Microsoft Supported Office 2016 Volume Licensing Method

Below is information provided by @pbowden, who is a software engineer for Office for Mac/iOS at Microsoft, in the MacAdmins Slack instance (@mrexchange on Twitter) regarding the supported way to license Office 2016 with a volume license.  While I recommend joining the macadmin Slack instance to participate in these conversations, it may not be feasible for everyone  Therefore I’m posting this information externally for everyone’s benefit.

It’s completely supportable to download and install the latest SKU-less build from those FWLinks like http://go.microsoft.com/fwlink/?linkid=525133, and simply run the Office15_all_volume_licensing.pkg to license the build for VL. [ Run `pkgutil –expand ~/Downloads/Microsoft_Office_2016_Installer.pkg ~/Desktop/Office2016VL` to expand the flat package and gain access to Office15_all_volume_licensing.pkg in ~/Desktop/Office2016VL ]

Technically, you can just run the Microsoft Office Setup Assistant.app that’s inside the .pkg, but I’d prefer that you install using the .pkg just in case there are things we need to do in the postinstall script. There are code dependencies between Office15_all_volume_licensing.pkg and Office15_all_licensing.pkg, which is why I’d prefer you to deploy the SKU-less build first as it contains Office15_all_licensing.pkg. It’s that same reason why I typically don’t like folks shoe-horning the updater package on a new machine – as the licensing package is not in the updater, and you could end up in a mess with licensing. The licensing code is fairly complex and uses various internal triggers to ‘wake up’ at various times to check that all is well. i.e. just because it might work if you hacked some packages together and tried it once or twice on your machine, it doesn’t mean to say that it’ll ​*stay*​ working after you deploy.

The role of the Microsoft Office Setup Assistant app is to collect various machine identifiers (including hardware serial number and boot disk hashes) and encodes them into /Library/Preferences/com.office.microsoft.office.licensingv2.plist …this is how we tether the license to the machine. Manually copying one of those generated plists and copying it to other machines is absolutely not supported and akin to playing with fire.
However, we ​*do*​ support you moving that plist around volumes on the ​*same*​ machine (e.g. imaging scenario).
In other words, in those times our license code wakes up to check that all is well, we’ll verify that the hashed boot disk that we retrieved when the license was created is still mounted ​*somewhere*​ on your machine, even if it’s not currently the boot disk.

Bottom line is that if you’re copying com.microsoft.office.licensingv2.plist between machines then you are not in a supportable state. The only supportable solution is to have that plist file generated on the machine you intend to use by the Microsoft Office Setup Assistant (MOSA). Up to you how you package this, but MOSA needs to be run and the plist is tethered to the current boot drive of the machine. It’s okay to change boot drives as long as that original drive stays mounted as a volume (it doesn’t have to be the boot drive)

The VL build on the VLSC is old at 15.13.4. While internally we produce full VL installers every month (in fact, it’s every day, but I digress), the VLSC folks haven’t been in a position to take our monthly updates. I’ve been working with that team this week to get their engineering processes to be more agile. The good news is that they will be taking our 15.17 December release build, so what should be a welcome refresh. I’ve also been working hard on fixing your top requests and am confident that 15.17 will be a great release for you. The VLSC folks might need to skip one or two releases after 15.17, but after that they will be in a position to take all our monthly releases.

A follow up question was asked about un-licensing to allow for the Office 365 subscription method again.

Is there a proper way to revert from a VL install backwards to a 365-license?

Yeah, just nuke that one plist we’ve been talking about and the copy of Office goes back to a sku-less state

Advertisements
Tagged , , , , ,

Office 2016 Direct Download links

Update 3-9-17: I just realized I’m doing a disservice by not pointing out all of the hard work Paul Bowden, Software Engineer of Office for Mac, has been doing.  He has a site that curates all the updates.  The updates he points to are the same as those below but in a more orderly fashion.  You should really check out that site at https://macadmins.software

Office 2016 now uses a series of FWLinks that always point to the very latest official builds. The downloads are SKU-less, which means you can use these to activate via Office 365 subscription, Volume License, or Perpetual License. These packages contain the base app, MAU and the licensing helper components.  The following links download the respective software.  While perpetually updated direct links are great to have, there is no way to determine what version it is until the full pkg is downloaded.  That’s an expensive download if you have limited bandwidth.  After the update from 15.15 to 15.16, a few links had lingering 15.15 versions still downloading.

