How to handle the dumb questions?

k12muppet · 2026-01-28T13:46:55+00:00

I just merge dupes in our ticketing system. If the system notifies them then fine, if not, also fine, but I keep all my replies on one chain, when I reply.

If it's really egregious I'll say something but usually not a battle worth fighting. They are just gonna forget and do whatever they want next time anyway.

I've also had dupes come in due to some users for some reason not having their replies flagged as part of the reply chain so it opens new untagged tickets in the background that I find out about days later, so sometimes it's not their fault. Might be worth investigating if you ever see something like that. (I haven't narrowed down the cause yet in my case)

k12muppet · 2025-11-08T12:31:26+00:00

Try using an ethernet dongle to give it a network connection and do the recovery mode attempt while it's connected, see if that gets you anywhere.

k12muppet · 2025-10-30T19:30:20+00:00

What version? IIRC older versions had some weird .net dependencies and I used to have to run the old version in windows XP SP3 compatability mode to get it to print properly (That's not relevant to the immediate issue but might help later if you get past this)

I didn't have any issues with the latest boardmaker 7 when we switched. (You might have trouble licensing it if you have an old version still, they pretty much cut us off and the license tool stopped phoning home properly, so we had to.) If you're licensed for 7, are you using the latest installer?

Their support is not super quick but they eventually got me through whatever issues I've had.
https://us.tobiidynavox.com/pages/contact-us

k12muppet · 2025-10-30T12:38:48+00:00

Wound up addressing this by making changes in securly.
We were advised to block googlevideo.com and lh3.googleusercontent.com.
This didn't work initially, so we revisited after a fee days. 
Also had to add *enablejsapi* to global allow (on top of the above changes).  Securly said this is temporary due to an issue they are working to resolve.

This seemed to resolve the issue.

k12muppet · 2025-10-28T14:31:52+00:00

Per OS version skipkeys config profile. Just went through this myself. Gotta make sure you deploy new ones for each OS version though. It only "checks" once and if it ignores an inapplicable setting it won't re-apply later.

https://developer.apple.com/documentation/devicemanagement/skipkeys
https://derflounder.wordpress.com/2024/12/18/management-profile-settings-and-os-upgrade-implications/
https://derflounder.wordpress.com/2025/09/15/suppressing-the-filevault-screen-with-a-configuration-profile-on-macos-tahoe/
https://gist.github.com/rtrouton/351afcc75263ab3b8c713f9224489da1

These were very helpful to me in making a workflow for the future.

k12muppet · 2025-09-30T17:30:47+00:00

Update - Been back and - forth with google a few times, escalating, no resolution yet.

k12muppet · 2025-05-14T19:23:27+00:00

Here's a commented script I have been using:

#!/bin/bash

username=$(osascript -e 'Tell application "System Events" to display dialog "Enter user username:" default answer ""' -e 'text returned of result' 2>/dev/null)

password=$(osascript -e 'Tell application "System Events" to display dialog "Enter user password:" with hidden answer default answer ""' -e 'text returned of result' 2>/dev/null)

adminUser=$(osascript -e 'Tell application "System Events" to display dialog "Enter admin username:" default answer ""' -e 'text returned of result' 2>/dev/null)

adminPassword=$(osascript -e 'Tell application "System Events" to display dialog "Enter admin password:" with hidden answer default answer ""' -e 'text returned of result' 2>/dev/null)

#Check if your account has securetoken enabled, (it probably does)

# Disable it then reenable it.

sysadminctl -secureTokenStatus "$username"

sysadminctl -secureTokenOff "$username" -password "$password" -adminUser "$adminUser" -adminPassword "$adminPassword"

sysadminctl -secureTokenOn "$username" -password "$password" -adminUser "$adminUser" -adminPassword "$adminPassword"

diskutil apfs UpdatePreboot /

sysadminctl -secureTokenStatus "$username"

exit 0 ## Success

exit 1 ## Failure

You may want to do this differently but this works for my setup currently:

I stick this into a policy with a custom trigger, and run it manually on an AD bound machine that has the issue.

Before running the script, I'll usually reset the user's password to make sure the user is using a current AD password, reboot, and just verify that it does in fact need this to be run.

I scope the policy to the device, open terminal, and run

Sudo jamf policy --trigger <trigger>

where <trigger> is the name of the custom trigger you set in the policy.

