Adding Mac Support, Part 3: Alphabet Soup

One difficult part of taking on a new role, especially a technical one, is learning all the jargon. Listening in on a conversation among specialists in any field you’re not intimately familiar with can be highly confounding. It sounds like they’re speaking English. At least some of the words are English, but you’ve never heard them put together in that particular order before.
I heard someone mention SMB and SME? Is that a Small to Medium Business or Small/Mid-sized Enterprise? Or are you a Server Message Block Subject Matter Expert? Or are you discussing the Super Mario Brothers Structure Mapping Engine?
And if you’re tempted to join the conversation, the typical assumption will be that your knowledge of the subject is as limited as your vocabulary. While that may be accurate in some situations, it’s still not nice. So, in order to help out the budding Mac admins and MSP techs following this blog series, I have put together some terms, acronyms, jargon, and the odd custom you might encounter when mixing with the old-timers and veteran Apple enthusiasts.
Shibboleths and Secret Handshakes
The first “tell” that trips up many an ambitious Apple admin is confusing a Mac with a MAC.
This is a MAC: 88:66:5a:36:5b:a7. That is a Media Access Control address. Every network device has one, or several. Even a Mac, which is short for Macintosh, the line of computers Apple made after the Apple II and Lisa lines. Today, there is no “-intosh”; only the Mac remains.
The Mac’s operating system is macOS. The legacy of the name is a jumble of iterations with spaces, no spaces, upper- and lower-case letters, and Roman numerals. But if it’s a Mac, it’s not running iOS. iOS is for iPhones. iPads run iPadOS. Apple Watch runs watchOS. Apple TV—the physical box, not the streaming service—runs tvOS. Just remember, Macs run macOS. If you tell a customer there’s an iOS update for their MacBook Pro, you’ll get funny looks.
Speaking of macOS, it’s okay to refer to the current version of the OS as either “Monterey” or macOS 12. In casual conversation, you might even hear “Monty” thrown around. Version numbering is still necessary for compatibility checks and keeping up with what’s in beta versus release, but ever since Apple started using the project codenames in their marketing—first various species of big cat, then California landmarks—the numbers have been secondary.
Alphabet Soup
Occasionally, I’ll sit in on a conversation about security and data protection with Head Security Nerd Lewis Pope, and the compliance acronyms start flying: NIST, CIS, GDPR, FedRAMP? So, I can sympathize with the novice Mac admin following a presentation about managing Apple devices.
Like modern cybersecurity, Mobile Device Management (MDM) comes with its own lexicon of initialisms.
In order to automatically deploy MDM out-of-the-box with a new Mac, the Mac’s serial number must be enrolled in Apple Business Manager (ABM) or Apple School Manager (ASM). These are the business and educational updates to Apple’s previous Device Enrollment Program (DEP), and sometimes referred to as Automatic Device Enrollment (ADE, or more often still DEP).
For existing machines, including iOS (and iPadOS and tvOS) devices, an MSP can provide an enrollment profile the end user then installs and approves. This user-approved MDM (UAMDM) differs from a DEP enrolled MDM in that the Mac can be un-enrolled later. Automatic enrollment is bound to the hardware, so it can’t be removed by the user, even if they wipe the machine. In either case, only one MDM can manage a Mac at a given time. Like the Highlander: “there can be only one”.
The N‑able Apple Device Management (ADM) platform can manage customer devices automatically enrolled in ABM or provide the necessary pieces to manually enroll devices. To get started, an MSP needs to create an Apple Push Notification Service (APNS) certificate. APNS is the protocol that ADM will use to send commands to the managed devices, deploy configuration profiles, etc. (Read more here: https://documentation.n-able.com/remote-management/userguide/Content/Mac_Device_Management.htm)
One of the principal uses of ADM is to deploy profiles with a Privacy Preferences Policy Control (PPPC) payload to manage the Mac’s Transparency Consent and Control (TCC) security framework. The TCC framework restricts what an application is allowed to access without prior approval, and the PPPC profile provides that approval for various types of activities. The user will still need to manually approve certain privacy controls, like access to camera and microphone. (I covered this, and even more acronyms in some detail here: https://www.n-able.com/blog/the-myth-of-the-missing-mac-malware-part-1)
Talking the Talk
Just a few more:
An entire blog post could be dedicated to the hardware differences new Mac users have to get used to. For instance, there’s not much call for the Control key on a Mac keyboard, at least not since Mac mice and trackpads transitioned from having one button to zero. Seamlessly employing multitouch gestures like the two-finger right-click are a sign you belong. And when you refer to keyboard shortcuts, instead of Control (Control+C to copy, Control+V to paste) the Mac equivalent will probably use the Command key. Sometimes I’ll slip up and call it the Apple key, because it used to have an Apple icon on it instead of the Swedish campground cloverleaf symbol it has now. No, really. It’s the symbol for a campground: https://www.folklore.org/StoryView.py?project=Macintosh&story=Swedish_Campground.txt
I spend a lot of my time in Terminal, the app used to access the Mac’s command line interface. Windows’ equivalent is the Command Prompt, or the seasoned PC user may call it a DOS prompt. Don’t call the Mac’s command line “DOS”. Just don’t.
When old-timers like me refer to “the Mothership”, that’s Apple corporate. Not just the physical campus, but often the company itself. Someone may brag about when they worked at the Mothership, or might “visit the Mothership” for the annual World Wide Developer Conference (WWDC, or sometimes just “Dub Dub”). The name has been around far longer than the new UFO-like headquarters, but it has taken on a new significance now that Apple’s HQ looks like it could actually reach orbit.
We don’t have an actual secret handshake, and if we did, I wouldn’t be allowed to tell you.
© N‑able Solutions ULC e N‑able Technologies Ltd. Todos os direitos reservados.
Este documento é fornecido apenas para fins informativos e não deve servir de base para aconselhamento jurídico. A N‑able não oferece nenhuma garantia, expressa ou implícita, nem assume qualquer responsabilidade legal ou responsabilidade pela precisão, integralidade ou utilidade de qualquer informação nele contido.
As marcas N-ABLE, N-CENTRAL e outras marcas registradas e logotipos N‑able são de propriedade exclusiva da N‑able Solutions ULC e da N‑able Technologies Ltd e podem ser marcas legais comuns, registradas ou de registro pendente com o Escritório de Marcas e Patentes dos EUA e com outros países. Todas as outras marcas comerciais mencionadas neste documento são usadas apenas para fins de identificação e são marcas comerciais (e poderão ser marcas registradas) de suas respectivas empresas.