There are 3 CDNs they are available from: Puerto Rico, Dublin, and Singapore.  For the US the Puerto Rico CDN would be quickest.

Puerto Rico CDN

Office Suite
http://go.microsoft.com/fwlink/?linkid=525133
Word
http://go.microsoft.com/fwlink/?linkid=525134
Excel
http://go.microsoft.com/fwlink/?linkid=525135
Powerpoint
http://go.microsoft.com/fwlink/?linkid=525136
Outlook
http://go.microsoft.com/fwlink/?linkid=525137

Dublin CDN

Office Suite
http://go.microsoft.com/fwlink/?linkid=532572
Word
http://go.microsoft.com/fwlink/?linkid=532573
Excel
http://go.microsoft.com/fwlink/?linkid=532574
Powerpoint
http://go.microsoft.com/fwlink/?linkid=532575
Outlook
http://go.microsoft.com/fwlink/?linkid=532576

Singapore CDN

Office Suite
http://go.microsoft.com/fwlink/?linkid=532577
Word
http://go.microsoft.com/fwlink/?linkid=532579
Excel
http://go.microsoft.com/fwlink/?linkid=532582
Powerpoint
http://go.microsoft.com/fwlink/?linkid=532583
Outlook
http://go.microsoft.com/fwlink/?linkid=532584

A big thanks to @talkingmoose for encouraging @pbowden to join our Slack channel #microsoft-office and for @pbowden for providing all these juicy nuggets.  To join us on Slack, head over to http://macadmins.org to request an invite.

Tagged

Screen Sharing via Apple ID

Screen Sharing.app is a bundled application that lets you observe or control a remote computer.  Typically, the computer is already under your control and either has Screen Sharing enabled in the Sharing settings or a VNC server running.  But having a knack as a Mac whisperer doesn’t go unnoticed by family and friends.  There are times when it’d be really handy to be able to hop on a friend or family member’s computer to actually see what they’re trying to describe instead of talking thru it.  There are 3rd party services out there that can accomplish this but require downloading, installing, and configuring.  This feature just works* as long as the remote computer has an iCloud account setup on it, which at this point most do.

*Of course there are exceptions.  Firewall restrictions may not allow the traffic thru.

To start a session launch the Screen Sharing.app via Spotlight (command-space) and typing “Screen Sharing” or by navigating to /System/Library/CoreServices/Applications/Screen Sharing.app

Once it launches you’ll be presented with a field that asks for a hostname or Apple ID

hostnameorappleid

Start typing a name in your Contacts.  If you have contacts that have Apple IDs they’ll show up in blue text, similar to Messages.  It may take a few seconds for the names to be identified as Apple IDs and have the color change. If you know the Apple ID email address you can enter that directly as well.bluemeansicloud

Click the “Connect” button and the remote machine will get prompted to allow you to connect. Note, the prompt to connect will appear on all the machines that are setup with that Apple ID.

prompttoconnect

If the Apple ID of the instigating connection is in the receiver’s contacts, when “Accept” is clicked it will immediately allow Observe abilities of the remote screen.  If the Apple ID trying to connect doesn’t match a contact on the receiving machine the receiver will get this prompt.

notincontacts

Upon connection, by default the microphone is engaged so you can talk as well as see the remote screen. The microphone can be muted from menu bar extra if desired.  While connection is active the menu bar extra flashes to remind of that connection.

screensharingmenuextra

If you need to control the computer instead of just observe you can request control from the Screen Sharing window.  Once Control is asked for, the remote machine gets a prompt to allow control.

Tagged , , , , ,

Server.app 5.0.4, sdmd, and iOS

After upgrading a server to El Capitan and Server 5.0.4 I noticed that a process was constantly taking 50-60% of the CPU and showed no signs of calming down after running a couple of days.  The process is sdmd.

sdmd-postgres-procs

Googling and digging around I discovered those processes, specifically sdmd, are related to File Sharing.  The executable is found at /Applications/Server.app/Contents/ServerRoot/System/Library/PrivateFrameworks/ServerDocsMaster.framework/sdmd. I recruited my super-sleuthing friend @mikeymikey to take a look.  He found

“..it generates thumbnails and basically does a lot of prep work for iOS devices that can’t look up all this information themselves for a large directory. It basically looks like “mini Sharepoint” for iOS. If you have huge shares you never intend to make accessible via iOS, I can see how this thing would put a ton of load on your devices. And it looks like it monitors the directories for change, too, so it’ll just keep coming back.”

