This is the last Summercamp issue of 2025. Weekly issues will resume in two weeks on Sep 5. Probably just in time before the big fall releases of the new iPhones and 26.0 platforms.
I guess many Mac Admins are using the summer down time, as there are lots of updates this week, as well as some great tutorials. Either that, or everyone is scrambling to get ready for the 26.0 releases.
MacDevOps Conference have announced they will move to Montreal (YUL) next year. As always I (try) to keep track of all conferences and dates on my conferences page.
Sponsor
This issue of MacAdmins.news is exclusively brought to you by Mosyle, where High-Quality Apple Management & Security is made Surprisingly Accessible.
After helping thousands of organizations to migrate from other solutions to Mosyle, we've gained a unique perspective of all the concerns companies face when evaluating the migration of their Apple Management & Security solution. Based on this extensive knowledge, we've created the most comprehensive Migration Program in the Apple’s Management & Security market, addressing the most critical technical, financial, and strategic considerations involved in this pivotal decision. Check our website for more details!
📰 News and Opinion
Apple’s secret strategy for enterprise success
None of this is accidental. Apple has engaged huge resources over many years in support of its enterprise market push.
Liquid Glass. Why?
Whether you love it or hate it, there is no shortage of opinion on Liquid Glass. I have thoughts about what it is, but today I want to focus on why it exists.
⚙️ Apple Updates
In my summary post for the dot-six platform updates I mentioned this would be the last update for macOS Ventura 13, "barring some terrible security vulnerability."
Well, here we are. Apple released security updates for iOS, iPad OS 17 and 18 and macOS 13, 14, and 15 with a critical fix for and image processing issue that "may have been exploited in an extremely sophisticated attack against specific targeted individuals."
- macOS Sequoia 15.6.1 (24G90): Security, IPSW, PKG installer
- macOS Sonoma 14.7.8 (23H730): Security,PKG installer
- macOS Ventura 13.7.8 (22H730): Security, PKG installer
- iOS and iPadOS 18.6.2: Security
- iPadOS 17.7.10: Security
🔐 Security and Privacy
Phishing training is pretty pointless, researchers find
Phishing training for employees as currently practiced is essentially useless, two researchers said at the Black Hat security conference on Wednesday.
🔨 Support and Tutorials
Building Simple Component Packages
Building packages can turn complex very quickly. We will start with a few simple examples first and build up from there.
A Modern Administrator’s Guide to macOS 15+ Update Management
Ninyo on Jamf Tech Thoughts
The guide outlines the modern, three-part strategy for managing macOS 15 and newer in Jamf Pro. It leverages DDM via Blueprints for a reliable, automated workflow and is based on enterprise best practices for both aggressive and controlled rollouts.
macOS 15.6 (rightly) breaks Nessus’s link to hidden installer .pkg
As of this writing, though, Nessus (Agent 10.9) currently delivers an “installer” that’s just a hard link to a hidden real installer.
Not sure if Allan means "hard link" in the file system sense. What Nessus is using here is a very old feature of distribution pkgs where the components can be stored outside in some other location in the file system. This used to be relevant when systems came on multiple disks (floppy or optical). This can also be used to separate the interface data for Installer.app from the actual payload, so you don't have to update the first pkg when the payload changes. Of course, there is no guidance from Apple about any of this, but I would consider this completely outdated practices and the advantages of distributing a single pkg should outweigh any other advantages, perceived or otherwise.
Xcode Install Size
The Mac App Store install for which I reported “12.5GB” shows only “5.31 GB on disk” in Finder’s Get Info window.
10 Things You Didn’t Know You Could Do With Apple Configurator (That Save Mac Admins Hours)
Most of us treat Apple Configurator like a fire extinguisher: break glass, DFU, restore, move on. But it can do a lot more, and when you know the edges, you can turn a bricked morning into a ship-it afternoon.
What to do when there's something fundamentally wrong with an Apple silicon Mac
This article suggests some potentially radical solutions that should address the most intransigent of problems in Apple silicon Macs.
Reading DDM logging on macOS Sequoia
Rich Trouton on DerFlounder
Figuring out what declarative device management (DDM) is sending to or requesting from a Mac can be a challenge.
Suppressing the Analytics screen with a configuration profile on macOS Sequoia
Rich Trouton on DerFlounder
Over the years, Apple has introduced a number of screens which appear the first time you log into a Mac. Among those which appear as of macOS Sequoia 15.6.0 is the Analytics screen
🤖 Scripting and Automation
Advanced Setup Manager Flows in Jamf School, Part 2
So I reframed the question to “which endpoints are available that could provide quick and easy value to the onboarding process”, after all Setup Manager is all about the onboarding process.
Use the SOFA feed to check if SimpleMDM devices needs updates
I wrote a “simple” bash script to check SimpleMDM device list by API and check if any devices need updates and/or are compatible with the latest macOS.
Also this follow-up: "Steal this Idea"
♻️ Updates and Releases
ADE Detective – Twocanoes Software
ADE Detective is a macOS and iOS app to view and modify the Automatic Device Enrollment (ADE) profile on Apple Business Manager or Apple School Manager. This can be helpful in developing PSSO setups, MDM, or for understanding how ADE works.
Now Generally Available: Platform SSO for macOS with Microsoft Entra ID
Microsoft's release phases are so strange. So many have been using PSSO with Entra for quite a while now, but, well, now we have "general availability." Just in time for everything to start all over again with the Tahoe release.
🎧 Listen
“The worst thing” for online rights: An age-restricted grey web
Jason Kelly, activism director at EFF and co-host of the organization’s podcast “How to fix the internet,” about the security and privacy risks of online age verification
App Auto-Patch and Beyond with Robert Schroeder
Do you adopt an existing open source tool? Invest in a polished, commercial solution? Or roll up your sleeves and build something totally new?
Standard Users in an Admin World with Collin Elliott, Capital One
Collin Elliott, Senior Platform Engineer at Capital One, to explore the complex relationship between security best practices and user experience in endpoint management.
Monitor Mayhem and the Search for the Perfect Pixel
the hosts discuss their experiences with various monitor setups, emphasizing ultra-wide and large screens, while exploring technical issues and preferences.
Streamlining patch management for macOS
Arek Dreyer and Matt Day from Kandji join the show to discuss their new Vulnerability Response function.
Feeling Vulnerable with Arek & Matt
Arek and Matt joined us in March of 2025 to talk about Vulnerability Management, and they’re back to share their progress, as well as a look at the future.
The state of Zero Trust in the enterprise
Avery Pennarun, CEO of Tailscale, joins the show to talk about the challenges of Zero Trust in the enterprise today.
🎈Just for Fun
Dynamic macOS Tahoe Wallpapers
[Apple] updated their Tahoe lakeside wallpaper with dawn, dusk, and nighttime variations. The only catch? They didn't make them dynamic. That's where I stepped in.