Generate Azure Blob Storage account authentication headers for Munki

Related tags

Miscellaneous macos mac azure azure-storage macadmin macadmins munki blob-storage
Overview

Azure Blob Storage Authentication for Munki

The Azure Blob Storage Middleware allows munki clients to connect securely, and directly to a munki repo hosted in an Azure Blob Storage account.

Description

This module is meant to plug into munki as a middleware. https://github.com/munki/munki/wiki

The script will generate the required http headers to interact with an protected Azure blob storage account. Inspired by S3-Auth (https://github.com/waderobson/s3-auth)

MS reference docs for Storage REST API Auth and interaction https://docs.microsoft.com/en-us/azure/storage/common/storage-rest-api-auth

Configuration

Defaults must be in place (replace with your account and example assumes containername = munki):

sudo defaults write /Library/Preferences/ManagedInstalls SoftwareRepoURL 'http://yourstorageaccount.blob.core.windows.net/munki'
sudo defaults write /Library/Preferences/ManagedInstalls StorageAccountKey 'XXX'

Configuration via MDM

SoftwareRepoURL
http://yourstorageaccount.blob.core.windows.net/munki
StorageAccountKey
XXX

Check my macOS GitHub repo for a sample MDM .mobileconfig file.

Location

copy to '/usr/local/munki/middleware_azure.py'

Permissions

sudo chown root /usr/local/munki/middleware*.py
sudo chmod 600 /usr/local/munki/middleware*.py

Debugging

log files for munki are stored here:

/Library/Managed Installs/Logs/

If required set LoggingLevel higher than 1 e.g. 2 or 3

sudo defaults write /Library/Preferences/ManagedInstalls LoggingLevel -int 3

Further reading

If you are interested in a blog article detailing a bit more of the middleware in action with Microsoft Intune then have a look here:

https://oliverkieselbach.com/2021/07/14/comprehensive-guide-to-managing-macos-with-intune/

You might also like...
Connect Playground - easy way to fill in your account with production-like objects

Just set of scripts to initialise accpunt with production-like data: A - Basic Distributor Account Initialization INPUT Distributor Account Token ACTI

CloudBlue 5 Jun 25, 2021
Make your Discord Account Online 24/7!

Online-Forever Make your Discord Account Online 24/7! A Code written in Python that helps you to keep your account 24/7. The main.py is the main file.

SealedSaucer 0 Mar 16, 2022
Account Manager / Nuker with GUI.
Account Manager / Nuker with GUI.

Account Manager / Nuker Remove all friends Block all friends Leave all servers Mass create servers Close all dms Mass dm Exit Setup git clone https://

Lodi#0001 1 Oct 23, 2021
BinCat is an innovative login system, with which the account you register will be more secure.
BinCat is an innovative login system, with which the account you register will be more secure.

BinCat is an innovative login system, with which the account you register will be more secure. This project is inspired by a conventional token system.

Hipotesi 2 May 22, 2022
You can easily send campaigns, e-marketing have actually account using cash will thank you for using our tools, and you can support our Vodafone Cash +201090788026

*** Welcome User Sorry I Mean Hello Brother ✓ Devolper and Design : Mokhtar Abdelkreem ========================================== You Can Follow Us O

Mo Code 1 Nov 3, 2021
An account generator for guilded.gg that I made a while back and decided to bring back up
An account generator for guilded.gg that I made a while back and decided to bring back up

An account generator for guilded.gg that I made a while back and decided to bring back up

null 8 Nov 17, 2022
A working roblox account generator it doesnt bypass the capcha stuff cuz these didnt showed up in my test runs
A working roblox account generator it doesnt bypass the capcha stuff cuz these didnt showed up in my test runs

A working roblox account generator (state 11.5.2021) it doesnt bypass the capcha stuff cuz these didnt showed up in my test runs

TerrificTable 22 Jan 3, 2023
Darkflame Universe Account Manager

Darkflame Universe Account Manager This is a quick and simple web application intended for account creation and management for a DLU instance created

null 31 Nov 29, 2022
FBChecker Account using python , package requests and web old facebook

fbcek FBChecker Account using python , package requests and web old facebook using python 3.x apt upgrade -y apt update -y pkg install bash -y pkg ins

XnuxersXploitXen 5 Dec 24, 2022
Comments
  • What is AzureEndpoint?

    What is AzureEndpoint?

    https://github.com/okieselbach/Munki-Middleware-Azure-Storage/blob/0eb5da968aa82e45439aa5d3bb701d953b4e9404/middleware_azure.py#L71

    I'm curious what AzureEndpoint refers to in this line. Is that a pref you have set?

    opened by patgmac 1
Owner
Oliver Kieselbach
Microsoft MVP - Enterprise Mobility
Oliver Kieselbach
GitHub https://oliverkieselbach.com/2021/07/14/comprehensive-guide-to-managing-macos-with-intune/
Expose multicam options in the Blender VSE headers.

Multicam Expose multicam options in the Blender VSE headers. Install Download space_sequencer.py and swap it with the one that comes with the Blender

null 4 Feb 27, 2022
A Bot Which Can generate Random Account Based On Your Hits.

AccountGenBot This Bot Can Generate Account With Hits You Save (Randomly) Keyfeatures Join To Use Support Limit Account Generation Using Sql Customiza

DevsExpo 30 Oct 21, 2022
Enjoy Discords Unlimited Storage

Discord Storage V.3.5 (Beta) Made by BoKa Enjoy Discords free and unlimited storage... Prepare: Clone this from Github, make sure there either a folde

null 0 Dec 16, 2021
The fastest way to copy to (not from) high speed flash storage.

FastestCopy The fastest way to copy to (not from) high speed flash storage. This is about 3-6x faster than file copy on explorer.exe to usb flash driv

Derek Frombach 0 Nov 3, 2021
Placeholders is a single-unit storage solution for your Frontend.

Placeholder Placeholders is a single-unit file storage solution for your Frontend. Why Placeholder? Generally, when a website/service requests for fil

Tanmoy Sen Gupta 1 Nov 9, 2021
ioztat is a storage load analysis tool for OpenZFS

ioztat is a storage load analysis tool for OpenZFS. It provides iostat-like statistics at an individual dataset/zvol level.

Jim Salter 116 Nov 25, 2022
This Open-Source project is great for sensor capture and storage solutions.

Phase 1 This project helps developers in the creation of extended realities that communicate with Arduino and require the security of blockchain stora

Wolfberry, LLC 10 Dec 28, 2022
Project 2 for Microsoft Azure on WUT

azure-proj2 Project 2 for Microsoft Azure on WUT Table of contents Team Tematyka projektu Architektura Opis rozwiązania Demo dzałania The Team Krzyszt

null 1 Dec 7, 2021
Frappe app for authentication, can be used with FrappeVue-AdminLTE

Frappeauth App Frappe app for authentication, can be used with FrappeVue-AdminLTE

Anthony C. Emmanuel 9 Apr 13, 2022
A python script providing an idea of how a MindSphere application, e.g., a dashboard, can be displayed around the clock without the need of manual re-authentication on enforced session expiration

A python script providing an idea of how a MindSphere application, e.g., a dashboard, can be displayed around the clock without the need of manual re-authentication on enforced session expiration

MindSphere 3 Jun 3, 2022