Digital Certificates: Trust is important in any relationship.

Speakers: Jesse Peterson

Level: Fundamental, Lecture

Excerpt: How do your computers know to trust a server, website, or cloud service and how is this trust established? In this talk we’ll cover the high-level conceptual design of public key cryptography (PKI) that underlies digital certificates as well as going into (sometimes very) specific detail on exactly what certificates are, how they’re constructed, and how they work for you and sometimes against you.

Description: (I couldn’t think of anything longer to to type/write without going into an outline of the presentation. I provide an outline in the conference committee notes)

How do your computers know to trust a server, website, or cloud service and how is this trust established? In this talk we’ll cover the high-level conceptual design of public key cryptography (PKI) that underlies digital certificates as well as going into (sometimes very) specific detail on exactly what certificates are, how they’re constructed, and how they work for you and sometimes against you.


About the speaker

Jesse Peterson (Twitter: @jessecpeterson) – – Facebook

Jesse has been working with technology for most of his life. Consulting, start-ups, large organizations, and hobbies with a dedication to using and contributing open source software in all his roles.

Most of his professional career has included supporting and managing Macs and Apple devices in one fashion or another. As a Client Platform Engineer at Facebook in Seattle he helps wrangle the large Mac fleet (and Windows, Linux, and mobile platforms, too). As an IT Consultant at MacTechs in Seattle, he’s helped organizations with Mac management and more ranging from startups and small businesses to large corporations and government. With a strong enjoyment of and advocacy for development and DevOps he has developed software and solutions to fun and interesting IT projects (and, of course, to open source them along the way!).

Jesse is a proud member of the Mac admin community and is excited and honored to return as a speaker at PSU MacAdmins.

Posted in MacAdmins 2018 Sessions | Leave a comment

Roam if You Want To: Wi-Fi Client Mobility

Speakers: Chris Dawe

Level: Advanced, Lecture

Excerpt: In this session we will attempt to demystify Wi-Fi roaming, understand what leads to “sticky client”, and discuss what we can do to fix it.

Description: We will explore the fundamental concepts of Wi-Fi roaming to provide a basis for understanding Wi-Fi client behavior. We will iterate, explore, compare, and contrast macOS and iOS roaming behaviors, and we will explore advanced roaming technologies such as 802.11k and 802.11r, and discuss their applicability and limits in macOS and iOS network environments. Finally, we will discuss how WiFi network design interacts with roaming behavior, review techniques for influencing roaming behavior, and explore tools that may help provide further understanding of your clients’ roaming characteristics.


About the speaker

Chris Dawe (Twitter: @ctdawe) – Principal Systems Engineer – Wheelwrights

Chris is a consultant focused on MacOS, iOS, and networking. Chris handles a wide variety of work, including system assessment, design, deployment, and support. When not working, Chris dabbles in American history, cooks when he can, and appreciates both whiskey and whisky. Chris lives with Emily in Seattle, Washington, where they are doing their best to furnish the townhouse.

Posted in MacAdmins 2018 Sessions | Leave a comment

Deploying Windows on the Mac

Speakers: Timothy Perfitt

Level: All Levels, Lecture

Excerpt: The Mac has support installing Windows for a long time, but deploying Windows can be a challenge both for Windows and Mac administrators who are unfamiliar with the process. Learn about how the Mac boots Windows, how it works with new Secure Boot in the new iMac Pro, how to customize Windows installation to install software, drivers, bind to Active Directory, run scripts, and more. If you have dual boot Macs, come and learn the ins and outs of dual boot Mac deployment including using Munki, DEP, and packages to deploy Windows in a Mac environment.

Description: The Mac has support installing Windows for a long time, but deploying Windows can be a challenge both for Windows and Mac administrators who are unfamiliar with the process. Learn about how the Mac boots Windows, how it works with new Secure Boot in the new iMac Pro, how to customize Windows installation to install software, drivers, bind to Active Directory, run scripts, and more. If you have dual boot Macs or are looking to deploy dual boot Macs, come to this session and learn the ins and outs of dual boot Mac deployment including using Munki, DEP, and packages to deploy Windows in a Mac environment. I’ll also share best practices we learned while preparing an image for deploying 5,000 dual boot Macs to teachers and students.


About the speaker

Timothy Perfitt (Twitter: @tperfitt) – Founder – Twocanoes Software

Timothy Perfitt is founder and CEO of Twocanoes Software. He started the company in 2012 in Naperville, IL in an effort to build best of breed Mac and iOS software and hardware. Taking advantage of Apple’s iBeacon and the excitement around close-proximity sensors, Twocanoes has created a short-range Bluetooth device that alerts customer-aware systems of a nearby mobile device called Bleu.

Prior to starting Twocanoes, Timothy worked for Apple for over 10 years and developed the first ever certification training for OS X and OS X server, which led him to work with the Apple engineering team that focused on Higher Education and Fortune 500 large scale environments.

Timothy graduated from Michigan State University with a degree in Electrical Engineering and in 2006, received his Masters Degree in Computer Science with a thesis on large scale, distributed peer-to-peer microblogging.

Timothy lives in Naperville, IL, with his wife and 10 year old son. He is a Returned Peace Corps Volunteer, serving in the Solomon Islands from 1991 to 1993 and is fluent Pijin, the common language of the Solomon Islands.

