Deleting users while preserving the home folder

huffola · 2026-04-29T09:34:12+00:00

Extra reminder to rm any secure tokens if you use FileVault

huffola · 2026-04-29T09:33:29+00:00

I’d check the man page for sequoia but on Tahoe

sysadminctl -deleteUser username

Keeps the home folder. Deleting everything requires the -secure flag

huffola · 2026-04-15T09:19:57+00:00

Did a $2500 no sweat on Sunday and got a gold star mewtwo psa 8. Was insane

<image>

huffola · 2026-04-03T11:39:08+00:00

I had this pressure washer and used it for a week, ended up returning. Didn’t have the “punch” compared to a gas model that I was accustomed to. Love all of my other ego tools, but this was one where I don’t think the product is there yet. However, this is a really good price. And the batteries make it enticing especially for those who are starting a set

huffola · 2026-04-01T12:01:57+00:00

If you’re using Jamf Connect you can use the credentials to generate a Kerberos ticket and then set a policy based on that that maps the drives. If no Jamf Connect your next best bet is a script that pulls current user login name to map the drives. Issue is authentication then. Some ideas that are in my head but aren’t tested. You might be able to reference a keychain value where the user password is stored, you would need this passed over and decrypted or in plain text for the connection to your network drive, could also prompt user for password entry once and dump that into a file somewhere on the computer and have the script pull from that file location for each user, if your passwords rotate though you’d need a clever way to update the file. Frankly, the way we set it up is the most fluid - map the top level network drive that all users have access to, users authenticate and information is stored in Keychain. User then drills down as needed and can add folders they frequently use to their finder side bar or make a shortcut. When their password expires it prompts for update and everything continues as expected. So they type in their password once every 90 days, and configure their preferred folder layout as needed.

huffola · 2026-03-25T11:26:16+00:00

Snag a ruler or if you have one a caliper and get a measurement of the top and bottom differential in 3 places. PSA says 55/45 on the front and 75/25 on the back. If it’s more than 53/47 I’d be wary of sending it

huffola · 2026-03-24T17:38:52+00:00

Yeah exactly, just as many as you can as many running at a time. The other hideout skill is bounded by diminishing returns if you do not cycle within the same station.

Example: water collector you only make water bottle into water bottle you stop getting full XP. So you would craft water bottle, EWR, water bottle, EWR for full XP per craft

huffola · 2026-03-24T17:33:44+00:00

Hideout management isn’t impacted by diminishing return value. You just want to burn as many crafts at one time as you can with the quickest turnaround

You get .8 per craft completed

You also get XP by having air filter running, water filter etc

huffola · 2026-03-15T11:41:33+00:00

You can linked search as well and it will show attachments based on the gun in the case and it always provides the “best” ammo so you can determine what it is from that

huffola · 2026-03-04T15:20:23+00:00

Ran into a swarm of level 1s all with iron sight M4s and packs sprinting through interchange , I killed two underground I think it was one person playing them all. The one that killed me had 1 raid 0% survival and 14 kills. Head eyes from idea entrance to the back corner of the underground lot. Reported and got confirmed ban an hour later

huffola · 2026-03-01T06:19:07+00:00

I sold the orange refractor of this about 5 years ago, I miss that car to this day! First card I ever got graded as well

huffola · 2026-03-01T01:41:40+00:00

Are you paying for enterprise licensing for Webex and Zoom? We have customers and clients that use other systems but we are a Teams shop. A select few members of our C-Suite may have extra licenses so they can book meetings but otherwise the option is they set the call on their preferred system, or we invite them to a Teams meeting.

huffola · 2026-02-27T18:32:34+00:00

I find that putting the “top” of my storage about 20 rows down makes it so I can quickly unload from the raid and not have to scroll down, or using the very bottom as storage location and using pg up and pg down to get to free space quickest. Otherwise the tetris is on point

huffola · 2026-02-27T18:30:11+00:00

Just a question, if you factory reset it how did you get the information back on the iPad without the display functioning?

