Nava H. The macOS User Administration Guide... 2021

The macOS User
Administration Guide
A practical guide to implementing, managing, and

optimizing macOS Big Sur features and tools
Herta Nava
BIRMINGHAM - MUMBAI
The macOS User Administration Guide
Copyright © 2021 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in
any form or by any means, without the prior written permission of the publisher, except in the case of brief
quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information
presented. However, the information contained in this book is sold without warranty, either express or
implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any
damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products
mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the
accuracy of this information.
Group Product Manager: Ashwin Nair

Publishing Product Manager: Pavan Ramchandani
Senior Editor: Hayden Edwards
Content Development Editor: Aamir Ahmed
Technical Editor: Deepesh Patel
Copy Editor: Safis Editing
Project Coordinators: Kinjal Bari, Manthan Patel
Proofreader: Safis Editing
Indexer: Pratik Shirodkar
Production Designer: Alishon Mendonca
First published: April 2021
Production reference: 1220421
Published by Packt Publishing Ltd.

Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-83864-365-2
www.packt.com
To my husband, Martin, and my children, Luis, Kenaya, Stephanie, and Angie, for their
immense love and support and for understanding that good things never come easy in
life. To my parents, Waldo and Karin, for loving us so much and working so hard for us
all these years, even today. To my sisters, Karen and Raquel, and my brother, Nelson, for
their love and friendship and for being an example of what it means to succeed. And to
my Father in Heaven, to whom I owe absolutely everything.
– Herta Nava
Contributors
About the author

Herta Nava is a technologies expert, with extensive experience in writing, reviewing,
and localizing technical content. She's an Apple Certified Support Professional, with
experience supporting corporate and personal clients with regard to Apple and other
technologies. She has worked on producing courses for important online technical
content providers, such as Pluralsight and O'Reilly Media.
Currently, Herta works as a third-party vendor in the localization of technical

content, software, UI, and documentation for Google Cloud Platform, Microsoft
Office, Azure, Dell Technical Advisories (DTAs), and other similar content. She also
produces and maintains a series of online video courses on macOS support for
Pluralsight.
I want to thank the Packt editorial team for their support during the process of
writing this book. I'm immensely grateful to my Content Development Editor,
Aamir Ahmed, for his continuous support and expertise. My sincere appreciation to
everyone in the Packt team who provided valuable feedback at various stages of the
book: Hayden Edwards, Divij Kotian, Govindan K, Mohammed Imaratwale, and
Smit Carvalho. I also want to thank Adam Tomczynski for the technical reviews.
My deepest thanks to Pavan Ramchandani, Publishing Product Manager at Packt.

Thank you for your patience, support, and encouragement, and for making this book
a reality.
I wish to acknowledge Apple for developing great products people like me can enjoy
and even write about.
About the reviewers
Alex Farnsworth is an Apple Certified Support Professional with over 7 years of
experience managing Apple devices. He first found his passion for working with
macOS/iOS devices while working at Apple in 2013. He has built upon that passion
by helping businesses architect and build solutions that focus on user experience
while ensuring that management is efficient and scalable.
Adam Tomczynski has over 20 years of technical experience and started his career in
information technology as a computer support technician. His interest in computers
began at a young age and continued through his high school and college years. In an
educational setting, he has supported Novell and Microsoft servers, centralized
storage, mail archiving and backup solutions, endpoint protection, and more. Adam
is Apple ACTC, ACSP, ACMT, and ACiT certified. He is a continuous learner.
Currently, Adam is employed with a school district in a Chicago suburb managing

the Apple platform for the organization.
Table of Contents
Preface 1
Chapter 1: Overview of the macOS System, Architecture, and
Features 6
Technical requirements 7
Overview of the macOS system and architecture 7
Overview of the macOS general features 10
Exploring the new features introduced in the latest macOS
releases 12
New features introduced in macOS Big Sur 12
New features introduced in macOS Catalina 17
Touring macOS 21
Exploring the macOS version history 21
Comparing macOS to other leading operating systems 23
Exploring the industry standards used by macOS 24
Multicast DNS 24
Swift 25
Summary 26
Chapter 2: Installing and Configuring macOS 27
Requirements for macOS Big Sur 28
Requirements for macOS Catalina 29
How to find out your Mac model and specs 30
Installing macOS 33
Upgrading macOS 34
Automatic upgrades 34
Manual upgrades 37
Manual upgrades to macOS Big Sur 37
Through the internet 43
Reinstalling macOS 44
Reinstalling macOS via internet recovery 45
Reinstalling through the macOS Recovery system 46
What is the macOS Recovery system? 46
Accessing the macOS Recovery system with macOS Catalina and earlier
(Intel Mac) 47
Startup Disk 48
Startup Security Utility 49
Network Utility 49
Terminal and Reset Password 49
Accessing the macOS Recovery interface with macOS Big Sur (Intel Mac) 50
Table of Contents
Accessing the macOS Recovery interface in Macs with the M1 chip 51

How to perform a reinstallation with macOS Catalina Recovery 52
How to perform a reinstallation with macOS Big Sur Recovery 54
How to perform a clean installation 56
Using an external installer 58
Formatting the external volume or USB 60
Downloading a macOS installer from the App Store 62
Using the createinstallmedia command 63
Testing and using the bootable installer 65
Updating macOS 66
Software updates 66
Disabling update notifications 67
Automatic App Store updates 67
Manual App Store updates 69
System updates 70
Firmware updates 72
Configuring the macOS installation 73
The Setup Assistant process 73
Adjusting the system settings 80
Benefits of configuring iCloud 81
Summary 84
Chapter 3: The Start Up Process 85
Understanding the macOS start up process 86
Primary system initialization stages 86
Power-on or BootROM firmware 87
Booter 87
Kernel 89
System launchd 89
FileVault initialization 90
User session stages 92
loginwindow 92
Logout, shutdown, and restart 93
launchd 94
Files and processes involved in launchd 96
Visualizing the processes 96
User environment 98
Using energy-saving features 99
Sleep mode 99
Battery preferences (macOS Big Sur) 100
Safe Sleep and Standby 105
Waking up the Mac 106
Using start up modes 106
Safe mode 106
Verbose 109
Single-user 110
The T2 Security Chip and Secure Boot 113
[ ii ]
Table of Contents
Summary 114
Chapter 4: User Accounts Management 115
Types of user accounts 116
Local user accounts 116
Standard user account 117
Administrator user account 118
Root user account 119
Guest user account 119
Sharing Only user account 120
Group user account 121
Other user accounts 122
Network user accounts 122
Mobile user accounts 122
Managing user accounts 123
Creating standard user accounts 125
Initial setup of a new user account 128
Using your Apple ID or iCloud account 130
Creating a new Apple ID 131
Turning a Standard account into an Administrator account 135
Configuring additional account preferences 136
What are account attributes? 141
Deleting user accounts 144
Restoring deleted user accounts from a disk image 146
Restoring deleted user accounts kept in the Users folder 150
Managing the root user 151
Enabling the root user 151
Logging in as the root user 154
Disabling the root user 156
Managing the Guest user 157
Adjusting the login options 159
Automatic login 159
What is fast user switching? 161
Using Screen Time (macOS Catalina and later) 162
Tracking usage 164
App Usage 164
Notifications 166
Pickups 166
Limiting usage 167
Downtime 168
App Limits 170
Always Allowed 172
Content & Privacy 172
Understanding user home folders 174
The user home folder structure 174
The Desktop folder 176
Using Stacks 176
Quick Actions 178
[ iii ]
Table of Contents
The Library folder 178

The Public folder 179
Deleting local user home folders 180
Migrating and restoring local user home folders 180
Migration Assistant 180
Your data is on a Windows computer 182
Your target Mac is running OS X Mavericks v10.9.5 or later 184
Restoring manually 187
Summary 187
Chapter 5: Managing User Security and Privacy 188
Understanding password types in macOS 189
User account passwords 189
Apple ID account and password 190
Keychain passwords 190
Resource passwords 191
System firmware passwords 191
Managing passwords in macOS 192
Changing local user account passwords 193
Changing account passwords through Users & Groups 194
Changing account passwords through Security & Privacy 195
Changing the root password 196
Resetting local user account passwords 198
Resetting account passwords with the Users & Groups preferences 198
Resetting account passwords with macOS Recovery 200
Resetting account passwords with the Apple ID 204
Resetting local account passwords and the login keychain 207
Resetting local account passwords with FileVault enabled 207
Using a recovery key 208
Using iCloud 212
Using the Reset Password assistant 215
Configuring a firmware password 218
Understanding the Keychain system and iCloud Keychain 221
Types of keychains 221
Default keychains 221
System keychains 222
Other keychains 223
How the default keychain works with iCloud 223
Enabling iCloud Keychain 226
Managing keychains 228
Creating a new keychain 229
Adding keychain items 231
Locking keychains 233
Changing keychain passwords 236
Safari keychain information 238
Managing privacy in macOS 239
Security & Privacy settings 239
[ iv ]
Table of Contents
Location Services 241

Protecting yourself from cross-site tracking 243
Privacy while using the Dictation service 245
Summary 246
Chapter 6: The macOS File System: Disks, Volumes, and
Partitions 247
Understanding the macOS filesystem and storage 248
Understanding general concepts 248
What is formatting? 249
Differences between disks, partitions, and volumes 249
Disks and drives 250
Partitions 250
Volumes 250
macOS partition maps (schemes) 251
Understanding the macOS filesystem 252
What is a filesystem? 252
macOS volume formats 253
The advantages of APFS 254
Space sharing 255
Encryption 256
Defragmentation 256
Additional filesystems supported by macOS 257
File system domains in macOS 258
Managing disks, volumes, and partitions 260
Examining storage 260
About This Mac 260
Disk Utility 261
System Information 265
Managing partitions 267
Examining and modifying partitions 267
Formatting/partitioning a disk/volume 270
Adding a non-APFS partition 271
Erasing/reformatting disks 273
Resizing/deleting a non-APFS partition 276
Using APFS volumes 280
Converting volumes to APFS 281
Adding a volume to an APFS container 282
Deleting/erasing an APFS volume 284
Mounting, unmounting, and ejecting disks/volumes 284
Unmounting and ejecting 286
Mounting 288
Optimizing storage space 289
Store in iCloud 291
Optimize Storage 291
Empty Trash Automatically 292
Reduce Clutter 292
[v]
Table of Contents
Summary 294
Further reading 294
Chapter 7: Understanding Ownership and Permissions 295
Understanding ownership and permissions 296
What are ownership and permissions in macOS? 296
Access Control Lists (ACLs) 299
Access hierarchical rules 299
Case 1 300
Case 2 300
File flags 301
macOS's filesystem security policy 303
Managing access and ownership 304
Verifying an item's ownership and permissions 304
Changing an item's ownership and permissions 306
Ownership in non-system volumes 310
Granting and changing permissions 311
Deleting permissions 313
Permission customization examples 314
Example 1: Restricting access to an item 314
Example 2: Propagating folder permissions 315
Using macOS shared folders 318
The Public and Drop Box folders 318
The Shared folder 321
Summary 323
Chapter 8: System Resources and Shortcuts 324
Understanding system resources 325
Types of system resources in macOS 325
Extensions 326
Frameworks 327
Fonts 328
Preference files 329
LaunchAgents and LaunchDaemons 330
Logs 330
System resource domains 330
Sandboxing 331
Managing system resources 334
Uncovering hidden files and folders 334
Accessing the Library folder temporarily 335
Accessing the Library folder permanently 338
Managing font resources 339
Installing fonts 340
Font location preferences 342
Resolving duplicate fonts 343
[ vi ]
Table of Contents
Disabling/removing fonts 345

Understanding shortcuts in macOS 346
Types of shortcuts 347
Aliases 347
Symbolic links 349
Hard links 349
Creating shortcuts 350
Summary 352
Chapter 9: Understanding Metadata and Searching 353
Understanding metadata in macOS 354
Types of metadata available in macOS 354
File flags 355
File system tags 355
The AppleDouble file format 356
Additional extended attributes 357
Using macOS tags 358
Viewing tagged items 359
Using tags 360
Creating tags 362
Creating tags from the Finder 362
Creating tags from a file preview 363
Deleting tags 364
Advanced tag management 365
macOS searching tools 366
Using Spotlight 366
Using Siri 372
Summary 376
Chapter 10: Managing Apps and Documents 377
Understanding apps in macOS 378
Supported macOS environments 378
Native macOS 379
Universal macOS binary 382
Unix-based 382
Open source 383
App compatibility 383
Compatibility with 32- and 64-bit apps 383
Universal and Intel apps 384
iOS and iPadOS apps (Apple M1 silicon) 387
Using the App Store 388
The App Store and your Apple ID 388
Logging in to the App Store 388
Creating an Apple ID 390
Creating an Apple ID without a payment method 394
Managing your account 395
[ vii ]
Table of Contents
Installing and managing apps 396

Installing apps 397
Installing from the App Store 397
Installing iOS and iPadOS apps (Apple M1 silicon) 399
Other installation methods 400
Drag and drop 400
Using packages 401
Examining packages and bundles 403
Updating apps 404
App Store 404
Automatic updates 404
Manual updates 405
Uninstalling apps 405
Launchpad 405
Dragging to the Trash 406
Custom uninstaller 406
Exploring installed apps 407
Exploring app preference files 409
Monitoring open processes and apps 410
CPU 412
Memory 413
Energy 414
Disk 416
Network 417
Managing app extensions 418
Types of extensions 419
Finder 419
Sharing menu 420
Managing app extensions and widgets 421
Sharing apps 423
Family Sharing 424
Enabling Family Sharing 427
Purchase sharing 431
Start sharing purchases 435
Stopping purchases and Family Sharing 437
Managing documents 439
Using the Launch Services, Quick Look, and Quick Actions features 440
Launch Services 440
Quick Look 444
Quick Actions 446
Using the Autosave, Versions, Locking, and Resume features 447
Autosave 447
Versions 449
Locking 449
Resume 450
Using documents in iCloud 452
Summary 455
[ viii ]
Table of Contents
Chapter 11: Backups and Archiving 456

Archiving in macOS 457
ZIP archives 457
Disk images 461
Creating disk images with the Disk Utility 462
Changing a disk image's format 466
Restoring a disk image to a disk 467
Using Time Machine for backups 469
Understanding Time Machine 469
Where can you store your backups? 470
Configuring Time Machine 472
Stopping Time Machine backups 476
Restoring a Time Machine backup 476
Using the Time Machine interface 477
Restoring only specific items 478
Using the Migration Assistant 479
Using macOS Recovery 481
Summary 483
Chapter 12: Networking in macOS 484
Understanding networking concepts 485
Networking models 486
The OSI reference model 486
TCP/IP model 489
Fundamental networking concepts 491
Host 491
What are network interfaces? 492
Ethernet 493
Wi-Fi 493
FireWire 493
Thunderbolt Bridge 494
Bluetooth 494
USB 495
VPN 495
PPPoE 496
6to4 496
How to identify which network interfaces are available? 497
LAN and WAN 500
What is a MAC address? 500
IP addresses and subnet masks 504
IPv4 504
IPv6 505
Subnet masks 507
Router address 509
Network protocols 511
What is DHCP? 511
What is DNS used for? 512
TCP and UDP 512
[ ix ]
Table of Contents
ICMP 513
macOS network configurations 513
Initial network configuration 515
Connecting to Wi-Fi 516
Other types of networks 520
Ad hoc networks 521
Enterprise 524
What are network locations? 525
Configuring additional network services 531
VPN configuration 532
Bonjour 537
Advanced network configurations 538
Custom Wi-Fi configuration 538
Manual TCP/IP configuration 541
NetBIOS/WINS 543
802.1X configuration 544
Network proxies 544
Manual Ethernet configuration 546
Summary 547
Further reading 547
Chapter 13: Using macOS Network Services 548
Using network services in macOS 549
Understanding network services in macOS 549
Types of network services in macOS 550
Network services accounts 550
Mail 551
Notes 552
Calendar 555
Network calendar services 555
Reminders 557
Contacts 558
Messages 559
FaceTime 559
Safari 560
Configuring network services and apps 561
Automatic configuration for essential apps 561
Manual configuration for essential apps 565
Adding additional email accounts 566
Configuring services with an iCloud account 567
Configuring Messages 569
Continuity 570
Sidecar 571
Continuity Markup and Sketch 571
Text Message Forwarding 571
Cellular Calls 572
[x]
Table of Contents
Continuity Camera 575

Auto Unlock 577
Handoff 578
Universal Clipboard 579
AirDrop 580
Apple Pay 580
Instant Hotspot 581
Summary 582
Chapter 14: Using macOS Sharing Services 583
Understanding sharing services 584
What are file-sharing services? 584
Network file service protocols 585
Using file-sharing on macOS 587
Enabling file-sharing on macOS 588
How to connect to file shares 595
Automatic discovery 595
Authentication 597
Manual connection through SMB and AFP 600
Manual connection through NFS, WebDAV, and FTP 603
Creating automatic connections 610
Disconnecting from a mounted share 615
What is AirDrop? 615
Remote controlling and screen sharing 619
Remote controlling via System Screen 621
Connecting 622
Authenticating 623
Controlling 625
Adjusting settings 626
Remote controlling via Messages Screen Sharing 626
Remote controlling via Apple Remote Desktop (ARD) 629
Other sharing services 629
Internet Sharing 629
Printer Sharing 630
Bluetooth Sharing 631
Remote Apple Events 632
Remote Login 633
Media Sharing 635
Summary 636
Chapter 15: Managing Security in macOS 637
Understanding System Security 638
macOS security features 638
Recommended security measures 641
Bonjour/zero-configuration and mDNS security concerns 646
[ xi ]
Table of Contents
What is System Integrity Protection? 646

Understanding hardware security 648
Firmware password 648
T2 Security Chip (Intel-based Macs) 649
Secure Boot 650
External Boot 652
Activation Lock 652
Macs with the Apple M1 silicon chip 653
Understanding application security 654
Application security technologies 655
App sandboxing 655
Code signing 656
File quarantine 656
Gatekeeper 657
Malware detection 658
Notarization 658
Verifying app security settings 659
Opening a non-notarized or unidentified app 660
Understanding Data security and encryption 662
Types of encryption 662
What is FileVault? 663
FileVault Recovery 664
Enabling FileVault 664
Turning off FileVault 666
Changing your recovery key 667
Recovering FileVault access 667
Using your iCloud account 668
Resetting with the local Recovery Key 668
Resetting using the regular user account password reset methods 668
Encryption with the Apple M1 chip 669
Encrypting external media 669
Understanding User security 670
The iCloud Security Code and two-factor authentication 671
Login options 675
Automatic login 675
Display of usernames 676
Enabling the firewall 676
Screen Time 679
Find My 679
Locating your Mac on a map 682
Playing a sound 684
Locking your Mac 685
Erasing your Mac 687
Guest accounts 687
Family Sharing 688
Summary 688
Chapter 16: Using the Command Line 689
[ xii ]
Table of Contents

Using the command-line tool 690
When and why you should use the command-line interface 691
Understanding the structure of a command-line string 691
The sudo command 693
The command-line interface in macOS 694
Using macOS Terminal 695
Creating customized profiles 696
Using marks and bookmarks 698
The default shell on macOS 702
Terminal shell commands 706
Common commands 706
Uncovering hidden files and folders 711
Hiding specific files and folders 713
Monitoring and diagnosing the system 716
Summary 718
Further reading 719
Troubleshooting Tips 720
About Packt 758
Index 759
[ xiii ]
Preface
macOS is the current generation of operating systems running on all Apple Mac
computers. In this book, we will explore the capabilities and tools it offers for system
administration and support tasks. Although many features of the Mac's interface are
covered, this book is not intended to explain all the basic aspects of the hardware and
user interface, but rather the areas pertinent for a user acting as an administrator.
This book will walk you through the world of macOS from a system administration
and support point of view. You will be able to take advantage of the resources macOS
offers for a large variety of common administration tasks. In addition, you will be
empowered to configure key services and perform essential troubleshooting. More
importantly, you will have a good understanding of the macOS environment and its
tools for system administration tasks. For this reason, most of the examples provided
will be from an administrator's perspective. However, when relevant, a standard
user's perspective is also presented. The examples and illustrations we show in this
book are from a Mac running macOS 11 (Big Sur), and sometimes, when necessary,
we refer to other macOS versions, such as macOS 10.15 (Catalina).
On the other hand, we are all aware of the incredible pace at which technology is
changing today. In particular, Apple is implementing improvements and new
technologies at a rapid pace, and this includes its operating systems, such as macOS,
the subject of this book, and its Mac models, with the introduction of the M1 silicon
chip, which will introduce significant changes as its implementation across models
advances. In that respect, we have done our best to make this book useful for all the
most recent macOS versions, and we will do our best to update and review any topics
that are improved or changed over time. However, bear in mind that sometimes it is
not possible to do this as soon as changes or improvements are implemented.
Preface
We will start by understanding how macOS is different from other leading operating
systems, as well as exploring its main and most recent features. Then, we will move
on to installing and configuring macOS, including the use of the recovery system.
Next, we will examine the start up process. After that, we will learn how to manage
users, including important information on user security and privacy. Following that,
we will describe the filesystem to understand the logic behind it, including managing
disks, volumes, and partitions. Next, we will cover ownership and permissions in
macOS and how to manage them. Then, we will jump into managing system
resources, apps, and documents, including backups with Time Machine. In the final
part of the book, we will touch on more advanced topics, such as network
configuration, network services, and sharing services. There is also a chapter
dedicated to the tools available for securing the system. And, finally, we will look at
examples of how to use the command-line tool for administration tasks. An Appendix
that includes troubleshooting steps designed to help you solve various potential
issues and common scenarios is also included.
Who this book is for

The information this book provides is intended for system administrators, support
professionals, technical coordinators, or advanced users looking to learn about the
tools macOS offers for system administration and support. At the same time, if you
are intending to take the Apple Certified Support Professional (ACSP) examination
for supporting and troubleshooting macOS, this book can be a great study guide since
it covers all the topics you need to know to increase your chances of success.
What this book covers

Chapter 1, Overview of the macOS System, Architecture, and Features, is an introduction
to macOS. It explores how macOS is different from other leading operating systems,
reviews its main and most recent features, and explores the basics of its architecture.
Chapter 2, Installing and Configuring macOS, explores the installation of macOS in

various scenarios and the system configuration during and after installation. We also
learn how to use the recovery system to reinstall macOS or to perform a clean
installation.
Chapter 3, The Start Up Process, covers the different stages of the macOS start up
process. It describes the audio and visual cues that happen during the process.
Chapter 4, User Accounts Management, describes the types of users available in macOS
and how to manage them.
[2]
Preface
Chapter 5, Managing User Security and Privacy, includes key aspects of managing user
security and privacy.
Chapter 6, The macOS File System: Disks, Volumes, and Partitions, describes the macOS
filesystem, and this includes managing disks, volumes, and partitions.
Chapter 7, Understanding Ownership and Permissions, explains how ownership and

permissions work in macOS and how to manage them.
Chapter 8, System Resources and Shortcuts, explores what system resources are and
how macOS uses them to optimize the system.
Chapter 9, Understanding Metadata and Searching, examines the tools macOS provides
for the effective use of metadata (such as tags) and searching (with tools such as
Spotlight).
Chapter 10, Managing Apps and Documents, shows the resources that macOS provides
for managing apps and documents efficiently.
Chapter 11, Backups and Archiving, describes the methods available in macOS for
creating backups, more specifically, through the Time Machine app, and archiving.
Chapter 12, Networking in macOS, reviews basic networking concepts for

understanding networking configuration in macOS.
Chapter 13, Using macOS Network Services, explains how to take advantage of the
network services macOS provides for key services such as mail, as well as features
such as Continuity for seamless work across Apple devices.
Chapter 14, Using macOS Sharing Services, explores the sharing services macOS
provides for useful tasks, such as file sharing, remote controlling, and screen sharing.
Chapter 15, Managing Security in macOS, covers system, hardware, application, and
user security topics. It discusses measures and suggestions to improve security in all
these areas.
Chapter 16, Using the Command Line, describes the macOS command-line tool called
Terminal and includes several examples of how to use it for advanced administration.
Troubleshooting Tips, provides tips and suggestions for troubleshooting various

frequently asked questions.
[3]
Preface
To get the most out of this book

You will need a Mac with macOS installed—the latest version, if possible, which, at
the time of publication of this book, is macOS Big Sur. There may be differences in the
UI according to the Mac machine model you are using, whether you are using a Mac
with the Apple M1 silicon chip, with the T2 chip, an iMac, and so on, and we have
tried to point out those differences in most of the examples. However, it is not always
possible to do so every time, or the differences are not significant.
Since this is not a Mac or a macOS user guide, it would be very helpful to be familiar
with the Mac hardware and the macOS environment. If you are new to the world of
Mac and macOS, it might be helpful first to check out a Getting Started guide. There
are many good examples available on the internet that will walk you through the
basics of using a Mac for the first time.
Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in
this book. You can download it here: https://static.packt-cdn.com/downloads/
9781838643652_ColorImages.pdf.
Conventions used
There are a number of text conventions used throughout this book.
CodeInText: Indicates code fragments, folder names, filenames, file extensions, and
pathnames. Here are two examples:
Enter the csrutil disable command.

Both can be accessed from the /Applications/Utilities/ folder.
A block of code is set as follows:

softwareupdate --install-rosetta
Bold: Indicates a tool, an app, or an important word that you see on screen. For
example, words in menus or dialog boxes appear in the text like this. Here is an
example: "Select Edit from the File menu."
[4]
Preface
Warnings or important notes appear like this.
Tips and tricks appear like this.
Get in touch
Feedback from our readers is always welcome.
General feedback: If you have questions about any aspect of this book, mention the
book title in the subject of your message and email us at
customercare@packtpub.com.
Errata: Although we have taken every care to ensure our content's accuracy, mistakes
do happen. If you have found a mistake in this book, we would be grateful if you
would report this to us. Please visit www.packtpub.com/support/errata, selecting
your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the internet,
we would be grateful if you would provide us with the location address or website
name. Please contact us at copyright@packt.com with a link to the material.
If you are interested in becoming an author: If there is a topic that you have
expertise in, and you are interested in either writing or contributing to a book, please
visit authors.packtpub.com.
Reviews
Please leave a review. Once you have read and used this book, why not leave a
review on the site that you purchased it from? Potential readers can then see and use
your unbiased opinion to make purchase decisions, we at Packt can understand what
you think about our products, and our authors can see your feedback on their book.
Thank you!
For more information about Packt, please visit packt.com.
[5]
1
Overview of the macOS
System, Architecture, and
Features
Exploring the macOS operating system, its architecture and features, and the industry
standards it uses is essential to understanding what sets macOS apart from other
leading operating systems, and places you in a better position to help users with their
support questions or problems.
In this first chapter, you will explore the fundamentals of the macOS system and
architecture. Also, you will see the general features, as well as the newest features,
apps, and enhancements, introduced to macOS in the latest version releases at the
time of the publication of this book.
More specifically, we will cover the following topics in this chapter:
Overview of the macOS system and architecture

Overview of the macOS general features
Exploring the new features introduced in the latest macOS releases
Touring macOS
Exploring the macOS version history
Comparing macOS to other leading operating systems
Exploring the industry standards used by macOS
Before we start, let's see the technical requirements for this chapter.
Overview of the macOS System, Architecture, and Features Chapter 1
Technical requirements
To proceed with this chapter, you will need the following:
Basic knowledge of the macOS environment
General knowledge of operating systems and development terminology
Overview of the macOS system and

architecture
This section describes the essential components of the macOS architecture. Although
this book does not intend to explain the macOS architecture in depth, as a Mac
system administrator, support professional, coordinator, or advanced user, you must
be familiar with the underlying components of macOS and how it was conceived and
built. These concepts are necessary to understand how the system works, perform
administrative tasks, and provide better support to end users.
So, let's jump right into the technical aspects of the system.
macOS can be better understood if seen as a layered architecture including key

technologies that are continually improved. New features, bug fixes, and other
improvements and enhancements are added regularly.
macOS is built on the foundation of the 64-bit Mach kernel, which manages processor
resources, memory, and other low-level processes. There is a modified version of the
BSD (Berkeley Software Distribution) operating system on top of the kernel, which
provides interfaces to interact with the lower-level processes. In general, the higher
layers include lower-level technologies for app behavior, and the lower layers include
more specialized technologies.
Perhaps the best way to visualize this is through a graphic. In Figure 1.1, you can see a
representation of this layered architecture and the scope of each layer:
[7]
Figure 1.1 – macOS layered architecture
Let's dive a bit deeper into these layers:
Cocoa application layer: This layer is where the macOS appearance, user
interface, and behavior components are located, including all the features
related to the user experience, such as notifications, Siri, Spotlight, and
many more.
Graphics and Media layer: Here are the technologies responsible for 2D
and 3D graphics, animations, image effects, and audio and video
functionalities. Most recently, advanced 3D graphics are possible, thanks to
the introduction of the Metal framework and API. The Metal framework is
an advanced technology designed for the highest performance of graphics
and computation from GPUs and eGPUs (external GPUs) for amazingly
realistic 3D rendering (even live). This technology works great with
development platforms such as Unity, for example.
Core Services layer: This layer provides the essential services required by
apps not related to the user interface. It's where you will find iCloud
storage services, MapKit for embedding maps into your views and
windows, speech recognition technologies, and much more. More recently,
machine learning and model training functionalities have been added
through a new Apple technology called Create ML, which works best in
combination with Swift to create powerful apps.
[8]
Core OS layer: Here is where low-level service technologies and

frameworks related to hardware and networks are found, including
security features. It's where you will find Gatekeeper, App Sandbox, and
code signing, which we will be reviewing in detail in Chapter 15, Managing
Security in macOS.
Kernel and Device Drivers layer: This is the lowest layer, and it is where
you will find core infrastructure technologies: the kernel, drivers, and BSD-
related components.
In Figure 1.2, you can see the specific features each layer is responsible for in more
detail:
Figure 1.2 – Features and components of the macOS architecture layers
[9]
If you would like to learn more about the Mac technologies behind
macOS, you can visit the Developer site's archive (https://
developer.apple.com/library/archive) and also the new API
reference documentation (https://developer.apple.com/
documentation).
As technology advances in giant leaps, many changes are happening in Apple's

system design, both hardware- and software-wise, the latest being the introduction of
the new Apple silicon (an M1 chip that will progressively replace the Intel chip), and
the new macOS Big Sur, optimized for M1's performance. Developers need to take
into account that they might need to recompile their code for
the ARM64 architecture. If you want to know more about what developers need to
take into account for app development for Macs with the M1 chip, this series of
articles is very helpful: https://developer.apple.com/documentation/apple_
silicon.
Now that you have a general idea of what lies behind the macOS architecture, let's see
what this means in terms of features and capabilities.
Overview of the macOS general features

macOS is the name used for the current generation of operating systems for Mac
computers. Apple's macOS team introduced it after the long-running OS X
generation, which lasted from 2001 to 2016.
Here's a summary of the essential features:
Mac App Store: It is one of the largest marketplaces for apps specifically
designed for the Mac computers. Most of the apps you will ever need can
be found here. It is a safe and convenient way to download apps without
the need for passwords or activation procedures. Apple's team recently
redesigned it, and we will be covering it in more detail in Chapter 10,
Managing Apps and Documents.
Built-in apps: These are essential apps that allow you to be productive
from day one. They are built into macOS, bundled with the installer, and
require no additional licenses. Examples of these apps are Mail, Messages,
Reminders, Safari, Notes, and Contacts. We discuss many of the new and
advanced features of these apps in Chapter 13, Using macOS Network
Services.
[ 10 ]
Continuity: This feature is available from OS X Yosemite and later. It lets

you work seamlessly between devices within the Apple ecosystem. The
current continuity features available are Handoff, Universal Clipboard,
iPhone cellular calls, SMS/MMS messaging, Instant Hotspot, Continuity
Camera, AirDrop, Apple Pay, Sidecar, and Auto Unlock. For example, you
can start writing a message on your iPhone, and using Handoff, continue
working on it on your nearby Mac before sending it. We will discuss the
Continuity feature in detail in Chapter 13, Using macOS Network Services.
iCloud: This is a file storage service that lets you store your files in the
cloud and access them from any device. We discuss this tool in Chapter 10,
Managing Apps and Documents.
Siri: It's Mac's intelligent personal assistant for tasks and multitasking. Siri
can automate tasks, remind you of what you need to do, and make your life
on the go much easier and simpler. We will talk more about Siri in Chapter
9, Understanding Metadata and Searching.
Notifications: This feature lets you stay updated on calendar events, new
messages, incoming emails, and more. You can perform actions such
as replying to a message directly from the notifications. We will see more
about this feature in Chapter 10, Managing Apps and Documents.
Spotlight: This is the macOS tool that allows you to perform powerful
searches. It lets you search for many kinds of information, including items
on your Mac, as well as on the web, Maps, and more. It also offers many
other cool features, such as performing calculations and currency
conversions. We will cover this tool in more detail in Chapter 9,
Understanding Metadata and Searching.
In the next section, we will see the newest features introduced in the latest macOS
releases.
[ 11 ]
Exploring the new features introduced in

the latest macOS releases
In this section, we will explore the new features introduced in the latest macOS
releases, namely macOS Catalina (version 10.15.x) and Big Sur (version 11.x).
Let's start with the latest version launched as of the publication of this book: macOS
Big Sur.
New features introduced in macOS Big Sur