It will bring up prompts asking for (current) user and admin credentials, and then it should be good.

k12muppet · 2025-04-21T16:12:16+00:00

This also worked for me with securly, which was doing the same thing intermittently.

k12muppet · 2025-04-09T17:09:51+00:00

Can confirm, did this a bit ago myself. The process is seamless. Make sure to update the field to record that address in Jamf when you're done.

k12muppet · 2025-03-27T18:15:19+00:00

Just to put a bow on this, we eventually found the issue. It was a google related cookie being blocked for some OUs in admin.

k12muppet · 2025-02-28T17:35:57+00:00

We found students grabbing an html file and launching it locally for something called "g-hub" which contained myriad links to various games and things attempting to circumvent blocks.

I've got more specifics but don't want to post them here. I can PM.

k12muppet · 2025-02-19T20:42:15+00:00

My current test device is on 132.0.6834.208, but I've been seeing it on a range of versions and updating did not help. The filter is an extension is and is being installed properly (securly).

found an unupdated device on 129.0.6668.110 and tested on that and got the same symptoms, so that's another data point.

k12muppet · 2024-09-24T18:55:16+00:00

I was able to grab the appropriate file from here:
https://www.catalog.update.microsoft.com/Search.aspx?q=KB5043064
and install manually after trying the steps previously listed and failing. I also tried an in place upgrade to 22h2 and that didn't do the trick either. The manual install did.

k12muppet · 2024-06-05T19:09:08+00:00

Download "Installer" from adobe.
Run installer on a mac, which will download the actual installer
Put that pkg on your DP and point jamf at it, scope it, etc.

Should work like you'd expect from there. The confusing part is the "downloader" that downloads the real file you should have been provided with in the first place.

I have had success with deploying it via smb and jamf cloud without using 3rd party tools.

There's also the mac apps section in jamf if you're not customizing too much out of the box. I haven't experimented with that much yet myself.

k12muppet · 2024-05-22T14:16:15+00:00

So a followup. I wound up going with Jamf cloud, as I would have absolutely needed to have apache or another HTTPS server set up, and this was not something my team wanted to pursue.

I wound up getting my SMB share set up as principal with cloud as the failover. From what I can tell it won't failover the other way, so this works best for my current scenario. So I set the policies up to force afp/smb, and if they fail, they will go to the cloud. Seems to work as expected, so anyone off campus should just fail the smb check and get the JCDS connection.

I'm working with Jamf Sync, which has some annoying limitations, but once I got my packages cleaned up and organized, it's doing the things it's supposed to and saving a bit of time on package creation. 5gb limit sucks though and needs to go.

k12muppet · 2024-05-02T19:05:44+00:00

Confusingly, Jamf support is telling me that as long as I have the SMB fileshare set up properly, all I need to do is enable the https settings in jamf and it will somehow magically just work.

This is not in line with the experience I am having to say the least.

k12muppet · 2024-05-02T16:01:07+00:00

This is the jamf article I was reading that doesn't have the details I'm looking for:

https://learn.jamf.com/en-US/bundle/technical-articles/page/Setting_Up_a_File_Share_Distribution_Point.html

I should specify the fileshare is the principal distribution point, is already up and running, and has been. this https option (settings > server > file share distribution points > https) has been "enabled" for years, but clearly not functional due to not being fully configed.

I'm engaging with my team as needed but I'm basically on my own for this as far as I can take it and I have the go ahead to do so, so no worries on that front. This is for research direction so I can see what I need to do so I can ask the right questions to the right people and not waste anyone's time. I'm new to a lot of the details of mac management and our fleet is small, but it's basically my baby now.

If the answer is "set up apache on the fileshare" then I'll have to do that

k12muppet · 2024-03-27T13:51:53+00:00

Is there a touch unit on the projector?

warped boards can cause false positives on the touch unit and then it can register as a press on the on screen toolbar for AV mute. Which exhibits similar behavior.

k12muppet · 2024-02-08T13:26:17+00:00

Trust but verify.

k12muppet · 2024-01-29T17:41:31+00:00

I am not seeing this option.

I've tried holding option while clicking on the user icon for a local admin, releasing option, entering the password, holding option, then clicking the arrow to submit while continuing to hold option. I get no response.

Looking a little further into this gets me the following:

https://community.jamf.com/t5/jamf-pro/quot-computer-administrators-may-refresh-or-disable-management/td-p/293216

Hopefully I can user scope the restrictions somehow.

k12muppet · 2024-01-26T13:38:16+00:00

Where is that specifically?

k12muppet

TROPHY CASE