MacOS Package (.pkg) Installer. The easiest way to install MacPorts on a Mac is by downloading the pkg or dmg for Catalina, Mojave, High Sierra, Sierra, El Capitan, Yosemite, Mavericks, Mountain Lion, Lion, Snow Leopard, Leopard or Tiger and running the system's Installer by double-clicking on the pkg contained therein, following the on-screen instructions until completion. MacOS Catalina is supported for VPP/Apple School-Business Manager licensing! This is pretty huge. In the past, the macOS installer app had to be downloaded and packaged, and then have a post-install script tacked along with it in order to force the installer app to run after installation. Now, it appears it’s as simple as assigning a VPP license. Access to Apple VPP tokens and VPP apps can be controlled independently using permissions assigned to custom administrator roles in Intune. To allow an Intune custom role to manage Apple VPP tokens, in Microsoft Endpoint Manager admin center, select Tenant administration Connectors and tokens Apple VPP tokens, assign permissions for. However, another question I would like to ask is, if I don't setup the VPP on the mac, can it still be done via MDM and do apps need to be downloaded onto the mac. If using apple configurator and then selecting to install apps, can these just be downloaded from the app store instead of itunes. This section is for scripts that install or configure applications on the Mac. There are many reasons to deploy apps via shell script rather than via the macOS mdmclient. Our preferred method of app deployment is via the Mac App Store VPP, but the Intune Scripting agent provides an almost infinte level of possibilities where the apps you need.
With the release of LANDESK Management Suite 2016.3, LANDESK can now manage a Mac using an MDM profile in addition to the traditional LANDESK agent. One of the main benefits of enrolling with the Mac the MDM service, in addition to already having your regular agent installed, is that you’ll be able to push a VPP app to the Mac.
This blog will walk you through the process of creating a package to install the LANDESK MDM Enroller app on your Mac and then subsequently running a script to enroll the Mac with the MDM service.
- You can download the LANDESK MDM Enroller app from the LANDESK Community at https://community.landesk.com/docs/DOC-42347
- The script to force the enrollment is found on my GitHub repository at https://github.com/northice/LDMS-Scripts/tree/master/MDM%20Enrollment
Part 1 – Create a LANDESK MDM Enroller Bundle Package Folder
- Open the LANDESK Management Suite Console
- Navigate to the top menu bar, select Tools > Distribution > Distribution Packages
- In the lower left menu tree, highlight My Packages or Public Packages from within the Distribution Packages window
- Right click on the selected folder and click on New Package Bundle
- Provide your desired package bundle name, I used LANDESK MDM Packages
Part 2 – Create a LANDESK MDM Enroller Package
- Download the LANDESK MDM Enroller app from the Community page and copy it to your file share
- Right click on your package bundle, hover over New Macintosh Package and select Macintosh Agent
- Give the package a name
- Browse to the Enroller App file you previously saved and select it from within the Primary File window
- Provide a description and any metadata information if desired
- Save the package
Part 3 – Create the LANDESK Enrollment Script
The script is pretty basic, you just need to call the command line utility with a -u for username, -p for password and -m for the enrollment server. The script has been built with variables, so just adjust the variables and you’ll be set.
- On a Mac device, save the Enroller script from GitHub as a .sh file or use the script pasted at the bottom of the blog
- Open the .sh file with your text editor and edit the variables for the username, password and enrollment server
- Save the file
- Set the execute permissions by running chmod +x /script/path/name.sh
- Compress the .sh file
- Copy the .sh file to your package share
Note: The script is calling the command line utility built inside of the LANDESK MDM Enroller application. That means that in order for this script to properly execute, the LANDESK MDM Enroller must already be installed. To ensure this takes place, we are bundling the packages together and will tell LANDESK which package to execute first.
