripts.
- You are no longer able to use scripts in the AppleScript format.
- You are no longer able to deploy non-flat PKGs using Casper Imaging v8.5 or earlier, or Casper Remote v8.x.

Notes


  1. I haven’t got a chance to test out an internal CA yet, but it sounds fun! This may be a future article. 

Sources

  • Casper Admin Guide PDF within the Casper Suite 9 DMG
  • linked JAMF kbase articles