May 2026 – MacAdmins Meeting

15 May May 2026 – MacAdmins Meeting

May 20th, 2026 – University of Utah, MacAdmins Meeting

The University of Utah MacAdmins Meeting is held virtually monthly on the 3rd Wednesday of each month at 11 AM Mountain Time. Presentations cover Apple technology and integration in a heterogeneous university enterprise environment. This month’s meeting will be held on Wed, May 20th, 2026, at 11 AM MT virtually using Zoom. Live broadcasts and archives are available to the MacAdmin community 2-3 days post-meeting.

Introduction to Infrastructure as Code – Ryan Legg, Jamf

In the world of modern device management, “ClickOps”—the manual configuration of settings via a GUI—is becoming the primary bottleneck for scaling IT operations. Whether you are managing 500 devices or 50,000, manual changes lack auditability, peer review, and repeatability.

This session introduces Infrastructure as Code (IaC) as the solution to these challenges. We will explore how treating your Jamf Pro environment like software allows MacAdmins to version-control their settings, automate deployment workflows, and eliminate configuration drift.

Ryan will take you behind the curtain at Jamf to show how we utilize Terraform to manage complex ecosystems. We’ll move beyond the theory to demonstrate the real-world solutions we’ve built to date—including automated instance bootstrapping and multi-tenant synchronization—and provide a first look at the future of Jamf’s Terraform and Infrastructure as Code (IaC) roadmap.

About Ryan Legg

Worked for Apple for 9 years, the last 4 of which were spent in IS&T. Moved to Jamf a little over 4 years ago – I spent close to 3 years as a Security Overlay Solutions Engineer focused on Jamf’s security products and I’ve spent the last nearly year and a half supporting Jamf’s largest customers from a technical standpoint. The last 2.5 years have been spent building demo infrastructure for internal as well as external targets. A huge part of that has been heavily focused on Terraform and Infrastructure as Code.

Evolution of macOS Security – Csaba Fitzl, Iru

In this talk, I will give an overview of how macOS security has improved over the years, related to logic vulnerabilities. I will go through how the Sandbox (SIP), GateKeeper, and TCC evolved over the past 7 years, what new generic mitigations Apple introduced, and how all of these impacted various kinds of vulnerabilities and exploits. We will see what kind of bug classes, which were once all around, are dead now, thanks to Apple’s efforts, and how the life of a security researcher is getting harder year by year. At the end, we will also touch on some serious long-term open issues.

About Csaba Fitzl 

My name is Csaba Fitzl, also known as “theevilbit”, which comes from RFC 3514. I graduated in 2006 as a computer engineer. I have worked for 6 years as a network engineer, troubleshooting and designing big networks. After that, I have worked for 8 years as a blue and red teamer focusing on network forensics, malware analysis, adversary simulation, and defense bypasses. Then I was working for OffSec and developed the EXP-312: Advanced macOS Control Bypass course. Currently, I’m working for Iru as a Principal macOS Security Researcher. I gave talks/workshops at various international IT security conferences, including Hacktivity, hack.lu, Troopers, SecurityFest, DEF CON, Black Hat USA, and Objective by the Sea. I spend my free time with the family, hiking, or trail running in the mountains.

iMazing Profile Editor – Profile Workflows Update – Ari Leviatan, DigiDNA

This session is an update for system administrators who use iMazing Profile Editor to configure fleets of iOS, macOS, and other Apple devices. The app from DigiDNA has become the go-to tool for creating and managing Apple configuration profiles, and new features added in the recent version 2.2 release unlock a number of workflows and time savings, which we will cover. We will start by taking a look at how to work around third-party app configuration limitations in the just-released Apple Business using the app’s MCX payload features. Then, we will cover how to maximize the drag-and-drop and copy-paste enhancements, which were requested by community members working with MDM services where uploading custom payloads instead of full profiles is preferable. We will finish up with a demo of the new signing identities selector and the new reduced-distractions signed profile loading sequence.



We will start by taking a look at how to work around third-party app configuration limitations in the just-released Apple Business using the app’s MCX payload features. Then, we will cover how to maximize the drag-and-drop and copy-paste enhancements, which were requested by community members working with MDM services where uploading custom payloads instead of full profiles is preferable. We will finish up with a demo of the new signing identities selector and the new reduced-distractions signed profile loading sequence.

About Ari Leviatan

Ari Leviatan is a Director, B2B Engineering with DigiDNA, makers of the popular iOS device management app iMazing. He oversees all device configuration initiatives, including the development of iMazing Profile Editor and the collaboration on the ProfileManifests project that powers it. From time to time, you’ll find him actively engaging with users on the Mac Admins Slack community.

Open Discussion

Questions, comments, problems, and fixes.

Directions

This meeting will not be held in person but virtually via Zoom video communications architecture.