Yosemite: Advanced Client and Server
Course Description
Students will learn both OS X Yosemite as a directory service client, and OS X Server for Yosemite as a directory server. Cross platform solutions are emphasized in both instances. In working with OS X Yosemite, students learn how to use network accounts and Kerberos authentication with any common directory service, such as Apple’s Open Directory, Microsoft’s Active Directory, or an industry-standard LDAP Server. Students learn both basic and advanced options via the user interface and command line including scripting options to facilitate easier integration. In working with OS X Server for Mavericks, students learn how to run a robust, scalable directory system using Apple's Open Directory service.
Students will learn about the core elements of digital certificates, practical digital certificate usage and the OS X Server for Yosemite certificate authority.
Students will learn about iOS Deployment using OS X Server for Yosemite a platform to configure, secure and manage iOS devices. The class covers preparing iOS devices for supervision using Apple Configurator and OS X Server for Mavericks in the creation and distribution of e-mail, address book, calendar, document content and Apps.
Students will learn trusted deployment solutions for OS X Yosemite. Deploying software, ranging from the installation of individual files to the deployment of complete system images to multiple computers. Students then apply what they’ve learned to create a full deployment plan that includes testing, hardware and software deployment, auditing, and maintenance. The course also teaches students how to create a tiered Software Update server solution, as well as about third-party solutions to supplement tools provided by Apple. Students get hands-on experience in using tools such as Remote Desktop, Disk Utility, PackageMaker, Property List Editor, DeployStudio, WinClone, Munki, FileWave Lightning and System Image Utility and discuss the pros and cons of each for different deployment situations.
This course is a combination of lecture and hands-on case study exercises that provide practical, real-world experience.
Who Should Attend
This course is designed for system administrators and IT professionals who need to gain specific knowledge about directory services, security and deployment of iOS 7 and OS X Yosemite. Learn how to effectively configure OS X Mavericks computers to access directory services, and how to effectively configure OS X Server for Yosemite to provide and supplement directory services in a mixed-platform environment. This course is designed for system administrators and IT professionals who need to deploy large numbers of iOS and OS X Yosemite devices in an enterprise or educational environment
Prerequisites Students should have the following prerequisite knowledge prior to attending the course:
- Basic troubleshooting experience or OS X Yosemite 101
- Basic OS X Server for Mavericks experience or OS X Yosemite 201
Upon Completion Of This Course, You Should Be Able To:
- Understand the Local Directory Services on OS X Yosemite and OS X Server for Yosemite
- Bind your OS X Yosemite and OS X Server for Yosemite to Active Directory
- Configure OS X Yosemite to work with third party LDAP services
- Understand and use an Open Directory Master and Replica configuration
- Manage authentication and authorization for local and network users
- De-mystify the certificate process Understand the elements of a certificate
- Know how to obtain, use, and store certificates
- Understand the two basic mass deployment models
- Understand the difference between device backup and device sync and the associated operating system layers in iOS
- Know what can and cannot be managed
- Know how to use the Profile Manager 3 on OS X Server for Yosemite
- Understand primary deployment concepts Discuss OS X Yosemite file deployment considerations
- Understand OS X Yosemite installation technology
- Install Package Features and Deployment Explain Client Management Profile Manager 3
- Understand system image creation Discuss System Customization
- Understand System Image deployment Understand system maintenance concepts
Course Outline
Lesson 1
- Directory Services Overview History of Directory Services
- Identify terminology
- Discuss tools and processes
- Understand Logs and Troubleshooting Overview
Lesson 2
- Local Directory Services Overview and topology of local directories, the differences between OS X Yosemite Client and OS X Server for Yosemite
- Data store, data formats, data store locations
- Authentication; methods; encryptions; shadow hash files
- OS X Yosemite Client Configuration
Lesson 3
- Shared Directory Services LDAP
- RFC2307
- Configuring OS X Server for Mavericks to connect to existing Open Directory and Active Directory servers
- Configuring services to use Open Directory or Active Directory accounts
- Binding: Trusted vs. Untrust
- Encrypting via SSL
- Authentication
- Troubleshooting; Active Directory
- Authenticating to AD
- Client configuration; Dual Directory.