Apple introduced the newest version of macOS, also known as Big Sur, at the World
Wide Developer Conference (WWDC) 2020. The version number of this release is the
transition from the long-running generation of OS X and macOS version 10.x to
version 11.x. The improvements are significant in terms of design and look, new
features, new system sounds, and improvements to apps.
These are some of the features presented by Apple at the WWDC 2020:
Optimized for the M1 chip: macOS Big Sur is designed for the advanced
power, efficiency, and performance that are offered with the new Macs
with the M1 chip, including hardware-verified secure boot and high-
performance encryption. Apple will be transitioning all its new Mac
machines to this new chip, specifically designed by Apple for Mac. If you
want to learn more about the M1 chip, as well as details of which Mac
computers include it currently, follow this link: https://www.apple.com/
mac/m1/.
Improved look: The user interface has been fully improved with a more
modern and refined look with more features at the tips of your fingers. The
Dock has a new floating and translucent design, the top menu bar is also
translucent instead of the typical gray, there's a Control Center that offers
quick access to frequently accessed features, and notifications now appear
grouped.
[ 12 ]
Control Center: This is a new feature accessible through the top menu bar,
which by default includes quick access to Wi-Fi, Bluetooth, AirDrop, Do
Not Disturb, Keyboard Brightness, Display, volume settings, and more
(Figure 1.3). You can customize it to include or exclude settings appropriate
to your activities:
Figure 1.3 – macOS Big Sur Control Center
[ 13 ]
Battery preferences: This new preferences pane replaces the Energy Saver
preferences, and it includes a section on battery usage history, optimized
charging settings, and even scheduling in Mac laptops (Figure 1.4):
Figure 1.4 – Battery preferences
[ 14 ]
Safari: macOS' web browser also has lots of new features. The start page
has been improved to be customizable and to show what you want to
show, and you are now able to set custom background images. A new
privacy button in the toolbar allows you to see what information the
websites you are visiting are tracking and collecting. There is also a new
translation button in the address bar that allows you to translate a web
page to seven major languages easily. Safari tabs now show you a preview
of the open pages in those tabs when you hover over them. Also important
is that Safari extensions are now available through the App Store:
Figure 1.5 – Safari
App Store: The App Store now includes a dedicated category for Safari
extensions. It also provides information on the privacy practices of the apps
you want to download so that you know exactly what to expect.
App improvements: Apps such as Messages, Maps, Weather, Reminders,
and Notes have also been significantly improved in look and added
functionalities, such as effects in Messages (Figure 1.6):
[ 15 ]
Figure 1.6 – Effects in Messages
These are just some of the new features introduced by Apple in macOS 11, Big Sur.
There are many more improvements that you can explore at your own pace.
For a full list of new features in macOS Big Sur, you can visit
this link: https://www.apple.com/macos/big-sur/.
In the next section, we will explore the features introduced in the previous version of
macOS: Catalina.
[ 16 ]
New features introduced in macOS Catalina

Apple introduced the following features in macOS Catalina:
New music, TV, and podcast apps: Perhaps the most significant change in
macOS Catalina was that now there are three dedicated apps specifically
for all the user's entertainment needs: Apple Music, Apple TV, and Apple
Podcasts (Figure 1.7). They replace the well-known iTunes, so it was a big
change. If you would like to see how the switch from iTunes to the new
apps impacts users, you can check out the following article about the
changes to iTunes (https://support.apple.com/en-us/HT210200):
Figure 1.7 – New media apps
The Apple Music app is where you can now organize the music you had in
iTunes by artist, album, and song, as well as other useful categories. You
can subscribe to the paid service to access the entire music catalog, or you
can use it for free to listen to your previously purchased music. You can
also listen to Apple's free radio station, Music 1, or tune in to local radio
stations. You can check which countries the service is available in at this
link: https://support.apple.com/en-us/HT204956.
The Apple TV app is where you can watch, buy, or rent movies and TV
shows. Here, you will also find popular streaming services and cable TV
providers.
In the Podcasts app, you can listen to your favorite podcasts, subscribe to
shows, download episodes, and more.
Apple Arcade: This an "all-you-can-play" subscription service with access
to up to six family members through Family Sharing (covered in Chapter
10, Managing Apps and Documents).
Photos: This app was redesigned to bring you a smarter experience for
browsing, highlighting important milestones, and showing your best shots.
[ 17 ]
Notes: The gallery view was redesigned to help you find your notes
quicker and more easily. You can use folders to share your notes with
others, and a checklist option lets you mark notes as completed, as well as
move those you don't need anymore to the end of the list.
Reminders: This app was also redesigned to make it easier to manage
reminders. Additional capabilities were added as well, such as the option
to add attachments.
Sidecar: This is a new feature introduced in macOS Catalina, which allows
you to extend or mirror your screen using an iPad as your second display.
This feature works well with Apple Pencil, a precision pencil for drawing
and marking (for newer versions of the iPad).
Screen Time: This new app, also introduced in macOS Catalina, allows you
to monitor and schedule screen usage (Figure 1.8). In combination with
the Family Sharing feature, it enables you to set limits to your family
members' communication activities. We cover Family Sharing in Chapter
10, Managing Apps and Documents:
Figure 1.8 – Screen Time
[ 18 ]
Find My: This feature replaces Find My Mac. The difference is that it
combines Find My iPhone and Find My Friends into a single app that
works on Mac, iPad, and iPhone.
Voice Control: This feature offers advanced capabilities for voice-activated
tasks, such as app navigation through numbered labels and verbal
commands for more accessibility possibilities. In fact, Voice Control allows
you to fully control your Mac with your voice.
Safari: Safety and privacy enhancements were introduced to Safari. Also,
the start page now includes your favorite bookmarks, reading lists, iCloud
tabs, and more.
Sign in with Apple allows you to sign in to participating apps and
websites using your Apple ID. You can learn more about this feature and
the requirements to use it in this article: https://support.apple.com/en-
us/HT210318.
The introduction of Mac Catalyst, a set of tools and APIs, is a big deal for
developers as it helps them bring their iPad apps to the Mac natively and
seamlessly. You can find more information on Mac Catalyst here: https://
developer.apple.com/design/human-interface-guidelines/ios/
overview/ipad-apps-for-mac/.
Dark Mode: Apple introduced this feature in macOS Mojave. In macOS
Catalina, there is an additional option when configuring dark mode, the
Auto mode, which switches between light and dark mode automatically.
These appearance modes are available from the General preferences, which
you can access from the Apple menu ( ) by selecting System Preferences,
as seen in Figure 1.9:
[ 19 ]
Figure 1.9 – Dark/Light/Auto mode
Apple's macOS team introduced the following security and privacy enhancements
in macOS Catalina:
Activation Lock: A feature similar to that of an iPhone or iPad. When the

lock is active, you will be the only person able to reactivate it. More on this
feature can be found in Chapter 15, Managing Security in macOS.
Dedicated system volume: macOS Catalina introduces a dedicated read-
only system volume, separate from the rest of the data, thus significantly
enhancing data security.
DriverKit and kernel extensions (kexts): Starting from macOS Catalina,
kexts have become deprecated. This means that hardware peripherals that
used kexts before to run in macOS will now run separately from the
operating system. More on this can be found in Chapter 8, System Resources
and Shortcuts.
If you would like to see an overview of the macOS features directly from your own
Mac, be sure to check out the next section.
[ 20 ]
Touring macOS
You can take a guided tour of macOS through the Finder to learn more about what's
new, learn about the basics (if you are new to Mac), and obtain information on your
MacBook Pro if you own one.
You can do that by clicking on the notification popup that will appear after installing
macOS ( Figure 1.10):
Figure 1.10 – Take a guided tour
If you don't see the notification, just go to the Help menu in the Finder top menu and
select one of the options, such as See what's new in macOS. You will then see a
screen such as the one in Figure 1.11 that will start the guided tour:
Figure 1.11 – Take a guided tour
Now that you have a pretty good idea of the new features in your Mac, let's review
the version history that brought macOS to where it is today.
Exploring the macOS version history

The road to get to the current version of macOS, with all the features it has today, has
been long. In case you are wondering which versions of the operating system Apple
has launched so far, the following is an updated list at the time of the publication of
this book. This information is also useful when you are dealing with the requirements
of certain apps and features; you will most likely read something such as OS X
Yosemite and later, so you need to know which versions come later or earlier:
Version name Version number
macOS Big Sur 11.0
[ 21 ]
macOS Catalina 10.15.6
macOS Mojave 10.14.6
macOS High Sierra 10.13.6
macOS Sierra 10.12.6
OS X El Capitan 10.11.6
OS X Yosemite 10.10.5
OS X Mavericks 10.9.5
OS X Mountain Lion 10.8.5
OS X Lion 10.7.5
Mac OS X Snow Leopard 10.6.8
Mac OS X Leopard 10.5.8
Mac OS X Tiger 10.4.11
Mac OS X Panther 10.3.9
Mac OS X Jaguar 10.2.8
Mac OS X Puma 10.1.5
Mac OS X Cheetah 10.0.4
Visit this page to verify the latest macOS versions available: https:/
/support.apple.com/en-us/HT201260.
We are now familiar with the versions that led us to where macOS is today, as well as
the new features introduced in the latest versions. But you might be wondering how
these features, or macOS for that matter, are different from other leading operating
systems. Let's explore this question in the following section.
[ 22 ]
Comparing macOS to other leading

operating systems
To begin with, macOS was designed with a different logic in mind. Its design was
centered on a clean, easy-to-use user interface with the tools the user needs to start
working right away. In fact, Apple pioneered the free installation of the major
operating system upgrades, which the rest of the industry then quickly followed.
Until then, the prevailing model was to pay for those upgrades. And it wasn't cheap!
No doubt, Apple implemented this to ensure customers had a great motivation to
keep using Macs, no excuses! But, because customer satisfaction is at the very core of
Apple's philosophy, they also implemented this new model to make sure users could
access the improvements and new features, and not let price be an obstacle to enjoy
those benefits. The introduction of the Mac App Store was key to making these
updates and upgrades not only available to end users but also easier to obtain.
Ultimately, the benefit was mutual: end users could access updates and upgrades for
free easily, and Apple increased its user base and made sure critical security updates
were accessible and installed regularly:
Apps: macOS includes a variety of apps, bundled with the macOS installer,
that have essential productivity functionalities, such as Mail, the Safari
browser, Notes, Reminders, Contacts, and Messages. In addition, in the
App Store, you will find thousands of apps, many of them free, including
an entire productivity suite that can easily replace any other office suite. Of
course, we are talking about the iWork suite with its Pages, Numbers, and
Keynote apps. Apple was a pioneer in this type of app management and
integration with an operating system as well. In fact, the App Store remains
one of the largest application marketplaces around. And with more than 20
million developers reported by Apple (WWDC 2018 Keynote), the variety
and flavors of apps will only continue to grow and diversify.
Boot Camp: While you can install macOS on your PC, something that
is known in the community as a Hackintosh, the process is long and
involves many steps and third-party tools. That aside from the fact that
Apple does not authorize its operating system to be installed on machines
other than Mac computers. On the other hand, installing a Windows
operating system on a Mac is easy and quick, thanks to a macOS built-in
utility called Boot Camp. The Boot Camp Assistant makes the process
painless and quick.
[ 23 ]
Integrated ecosystem: There is no other ecosystem of integrated devices

like Apple's Mac, iPhone, iPad, iPod Touch, and Apple Watch. Moreover,
AirPlay lets you share videos, photos, music, and more from Apple devices
to your Apple TV or AirPlay 2–enabled smart TV. Through the Continuity
feature, you can work on all of them and switch from one to the other
seamlessly without downloading or uploading files.
Security and stability: Although macOS is not immune to attacks, it is well
acknowledged that other operating systems are much more often targeted
by malicious software and attackers than macOS. Of course, this is true in
part because of the broader community of users of other mainstream
operating systems, but it is also true because of the operating system
design, which makes it harder to penetrate.
macOS is a unique operating system but, at the same time, it has embraced industry
standards in its design to make it easy for users to configure and integrate with other
systems. In the next section, we describe some of those standards.
Exploring the industry standards used by

macOS
macOS is compatible with the most relevant industry standards: two of the most
important ones are multicast DNS (mDNS) for networking and the Swift
programming language. Let's briefly describe each of them.
Multicast DNS
mDNS is a technology developed to facilitate IP networking configuration. It's related
to a concept you have probably already heard of: zero-configuration networking, or
zeroconf. We know zeroconf in Mac as the Bonjour protocol created by Apple to
facilitate device configuration for local networks.
The Internet Engineering Task Force (IETF) maintains the mDNS standard. The
technical definition of mDNS, as stated in IETF's RFC document, is the
following: "Clients performing DNS-like queries for DNS-like resource records by
sending DNS-like UDP query and response messages over IP Multicast to UDP port
5353."
[ 24 ]
While that might sound like a mouthful, what's important about this technology is
that it allows three significant advantages:
Little or no configuration required to set up DNS names.

It works even when there is no infrastructure present.
It will work during an infrastructure failure.
In other words, Bonjour in Mac computers uses mDNS to perform DNS-like queries
in the absence of a Unicast DNS server. What this means is that users will not have to
worry about setting up a networking configuration on their Mac machines.
Take into account that there are some security concerns with the use of mDNS. We
will discuss those risks and address how to reduce them in Chapter 15, Managing
Security in macOS, of this book.
If you want to know more about mDNS's current status or changes,

you can visit https://www.rfc-editor.org/info/rfc6762.
Another tool used by macOS is the Swift programming language, which is what we
will see next.
Swift
Swift is the programming language embraced by developers to create apps for
macOS, iOS, watchOS, and more. What's important about Swift is that it is developed
openly by a large community of developers. The claim is that Swift makes it easier to
write code for apps that are faster and safer.
Swift's main features are the following:
It produces clean code. It uses a clean and intuitive syntax that is easier to
read, understand, and maintain.
Its design takes security into account. For example, it eliminates entire
classes of unsafe code.
[ 25 ]
Swift was conceived from the beginning to be fast. One of the ways it
achieves this is through the use of the LLVM compiler technology. The
LLVM Project, which started as a research project at the University of
Illinois, is a collection of modular and reusable compiler and toolchain
technologies (https://llvm.org/), which makes it possible to transform
Swift code into optimized native code.
Cross-platform compatibility. Swift can be used to program all Apple
platforms: iOS, macOS, watchOS, and tvOS. It is also compatible with
Linux, and the community is working to make it available on even more
platforms.
It's free. Because it's open source, it has no cost.
If you would like to participate or contribute to Swift development,

you can visit https://swift.org/.
And with this review of the industry standards used by macOS, we have reached the
end of this first chapter, which introduced you to the exciting world of macOS. Be
sure to read the following summary for a recap of the main points covered here.
Summary
Now that you have completed this chapter, you can describe the generalities of
macOS, and you are also aware of the new features introduced in the latest macOS
versions. Also, you know the fundamentals of the macOS architecture and what each
layer of its design is responsible for. This information is essential for you to
understand how Macs and macOS are different from other industry-leading products,
as well as their capabilities and features. This information enables you to explain
those features and differences to other users, to whom perhaps you will be providing
support.
In the next chapter, we will move on to the practical aspects of managing macOS,
starting with the essential tasks of installing and configuring macOS.
[ 26 ]
2
Installing and Configuring
macOS
Installing, configuring, and updating macOS are perhaps some of the most common
and essential tasks you will encounter in your job as a support professional or an
administrator. It all starts with installing the macOS system or updating it if you
already have it installed. Following installation, the configuration of macOS is the
next important task required to personalize the user's experience.
In this chapter, you will learn how to install, update, upgrade, and reinstall macOS, as
well as how to perform the necessary checks, and the requirements to do so. Next,
you will see how to configure the macOS installation and adjust the settings post-
installation. You will also learn how to do other practical tasks, including creating an
installer for specific cases such as clean installations. As mentioned earlier, the tasks
related to installation you will see in this chapter are probably what you will
encounter more frequently when supporting users. Therefore, the information and
examples provided here will help you master all the possible installation scenarios.
Installing and Configuring macOS Chapter 2
More specifically, this chapter will cover the following topics:
Installing macOS
Upgrading macOS
Reinstalling macOS
Updating macOS
Configuring macOS
For this chapter, you will require the following:

A Mac computer with administrator privileges
An Apple ID (optional for enabling iCloud services)
A USB flash drive or external volume
Before performing the tasks assigned in this chapter, it is essential to be aware of the
system and hardware requirements regarding the installation of macOS. Here, we
detail the requirements for the most recent versions of macOS.
Requirements for macOS Big Sur

The current requirements for installing the latest version of macOS 11.0.x (Big
Sur) are as follows:
System requirements:
OS X 10.9 (Mavericks) or later.

4 GB of memory.
35.5 GB of available storage space on macOS Sierra or later. If upgrading
from an earlier version, macOS Big Sur requires around 44.5 GB of
available storage space.
Apple ID (recommended).
An internet connection to download the installer.
[ 28 ]
Hardware requirements:
MacBook 2015 or later

MacBook Pro Late 2013 or later
MacBook Air 2013 or later
iMac 2014 or later
iMac Pro 2017 or later
Mac Pro 2013 or later
Mac mini 2014 or later
Requirements for macOS Catalina

The requirements for macOS 15.6.x (Catalina) are the following:
System requirements:
OS X 10.9 (Mavericks) or later for a direct upgrade*.

4 GB of memory.
12.5 GB of available storage space for OS X El Capitan 10.11.5 or later.
Allow for the fact that in order to upgrade from earlier releases (OS X
Yosemite 10.10 and earlier), you will require up to 18.5 GB of available
storage space.
* To upgrade from OS X Lion or Mountain Lion, you will have to

upgrade to El Capitan first, and then you can upgrade to macOS
Catalina. You will find the instructions here: https://support.
apple.com/HT206886.
Hardware requirements:
MacBook (2015 or later)

MacBook Pro (2012 or later)
MacBook Air (2012 or later)
iMac (2012 or later)
iMac Pro (all models)
Mac mini (2012 or later)
Mac Pro (late 2013, mid-2010, and mid-2012 models will require a graphics
card capable of supporting Metal)
[ 29 ]
Visit this link, https://support.apple.com/en-us/HT201475, to

verify the installation requirements for the latest versions of macOS.
Next, we'll explain how you can check your Mac model and other important details to
verify whether your machine meets the aforementioned requirements.
How to find out your Mac model and specs

You can find out which Mac you have by going to the Apple menu ( ) at the top left
of your screen and then to About This Mac, as shown in the following screenshot:
Figure 2.1 – About This Mac
Once in the About This Mac window, make sure the Overview tab is selected. As
you can see in Figure 2.2, this is a MacBook Pro (15-inch, 2018); hence, it is compatible
with the current system requirements for installing macOS Big Sur. However, the
memory is insufficient, so we will have to fix that before proceeding:
[ 30 ]
Figure 2.2 – About This Mac Overview tab
Another useful way to verify exactly which Mac model you have is by going
to https://support.apple.com/specs and entering your Mac serial number in the
search box (Figure 2.3):
Figure 2.3 – Mac tech specs on Apple's support website
[ 31 ]
After entering the serial number in the search box, click on the Search button, and
you will obtain a result (marked in red in Figure 2.3), which already shows you some
very useful information. However, if you click anywhere on that result, you will see
even more detailed specifications relating to your Mac model (Figure 2.4):
Figure 2.4 – Mac detailed tech specs
[ 32 ]
As you can see, you will not only find out when your Mac was brought to the market,
but also its storage capacity, the type of graphics card, and much more.
Now that we know whether our machine meets the requirements for
installing macOS Big Sur, and after fixing any requirements that were not met, we can
do so. We will explain the steps in the next section.
Installing macOS
In this section, we will discuss the process of installing the operating system, which is
normally done through an upgrade or a reinstallation. Typically, installing the latest
macOS version will be an upgrade process, with no loss of data or user settings. On
the other hand, a reinstallation can be performed both with or without data loss.
However, there are important details to take into account before performing any of
those procedures.
Before installing, upgrading, or reinstalling macOS, you should verify the following:
The installation requirements (system and hardware): These were

described earlier in the chapter.
Compatibility with the apps you want to use: It is essential to verify that
the apps you will use are compatible with the macOS version you wish to
install, as not all of them may be compatible.
Back up your data: A best practice is to use multiple backup options, such
as local, external, cloud storage, or a Time Machine backup, to make sure
you can always recover your data if something goes wrong.
Make a note of your network settings: This is important for ensuring that
you can connect to the internet following installation. Chances are you
won't need this information, but it is safer to have it.
If using a notebook, such as a MacBook, make sure you plug it into an
electrical outlet.
Make sure you are connected to the internet.
Take into account the fact that you require administrator privileges
to perform an upgrade or reinstallation.
Once you have taken the above recommendations into account, you will be ready to
upgrade or reinstall. We will see how to upgrade in the next section.
[ 33 ]
Upgrading macOS
An upgrade will install the next major version of the OS. For example, if you are
running OS X Mavericks, an upgrade will install the latest major release, such as
Mojave or Catalina, and there will be no loss of data or user settings.
You can use three methods to upgrade macOS:
Through an automatic download

Through a manual download
Through the internet
Let's now see how to configure automatic downloads.
Automatic upgrades
You can configure upgrades to download automatically in the background through
System Preferences for the OS or the App Store preferences (available from macOS X
El Capitan and later) for apps.
Perform the following steps to configure this behavior:
1. Open the System Preferences screen. You can access System Preferences
from the Apple menu ( ) at the top left of your screen or through the gear
icon, , in the Dock.
2. In System Preferences, click on the Software Update icon, as shown in
Figure 2.5:
[ 34 ]
Figure 2.5 – Software Update preferences
3. Click the Advanced button, as shown in the following screenshot:
Figure 2.6 – Configuring the automatic download of upgrades
[ 35 ]
4. Make sure the Check for updates and Download new updates when
available options are selected, as shown in the following screenshot:
Figure 2.7 – Configuring automatic updates and downloads
5. With this configuration, you will see a notification indicating that a macOS
upgrade is ready to be installed. This is because you need to check
compatibility and other requirements prior to upgrading to a major
version. Therefore, the upgrade won't be done until you click
the Install button (Figure 2.8). On the other hand, you can program updates
to the currently installed version at a later time by clicking Later or
immediately by clicking on the Install button:
Figure 2.8 – Updates notifications
6. If you want the system to verify the requirements on its own and attempt
to install macOS updates/upgrades, then you should check the other two
boxes (Figure 2.9). However, this is not recommended since this prevents
you from checking whether all your software is ready for the update, and it
can render certain apps incompatible with the new update/upgrade:
[ 36 ]
Figure 2.9 – Configuring the installation of automatic macOS updates
We have seen how to download and install automatic updates/upgrades. However,

you can also do this manually, as we will see in the next section.
Manual upgrades
You can always verify whether upgrades are available through the App Store and
install them manually. We will see how that works in macOS Catalina and macOS Big
Sur next.
Manual upgrades to macOS Big Sur

Perform the following steps to download and install the latest version of macOS:
1. Check the system and hardware requirements as well as the pre-

verification steps, as explained in the Technical requirements and Installing
macOS sections earlier in this chapter.
2. Open the App Store. You will probably see the latest macOS available at
the top of the list, or you can use the search box in the left-hand section to
locate it.
[ 37 ]
3. In Figure 2.10, we used the search box to locate the macOS Big Sur installer.
Click on the installer name or the VIEW button to enter the details page:
Figure 2.10 – Searching for the macOS installer in the App Store
4. Once on the details page, click the GET button to download the installer, as
shown in the following screenshot:
Figure 2.11 – Obtaining the macOS installer
[ 38 ]
If you want to download macOS directly to your Mac without using

the App Store, you may find several macOS versions at this
link: https://support.apple.com/downloads. You can use the
Combo updaters, which allow you to upgrade from any prior
version within the same major release; for example, from macOS
Catalina 10.15.1 directly to Catalina 10.15.7.
5. This action will open the Software Update tool and ask you whether you
want to download the upgrade. As soon as you click on the Download
button (Figure 2.12), the download will start, and you can monitor its
progress:
Figure 2.12 – Downloading the macOS installer
6. Once the download is complete, you will see an Upgrade Now button.
Click on it to start the process.
[ 39 ]
7. Then, the installer will open automatically, as can be seen in the following
screenshot:
Figure 2.13 – Running the macOS installer
Note: If you expect to do more installations, it's a good idea to save a copy
of the installer in another location. The installer will be downloaded by
default into the Applications folder, but it will be removed as soon as
your installation is complete. If you don't save a copy elsewhere and later
need to reinstall or create a bootable disk, you will have to download it
again. To save a copy, just go to the Applications folder before initiating
the installation (Figure 2.14), and then copy the installer into another
location. Also, take into account that installers have an expiration date, so if
using an old installer you saved doesn't work, chances are it has probably
expired, and you will need to acquire a new copy.
Figure 2.14 – Copying the installer to another location
[ 40 ]
8. Navigate back to the installer and then click Continue (Figure 2.13) to
initiate the installation.
9. Accept the Software License Agreement.
10. You will see the window to select the destination volume for the
installation. If you only have the default volume available (usually named
Macintosh HD), only that volume will appear, which is the case for this
example (Figure 2.15), or you can click Show All Disks... to see more
available disk options. Select the volume and then click Install or
Continue:
If you wish to quit the installation at any point, you can click on
the Back button to return to the beginning of the process, and then
you will be able to click Quit from the top menu.
Figure 2.15 – Selecting the install volume
Before macOS High Sierra, your disk was probably formatted as Mac
OS Extended (Journaled). When upgrading to macOS High Sierra or
later, the installer will decide to automatically convert to the new
default Apple File System (APFS) if your hardware supports it.
[ 41 ]
11. You may see a warning about 32-bit apps not supported by macOS (most
likely to appear if you are upgrading to macOS Catalina). If that is the case,
take note of the incompatible software, if any, and then click Continue.
If you need more information about macOS compatibility with 32-

bit apps, check out the following article:
https://support.apple.com/en-us/HT208436.
12. Administrator privileges are required. Therefore, enter your admin

password to continue.
13. The installation will start, and the time remaining will be shown in the
progress bar, as seen in the following screenshot:
Figure 2.16 – Installation progress
Allow your computer to complete the installation. Don't close your

Mac's lid or put it to sleep while the installation is proceeding, as
this may cause problems. You can click on Cancel at this point if
you wish to stop the installation. If you cancel, the system will revert
to the previous operating system.
[ 42 ]
14. Once the installation is complete, you will see a login screen. Since we are
upgrading to macOS Big Sur in this example, you will see a screen similar
to the one shown in Figure 2.17:
Figure 2.17 – macOS Big Sur login screen
15. Once you log in, you will be taken through a quick setup process. Take into
account the fact that the screens you see will depend on your current
configuration; for example, whether you have an Apple ID linked to your
account. We will see a complete setup process in the The Setup Assistant
process section at the end of the chapter.
And that's it! You now have the latest version of macOS. Let's now check the third
way to upgrade: through the internet.
Through the internet

The final method that can be used to upgrade your macOS is through the internet.
However, since this is also a reinstall method, this procedure will be covered in full in
the Reinstalling macOS via internet recovery section, included in the next part of this
chapter.
[ 43 ]
Reinstalling macOS
The difference between an upgrade and a reinstallation is important. During an
upgrade of a Mac that already has a system installed, the next major version of the OS
will be installed. During a reinstallation, we are not limited to installing the next
major version, but any supported version can be installed really. Reinstallations can
be done with or without data loss, except in the case of a clean installation, which
requires the system volume to be erased.
You would perform this task in these example cases:
When you have a Mac computer with an old OS installation or when the
OS is corrupted.
When you have just purchased a Mac and want to start with a new, fresh
installation that will erase everything on the disk. This is also known as a
clean installation.
You are selling your Mac and want to erase all your data for security and
privacy purposes.
You can approach reinstallation through three methods:
The internet
The macOS Recovery system
An external installer
It is important to note the following:
In all the preceding cases, if you don't erase the disk, you can keep your
files and user settings intact.
The first option not only reinstalls macOS but also upgrades it to the latest
version compatible with your Mac.
Through the second and third options, you can also choose to erase the
disk and make a clean installation (erasing all volumes on your disk).
Let's explore the three options in more detail.
[ 44 ]
Reinstalling macOS via internet recovery

The internet recovery tool can be used both for upgrading and reinstalling. There are
several options:
Pressing Option + Command + R at startup will upgrade to the latest macOS

compatible with your Mac with no loss of data or user settings.
Pressing Shift + Option + Command + R at startup will reinstall the macOS
version that came with your Mac originally, or the closest version still
available and supported. In fact, if you completely erased the Mac's internal
disk, this may be the only option available to reinstall macOS unless you
have a bootable installer and you have permission to boot externally.
When pressing Command + R at startup, you can access the Recovery
interface and reinstall the current macOS version with no loss of data, or
you can first erase the disk and perform a clean installation.
Using the first two methods is very easy and requires almost no intervention on your
part:
1. Turn off the Mac if it's on, or restart it.

