Status Tab Checks - abstertee/macStat GitHub Wiki

Status Tab

The status tab displays information regarding your laptop’s compliance, certificate, and network status. Each check runs commands in the background and returns text responses to describe the laptop’s current status. The macStat app runs eight checks which verify that your laptop is configured and working properly, reference the list below:

Software Updates
Firewall
Active Directory
FileVault Encryption
Jamf Connectivity
Certificates & 802.1x
Root Cert Chain
Configuration Profiles**

The app will also update icons once the checks complete, see the list below for definitions of the three icons:

The green checkmark will display when the system check signals a passing status.
The orange exclamation mark will display when the system check signals that there may be an issue.
The red X will display when the system check confirms a failure for a critical compliance component.

System Compliance

The System Compliance section checks four main components of the system. These checks are important for VPN connectivity and ensure the system meets Workday security policies.

Mac OS Updates

The Mac OS Updates check looks for new versions of Apple based software and Mac OS updates based on information about your computer and current software. This check will return information about any missing or pending updates. Your laptop should always have the latest updates to ensure all security requirements are met.

Firewall

The Firewall check verifies that the system’s firewall is enabled which prevents certain network access to the system. Your laptop should always have the Firewall enabled to follow basic security practice.

Password Sync

The Password Sync check uses Enterprise Connect to validate that the local user’s password is in sync with their Active Directory password. The check runs the Enterprise Connect command line tool to determine if the sync is valid and collects the days remaining until the next password change.

FileVault Encryption

The FileVault Encryption check verifies that disk encryption is enabled which prevents unauthorized access to your Mac. FileVault is the Mac disk encryption tool.

Certificates & Network Compliance

The certificates & network compliance section provides status on network connectivity requirements and system management.

Jamf Connectivity

The Jamf Connectivity check verifies that Jamf is installed on the system and the system is enrolled. Jamf is the tool used to manage Mac devices and must be installed in order to receive supported applications, user certificates, and network connectivity. Jamf is an essential tool and security requirement that needs immediate attention in the event that this check fails.

Certificates & 802.1x

The Certificate & 802.1x check validates that your laptop has the correct User Certificate in the right location. Certificates are used for the corporate wireless network access and VPN authentication. Without this certificate, your laptop will not be able to connect to wireless networks or some VPN.

Root Cert Chain

The root Cert Chain check ensures that your laptop has the correct company Certificate chain which may validate the User Certificate mentioned above. In the event that any of the root Certificates are missing, the check will return and state which certificate is required. The system will not be able to validate the user certificate required for VPN and WiFi access. This will disable or make it difficult to connect to VPN or WiFi.

Configuration Profiles

The Configuration Profiles check looks to make sure both the User Cert Profile and WiFi 802.1x Profile exist, which are required in order to use your laptop for everyday work. The Configuration Profiles contain a number of settings that configure your Mac. In the event that a Profile is missing, the check will return and state which profile is missing.
If the user certificate profile is missing, it’s possible the certificate required for WiFi and VPN access will be missing and you will be unable to connect to either service. Should the WiFi 802.1x Profile be missing, the system will not have the wireless settings configured and won’t connect to WiFi.