Part 4 – Create the Enrollment Script Package
![Installing mac vpp app via scripts Installing mac vpp app via scripts](/uploads/1/3/4/1/134135333/838569701.png)
- Right click on your package bundle again, hover over New Macintosh Package and select Macintosh Agent
- Give the package a name
- Browse to the zipped script file you previously copied to your package share and select it from within the Primary File window
- Provide a description and any metadata information if desired
- Save the package
Part 5 – Deploy the Enrollment Package Bundle
- Right click on your package bundle and select Properties
- Select the Bundle Package Settings from the menu tree
- Use the Up / Down buttons to make sure your packages are listed in the appropriate order, with the MDM Enroller app being first and the script being second; clicking Save when you’re finished
- Right click on the bundle package one final time and select Create Scheduled Task(s)…
- Right click on the newly created Scheduled Task and click on the Properties option
- Add your desired targets
- Set your desired Task and Portal settings
- Schedule the task
Love Child or Demon Spawn?
- Install PowerShell on MacOS
- Execute script file
- Version Logic: If Then Else
- Strings
- Curl
This article describes the use of PowerShell scripting on Mac and Linux.
“PowerShell” refers to both the command-line shell and scripting language designed system administration.
PowerShell is an object-centered “management engine”that can be hosted in an application program.
- CMD in Windows
- PowerShell ISE (from Microsoft)
- PowerGUI
- SAPIEN Technologies PowerShell Studio
- Idera PowerShell Pro
ISE = “Integrated Scripting Environment” is a GUI that providespopup tab completion and other assists.
PowerShell promises more consistency than the various commands added over time by various parties.
- It reads Excel files natively as well as JSON, XML, and even ASCII.
- Microsoft Deployment Toolkit
- Microsoft System Center
- IBM, etc.
Open source on Linux and MacOS
From the PowerShell and DSC Team YouTube channel:
This 51-minute series of demos was published Aug 18, 2016, the same dayPowerShell is open-sourced for all OSs at
https://github.com/PowerShell/PowerShell.
https://github.com/PowerShell/PowerShell.
This article notes Desired State Configuration for Linux and the promise of SSH support arrived in 2014 (several months before Microsoft open sourced .NET and brought .NET Core to Linux). But “you had to author your scripts on the Windows platform, you had to configure things on the Windows platform and then deliver the desired configuration to a Linux box and have it be configured; now you can do all of that on Linux.”
Install PowerShell on MacOS
- There is a brew powershell as of beta.7:brew cask install powershellAlternately, click to download the latest release for MacOS at:
https://github.com/PowerShell/PowerShellAlternately, get back versions at
https://github.com/PowerShell/PowerShell/releases
</tr>Date File MB Size Space Cmds Apr, 2018 6.0.2 on brew 50.8 MB Sep 13, 2017 powershell-6.0.0-beta.7-osx.10.12-x64.pkg 50.8 MB Sep 13, 2016 powershell-6.0.0-alpha.10.pkg 28.2 MB ? MB 345 Aug 10, 2016 powershell-6.0.0-alpha.9.pkg 37.1 MB 119.7 MB Jul 26, 2016 powershell-6.0.0-alpha.7.pkg 25.0 MB Jul 8, 2016 powershell-0.6.0.pkg 24.2 MB - Open the .pkg file in the Downloads folder:
- Click Continue, etc.NOTE: For Windows: Microsoft Windows Management Framework 5.0
In and Out
- Open a Terminal shell window to launch PowerShell:powershellAlternately:pwshThe response is “PS” in front of the file path prompt:
- Check the version of PowerShell being used by calling a pre-defined variable:$psversiontablePROTIP: With PowerShell, a variable can act like a command.Response:QUESTION: What’s the CLRVersion?
Versions of PowerShell:
- 6.0 for Mac/Linux in Windows 10 Anniversay Edition
- 5.0 in 2015 for Visual Studio Code text editor
- 4.0 in 2014 with Windows 10 and .NET Framework 4.0 and Windows Management Framework 3.0
- 3.0 in 2012 with Windows 8/Server 2012
- 2.0 appeared in 2009
- 1.0 appeared in 2006
- Monad Manifesto published by Jeff Stover.