2. As soon as your Mac is restarting, and depending on what you wish to
accomplish, press either of the first two key combinations described earlier
for a little while, or until a spinning globe or a progress bar appears, and
then release the keys. This process will start automatically.
Heads up! This can take a while (depending on your internet connection), so be
patient.
Take into account that the commands described are not available for Macs with the
Apple M1 silicon chip. The procedure to use the Recovery for reinstallation with M1
Macs is described later in this chapter.
The third option requires more steps. We will explore this in detail in the next section.
[ 45 ]
Reinstalling through the macOS Recovery

system
The third option, reinstalling through the macOS Recovery system, requires more
explanation. This method is important because it is the one that allows you to reinstall
the version currently installed on your computer without losing any of your data.
You will need this method, for example, if your system is corrupted and requires a
reinstallation, but you don't really want to change anything; you just want everything
as it was. But you can also use this method to erase the disk first and perform a clean
installation.
If you would like to see specific instructions relating to other OS

versions, visit this page on How to reinstall macOS: https://
support.apple.com/guide/mac-help/reinstall-macos-mchlp1599/
mac.
In this section, we will explore the following:
What is the macOS Recovery system?

Accessing macOS Recovery with Catalina and earlier (Intel Mac)
Accessing macOS Recovery with Big Sur (Intel Mac)
Accessing macOS Recovery in Macs with the M1 silicon chip
How to perform a reinstallation with macOS Catalina Recovery
How to perform a reinstallation with macOS Big Sur Recovery
How to perform a clean installation
Before we go through the steps of an actual reinstallation, let's take a look at the
Recovery system in more detail.
What is the macOS Recovery system?

The macOS Recovery system is a volume in the Mac boot volume that includes a set
of utilities to help you perform the following tasks:
Install/Reinstall macOS.
Restore your system from a Time Machine backup.
Access the Disk Utility to repair or erase your volumes, and more.
Access the Online Help.
Perform additional advanced tasks.
[ 46 ]
Next, we will see the process of using the macOS Recovery system on a Mac with
macOS Catalina, and we will review the other options available as well.
Accessing the macOS Recovery system with

macOS Catalina and earlier (Intel Mac)
To access the macOS Recovery utilities, you will need to start up from the macOS
Recovery system. Perform the following steps to do this:
1. Turn off your Mac if it's on.

2. Turn on your Mac and, at the same time, press Command + R for a few
seconds, or until a spinning globe or a progress bar appears.
3. In Figure 2.18, we see what the recovery interface looks like in macOS
Catalina. You will see the following options:
Restore From Time Machine Backup
Reinstall macOS
Get Help Online
Disk Utility
Figure 2.18 – macOS Catalina Recovery interface
These additional options are available through the top menus:
Startup Disk
Startup Security Utility
Network Utility (macOS Catalina and earlier)
Terminal and Reset Password
Let's take a look at each of these options in a bit more detail.
[ 47 ]
Startup Disk
Startup Disk is accessed from the Apple menu ( ) in the macOS Recovery interface,
as shown in the following screenshot:
Figure 2.19 – macOS Catalina Recovery – Startup Disk
By choosing Startup Disk, you can specify which volume the computer will use to
boot from on the next restart (Figure 2.20):
Figure 2.20 – Selecting the startup disk
You also have the option to restart the computer in Target Disk Mode... as seen in
Figure 2.20.
[ 48 ]
Startup Security Utility

Startup Security Utility lets you set up a firmware password. This tool is accessed
from the Utilities menu, as shown in Fig. 2.21:
Figure 2.21 – The Recovery Utilities menu
We explain the steps to set up a firmware password in detail in Chapter 5, Managing

User Security and Privacy.
Network Utility
The Network Utility tool lets you use advanced network troubleshooting tools, such
as ping and traceroute. You can access this tool from the Utilities menu as well
(Figure 2.21). We will see the options available in this tool in detail
in Troubleshooting Tips. Take into account the fact that this utility has been
deprecated in macOS Big Sur.
Terminal and Reset Password

Terminal is macOS's command-line interface for advanced management tasks. The
use of Terminal is covered in Chapter 16, Using the Command Line.
This tool also includes an important feature that can only be used through Terminal:
the resetpassword command. When you use this command, you can reset any user
password, including the admin password. We will see more on
the resetpassword command in Chapter 5, Managing User Security and Privacy.
Now that we have seen what you can do with macOS Recovery, let's see how to
access it from macOS Big Sur.
[ 49 ]
Accessing the macOS Recovery interface with

macOS Big Sur (Intel Mac)
Take into account that with macOS Big Sur, we access the Recovery system in the
same way as with macOS Catalina (explained in the previous section). It has pretty
much the same options and functionalities described, but there are some changes that
we discuss here:
The interface has been significantly redesigned, as you can see in Figure
2.22:
Figure 2.22 – macOS Big Sur Recovery
Security has also been tightened for this tool: you will need to authenticate
with a known admin account to access it.
The top menu now has the first menu option called Recovery instead of
macOS Utilities.
You won't find Network Utility anymore in the Utilities menu option
since it has been deprecated.
Macs with the T2 chip have extra security options in Startup Security
Utility in the Utilities menu. We will explore that in Chapter 15, Managing
Security in macOS.
Also, if you have a Mac with the M1 Apple Silicon chip, accessing the Recovery is a
bit different, and there are a few extra options in the menu. We'll explore that next.
[ 50 ]
Accessing the macOS Recovery interface in Macs

with the M1 chip
If you have a Mac with the Apple M1 Silicon chip, the process is a bit different. If you
are not sure if you have it, you can easily check by going to the Apple menu ( ) and
selecting About This Mac (make sure you are in the Overview tab), as shown in Fig.
2.23:
Figure 2.23 – Mac with Apple M1 chip
Follow these steps to access macOS Recovery when using a Mac with the M1 chip:
1. Turn off your Mac and restart it while pressing and holding the Power
button until you see the startup options.
2. Select the icon with the name Options, and click Continue, as seen in
Figure 2.24:
Figure 2.24 – Recovery access in Macs with Apple M1 chip
[ 51 ]
3. If prompted, select an administrator for whom you know the password,

and press Next.
4. You should then see the Recovery interface (Figure 2.22).
The Recovery options are similar to those found in Catalina and Big Sur (Figure 2.22);
however, there are some differences:
There is an additional option present in the Utilities menu, Share

Disk..., which helps to transfer files between two Mac computers;
something that was accomplished in Intel Mac models through a mode
known as target disk. The shortcut to engage target disk mode is no longer
available on these Macs.
Also, Startup Security Utilities is different. A significant change is that
setting a firmware password is no longer possible. We will explore this in
more detail in Chapter 15, Managing Security in macOS.
The reinstall process is explained next, and it's very similar for all the latest versions
of macOS.
How to perform a reinstallation with macOS Catalina

Recovery
Perform the following steps for a reinstallation with no loss of data through Recovery
in macOS Catalina:
1. Ensure that you have checked the system and hardware requirements, as
well as the pre-verification steps, as explained in the Technical
requirements and Installing macOS sections earlier in this chapter.
2. Access the macOS Catalina Recovery interface as explained earlier.
3. At this point, if a firmware password has been set, you will be asked to
enter that password. If no firmware password is set, you will proceed to the
macOS Recovery interface (Figure 2.21).
4. In this example, macOS Recovery will reinstall the current version already
installed on this machine, which in this example is macOS Catalina. Select
the Reinstall macOS option and click Continue.
5. You will see the window to choose a language for the installation (Figure
2.25). Don't worry about the display language. You can easily change it
in System Preferences post-installation:
[ 52 ]
Figure 2.25 – macOS reinstallation
6. The installer will open (Figure 2.26). Click Continue to proceed with the
installation:
Figure 2.26 – macOS Catalina installer
[ 53 ]
7. Accept the Software License Agreement.

8. Next, you will see the window to select the disk where you wish to install
macOS. Choose the desired disk. Typically, the default option will be
Macintosh HD (as seen in Figure 2.16).
9. The installation will proceed at this point, and you will be able to monitor
through the progress bar.
10. As soon as the reinstallation is complete, you will see the login window.
11. That's it! The next steps are the setup process, which we explore in the The
Set Up Assistant process section at the end of the chapter.
In the next section, we will see a reinstallation with macOS Big Sur Recovery.
How to perform a reinstallation with macOS Big Sur

Recovery
Perform the following steps for a reinstallation with no loss of data through Recovery
in macOS Big Sur:
1. Follow steps 1-3 outlined in the previous procedure.

2. macOS Big Sur requires entering an administrator password to access the
Recovery interface. Select a known administrator, and click Next. Then,
enter the password and click Continue.
3. You should now see the macOS Big Sur Recovery interface (Figure 2.22).
Select the Reinstall macOS option and click Continue. In this example,
macOS Recovery will reinstall macOS Big Sur, the current version already
installed on this machine.
4. When you see the macOS Big Sur installer appear, as seen in Figure 2.27,
click Continue:
[ 54 ]
Figure 2.27 – macOS Big Sur installer
5. Read and accept the terms of the software license agreement. Click Agree
at the prompt to continue.
6. Select the volume you want to reinstall and click Continue. The default will
be Macintosh HD.
7. The installation will start, and you will see a progress bar that will allow
you to monitor the process. Beware that this can take a long time.
8. Your Mac will probably reboot several times, and you will see the Apple
logo with a progress bar. This is normal. Don't turn off the machine or stop
the process.
9. When finished, you will see the login window appear. Log in as usual.
10. That's it! The next steps relate to the setup process, which we explore in the
section on The Setup Assistant process, at the end of the chapter.
We have just covered the steps required to perform a reinstallation without data loss.
In the next section, we will look at the steps associated with a clean installation.
[ 55 ]
How to perform a clean installation

A clean installation means you want to start fresh with a new installation without any
prior data. Performing a clean installation requires that you erase the disk first;
therefore, follow these steps to do that:
1. Make sure you have checked the system and hardware requirements, as
well as the pre-verification steps, as explained in the Technical
requirements and Installing macOS sections earlier in this chapter.
2. Access macOS Recovery, as indicated previously for your corresponding
macOS version.
3. In the Recovery interface (Figure 2.22), select the Disk Utility option.
4. In Disk Utility, select View | Show All Devices from the top-left menu, as
shown in the following screenshot, to see not only the volumes but all the
devices:
Figure 2.28 – Disk Utility interface
[ 56 ]
5. From the sidebar in Disk Utility, select the disk or volume to erase. This is
the volume where you will install macOS, usually with the name of
Macintosh HD. For example, in Figure 2.28, Apple SSD macOS... is the
disk, Container disk4 is a container on that disk, and Macintosh HD is a
volume in that container. In most cases, selecting the system volume
(Macintosh HD) would be enough. But in some cases, you might want to
select the whole disk if you want to make sure that everything is fully
wiped out from the disk so that the installer recreates a clean boot disk
structure and volume group. However, bear in mind that this action will
also erase the Recovery volume, and the only methods you will have left to
reinstall your machine are through the internet recovery procedure
described earlier or through an external installer, provided that your
machine is configured to accept booting from external devices (a setting
configured in advance in Startup Security Utility).
Bear in mind that only APFS-formatted disks show containers, as

seen in Figure 2.28. We cover disk formats in Chapter 6, The macOS
File System: Disks, Volumes, and Partitions.
6. Be sure to select the proper volumes, containers, or disk, as erasing will

wipe out all the information, and this cannot be reversed. In some cases,
you might be able to recover lost data with third-party tools, but it's not an
easy process, and there is no guarantee that you will be able to recover any
data. With that in mind, when you are certain, click Erase at the top (Figure
2.28). In the following example, we selected Macintosh HD (the system
volume) to be erased, as we will be reinstalling using the Recovery system,
and we don't want to wipe that out. Because this is a clean installation, it is
OK to choose that volume since we want to erase the system and start fresh
with a new copy. However, take into account that this will leave not only
the Recovery volume but all the other volumes in the boot disk, as well as
any other volumes that might have been created by the previous owner.
[ 57 ]
7. After clicking Erase, you will see a pop-up window where you need to
enter the following information:
Name: I would keep Macintosh HD, the default name for the system
volume, for simplicity, but you can name it anything you want. If you
decide to change it, be sure to use an adequate name to identify the system
volume easily.
Format: Choose APFS (default) or Mac OS Extended (Journaled) if you
require compatibility with Mac computers using macOS 10.12 or
earlier. Disk Utility will show a compatible format by default.
Scheme: If it shows as an option, choose GUID Partition Map.
8. Once that information is configured, you can go ahead and click the Erase
Volume Group button. This will also erase the user data volume. If you
don't see this button, click Erase.
9. If you didn't erase the volume group, you should also erase the Macintosh
HD - Data volume, which is where the user information is stored. Ensure
you have a backup of that volume if you want to keep the data stored in
that volume. Repeat steps 7 and 8 for this volume.
10. Quit Disk Utility when done to go back to the macOS Recovery menu.
11. You can now install macOS on the disk or volume. Once in the Recovery
menu, follow the steps under How to perform a reinstallation for your
appropriate macOS version.
If for any reason, the installation process fails, you can attempt a
reinstallation through the internet recovery procedure by
pressing Shift + Option + Command + R at startup. For this process to
work, you require a good internet connection.
Once reinstallation has completed successfully, what comes next is the Setup
Assistant process. We will cover that process in detail later in this chapter, but before
that, we will see one last method of installation through the use of an external
installer.
Using an external installer

Another method for installing macOS is through a bootable installer, such as an
external drive or an additional volume on your computer. This installation media will
contain not only the macOS recovery environment and tools but also a full set of
installation assets to start up and install the operating system.
[ 58 ]
This installation media can be useful in these scenarios:
When you need to install a specific version of macOS

When you have to install many computers, so you don't have to download
the installer every time
When you are not able to reinstall from the local recovery partition because
it is not present or it is damaged
When you have completely erased the disk, including the Recovery volume
The creation of a bootable installer requires the use of Terminal, a

command-line interface, on a working Mac machine. Advanced
users and administrators should use this tool.
The creation of a bootable installer, also known as installation media, has a number of
requirements that you should consider first:
You need an external volume or a USB with at least 12 GB of available

space for macOS Catalina and earlier, and 14 GB for Big Sur; new or able to
be erased, since it will be formatted.
The volume or USB should be formatted as Mac OS Extended.
A copy of the macOS installer on a working Mac machine.
Administrator privileges.
It is also important to know that in order to use a bootable installer, you need
permission to boot from an external media in the machine you want to reinstall. On
newer Mac systems, the default setting in Startup Security Utility is to disallow
booting from external or removable media. Therefore, this setting must be changed in
advance. You can learn more about Startup Security Utility in Chapter 15, Managing
Security in macOS.
There are several steps involved in creating a bootable installer:
1. You should first format the external volume you will be using.
2. Next, you will need to download a macOS installer; typically, from the App
Store.
3. Then, you will have to use the createinstallmedia command in
Terminal.
4. Finally, it's always a good idea to test the installer before using it.
The steps involved in each of these mandatory tasks are detailed here.
[ 59 ]
Formatting the external volume or USB

To create a bootable installer, you should first format the volume or USB you will be
using with the GUID partition scheme. Don't forget that this will erase all the data in
that volume or disk. Perform the following steps to do this:
1. Open Disk Utility located under Utilities in the Applications menu, as

seen in the following screenshot:
Figure 2.29 – Disk Utility
2. Plug the external disk/USB into your computer if this has not been done
already.
3. In the sidebar, look for the disk you inserted, and be sure to select the
device entry and not the volume below it. In the following example, we
have an old USB with a macOS Mojave installer, and we want to create a
new installer with a newer version of macOS, for example, macOS Big Sur.
Therefore, we will erase the current installer so as to create a new one.
Select the USB in the left-hand panel (Figure 2.30):
[ 60 ]
Figure 2.30 – Selecting the USB to erase
4. Click the Erase button in the toolbar at the top (Figure 2.30).
5. You will then see a prompt to enter a name, a format, and, if available, a
scheme, as shown in the following screenshot. Give the disk a descriptive
name (for this example, we will call it MyVolume), and choose Mac OS
Extended (Journaled) as the format. Next, select GUID Partition Map as
the scheme, if it's shown as an option. When ready, click the Erase button
(Figure 2.31):
Figure 2.31 – Selecting the volume format
6. The process will start, and you will be able to monitor its progress. You can
also see more details by expanding Show Details, as seen in Figure 2.32.
[ 61 ]
7. When the erase process is complete, you will see a green checkmark (refer
to the following screenshot). At that point, you can click on Done and quit
Disk Utility to proceed with the next steps:
Figure 2.32 – Media installer process details
Now that the volume is prepared, let's move on to the next step for creating our
bootable installer: downloading the installer.
Downloading a macOS installer from the App Store

The next step is to download a macOS installer from the App Store on your Mac
computer or check to see whether you already have one from the previous steps. In
the Manual upgrades section of this chapter, we explain in detail how to download the
current macOS installer and also installers for previous versions. For our current
example, we will use the macOS Big Sur installer that we downloaded earlier. Also,
take into account the following:
If you download the installer from the App Store, it will open as soon as it
finishes downloading. When that happens, just quit the installer.
An installer downloaded from the App Store would normally be saved in
the Applications folder with a name such as Install macOS Big Sur.
If you have already used the installer, it will probably be gone unless you
saved it to another location before using it. In this case, you will need to
download it again.
Also, you should know that installers have an expiration date. So if you
cannot install with an old installer you saved, chances are it has probably
expired, and you will need to download a new copy.
[ 62 ]
Now that we have the installer we will use for this install media, let's move on to the
next step.
Using the createinstallmedia command

The next step is to use the createinstallmedia command. For this step, you will
need to know the following:
The exact name and location of the media you will be using as a bootable
installer
The exact location of the macOS installer
To use the createinstallmedia command, perform the following steps:
1. Open Terminal located under Utilities in the Applications menu, as seen

in the following screenshot:
Figure 2.33 – Accessing Terminal
2. Type or paste the following command in Terminal. Note that this example
assumes that the installer is in the Applications folder and
that MyVolume is the name of the USB or volume we're using to create this
bootable installer. Replace those variables, if necessary:
sudo /Applications/Install\ macOS\ Big\
Sur.app/Contents/Resources/createinstallmedia --volume
/Volumes/MyVolume
3. Press Return.
[ 63 ]
If you see a warning indicating that the default interactive shell is

now zsh, check Chapter 16, Using the Command Line, for
information on how to change it.
4. When asked, type your administrator password and press Return. Bear in
mind that Terminal won't show anything while you type your password,
which is expected (Figure 2.34):
Figure 2.34 – The createinstallmedia command
5. When prompted, type Y to confirm that you want to erase the volume and
press Return. The process will start, and you will be able to see the progress
in the Terminal output.
6. In macOS Big Sur, you might be asked for permission to access files on a
removable volume. Just click OK. This process can take several minutes.
Please be patient and don't close the Terminal window.
7. When completed, you will see an output similar to that shown in Figure
2.35:
Figure 2.35 – Installing the media Terminal output
8. The created installation media will have the same name as the installer you
downloaded (for example, Install macOS Big Sur).
[ 64 ]
9. You can now quit the terminal by pressing Control + Q or going to

the Terminal menu and selecting Quit Terminal.
For information on the exact commands to create a bootable installer

disk for different macOS versions, check this article: https://
support.apple.com/HT201372.
Now that we have created our bootable installer, it's time to test it and use it.
Testing and using the bootable installer

It is time to test and use the bootable installer. Follow these steps for Intel-based
Macs:
1. Eject the disk you created if you will be testing it on another computer.
2. Turn off the computer you will be using to test and insert the bootable disk.
3. Restart the computer and hold down the Option key as soon as it starts up.
4. You will see the available startup volumes, including the USB install media
icon, which should show the name of the installer you used; for example,
Install macOS BigSur.
5. At this point, if you're not ready to reinstall, just quit or restart the
computer. If you'd like to proceed with the installation of the operating
system, you may do so by selecting the bootable disk and continuing with
the installation process, which is similar to what we have seen already in
the reinstallation process.
Follow these steps for M1 silicon Macs:
1. Make sure that you have verified the system and hardware requirements,
as well as completing pre-verification steps.
2. Insert the bootable disk into a Mac that is connected to the internet.
3. Turn on your Mac and keep the Power button pressed until you see the
startup options window (Figure 2.24). This will show any bootable volumes
and an Options icon.
4. At this point, if you're not ready to reinstall, just quit or restart the
computer. If you'd like to proceed with the installation of the Operating
System, select the bootable disk and continue with the installation process,
which is similar to what we have seen already in the reinstallation process.
[ 65 ]
Once macOS is installed on your Mac, you will see the Setup Assistant, which will
guide you through the initial configuration process. We will detail this process later
in this chapter.
Updating macOS
An update performs an incremental installation on macOS. In this case, the version of
the OS will not change; only updates to the current version will be applied (for
instance, an update of macOS Catalina 10.15.3 to macOS Catalina 10.15.4). These are
usually system/security and software updates.
There are three types of updates:
Software updates
System updates
Firmware updates
Let's take a look at each of these types of updates next.
Software updates
Software updates will normally refer to updates of macOS (minor versions) and
software included with macOS. By default, an Updates Available notification, like
the one in Figure 2.36, will show when software updates are ready to be installed. You
will also know whether an app update is available through a red badge with a
number in the App Store icon in the Dock:
Figure 2.36 – Software updates notification
You can simply click on Restart to apply the updates or choose a Later time.
If these notifications are annoying to you, you can disable them. We will explain how
in the next section.
[ 66 ]
Disabling update notifications

If you no longer wish to see notifications regarding updates on the desktop, they can
be disabled in the following way:
1. Go to System Preferences, click Software Update, and then the Advanced

button, as we saw earlier, in Figure 2.6.
2. Uncheck the Check for updates box, as shown in the following screenshot:
Figure 2.37 – Software updates notification
Bear in mind that you need administrator privileges to download

and install app updates automatically and to change software
update preferences, as well as an Apple ID to automatically activate
the download of apps purchased on other Mac computers.
These settings are configured in System Preferences, but there are other related
settings in the App Store preferences. We will see these next.
Automatic App Store updates

You have additional settings in the App Store preferences that you can change to
customize the behavior regarding app updates.
[ 67 ]
To change the App Store preferences, perform the following steps:
1. Go to the App Store menu by clicking its icon, , in the Dock or from the
Applications folder.
2. Select Preferences from the App Store menu, as shown in Figure 2.38:
Figure 2.38 – App Store Preferences
3. In the preferences, enable Automatic Updates (Figure 2.39):
Figure 2.39 – App Store automatic updates
[ 68 ]
Bear in mind that if the Automatic Updates option is activated, the system attempts
to update the following software:
Updates and upgrades to macOS and software bundled with macOS

Updates to software bought from the App Store
You can also verify whether updates are available and apply them manually, as we
will see in the next section.
Manual App Store updates

You can verify manually whether updates are available by going to the App
Store and clicking on Updates.
Follow these instructions to apply App Store updates manually:
1. Open the App Store and click on the Updates tab. In macOS Mojave and
later, you can access Updates from the side menu in the redesigned App
Store, as seen in Figure 2.40:
Figure 2.40 – macOS Catalina and later App Store updates
2. Next, click the Update All button (Figure 2.40) to install all available
updates or click the individual UPDATE buttons to update just the
elements you want to. Take into account that in order to update a
purchased app, you need to be signed in with the Apple ID used to acquire
the app initially in order to apply any available updates.
[ 69 ]
In this section, we have seen how to do software updates. The second type of update
is the system type, and we will look at it next.
System updates
System updates are system data files and security updates. These updates include the
following:
Security configuration updates, which help identify malicious software

and removes it upon restart after the update is applied. Other security
configuration updates include the Core Services application, Gatekeeper,
and Incompatible Kernel Extension Configuration Data.
System data files, which add new assets to features, such as new speech-
recognition assets, updated fonts, improved language models, and more.
The same type of notification as shown earlier, in Figure 2.36 will appear for system
updates, but with the System Preferences icon instead of the App Store icon. Clicking
on Install will take you to the Software Update window.
Because of the importance of these updates, you should make sure that your system is
updated at all times and that system background updates are done automatically.
To verify directly whether your software is up to date, go to the Software

Update preferences:
1. Open System Preferences.

2. Click on Software Update. At this point, the system will check whether
your software is up to date and show you any available updates. In Figure
2.45, Software Update indicates that this Mac is up to date.
3. If Automatically keep my Mac up to date is selected, as seen in Figure
2.41, system files and security updates are installed automatically when
they are available:
Figure 2.41 – Automatic system updates
[ 70 ]
4. When Automatically keep my Mac up to date is enabled, all the options

shown in Figure 2.42 are enabled. These options can be seen if you click on
the Advanced button shown in Figure 2.41:
Figure 2.42 – Advanced system update preferences
If Automatically keep my Mac up to date is deselected, Install macOS

updates and Install app updates from the App Store are deselected.
Therefore, you will receive notifications, but they won't be installed
automatically; you will have to do it manually.
5. Back in the Software Update window (Figure 2.41), if there are any updates
available, you will be able to click Update Now or close the window to do
it later. If you click on More Info..., you will see a window like the one in
Figure 2.43 with more details on the available update. You can also
choose Install Now from this window or Cancel Scheduled Updates:
Figure 2.43 – More Info
[ 71 ]
Another way to know whether you have updates ready to install is through the Dock.
You will see a red badge with a number on the System Preferences icon (Figure 2.44)
in the Dock to indicate the number of system updates available:
Figure 2.44 – System updates red badge
The third type of update is the firmware type. Let's explore this next.
Firmware updates
Firmware refers to computer chips with data and programs on them. These are
included when the computer is manufactured. They tell the computer how to perform
tasks. Therefore, keeping the firmware up to date is a best practice for optimized
performance, compatibility, and security. Otherwise, you could encounter problems
when installing, upgrading, or updating the operating system. In particular, you
should update your firmware after updating or before reinstalling macOS.
In most systems, firmware updates will be performed automatically. The installer

uses your Mac model information to install the appropriate firmware update for your
Mac. There are rare cases with old Mac Pro models that might require administrator
intervention.
[ 72 ]
Also, bear in mind that on a Mac with the Apple M1 silicon chip, the firmware update
may fail. We will see what we can do in that case in Troubleshooting Tips.
With this information, we have reached the end of this section on updating macOS,
including software, system, and firmware updates. In the next section, we will see the
process that takes place after installing/reinstalling a Mac: configuring the installation.
Configuring the macOS installation

After you have installed, upgraded, or reinstalled macOS, you are taken through a
setup process as soon as you log in with the existing or created admin user. In this
section, we will see the common tasks related to the post-installation configuration,
including the following:
The Setup Assistant process

Adjusting the system settings
Benefits of configuring iCloud
Let's take a look at each of these tasks in detail.
The Setup Assistant process

The Setup Assistant, also called the "initial" configuration, is a tool that has the sole
purpose of guiding you through the macOS configuration as soon as the
installation/reinstallation process completes. Bear in mind that all the settings that
will be configured through this process can be changed later. The Setup Assistant can
also be seen in other installation/update-related processes, but the options you will
see will vary accordingly.
[ 73 ]
Right after the installation is complete, the Setup Assistant process will initiate. These
are the screens you will see in the case of a clean installation of macOS Big Sur
through the Recovery system (the screens you see may vary depending on the OS
version installed):
1. You will be asked to choose your country (Figure 2.45):
Figure 2.45 – Selecting your country
2. Next, you will see the Written and Spoken Languages configuration
screen. Click Customize Settings to set up your written and spoken
languages, or click Continue to accept the default options (Figure 2.46). For
this example, we will click Continue:
[ 74 ]
Figure 2.46 – Regional settings
3. Next, you will see the Accessibility options, which you can set up at this
moment. We will click Not Now to skip to the next screen (Figure 2.47):
Figure 2.47 – Accessibility options
4. You will now see a screen with important information regarding your data
and privacy. You can click on Learn More... if you want to see more details
about how your data and privacy are handled. When ready, click
Continue.
[ 75 ]
5. Next, you will have the option to transfer information to the Mac from
various sources, such as another Mac, a Time Machine backup, a startup
disk, or a Windows PC (Figure 2.48). Alternatively, you can choose not to
transfer any information at this time. For this installation, we will choose
Not Now to skip the transfer of information:
Figure 2.48 – Deciding whether to transfer information
6. Next, you can choose to sign in with your Apple ID (Figure 2.49) so that you
can take advantage of other features, such as iCloud, iTunes, App Store,
and iMessage. If you don't have an Apple ID, you can create one at this
point as well. For this installation, we will choose Set Up Later. You will be
asked if you are sure you want to skip this step; click Skip to continue:
Figure 2.49 – Signing in with an Apple ID
[ 76 ]
7. Now, you will be asked to agree to the Software License Agreement. Click
on Agree.
8. In the next step (Figure 2.50), you will need to create a user account and
password. This first account will have administration rights and will be the
main account (in other words, the administrator account). When ready,
click Continue:
Figure 2.50 – Creating the main (administrator) account
9. Next, you will see the Express Set Up screen (Figure 2.51), which will
configure some features for you, including apps such as Maps and services
such as Find My. You can choose Customize Settings or click Continue to
proceed and accept the default configuration:
Figure 2.51 – Express Set Up
[ 77 ]
10. Next, you will be asked whether you want to share crash and usage data
with Apple. We will leave the default option and click Continue.
11. When upgrading/installing macOS Catalina and later, you will see a
window asking you to set up a new feature: Screen Time (Figure 2.52). You
can either click Set Up Later or Continue:
12. On the next screen, you will see the option to enable Siri, which is activated
by default. Click Continue to proceed:
[ 78 ]
Figure 2.53 – Siri
13. You may be asked to select a language for Siri. When ready, click
Continue.
14. Next, you will be asked if you wish to share Siri data. You can select Share
Audio Recordings or Not Now.
15. Next, decide on a look. You can choose either the Light, Dark, or Auto
mode and click Continue (Figure 2.54):
Figure 2.54 – Light/Dark/Auto mode
[ 79 ]
16. And we are almost done. The setup will finish on the next screen.
17. When the setup is finished, you will see the macOS desktop.
And that's it! The installation/reinstallation and initial configuration are now
complete.
If you want to change a setting you configured during this initial configuration, you
can do so later on, and that is what we'll cover next.
Adjusting the system settings

