Marriott Library - Apple Infrastructure | June 2024

17 Jun June 2024 – MacAdmins Meeting

Posted at 14:09h in Administration, Apple, Apple School Manager, Apple TV, Client Management, Device Enrollment Program, Documentation, Enterprise, Entra ID, Event, Extensible Authentication Protocol (EAP), Higher Education, Information Technology, Mac, Management, Mobile Device Management, Security, system administration by Richard Glaser 0 Comments

0 Likes

June 19th, 2024 – University of Utah, MacAdmins Meeting

The University of Utah, MacAdmins Meeting is held monthly virtually on the 3rd Wednesday of each month at 11 AM Mountain Time. Presentations cover Apple technology and integration in a heterogeneous university enterprise environment. This month’s meeting will be held on Wed, June 19th, 2024 at 11 AM MT and we will provide live broadcasts and archives that will be made available 2-3 days after the meeting.

Apple WWDC 2024 – Michael Scott, Apple

Apple Intelligence takes center stage, introducing personalized AI experiences across iPhone, iPad, and Mac. Users can now generate AI-generated images directly on their devices, and Siri integrates seamlessly with ChatGPT for enhanced voice interactions and understanding. In iOS 18, customization options abound. Users can personalize their devices further, and the redesigned Photos app offers a fresh interface for organizing and exploring memories. Additionally, AirPods Pro now responds to head gestures. macOS Sequoia (macOS 15) brings several notable features. iPhone mirroring allows users to project their iPhone screens onto their Macs. The standalone ‘Passwords’ app simplifies credential management, while the option to rotate Wi-Fi addresses enhances privacy. Automatic login updates streamline the login experience. watchOS 11 focuses on health and fitness. New metrics and workout tracking capabilities empower Apple Watch users. However, compatibility changes mean that some older Apple Watch models may not receive the update. In tvOS 18, the ‘InSight’ feature identifies actors and songs in Apple TV+ shows. Enhanced dialogue clarity improves the viewing experience, and compatibility extends to older Apple TV HD models. Finally, visionOS 2 introduces an ultra-wide Mac virtual display, perfect for multitasking across multiple monitors. Travel mode optimizes the experience for train journeys.

Michael will give a brief overview of notable WWDC 2024 announcements and highlights.

Notable Links:

WWDC24 Highlights
https://www.apple.com/newsroom/2024/06/wwdc24-highlights/
What’s new in device management
https://developer.apple.com/videos/play/wwdc2024/10143/
AppleSeed for IT (login with Managed Apple Account from Apple School Manager)
https://beta.apple.com/it/
What’s New for IT WWDC 2024
https://beta.apple.com/download/1018225
Managing software updates for IT
https://beta.apple.com/download/1018221
Device Management Client Schema
https://github.com/apple/device-management
WWDC24 Videos
https://developer.apple.com/videos/wwdc2024/

About Michael Scott

Since 2007, Michael Scott has been a Systems Engineer at Apple, serving the education market. Michael got his start with Apple IT in 2000 when he learned to deploy Mac labs at the University of Colorado. Michael works out of his home office in Denver, and he loves all things MDM, DDM, and visionOS.

Note – Please be aware that by Apple’s policy, this presentation will not be recorded or accessible after the live broadcast.

Platform Single Sign On – Timothy Perfitt, Twocanoes Software

Platform Single Sign-on (Platform SSO) is a powerful feature that enhances authentication and security for macOS and other Apple devices. It allows developers to create single sign-on extensions that seamlessly integrate with the macOS login window. Let’s dive into the key aspects of Platform SSO: Users can synchronize their local account credentials with an identity provider (IdP). This synchronization ensures that their local account password matches their cloud-based IdP password. By linking these credentials, users can enjoy a unified authentication experience.

Platform SSO supports multiple authentication methods:

Secure Enclave–backed key: Users can log in without entering a password by using a Secure Enclave–backed key associated with the IdP during registration. This method enhances security and convenience.
Password authentication: Users can choose to authenticate using either their local account password or their IdP password. This flexibility accommodates different user preferences.

Platform SSO extends beyond traditional password-based authentication. Users can unlock their Mac using Touch ID or an Apple Watch. This biometric approach streamlines access while maintaining security.

To leverage Platform SSO, the following requirements must be met:

macOS 13 or later: Platform SSO is available starting from macOS 13.
MDM solution supporting the Extensible Single Sign-on payload with Platform SSO: IT administrators need an MDM solution that supports this feature.
IdP support for the Platform SSO authentication protocol: The identity provider must be compatible with the Platform SSO protocol.

Platform SSO simplifies authentication, enhances security, and provides a seamless experience for both users and administrators.

Tim will give an overview of Platform Single Sign On highlighting notables and features of importance to Mac Admins.

About Timothy Perfitt

Timothy Perfitt is the Founder and President of Twocanoes Software located in Naperville, IL. Tim started Twocanoes Software after a decade of working at Apple, Inc., in engineering. He is the creator of Winclone, Boot Runner, MDS, Smart Card Utility, and many more successful products focused on the Mac, iPhone, and iPad. His most recent open-source project, XCreds, provides a powerful and secure way to authenticate to cloud providers from the Mac. Tim is focused on macOS and iOS authentication, including certificate-based authentication, smart cards, remote access, and code signing. Tim has a Bachelor of Science in Electrical Engineering from Michigan State University and a Masters Degree from California State University. Tim enjoys renovating his grandfather’s Model A and going to the dog park with his two labs.

Video – To view the archived presentation video, click here.
Slides – To view the archived presentation slides, click here.

Open Discussion

Questions, comments, problems, and fixes.

Directions

This meeting will not be held in person but will be done virtually using Zoom video communications architecture.

With Zoom we will implement the following security best practices:

Require a Password to Join This meeting will require a password to join the meeting. Information will be emailed via a campus internal list, but if you are external and want to attend the meeting, please use the Contact Us form to receive details. Else, the archive of the meeting will be available 2-3 days after the live meeting.

Waiting Room When joining the meeting you will be placed in the Waiting Room by default and the hosts will give you access to the live meeting.

Miscellaneous We will also implement other settings and safeguards to secure the meeting.

Archived Presentation(s)

Archives of the presentations will be available on this web page.

June 2024 – MacAdmins Meeting