I don’t want that.

Posts to various forums reported that removing and re-adding all the shares made the problem go away. Instead of going to all that work I discovered that disabling iOS access on the shares made the sdmd process stop.  By default, when upgrading to Server 5 all my shares were enabled to be iOS accessible. Thanks Apple!

To turn off iOS access, open the Server.app and navigate to the File Sharing service.  Highlight a shared folder and click the pencil button to edit it.  In the share preferences there is an iOS checkbox.  Uncheck it.  Do that for all shares and the sdmd process will stop.

File Share panel

Tagged , ,

Office 2016 Mac admin resource links

Below is a gathering of all the discoveries fellow Mac admins have documented regarding Office 2016 for Mac; both Office 365 and Volume License varieties.  This post will be updated as new issues are made known.

Discussion and discovery on these topics and all things Microsoft Office are on-going on the Macadmins Slack team in channel #microsoft-office.  You can get an invite to join us on Slack by going to http://macadmins.org

Office 2016 Direct Download links

http://macadmins.software – Straight from the source and curated by Paul Bowden at Microsoft, this lists all downloads and updates since the first non-preview release on 7/9. The red table lists latest versions available, the green table lists all the permalinks, and the black table has links to all releases and KB articles, plus extra information like build date.

https://osxbytes.wordpress.com/2015/11/12/office-2016-direct-download-links/


Demystify Office 2016 for Mac 

https://clburlison.com/demystify-office2016/ – in Slack/Twitter @clburlison – use this excellent guide to distinguish the different installation/license/upgrade options for Office 2016.


Microsoft Office 2016 for Mac serialization changes  https://macmule.com/2015/12/11/microsoft-office-2016-for-mac-serialisation-changes – in Slack @macmule


Suppressing first launch “What’s New” for Excel, Outlook, Powerpoint, Word & OneNote, and Outlook’s account setup:

http://macops.ca/disabling-first-run-dialogs-in-office-2016-for-mac/ – in Slack @tvsutton
https://osxbytes.wordpress.com/2015/09/17/not-much-whats-new-with-you/ – in Slack @eholtam


Volume License installer issues: – being addressed in the December release

http://macops.ca/whats-wrong-with-the-office-2016-volume-license-installer/ – in Slack @tvsutton
http://macops.ca/the-office-for-mac-2016-volume-license-installer-two-months-later/ – @tvsutton


Outlook 2016 setup script:

https://github.com/talkingmoose/Oulook-Exchange-Setup-5.0 – in Slack @talkingmoose
https://github.com/poundbangbash/Outlook-Exchange-Setup-5.0-Meredith@eholtam – My fork addressing running the setup script on first launch of Outlook.


Office 2016 Packaging:

http://www.richard-purves.com/?p=79 – in Slack @franton


Suppress Microsoft AutoUpdate launch warning – needs to be run per-user

https://gist.github.com/erikng/7cede5be1c0ae2f85435 – in Slack @erik


Remove Office 2011 script (and some shared 2016 bits like license, MAU, etc.)

http://www.officeformachelp.com/office/install/remove-office/ – in Slack @talkingmoose


Administering Office 2016 for Mac presentations by @talkingmoose

https://www.youtube.com/watch?v=4-EtZizWJdQ – PSU 2015

http://bit.ly/1HgsqJE – University of Utah 2015 (QT)
https://stream.lib.utah.edu/index.php?c=details&id=11446 – University of Utah 2015 (Streaming)


Fun with Microsoft Office 2016

https://themacwrangler.wordpress.com/2015/11/17/fun-with-microsoft-office-2016/ – in Slack @hunty

Tagged ,

Not much, what’s new with you?

Update: See this post for new information on changes to suppressing What’s New dialogs starting with 15.34.

Update: As expected the `OUIWhatsNewLastShowLink` key is being incremented to display new features on subsequent releases. The profiles below will contain the latest values for the currently released versions.

