I am almost done with the LinkedIn Learning course Prepare for the Apple Certified Support Professional macOS 11 Exam and also testing on a macOS 12 Monterey VM on VMware Workstation Player (I cannot document how I did this, in this post). I'll answer my own questions from my original post and summarize some things I learned below.
1. Is there any native functionality like Windows AD Group Policy? If not, what about third-party tools?
- Preferences (.plist files) are used to configure settings. There are .plist files for the local computer and individual users, for example. This is native to macOS.
-- As an example, the Dock (like the taskbar in Windows) has it configuration settings in /Users//Library/Preferences/com.apple.dock.plist for each user.
- There used to be macOS Server which had Profile Manager to manage settings on multiple Macs. Both are now end of life and Apple recommends using an MDM solution.
- Regarding MDM solutions, Jamf and Hexnode are two that seem decent.
- You can also use the Apple Remote Desktop app for systems management. It's kind of like a lower-end SCCM tool. You would install the app on the Mac that will be used as your "management console."
2. Can settings such as the system login background picture or user desktop wallpapers be enforced with native tools? Are there shell commands for these? If not, what about third-party tools?
- I have not found anything obvious or simple for this, using native tools. From what I have researched there is no Apple supported method to change the login background picture. Possibly, some third-party MDM solutions may be able to do this.
3. Is there such a thing as a login script? If yes, where is it located?
- There is something called Login Items for each specific user. It can be used to open up files or apps after the user logs in. I have not tested if it can execute a shell script.
- Barney-15E mentioned LaunchAgent but I have not researched this.
4. What are some good references for shell commands?
- macOS is based on BSD Unix so most standard *nix shell commands will work. I have not found many that are exclusive to macOS but two that do come to mind are tmutil for Time Machine and diskutil for Disk Utility.
5. Besides the GUI and shell, is there anything like the registry for configuration?
- See above regarding .plist.
The more I learned about macOS, the more similarities I saw with Windows and I still prefer Windows. I don’t see any compelling reason to use a Mac. It has been several years now where CPUs are way more powerful than most users would ever need so the belief that certain programs run faster on Macs, I don’t think is relevant now. Perhaps if someone is running high-end professional video editing tools that may be the case, but for an average student or worker, any Windows-based computer is more than sufficient for their needs. Now Macs have the proprietary M1 chips which supposedly are more powerful than Intel but what is the point of having all that power?
As for style and size, something like the Dell XPS laptops seem stylish, come in different colors, and are thin and lightweight so I don’t see a MacBook being much more superior. MacOS the operating system does have these features which I think are superior to Windows:
- More secure (but not by much). For example, macOS 12 Gatekeeper is much more locked down than Windows 11 UAC. One thing that macOS does not do is enforce password complexity and I don’t see an option to enforce that.
- If users only install apps from the App Store, they're almost guaranteed to be malware free and stable so because of that I can see that macOS could crash and freeze up less than Windows (like iPhone/iOS compared to Android). While Windows does have code signing, it’s not as integrated (if at all) with UAC (at least not by default from what I know).
- The app sandboxing feature, I’m not aware of any equivalent in Windows.
All comments above are based on my current knowledge of Macs and macOS. I have been a Windows sys admin for 20+ years and only started digging into macOS earlier this month.