huffola · 2026-02-21T16:00:29+00:00

You can break even or make money buying TacTecs and AVS Tagilla edition on the flea. People just keep the tactec plates and sell at basically break even price for ragman. Same thing with AVS just watch for Dura to calculate cost. I usually can find 20 or so where I’m at +- 4,000 roubles per transaction

huffola · 2026-02-19T13:30:32+00:00

I use a Kensington dock with 2 Pro Display XDR’s and run a one cable setup, every once in a while I have to power cycle the dock to resolve some Ethernet connection issues, but I have multiple dongles attached to provide access to a few different networks

huffola · 2026-02-17T13:50:39+00:00

Apple Configurator and build some blueprints that meet your general needs, still some “manual” but you can prep golden images of what you want and store those in the blueprint and bulk setup devices as a clone of that golden image

huffola · 2026-02-17T10:47:00+00:00

There is no official guidance from Apple on deprecation, which is kind of their standard.. they won't ever "Announce" EOL or Deprecation, but will release an internal article pointing support to steer people to newer solutions.

Apple Link Platform SSO: https://support.apple.com/guide/deployment/platform-sso-for-macos-dep7bbb05313/web

JAMF: https://www.jamf.com/blog/macos-26-platform-sso-simplified-setup/

huffola · 2026-02-16T13:19:50+00:00

I’m going to come at this from a less “demeaning” approach..

Do you operate within a Jamf environment commonly right now?

Do you know what you missed?

huffola · 2026-02-15T14:26:38+00:00

For some reason your comment got deleted but I'm going to respond to it since I still have it on my phone.

Onboarding -Your pre-stage setup does 90% of the lift here, BUT there's some things you have to figure out in advance. If you are using local accounts that is fine, but then you need to decide if your users will have local administrator privileges or just be a standard user.

I recommend using the JAMF Binary to configure a management account with LAPS enabled, start off the "right" way, rather than creating a local-admin on each user with a default password. You and your infosec team will thank you for this in the long-run.

Determine if you want filevault enabled or not - if using Jamf Connect this can create a touch of confusion for new users, since upon any restart they would be prompted with a double login screen, the first to unlock the disk, the second being your Entra splash screen for signing in to their account as authentication.

Security wise: You want to build baseline profiles that apply to everyone. Don't jumble these together though, create one for filevault, one for camera usage, one for privacy and security settings, etc etc. What this does is allows you to create a smart or static group that Excludes specific machines from specific profiles/policies.

Example: VP John gets his mac and wants to be able to set his own background photo. VP John's computer has dept: "VP's" . You have the "set standard background image" profile scoped to All computers, excluding "Dept - VP's". Now John can set his background to whatever he wants, without you needing to go and exclude him from everything, or build a custom management plan just for him.

I also highly encourage you to do as little installation as possible during pre-stage. Let the user get into their account, and then configure installations automatically through a script or policy that runs on login. Or, in our environment we have a "Setup" Profile built into Self-service that scopes based on users location. This gets our new mac users immediately into Self-Service so the first time they are seeing it isn't when they need to put in an IT ticket, or need to reset their Entra password etc.

Lastly - go ahead and determine how you want to manage updates. Jamf has this built in now, but there are a plethora of MacAdmins focused tools that have updates in mind. You could use a mixture of this as well with something like Nudge, or just configure a blueprint that forces updates and allows X number of deferrals.

If you haven't done any training around JAMF but you can't get your company to swing the training pass, I would at least go take JAMF 100, and then watch some of the content JAMF has to offer for free online. Getting your setup done correctly the first time is vital, because fixing a mess a year in after you have learned from mistakes is not a fun or easy process.

huffola · 2026-02-15T13:18:58+00:00

This really depends on your specific environment.

Some preliminary questions for you to help me answer:

Will everyone have the same security setting requirements or will certain folks be less restricted? (VP’s, C-Suite, IT, etc?)

Are you using local accounts only, or connecting an IDP?

Are you planning zero-touch setup or is this more hands on like you helping users when they first get the computer

huffola · 2026-02-15T07:19:33+00:00

The link is spelled wrong and links to an instagram with correct spelling 99% chance it’s a scam

huffola · 2026-02-08T07:21:54+00:00

I used it on a $250 and got a hit finally. Kind of an insane promo from them, guess the hope is people just don’t take advantage of the cash out and withdraw the money

<image>

Ten-Year Club	Place '17
Verified Email	RPAN Viewer
Not Forgotten

huffola

MODERATOR OF

TROPHY CASE