You can customize all system settings after installation through System
Preferences, the interface we saw in Figure 2.5. System Preferences is an essential tool
for administrators. We will go over the most important administrative options
available in this tool throughout this book. Still, you can always explore all of its
options at your own pace.
Besides System Preferences, macOS offers another way to configure a system, and
this is through the use of configuration profiles. A configuration profile is a file with
the extension .mobileconfig that contains predefined system settings. A system or
network administrator most likely defines these settings.
Using this file is very straightforward. All you have to do is double-click on the
configuration profile file to open it, and macOS installs the profile and its settings.
These profiles are very useful when you need to configure many machines, especially
in an enterprise or large environment.
After the profile has been applied, you can manage it through the Profiles
preferences.
If you don't see the Profiles preferences pane, this is because you
haven't installed any. The option will appear once you install a
profile.
Apple has an app called Apple Configurator 2 that helps in the creation of
configuration profiles, among other features. You can learn more about it here
https://support.apple.com/guide/apple-configurator-2/welcome/mac.
An important part of configuring macOS is the configuration of iCloud. As you saw

in the configuration process, you can skip doing that, but let's analyze why that might
not be such a good idea.
[ 80 ]
Benefits of configuring iCloud

To understand why it is useful to configure iCloud, we first need to understand
iCloud and the Apple ID.
iCloud is a secure cloud service where you can store files such as documents, photos,
videos, and much more. When you configure iCloud, your files remain updated
across your Apple devices. It also offers other key features that are only available
when you set up iCloud.
iCloud's main features are the following:
Cloud storage and communication services for apps (iCloud Drive, Photos,
Contacts, Calendars, Reminders, Safari, Siri, Notes, and Find My).
iCloud Keychain, a security tool that we will explore in Chapter
5, Managing User Security and Privacy.
Two-factor authentication is another feature that is used in combination
with the Apple ID to increase security. We will also see how to set this up
in Chapter 5, Managing User Security and Privacy.
You can also configure mail services automatically if you use an @mac.com,
@me.com, or @icloud.com domain.
You can access iCloud from your Apple devices, but also on the web,
at iCloud.com.
Allow for the fact that Apple devices might have different system
requirements or available geographic areas for iCloud. You can
check the details for your specific device or location in this
article: https://support.apple.com/HT204230.
To use iCloud, you need an Apple ID. The Apple ID is the personal account that
allows you to access Apple's products and services, such as the App Store, iTunes
Store, iMessage, and FaceTime, as well as Apple's storage service called iCloud. The
Apple ID is always an email address, and you need a password to use it.
You can create an Apple ID from your Apple device or on the Create
Your Apple ID web page (https://appleid.apple.com/account#!page=
create).
[ 81 ]
When you sign in to iCloud on your Mac and other Apple devices using the same
Apple ID, the changes you make to your files on one of the devices will sync with the
others, as well as on the iCloud.com web portal, accessible through any standard
browser on a Mac or Windows computer. For instance, a photo you add to Photos on
your Mac will automatically appear in the Photos app on iCloud.com, your iOS
devices, your Apple Watch, and your Apple TV.
Currently, iCloud offers 5 GB of free iCloud storage for each Apple ID account that
you have, but if you need more storage, there are also paid plans that offer more
storage space.
After you have set up iCloud, you can change or adjust the settings in the iCloud
preferences.
Perform the following steps to access the iCloud preferences:

2. Click on the Apple ID icon (Figure 2.55):
Figure 2.55 – Accessing iCloud preferences in macOS Catalina and Big Sur
[ 82 ]
3. Then, click on iCloud on the left-side menu (Figure 2.56):
Figure 2.56 – Accessing iCloud preferences in macOS Catalina and Big Sur
We will see more details on how to configure iCloud in Chapter 4, User Accounts
Management.
To learn more about iCloud, visit this link: https://support.apple.

com/icloud.
And with this extensive walk-through on macOS installation scenarios, we have

reached the end of this chapter. Be sure to check out the Summary section for a quick
recap of what has been covered.
[ 83 ]
Summary
In this chapter, we have looked at all that relates to macOS installation and
configuration in great detail. You now know how to install, update, reinstall, and
configure macOS. You also know how to perform other useful related procedures,
such as verifying the system requirements and performing the necessary checks
before installation. You can also use the Recovery system, which allows you to
reinstall macOS, or use the Disk Utility feature to erase a disk or volume to prepare it
for a clean installation. You know how to create a bootable installer if you need to
install macOS on several machines or if you need a specific version of the OS. Finally,
you know how to proceed with the Setup Assistant, as well as how to undertake post-
installation configurations. You are now ready to install, upgrade, or reinstall any
available version of macOS for yourself or any user that might need your support.
Now that we have our system up and running, we will go on to the next chapter,
where we will discuss user management. You will learn about the types of users
available in macOS, as well as how to create them, manage them, and customize their
environment.
[ 84 ]
3
The Start Up Process
In this chapter, we will explore the start-up process on Mac computers running
macOS. Why is it important to explore this? Being familiar with the start up process is
important for troubleshooting and narrowing down potential issues. Many problems
that users face with their Mac computers occur during startup, and you need to know
what happens from the moment the computer is powered on until you see the
interface. If everything works as expected, a successful startup should take place.
Therefore, you will learn how to recognize the characteristic cues and sounds during
this process to identify where a problem might be happening.
In this chapter, you will learn how the start-up process unfolds, or, in other words,
how system initialization works in macOS. You will review the stages and the
visual/audio cues involved. You will also explore the battery and energy-saving
features available in macOS that can affect this process. Finally, start-up modes are
also very useful for troubleshooting as they can provide clues regarding the stage of
the process where an issue might be occurring; macOS offers Safe mode and other
modes to help you pinpoint potential issues.
Specifically, the following topics will be covered in this chapter:
Understanding the macOS start-up process

Using energy-saving features
Using start-up modes
Take into account that this chapter describes the Intel-based Mac startup process and
modes. Apple M1 silicon Macs startup modes are described in Troubleshooting
Tips.
The Start Up Process Chapter 3
The following will be required for this chapter:
A basic knowledge of the macOS environment

Understanding the macOS start up

process
In this section, we will see the macOS system initialization process, including all the
stages, and what happens at each stage of this process. We will also look at a few
other important processes, such as logging out, shutting down, and restarting.
The initialization stages can be distinguished as two larger processes, each with their
own smaller stages:
The primary system stages

The user session stages
Let's take a look at the initialization stages in more detail, including what happens at
each stage in terms of visual and audible cues (including colors, icons, and sounds).
Primary system initialization stages

There are four system initialization stages in macOS, and these occur in the following
order:
Power-on or BootROM firmware

Booter
Kernel
System launchd
Let's take a look at each of these in turn.
[ 86 ]
Power-on or BootROM firmware

This is the power-on stage during which the system hardware is initialized by the
BootROM firmware (a part of the computer's hardware), along with initializing the
memory (known as RAM). Hardware integrity verification tests also take place at this
time.
During this stage, and depending on the model of the device you are using, the
following happens:
When the Mac or, in other words, the firmware is first powered, the
memory and RAM are initialized. A black screen is the expected visual cue,
and there could be an audible cue as well. You will hear a chime sound if
your Mac is from 2016 and earlier and if audio is enabled. In macOS Big
Sur, sounds have been reintroduced; therefore, the familiar start up chime
is also audible.
A Power-On Self Test (known as POST) and a BootROM test are the first
processes that take place. The POST test verifies hardware functionality,
and the BootROM test verifies whether sufficient memory is available and
whether it is in a good state.
The next stage is the booter stage, which is explained here.
Booter
During this stage, the bootup process begins. The booter loads the kernel
environment and other drivers known as kernel extensions (KEXTs in macOS
Catalina and earlier) into the memory to allow the kernel to take over the system
during the next stage. Since macOS Catalina and later, KEXTs are being deprecated
and replaced by system extensions that run in userspace. Therefore, these extensions
are no longer loaded at the same time as the kernel.
The visual cue for the start of the bootup process is indicated by the Apple icon
appearing at the center of the main screen (Figure 3.1):
Figure 3.1 – Start of the bootup process
[ 87 ]
This is what happens during this stage:
1. The Mac firmware launches the bootup process where the booter file,
specified in the start-up preferences (or Boot Camp in the case of a
Windows installation), is located.
2. If the boot EFI file is found, the Intel Extensible Firmware Interface
technology used by macOS tells your Mac where to locate the System
folder on the start up disk and starts the bootup process. An operating
system is selected through the localization of the start-up file in a specific
system volume.
3. If the booter file cannot be located, a flashing folder with a question mark
will appear instead of the Apple logo. In Troubleshooting Tips, we will
see what to do if this happens.
4. EFI then enables the Mac to start up from macOS, Windows, or any Intel-
compatible operating system.
5. After your Mac locates the system folder on the start up disk, a progress
bar (Figure 3.2) or a spinning wheel appears on a screen, which means the
Mac is reading files from the system folder. In some Mac models, startup
happens so quickly that the progress bar is missed:
Figure 3.2 – System folder located
When KEXTs are being used, and they are installed or modified, the system
automatically reveals the caches. So, whenever possible, cache files are used to speed
up the initialization process. The cache contains all kernel extensions that may be
needed to boot a Mac. Most of the cache files are located
here: /System/Library/Caches.
[ 88 ]
Cache files are ignored if you start up in Safe mode or if there's a problem with the
system. If the kernel environment fails to be loaded, a prohibitory icon appears
instead of the Apple icon. We will see in Troubleshooting Tips, what to do if this
happens. KEXTs are being deprecated since macOS Catalina. Therefore, this should
be less of a problem in the future. However, issues can arise with apps still using
KEXTs.
Bear in mind that if your Mac is configured to use a network disk, the process may
vary slightly since the booter and kernel caches have to be located and downloaded
from a net install service. This process is indicated by a small spinning globe icon
below the Apple icon. The globe icon is replaced by the standard progress bar once
the kernel has been successfully loaded from the net install service. After the booter
loads the kernel, it takes control of the start-up process, which is the next stage.
Kernel
During this stage, the kernel takes over the start-up process.
If the kernel, and consequently, the operating system, loading is successful, the
progress bar in the main display seen in Figure 3.2 will finish loading.
As we saw in Chapter 1, Overview of the macOS System, Architecture, and Features, of

this book, the kernel is at the base of the system's architecture, and it is the macOS
operating system's foundation environment.
After it finishes loading, the non-kernel processes start, as we will see in the next
section.
System launchd
The first non-kernel process is started during the system launchd stage. The role of
this stage is to start up the macOS processes as a parent process and load the rest of
the system to complete initialization. During this stage, other secondary processes
and items are started as well.
[ 89 ]
The visual cue that tells you the process has been successful is seeing the login
window (Figure 3.3):
Figure 3.3 – Login window at launchd
This process also manages the initialization of another process called loginwindow,
which is part of the user session stage. We will see this stage in the next section. But
first, let's see what happens with system initialization when FileVault is enabled.
FileVault initialization
Bear in mind that when FileVault is enabled, this stage unfolds differently in the
sense that the booter cannot be accessed until the user unlocks the encrypted system
disk. At the same time, the visual cues are different.
The visual cue that tells you FileVault is enabled, depending on the macOS version
you are using, is usually a gray screen (Figure 3.4):
[ 90 ]
Figure 3.4 – Booting with FileVault on
Startup happens from the Recovery HD, where a special EFI booter shows an
authentication screen (Figure 3.5) instead of the normal process. You will first need to
enter the password to unlock the encrypted disk:
Figure 3.5 – Booting with the FileVault login
Only after the user has authenticated to unlock the system disk will EFI be able to
access the booter file and allow the process to continue. At this point, the user who
unlocked FileVault will be automatically logged in.
Once the launchd processes are performed correctly, either with or without FileVault,
the user session stages begin, which we will examine next.
[ 91 ]
User session stages

Now that the system is fully initialized, the user session stages start. These stages are
the following:
loginwindow
launchd
user environment
Let's see what happens at each of these stages.
loginwindow
During the loginwindow stage, which is owned by the root user, the login screen
appears. If this stage is successful, the loginwindow process, along with the launchd
process, will initialize the user interface. At this point, the users will be able to log in
to their accounts by entering the appropriate password.
Two scenarios are possible, depending on whether authentication was successful:
If authentication is successful, the environment will be loaded, and the user

will be able to use the applications on their user environment. Then, the
loginwindow process will be owned by that user and continue to run as a
background process, at which point it will monitor the user session for as
long as the user is logged in to that session.
If authentication fails or the user is logged out, the root user will own the
process.
The loginwindow process is also in charge of the following tasks:
Managing the Force Quit feature

Logging errors
The logout, restart, and shutdown processes
As far as logging errors are concerned, you will find more information about how to
view logs in Troubleshooting Tips. For now, we will take a look at the logout,
shutdown, and restart processes.
[ 92 ]
Logout, shutdown, and restart

As mentioned earlier, loginwindow takes care of processes related to system startup,
but it also takes care of other processes, more specifically, those related to the
finalization of the user session or computer shutdown.
The processes we are referring to are the following:
Logout
Shutdown
Restart
Let's review these processes in more detail.
You can choose to log out, shut down, or restart through the Apple ( ) menu (Figure
3.6):
Figure 3.6 – Shutdown
Logging out is managed by the loginwindow process, which performs these actions:
It issues a quit application event to all user applications. If the applications

have the autosave and resume feature enabled, changes will be saved, and the
applications will quit. We cover this feature in Chapter 10, Managing Apps
and Documents. In some macOS versions, applications still open may
prevent quitting. You might see a warning if this happens so that you can
quit those applications to allow logging out, shutdown, or restart.
Once the applications are closed, all other background user processes quit
as well.
[ 93 ]
It runs logout scripts.

It logs the logout process.
It resets device permissions and preferences to the defaults.
It quits the loginwindow and launchd processes.
After all of this happens, the user interface is closed, and the root user takes
over the loginwindow process. This is signaled by the login screen
appearing.
Users can log out at any moment, but shutdown cannot occur without logging out
happening first. When shutdown is requested, loginwindow performs the following
actions:
It logs out all logged-in users. If there are users logged in simultaneously,
through a feature called Fast User Switching (covered in more detail in
Chapter 4, User Accounts Management), the system will ask the
administrator to authenticate so that shutdown can happen for all logged-
in users. Next, all users, applications, and background processes are quit as
well.
When all user sessions are closed,loginwindow issues a command to the
kernel to quit any remaining processes; some may be forced to quit so that
the Mac can shut down.
There is an alternative choice to logging out: if the user chooses to restart instead of
logging out or shutting down once the shutdown process is complete, the start up
process will simply begin all over again.
launchd
The launchd process starts all the user processes and loads applications, such as
Finder, once the user has authenticated correctly. This process is complementary to
loginwindow as it initializes the user environment and lays out the graphical
interface for that user.
The visual cue that tells you this process has completed successfully is that apps such
as the Finder app will appear on the screen (Figure 3.7):
[ 94 ]
Figure 3.7 – The user environment
When initializing the user environment, these are some of the tasks the launchd
process performs:
It loads the user's preferences, devices, and permissions, among other

things.
It loads the user account and settings.
It displays the Dock, the Finder, and the menus.
It resumes the applications that were open during the last session (unless
configured otherwise).
[ 95 ]
During both system and user environment startup, several types of items are
launched. These are launch daemons, start up items, launch agents, and login items.
Let's take a look at these briefly.
Files and processes involved in launchd

During initial startup of the macOS, the administrator account or system launchd
process automatically starts the items known as daemons and scripts. These items are
located here:
/System/Library/LaunchDaemons
/System/Library/LaunchAgents
/Library/LaunchDaemons
On the other hand, the user account launchd process launches agents and login items
during the user environment startup. These can be found here:
/Library/LaunchAgents
/Library/StartUpItems
There is a way to visualize these processes. In the next section, we will discover how
we can do just that.
Visualizing the processes

You can actually visualize the launchd parent process and the child processes
through a tool called Activity Monitor. Perform the following steps to access this
tool:
1. Go to the Applications menu, then to Utilities, and then double-click

on Activity Monitor, as shown in the following screenshot:
[ 96 ]
Figure 3.8 – Activity Monitor
2. Once in Activity Monitor, make sure you are in the CPU tab. Then, go to
the top menu, select View, and then All Processes, Hierarchically (as seen
in Figure 3.9):
Figure 3.9 – Visualizing All Processes, Hierarchically
[ 97 ]
3. Click the arrow in the parent processes to display the secondary or child
processes, as shown in the following screenshot:
Figure 3.10 – Visualizing child processes
We have just seen the loginwindow and launchd user session stages. The final stage
in this section is the user environment, which we will explore next.
User environment
The user environment is the workspace where users can use their applications and
any customizations applied to their accounts. During this stage, the login window
continues to run as a background process to take care of any session logging out or
shutdown events.
And with this process, we have gone through all the start up processes in macOS.
Additional features affect those processes, such as enabled energy-saving options,
which we will examine in the next section.
[ 98 ]
Using energy-saving features

macOS has very useful energy-saving features specially designed to extend your
battery life if you use a portable Mac and to be environment-friendly. These features
include the following:
Sleep mode
Battery preferences
Safe Sleep and Standby
Let's now see what each of these does and how they affect other processes.
Sleep mode
The Sleep mode saves energy by pausing any active processes or applications and
stopping the hardware. This mode is more convenient than shutting down the
Mac since the computer is still on, and you can quickly pick up the computer to
resume any processes and applications.
There are several ways in which you can activate this mode:
Go to the Apple ( ) menu, and then choose the Sleep option (shown
in Figure 3.6).
You can close the lid if you're using a portable Mac.
Press the Command + Eject key combination.
Tap the Power button. Be careful when using the tap Power button option
to enter Sleep mode. If you press the Power button for too long, the Mac
will shut down.
Bear in mind that these last two options don't work with a MacBook
Pro with Touch ID.
In Macs with a battery, the battery preferences let you configure the sleep preferences
for the display. You can even schedule sleep times, as we will see in the next section.
[ 99 ]
Battery preferences (macOS Big Sur)

Before macOS Big Sur, the energy settings were managed in a panel called Energy
Saver preferences. In macOS Big Sur, these preferences have been replaced by Battery
preferences. To access them, perform the following steps:
1. Open System Preferences and select the Battery icon (Figure 3.11):
Figure 3.11 – Battery preferences
[ 100 ]
2. You will see a menu on the left side of the preferences with several options.
The first option, Usage History, allows you to see your Battery Level and
Screen On Usage values for the last 24 hours, or the last 10 days (Figure
3.12):
Figure 3.12 – Battery usage history
[ 101 ]
3. The default settings for the next panel, Battery, are shown in Figure 3.13.
These options define how your Mac will behave when it is running on
battery power. We will examine some of those options next:
Figure 3.13 – Battery default settings
With the slider set to Turn display off after, you can indicate how long to
wait before turning the display off and going to sleep. This stops any signal
to internal and external displays, and therefore, the LCD backlight is
turned off to save energy.
You can also activate the Put hard disks to sleep when possible option.
When enabled, this option shuts down the hard drive motors when not
being used. It is best not to activate this option if you are using a non-SSD
drive, and your apps are constantly reading and writing to the hard disk.
SSD drives are not negatively affected by this option since they don't have
moving parts that can affect data reading and writing operations.
[ 102 ]
Power Nap is a mode that allows the Mac to wake up occasionally from
sleep to perform certain tasks automatically. These tasks include using
Time Machine to perform backups, checking whether you have a new
email, and so on. During these occasional wakes, Power Nap keeps the
displays and other hardware off to save energy. Once the tasks it needs to
perform are finished, it goes back to sleep. To enable it, just check the box
next to Enable Power Nap while on battery power.
In some computers, when there is more than one graphics chip, you will
see an Automatic graphics switching option. We can see that this option is
available in Figure 3.13. For example, if enabled and you are using a text
editor, macOS will switch to a low-power graphics chip to save energy.
When not enabled, a high-performance graphics chip will be used all the
time, regardless of the type of application you are using and, of course, this
will consume more energy.
4. The next option on the menu is Power Adapter. In Figure 3.14, you can see
the default options selected when your Mac is plugged into a power
adapter:
Figure 3.14 – Power Adapter default settings
[ 103 ]
As you can see, many of the options available in the Battery preferences are
also present here, such as Power Nap and Automatic graphics switching.
However, you also have these additional options:
Prevent computer from sleeping automatically when the display is

off: This option prevents the computer from going to sleep after the display
is turned off according to the set time in the slider at the top of the window.
Enabling this feature temporarily is useful if you perform a task that takes
time, such as an installation, and the computer going to sleep would
interrupt the process.
Wake for network access: When this option is enabled, Ethernet or Wi-Fi
connections wake up the computer automatically when a user accesses a
shared resource, such as a printer. This option is useful for remote
management or when using a network disk.
5. The final menu option in these preferences is Schedule. Here, you can set
hours for Start up or wake and for Sleep, as you can see in the following
screenshot:
Figure 3.15 – Sleep/wake scheduling
Besides what we have just seen, there are other energy-saving modes available in
macOS. The ones we will explore next are the Safe Sleep and Standby modes.
[ 104 ]
Safe Sleep and Standby

Safe Sleep and Standby are modes that allow Mac computers to use very little or no
power while still maintaining data integrity.
Safe Sleep mode occurs when the Mac battery is low or drained, or the Mac has been
left idle for a long time. When the Mac is in Safe Sleep mode, the system memory
content is copied in its entirety to an image file on the system volume, and the
computer is powered down. This way, if the battery is drained while the Mac is in
Safe Sleep, and the computer turns off, no data will be lost. The next time the
computer is powered, you will be able to resume where you left off.
Standby mode occurs when the Mac is asleep and idle for more than 1 hour, or after 3
hours, depending on the Mac model. By default, Mac models from 2013 and newer go
into standby after being asleep for 3 hours. All current sessions are saved to the disk
while this mode in use, and some hardware systems are turned off. The Standby
mode is available on Mac computers that are started from an internal SSD or flash
storage.
More specifically, the Mac models that support Standby mode are the following:
MacBook (2015 and later)

MacBook Pro (2012 and later)
MacBook Air (2010 and later)
SSD and Fusion Drive versions of Mac mini (2012 and later)
SSD and Fusion Drive versions of iMac (2012 and later)
Mac Pro (late 2013)
For more information on Standby mode, you can refer to the

following article: https://support.apple.com/en-us/HT202124.
But how do you wake up your Mac if you are using any of the different sleep modes
we just saw? There are several straightforward methods for doing so, as we will see
next.
[ 105 ]
Waking up the Mac

Waking your Mac from any of the modes described earlier is very simple. You can do
any of the following:
Press any key.

Click the mouse or tap the trackpad.
Tap the Power button, making sure you have enough battery or plugging
in the AC adapter first.
Open the Mac lid if you are using a notebook.
In the next section, we will explore the available start up modes in macOS, which are
very useful for identifying errors and recovering your system. Let's see next what
they are and how they work.
Using start up modes

The start-up modes are useful for troubleshooting. These modes are activated when
the system is starting up and are initiated at the firmware stage, and, from there, they
affect how system initialization continues at each stage. The following are the start-up
modes available in macOS:
Safe boot
Verbose
Single user
In this section, we will also take a look at the T2 security chip, which allows yet
another start up mode known as Secure Boot.
Safe mode
During Safe mode, also known as Safe Boot, the Mac performs verifications and
prevents specific software from loading or opening to isolate the cause of a
problem. You can start up in Safe mode by holding down the Shift key during startup.
Starting up a Mac in Safe mode causes the following to occur:
An attempt to repair the system volume structure is performed.

System third-party kernel extensions (KEXT) caches are deleted.
Font caches are deleted.
[ 106 ]
During this mode, macOS loads only essential items for startup, and prevents the
unnecessary loading of the following items:
Any non-essential KEXTs

Third-party launch agents, daemons, start up items, and fonts
User login items
User-specific launch agents
Sometimes, it is not so easy to establish whether your Mac is in Safe mode. In macOS
Big Sur, you will see it indicated in the login window, as seen in Figure 3.16:
Figure 3.16 – Startup in Safe mode
[ 107 ]
In other macOS versions, there's another way to verify through System

Information. Perform the following steps to do that:
1. Hold down the Option key while clicking on the Apple ( ) menu and
select System Information.
2. Once in the System Information window, scroll down to Software in the
left-hand menu. There, you will be able to see whether you are running in
normal or in Safe mode, as you can see in the following screenshot:
Figure 3.17 – Safe mode
Bear in mind that some features might not work in Safe mode, such as the following:
Video capture in iMovie or other similar apps

Input/output devices
Some USB, FireWire, and Thunderbolt devices might not work
Wi-Fi might be limited
Accessibility features might not work
File sharing
DVD player
Now that you have entered Safe mode, you can perform troubleshooting tasks, but if
this doesn't help, there are other modes, such as Verbose, which we will cover next.
[ 108 ]
Verbose
With Verbose mode, the Mac shows the start up process as text. If the text stops at
any point, it most likely means that the start up process has also stopped. This allows
you to review the text to try to identify where the problem is and the probable cause.
Verbose mode is initiated by holding down the Command + V key combination during
startup.
Don't use Safe mode and Verbose mode at the same time. This is
because, if the start up process succeeds during Safe mode, Verbose
will be overridden, and you will not be able to identify problems at
startup.
Figure 3.18 shows an example of what you might see during startup in Verbose mode.
We are not seeing the complete printout, just a portion, so that you have an idea of
what to expect when using this mode. You can now review this output to try to find
out where the process is getting stuck:
Figure 3.18 – Verbose mode
[ 109 ]
Finally, we have a single-user mode, which also provides a way to start up the system
and perform specific troubleshooting tasks.
Single-user
With single-user mode, you can access a minimal command line that allows you to
run UNIX commands as root. You can then move suspicious files to a quarantine
folder and modify any files and folders as required. Perform the following steps to
start single-user mode and prepare the system to use it:
1. Hold down the Command + S keys during startup.

2. Wait until you see root#.
3. Next, the system volume should be prepared first by entering the following
command:
/sbin/fsck -fy
4. Then, repeat the command until you see a message indicating that the disk
appears to be OK, as demonstrated in the following screenshot:
Figure 3.19 – Verifying and preparing the start up volume
[ 110 ]
The fsck -fy command entered is used to verify and repair the start up
volume, where fsck is a common UNIX command used for system check
and repair, the -f flag forces verification of journaled filesystems, such as
HFS, and the -y flag answers with "Yes" to any prompts fsck might
encounter, so use it with caution.
The fsck command should be used on unmounted filesystems to

avoid any data corruption.
5. Only when you know that the disk is OK should you enter the following
command to mount the start up volume as a read and write filesystem
(Figure 3.20):
/sbin/mount -uw
This method works if you're not using the APFS filesystem (for systems
using AFPS, see the following set of steps). When entered, this is what you
will see:
Figure 3.20 – Mounting the start up volume (non-APFS)
6. After you make the necessary changes to fix problems through the
command line, exit Single-user mode.
7. Then continue startup by entering the exit command, or you can shut
down the Mac by entering the shutdown -h now command.
[ 111 ]
In newer Mac computers, especially if you are using the APFS filesystem, the
previous method to mount the start up volume has been replaced by the following:
1. Shut down your computer and reboot by entering Recovery System by

pressing Command + R at startup.
2. Select Disk Utility from the menu and then click Continue.
3. Choose the HD where your system is installed (usually Macintosh HD) and
then click Mount at the top (Figure 3.21):
Figure 3.21 – Mounting the startup volume (APFS)
4. Authenticate as an administrator and quit the disk utility.

5. Go to Terminal through the top menu to access the command line.
6. Make the necessary changes to fix any problems, and when you are done
with your changes, quit Terminal, and shut down or restart from the top
menu.
Take into account that Verbose and Single-user mode cannot be

accessed as explained here in Macs with the T2 chip. The alternative,
in this case, is to enter Recovery and use the Terminal.
Now that we know about all the start-up modes we can use, an additional mode
needs to be explained separately since it is only available in certain Mac models.
[ 112 ]
The T2 Security Chip and Secure Boot

Secure Boot mode is an improvement introduced recently that requires the Apple T2
Security Chip. We covered the chip's main features in Chapter 1, Overview of the
macOS System, Architecture, and Features. The chip also plays a role in the start-up
process: it verifies every stage and makes sure that only a legitimate, trusted
operating system loads at startup and that the software and hardware haven't been
modified maliciously. If your Mac has the T2 chip, you can start up in Secure Boot
mode to take advantage of this extra security feature.
The T2 security chip is available in these Mac models:
iMac Pro
Mac mini, MacBook Air, and MacBook Pro models introduced in 2018
You can also verify whether your Mac has the chip through System Information. For
this, perform the following steps:
1. Go to System Information, as explained earlier.

2. In the sidebar, depending on your macOS version, select Controller or
iBridge.
3. As you can see in Figure 3.22, this Mac model has the Apple T2 Security
Chip:
Figure 3.22 – Apple T2 Security Chip
[ 113 ]
If you have the chip in your Mac, then you can use Secure Boot. The configuration of
the security options available when the T2 chip is available, including Secure Boot, is
explained in Chapter 15, Managing Security in macOS.
And with this, we have reached the end of this chapter. Please be sure to read the
summary so that you can recap what we have learned.
Summary
Now that you have completed this chapter, you should have a good understanding of
the macOS start-up process and the initialization stages involved. This includes the
visual cues and sounds that happen at each stage so as to be better equipped to
troubleshoot possible start-up issues. You should also be familiar with the available
start-up modes, including Safe Boot, Verbose, and single-user modes, which are
helpful when it comes to isolating possible issues. Also, you now know what energy-
saving features you can configure; namely, Safe Sleep, Standby, and Power Nap,
which affect startup and shutdown. Finally, you have learned about a feature in
newer Macs, the T2 Security Chip, which allows additional security modes.
In the next chapter, we will look at another important topic at the heart of any system:
users. We will see the types of user accounts available, and how to create them,
manage them, and much more.
[ 114 ]
4
User Accounts Management
In this chapter, you will first learn about the different types of user accounts available
in macOS in a section divided into two parts: Local user accounts and Other user
accounts. Next, you will learn how to manage the different user accounts, as well as
how to use login options and other practical features such as fast user switching and
Screen Time. Finally, you will understand how user home folders are organized. By
the end of this chapter, you will be able to add any type of account to a Mac, as well
as manage them and configure the different options available to enhance the user
experience and increase security. In the latter half of the chapter, you will gain a good
understanding of user home folders and their structure, as well as how to restore
them in case of accidental deletion.
The following main topics will be covered in this chapter:
The types of user accounts available in macOS

Managing user accounts
Understanding user home folders
Let's begin this chapter with the technical requirements.

