Troubleshooting macOS Management with Workspace ONE

TLDR: Did you check the logs?

Short post today - just to cover some thoughts on my most recent asset published to TechZone. I finally sat down and dug out all my notes on troubleshooting macOS and put them all together into a single, comprehensive macOS Troubleshooting Guide. This thing was the result of almost 46 hours of fingers on keys: typing, formatting, and testing. I truly hope you all get some value out of it, and do feel free to send me feedback if you’d like it extended and/or notice something missing. [Read More]

Deploying NoMAD over VMware Per-App Tunnel

Active Directory Sync Features Without Being On-Network

Some folks recently reached out to me asking for help figuring out how to route NoMAD traffic over VMware Tunnel. Basically, the ask was to use Per-App Tunneling to give NoMAD the ability to obtain Kerberos Tickets and Sync AD passwords without being directly on the Enterprise network. If you’re familiar with my previous article about the macOS Catalina Kerberos SSO Plugin, you’ll know that Apple’s built-in functionality in Catalina doesn’t work well with Per-App Tunneling. [Read More]
macOS  SSO  NoMAD  VPN 

Modify ZShell Defaults in macOS

Making Terminal More Useful!

I’m finding myself using the Terminal quite a bit more in my job. I spent a few minutes over the past few days looking at different ways to make the default terminal layout in macOS better. While there are many plugins out there for doing this (Oh-My-Zsh), I wanted to do something a little more straightforward. How You Change zsh Default Layouts Armin Briegel has a great article about customizing the zsh prompt in his moving to zsh series. [Read More]

macOS Big Sur and Kerberos SSO via Per-App Tunnel

It works!

If you’ve read my blogs about macOS Catalina Kerberos SSO over Per-App Tunnel and the followup, you’ll know that this has been a use-case I’m interested in solving. I put a great deal of effort into filing feedback with Apple and providing steps to replicate the issue. I was quite excited when I saw the per-app Tunnel improvements specifically mentioned in the WWDC videos, and hoped perhaps some changes were made to enable this functionality. [Read More]

Using GitHub Actions to Publish Hugo Site From Private to Public Repo

Keeping ideas and drafts private until they're fully baked

I restarted my blogging journey earlier this year when I started looking into Jekyll Hugo to generate a static website. I had past experience with Blogger and Wordpress, but frankly had periodic problems with both platforms that ended up being a time suck. As it has been, Hugo has been a simplistic publishing method and GitHub a reliable (and FREE) hosting provider. Yet, my desire to keep my drafts private (. [Read More]

Building a Basic Azure HomeLab for Testing Workspace ONE UEM

Quick and Dirty, No-Frills, Azure Lab

NOTE: This is still under construction but I wanted to share what I had so far… Two things intersected for me this weekend: Issues with my current lab setup, and realization of some unused credits with my MSDN subscription. This led me down the path of building a basic Azure homelab for Workspace ONE UEM testing. My intent of this blog post is to document the process for myself to re-use, but I also invite your comments on how to improve the scenario. [Read More]

macOS Catalina Kerberos SSO over VPN Followup

Making Some Progress, But Still Awaiting A Fix!

I’ve been going back and forth with Apple about some of the issues I previously found using the macOS Catalina Kerberos SSO over Per-App VPN. As it turns out, they acknowledged some of the issues I was seeing and are supposedly working on a fix. I’ve been watching the past few beta releases for macOS, and I’ve not yet seen anything in the release notes to indicate they’ve implemented any fixes. [Read More]
macOS  SSO  VPN 

My Adapted Digital Bullet Journal via iPad Pro and GoodNotes 5

Putting Apple Pencil to Digital Paper to Stay Organized

Background Last year, my wife introduced me to an entirely foreign-to-me concept of journaling known as Bullet Journaling. For those of you uninitiated, think of bullet journaling as an extensible planner with a heavy focus on the index to help bring order to chaos. A bullet journal is flexible, allowing you to organize tasks, events, collections (groups of tasks, ideas, and more). Bullet Journaling was born of a need to bring all the ideas/tasks/events plaguing us in the digital age and put them to paper in a single place. [Read More]

Deploying Microsoft Defender ATP for macOS using Workspace ONE UEM

Converting Jamf templates to Workspace ONE templates

I had a few folks recently approach me on the MacAdmins slack asking for help with deploying Microsoft Defender ATP for Mac. We got it working, but it came down to 2 issues: conflicting documentation and Jamf/inTune specific templates. Once I was able to parse through the Jamf/InTune documentation, we were able to put together some guidance. We recently published this guide to the EUC Samples GitHub Repository. Conflicting Documentation The initial problem I found was some confusion generated by Microsoft’s documentation. [Read More]

Testing macOS Catalina Kerberos SSO Extension Over VPN

Enabling the off-network Kerberos Single Sign-On Experience.

Working at VMware, I’m surrounded by great technology and super-smart folks! In our portfolio of technologies, the folks in our R&D have recently been putting quite a bit of effort into building out macOS capabilities for our Workspace ONE Tunnel client for macOS. Workspace ONE admins can leverage the same VMware technology they used to enable per-app VPN for iOS and Android, but now on macOS! There’s a bit of nuance to configuring the VPN client if you’re previously familiar with iOS (look for my Operational Tutorial soon to hit TechZone). [Read More]
macOS  SSO  VPN