PROTIP: Know the PowerShell commands known not to work on Linux/macOS. - To leave PowerShell, it’s the same as in Bash scripts:exitWhen you return back in…
- Get help information for a command:get-help stop-service
Visual Studio Code Editor
One text editor built for PowerShell is Microsoft’s Visual Studio Code.
- Install Visual Studio Code (see https://chocolatey.org/packages/VisualStudioCode):choco install visualstudiocode -y
- Install the PowerShell add-in to VSCode:choco install vscode-powershell -y
- Install the PowerShell Editor Services extension by pressing Ctrl+P, then type “ext install PowerShell” for a list of add-ins.Ctrl+P is the universal search that also does “fuzzy search” of text in files open.
- Click “install” of the extension named “PowerShell”.The icon turns to “installing”.
- Open a directory containing PowerShell scriptsand open the File menu and select “Open Folder …”.Select the folder containing your scripts.
The scripts show up in the Explore tab of the Side Bar.PROTIP: One advantage using VS Code is its Side Barenabling you to switch quickly among different files.Press Ctrl+B to hide and unhide the Side Bar. - Press Ctrl+ to open a new editor window.Up to three editor panes can be open at once.Press Ctrl+1, 2, or 3 to switch among the files.
- To edit user settings, press Ctrl+Shift+P, then type “user” and press enter.
- Click on “powershell.scriptAnalysis.enable”.
- Press Ctrl+Shift+<period> to change value from true to false or back again.
Keith Hill notesdebugging support provided by the PowerShell Editor Services extension currently runs only on Windows.
Install .NET Core
https://rpkdrfp.weebly.com/blog/citrix-receiver-for-mac-mojave. PowerShell is written on top of .NET.NET’s previous dependencies on Windows components have been removedin .NET Core.
PowerShell errors occur if .NET Core is not installed, so:
- Go to web page https://www.microsoft.com/net/core#macos
- The web page asks for OpenSSL to be installed.On a Mac:
- Click the link to download the 50.3MB
dotnet-dev-osx-x64.1.0.0-preview2-003131.pkghttps://github.com/dotnet/core/blob/master/cli/known-issues.md - Run the installer (for 106.3MB of space).
- Before installing anything or running through the update app, hit Command+i or pull down the File menu and choose “Show Files”:
- ./shared - Microsoft .NET Core 1.0.1 - Runtime
- ./host - Microsoft .NET Core 1.0.1 - Host FX Resolver
- ./dotnet
- ./sdk - Microsoft .NET Core 1.0.1 - SDK
These are folders within folder /usr/local/share under “Macintosh HD”. - Edit your Bash shell search PATH to include/usr/local/share/dotnetatom ~/.bash_profileAn example:
- Open a new Terminal shell window to run:The response:
- In a PowerShell invoke this to ensure that it can be done:
Execute script file
I like using script files rather than typing becauseit allows me to focus on the latest in what is usuallya long string of commands necessary in today’s complex world.
To call scripts, an example:
PROTIP: Make sure that when a file with .ps1 extension is clicked from Folder, the script is not launched to run, but that the script appears in a text editor.
A sample command to invoke the script including an execution policy :
Notice it’s “powershell” and not “powershell.exe” because Mac and Linux don’t recognize .exe.
When a script is signed, its location is locked to a specific full directory path, even when it’s in the current folder.
“remotesigned” is important because if this script has not been digitally signed, one needs to set PS execution policy to “RemoteSigned” (or “Unrestricted”) after reopening PowerShell as an Administrator to run:
By default PowerShell prevents the execution of PowerShell scripts on Windows systems.
Set-ExecutionPolicy RemoteSigned
Get a list of current security settings:
Get-ExecutionPolicy -List | Format-Table -AutoSize
See https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy/
https://github.com/MeshkDevs/InvokeTwitterAPIs
## Verify a signed script can be used #
- SetSet-ExecutionPolicy AllSigned
Install a signing cert on Mac
To add the CA root certificate (either PEM or DER format) into the OSX global keychain:
- Use Finder to navigate to your /System -> Library -> Keychains -> X509Anchors to your own Library -> Keychains.