Lesson 4
- Replication and Archiving Replication Overview
- The Replication Process - slapconfig and slapd
- Configuring MultiMaster
- Locales.
Lesson 5
- Symmetric and Asymmetric Encryption Understand and apply symmetric encryption
- Understand the weaknesses of symmetric encryption
- Understand and apply asymmetric encryption
- Understand the weaknesses of asymmetric encryption.
Lesson 6
- Certificates and X.509 PKI Identify the elements of a certificate
- Generate an RSA private key
- Create and validate a self-signed certificate; Import and trust a self-signed root certificate.
Lesson 7
- Server Certificates Generate a CSR
- Obtain a signed certificate from a CA
- Validate a certificate from a CA
- Import a certificate into OS X Yosemite
- Export a certificate from OS X Yosemite
- Understand the weaknesses of the X.509 CA system.
Lesson 8
- S/MIME Certificates Obtain an S/MIME certificate
- Export and back up an S/MIME certificate
- Install an S/MIME certificate on iOS
- Validate a signed message.
Lesson 9
- Using Apple Configurator
- Create A Configuration Profile
- Export and Inspect the Configuration Profile
- Apply the Configuration Profile
- Configuring Email, Calendar and Address Book
- Create, Distribute, Install a Configuration Profile to Securely Connect to IMAP, CalDAV and CardDAV
- Enable trust for secure services
- Deploying Apps
- Deploying Apps via Apple Configurator
- Supervising Devices with Apple Configurator
- Set Apple Configurator Preferences
- Prepare Device for Supervision
- Configure Supervision Settings
- Create Users for device assignment
- Load Documents
- Check Out and Assign Devices
- Check In and Assigned Devices
- Deploying Paid Apps with Apple Configurator
- Supervision Settings
Lesson 10
- Understanding Profile Manager 3 Functionality to deploy configuration profiles for iOS 7
- Configuring Profiles using Profile Manager
- Enrolling Devices with Apple Configurator
- Prepare iOS Device for enrollment in MDM
- Enroll iOS Device in MDM
- Lock your iOS Device via MDM
- Remote wipe your iOS Device via MDM
- Apple Configurator: Backing up and restoring data
Lesson 11
- Deployment Planning and Concepts
- Planning hardware deployment logistics
- Planning usage management.
Lesson 12
- Deploying Individual Items, Containers, Scripting and Packaging OS X file deployment considerations
- Using archive files for deployment
- Using ARD 3 to deploy items
- Using disk images for deployment
- plist editing
- Understanding OS X installation technology
- Creating installation packages
- Using installation package actions, scripting, and snapshots
- Deploying and maintaining installation packages
- Third-party installation tools.
Lesson 13
- Understanding Profile Manager 3 Functionality to deploy configuration profiles for OS X Yosemite
Lesson 14
- Understanding system image creation
- Integrating systems with configuration profiles
- Customizing a system prior to imaging
- Preparing a system for image creation
- Creating a cloned system image with Disk Utility
- Using System Image Utility to create Network Install and NetRestore images.
Lesson 15
- Understanding System Image deployment
- Understanding the NetInstall service
- Configuring the NetInstall service
- Configuring clients to boot with a network disk image
- Monitoring and troubleshooting the NetInstall service
- Deploying system images with NetRestore
- Configuring ASR network multicast
- Deploying systems with NetInstall
- Using System Image Utility workflow actions
- MDM and Configuration Profiles, and post-imaging considerations
- Install and Configure DeployStudio Server
- Creating Workflows and Editing Workflows
- Automating Workflows with Computer Groups
- Creating and Deploying Windows Dual Boot Images
- Configuring Workflow Permissions
- Self Service
- Munki Managed Software Installation
Lesson 16
- Understanding system maintenance concepts
- Using Apple tools for system maintenance
- Using the Apple Software Update Server
- Using the Apple Caching Server
- Third-party system maintenance tools.