top of page

United Force Tech Blog

Glossary of Apple Terms

  • Monolithic image: An operating system image that comes complete with all of the software that is required for a computer to function.

  • Package-based image: An operating system image that is compiled based on packages and/or has a number of post-imaging tasks to install packages.

  • Thin image: An image that has no changes from what comes from the factory from Apple, or that only contains a binary to enroll into a device management solution, such as the Casper Suite.

  • Package: Installs software on a Mac. Similar to a software installer/package on Windows. There are multiple types of packages, including flat packages and metapackages. The package comes with script that can be run before and after a payload, as

  • FileVault: Built-in Full Disk Encryption (FDE) tool for Mac. Similar to BitLocker for Windows.

  • Pre-Flight and post-flight scripts: Scripts you plug into a package that run before and after the payload of a package is delivered. A package that is just scripts with no payload is known as a payload free package.

  • Regression Testing: Scripted and automated tests to validate that your packaged software works as intended in different installation regressions.

  • DEP (Device Enrollment Program): A program from Apple to automatically enroll devices into a Mobile Device Management (MDM) solution. Once enrolled, the Casper Suite can deploy our binaries to a device and therefore get native and in depth management.

  • VPP (Volume Purchase Program): Allows an organization to buy apps for Apple IDs or devices and automate the installation of those apps for OS X and iOS via a Mobile Device Management (MDM) solution.

  • Enrollment: Refers to the process of adding an iOS or OS X device to a Mobile Device Management (MDM) solution. This is an agent-less process as it leverages an API from Apple for managing Apple devices.

  • Supervision: iOS device term, refers to further in-depth management of a device that’s owned by an organization once the organization has proven that it owns a device by either plugging the device into Apple Configurator or deploying a device via DEP. This term comes up in OS X; however, an OS X device can invoke a root account (or an admin account) and so it’s important to note that the root account can disassociate from management and therefore cannot be supervised.

  • Managed Preferences: Also known as MCX. Managed Preferences are the legacy way of implementing policies on users, groups, and devices. The Managed Preferences framework is still used in OS X; however, Apple best practices are that Managed Preferences are now interfaced with through profiles rather than through directory services.

  • Native apps: Apps that are written for OS X, rather than accessed through a thin client such as Citrix or a web browser.

  • The App Store: Apple provides the App Store for iOS and the Mac App Store for OS X. Can be challenging to integrate en masse without MDM, but easier with MDM as you don’t have complex packaging tasks.

  • iCloud: Apple’s consumer cloud service, used to provide access to mail, contacts, calendars, and file storage. iCloud is also used for consumer tracking of devices and Apple’s Activation Lock.

  • Apple ID: A unique identifier based on an email address that a user uses to acquire content (apps, music, videos, iBooks). Each Apple ID is also used to access other services, such as Apple forums.

  • Short Name: The username on a Mac, similar to an account ID in Active Directory or on a local Windows computer (e.g. joe). There is also a long name, which can have spaces in the name (e.g. John Doe). Computers and groups can also have two names of the same sort.

  • Binding: The process of joining a Mac to an Active Directory domain. Once the Mac has been joined to the domain it is referred to as “bound.”

  • AFP: Apple File Protocol. The native file sharing protocol for Mac. Is being slowly replaced with SMB, now that there’s full SMB/DFS support for the Mac.

  • Defaults domains: Windows has a registry. OS X uses property lists stored in /Library/Preferences and ~/Library/Preferences to load settings into this structure, similar to a registry. Managed preferences edit these domains and can restrict them from being changed when needed.

  • Property list: In

  • AppleScript

  • bless

  • Launch Daemon – The services control function for OS X. In Windows, you have services, in OS X and other *nix based Operating Systems you have daemons. Launchd is the daemon that calls other daemons and controls these services in OS X.

  • home directories (home folders)

  • Portable home directories: Synchronizing user data with a directory on a server. The OS X equivalent of a Windows Roaming Profiles. OS X also supports network home directories, synonymous with Windows folder redirection.

  • Keychain: Encrypted disk images that contain stored passwords, notes, and certificates. Similar to Credentials Manager in Windows.