- In a Terminal shell window, run command:certtool i mycertificate.crt k=X509AnchorsAdd a “d” at the end for DER format.
- Copy your Library -> Keychains -> X509Anchors back to /System -> Library -> Keychains.Use sudo.
Automatic logging
Increasingly, hackers are using PowerShell to create havoc.
So it’s a good idea to automatically logging using the
start-transcript
and stop-transcript
commands.BLAH: The sample script at https://github.com/wilsonmar/git-utilities/ps-auto-log.ps1,causes errors during execution of scripts.
Inside the file:
PROTIP: This can use up a lot of space quickly, so some management of its use is necessary.
Version Logic: If Then Else
I haven’t found a way to have a Bash script that can also be run as a PowerShell script.
PROTIP: Switching from Bash to PowerShell means a one-time migration and there is no turning back unless you want to maintainparallel scripts.
This is largely because of differences in if/then/else coding. The same if/then/else syntax in PowerShell scripts for Mac and PC is needed for the same script file to be used.
On Bash:
The question is whether a single PowerShell script can reallyrun on both Mac and Windows. Do a parallel run.
For different actions in PowerShell according to type of operating system:
NOTE: Because braces define actions, there is no “end if” (“fi”) in PowerShell.
Comparison Operators
-eq / -ne / -ge
Whether you use all of its services, or just email and contacts, an iCloud account that functions properly is a key part of the experience of using an Apple device. However, there are a number of situations where you may need to remove an iCloud account from an iPhone, iPad, or Mac. Why delete an iCloud account?. You have been sharing an account with a family member but it’s no longer convenient. How can i delete an app in my mac. You used the Mac or iOS device for business and were logged into the organisation’s iCloud account and now want to use your personal account. You’ve created a new iCloud account because the email address you used with the original is no longer valid (in this case, you may want to delete the original account altogether.
-Like / -NotLike wildcard string - $name -Like “*sh”
-Match / -NotMatch regular expression - $name -Match “sh$”
-Contains / -NotContains a value in array - $name -contains “jo”
-In / -NotIn Is a value in an array - “joe” -in $name
Logical operators
-And
-Or
-Xor = Logical exclusive or.
Tilde and Providers
PROTIP: Use $home instead of the tilde (~)in PowerShell because tilde does not always represent the the user’s home folder as in Linux.This is because PS has different“providers” that include HKLM and HKCU top-levels in the Windows Registry.Get a list of providers and disk space:
Get-PSDrive
The response:
PowerShell calls files “items” as a term that groups files with registry keys and variables.
returns the Mode and LastWriteTime of the user.
Instead of “mkdir” to create folders, use
New-Item
To list files in a folder, it’s the same as in Bash:
ls -al
PowerShell cmdlets (command-lets) enables computers to be managed from the command line,much like Bash shell scripts on Linux machines.How many are there?
(get-command).count
https://github.com/pester/Pester/wiki/Mock
Handling secrets
PROTIP: Files containing secrets, such as passwords andcertificates are NOT stored in GitHub nor script files, but in a separate location, and backed up among other local files.
The secrets are retrieved into the script at run-time.
See my tutorial on GitHub Data Security
Hash tables
BTW, keys in a hash table must be unique.
Hash tables are used throughout PowerShell.
An example of a REST API call:
Avast secureline vpn 2 years license. Sort a hash tables using the GetEnumertor():
Objects
Get-Service m* | where {$_.status -eq ‘running’}
Get-Service m* | where status -eq ‘running’
Get-Service m* | where status -eq ‘running’
The “$_” represents the current object in v2 can handle more complexity than v3 syntax:
Alias not parameters
Many Bash commands work in PowerShell (ls, cat, echo) becauseAliases make many commands in Bash scripts work:
get-alias echo
The response is “Write-Output”, which is what is executed.