User Accounts Management Chapter 4
To work through the examples in this chapter, you will need the following:

A Mac computer with administrative privileges
Types of user accounts

Mac computers can have one user, or they can have multiple users. macOS offers
several types of user accounts with different privileges. You can add accounts
depending on the flexibility and level of permission the users need. This is why it is
important to know the access levels and limitations that each of these types of
accounts has to avoid unnecessary security risks and allow only the strictly necessary
access.
We can divide user accounts into two categories:
Local
Other
Both categories of user accounts have several types available. We will start by
exploring local user accounts.
Local user accounts

Local user accounts are the type of accounts that live on a Mac computer. You would
add a local account for each user who will be using the computer. Each account will
have its own configuration and can also be customized in terms of appearance,
functionalities, and permissions.
Local user accounts in macOS can be of the following types:
Standard
Administrator
Root user
Guest
Sharing-Only
Group
[ 116 ]
The Standard and Administrator accounts are the most common, and they are the
ones you will be using for most regular and administrative tasks on a Mac.
Let's examine each of them to understand when and how they should be used.
Standard user account

Standard accounts are for regular users who don't need to manage the system. These
users just need to use the computer and the applications installed on it. They have
access to almost all the resources and features of a Mac, with certain limitations.
Standard accounts are created by an administrator and this type is selected by default
during account creation.
The following are the main characteristics of this type of account:
It has read access to most items, preferences, and applications.

It can manage its own configuration.
It has full access to its home folder; therefore, it can manage its own files
and folders.
It has access to shared resource locations.
It can install application and system updates from the Mac App Store.
It can access the Terminal app.
What the Standard account cannot do is the following:
It cannot create or modify users or create or modify other users' files,

folders, and settings. In order words, it cannot change anything that would
affect other users.
It cannot manually modify the Applications folder or use other
installation methods because they can affect shared parts of the system.
In general, it cannot install applications available outside the Mac App
Store; this means it cannot bypass the Gatekeeper security application (you
will learn more about Gatekeeper in Chapter 15, Managing Security in
macOS, of this book).
Even though the Standard account is the most common one, other types of accounts
can be used for specific purposes, as we will see in the following sections.
[ 117 ]
Administrator user account

An Administrator account, or admin, is the type of account you need to perform
administrative tasks, such as creating and deleting users. This account has most of the
privileges you would need for managing your macOS system. An administrator can
do everything a standard user can do, plus the following:
They can unlock and modify the system preferences.

They can create, modify, and delete users.
They can change administrative rights for all user accounts.
They have full access to all applications.
They can install applications distributed outside the App Store, that is,
using packages.
They can create other Administrator accounts in the same system.
They can turn standard users into administrators.
The Administrator account cannot access other users' items unless they are in a
shared folder (such as the Public folder).
When you first install or reinstall macOS on your computer, this is the type of account
created with the help of Setup Assistant as part of the setup process. It is the primary
account.
It is a recommended practice to use a Standard account for the

everyday use of your Mac. Ideally, the Administrator account
should only be used to perform administrative tasks. You can even
perform administrative tasks as a standard user simply by clicking
the lock icon in System Preferences and authenticating as an admin
when needed.
As the name says, this account is intended for administrators. Many users never
create other accounts and use this one as their primary account for their Mac's
everyday use. This is not a problem unless you share the Mac with a family member
or a colleague, in which case having only an Administrator account is a security risk
for the system and the information stored on it. The ideal number of administrators is
two or three.
It is a good practice to limit the number of administrative accounts

to only those necessary. However, take into account that there must
be at least one Administrator account on a Mac with macOS.
[ 118 ]
The Administrator is the account with most of the privileges you will ever need to
manage your system. However, there is another account with even greater privileges,
as we will see next.
Root user account

The root user is the macOS system superuser, also known as System Administrator.
This user bypasses all limitations imposed on the other user types we just saw, and it
has unlimited access to all the system resources. In other words, it can control the
whole system. This user is essential for macOS processes to run as root; therefore,
it has to exist, or the system wouldn't work at all.
This user can do everything an Administrator user can do, plus the following:
It has read and write privileges to all areas of the system.

It has access to all files and folders, including those from all user accounts
in that system.
It can access the command line to execute commands restricted to the
administrator and standard users.
It can start and stop system services.
You should be aware of the risks of breaking something in the system if an action by
the root user is performed incorrectly. The root user is to be used for very specific
tasks and only when required. Also, take into account that most administrative tasks
can be performed with an Administrator account.
Because of the security risk, the root user is disabled by default. To

use it, you would need to enable it. We will see how to do that in the
next section of this chapter.
We have seen the accounts with the most privileges in macOS. In the coming sections,
we will see other types of user accounts, which are, in general, more limited.
Guest user account

This type of account is similar to the Standard account. The only difference is that it
does not require a password. Also, something very important to consider is that when
a Guest user logs out, its home folder is deleted, along with any items inside it. When the
Guest user logs in again, a new home folder is created and deleted again when the
user logs out.
[ 119 ]
Therefore, this is a temporary account for momentary activities. It is ideal for letting
non-regular users utilize your Mac for activities such as checking their email or
browsing the web, without having to create any type of account and, at the same
time, protecting your data and personal information by not allowing access to your
Standard or Administrator account to an external person.
These are the main characteristics of a Guest account:
If enabled, anyone can log in to a Mac with it.

No password is required.
It has access to the Shared and Public folders.
It can shut down and restart the Mac.
A Guest user cannot change any type of configuration or log in remotely.
The Guest account is disabled by default; it has to be enabled for use. We will see how
to do that in the Managing user accounts section in this chapter.
When FileVault is enabled, the Guest user can only use Safari.
If you need to share files but you don't need the user to access your Mac interface,
there is another type of account that is better for that purpose, as we will see next.
Sharing Only user account

As its name suggests, this type of account has the sole purpose of letting you share
files with another user on a different computer. This type of account does not have
a home folder.
These are the main characteristics of a Sharing Only account:
It can be used for screen sharing.

It can access shared files and folders.
It has access to the Public and Drop Box folders.
It can access files remotely.
[ 120 ]
What a Sharing Only account cannot do is the following:
It cannot access the user interface.

It cannot log in to the Mac.
It cannot change any configurations.
It cannot access the Terminal app.
To enforce security for this type of account, file and folder

permissions can be used.
Finally, if what you need is to group users according to a common objective, for
example, then you can use group accounts, as we will see in the next section.
Group user account

A group account is just a list of user accounts. The purpose of these groups is to
facilitate custom access to certain files and folders according to a specific or common
objective.
Actually, all the previous user accounts discussed belong to one or more groups
already set up in macOS. The main default groups are as follows:
Staff: All user accounts are members of this group when they are created
(including administrative users).
Admin: All administrative accounts also belong to this group.
Wheel: Its only member is the root user.
However, other groups can be created with custom access and permissions for files
and folders.
With this, we have concluded reviewing the first category of user account types
available in macOS: local user accounts. Next, we will review the second category of
user accounts: other, non-local user accounts.
[ 121 ]
Other user accounts

In the previous section, we examined the local user accounts available in macOS. But
there are other types of non-local user accounts as well. They can be identified as
follows:
Network
Mobile
Let's briefly describe what they are used for.
Network user accounts

These accounts are used in a network environment, typically stored on a directory
server such as Active Directory, and are available to multiple computers. The main
characteristics of this type of account are the following:
It can be configured on multiple Mac computers.

Typically stored in a shared directory server, such as Active Directory, for
managed authentication.
The home folder will usually be located in a network share or file server.
Let's see the other type of non-local user accounts.
Mobile user accounts

These are also network user accounts that are synced with the local user database.
These are their main characteristics:
They can be used even when it's not possible to contact the shared
directory server.
The home folder is usually located on the startup disk.
[ 122 ]
Now that you know which types of local and non-local user accounts can exist on a
Mac running macOS and their privileges and limitations, you can now decide when it
is appropriate to create each of these accounts.
In the following sections of this chapter, we will discuss the most common user
administration tasks, such as creating the types of user accounts we just explored.
Managing user accounts

Managing user accounts is probably one of the tasks you will perform most
frequently as a macOS administrator or support technician. This will include creating
all the types of accounts we saw in the previous section, configuring and deleting
them, and more.
In this section, we will perform different user management tasks. More specifically,
we will cover the following topics:
Creating standard user accounts

Configuring additional account preferences
What are account attributes?
Deleting user accounts
Restoring deleted user accounts
Managing the root user
Managing the Guest user
Adjusting the login options
Using Screen Time (macOS Catalina and later)
[ 123 ]
The main tool to manage user accounts is Users & Groups (Figure 4.1) in System
Preferences. Remember that you need administrator permissions to manage user
accounts. You can go to System Preferences via the Apple ( ) menu or through the
desktop icon, as we have seen in previous chapters:
Figure 4.1 – Users & Groups preferences
This is where all user accounts are created, managed, unlocked, and deleted. Also,
local group accounts can be created here.
Let's start by examining the process of creating new Standard accounts.
[ 124 ]
Creating standard user accounts

In this section, we will see how to create a standard user account. For this example,
we will create an account on a Mac with macOS Big Sur. Follow the steps given as
follows:
1. Go to the Users & Groups preferences, as shown in the previous section.

2. If necessary, click the lock button to unlock access as an administrator
(Figure 4.2).
3. Click the + sign to create an account (Figure 4.2):
Figure 4.2 – Creating a user account
4. In New Account, choose Standard (usually the default option), as seen in

Figure 4.3.
5. Enter the account details: Full Name (I've used Patrick
Johnson), Account Name (a default account name will be assigned; you
can change it if you want but we will leave it as is here), and Password.
Indicate a password hint if you wish, and don't forget to write it down
somewhere safe because you will need it later. If you want help with
creating a strong password, you can also use the Password
Assistant tool by clicking the key icon beside the password field (Figure
4.3).
[ 125 ]
6. When ready, click on Create User:
Figure 4.3 – Creating a Standard user account
Congratulations! You've just created your first user account. You will see
the new user appear in the left-side panel, as seen in Figure 4.4:
[ 126 ]
Figure 4.4 – Creation of a Standard account success
7. Log out from the admin account and log in as the new user to verify it has
been correctly created. You can log out via the Apple ( ) menu. If it has
been correctly created, you should see the new user in the login window, as
shown in Figure 4.5:
Figure 4.5 – Login screen
Once the user is created, the initial setup will take place, which is what we will see in
the next section.
[ 127 ]
Initial setup of a new user account

Continuing from the previous section, we will see here the screens presented to you
when you log in for the first time to an account that was just created. Remember that
the screens you see in Setup Assistant will depend on the macOS version you have
installed. In this example, we see the screen presented in macOS Big Sur:
1. Log in to the new account with the password created (Figure 4.5). First, you
will be presented with the Data & Privacy information. Make sure to read
it, and then click Continue when ready.
2. If you are prompted to log in with your Apple ID, just click Set Up Later
(Figure 4.6). You might see a prompt asking whether you are sure; just
click Skip for now. We will see how to link a new account with an Apple
ID or iCloud account in the next section:
Figure 4.6 – Sign In with Your Apple ID
[ 128 ]
3. If Find My is enabled for this machine, you might see a window indicating
the Apple ID used to locate it. This is an informative window, so make sure
the associated Apple ID is correct and click Continue. If it's not correct, you
can change it in System Preferences later on.
4. Next, you will see the Screen Time window. You will see it only if you are
installing on macOS Catalina or later. You can click either Set Up Later or
Continue, as any of those options will take you to the next screen.
5. Then, you will be presented with the Siri screen. By default, the Enable Ask
Siri option will be enabled. Uncheck it if you don't wish to use Siri. When
ready, click Continue.
6. In macOS Big Sur, you will have the choice to set up Siri at this point. You
can do so and click Continue, in which case you will see a couple of extra
screens where you will have to speak several phrases for this configuration,
or you can choose Set Up "Hey Siri" Later, which is what we will do for
this example.
7. Next, you will see a screen where you can choose to share data with Apple
to improve Siri and Dictation. The default option is Not Now, but you can
change that if you wish to share your audio recordings.
8. If you have a Mac compatible with Touch ID, then you might see a
screen to set it up. If you do, then click Continue. If not, just skip to step 10.
9. You will be able to set up Touch ID at this moment, or you can click Set Up
Touch ID Later. If you choose to set up Touch ID later, you might see a
prompt asking you whether you are sure; just click Continue.
10. Next, you will be asked to choose a look, either Light, Dark, or Auto mode.
The Auto mode is a new option available in macOS Catalina and later.
When ready, click Continue.
11. In Mac computers compatible with True Tone (Macs with Retina screens),
you might see a screen informing you about this feature. You can click on
See Without True Tone Display to see how your screen would look
without it, or just click Continue.
[ 129 ]
You can find out which Macs are compatible with True Tone at this
link: https://support.apple.com/HT210437#mac.
And that's it! Now, the setup will finalize for the new account. You have created and
configured your first Standard account.
In the next section, we will see how the set up flows when choosing to use an Apple
ID.
Using your Apple ID or iCloud account

Standard and Administrator accounts can link their Apple IDs or iCloud accounts.
When you do that, besides the normal setup, iCloud services are also set up and you
gain an additional option to recover your local account password.
To link your Apple ID or iCloud account, follow all the steps described in the
previous section to create a standard user account. Then, when you first log in with
the newly created account, you will arrive at the Sign In with Your Apple
ID screen, where you will see the following options related to the Apple ID (Figure
4.7):
Create new Apple ID...

Forgot Apple ID or password?
Use different Apple IDs for iCloud and Apple media purchases?
Take into account that in macOS Mojave and earlier, the last option will be worded
differently since in macOS Catalina, iTunes was replaced with other dedicated apps,
as mentioned in Chapter 1, Overview of the macOS System, Architecture, and Features.
The option will read as Use a different Apple ID for iTunes and iCloud?.
At this point, you can enter your Apple ID if you have one, recover it if you have lost
your password, or create one. In the next section, we will see an example where we
choose to create an Apple ID.
[ 130 ]
Creating a new Apple ID

Continuing from the previous section, you will arrive at the screen shown in Figure
4.7 after creating a new Administrative or Standard account and logging in for the
first time in macOS Big Sur. For this example, let's assume we don't have an Apple ID,
and we want to create a new one. If you already have an Apple ID, you can enter it at
this time and skip to step 6. Follow the steps given as follows:
1. Choose the Create new Apple ID... option:
Figure 4.7 – Creating an Apple ID
2. To start the process, you will be prompted to enter your birth date.
[ 131 ]
3. Enter the information for the new Apple ID, including an email account. At
this point, you can choose to create a free icloud.com email or provide
another existing email. For this example, we will choose to create
an icloud.com email by clicking on the Get a free iCloud email
address... link, as seen in Figure 4.8:
Figure 4.8 – Getting a free iCloud email address
[ 132 ]
4. You will be prompted to enter the iCloud email address's details to be used
as your new Apple ID, including a password. Enter the details and click
Continue.
5. Next, you will be asked to verify the email by providing a phone number
for a text message or a phone call. I will enter a phone number and select
Text message as the verification method (Figure 4.9):
Figure 4.9 – Providing a verification method
6. Next, accept the terms and conditions. At that point, iCloud will be set up.
[ 133 ]
7. Next, depending on the macOS version, the process will continue with step
3 of the previous section on the initial setup of a new user account.
When the process finishes, you will confirm that iCloud has been set up by
opening System Preferences. You will see that the Apple ID username
appears now, as well as an additional icon to set up the Family Sharing
feature, as seen in Figure 4.10:
Figure 4.10 – iCloud setup
And that's it! You can now use your Apple ID to recover your password and use the
iCloud features set up for this account.
In the next section, we will explore how to turn a Standard account into an
Administrator account.
[ 134 ]
Turning a Standard account into an Administrator

account
Turning a Standard account into an Administrator account is very simple. Remember
that it is good practice to have at least two administrators in a system. This action can
only be done by another administrator:
1. Go to the Users & Groups preferences.

2. Authenticate as an administrator by clicking the lock in the lower-left
corner.
3. Ensure the account you want to convert is selected, and then enable the box
that says Allow user to administer this computer, shown in Figure 4.11:
Figure 4.11 – Turning a Standard account into an administrator
And that's it! It's that simple.
In the next section, we will see how we can further customize the user environment
for a better experience.
[ 135 ]
Configuring additional account preferences

Once you have followed the steps to create an account, as explained in the Creating
standard user accounts section, when you are logged in as the new user, you can
configure additional recommended options to improve the user experience. To do
this, follow the steps given as follows:
1. Open the Finder, and choose Preferences from the top menu.
2. Next, select the General tab. By default, the Hard disks option is not
selected. Select it so that the default system volume (usually Macintosh
HD) appears on your desktop for easy access to the system volume root, as
Figure 4.12 – General preferences – Hard disks
[ 136 ]
3. Now, click the Sidebar tab and select the folders you want to have in the
sidebar's Favorites section. In this case, we will select the administrator's
home folder so that it shows in the Finder's sidebar's Favorites section for
easy access (Figure 4.13):
Figure 4.13 – Sidebar preferences
Make sure the checkboxes are fully selected. If a dash shows instead
of a checkmark (as with Hard disks in Figure 4.13), it means it is not
fully selected.
[ 137 ]
Next, you can also adjust the desktop's appearance:
1. Open System Preferences and click on the Desktop & Screen Saver
preferences icon marked in Figure 4.14:
Figure 4.14 – Desktop & Screen Saver
2. In the Desktop tab, from the dropdown, you can choose your desktop
style: Automatic, Light (Still), or Dark (Still) (Figure 4.15):
[ 138 ]
Figure 4.15 – Desktop style
3. In the Screen Saver tab, you can choose your screen saver style and timing
(Figure 4.16):
Figure 4.16 – Desktop style
[ 139 ]
At the bottom right of Figure 4.16, you can see a Hot Corners... button. If you use a
screen saver, configuring Hot Corners allows you to start the screen saver by setting a
shortcut so that it starts when you move the pointer to a designated corner of the
screen. Follow these steps to configure it:
1. In the screen saver preferences, click the Hot Corners... button.

2. Click the dropdown of any of the four corners you want to set as a trigger
for the screen saver (Figure 4.17):
Figure 4.17 – Hot Corners
3. You will see several options to choose from, as seen in Figure 4.18. For this
example, let's choose Start Screen Saver and then click OK:
Figure 4.18 – Hot Corners options
4. You can also use the Control, Option, Shift, or Command keys with a hot
corner. To use them, press one of those keys – for example, Option – while
the drop-down menu is open and select an option such as Start Screen
Saver (Figure 4.18).
5. Once set, whenever you move the pointer to the corner of the screen you
just configured (and press a key, such as Shift, if you configured one), the
screen saver will start.
[ 140 ]
There are many other options to configure your account that you can explore, but we
have seen the most important ones. In the next section, we will explore what account
attributes are.
What are account attributes?

Account attributes are pieces of information related to each user account. These
details are kept in XML-encoded files that are located in the users' folders. Only the
system root user can read those files. But, most of these attributes can be seen by a
user with administrator privileges. To see these attributes, take the following steps:
1. Go to the Users & Groups preferences and click the lock icon to log in as an
administrator.
2. Next, right-click on the user for whom you want to see the attributes,
and Advanced Options... will appear, as seen in Figure 4.19:
Figure 4.19 – Advanced Options...
[ 141 ]
3. The screen you will see looks like the one in Figure 4.20:
Figure 4.20 – Account attributes
The following is a description of the account attributes visible in Figure 4.20:
User ID: This is the user account ID. User accounts will normally start at
501, and root administrator accounts will start with a number under 100.
Group: This is the primary group the user belongs to. In this case, this
account belongs to the staff group, as most local user accounts do. We will
see the types of groups available in more detail in Chapter 7, Understanding
Ownership and Permissions.
Account name: This is the name of the account and the user's home
folder. It cannot have any special characters (, /; "), symbols, or spaces.
However, it can contain periods, dashes, or underscores (.-_).
[ 142 ]
Full name: This is a longer version of the account name. It can also be used
to authenticate, but most users will use the account name for convenience
since it's shorter. It can contain any characters. This name must be unique,
and there cannot be other accounts with the same full name. It can also be
changed at any time.
Login shell: As we saw earlier, both Administrative and Standard users
can access Terminal. The login shell specifies the default file path for the
command-line shell used in Terminal. The shell is the programming
language the command line uses. By default, it is /bin/bash in macOS
Mojave and earlier but is being deprecated. From macOS Catalina and
later, the default shell is zsh. Therefore, when you open Terminal, you
might see a warning indicating that the default interactive shell is now zsh;
check Chapter 16, Using the Command Line, for instructions on how to
change it.
Home directory: This shows the path for the user's home folder, except for
Sharing Only accounts because, as we saw earlier, no home folders are
created for this type of account. The default path is the following:
/Users/[user account name].
Universally Unique ID (UUID) or Globally Unique Identifier
(GUID): This is a long, unique, alphanumeric number generated by the
computer when the account is created, sort of like a serial number that can
only be identified by the Mac the account was created in. This means that if
you restore an account on another Mac, the number will change, and it will
be unique to that Mac computer as well. It's also an alphanumeric attribute
that serves to identify the account with the file and folder ownership.
Apple ID: This is the Apple ID linked to this account. If there isn't an ID
associated with it yet, nothing will show for the user, as is the case in Figure
4.20.
Aliases: This is used to associate the local user account with other service
accounts, such as iCloud.
Be careful not to make any unnecessary changes to these attributes

since you could potentially break a user account.
In the following sections, we will see other important management actions, such as
deleting and restoring user accounts.
[ 143 ]
Deleting user accounts

In this section, we will see how to delete a user account and the options we have to
restore one. For this example, we will delete John Adams' account. But let's take some
precautions before deleting his account:
1. Open System Preferences and then the Users & Groups preferences.
2. Right-click on John's account to see the Advanced Options... button, as we
did in the previous section. Take a screenshot of the attributes you see here,
in case you need that information later.
To delete the account, follow these steps:
1. If not already, log in as an administrator and go to the Users & Groups

preferences again (or click the lock icon to authenticate as an admin). Make
sure John's account is selected, and then click on the – sign to delete the
account, as shown in Figure 4.21:
Figure 4.21 – Deleting user accounts
[ 144 ]
2. Now, you will have to define what will happen to the user's home folder.
The options you can choose from are shown in Figure 4.22. They are as
follows:
Save the home folder in a disk image
Don't change the home folder
Delete the home folder
When you choose the last option (Delete the home folder), the user account
and folder are fully deleted from the system, and the storage space is freed.
Next, we will see what happens when we choose the other two options.
3. For this example, let's choose the first option, Save the home folder in a
disk image. Next, click Delete User:
Figure 4.22 – User home folder options
4. We can now close the System Preferences window.
That's it! The user account is deleted and the home folder, in this case, has been saved
as a disk image. Next, let's see how to restore this deleted user.
[ 145 ]
Restoring deleted user accounts from a disk

image
In the previous section, we deleted John's account. Now let's see what we need to do
if it was deleted accidentally and we wanted to restore the account. Remember that
we chose to save the home folder in a disk image in the options for what do to with
the user account home folder (Figure 4.22).
To restore the user in this case, we need to go to our Mac's root folder:
1. You can find the root folder through the Finder's side menu
or the volume we configured to be visible on the desktop
(usually Macintosh HD). Once you are there, you will need to go to
the /Users/Deleted Users folder, where you will find the saved image,
as shown in Figure 4.23:
Figure 4.23 – Deleted user folder
2. Double-click on John's image (the DMG file shown in Figure 4.23). The
contents of the file will be shown, and a disk icon will appear, as you can
see in Figure 4.24. You can close the containing folder but keep the image
open (the disk icon to the right); don't eject it:
[ 146 ]
Figure 4.24 – Opening the home folder image
3. Next, select the image and select Duplicate from the Finder contextual
menu, as seen in Figure 4.25. This is an important step to ensure all folders,
including the hidden Library folder, are copied for a successful
restoration:
Figure 4.25 – Duplicating the home folder
You might need administrator permissions to duplicate the image.
[ 147 ]
4. Open another Finder window and go to the Users folder, as shown in

Figure 4.26.
5. Now, drag John's duplicated folder from the desktop to the Users folder,
as shown in Figure 4.26. You will need to authenticate as an administrator
again to do this:
Figure 4.26 – Moving the home folder to the Users folder
And that's it! The home folder has been restored, but there are still a few
more actions to complete the account restoration.
Follow these steps to complete the deleted user account restoration:
1. In System Preferences, go to the Users & Groups preferences.

2. Authenticate as an administrator by clicking the lock icon in the lower-left
corner.
3. Create a user with the same details used to create John's user account the
first time (same account name and full name).
4. Once you have entered all the details for the account and clicked Create
User, a message will warn you that a folder with the same name already
exists. Select the Use Existing Folder button shown in Figure 4.27:
[ 148 ]
Figure 4.27 – Using the existing home folder
Account restoration is now complete! You will see the user appear again in
the Users & Groups side menu.
To verify the account details, follow the steps as follows:
1. In the Users & Groups preferences, right-click the newly created account to
see Advanced Options... as we saw earlier.
2. Open the screenshot you saved before deleting John's account and compare
the details.
3. Both accounts' user IDs should be the same, but the UUID will be different
because that is unique to every account created.
4. If you now go to the Users folder and try to open John's restored account,
you will not be able to do it since the folder now belongs to John, and not
even the administrator has permission to access it.
[ 149 ]
As an extra verification step, log in as John Adams and verify that the hidden folders
are there:
1. Log in to John's account and open the Finder.

2. Hold down the Option key and choose Go in the Finder menu to reveal
the Library folder.
3. Select the Library folder to open it, and you will be able to verify that all
the contents are there.
That's it! We just saw how to carry out account restoration when the deleted account
home folder was saved into an image (DMG). In the next section, we will see the
second option presented when deleting a user account.
Restoring deleted user accounts kept in the

Users folder
For this account restoration option, we will see how to proceed when choosing the
second option we saw in Figure 4.22, Don't change the home folder, when deleting
John's user account. This means that John's home folder will remain in the Users
folder even if the account no longer exists, but (Deleted) will be appended to
the folder name, as you can see in Figure 4.28. This is helpful if you want to keep that
folder temporarily to restore it or migrate it to another Mac:
Figure 4.28 – Deleted home folder kept in the Users folder
[ 150 ]
In this case, restoring the deleted account is even easier: just rename the folder and
remove the (Deleted) part. Then, follow the steps to create an account with the
same details, as we saw earlier, to complete the restoration. You will again see
the prompt that will warn you that a folder with the same name already exists. As we
did previously, select the Use Existing Folder button shown in Figure 4.27.
And that's it! You have now successfully restored a deleted account using two
different methods. With this, we have completed the section on Standard account
management. In the next section, we will explore the management of the root user.
Managing the root user

As mentioned earlier, the root user needs to exist and is rarely needed by the
Standard user. It's only used by advanced users or administrators for specific tasks
that require root permissions. Because of the security risk of enabling the root
account, it is disabled by default. You would need to enable it to use it, and that is
what we will see next.
In this section, we will cover the following:
Enabling the root user

Logging in as the root user
Disabling the root user
Let's begin by exploring how to enable the root user.
Enabling the root user

You can enable the root user through the following:
System Preferences
Terminal
To enable the root user through System Preferences, follow these steps:
1. Open System Preferences and go to Users & Groups.

2. Click the lock and authenticate as an administrator.
[ 151 ]
3. Click on the Login Options button, and next on the Join... button, as shown
in Figure 4.29:
Figure 4.29 – Enabling the root user
4. Now, click on the Open Directory Utility... button (Figure 4.30):
Figure 4.30 – Opening Directory Utility
5. You will see the window in Figure 4.31. Once more, click the lock and enter
your administrator name and password:
[ 152 ]
Figure 4.31 – Authenticating to open Directory Utility
6. In the Directory Utility menu bar, choose Edit, and then Enable Root User,
Figure 4.32 – Enabling the root user
7. Finally, enter the password you wish to use for the root user. And that's it!
[ 153 ]
You can also enable the root user through Terminal. Follow these steps to use that
method:
1. Open Terminal, located in the Applications/Utilities folder.

2. Next, at the command prompt, enter dsenableroot, as seen in Figure 4.33.
3. Now, you will need to enter the administrator password to authenticate,
and next, you will be asked to enter a password for the root.
4. Once the root password has been entered a second time to verify, you will
see a message indicating that the root user has been enabled successfully:
Figure 4.33 – Enabling the root user through Terminal
Now that the root user is enabled, let's see how to log in with this account.
Logging in as the root user

There are two main methods to log in as a root user:
Through the login window

Through Terminal
To log in through the login window, take the following steps:
1. Turn on the Mac, or if you are logged in, log out of the current account to
see the login window.
2. When the root user is enabled, you will see a new user with the name of
Other... in the login window, as you can see in Figure 4.34. Click on that
icon to log in:
[ 154 ]
Figure 4.34 – Logging in to the root account
3. Next, enter root in the username field and the password you created for
this user in the password field.
4. Once you are in the desktop interface, if the option to show full names is
enabled in fast user switching (this feature is covered in the What is fast user
switching? section a little later in this chapter), you will see the
name System Administrator at the top of the screen, as you can see in
Figure 4.35. This tells you that you are logged in as root:
Figure 4.35 – System Administrator
And that's it! You are now logged in as root with full access to the system.
To log in through Terminal, you can do so via the command line with the sudo
command. It's actually safer to use the root user this way than it is to enable it for the
whole system for an undetermined amount of time, as you may perhaps forget that
you've left it enabled.
Enter the following command in Terminal to enter root mode, followed by any
commands you would like to run:
sudo [command]
If you need to perform many tasks as root, you can also open a root shell:
sudo -s
[ 155 ]
If you use the previous command, you will stay in root mode until you enter exit to
revert to your usual permissions:
exit
If you want to learn more about what you can do with sudo, you can enter man sudo
in Terminal, as seen in Figure 4.36:
Figure 4.36 – System Manager's (sudo) Manual
We have just seen how to enable the root user. Let's examine how to disable it.
Disabling the root user

After performing the tasks required with the root user, it is recommended to disable it
to protect your system.
Just follow the same steps you did to enable it through Directory Utility, but in the
menu bar, choose Edit, and then Disable Root User, as shown in Figure 4.37:
[ 156 ]
Figure 4.37 – Disabling the root account
You can also disable it through Terminal, as shown below:
1. Open Terminal and enter the dsenableroot -d command.

2. After entering the administrator password, you will see a message
indicating that the root user has been disabled, as shown in Figure 4.38:
Figure 4.38 – Disabling the root account through Terminal
And with this, we have finished the section on managing the root user. In the next
section, we will explore another kind of user, the Guest user.
Managing the Guest user

A Guest user account doesn't need to be created, but it is disabled by default. All you
need to do to use it is enable it and configure a few settings to allow users to log in as
guests. For this, follow the steps shown:
1. Open System Preferences and go to the Users & Groups preferences.