Profiles for Office 2016 version 15.31

Office 2016 offers to show users “What’s New” on first launch.  Tim Sutton has a writeup on how to suppress the initial dialogs on his blog.  However, with version 15.14 of the Office apps there’s new “What’s New”s for Outlook and Powerpoint that sets a key not mentioned in the aforementioned post to suppress the new dialog.  This only affects Powerpoint and Outlook for this version.  Word and Excel didn’t present new prompts on launch this time around.

Along with the “What’s New” keys there are some others of interest:

kSubUIAppCompletedFirstRunSetup1507 – boolean – Controls the original “What’s New” dialog and Office 365 activation prompt on first launch

OUIWhatsNewLastShownLink – string – Controls the “What’s New” dialog on first launch for new prompts offered in subsequent version.

FirstRunExperienceCompletedO15 – boolean – Controls offer to import mailbox or setup an email account. (That’s a cap o15, not zero15)

SendAllTelemetryEnabledboolean – Control the offer to send crash reports to Microsoft

ONWhatsNewShownItemIds – array – Specific to OneNote this value is an array of integers that appears to increment haphazardly.  For just OneNote, this replaces the OUIWhatsNewLastShownLink value.

OUIWhatsNewLastShownLink values

Profiles
Below are profiles that will suppress the “What’s New” and disable crash reports prompts. These examples are set to “Force” the setting as attempts using Set-Once with a timestamp didn’t seem to be effective.

Outlook – suppress “What’s New” only (see below for suppressing Inbox migration)
Outlook – suppress “What’s New” and mailbox setup*

Powerpoint

OneNote

Word

Excel

*There is also a key for Outlook that will suppress the dialog to offer to migrate or setup an email account.  That key is a boolean FirstRunExperienceCompletedO15.  That’s a captial o, not a zero at the end of the key.

 FirstRunExperienceCompletedO15 suppresses this

To extract the values of the OUIWhatsNewLastShownLink I have a script that I run after installing and running each new application.  That script is at OUIWhatsNewLastShownLink Script

Tagged ,

Mac Admin QuickLook Tools

Quicklook has been around for a while and I harness its abilities to help me with my Mac admin life.  Apple advertised it for PDFs, images, and text files, however we admins can partake in the marketing highlight as well.

Below are a few of my favorite QuickLook plugins that I’ve been using for years.  Thankfully they still function.  Some have stopped development but are still available and going strong 7 OS revisions later.

QLStephen – Nothing fancy.  But it does let you view plain text files that don’t have a file extension. It is useful for reading files like README, INSTALL, CHANGELOG, Makefile, etc.

Scriptql – shows AppleScript .script files.  Getting rarer but good to have in a pinch.

QLColorCode – syntax highlighting of code and plist files.  Very handy for peeking in on .plists as the syntax is color coded.

syntax highlight

Much better

Screen Shot 2015-09-14 at 10.47.28 PM

 

Suspicious Package – My favorite.  It opens up .pkg and .mpkg installers to show the payload, scripts and other meta data about the installer.  It’s saved me so much time being able to peek in on an installer without having to deep dive into it.  I highly recommend it for anyone messing with .pkgs.

Suspicious Package quicklook Screen Shot 2015-09-14 at 10.53.21 PM

Please share your favorites in the comments.

Tagged , ,

Help them help you

I support computers AND users. I’m sure you do, too. My users aren’t expected to know their IP address or how to find it. Occasionally I get in a situation where I can’t pre-fetch a computer name for a user I’m about to call. Once I get the user on the horn I’ll need to have them find that IP and give it to me so I can assist remotely. To make the discovery easier I wrote a quick little Applescript app they can run that outputs the computer’s hostname and current active IP address. It offers to put the name or IP address in their clipboard for easier transfer and avoid typos via IM or email.

Below is the code and output:

Computer Name display

Tagged , ,

Netboot compatibility chart for Thunderbolt adapters and docks – community feedback requested

Since Apple’s laptops have gotten thinner there’s less room for IT-important things like Ethernet ports.  Many of us use a network based imaging process to get machines ready for our respective environments.  The lack of a built-in Ethernet port forces us to use Ethernet adapters whether it be USB2.0, USB3.0, Thunderbolt, or Thunderbolt Docks.  Unfortunately the vendors that make these devices don’t seem to worry about the Netbootability of their adapters or docks.  That functionality is a big unknown.  At $2-300/dock guessing wrong isn’t cheap.  Some work if you hold down the “n” or “Option” key on boot but don’t provide Netboot options when trying to set it via the Startup Disk Preference Pane or using the ‘bless’ command from the command line and vice versa.  In my environment it is important to be able to send a command remotely to have the computer Netboot.  Physically holding a key is as good as not having it at all.