Posted in MacAdmins 2018 Sessions | Leave a comment

Understanding, requesting, and using X.509 Certificates on macOS

Speakers: Timothy Perfitt

Level: Intermediate, Hands-on (BYOD for attendees)

Excerpt: Digital Certificates are a secure way for authentication and are a key component for many network services access by macOS. This session covers the basics of X.509 certificates, including the parts of a digital certificate, generating and submitting certificate signing requests, verifying digital signatures, and more. Attendees will use their own mac to create a certificate signing request, manually verify the signature in the certificate, and configure services on macOS to use the certificate. You’ll leave understanding what role certificates play in IT infrastructures, how to create and submit certificate signing requests, and how to configure common services on macOS to use certificate-based authentication. You’ll also learn about how newer Macs have a secure enclave that can be used to store digital keys.

Description: Digital Certificates are a secure way for authentication and are a key component for many network services access by macOS. This session covers the basics of X.509 certificates, including the parts of a digital certificate, generating and submitting certificate signing requests, verifying digital signatures, and more. Attendees will use their own mac to create a certificate signing request, manually verify the signature in the certificate, and configure services on macOS to use the certificate. You’ll leave understanding what role certificates play in IT infrastructures, how to create and submit certificate signing requests, and how to configure common services on macOS to use certificate-based authentication. You’ll also learn about how newer Macs have a secure enclave that can be used to store digital keys.

During the session, you’ll generate your own Active Directory certificate signing request using kerberos credentials, install a certificate in your keychain, and use that certificate in a variety of ways.


About the speaker

Timothy Perfitt (Twitter: @tperfitt) – Founder – Twocanoes Software

Timothy Perfitt is founder and CEO of Twocanoes Software. He started the company in 2012 in Naperville, IL in an effort to build best of breed Mac and iOS software and hardware. Taking advantage of Apple’s iBeacon and the excitement around close-proximity sensors, Twocanoes has created a short-range Bluetooth device that alerts customer-aware systems of a nearby mobile device called Bleu.

Prior to starting Twocanoes, Timothy worked for Apple for over 10 years and developed the first ever certification training for OS X and OS X server, which led him to work with the Apple engineering team that focused on Higher Education and Fortune 500 large scale environments.

Timothy graduated from Michigan State University with a degree in Electrical Engineering and in 2006, received his Masters Degree in Computer Science with a thesis on large scale, distributed peer-to-peer microblogging.

Timothy lives in Naperville, IL, with his wife and 10 year old son. He is a Returned Peace Corps Volunteer, serving in the Solomon Islands from 1991 to 1993 and is fluent Pijin, the common language of the Solomon Islands.

Posted in MacAdmins 2018 Sessions | Leave a comment

K-12 Web Filtering, the Good, the Bad, and the Ugly

Speakers: Jarrod Coombes & Amanda Wuest & Bob Gendler & Damien Barrett

Level: All Levels, Lecture

Excerpt: If I were directed to install a web filter, what would I do? Who would I ask? Where would I go for information that isn’t a PR page full of marketing speak, lies, and promises? A discussion on web filtering aimed towards K-12 based off what the vendors say and what people have actually experienced.

Description: K through 12 web filtering is a challenge which is encountered by every Mac admin in the education market. We have all struggled to find the perfect solution that is appropriate for our environment.

How is web filtering at four very different schools, St. Andrew’s Episcopal School, Montclair Kimberley Academy, Lower Merion School District, and Menlo Park City School District, handled? Come find out what products we all use for web filtering and internet protection, learn what other solutions are out there and what we have evaluated for our environments.

The filtering solution which you put in place will depend heavily on the culture of your school. And, we all know that public schools and private schools often have very different cultures and even different laws a school must follow for filtering. These differences may affect the type of filtering that is applied at your school and how it’s applied. We hope to discuss what does this mean for you as an administrator and for the students using the computers.

Web filtering can work in different ways and at different levels, onsite or offsite. And even then the way in which filtering solutions within these confines of onsite or offsite can work differs depending on if an agent is installed on the device, is it DNS based, proxy based, or VPN based. Additional, some work only at the firewall level. What are the pros and cons for each of these approaches, and which would work best for your needs?

All four schools utilize different methods to prevent students from circumventing the filters which are in place. How can you prevent this at your school?

This presentation is an open panel discussion on web filtering and the solutions that schools and organizations have used. We hope to highlight the pros, cons, and the gotchas of each filtering solution used in the educational market.


About the speakers

Damien Barrett (Twitter: @damienbarrett) – K-12 Mac System Technician – Montclair Kimberley Academy

Damien has been supporting Macs for more than 20 years in corporate, small business, and education environments. He’s worked as an Apple Certified Macintosh Technician, Apple Certified Trainer, Interim IT Director for a cable access television station, and ran his own consulting business for several years in Manhattan. Damien currently works as a Mac System Technician for a large private school in New Jersey.


Bob Gendler – Apple Platform Engineer/1-to-1 Coordinator – St Andrews Episcopal

Bob Gendler is an Apple fanatic using Apple products as far back as the Apple //gs. He graduated from the Rochester Institute of Technology with a bachelor’s degree in Information Technology and has been in the technology field ever since. He was previously the Technology Coordinator at an international nonprofit but has been the Laptop Program Coordinator at St. Andrew’s Episcopal School since June 2012.


Amanda Wuest – Client Systems Administrator – Lower Merion School District


Jarrod Coombes – IT Systemd Administrator – Menlo Park City School District

Jarrod is originally from South Africa and has been working with computers systems since the late 80s. In that time he has gone from a Best Buy geek, to an entrepreneur and then all the up to a system administrator. These days you will find him poking around on the network of Menlo Park City School District, making it better in most cases, and worse in others. At home you’ll find him poking at his personal network as well as rebuilding and programming computers from the late 80s to the early 90s (he has quite the collection of antiquated computers stuff).

Posted in MacAdmins 2018 Sessions | Leave a comment