BLAH: Many parameters to aliases are not recognized. For example, this common command results in an error:
ls -al
Instead, use:
dir -File | format-table
NOTE: dir is an alias to Get-ChildItem.
Thus,
Write-Host $env:computername -foreground Green
”–passthru” means do not go through Pipeline.
You can reset a default alias.
Environment Variables
Installing Mac Vpp App Via Script Pastebin
PROTIP: Environment variables defined in Bash scripts can be read by PowerShell scripts and visa-versa.
Lists of environment variables:
The command “dir” is an alias of Get-ChildItem.
For the value of a single environment variable:
Get-ChildItem Env:USER
Get-ChildItem Env:AWS_DEFAULT_REGION
Get-ChildItem Env:AWS_DEFAULT_REGION
Paths
Instead of “rm -rf” in Bash:https://blogs.technet.microsoft.com/heyscriptingguy/2012/02/22/the-best-way-to-use-powershell-to-delete-folders/
“-WhatIf” specifies a dry-run.
Combine files
Ro add the content of several files into a single text file:
Cmdlets
PS has some smarter parameters, such as filtering for files onlyand running recursively into sub-folders:
dir c:work*.ps1 -file -recurse
All PowerShell cmdlets follow a standardized verb-noun naming convention that makes it easy to look up, find, and use cmdlets.For a list of all the verbs:
get-verb
REMEMBER: Capitalization counts within PowerShell.
get-command -verb export
get-command -noun ACL
get-command -noun ACL
paths
Only 25% of cmdlets are shipped with paths.
Strings
PROTIP: Don’t use “+” for string concatenation.
.NET Framework members
Initially built on Microsoft’s .NET Framework, PowerShell can refer to a static .NET member in square brackets with two colons to specify Pi:
[math]::pi
Installing Mac Vpp App Via Script Windows 10
It’s wonderful that PowerShell doesn’t require an echo to display the value of objects.
To delete a file in the .NET I/O directory object:
The issue with using .NET objects is that they may execute in a different folder context than PowerShell.
TODO: $prompt
Other pre-defined variables
- To count the number of cmdlets:To get the current folder:Alternatively, use (since v2):(4)”, indeed leaves you clueless. Mac app store yosemite.This returns a PathInfo object.$scriptDir = Split-Path -Path $MyInvocation.MyCommand.Definition -Parent
Dates
Based on http://ss64.com/ps/syntax-dateformats.html
Zip files using functions
Pipelines
Instead of just parsing text (as *Nix shells do),PowerShell works with objects in a pipeline.
Piping:
To list all variables defined and their values:
Get-Variable | Out-String
PROTIP: With PowerShell, it’s best to use out-file instead of “>” redirect character:
dir -file -hidden | out-file -filepath rootfiles.txt
Error handling:
Use preference variables for stream redirection:
1> Success 2> Error 3> Warning 4> Verbose 5> Debug
NOTE: Can Only merge to the success stream.
$Error is the automatic array that stores the last 256 exceptions (objects in error) - the default $MaximumErrorCount.
Error action preferences:
0 = Silently Continue
1 = Stop
2 = Continue
3 = Inquire
4 = Ignore [parameter value only]
1 = Stop
2 = Continue
3 = Inquire
4 = Ignore [parameter value only]
Module to call REST API
This suggests:
PROTIP: To press the trailing back-tick that breaks up a command into several lines, press the key at the upper left corner of the keyboard with your left hand while you press shift key using your right hand.
A space character is required before the tick.
PROTIP: Break up long text into a string block (which Microsoft calls here-string):
The output is:
From https://apps.twitter.com/ define a new app. In Permissions tab, select Read-only. Click Update Settings. In Key and Access Tokens tab, click “Create my access tokens”. Copy the Consumer Key (API key) and paste in ~/.passwords as TWITTER_TOKEN.