2. Authenticate as an administrator.
3. Select Guest User from the user list on the left, as seen in Figure 4.39.
[ 157 ]
4. Check the Allow guests to log in to this computer box. As soon as you do
that, the Guest user in the left panel will show the Login only status, and
the Limit Adult Websites option will be enabled by default as well (this
can be different in versions prior to Big Sur, where you probably have to
enable the latter option manually):
Figure 4.39 – Enabling the Guest user
5. The next time you are at the login window, you will see the Guest User
icon (Figure 4.40). Just click the icon, and it will automatically log in (there's
no need for a password):
Figure 4.40 – Logging in to the Guest User account
[ 158 ]
Finally, you could also allow guests to use shared folders in the network. For this,
check the Allow guest users to connect to shared folders box (Figure 4.39). When you
do that, the Guest account will have access to shared folders from another computer
or user on the network.
Take into account that enabling the Guest account can cause
unexpected behavior when FileVault is enabled.
That's it! Your temporary users can now use the Guest account without risking
exposing your data or personal information.
In the next section, we will see other useful settings that help you adjust the user's
login options.
Adjusting the login options

The login options are also configured in the Users & Groups preferences. Take into
account that you will need to do this as an administrator. The login options you can
configure are the following:
Automatic login
Account display options
Fast user switching
Let's explore these options.
Automatic login
You can configure a user to log in automatically when the Mac is started. By default,
this setting is disabled. To change that behavior, follow these steps:
1. Open System Preferences, click on Users & Groups, and then click Login
Options.
2. Click the lock icon to authenticate as an administrator.
[ 159 ]
3. Click the Automatic login drop-down menu, then choose a user, as shown
in Figure 4.41:
Figure 4.41 – Automatic login
For security reasons, it is not recommended to set automatic login

for the administrator.
4. Once you select a user, you will be asked to enter the user's password.
5. You might need to restart the Mac for the automatic login to become
effective.
Take into account that if FileVault is enabled, automatic login is

disabled. If you disable FileVault, you would need to restart the
computer for automatic login to work.
There are more login options you can use to improve your user experience, and we
will see those next.
[ 160 ]
What is fast user switching?

Fast user switching is a feature that allows you to switch between user accounts
without having to log out from your currently logged-in user. This means you can
switch user accounts without having to quit any apps. To use this feature, take the
following steps:
1. Open System Preferences and click Login Options.

2. Make sure the Show fast user switching menu as box is checked, as shown
in Figure 4.42.
3. You can configure how the names will show at the top of your screen
(Figure 4.43); by default, Full Name is selected in the dropdown, but you
can choose Account Name or Icon. Choose Icon if you are concerned about
privacy:
Figure 4.42 – Fast user switching options
[ 161 ]
4. Once that is done, you will be able to quickly switch users from the top-
right corner of the screen, as seen in Figure 4.43:
Figure 4.43 – Fast user switching menu
With this, we conclude this section on the login settings you can use to improve the
user experience.
In the next section, we will see a new feature called Screen Time used to control user
access.
Using Screen Time (macOS Catalina and later)

Before macOS Catalina, there was the possibility to create accounts managed with
parental controls, and there was a section in the Users & Groups preferences where
the parental controls could be configured. Starting with macOS Catalina, the parental
controls are replaced with the Screen Time feature.
Screen Time is not just a tool to restrict usage and schedule downtime; it also
provides daily and weekly reports to analyze how you and others are using the Mac.
In the following example, we see the feature in the macOS Big Sur interface:
1. The Screen Time options are managed from System Preferences, through
the icon shown in Figure 4.44:
[ 162 ]
2. To enable it, click Options in the lower-left corner, and click Turn
On.... The same button can be used to Turn Off..., as you can see in Figure
4.45. You can even use a Screen Time passcode so that you can enter it to
allow more time when limits are reached:
Figure 4.45 – Enabling Screen Time
[ 163 ]
If you are using Family Sharing, you can turn on Screen Time on each of the devices
and manage it from your Mac. Family Sharing is covered in Chapter 10, Managing
Apps and Documents.
In the next sections, we will explore the options on the left menu of this tool, each
having a specific function. These options can be divided into two main categories:
Tracking usage
Limiting usage
Let's begin exploring the options for tracking usage.
Tracking usage
In this section, we will see the options in Screen Time related to usage tracking. They
allow you to track how apps are being used and the amount of time dedicated to
specific apps so that you can make decisions on restricting certain apps. This part of
Screen Time is not for configuration but rather for monitoring.
To track usage with the Screen Time feature, you have the following options:
App Usage
Notifications
Pickups
Let's learn a little bit about each of these options.
App Usage
This feature is used to check how much time is spent on each app. You can see the
data per day or week. You can also see all apps or view usage by category, such as
productivity or entertainment (Figure 4.46):
[ 164 ]
Figure 4.46 – Tracking app usage
The next item on this part of the menu is Notifications. Let's explore what it is for.
[ 165 ]
Notifications
Notifications are small boxes you see in the top-right part of your screen triggered
from several apps, depending on your configuration. These notifications can be
distracting or even annoying. The Notifications tab in the Screen Time tool helps you
see statistics about how many notifications you get from each app (Figure 4.47):
Figure 4.47 – Notifications
If you want to configure notifications, for example, to pause or stop them, you can do
that from the Notifications pane in System Preferences.
Let's explore the last tab in this tracking section, the Pickups tab.
Pickups
This feature allows you to see how many times you have "picked up" your device or,
in the case of a Mac, how many times you "woke it up" after a period of inactivity or
sleep, and which apps you used first after picking it up (Figure 4.48):
[ 166 ]
Figure 4.48 – Pickups
And with this, we have seen the section in Screen Time that tracks usage. In the next
section, we will see the options that allow you to limit that usage.
Limiting usage
After analyzing the statistics you obtained in the Screen Time tabs we saw in the
previous section, you can make decisions on how to optimize your usage by limiting
it for yourself or other users or family members if using Family Sharing. Family
Sharing is covered in Chapter 10, Managing Apps and Documents.
These are the options you have to limit usage with the Screen Time feature:
Downtime
App Limits
Always Allowed
Content & Privacy
Let's learn a little bit about each of these options.
[ 167 ]
Downtime
With this option, you can schedule time away from the computer. When this option is
configured, you will only be able to use specific apps you have configured to be
allowed, along with phone calls. First, make sure Downtime is selected in the left
menu, and click on the Turn On... button to enable it. The same button will allow you
to turn it off, as seen in Figure 4.49. Once enabled, you can set a schedule per day or
set a custom one:
Figure 4.49 – Downtime
You can configure Downtime for your own account, for other accounts if you log in
to their accounts as an administrator, or directly from your administrator account if
using Family Sharing.
When Downtime is configured and in effect, the user will see a notification 5 minutes
before it is activated, as seen in Figure 4.50:
Figure 4.50 – Downtime notification
[ 168 ]
If the user tries to use a restricted app in the Mac, a message will be displayed
informing them that the Mac cannot be used. You can click OK or Ignore Limit to use
the Mac despite the scheduled downtime, as seen in Figure 4.51. In the case of a family
member, usually a child, an additional option will show through which they can
request more time, which the organizer of the Family Sharing group can deny or
approve.
Figure 4.51 – Downtime ignore
If you click on Ignore Limit, you will be given the options shown in Figure 4.52:
Figure 4.52 – Downtime ignore options
While this option allows you to set a global downtime setting, the next option we will
see allows you to set limits on specific apps.
[ 169 ]
App Limits
This option allows you to set limits on specific apps and even entire categories of
apps. To use it, you need to enable it. Make sure App Limits is selected in the left-side
menu, and then click the Turn On... button (Figure 4.53):
Figure 4.53 – App Limits
Next, you can add apps or categories of apps by clicking on the + button, as shown
in Figure 4.53. When you do that, you will see the window shown in Figure 4.54. At
that point, you can choose entire categories of apps to restrict, such as Games, or you
can expand the category by clicking the arrow encircled in the following screenshot to
select or deselect specific apps in that category:
[ 170 ]
Figure 4.54 – Creating app limits
When you activate this option, you will receive a notification similar to the one seen
in Figure 4.51 when your time is up for a configured app restriction. Again, when you
see that notification, you can click either OK or Ignore Limit. If you click on the last
option, you will be given the options shown in Figure 4.52.
With this option, we have seen how we can configure app restrictions. With the next
option, you will be able to specify which apps are allowed.
[ 171 ]
Always Allowed
This option allows using certain apps even when downtime is scheduled or when app
limits have been configured. To use it, make sure the Always Allowed option is
selected in the left-side menu (Figure 4.55). Next, select the apps from the list that you
want always to be allowed:
Figure 4.55 – Always Allowed
The last option on the menu allows you to customize restrictions even further, as we
will see in the next section.
Content & Privacy

In this tab, you can restrict content, purchases, and downloads. To enable it, make
sure the Content & Privacy option is selected in the left-side menu and click the Turn
On... button to activate it (Figure 4.56). In this tab, you have four additional tabs
– Content, Stores, Apps, and Other – which allow you to fine-tune your content and
privacy configurations by restricting explicit content, purchases, and downloads, and
configuring privacy settings:
[ 172 ]
Figure 4.56 – Content & Privacy
When you are using Family Sharing, you will see an extra option on the left menu,
called Communication. To use it, Contacts has to be turned on in the iCloud
preferences. With this option, you will be able to control who the members of the
Family Sharing group you monitor can communicate with during the day. This
option allows establishing limits on Phone, FaceTime, Messages, and iCloud contacts.
Still, communication with specified emergency numbers is always allowed.
And with this, we have finished this section on the Screen Time feature and on
managing user accounts. We saw how to create a standard user account, set it up, and
configure additional preferences. We saw how to manage the root and guest users.
We also saw login options and how to use the fast user switching feature.
In the next section, we will see a topic closely related to user accounts: user home
folders.
[ 173 ]
Understanding user home folders

When we create a user account, a home folder is created for every user, except for the
Sharing Only user. This home folder is the user-space default folder structure and
organization for files, directories, sharing folders, and even apps. It is important for
the administrator, support expert, or advanced user to become familiar with the home
folder's contents to understand how user accounts are created, how files are saved,
how to use the sharing spaces, and how apps interact with these folders.
In this section, we will cover the following topics related to home folders:
The user home folder structure

Deleting home folders
Migrating and restoring home folders
Let's start by examining the user home folder structure.
The user home folder structure

The user home folder's default location is usually the /Users folder in the root of the
system volume (Macintosh HD). The name of the home folder is the name of the user
account. The currently logged-in user's home folder will display with a home icon, as
you can see in Figure 4.57:
Figure 4.57 – Users folder
[ 174 ]
The default home folder structure for any macOS user contains the following
subfolders:
Desktop
Documents
Downloads
Movies
Music
Pictures
Public
We can see this structure in Figure 4.58:
Figure 4.58 – User home folder structure
The content of these folders is pretty straightforward, as their names are self-
explanatory. This structure can be browsed by other users, but the contents of most of
these folders can only be accessed by the owner of that account. However, one folder
is the exception as other users can see it: the Public folder, also visible in Figure 4.58,
which has another folder inside it, the Drop Box folder.
An additional folder is hidden by default, the Library folder, which is why we don't
see it in Figure 4.58.
There is also another optional folder that can be created manually by users,
the Applications folder. This is where they can save their own applications, instead
of using the system Applications folder, where all apps are usually kept by default.
If created, this folder is recognized by the system. If you install apps in this folder in
your home folder, they will be available for you only, instead of all the users in the
system, as is the case with the usual Applications folder located at the root.
[ 175 ]
In the next section, we will see the folders that are not self-explanatory. That said, it's
still important to mention that some applications have specifically dedicated folders
for the files created with them. That's the case of
the Music, Movies, and Pictures folders in the user home folder, which are used
specifically for files created by applications such as iMovie, iTunes, and Photos; these
folders are the default locations for those applications. Some third-party applications
will even create folders inside those folders for their user-created files.
In the following sections, we will see more about the folders that are not self-
explanatory.
The Desktop folder

The Desktop folder shows all the items that are in the user's main interface space.
This space also has some features that allow you to manage it efficiently. We won't
cover all of them, but we will explore two of these features: Stacks and Quick
Actions.
Let's explore the Stacks feature first.
Using Stacks
It is not recommended to keep files in the Desktop folder unless it is temporary, but
we all know that temporary usually becomes permanent, and very quickly your
desktop becomes cluttered. You should have a nice folder structure to store all your
files, instead of the desktop. However, if you like keeping things on the desktop, there
is a useful tool introduced in macOS Mojave that comes to save the day: Stacks.
As we saw in Chapter 1, Overview of the macOS System, Architecture, and

Features, Stacks is a new feature that helps you keep your desktop organized, and it is
very easy to use.
To use Stacks, follow these steps:
1. Right-click anywhere on the desktop and choose Use Stacks from the
contextual menu (Figure 4.59):
[ 176 ]
Figure 4.59 – Stacks
2. By default, the "stacks" of files will be organized by kind (images, PDF,

video, and so on), but you can also organize them by tag, date of
modification, or other criteria. To do that, with Stacks enabled, right-click
on your desktop and choose Group Stacks By from the menu, as shown in
Figure 4.60:
Figure 4.60 – Group Stacks By
You can view the items that are organized in stacks very easily. Just click on a stack
and scroll to find what you are looking for. When you find the correct file, just
double-click to open it.
Let's see another feature available in the desktop space and that can be used in
combination with Stacks: Quick Actions.
[ 177 ]
Quick Actions
You have many other options to choose from when you right-click on a stack, or on
any file for that matter. You can choose Rename, Compress, or Share, or use one of
the Quick Actions features (Figure 4.61), such as Rotate, Markup, Create PDF, or trim
audio and video files:
Figure 4.61 – Quick Actions
We have just seen the Desktop folder and two important features you can use to
make the most of it. Let's continue exploring the other user folders.
The Library folder

There are several Library folders in the macOS filesystem, and there is one inside
the user's home folder, but it is hidden by default, which is why you cannot see it in
the Finder. This Library folder is where apps keep their custom data files. It can also
be used to store caches, resources, and preferences. The types of files stored here are
user-specific preference files, fonts, contacts, keychains, mailboxes, favorites, screen
savers, and other application resources.
[ 178 ]
The important subfolders in Library are the following:
Application Support: This folder is used to store application data files

that are not associated with the user’s documents.
Caches: Application-specific support files that can be re-created easily by
apps are stored here.
Frameworks: Frameworks that are shared by multiple apps are installed
here.
Preferences: This folder includes application-specific preference files.
If you need to access this folder for any reason, you can use temporary and
permanent methods to access it, all of which are covered in detail in Chapter
8, System Resources and Shortcuts.
The next folder we will discuss is the Public folder.
The Public folder

All users have a Public folder in their home folder structure. The purpose of this
folder is to allow other users on the same Mac or on your local network to use it to
share files with you by placing them in their Public folders.
At the same time, each Public folder has a subfolder called Drop Box. The purpose
of this last folder is to allow you to share your files with other Mac users by placing
them in their Drop Box folders. There are a few important things to consider about
the Public and Drop Box folders because they can be a bit confusing if you don't
understand the logic behind them. This is why I invite you to review how to use them
for file sharing, which is covered in detail in Chapter 7, Understanding Ownership and
Permissions.
And with this information, we have covered the user home folder structure. In the
next section, we will learn how to delete and migrate the local user home folder.
[ 179 ]
Deleting local user home folders

When you delete a local user account, as we saw earlier, you need to define what will
happen to the user's home folder in the Users & Groups preferences. You have three
options:
Save the home folder in a disk image

Don't change the home folder
Delete the home folder
What happens when you choose each of these options is covered with examples in
the Deleting user accounts section earlier in this chapter. That said, let's see how to
migrate and restore a user home folder.
Migrating and restoring local user home

folders
You can migrate a home folder from another Mac or even a Windows computer, or
you can also manually restore a deleted home folder. In the case of both procedures,
you can keep all the account details and files, which will allow you to recover your or
your users' data.
There are two ways to migrate or restore home folders. One uses a tool called
Migration Assistant, and the other way is just to do it manually. Let's examine both
methods.
Migration Assistant
Migration Assistant is a very useful tool that saves a lot of time since it allows you to
restore user account details and data automatically; you don't have to do it manually.
Migration Assistant allows you to transfer the following:
User accounts
Settings
A Time Machine backup
Content from a Mac or Windows computer
[ 180 ]
At the same time, there are three common scenarios you will encounter when
migrating data to a Mac through Migration Assistant:
Your data is on a Windows computer.

Your target Mac is running OS X Mavericks v10.9.5 or later.
Your target Mac is running OS X Mountain Lion v10.8 or earlier.
We will see how the process works in the first two cases in the next section.
If you want to check the macOS version history to see which version
comes after the other, you can go back to Chapter 1, Overview of the
macOS System, Architecture, and Features, where you will find a list of
all the versions.
There are two ways to access Migration Assistant: when you are first setting up a
newly installed Mac, Migration Assistant will appear (Figure 4.62) in case you want
to transfer your data at that point:
Figure 4.62 – Migration Assistant
The other way is through the Utilities folder in the Applications folder. In both
cases, the process the tool follows is the same.
Let's go through the first scenario step by step.
[ 181 ]
Your data is on a Windows computer

You can transfer music, pictures, documents, and other data from a Windows PC to a
target Mac computer through Migration Assistant.
Specifically, the data that you can transfer is the following:
Email, contacts, and calendar information

Outlook (32-bit, Windows 7 or later (contacts, appointments, mail settings))
Pictures
Files from the top-level folder (non-system files)
Windows Live Mail (Windows 7 and later: IMAP/POP settings only)
Windows Mail (Windows 7 and later: IMAP/POP, and contacts only)
Bookmarks
iTunes content
System settings, such as language, location, and so on
Here are the requirements:
Your PC must be running an updated version of Windows 7 or later.

You need to know the name and password of the Windows PC
administrator.
The PC and the Mac must be connected to the same network (Wi-Fi or
other). Otherwise, you can connect them both directly with an Ethernet
cable.
The appropriate version of Migration Assistant must be installed on the
Windows PC. There are three versions, and which version you should
install will depend on which macOS version your target Mac is using:
Windows Migration Assistant for macOS Mojave (https://
support.apple.com/kb/DL1978)
Windows Migration Assistant for macOS Sierra/High Sierra
(https://support.apple.com/kb/DL1913)
Windows Migration Assistant for OS X El Capitan or earlier
(https://support.apple.com/kb/DL1896)
Some Mac models will require an adapter to connect directly

through an Ethernet cable to a PC.
[ 182 ]
Once you have verified that all the requirements are met, follow these steps:
1. On your PC, close any open Windows applications.

2. Open the Migration Assistant you downloaded and installed, and click
Continue at the first window.
3. Turn on your target Mac and open Migration Assistant, if not already open.
4. You will see the screen shown in Figure 4.63 (macOS Big Sur). You will be
warned that if you continue, all applications will be closed. Make sure you
don't have any unsaved data and click Continue when ready:
Figure 4.63 – Migration Assistant
5. You will see the screen shown in Figure 4.62. Choose the From a Windows
PC option and click Continue.
6. Enter the PC administrator's name and password.
7. Choose your PC from the list of available computers.
8. Next, a matching passcode should appear on both computers.
9. A list of data that can be migrated will be displayed for you to select; it will
include full user accounts, data, and so on.
10. Select the user account or individual files and settings you wish to migrate
and click Continue.
11. The process can take a while depending on how much data you are
migrating, but you will able to monitor the progress.
12. When the migration is complete, if you migrated a user account, you will
be asked to set a password when you log in to the migrated account on
your target Mac.
[ 183 ]
And that's it! Your data has now been fully migrated from a Windows PC to your
target Mac.
Let's see the steps for the second option, migrating from a Mac to another target Mac.
Your target Mac is running OS X Mavericks v10.9.5 or later

Migrating data from a Mac to another target Mac will be the most common scenario.
In this example, we will see how the process works with a target Mac running OS X
Mavericks or later. Let's see the requirements first:
Make sure your Mac is updated. If not, be sure to install any updates that
may be pending before proceeding.
The old Mac should be running OS X Snow Leopard v10.6.8 or later.
The old Mac should have a computer name. To find out the name, go
to System Preferences and click on the Sharing icon marked in Figure 4.64:
Figure 4.64 – Sharing preferences
[ 184 ]
Take note of the name in the Computer Name field, as seen in Figure 4.65.
In this section, you can also change your computer's name if you like by
clicking on the Edit button:
Figure 4.65 – Computer name
Make sure both Macs are connected to a power source.
Follow these steps to perform the migration:
1. If both Macs are running macOS Sierra or later, place them close together
and make sure Wi-Fi is turned on on both of them.
2. If either Mac is using OS X El Capitan or earlier, connect them to the same
Wi-Fi network or through Ethernet:
Another way to connect them is through Target Disk mode,
which we will explore in Troubleshooting Tips, of this book.
Another option would be to connect your target Mac to a volume
containing a Time Machine backup. We will see all about Time
Machine backups in Chapter 11, Backups and Archiving.
[ 185 ]
3. On the target Mac, open Migration Assistant.

4. Once Migration Assistant is open, you will see the same screens that are
shown in Figures 4.62 and 4.63.
5. Select From a Mac, Time Machine backup, or startup disk and click
Continue.
Take into account that when you use Migration Assistant, all other
applications must be closed, or they will be closed by the
application.
6. Now, let's switch to the old Mac. Open Migration Assistant and click
Continue. You will be asked to authenticate as an administrator.
7. You will be asked whether you want to transfer data. At this point, select
the To another Mac option (Figure 4.62) and next, click Continue.
8. Now, switch to the target Mac. Select the appropriate source of the transfer,
in this case, the old Mac, and click Continue.
9. You should see a matching security code appear in both Macs. Click
Continue in the old Mac.
10. On the target Mac, choose the backup source you want to use from the list,
and click Continue.
11. Choose which data you want to transfer. This data can be entire user
accounts, folders, computer and network settings, apps, and so on. How
long the process will take will depend on how much information you are
transferring.
12. And that's it! You can now log in to the migrated account on the target
Mac.
If your target Mac is running OS Mountain Lion v10.8, follow the

steps indicated in this article: How to move data to your new Mac using
Mountain Lion and earlier (https://support.apple.com/HT204320).
In this section, we have seen how to migrate data using Migration Assistant. In the
next section, we will see how this can also be done manually.
[ 186 ]
Restoring manually
You can manually restore a local user account in the same Mac or a different Mac.
This is what you need to do:
1. Copy the entire user home folder you want to restore to a temporary
location, such as a USB or an external volume.
2. Next, copy the home folder to the /Users folder of the Mac on which you
want to restore the user account.
3. Open System Preferences and go to Users & Groups.
4. Create a new local user account with the same name as the user home
folder you want to associate with.
5. At this point, macOS will recognize the new home folder and ask you
whether you want to associate it with the home folder with the same name.
6. And that's it! The home folder is now restored and associated with a
specific user account.
And this concludes this section on understanding user home folders. In the first part,
we saw the home folder structure; next, we saw how to delete, migrate, and restore
local user home folders through Migration Assistant and also manually.
This concludes the content for this chapter. Be sure to read the summary for a quick
recap of the topics covered.
Summary
You now know the types of local user accounts available in macOS, what they are
used for, and how to create and manage them, including creating, deleting, and
restoring user accounts. You also know what account attributes are and how to
configure login options, including fast user switching. You learned how to use the
new Screen Time feature to track usage and set limits for user accounts and family
members. In the second part, we saw the structure of the home folder created for each
user, and how to delete, migrate, and restore user home folders with the help of
Migration Assistant. You are now ready to manage all aspects of user accounts and
home folders at a support level.
In the next chapter, we will explore the user security and privacy options available in
macOS for the user's data security and protection of the user's privacy.
[ 187 ]
5
Managing User Security and
Privacy
In this chapter, you will learn about managing user security and privacy through
various methods. First, we will explore the password types available in macOS and
when they should be used. Next, you will learn how to manage user account
passwords and other passwords used by macOS, such as the firmware password.
Also, you will examine the Keychain system and how to use it. Finally, you will
review additional features that help you protect user privacy in macOS, such as cross-
site tracking and Location Services. By the end of the chapter, you will be able to use
and manage passwords effectively to secure user accounts, and be able to configure
the different features macOS offers to further enhance security and privacy as an
essential part of your work as an administrator or while supporting other users.
More specifically, the main topics that will be covered in this chapter are the
following:
Understanding password types in macOS

Managing passwords in macOS
Understanding the Keychain system and iCloud Keychain
Managing privacy in macOS
Let's start by reviewing the technical requirements for this chapter.
This is what you will need for this chapter:

Managing User Security and Privacy Chapter 5
Understanding password types in macOS

In this section, we will explore the password types used in macOS. We will see in
what situations they are used.
The macOS operating system uses several types of passwords for the security of the
hardware, operating system, and user data. There is also a system password. More
specifically, we will cover the following:
Local user account passwords

Apple ID account and password
Keychain password
Resource password
System password (firmware)
Let's review each of these types of passwords in more detail.
User account passwords

This is the most common type of password and is used for logging in to your Mac.
These are the passwords used by all types of local users that are created on a Mac
system:
Standard
Administrator
Root
Sharing Only
Guest and Group accounts are not included as they don't require a password.
These passwords are configured at the time of user creation, or later using System
Preferences and the Users & Groups pane.
Before macOS Sierra, there was an option to unlock macOS user accounts with an
Apple ID, but this is no longer possible. Therefore, the only password authentication
method possible in macOS is through locally saved passwords. This method stores
locally encrypted passwords in account records.
[ 189 ]
Of course, network authentication is also possible when using centralized directory

services such as Active Directory.
If the Apple ID is not useful as an authentication method for your Mac local user
account, what is it used for in macOS? That's what we will see next.
Apple ID account and password

The Apple ID, if linked to an account either during the initial configuration or later
through Apple ID preferences, allows users to authorize Apple-related services, such
as the App Store and iCloud services. As mentioned earlier, before macOS Sierra, it
was possible to use the Apple ID account and password to unlock your local account
password; however, this is no longer possible.
The Apple ID account and password, however, when linked to your account, provide
you with an additional method to reset your macOS user account password. In the
Resetting local user account passwords section later in this chapter, we will see how to
use it for this purpose.
We have already seen how to configure a local user account and the
Apple ID in Chapter 4, User Account Management, if you would like
to go back to review it.
The next type of password available in macOS is Keychain passwords. Let's explore
them.
Keychain passwords
Keychain is a macOS password management system. The Keychain system is a tool
that allows you to store many types of items securely on your Mac, and
it stores passwords in encrypted files so that your authentication information remains
secure.
[ 190 ]
There are several keychain types in macOS. One of them is the login keychain that
works to secure the password you use to log into your local user account. Therefore,
this password is the same as your local account password. However, there are other
keychains for other purposes, and you can also create your own with its own
password. We will see how Keychain works in more detail in the Understanding the
Keychain system and iCloud Keychain section later in this chapter.
Next, let's explore another type of password related to the Keychain system.
Resource passwords
These are passwords for other types of resources, such as email, websites, file servers,
apps, and encrypted disk images. Note that these passwords are usually
automatically stored in the Keychain system.
Finally, let's take a look at the password type that adds an extra layer of protection to
your system: firmware passwords.
System firmware passwords

Currently, there is one system password that can be set: the firmware password.
Before macOS High Sierra, there used to be an additional type called the master
password, but it is no longer possible to set it.
Take into account that the firmware password is not supported in

Macs with the Apple M1 silicon chip.
The firmware password is used to prevent your Mac from starting up from any disk
other than the one configured as the startup disk. Its primary purpose is to prevent
unauthorized users from using startup shortcuts (such as the Option key) to bypass
other passwords to access the computer's operating system and make changes,
mainly to users' passwords in order to gain access to the computer.
This password is not linked to any user account. In fact, it remains separate from the
system's software as it is saved to Mac's firmware chip.
[ 191 ]
When it is set, if you wanted to start up from another disk that is not the designated
one in the startup disk configuration, you would need to enter this password. Any
startup shortcuts would be disabled, except for the shortcut to start up from a
different disk (the Option key), but if you want to use it, you will need to enter the
firmware password.
Beware that, if the firmware password is not set, any user with
access to macOS Recovery can set it. Therefore, if that is a risk in
your environment, it is recommended to set a firmware password.
In this section, we have seen the password types available in macOS; namely, the user
account password, the Apple ID account and password, and keychain, resource, and
firmware passwords. In the next section, we will explore how to manage the
password types we have just described.
Managing passwords in macOS

In this section, we will discover how to manage the different types of passwords
available in macOS. At the end of this section, you will know how to use the various
methods to configure, change, and reset these types of passwords. More specifically,
these are the topics we will cover:
Changing local user account passwords

Changing the root password
Resetting local user account passwords
Configuring a firmware password
Let's begin by exploring how to change local user account passwords.
[ 192 ]
Changing local user account passwords

When you are logged into your local account (Standard or Administrator), you can
change your own account password in two places, both marked in Figure 5.1:
The Users & Groups preferences.

The General pane of the Security & Privacy preferences.
Figure. 5.1 – Password preferences
To change a local user account password, you need to know the old
password.
[ 193 ]
Let's see the steps for both methods.
Changing account passwords through Users &

Groups
Follow these steps to change a local user account password through the Users &
Groups preferences:
1. Log in to your local account (Standard or Administrator).

2. Open System Preferences using Spotlight, the Dock icon, or another
method.
3. Go to the Users & Groups preferences marked in Figure 5.1
4. Click the Change Password... button, as shown in Figure 5.2:
Figure. 5.2 – Local user password change
[ 194 ]
5. Enter your old password and the new password twice, and click
on Change Password when ready (Figure 5.3):
Figure. 5.3 – New password
And that's it! We have seen how to change the password through the Users & Groups
preferences. Now, let's explore the second method.
Changing account passwords through Security &

Privacy
Follow these steps to change a local user account password through the Security &
Privacy preferences:
1. Log into your local account (Standard or Administrator).

3. Go to the Security & Privacy preferences marked in Figure 5.1.
4. Next, select Change Password..., as shown in Figure 5.4:
[ 195 ]
Figure. 5.4 – New password
5. Change the password as usual (Figure 5.3).
When logged in as an administrator, the options are different. The

admin can change their own password but can only reset user
passwords from the Users & Groups preferences.
As you can see, changing your local account password is very easy. Next, let's see
how to change other types of passwords.
Changing the root password

Changing the root password is a little bit more complex than changing passwords for
other types of accounts.
[ 196 ]
Basically, you must follow the steps we saw in the previous chapter to enable the root
user (check Chapter 4, User Account Management, to review the procedure in detail):
If you have not enabled the root user, you will have to do so first.
Use caution as the root user has full access to the system. It's a best
practice to have the root user disabled or enabled by an advanced
administrator for very specific tasks and disabled once they are
completed.
1. Open System Preferences and then click on Users & Groups.