I’m sending a call out to all Mac admins willing and able to report back what has and has not worked for you with the adapters you’ve tried.  I’ve started a publicly accessible spreadsheet at Google Sheets trying to detail all the pertinent information.  I’m sure there are others out there that have tried and tested other adapters and docks with varied success.  All could benefit from this gathered information so please contribute if you can.

To supply feedback on different adapters and docks please do the following.  The Netboot columns require specific tests be run as the method matters:

  1. “Netboot ‘n’ on boot” : Hold the ‘n’ key down when powering on the computer.
    Success = booting to the NBI.
  2. “Netboot Boot Picker (option key) : Hold the ‘option’ key down when powering on the computer.
    Success = if you see NBI(s) to pick from the boot picker interface
  3. “Netboot ‘bless’ command” : With the computer booted to the internal drive issue the command ‘sudo bless --netboot --server bsdp://255.255.255.255‘ and reboot.
    Success = booting to the NBI
  4. “Netboot Startup Disk” : Boot up the computer to the internal disk and log in.  Open the Startup Disk System Preference.
    Success = if you see NBI(s) to pick as the startup disk

The other columns like Vendor ID, Product ID, etc., can be found by running ‘system_profiler SPUSBDataType‘ or ‘system_profiler SPThunderboltDataType‘ depending on what type of adapter you’re using.

Thanks, and go team!

Tagged , ,

Installing VMWare Tools on a Netboot NBI

Netboot is great.  VMWare Fusion is great. Yosemite is….Netboot and VMWare are great. I use VMs to test things on our builds at work.  To get those VMs setup I use our imaging process that utilizes Netboot.  However, I discovered that, new with Yosemite, when the VM Netbooted to our Yosemite NBI I wasn’t able to login to OS X. After typing in the username and password the login attempt would just hang with the spinning gear turned beachball.  No bueno. Turns out all it requires is getting the VMWare Tools installed on the NBI.  No problem right? But VMWare’s installer (read: .app) doesn’t allow installing on a non-boot volume.  Crap.  This wouldn’t be a very interesting post if we stopped here so…

TL;DR: you need to mount the NBI and install the tools via the CLI ‘installer’ command.

First, make sure that your existing NBI is read/write when mounted.  In my case the NBI is actually a .sparseimage but renamed to .dmg for Netboot use.  When mounting the image named .dmg it mounts as read-only.  Renaming the .dmg to .sparseimage mounts the volume as read-write. YMMV. There are ways to convert disk images to read-write. I’ll leave that discovery up to you if your environment requires it.

VMWare Tools acquisition/installation:

There are a couple ways to get the tools.  I prefer to pull the tools from the VMWare Fusion.app bundle itself to guarantee that the version of VMWare Fusion you’re running is compatible with the tools. If you want an automated way using AutoPkg to get the latest tools check out Rich Trouton’s post at Der Flounder.  You can also download the tools if you know what version you need at VMWare’s repository.

Locally, the tools are located in the application bundle found at /Applications/VMware\ Fusion.app/Contents/Library/isoimages/darwin.iso

iso-location

Mounting that image results in the installer and uninstaller.

mounted-iso

However attempting to use the .app installer will fail as it won’t let you target the install on a non-boot drive.  Since it’s a .app “installer” there must be a .pkg buried in the bundle. To get the actual installer .pkg right click on “Install VMWare Tools.app” and choose “Show Package Contents”.  Navigate to the /Volumes/VMware\ Tools/Install\ VMware\ Tools.app/Contents/Resources/ directory.  There you’ll find “VMWare Tools.pkg”. Jackpot.

installer-location

Copy the “VMWare Tools.pkg” to the computer where the NBI is mounted and run ‘installer’ pointing the target at the mounted Netboot NBI.

 sudo installer -pkg /Volumes/VMware\ Tools/Install\ VMware\ Tools.app/Contents/Resources/VMware\ Tools.pkg -target /Volumes/Yosemite\ NetBoot -verbose

That will install on the mounted volume.  Once complete, unmount the NBI, rename it if necessary, and you should now be able to log into a Yosemite NBI when Netbooted in VMWare Fusion.

Tagged ,