Managing Mac’s using Parallels: Introducing version Three

In previous article about the Parallels SCCM plugin, I mentioned that version 3.0 was going to be out soon, and with it some new features. Those new features have come, so this post will be a brief introduction to those features.

FileVault v2

One of the big features is the ability for the SCCM plugin to now hold FileVault encryption keys. FileVault is similar to BitLocker on Windows – it can do full disk encryption on Mac’s. This can be of huge benefit to large enterprises. It now allows for the recovery of these keys should the end user ever lose them. This is similar to allowing BitLocker keys to be stored in Active Directory.

There are two methods for doing FileVault with the SCCM plugin. The first method is creating an institutional key. With this method, the administrator creates a Keychain file with the recovery key. This recovery key can then be used to decrypt any Mac in the environment. It is vital to keep this key safe, because it will have the ability to decrypt any Mac in the environment.

The second method is for the Mac’s personal key to be stored in the SCCM database. When the device is encrypted, its personal key can be sent to the SCCM database. From there, the administrator can recover it. Using this method has its own draw backs. The key is viewable from the device properties menu for the Mac in the SCCM console. This means that you must be carefully about setting permissions, or these keys will be viewable by anyone with SCCM console access.

FileVault properties are set using Compliance Settings – just like the rest of the Mac configuration settings. Here is what the options will look like:

1

Configure the settings according to your organization’s standards.

HTTPS Support

The second feature added to version 3 of the Parallels plugin is the ability to use HTTPS for client communication. This allows for secure communication from the client to the primary server. You can also manage clients on the Internet. The features that it enables are the same for Windows computers. This is more advanced install of SCCM, and requires a certificate authority (CA) tied to your Active Directory. The setup is the same as if you are doing it for Windows.

Disclaimer

All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistant.

Share:

Facebook
Twitter
LinkedIn

Contact Us

On Key

More Posts

Mastering Azure AD Connect - A Comprehensive Guide by WME
Active Directory

Mastering Azure AD Connect – A Comprehensive Guide

Modern businesses are fast moving toward cloud-based infrastructure. In fact, cloud-based business is not just a trend anymore but a strategic necessity. Microsoft’s Azure Active Directory (Azure AD) has become a frontrunner in this domain. It

Read More »
Security Best Practices in SharePoint
Office 365

Security Best Practices in SharePoint

Microsoft SharePoint is an online collaboration platform that integrates with Microsoft Office. You can use it to store, organize, share, and access information online. SharePoint enables collaboration and content management and ultimately allows your teams to

Read More »
The Ultimate Guide to Microsoft Intune - Article by WME
Active Directory

The Ultimate Guide to Microsoft Intune

The corporate world is evolving fast. And with that, mobile devices are spreading everywhere. As we venture into the year 2024, they have already claimed a substantial 55% share of the total corporate device ecosystem. You

Read More »
Protecting Microsoft 365 from on-Premises Attacks
Cloud Security

How to Protect Microsoft 365 from On-Premises Attacks?

Microsoft 365 is diverse enough to enrich the capabilities of many types of private businesses. It complements users, applications, networks, devices, and whatnot. However, Microsoft 365 cybersecurity is often compromised and there are countless ways that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.