franton/CIS-Apple-Security-Casper franton/CIS-Apple-Security-Casper

  • Stars
    star
    135
  • Rank 269,297 (Top 6 %)
  • Language
    Shell
  • Created over 8 years ago
  • Updated over 6 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
franton/CIS-Apple-Security-Casper
github

franton

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Basic examples of scripts and EA's to implement the CIS Apple Security guidelines

CIS-Apple-Security-Casper

Basic examples of scripts and EA's to implement the CIS Apple Security guidelines for macOS 10.12 only! (some changes between 10.12 and earlier versions).

Think of this as a reference implementation. There are plenty things in CIS that can be done more readily with configuration profiles, some things that are ... contradictory and others that may not even be relevant to your needs. I'm not convinced 100% compliance is the way to go and allow people to be able to work.

Not everything in CIS is implemented here. This is partly due to some standards being implemented by profiles and others being out of date and effectively deprecated.

More Repositories

1

JSS-In-A-Box

The Casper Suite setup script
Shell
51
star
2

Mac-Patcher-and-Upgrader

A way of doing application and macOS updates while prompting the end user. Think patchoo but a lot more modern.
Shell
43
star
3

Extension-Attributes

These are the various extension attributes I use in Casper
Shell
25
star
4

Crowdstrike-API-Scripts

A collection of handy scripts to run via an MDM for Crowdstrike.
Shell
21
star
5

SwiftDeploy

Zero touch deployment method for Jamf Pro and SwiftDialog
Shell
18
star
6

JSS-Config-In-A-Box

JSS config migration script via API
Shell
17
star
7

MacMini-Server-AutoBuildScript

Script for an automated build of an OS X Casper Distribution Point
Shell
16
star
8

Remove-AV

Various scripts to force remove various AV products on macOS
Shell
13
star
9

BeyondTrust-Remote-API-Scripts

Shell
12
star
10

Xcode-Scripts

Handy scripts for Xcode
Shell
10
star
11

Set-DNS-info

Recursively sets the DNS settings for a specified network interface
Shell
10
star
12

JNUC-2022

Repo from my JNUC 2022 talk on "Almost" Zero Touch deployment
Shell
8
star
13

Set-Desktop-Background

Script to set OS X desktop background
Shell
7
star
14

Create-ICNS

Processes a sample .png file into an .icns file suitable for many projects.
Shell
7
star
15

WiFi-Scripts

A collection of various Wifi based scripts
Shell
7
star
16

Set-Authorised-SSH-Users

Sets authorised SSH user / user groups
Shell
6
star
17

Add-Users-as-Admin-JSS

Takes the output from a Casper extension attribute and adds them (if present) to the local admin user group.
Shell
6
star
18

Hello-IT-Scripts

Scripts to use with ygini's Hello IT
Shell
5
star
19

2017-SC-Talk

5
star
20

Migrate-Local-User-to-AD

Shell
5
star
21

JNUC-2024

5
star
22

VMWare_Fusion

Shell
4
star
23

Mount-Network-Share

Mounts a network share based on specified parameters
Shell
4
star
24

Policy-Scripts

Shell
4
star
25

Bootcamp-Selector

Script to be run as part of your Casper bootstrapping workflows to install a specific bootcamp image to a computer.
Shell
4
star
26

Fix-Home-Folder-Permissions

Self Service script to fix home folder permissions.
Shell
4
star
27

McAfee-Agent

This script can be used to either freshly install or upgrade the ePo agent on OS X clients.
Shell
4
star
28

Maya-Postflight-Installer

Script to manually install Maya and other Autodesk tools as part of a postflight pkg
Shell
3
star
29

Reset-Local-Admin-Password

Script to update a local admin account's password
Shell
3
star
30

Create-FV2-Only-User

Proof of concept script to create a user account based on a smart card login for FileVault 2 login purposes.
Shell
3
star
31

Add-User-Info-to-Inventory

Programs the computer inventory record in Casper with the current user's AD details.
Shell
2
star
32

Temporary-Remote-VNC-Access

Script to enable/disable VNC access and another to view only access that computer
Shell
2
star
33

Clear-Non-Local-Admin-Accounts

Runs on logout. Clears all non specifed accounts off a computer per our Open Access Policy
Shell
2
star
34

JSS-API-Wipe

Wipes a JSS server via it's API
Shell
1
star
35

Detect-USB-Stick

Run on logout. Detects if a USB device has been left attached to the computer and throws a warning.
Shell
1
star
36

Add-JSS-User-to-Group

Shell
1
star
37

Zen-and-the-Art

Zen and the Art of "borrowing" work - MacAdUk 2016
1
star
38

Oxford-University-Challenge

The interview challenge from Oxford University
Shell
1
star
39

Remove-Users-From-Admin-JSS

Shell
1
star
40

Go-Green

This script (run at a certain time) powers down a computer for environmental reasons
Shell
1
star
41

Centrify-AD-Bind

Shell
1
star
42

Mac-Name-Changer

Script to change the computer name on a mac. Meant to be run as a Casper Self Service policy.
Shell
1
star
43

Energy-Saver-Policy

Sets a computer Energy Saving Policy depending on specified parameter
Shell
1
star
44

Set-Ignore-Drive-Ownership

Self Service script to quickly set all attached drives to ignore ownership
Shell
1
star