2. Click the lock to authenticate as an administrator.
3. Click on Login Options below the user's list.
4. Next, click the Join or Edit button.
5. Click the Open Directory Utility button.
6. Click the lock in the Directory Utility window, and authenticate as an
administrator once more.
7. In the Directory Utility menu bar, choose Edit and then Change Root
Password… as shown in Figure 5.5:
Figure. 5.5 – Changing the root password
8. Enter a new root password, enter it again to verify, and click OK when
ready.
[ 197 ]
That's it! You have now learned how to change the passwords for local user and root
user accounts.
In the next section, we will explore how to reset passwords that have been lost or
forgotten.
Resetting local user account passwords

Take into account that resetting a user account password can only be done by an
administrator.
It can be done in three ways:
Through the Users & Groups preferences

Through the Recovery system
Through the Apple ID (if linked to the account)
Let's explore each of these methods.
Resetting account passwords with the Users &

Groups preferences
Resetting a local user account password using this method works when you have
access to the Mac and System Preferences through an administrator. Follow these
steps:

2. Go to the Users & Groups preferences and click the lock to authenticate as
an administrator.
[ 198 ]
3. Select the user account for whom you want to reset the password and click
the Reset Password... button, as shown in Figure 5.6:
Figure. 5.6 – Resetting a user password
4. Enter a new password twice and click Change Password when ready.
Notice in Figure 5.7, a warning appears at the top, indicating that resetting
the password does not reset the password for the user's login keychain. In
general, this will not be a problem, but we will learn how to solve that, if
necessary, at the end of this section.
Resetting a user password will prevent access to the login keychain

using that password and any information stored in it. Resetting the
user password means the login keychain password will also have to
be reset. The contents of the previous keychain will not be accessible
unless the old password can be remembered.
[ 199 ]
Figure. 5.7 – Entering the new password
That's it! Resetting a password with this method is very easy, but there are two other
methods we will explore next.
Resetting account passwords with macOS Recovery

This method for resetting local user account passwords should be used when normal
access to Mac's System Preferences is not possible. This method can be used with local
user accounts, and in earlier versions of macOS, it also worked for the root user
password. Take into account that you also need administrator access to use this
method.
Follow these steps to reset a password through the Recovery system:
In macOS Catalina and earlier, it was possible to access the macOS

Recovery interface without administrator access. In macOS Big Sur,
this is not possible anymore. You will need to authenticate as any
known administrator in the system to even see the Recovery
interface.
1. Turn off or restart your Mac if it's on.

2. Start it while holding down Command + R.
3. If using macOS Big Sur, select an administrator for which you know the
password, and click Next. Enter the password for that administrator and
click Continue.
[ 200 ]
4. Once in the Recovery interface, go to the Utilities top menu and

select Terminal from the menu, as shown in Figure 5.8:
Figure. 5.8 – Resetting a user password through Recovery
5. In the Terminal window, type the resetpassword command, as seen in

Figure. 5.9, and press Return:
Figure. 5.9 – Using the resetpassword command
[ 201 ]
6. You will see the Reset password assistant appear behind the Terminal. You
can close Terminal at that point. Now, you will have to authenticate with
the password of an admin you know. In the example in Figure 5.10, you can
see that we have two admin accounts to choose from. Select an admin
account, and click Next. Enter the password and click Continue:
Figure. 5.10 – Selecting an administrator account
[ 202 ]
7. After you authenticate as the admin you selected, you will be asked to
choose the user account for whom you would like to reset the password. In
the example in Figure 5.11, we have two local user accounts whose
passwords we can reset. Select one account and click Next:
Figure. 5.11 – Selecting a local user account
8. Once you select the account, you will be able to enter the new password.
When ready, click Next. You will see a prompt indicating that the
password reset has been successful and that the user can now log in using
the new password.
9. Click Exit to close the window and restart the computer to use the new
password.
In macOS versions earlier than macOS Big Sur, to reduce the risk of
a user accessing the Recovery system with the ability to change
passwords, including the root user password, the solution was
either to use a firmware password or enable FileVault.
That's it! Resetting account passwords with this method is a bit more complex but
easy nonetheless. Next, we will explore the last method available.
[ 203 ]
Resetting account passwords with the Apple ID

This method for resetting local user account passwords works when the account is
linked to an Apple ID and when the administrator has given permission to the user to
reset the password using the Apple ID. We will see how to do that next. We already
saw how to link an Apple ID to a local account in Chapter 4, User Accounts
Management, if you would like to review it. In the example in Figure 5.12, we assume
that the Apple ID is already linked to the account.
For a user to reset their local account password, the administrator must have
previously enabled the Allow user to reset password using Apple ID option. To do
that, do the following:
1. Open System Preferences and go to the Users & Groups preferences.

2. Authenticate as an administrator through the lock icon, select a user
account with an Apple ID linked to it, and enable the option as shown in
Figure 5.12. You might be asked to authenticate once more to enable the
option:
Figure. 5.12 – Enabling the user to reset a password with an Apple ID
[ 204 ]
If the Allow user to reset password using Apple ID option does not
appear, the Apple ID was likely linked recently. Restart the
computer for the option to appear.
3. Restart the Mac and select the user for whom you want to reset the
password. On the login screen (Figure 5.13), enter any incorrect password
several times until the Reset it using your Apple ID message appears.
When it does, click on the blue arrow icon beside it:
Figure. 5.13 – Resetting password with Apple ID
4. Next, enter your Apple ID and password, and click Reset Password. You
will see an alert message about the keychain, as you can see in Figure 5.14.
Just click OK; we will see how to fix that in the next section, if necessary.
[ 205 ]
Figure. 5.14 – Resetting password with Apple ID
Resetting a user password will prevent access to the login keychain

using that password and any information stored in it. Resetting the
user password means the login keychain password will also have to
be reset. The contents of the previous keychain will not be accessible
unless the old password can be remembered.
5. After you do that, the Mac will restart, and you will be taken to the
Recovery Assistant, where you will be able to continue with the process we
saw in the previous example, starting in Figure 5.13. Note that you will
need to provide an admin password you know to proceed.
[ 206 ]
After resetting a local user account password, the new login password and the login
keychain password may not match. Let's explore why and what to do in that case.
Resetting local account passwords and the login keychain

As mentioned above, after a password is reset, it may happen that the new login
password and the login keychain password won't match. This is because macOS
creates a new keychain with empty items. Take into account that this only happens
when resetting the account login password, not when changing the login password.
The next time the user attempts to log in with the new password, the user might be
asked to fix the login keychain so that they are in sync again. Chances are it will be
fixed automatically.
Take into account that resetting a user password will prevent access to the old login
keychain and any information stored in it. Resetting the user password means the
login keychain password will also have to be reset, usually by creating a new login
keychain. The contents of the previous keychain will not be accessible unless the old
password can be remembered.
If no message to fix the login keychain is shown, and you are experiencing repeated
and annoying messages, like the one shown in Figure 5.45, you can manually reset the
login keychain or create a new one. We will see that in the Managing keychains later in
this chapter.
Next, let's see what happens when we want to reset a password and FileVault is
enabled.
Resetting local account passwords with FileVault

enabled
If the system is protected with FileVault disk encryption, it must be unlocked before it
can be accessed. In that case, there are a few options for resetting local account
passwords when FileVault is enabled:
1. Using a recovery key

2. Using iCloud with FileVault
3. Using the Reset Password assistant
Let's explore each of these methods.
[ 207 ]
Using a recovery key

This method can be used when a recovery key has been set while enabling FileVault,
and it is useful when there isn't a second administrator present in the system with a
known password who can unlock the system. For this to work, a recovery key needs
to have been set up during the FileVault configuration. FileVault is covered in detail
in Chapter 15, Managing Security in macOS, but let's review how to set up a recovery
key:
1. When you are enabling FileVault, you are asked to choose a method to
unlock your disk and reset your password in case you forget it, as shown in
Figure 5.15. The FileVault password is, by default, the same as your user
account password. For this example, we will choose the recovery key
method, so we select the Create a recovery key and do not use my iCloud
account option when turning on FileVault. When ready, click Continue.
Figure. 5.15 – Setting up a recovery key
2. Next, you will see the recovery key, which looks like the one in Figure 5.16.
You should make a screenshot or a note and save it in a safe place. When
ready, click Continue:
Figure. 5.16 – The recovery key
3. At that point, the FileVault process will start with disk encryption.
[ 208 ]
Now that your disk is encrypted and you have set up a key as a recovery method,
you can follow these steps to reset a local user password when FileVault is enabled:
1. At login, select the user for whom you want to reset the password. Enter an
incorrect password at least three times until you see a message indicating
that you can restart to see the password reset options, as shown in Figure
5.17. Click the arrow next to ...reset it using your Recovery Key:
Figure. 5.17 – Resetting a password with a recovery key
[ 209 ]
If you don't see the message, it probably means FileVault is not

enabled on your Mac and/or you didn't set up a key as a recovery
method. You can review Chapter 15, Managing Security in
macOS, for instructions on how to enable FileVault.
2. Next, you will see a field to enter the recovery key, as seen in Figure 5.18.
Enter your recovery key (which is case-sensitive; hyphens will be included
automatically), and click the left arrow next to it:
Figure. 5.18 – Entering the recovery key
[ 210 ]
3. As soon as you enter the correct key, you will see a window like the one
shown in Figure 5.19. Enter the new password and click the Reset
Password button.
Figure. 5.19 – Entering a new password
4. Next, the password will be reset, and you will automatically be logged into
your account.
That's it! You have successfully reset your user account password with the recovery
key set up with FileVault.
Be careful to save the Recovery Key in a safe place. If you don't

remember your password and there is no other way to reset it than
to use the recovery key, your encrypted content will be lost without
remedy.
In the next section, we will see how to use the other method provided for recovery
when FileVault is enabled: your iCloud account.
[ 211 ]
Using iCloud
This method is the default option to recover your password when FileVault is
enabled. It only works when iCloud is enabled via an Apple ID, either during the
creation of the first user account or through the System Preferences after installation.
In some cases, using the Apple ID to reset the local account password may even work
if a local account password is not currently linked to the Apple ID. However, some
conditions must be met for this to work:
The user previously signed in to iCloud with the local user account
iCloud must be selected as the recovery method during FileVault setup
The user must not be using Legacy FileVault
Let's see first how to enable this option with FileVault:
1. When you are enabling FileVault, you are asked to choose a method to
unlock your disk and reset your password in case you forget it, as shown
in Figure 5.15. In this case, we will leave the default option selected: Set up
my iCloud account to reset my password, and click Continue.
2. If your iCloud account is already configured on your Mac, the recovery
method will be set up, FileVault will start the encryption process, and that's
it!
3. If iCloud is not configured, you will be able to do it at this point. You will
see a window to enter your Apple ID, as shown in Figure 5.20. Enter the
Apple ID and password, and click Next.
Figure. 5.20 – Entering an Apple ID
[ 212 ]
4. If two-factor authentication is set up, you will be asked to enter the code for
your second-factor device. To learn more about why you see this code, go
to the iCloud security code section and two-factor authentication in Chapter
15, Managing Security in macOS. You may be asked to enter your Mac
password so that you can use it to unlock passwords automatically.
5. You may be asked if you want to allow Find My Mac to use the location of
the Mac. Select Not Now or Allow.
6. You will be taken back to the FileVault window. Authenticate as an
administrator if necessary, and click Turn On FileVault...
7. You will see the window in Figure 5.15 again. Select Set up my iCloud
account to reset my password, and click Continue.
8. The recovery method will be set up, and FileVault will start the encryption
process.
Now that the recovery method using iCloud is set up, you can reset your password
using this method if necessary:
1. At login, select the user for whom you want to reset the password and
enter an incorrect password at least three times. You should see the
message in Figure 5.24 appear. Click on the arrow icon to the right of the
message, and you will see a black screen with the Apple logo appear:
Figure. 5.21 – Resetting with iCloud
[ 213 ]
If you don't see the message in Figure 5.21, it probably means

FileVault is not enabled on your Mac and/or you didn't set up
iCloud as a recovery method.
2. Next, you should see the screen in Figure 5.22. Enter the Apple ID and click
Next; enter the password for that Apple ID, and click Next:
Figure. 5.22 – Entering the Apple ID
If you are having trouble authenticating with the Apple ID servers,

make sure you are connected to the internet. There should be an
icon at the top right that shows you whether you are connected or
not.
If two-factor authentication is set up, you will be asked to enter the code for
your second-factor device. To learn more about why you see this code, go to
The iCloud Security Code and two-factor authentication section in Chapter
15, Managing Security in macOS. You may be asked to enter your Mac
password so that you can use it to unlock passwords automatically.
3. Enter the necessary code to authorize the use of the Apple ID on this
device.
[ 214 ]
4. Once two-factor authentication has been authorized, if the codes match,

you will see a window like Figure 5.23:
Figure. 5.23 – Authorizing recovery
5. Next, you will be taken to the Reset Password assistant, where you will be
able to select a user to reset the password, and the process will continue as
seen starting in Figure 5.11.
In the next section, we will see the last method to reset a password when FileVault is
enabled: the Reset Password assistant.
Using the Reset Password assistant

This is the last method to reset a user account password when FileVault is on, and it is
useful when you have not set a recovery key or can't use your Apple ID to reset the
lost password either. Follow these steps to use it:
1. Turn on or restart your computer, and when you are at the user login
screen, wait for approximately 1 minute without doing anything until you
see a message like the one in Figure 5.24. If you don't see this message, it
most likely means that FileVault is not enabled on your Mac:
[ 215 ]
Figure. 5.24 – Waiting for recovery message
2. Press and hold the power button to turn off the Mac. Then, press the power
button once more to turn it on again.
[ 216 ]
3. The Reset Password window should appear as soon as the Mac turns on
(Figure. 5.25). You have three options:
I forgot my password
My password doesn't work when logging in
My keyboard isn't working when typing my password to log in
Figure. 5.25 – Reset Password assistant
4. What happens next will depend on which option you choose:

If you choose the first option, you will be asked to enter your
Apple ID to authenticate and proceed to reset that user's
password.
If you choose the second option, you will be asked to select a
user for whom you know the password to unlock the disk and
then be able to reset that user's password.
If you choose the third option, you will be asked to select a user
for whom you know the password and be offered the option to
disable FileVault or otherwise restart and try again with another
keyboard.
[ 217 ]
And that's it! You have learned how to reset your local user account password in a
variety of scenarios, including the quickest methods, using the Apple ID, and when
FileVault is enabled. In the next section, we will learn how to configure the firmware
password.
Configuring a firmware password

Remember that a firmware password is used to prevent your Mac from starting up
from any disk other than the one configured as the startup disk.
Follow these steps to set up the firmware password:
1. Open the macOS Recovery system by restarting your Mac while holding
down the Command + R key combination.
2. If you are using macOS Big Sur, you will have to select a known admin,
click Next, and enter that admin password. In previous macOS versions,
you will see the macOS Recovery interface directly.
3. When you are in the macOS Recovery interface, go to the top menu,
choose Utilities, and then Firmware Password Utility or Startup Security
Utility. In Figure 5.26, you can see how that looks in macOS Catalina
Recovery:
Figure. 5.26 – macOS Recovery Utilities menu
[ 218 ]
4. Once in Startup Security Utility, which looks like Figure 5.27, click on
the Turn On Firmware Password... button. Take into account that, in
macOS BigSur, you will be asked to authenticate as an administrator to
access the utility:
Figure. 5.27 – Startup Security Utility
5. Enter the password using only letters, numbers, and punctuation. If

necessary, enter it once more in the verification field, and click on Set
Password.
6. You will see a message that indicates that the firmware password
protection is enabled or that you can quit the utility.
7. You will have to restart the Mac for the firmware password to come into
effect.
[ 219 ]
So now, the next time you enter the Recovery system, or when you try to use a
startup shortcut, such as the Option key, you will see a different screen, similar to the
one in Figure. 5.28. You will have to enter the firmware password to access the
Recovery interface or start from another disk different from the one designated:
Figure. 5.28 – Firmware Password lock screen
To turn off the firmware password, do the following:
1. Open the macOS Recovery system, as explained earlier.

2. Enter the firmware password to access the Recovery interface.
3. Select Startup Security Utility, as explained earlier.
4. Click on the Turn off Firmware Password... button.
5. Enter the current firmware password to turn it off, and click Turn Off
Password.
6. Finally, restart the Mac for the change to take effect.
And that's it! You now know how to turn on and turn off the firmware password for
added protection.
And with this section, we have concluded the part on managing passwords in
macOS. We have seen how to change local user account passwords and the root
password, how to reset local user account passwords in various scenarios, and how to
configure a firmware password.
In the next section, we will go into more depth about another important feature of
password management in macOS: using the macOS Keychain system.
[ 220 ]
Understanding the Keychain system and

iCloud Keychain
Keychain is the macOS password management system. The Keychain system stores
passwords and secrets and other types of sensitive resources, such as certificates,
keys, and notes, securely in your Mac in a file encrypted with a robust algorithm. In
this section, we will explore the types of keychains macOS uses, how they work, and
how to manage them. More specifically, we will see the following:
Types of keychains
How the default keychain works with iCloud
Managing keychains
Let's start by exploring the types of keychains used by macOS.
Types of keychains
There are several types of keychains in macOS, and they can be classified into
three groups:
Default keychains
System keychains
Other keychains
Let's explore default keychains first.
Default keychains
All standard and administrative users have a login and a Local keychain, which by
default, use the same password as your local account. These two keychains unlock by
default when you log into your account.
Here are the types of items the login keychain can store:
Resource passwords
Application passwords
Network passwords
Keys and encryption keys
Secure notes
[ 221 ]
iCloud Keychain allows you to keep sensitive information updated securely across
your devices. iCloud Keychain contents are also saved in Apple's iCloud service so
that you can have all your Apple devices in sync. When iCloud Keychain is enabled,
it replaces the default local keychain.
The local keychain (or iCloud Keychain, if enabled) stores the following:
Resource passwords
Safari website usernames and passwords (auto-complete information)
Credit card information
Mail, Contacts, Calendar, and Messages access passwords
Secure notes
Keychain files are stored in different locations depending on the type of resource:
Local login
keychain: /Users/username/Library/Keychain/login.keychain
iCloud keychains: /Users/username/Library/Keychains/UUID
Let's examine system keychains next.
System keychains
There are two types of system keychains: System keychains and System Roots
keychains.
System keychains store system-wide sensitive information that is not specific to any
user, such as network passwords. These keychains can be modified only by an
administrator.
Here are the types of items System keychains can store:
Resource passwords
Network passwords
Certificates
Keys
Secure text notes
[ 222 ]
System Roots keychains store network root certificates. These keychains cannot be
modified.
System keychain files are stored in different locations depending on the type of
resource:
System keychain: /Library/Keychains/System.keychain

System Roots keychain (hidden by
default): /System/Library/Keychains/
But there's one last type of keychain – the ones you create for yourself.
Other keychains
These are keychains that you create to keep specific secrets apart from other existing
keychains. For example, you might want to create a separate keychain for items that
require more security and that you don't wish to have unlocked automatically when
you log into your account.
If created, they are located

here: /Users/username/Library/Keychains/others.keychain.
Now that we know the types of keychains that exist in macOS, let's explore how the
keychain system works with iCloud.
How the default keychain works with iCloud

The macOS app that allows you to manage keychain encrypted files is the Keychain
Access app. You can use this tool to view and modify most keychains and keychain
items. The Keychain Access application is located in
the Applications and Utilities folder. The Keychain app icon has been
redesigned in macOS Big Sur, as shown in Figure 5.29.
[ 223 ]
Figure. 5.29 – Keychain Access app
As mentioned, you will see two keychains for each local user account: the login
keychain and the local/iCloud keychain. If the iCloud keychain service is not enabled,
it will appear with the name Local Items in the keychain management application, as
Figure. 5.30 – Local Items keychain
[ 224 ]
When the iCloud Keychain service is enabled, the legacy keychains are migrated and
saved into the new iCloud keychain. They will now appear with the name iCloud in
the Keychain Management application, instead of Local Items, as seen in Figure 5.31:
Figure. 5.31 – iCloud Keychain
The iCloud Keychain items are saved inside a folder with a UUID number, as we saw
earlier. This number is not related to the user account UUID attribute; it is not the
same.
There are specific requirements for using the Keychain system with iCloud:
iOS 7.0.3 or later on your iPhone, iPad, or iPod touch

OS X Mavericks 10.9 or later on your Mac
iCloud must be enabled
In the section that follows, we will explore how to enable iCloud Keychain.
[ 225 ]
Enabling iCloud Keychain

When you enable iCloud, iCloud Keychain will most likely be enabled as well. If it's
not, you can follow these steps to enable it (macOS Catalina and later):
1. Open System Preferences and click on the Apple ID icon at the top (Figure
5.32):
Figure. 5.32 – iCloud preferences
[ 226 ]
2. Next, select iCloud from the side menu and check the Keychain checkbox
to enable it, as shown in Figure 5.33:
Figure. 5.33 – Enabling iCloud Keychain
3. You might be asked to Upgrade Your Account Security. Click Continue if

that is the case.
4. Finally, enter your Apple ID password to proceed with the iCloud
Keychain configuration.
[ 227 ]
iCloud Keychain may not be available in all regions. Learn about its
availability here: https://support.apple.com/en-us/HT202861.
If you disable iCloud Keychain in the iCloud preferences, the keychain will be
renamed Local Items again. Let's explore how to manage keychains in case you want
to make changes or add your own.
Managing keychains
It is important to mention that it would be best to request professional support if you
are not comfortable dealing with keychains. You could make unwanted changes that
could negatively affect the system or prevent a user's access to the system (if a
keychain is modified or deleted by mistake).
In the upcoming sections, we will explore the following:
Creating a new keychain

Adding keychain items
Locking keychains
Changing keychain passwords
Safari information stored in keychains
A few important details before managing keychains with the application:
There is no way to access user login and iCloud Keychain items if you don't
know the keychain password (usually, the same as your account
password). This means that if you forget this password, you won't be able
to access its contents in any other way; not even an administrator or a
support provider will be able to help you.
If a local user password is changed, the keychains will sync to the new
password.
If a local user password is reset, the login and local (or iCloud) keychains
may not sync.
You cannot change the iCloud Keychain password through the Keychain
Access application.
You cannot modify the login, local items keychain, or iCloud keychains (if
enabled), as the system manages them.
[ 228 ]
If you want to delete a local user login keychain, make sure there is another
one available. Any given user should always have at least one local login
keychain, or that user will lose access to the account.
When logging in with the new password after it has been reset, you may be
presented with the following four options:
Use the Update Keychain Password option to transfer the
old keychain information to the new one, but this only works
if you know the old password, which is unlikely because the
reset was probably done because the user lost the password.
In that case, you can only choose the next option.
Use the Create New Keychain option, which will create an
empty file used from there on for the new information stored
there. The old keychain file will be preserved in case the user
remembers the password at any point.
You could ignore the message and continue to log in, but this
option is the least recommended one because it disregards
the benefits of using the keychain system.
You can also manually create a new keychain and update it
with the old information. Again, this only works if you know
the old password.
Take into account that there is no resetting procedure for login and
local/iCloud keychain passwords. If you forget the passwords, you
won't be able to access the information stored in those keychains nor
transfer it to a new keychain.
If you want to create your own keychains, you can do that. We will see how in the
following section.
Creating a new keychain

As mentioned earlier, if you need to manage keychains, the tool to help you with that
in macOS is the Keychain Access app. You can use this tool to view and modify most
keychain items' settings. In macOS Big Sur, the Keychain app is redesigned with new
icons and tabs. As you can see in Figure 5.37, the keychain categories (Passwords,
Secure Notes, Certificates) are shown in tabs, and the Add keychain item icon has
changed as well (circled in red).
[ 229 ]
In the File menu of the Keychain app (Figure 5.34), you have several actions: creating
a New Password Item, a New Secure Note Item, or a New Keychain item. You also
have the options to Import Items, Add Keychain, or delete it. The Add
Keychain option is not the same as creating a new keychain. It is instead used to
migrate a keychain from one computer to another. And you also have the option to
import or export items from a specific keychain:
Figure. 5.34 – Keychain app File menu
To create a new keychain, click on New Keychain, and you will see the dialog in
Figure. 5.35, which gives you the options to select where to save the keychain or
otherwise leave the default location in the Home folder. When ready, click Create..:
Figure. 5.35 – Creating a new keychain
[ 230 ]
In macOS Catalina and earlier, the process is the same, but the interface is different.
As you can see in Figure. 5.36, the keychain categories (Passwords, Secure Notes,
Certificates) are shown on the bottom-left side, and Add keychain item is located at
the top left (circled in red):
Figure. 5.36 – Creating a new keychain
Now that you have created a keychain, let's see how to add items to that keychain.
Adding keychain items

Follow these steps to add a keychain item to the keychain you just created or to any
other keychain, if allowed:
1. Open the Keychain Access application, if you're not already in it.

2. Depending on the type of item you want to create, select the keychain to
which you want to add an item on the left side. In the example here, we are
adding a password item to the Local Items keychain.
[ 231 ]
3. Select the appropriate tab (in this case, it should be Passwords). If the All
Items tab is selected, a password item will be created by default.
4. Click the Add button, as shown in Figure 5.37:
Figure. 5.37 – Adding a new keychain in macOS Big Sur
[ 232 ]
5. Enter the information requested, where Account Name can be the login
user or email. Once all the required information has been entered,
click Add (Figure 5.38):
Figure. 5.38 – Entering the keychain info
And that's it! You created a new keychain item.
Next, we will explore how to increase security with the use of the login keychain.
Locking keychains
When you log into your Mac, the login keychain gets unlocked and remains that way
as long as you are logged in. This can become a security risk if you are working in an
environment with many people around as anyone could use your computer to log
into an unauthorized site, for example, or see the information stored in your login
keychain.
[ 233 ]
If you are an active person who leaves your desk frequently, you might want to
change this behavior to lock your login keychain automatically.
To change this behavior automatically, follow these steps:
1. Right-click on the login keychain, and you will see the option Change
Settings for Keychain "login"..., as shown in Figure 5.39:
Figure. 5.39 – Changing keychain settings
2. Next, you will see a prompt where you will be able to change the keychain
behavior to lock automatically after a certain amount of time (Figure 5.40);
for example, after 5 minutes of inactivity or when sleeping:
Figure. 5.40 – Locking keychain automatically
[ 234 ]
In macOS Catalina and earlier, you could lock a keychain manually from
the File menu. You will see an option to lock a specific keychain or even to lock all
keychains. This is no longer possible in macOS Big Sur:
Figure. 5.41 – Locking keychain manually in macOS Catalina and earlier
Take into account that locking keychains can have unwanted

behaviors such as login messages appearing constantly. To avoid
that, just unlock the keychains through the File menu or by right-
clicking on it.
As soon as the login keychain is locked, if anyone at your computer wants to access
apps, such as Safari, iMessage, and so on, or any other item stored in the locked
keychain, they will have to provide the login keychain password, as seen in Figure
5.42:
Figure. 5.42 – Locked login keychain
[ 235 ]
Take into account that the lock keychain protection will not extend
to third-party apps, such as Google Chrome. This is why, in
controlled environments, the use of third-party apps should be
restricted.
Let's explore what else we can do with keychains.
Changing keychain passwords

In the Edit menu of the Keychain Access app, you have several options,
including Copy, which copies a keychain item; Copy Password to Clipboard, which
allows you to copy a password to the clipboard when there is a password saved in the
item; Delete; and others. Most of those options are also available if you right-click on
a specific item.
For example, if you want to copy the password for a network configuration item that
is stored in the login keychain, do the following:
1. Use the Edit menu or right-click on the specific item, and click on Copy
Password to Clipboard, as you can see in Figure 5.43:
Figure. 5.43 – Copy keychain item password
[ 236 ]
2. At that point, you will be asked to enter the keychain password (which in
this case is the same as your Mac login password) to copy the password to
the clipboard:
Figure. 5.44 – Authorizing to copy keychain item password
3. And that's it! You will now be able to paste the password wherever you
need it.
If you want to see the information or change the password for a keychain item, select
the Get Info option in Figure 5.43. You will see the information on the keychain item
(Figure 5.45), and you will also be able to view the password and change it:
Figure. 5.45 – Keychain item info
Now, in the case of website passwords, the Keychain system works in combination
with Safari, which we will see next.
[ 237 ]
Safari keychain information

Safari also saves information in keychains; for example, every time you create a
password for a website, Safari will ask you if you want to save that information. That
way, the next time you want to log into that website, Safari will auto-fill the
information. Safari saves sensitive information into the local items keychain or iCloud
Keychain (if enabled).
You can configure Safari's Autofill preferences, but this is done in Safari Preferences,
not in the Keychain Access application:
1. Open Safari.
2. Go to the File menu and select Preferences.
3. Select the AutoFill tab, and select the options most convenient for you or
Edit how you want the AutoFill tool to work with web forms:
Figure. 5.46 – Safari AutoFill
You can also click the Passwords tab and, after authenticating as the user who owns
this account, you can see all the stored passwords for websites, copy them, change
them in the keychain, and add new ones.
And with this, we have finished this section on understanding the macOS Keychain
system. We looked at the types of keychains found in macOS, what happens when the
iCloud keychain is enabled, and how to manage keychains. In the next section, we
will look at more privacy options available in macOS.
[ 238 ]
Managing privacy in macOS

In this section, we will look at some macOS tools and options you can use to further
enhance user privacy protection on your Mac. This section covers the following
topics:
Security & Privacy settings

Location Services
What is cross-site tracking?
Dictation service
User-approved MDM
Many of these settings are configured in the Security & Privacy preferences (Figure
5.1) in the System Preferences.
Let's explore these services in more detail.
Security & Privacy settings

In the Security & Privacy preferences, you can manage system-wide and personal
security and privacy settings.
More specifically, there are four tabs in these preferences (Figure 5.47): General,
FileVault, Firewall, and Privacy. Let's examine each of them.
General: You can do the following in this section, apart from changing your user
password, which we've already covered. Take into account that, to change the options
that are grayed out, you would have to authenticate as an administrator:
You can configure the settings to require a password for waking a Mac that
is asleep or in screen-saver mode and a delay for requiring it.
You can add a custom message to the login window.
You can define the types of apps you can open: only from the App Store or
the App Store and identified developers.
[ 239 ]
Figure. 5.47 – General Security & Privacy preferences
When unlocked, you will also be able to click on the Advanced button,
which lets you configure whether you want to log users out after a specific
amount of inactive time. You can also configure the settings to always
require administrator authentication to access all system-wide preferences
(Figure 5.48).
Figure. 5.48 General Security & Privacy advanced settings
FileVault: We will look at FileVault in more detail in Chapter 15, Managing Security
in macOS.
Firewall: This allows you to enable and configure the personal network firewall. We
will look at the firewall in more detail in Chapter 15, Managing Security in macOS.
Privacy: In this tab, you can see a list of apps that have requested access to your
accounts in apps such as Contacts, Calendars, Reminders, Photos, Camera, and
Microphone. We will see this tab in the Location Services section that follows.
[ 240 ]
Location Services
Location Services has been available since OS X Mountain Lion, and it allows apps
and websites to collect and use information based on the location of your computer. It
also helps to find a lost Mac by remotely accessing it through the iCloud Find
My feature. In macOS, you need to authorize an app or website to be able to use your
location information.
You can configure and limit the use of Location Services from the Privacy tab in the
Security & Privacy preferences. The option to configure it may also appear when you
use Setup Assistant after installing macOS with iCloud enabled.
If you've not already done so, follow these steps to enable this service:
1. Go to the Security & Privacy preferences in System Preferences.

