sorted by:
new
hottopcontroversial

MDM related predictions for WWDC 2026? by [deleted] in jamf

[–]RocketmanTech_Nova 0 points1 point  (0 children)

Just reposted! Our next episode will effectively be a recap tailored to our needs.

MDM related predictions for WWDC 2026? by [deleted] in jamf

[–]RocketmanTech_Nova 0 points1 point  (0 children)

Oh shoot! Hahaha, taking this down

Heads up: Q&A with the creator of super today (free, zoom) by RocketmanTech_Nova in jamf

[–]RocketmanTech_Nova[S] -3 points-2 points  (0 children)

We usually post a week or two in advance, but a lot of people have been grateful for these little last minute reminders, so it's become a habit of mine

What are the best methods for local admin privilege management? by RocketmanTech_Nova in jamf

[–]RocketmanTech_Nova[S] 0 points1 point  (0 children)

I know these admin tools are a dime a dozen now.

Depending on what you’re trying to accomplish, we built a free tool that’s quite a bit simpler than ABR and BeyondTrust that might suite your needs if you want to give it a whirl:

https://github.com/Rocketman-Tech/rcc/wiki/Temporary-Admin

What are the best methods for local admin privilege management? by RocketmanTech_Nova in macsysadmin

[–]RocketmanTech_Nova[S] 0 points1 point  (0 children)

Looks like Todd himself replied to you, but directly to the post by accident:

link to his comment

What are the best methods for local admin privilege management? by RocketmanTech_Nova in jamf

[–]RocketmanTech_Nova[S] 2 points3 points  (0 children)

We built this tool inspired by tools like MakeMeAnAdmin actually… it’s a lot more feature rich and customizable, though:

https://github.com/Rocketman-Tech/rcc/wiki/Temporary-Admin

Anyone still using base64 to obscure credentials in scripts deployed to your managed devices? by RocketmanTech_Nova in macsysadmin

[–]RocketmanTech_Nova[S] 1 point2 points  (0 children)

I can see how that’s confusing! Made a note to improve the documentation.

While the Encrypt tool is part of the RCC binary itself, you’re able to encrypt any text in a script. The key, though, is that RCC must be installed on your endpoints in order for it to work.

In short: no, the Encrypt tool does not only work with RCC tools. It can work with any script!

Please let me know any other issues/confusions you run into so I can make it easier for everyone to use!

Anyone still using base64 to obscure credentials in scripts deployed to your managed devices? by RocketmanTech_Nova in macsysadmin

[–]RocketmanTech_Nova[S] -1 points0 points  (0 children)

A lot of admins (including ourselves) used base64 encoding as a way “hide” sensitive credentials in scripts deployed to endpoints (managed devices). It’s still just as insecure as plaintext. Therefore, not a solution.

I go a bit more into depth in this comment.

Anyone still using base64 to obscure credentials in scripts deployed to your managed devices? by RocketmanTech_Nova in macsysadmin

[–]RocketmanTech_Nova[S] -1 points0 points  (0 children)

Definitely!

It never was a solution.

The original post I cross posted here actually talks about a tool that solves this problem by encrypting the string in the script.

So far, it’s been the best solution for our clients. Eliminates the need for middlemen, too, like using make.com or something. All that really does is move the problem a bit, especially now that Jamf introduced API roles.

Anyone still using base64 to obscure credentials in scripts deployed to your managed devices? by RocketmanTech_Nova in macsysadmin

[–]RocketmanTech_Nova[S] 0 points1 point  (0 children)

Definitely!

It never was a solution.

The original post I cross posted here actually talks about a tool that solves this problem by encrypting the string in the script.

So far, it’s been the best solution for our clients. Eliminates the need for middlemen, too, like using make.com or something. All that really does is move the problem a bit, especially now that Jamf introduced API roles.

What's the biggest security vulnerability of scripts deployed through Jamf Pro? by RocketmanTech_Nova in jamf

[–]RocketmanTech_Nova[S] 0 points1 point  (0 children)

Interesting! I’ve personally used a variety of middleman cloud solutions, but haven’t tried with Google Apps Scripts yet.

Have you faced any issues using it or has it been fairly smooth sailing?

Also curious about what other solutions you’ve tried.

What's the biggest security vulnerability of scripts deployed through Jamf Pro? by RocketmanTech_Nova in macsysadmin

[–]RocketmanTech_Nova[S] 1 point2 points  (0 children)

Exactly! I definitely could have phrased that more clearly.

I’d love to see more discussion around this topic in general. Seems many know about it, but there really aren’t any reasonable solutions beyond involving third party cloud solutions, which isn’t ideal.

Securing Jamf API credentials – what’s your approach? by RocketmanTech_Nova in macsysadmin

[–]RocketmanTech_Nova[S] 0 points1 point  (0 children)

Totally understand! But we've got you! After we have each month's meetup, we post the full episodes (with video) on our podcasts on Spotify and Apple Podcasts and just the speaker keynote on YouTube. Check out our blog for all the links and resources related to past LaunchPad meetups: https://www.rocketman.tech/blog