  • Login hook: A way to run a script at startup. Similar to a login script for Windows.

  • System Integrity Protection (SIP): New in El Capitan (10.11), restricts a user from being able to edit an operating system on a Mac.

  • NetBoot: Similar to PXE booting on Windows, forces a computer to boot to a network disk so that the volume is not in use and can therefore be imaged to. Like PXE booting, Netboot does not traverse subnets without an IP helper, an architectural option that will need to be addressed with every company as a part of a reimaging solution.

  • Application signing: Adding a signature backed by a certificate to all apps that are opened and packages that are installed.

  • Gatekeeper: Mac security feature that forces application signing for any apps opened.

  • Profiles: An XML file that pushes settings and commands to a Mac. Includes things like restricting what passwords can be used, can install printers and fonts, deploy Wi-Fi networks (including 802.1x), and can join a Mac to an Active Directory domain.

  • Mobile Device Management (MDM):

  • Push notifications: Technology that allows for pushing changes to Macs immediately. Includes things like Email, but also extends to user preference management. For example, immediately push a user’s Dock to the right side of the screen.

  • User templates: A folder structure that allows you to populate new user accounts with items on the Desktop, in the Documents, printers, preferences, etc.

  • Symbolic link: Like a shortcut on Windows, but on a Mac.

  • bash, python, perl, and ruby are common scripting languages, similar to Powershell on Windows

  • Build train: Apple’s OS revisions follow a numbering schema.

  • kext: the equivalent of a driver in Windows, is used to add functionality for hardware that does not come with the base operating system. It is important to consider that because Apple makes the hardware and the operating system, all drivers that are necessary for all supported models of an operating system are included in the latest build, or version, of that operating system. Therefore, you will not need more than one image for a given major operating system release.

  • Dock: The bar of icons at the bottom of the screen on a Mac that allows quick access to common applications and documents.


Mac OS X Applications


HideAUser is a little tool for hiding a user. Once run, the loginwindow of Mac OS X will not show the user(s) specified. For multiple users, simply type the short name of each seperated by a space. Then attempt to login and see if the list shows the user you indicated not to show.

Click Here to Download HideAUser


AppleSetupRedux is a simple utility for resetting a system back to a factory-type state. Once run, on the next reboot, the Apple Setup Assistant will run so that you can distribute the machine to customers or whatever you might want to do with a machine where the Setup Assistant runs again.

Click Here to Download AppleSetupRedux


Wrote a quick little tool for mounting accounts to the Finder of Mac OS X. This allows you to interact with the service as you would a MobileMe account or a file server. The tool connects to over WebDAV and so you will need to provide you username and password (which can be saved into your Keychain) for your account with each login. However, you can put the tool into your startup items, login items, etc. Future releases might include the ability to store your credentials so you don’t have to provide

Hide a user account in macOS

If you need to assist a user, but don't want them to see your user account when they log in, learn how to hide a user account on the macOS login window.

This article is intended for system administrators. If you believe this issue affects you, contact the system administrator for your business or school.

Hide a user account in the macOS login window

1. Log in as an admin user.

2. Use this Terminal command. Substitute the short name of the user that you want to hide for “hiddenuser”:

sudo dscl . create /Users/hiddenuser IsHidden 1

If you later want to show the hidden user, set the user’s IsHidden attribute to 0 like this:

sudo dscl . create /Users/hiddenuser IsHidden 0

If you want, you can delete the IsHidden attribute instead.

Hide the home directory and share point

You can move the hidden user's home directory to a place that's not visible from the Finder. And you can remove the hidden user's Public Folder share point.

This command moves the home directory of "hiddenuser" to /var, a hidden directory:

sudo mv /Users/hiddenuser /var/hiddenuser

This command updates the user record of "hiddenuser" with the new home directory path in /var:

sudo dscl . -create /Users/hiddenuser NFSHomeDirectory /var/hiddenuser

This command removes the Public Folder share point for the user with the long name "Hidden User”:

sudo dscl . -delete "/SharePoints/Hidden User's Public Folder"

Published Date: Oct 24, 2016

Featured Posts
Recent Posts
Search By Tags
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page