It takes many lines to mess with OAuth, so I make use of Adam’s library for Twitter’s v1.1 API described at:
http://www.adamtheautomator.com/twitter-module-powershell/
http://www.adamtheautomator.com/twitter-module-powershell/
- https://gallery.technet.microsoft.com/scriptcenter/Tweet-and-send-Twitter-DMs-8c2d6f0a
called “Tweet and send Twitter DMs with Powershell”.Adam’s “MyTwitter.psm1” I’ve download had 229 lines on 8/31/2014.PROTIP: The “.psm1” extension means it’s a PowerShell module.I used a text editor to edit the file to paste in variables for the 4 credentials from Twitter.I then saved the module in the same GitHub folder as my script,and added a command to pull the module into the script:Alternately, Copy-install the module to your $env:PSModulePathSee http://www.powershellgallery.com/gettingstartedPowerShellGet from the Windows PowerShell Framework 5.0The alternative is to put the module in the PSModulePath,which enables tab completion to complete the names of commands from modules that are not loaded.The module has these functions:- Get-OAuthAuthorization
- Send-Tweet
- Send-TwitterDm
- Paste in your PowerShell script: Lenny cooke documentary full movie free download.BTW, PowerShell cmdlets in https://github.com/Iristyle/Posh-GitHubis only for use on Windows.
Trevor Sullivan (@pcgeek86) made a 20:40 video Mar 17, 2016
A PowerShell Module for manipulating PowerShell ProfilesbyThomas Malkewitz
Curl
curl is an alias for Invoke-WebRequest in PowerShell.
https://channel9.msdn.com/Blogs/trevor-powershell/Automating-the-GitHub-REST-API-Using-PowerShell
## JSON from REST API #
To extract out a key from the JSON file:
https://www.pluralsight.com/courses/powershell-modules-advanced-functions-building
Profile scripts
Jeff Hicks notes these profile scripts execute automatically at start:
To view all profiles:
$profile | select *
Folder | Script file | Script name |
---|---|---|
C:Windows System32 WindowsPowerShell v1.0 | profile.ps1 | AllUsersAllHosts |
Microsoft.PowerShell.profile.ps1 | AllUsersCurrentHost | |
Microsoft.PowerShellSE.profile.ps1 | AllUsersCurrentHost (ISE) | |
C:Users<user>Documents WindowsPowerShell or /Users/<user>/ .config/powershell/ | Microsoft.PowerShell.profile.ps1 | CurrentUsersAllHosts* |
profile.ps1 | CurrentUserCurrentHost | |
Microsoft.PowerShellSE.profile.ps1 | CurrentUserCurrentHost (ISE) |
- = This is the one shown when $profile is typed in.
API calls
Corporate IT departments often use Group Policies.
$Headers = “Authorization: token ${GITHUB_TOKEN}” echo “Headers=$Headers” # DEBUGGING
![Vpp Vpp](/uploads/1/3/4/1/134135333/364872656.png)
$Token=$GITHUBUSER +’:’+ $SECRETS.GITHUB_TOKEN; $Base64Token=[System.Convert]::ToBase64String([char[]]$Token); $Headers = @{ Authorization = ‘Basic(0)’ -f $Base64Token; }; # -f is for substitution of (0). # See https://technet.microsoft.com/en-us/library/ee692795.aspx # Write-Host (“Headers=”+$Headers.Authorization) $Headers = “{ Authorization: = Basic $GITHUB_TOKEN }” # -f is for substitution of (0). # See https://technet.microsoft.com/en-us/library/ee692795.aspx Write-Host (“Headers=”+$Headers)
Iterate
- Stephane shows this command to move (pipe) png files from Desktop to Pictures folder:A variable can contain an array:
More Libraries
https://www.simple-talk.com/blogs/psyaml-powershell-yaml/
Read in CSV file
This blog gives an example of importing a CSV file:
$data = Import-CSV C:scriptsmoviedata.csv
Sorting by date requires creating a new property:
The new property persists, so can be used this way:
More on DevOps
This is one of a series on DevOps:
- Packer automation to build Vagrant images
- Terraform multi-cloud provisioning automation
- Hashicorp Vault and Consul to generate and hold secrets