@jwojda][/url, yes, as above, it alters the "/Library/Preferences/com.apple.SoftwareUpdate.plist" with a CatalogURL. If you nuke that, you kill access to the Betas. Of course you also need the Apple ID in the App Store that you signed up with (for the beta) but I think the Profiles method will work so far...that was posted up last night...

Anyone confirm yet if MCX also does the trick? We force our managed Macs to point to an internal SUS, but we use MCX, not Config Profiles for that. Hopefully it works the same way. I agree this is a very odd decision on Apple's part to open this to every Joe regular user. Not sure what they're doing here.

Although I really hate using profiles, this enforcing the default ASU URL seemed to do the trick. Even after reinstalling the PKG that affects the plist, the test user could still only see non-beta updates.

@ryway09 I'm still a bit new to Casper and setting up profiles (not something we are really planning on enforcing, as we allow users to self-adminster) … could you possible share what you configured for this? And what the URL of the default ASU is?

"What would be the correct address to use to point to Apple's Software Update URL, but not to the beta seed's catalogURL?"

For Mavericks machines, that would be:

http://swscan.apple.com/content/catalogs/others/index-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog

Other OSes use different CatalogURLs. There is a list here:

https://github.com/wdas/reposado/blob/master/docs/reposado_preferences.txt#L40

FWIW

http://donmontalvo.com/jamf/jamfnation/IRC/freenode-osx-server_2014-04-23.jpg

external image link

Direct link:

http://osx.michaellynn.org/freenode-osx-server/freenode-osx-server_2014-04-23.html

Thanks (?), Don.

@gregneagle Valid concern, every so often threads cross the line, worth reminding everyone here (and IRC).

The Apple Public Beta is all over the internet. I don't think anyone here has really done or said much that crosses the line so far. It's always good to remind folks of the NDA's, so that is fine.

@boettchs Agreed.

Revealing the configuration changes made by Apple's utility does amount to releasing info covered under the NDA, IMHO. Otherwise, Apple would just publicly post those changes, no?

@gregneagle][/url It's discussed openly and widely on the IRC, no?

http://osx.michaellynn.org/freenode-osx-server/freenode-osx-server_2014-04-23.html

Well, an admin revealing how they removed a client's Mac from a public beta on a company owned Mac would be safe as they did not agree to an NDA covering such a program. I do not belong to the public beta and I'm just posting what I found. I know how the SUS works, so I found the info. I think I'm safe :)

I see, so some discussion was posted about a utility from Apple that deploys a plist change, which anyone with an Apple ID and a Mac running 10.9 can also obtain for $0.00…
I'm trying hard to find the "amazing" amount of violations going on there.

But this is OK? Come on fellas (and gals). We're not divulging secrets of a public beta OS, we're talking about keeping clients from hosing Macs by modifying a plist.
...
16:50:45 UTC] gneagle: MS can't complain -- they caused the need in the first place.
[16:51:10 UTC] hfike: and if MS does get mad at me…throw gneagle 's larger install base under the bus!
[16:51:34 UTC] gneagle: "We didn't expect our Volume Licensed software to be installed with an automated process!"
[16:52:06 UTC] gneagle: "We thought everyone just ran around and double-clicked on icons"

Sure it's OK. I have a volume-licensed install of Microsoft Office. I'm installing Microsoft Office on machines covered by that license. I'm working around an issue with Microsoft's installation packages. I am not violating the terms of the license.

"I see, so some discussion was posted about a utility from Apple that deploys a plist change, which anyone with an Apple ID and a Mac running 10.9 can also obtain for $0.00…"

After agreeing to an NDA.

Noting that the utility modifies the CatalogURL would not violate the NDA. Revealing the contents of that modification does (IMHO) violate the NDA, as it then provides enough info for people who have NOT agreed to the NDA to access the public beta.

Ah, but I'd wager if you broke down the MS SLA it would talk about not reverse or re-engineering their software. Look, I'm not trying to bust anyone's chops, I think everyone here takes the NDA's seriously. But the histrionics over NDA breakage here are unwarranted. My 2¢
You can take all the info posted here and have not been part of any Apple NDA. That's a fact.

Noting that the utility modifies the CatalogURL would not violate the NDA. Revealing the contents of that modification does (IMHO) violate the NDA, as it then provides enough info for people who have NOT agreed to the NDA to access the public beta.

Ah, but the modified CatalogURL is nowhere to be seen here. If it were, I'd agree. But also, it's two-part. The Mac would need a matching Apple ID (having joined the beta) to actually download anything.

No histrionics. Just don't reveal information that is not yours to reveal. I have not revealed the contents of my com.microsoft.office.licensing.plist file. Doing that would be a clear violation of our org's agreement with Microsoft.

Same goes with our agreements with Apple.

It was posted up above, and then redacted. Its the only "real" violation on this thread and it was pulled already. Also just checked Google's cache for this thread and it has only captured the very first post so far, so no-one searching the cache after the fact can find that info here anymore. The only people who would have it now are those signed up for email notifications per post as I have and others. If you receive a digest you likely will not see it there.
Seems overall pretty minor to me. Not saying it wasn't "a" violation, but lets try not to exaggerate things shall we?

Great that it was removed! My comments about NDA violation were made before it was removed.

Ah, never saw that it was posted. I get the email digests, but I didn't catch that. Indeed, that was not needed here and glad it's gone.

*Edit: Yup it's in the emails. It was not needed to talk safely about this issue and the fixes. So good that it was removed!

I think everyone understands @gregneagle brings up a valid concern, we need to be careful what we post here, and on ##osx-server IRC:

http://osx.michaellynn.org/freenode-osx-server/

and everywhere else that's publicly accessible.