2. Next, select the Privacy tab (Figure 5.49).
3. Click the lock to authenticate as admin, and make sure Location Services at
the top is enabled, as shown in Figure 5.49:
Figure. 5.49 – Enabling Location Services
[ 241 ]
4. Next, you will be able to configure which of the listed apps can use your
location information.
5. If you scroll down to the bottom of the list, you will see an option called
System Services (Figure 5.49).
6. Click on the Details... button to select which System Services are allowed
to determine your location, as seen in Figure 5.50:
Figure. 5.50 – System Services
In Figure 5.50, you can also select Show location icon in menu bar when System
Services request your location, which will show the icon in Figure 5.51. when an app
is using Location Services:
Figure. 5.51 – Location Services shown in the menu bar
It's important to know that when a new app requests personal information, macOS
will ask for permission, and you will have to grant it; otherwise, the information will
not be accessible.
In the next section, we will explore yet another tool to protect user privacy, but in this
case, it is available for websites browsed through Safari.
[ 242 ]
Protecting yourself from cross-site tracking

Some websites that use third-party content providers use cross-site tracking to gather
information on your web browsing activity. As defined by Mozilla.org, cross-site
tracking generally refers to "companies collecting browsing data across multiple
websites."
Also, share, like, or comment buttons linked to social media sites that appear on other
websites you visit can be used to track your web browsing activity.
Safari offers the option to stop these content providers from tracking you with the
purpose of offering you products and services through advertising. To enable it, go to
Safari Preferences and make sure the checkbox Prevent cross-site tracking is
selected, as seen in Figure 5.52. In this same tab, you can also block cookies or manage
them:
Figure. 5.52 – Preventing cross-site tracking
With the option to Prevent cross-site tracking enabled, anytime a site wants to use
trackers, you’ll be asked if you want to allow the site to see your activity on other
websites. Also, the cookies and website data of those third-party providers on the
website you are visiting will be deleted.
macOS Big Sur has added an extra tool for protecting user privacy: the Privacy Report
(Figure 5.53), which can be accessed from Safari's top menu by selecting Safari and
then Privacy Report...
[ 243 ]
Figure. 5.53 – Privacy Report
With this report, you will be able to know how many trackers have attempted to
profile you, the websites involved, and more.
Finally, let's examine how to control your privacy when using the Dictation service.
[ 244 ]
Privacy while using the Dictation service

When you use the Dictation service, what you say is converted to text and sent to
Apple servers, along with some other information considered useful (such as
Contacts information) for better processing of your requests. Dictation is enabled in
System Preferences | Keyboard preferences (Figure 5.1). Go to the Dictation tab, and
turn it On if you want to use this feature (Figure 5.54). However, if you are concerned
about your privacy, you can leave it in the disabled (default) setting:
Figure. 5.54 – Dictation
And with this section on managing user privacy in macOS, we have reached the end
of this chapter. Be sure to review the summary for a quick recap of what was covered.
[ 245 ]
Summary
In this chapter, we looked at a wide range of tools and features macOS provides for
protecting user security and privacy. We covered the password types available in
macOS. You now know how to manage those password types, including changing
and resetting them through various methods. We also looked at the Keychain system,
and how you can now manage keychains stored in your system and add your own.
And in the last section, we looked at other privacy-related options and how to use
them to customize a system to protect users' privacy, including the features Safari
offers to prevent cross-site tracking by third-party content providers on websites you
visit, and how the Privacy Report can help you identify and manage those trackers.
You are now equipped to use those options and tools to protect your privacy and to
assist other users in doing the same.
In the next chapter, we will look at the macOS filesystem in-depth, including
managing disks, volumes, and partitions, and much more.
[ 246 ]
6
The macOS File System:
Disks, Volumes, and
Partitions
The filesystem and storage are essential topics since they are the foundation of how
macOS structures and organizes the file hierarchy and storage space. In this chapter,
you will learn about the macOS default filesystem and the additional systems it
supports. This chapter will help you understand them, as well as illustrate when you
should use them. We will review important storage concepts, such as partition
schemes and volume formats, including usage examples. You will learn how to
manage disks, partitions, and volumes in macOS, including formatting/partitioning,
adding, and erasing volumes, and more. By the end of this chapter, you will be able to
describe the various filesystem formats, and you will know which one is best for your
specific case.
The following topics will be covered in this chapter:
Understanding the macOS filesystem and storage

Managing disks, volumes, and partitions
Optimizing storage space
Before we start, let's look at the technical requirements for this chapter.
The macOS File System: Disks, Volumes, and Partitions Chapter 6

A Mac computer with administrative privileges
Understanding the macOS filesystem and

storage
In this section, we will explore the macOS filesystem and storage together, as these
are closely related concepts. First, we will examine general concepts about storage,
such as formatting and the difference between disks, partitions, and volumes. Then,
we will explore the default macOS filesystem, called APFS, and the additional
filesystems it supports. Understanding these concepts is essential for you to decide
when to partition disks, when to add volumes, which filesystem format to use, and
how to make the most of the macOS default filesystem to save and optimize storage
space.
These are the topics that we will cover:
Understanding general concepts

macOS partition maps (schemes)
Understanding the macOS filesystem
Let's begin by reviewing general concepts before looking at the specifics of the macOS
filesystem and storage.
Understanding general concepts

When talking about filesystems and storage, there are many concepts that we need to
understand in order to decide which actions to perform first before using or
configuring our Mac's internal storage or other storage devices that we will use.
You will find yourself asking questions such as these: When should I partition as
opposed to adding a volume? Will I lose my data if I partition a disk? What's the
difference between a partition scheme and a volume format?
[ 248 ]
These are all questions that will become clear by the end of this section, and you will
be certain of what you need to do to use storage effectively in macOS.
We will look at the following topics in this section:
What is formatting?
Differences between disks, partitions, and volumes
The preceding questions always arise in connection with the need to apply logic to
storage, a process known as "formatting." Let's explore this process in more detail
next.
What is formatting?
Formatting is the process of applying logic to storage devices (whether hard drives,
flash drives, or other types of storage devices) so that the disk is divided into
appropriate sections defined by a partition layout or scheme. This is done by setting
up an appropriate volume format in the partitions defined, according to the intended
purpose of the disk. In other words, the formatting process prepares the disk for an
operating system to be installed or for the data to be stored on that disk by defining
the sections or partitions it will contain and the volume formats required for the
operating system or data the disk will contain. Take into account that formatting
implies deleting the data saved in a storage device if any.
Before formatting storage, we first need to understand the basic differences between
disks, volumes, and partitions. There are many definitions around, and we will refer
to those that are useful in the macOS environment.
Differences between disks, partitions, and volumes

When talking about storage, there is usually confusion between concepts such as
disks, drives, volumes, and partitions, which may seem interchangeable at times. But
is a drive the same as a disk? Is a partition the same as a volume? You need to
understand the differences in order to determine how you will manage storage in
macOS.
To begin, let's examine what disks and drives are.
[ 249 ]
Disks and drives

Disks are usually called "physical storage" devices or hardware. A disk can be
magnetic media, solid-state drives (SSDs), or flash storage in your Mac's internal
hard drive, but it can also be an external disk.
Disks are frequently referred to as "drives," but drives are also used to describe other
storage types, such as volumes. For example, when you see software or instructions
referring to drive E or F on your computer, they actually mean volumes, not physical
drives. Therefore, you should keep in mind that when the term "drive" is used, it can
mean the physical device or a volume.
On a Mac, you can think of a "disk" as the parent physical container with logical
storage divisions inside it. So, we will stick to "disk" when referring to the parent
physical container in macOS, such as the internal disk. This disk usually has a name
that contains the manufacturer name and the type of disk and model, and it cannot be
changed; for example, APPLE SSD AP0512M MEDIA.
Partitions
Partitions are logical individual sections a disk is divided into according to a partition
scheme or layout applied during formatting. In order words, a partition is a section of
a disk of a size determined when it was created. Multiple partitions can be created on
a single disk. When you create several partitions, they remain independent of each
other, and they don't share their space; they are like two different disks. In general,
you cannot give a name to a partition.
When you format a storage device and create partitions, you need to make two
formatting decisions: the partition scheme and the volume format you will use. The
same is true when you format a disk in macOS; a partition layout is applied, and a
volume with a specific volume format is created in that partition at the same time.
It's now a good time to explore the concept of volumes.
Volumes
A volume is a logical division with which users interact to manage data. Each
partition you define in a disk has a volume with a specific filesystem format you
determined at the time of formatting. Contrary to partitions, you can give a name to a
volume. When you browse your Mac's filesystem through a file explorer such as the
Finder, what you see as storage are the volume-defined names, not the partitions or
the disks. To see the disks and partitions, you need to use an app such as Disk Utility
or Terminal.
[ 250 ]
The most popular volume in macOS is the boot or system volume by default named
Macintosh HD. In macOS Big Sur, an additional volume that contains your data is
present, called Macintosh HD - Data by default, since the system volume is now
read-only for security reasons. You will interact with these volumes on a daily basis
when you work with macOS.
Now that you have a clearer idea of what formatting is and the difference between
disks, partitions, and volumes, let's examine an important part of the partition
process: selecting a partition layout, also known as partition scheme or map.
macOS partition maps (schemes)

As mentioned earlier, when you format a storage device and create partitions, you
need to make two formatting decisions: the partition scheme and the volume format
you will use. Partition schemes define how partitions are organized on startup and
non-startup disks. A partition scheme defines how the disk will be partitioned; for
example, whether the entire disk will be allocated to a single partition or multiple
ones, or whether data types, such as documents and audio/video, will be segregated.
Intel® developed the GPT or GUID Partition Table as part of its Extensible
Firmware Interface (EFI) specification to overcome the limitations of older partition
schemes. The GPT is the default partition scheme in all Intel Mac computers.
Actually, OS X and macOS can only be installed on disks that are partitioned with
GPT.
macOS supports the following partition schemes:
GUID Partition Map or GPT: The macOS default partition

scheme, appropriate for all Mac computers with Intel processors. It is
quickly becoming the standard, and even Windows-compatible PCs now
give preference to GTP over other schemes, as is the case with Windows-
compatible PCs with 64-bit versions of Windows 10, 8, 7, and Vista, which
can only boot from GPT.
Master Boot Record or MBR is appropriate when compatibility is required
with most versions of Windows-compatible PCs. This type of scheme is
also common in storage, such as memory cards used in digital cameras.
You should also choose this scheme if the disk will be formatted with the
MS-DOS (FAT) or exFAT filesystem.
[ 251 ]
Apple Partition Map or APM, appropriate for PowerPC-based Macs.

Power PCs have been discontinued by Apple, therefore, it is unlikely that
you will ever use this scheme. Macs with Intel processors can mount and
use a drive formatted with APM, but they cannot boot from a disk using
this scheme. You should use this format if you need compatibility with
PowerPC-based Mac computers.
Take into account that to change a partition scheme, you will need to format or, in
other words, erase the disk. This is why you will see those options appear only when
erasing the disk and not when adding partitions or volumes.
After you decide what partition scheme to use, you will need to decide on the
filesystem format for the volume or volumes the partitions in your disk will contain,
which we will explore in the next section.
Understanding the macOS filesystem

In this section, we will discuss filesystems in macOS, a concept we must understand
because it determines how data and storage are accessed and managed. We will also
look at the filesystem and volume formats supported by macOS and why the macOS
filesystem is organized into domains. More specifically, the topics we will cover are
the following:
What is a filesystem?
macOS volume formats
The advantages of APFS
Additional filesystems supported by macOS
File system domains in macOS
Let's begin by understanding what filesystems are.
What is a filesystem?
Earlier, we mentioned that you need to decide on a partition scheme for the disk to
complete a storage formatting process. Next, you need to decide on the filesystem
format that will be placed in the volumes the partitioned disk will contain.
[ 252 ]
But a filesystem is more than just a format. According to Apple's Developer site
(www.developer.apple.com), a filesystem "handles the persistent storage of data files,
apps, and files associated with the operating system." A filesystem also provides the
method to organize data in a volume. Files are organized according to a hierarchical
logic of directories and folders, which ultimately constitute the filesystem's directory
structure. It is also a process that manages how and where data is stored, and it
manages other operations such as file naming, hierarchy, metadata handling,
permissions, and more. A filesystem is indeed one of the essential resources used by
an operating system.
In macOS, the Finder is the main tool for users to explore and manage the filesystem.
There are many types of filesystems around, and macOS supports a variety of them
for booting or in read/write, or read modes. Let's explore those formats next.
macOS volume formats

As explained in the previous section, when you decide on a volume format, you
decide on a filesystem at the same time. The major volume formats supported in
macOS are the following:
APFS: This is the default macOS volume format in macOS 10.13 (High
Sierra) and later. At the same time, you can choose between several
versions of APFS:
APFS: The default APFS format.
APFS (Encrypted): It adds volume encryption.
APFS (Case-sensitive): This format is case-sensitive to file and
folder names; for instance, user and USER will be two
different folders.
APFS (Case-sensitive, Encrypted): The same as the previous
format, but it adds volume encryption.
Mac OS Extended or HFS+: This was the default format in macOS versions
prior to High Sierra. You can select this format if you need compatibility
with Mac computers using macOS 10.12 or earlier. You can choose from
either of these two versions:
Mac OS Extended (Journaled): The default format in macOS
versions 10.12 and earlier.
Mac OS Extended (Case-sensitive, Journaled): We explained
earlier what case-sensitive means.
[ 253 ]
exFAT: A format used for large flash storage disks (for volumes of 32 GB
and more). This format works best for drives that need read/write
compatibility with computers running Windows and macOS.
MS-DOS or FAT: A legacy format used for compatibility with Windows
computers (for volumes of 32 GB or less). This format would be required if
you needed compatibility with computers running older Windows versions
(earlier than Windows XP SP2).
Although in Macs with macOS (High Sierra and later), the default
volume format is now APFS, macOS can also boot from a disk
formatted with the HFS+ filesystem.
Let's look at the advantages of using APFS, the current macOS default filesystem, in
more detail.
The advantages of APFS

Apple File System or APFS is currently the primary filesystem and default volume
format for macOS since High Sierra (10.13.6). Before macOS High Sierra, Mac OS
Extended or the Hierarchical File System (HFS+) was the primary filesystem.
APFS has many features, the most important ones designed to save space. Here's a list
of the main features:
Better performance in file operations such as the copying of files and

folders, which happens immediately.
Space sharing for space-saving and optimization.
Native encryption.
Intelligent defragmentation, which means that the most fragmented files
are identified and defragmented first.
Specifically designed for macOS (since High Sierra), iOS, tvOS, and even
watchOS
It supports fast copying of files (cloning) and snapshots.
It uses copy-on-write optimization technology.
It uses sparse files that save you space.
It supports native encryption.
Supports Unicode 9.0 for global language/emoji compatibility and
increased correctness.
Protects data from power outages and crashes.
[ 254 ]
If you would like to see the differences between APFS and HFS+,
you can visit this link: https://developer.apple.com/library/
archive/documentation/FileManagement/Conceptual/APFS_Guide/
VolumeFormatComparison/VolumeFormatComparison.html.
We won't delve deeper into all the features, but let's look at a couple of them that I
consider to be the most important and the ones that set it apart from the previous
filesystem:
Space sharing
Encryption support
Intelligent defragmentation
Let's look in more detail at the benefits these features bring to macOS.
Space sharing
There is a big difference with the Hierarchical File System (HFS) in terms of space
sharing. In HFS, you have volumes, and each volume is a partition, which means they
will not share space. So when you run out of space in one volume, there is nothing
you can do to take advantage of the free space in the other volumes. The only solution
is to repartition the disk, and this can be very inconvenient. This concept is illustrated
in Figure 6.1, representing the unrelated volumes, each in their corresponding
partitions:
Figure. 6.1 – Traditional disk partitioning
[ 255 ]
With APFS, the concept of containers comes into play: each volume is a section (but
not a partition) in an APFS container located in a single partition. Therefore, if you
add a volume to an APFS container, it becomes part of that partition, and space can
be shared inside it. If you run out of space in one volume, you can take advantage of
the free space in another volume, as long as it is part of the same APFS container. In
Figure 6.2, we see the container and the volumes inside of it. If Volume 1 grows, it
will take advantage of the free space in Volume 2, which will, in turn, shrink to give
up the necessary space to Volume 1. You can add multiple volumes to the container,
as long as there is enough space available:
Figure. 6.2 – APFS container and volumes
Now you see how APFS offers you a huge advantage in terms of storage space
optimization through this feature of space sharing. But that is not the only advantage;
other advantages we will look at next are the encryption and defragmentation
capabilities.
Encryption
APFS supports the FileVault encryption model, and macOS seamlessly converts
existing FileVault-encrypted volumes to the APFS format. In most cases, the process
is automatic, and passwords and recovery keys are preserved after conversion
without any action on the user's part. Snapshots can also be encrypted.
Defragmentation
APFS supports intelligent defragmentation in hard drives only. It is intelligent
because it can tell which files are the most fragmented, and it defragments those first
and does it while the Mac is in an idle state.
But APFS and Mac OS Extended are not the only supported filesystem formats.
macOS supports a wide variety of formats that provide a user with the necessary
flexibility and compatibility, as we will explore next.
[ 256 ]
Additional filesystems supported by macOS

macOS supports a wide range of formats to offer compatibility with the most popular
filesystems around. In the table in Figure 6.3, you can see the complete list of
currently supported filesystems compatible for boot volumes, read/write, and other:
Figure. 6.3 – File systems supported in macOS
Now that you understand the filesystems supported in macOS, let's examine how the
default macOS filesystem is structured to simplify its use for users, which is
accomplished through filesystem domains.
[ 257 ]
File system domains in macOS

macOS uses several domains to organize the filesystem structure according to the
purpose and usage of the files contained in each domain. This organization is
designed to make it simpler for users to use the filesystem so that they don't have to
browse through hundreds of files that they don't need to or that they shouldn't even
see. This is why domains are important: they contain the files the user needs for
specific purposes and hide the folders and files that the user would normally not
need to see.
These domains are the following:
Local
System
User
Network
They are explained here:
Local domain: This includes local resources as well as resources shared

among users on the Mac. It consists of several folders located in the root
directory. Only administrative users can add, remove, and modify
resources in this domain. It comprises the /Applications folder,
the /Utilities folder inside it, and the /Library folder.
System domain: This domain contains the installed macOS and all the
resources needed by the system to operate. No user can modify resources,
not even administrators or even the root user, as resources in this domain
are protected by System Integrity Protection (SIP). It comprises
the /System folder, also located in the root directory, and
the /Library folder, among others.
User domain: This domain contains the user resources. It comprises
the /Users folder, which contains all the created local users' home
directories, and the Library folders in each of those users' home folders.
The Library folder is usually hidden by default. We will see how to reveal
it in Chapter 8, System Resources and Shortcuts. The home directory can be
located in the /Users directory. The user who owns the account can add,
remove, and modify resources in their own user domain. We explored the
user's home directory in detail in Chapter 4, User Accounts Management.
[ 258 ]
Network domain: The network domain includes resources shared on a

local area network and is usually located in network servers. Network
administrators are the ones with the privileges to modify resources in this
domain.
In Figure. 6.4, you can see the structure of the filesystem domains just described:
Figure. 6.4 – macOS filesystem domain structure
In this section, we described what a filesystem is. We also saw that the current default
filesystem in macOS is Apple File System (APFS) and how it is different from the
previous default filesystem. We saw how the macOS filesystem is organized in
practical domains that make it easier to navigate the folder structure and how some
folders are hidden to avoid confusion with resources the user doesn't need to see on a
daily basis. In the next section, we will advance with the practical aspects of
managing disks, volumes, and partitions.
[ 259 ]
Managing disks, volumes, and partitions

In this section, we will learn how to manage disks, volumes, and partitions in macOS.
More specifically, we will cover the following topics:
Examining storage
Managing partitions
Using APFS volumes
Mounting, unmounting, and ejecting disks/volumes
Let's begin by exploring how to examine storage.
Examining storage
macOS provides several built-in apps to help you examine and find out the state of
your storage devices.
If you only need basic information, you can use the About This Mac tool. Examining
storage in detail can be done with two other specific tools: Disk Utility and System
Information. Although you can gather the same information with both tools, the
latter is actually just an information tool that allows you to see all the details about
your Mac hardware, software, and network. In contrast, the first tool also allows you
to manage your storage devices.
Let's see how these tools work and the type of information you can gather with them.
About This Mac

If you only need simple details on storage capacity and available space, you can go to
the Apple menu ( ) > About This Mac, and select the Storage tab, as seen in Figure
6.5. In this tab, you will see the internal and external storage devices attached to your
Mac, as well as basic details such as the type of storage and the available and used
space. If you hover over the colored section in the bar, you will see information on the
amount and type of data stored. Clicking on the Manage... button will take you to a
section where storage can be optimized, which we will explore at the end of this
chapter:
[ 260 ]
Figure. 6.5 – Storage information
Let's look at how to gather more details about your storage through other more
advanced tools.
Disk Utility
Disk Utility is the main tool to manage disks, volumes, and partitions in macOS. It is
also used for examining storage; formatting, partitioning, or erasing disks or volumes;
and mounting, unmounting and ejecting disks. Disk Utility also has a First
Aid feature, helpful for verifying volume health and integrity and attempting a repair
if necessary. We will see how to use this tool to troubleshoot volumes
in Troubleshooting Tips, of this book.
You can access Disk Utility from the Utilities folder, which can be found in
the /Applications folder, or by searching for it through Spotlight.
This tool has a great functionality called "dynamic partition," which lets you partition
a disk without erasing the data already on it. But, take into account that not all disks
support dynamic partitioning, and the functionality can be limited or unavailable on
encrypted disks or Fusion Drive hybrid disks. It is not supported in disks formatted
with the MBR (Master Boot Record) partition scheme. In all those cases, partitioning a
disk will entail erasing the data on it first.
[ 261 ]
When you open Disk Utility, you will notice it will scan the filesystem for all available
storage, whether internal or attached. Internal storage devices appear listed first in
the sidebar on the left shown in Figure 6.6. External devices also appear in that section
of the sidebar, below the section for the internal devices. To see all the devices,
including the disks, you should click View at the top (circled in red) and then select
Show All Devices; otherwise, you may only see the volumes.
In Figure 6.6, notice that the physical disk is listed first. As mentioned earlier, the
disk's name is a combination of the manufacturer, type, and model. This name cannot
be changed.
Volumes in that disk appear indented below the disk name, and they can be changed
at any time without having to reformat or erase the volume. Just use the Finder and
the secondary click to change the volume name as you would change any file name.
In the case of the APFS filesystem, the container name shows right below the disk,
and any volumes will show indented below it, as shown in Figure 6.6.
Figure. 6.6 – macOS filesystem domain structure
[ 262 ]
In the preceding example, we have the following:
APPLE SSD AP0512M MEDIA (the physical disk)

Container disk1 (the APFS container)
Macintosh HD (the default read-only system
volume in the APFS container)
Macintosh HD – Data (the data volume in the
same APFS container)
If you select a volume, you will see a lot of information in the section marked at the
bottom right in Figure 6.7, such as Capacity, Available, Used, Type, and more. In the
following example, you can see that the selected Macintosh HD volume has 499.96 GB
of storage capacity, of which 15.13 GB has been used, and the volume format type is
APFS:
Figure. 6.7 – Volume information
[ 263 ]
You can obtain even more information about the volume by selecting the Info button
at the top right. In Figure 6.8, you can see this additional information on the system
volume, such as File system (APFS (Encrypted)), the System installed (macOS 11.0),
and so on:
Figure. 6.8 – Volume information
If you select a parent disk, as shown in Figure 6.9, you will also see important details
about the disk, as well as an important feature called the S.M.A.R.T.
status. S.M.A.R.T. stands for Self Monitoring Analysis and Reporting Technology,
and it is used for reporting disk health or disk problems to the operating system. This
feature should show Verified if the disk is in good health or Failing if there is a
problem. Take into account that not all disk manufacturers support the SMART
feature:
Figure. 6.9 – Disk information
[ 264 ]
As you can see, there's a lot of useful information you can obtain about your storage
devices through Disk Utility. Let's take a look at what the second tool, System
Information, helps us learn about our storage.
System Information
System Information is yet another tool that allows you to examine not only your
storage devices but all the devices available in your macOS. This tool can be accessed
in several ways:
Through Utilities in the Applications folder, as shown in Figure. 6.10:
Figure. 6.10 – System Information tool
By using Spotlight to access it quickly.

By going to the Apple menu ( ) and pressing the Option key, which will
reveal the System Information menu option.
[ 265 ]
By going to the Apple menu ( ) | About This Mac, which will display the
window shown in Figure. 6.11; just click on the System Report... button:
Figure. 6.11 – System Report button
Once you are in the System Information tool, you can examine storage devices by
selecting a storage interface or selecting the Storage option, as seen in Figure 6.12.
Next, you can select a volume in the top-right section, such as the system volume
(Macintosh HD); the lower section will display all the information about the selected
volume:
Figure. 6.12 – System Information
Now that you have seen how to explore and examine your Mac's storage devices,
both internal and external, let's look at the practical features that macOS offers to
manage that storage.
[ 266 ]
Managing partitions
In this section, we will learn how to examine partitions in order to make decisions
about necessary changes. We will also discover how to manage partitions to make
those changes. More specifically, this is what we will explore:
Examining and modifying partitions

Formatting/partitioning a disk/volume
Adding a non-APFS partition
Erasing/formatting disks
Resizing/deleting a non-APFS partition
Let's start by exploring how to examine and modify partitions.
Examining and modifying partitions

The tool used for examining and managing partitions is Disk Utility.
Follow these steps to examine a partition:
1. Open Disk Utility, select a disk from the section on the left, and
click Partition, as shown in Figure 6.13:
Figure. 6.13 – System Partition
[ 267 ]
2. If you see a prompt asking you to select Add Volume or Partition, choose
Partition.
A pie-style chart graphic will display. Each slice in the pie represents a
partition and its volume. You can select any of the partitions to obtain
information about it. The selected partition will be shown in blue color. In
Figure 6.14, the selected partition with the APFS (Encrypted) format is
where the APFS container with the Macintosh HD system volume resides.
The used space in that volume is represented by the blue area with thin
diagonal lines; the free space is represented by the solid blue without lines.
We also see two other partitions (Backup and Backup2), which are
formatted with HFS.
3. Below the partition information, you will find the exact details about the
space used (red rectangle):
Figure. 6.14 – Partition information
To examine the disk and its partitions and volumes in detail, you
can use the diskutil list command in Terminal.
[ 268 ]
Follow these steps to modify a partition:
1. Make sure you have a backup of your data before attempting to modify
partitions.
2. Select a partition in the pie chart so that it turns blue, and then select a
different format from the drop-down menu, as shown in Figure 6.15.
Clicking Apply will erase the partition and reformat it with the selected
option. In the example in Figure 6.15, we selected the Backup partition
formatted with HFS and chose to reformate it with APFS instead:
Figure. 6.15 – Modifying a partition
3. You will see a prompt to confirm. Click Partition to continue.

4. When the format change is done, you will see a confirmation message with
a green checkmark indicating that the operation was successful. And that's
it! You have successfully reformatted a partition.
Take into account that it is not possible to change the order of

existing partitions or move the beginning of an existing partition.
[ 269 ]
You can click any non-APFS volume in the chart to rename the volume. In the case of
FAT and ExFAT volumes, the maximum length for a volume name is 11 characters.
You can change names, including APFS volume names, from the disk/volume list on
the left side of Disk Utility (Figure. 6.13). Just right-click the volume name and
select Rename.
In this section, you have seen how Disk Utility provides you with information about
the partitions on a disk and how to examine and manage those partitions. In the next
section, we will see how to partition a disk.
Formatting/partitioning a disk/volume
The objective of partitioning a disk is to divide it into two or more parts. Although,
technically, you could have an unlimited number of partitions with GPT, macOS
allows a maximum of 16 partitions. Also, remember that if using the APFS format,
there is really no need to partition a disk.
In macOS, formatting is accomplished through two partitioning methods:
By adding a partition, and selecting a volume size and format, to an

already partitioned disk (non-destructive)
By erasing a disk/volume to reformat it (with data loss or destructive)
Which method you choose will depend on what your plans are for the partition. Here
are a few scenarios:
If you were doing a clean macOS installation, you would choose to erase all
data on the disk and partition it again with the appropriate volume format
(usually, APFS).
If you only needed an extra volume with a different variant of the APFS
volume format (encrypted, case-sensitive, for example), you would add a
volume to the APFS container.
If you wanted to install a different macOS version on the same disk where
the system volume resides, all you would need to do is add an APFS
volume to the APFS container.
Always make sure you have a backup of your data before

partitioning or erasing a disk in case you need to recover your data.
Let's explore how to add a non-APFS partition.
[ 270 ]
Adding a non-APFS partition

In this section, we will see how to add a partition to a disk formatted with Mac OS
Extended (Journaled), which was the default format before the introduction of APFS,
and might still be needed for specific compatibility cases. This procedure also works
for FAT or exFAT-formatted disks. Follow the steps given here:
1. In the sidebar, select the parent disk you want to partition. Then, click
the Partition button in the toolbar, as shown in Figure 6.13.
2. If you see a prompt asking you to select Add Volume or Partition,
choose Partition.
3. To add the partition, click the Add (+) button below the pie chart and, on
the right side, define the name, choose a format from the drop-down menu,
and enter a size. You can also define the size by dragging the resize control
circled in red in Figure 6.16. In the example that follows, we choose to add a
partition formatted as a Mac OS Extended (Journaled) volume named
Backup.
4. Make sure the Backup volume is selected in the pie chart. When you are
ready, click Apply:
Figure. 6.16 – Adding partitions
[ 271 ]
If you want to partition a disk because you want to install Windows

on a Mac, use Boot Camp Assistant instead. Use Boot Camp
Assistant to remove a partition created with that tool as well.
5. You might see a warning that will ask you if you want to Use Mac OS
Extended or Use APFS, which is the default volume format for macOS Big
Sur. We are sure we want to use this format, so we will click Mac OS
Extended to confirm.
6. Next, click Apply. You will see a prompt that will confirm what will
happen. For example, in Figure 6.17, we are told that a new partition
(Backup) will be added and that the partition where the Macintosh HD
volume resides will be resized. Make sure this is what you mean to do,
then click Partition to proceed. No partitions will be erased in this process,
meaning it is a non-destructive process.
Figure. 6.17 – Partition actions
[ 272 ]
7. If you are resizing the disk where the startup volume resides, you might
see a prompt warning that Resizing the startup volume will cause this
computer to stop responding and not to power off while the process is
ongoing. Click Continue.
8. The process will start, and you will be able to monitor it (Figure 6.18). Take
into account that it may take a while:
Figure. 6.18 – Resizing volumes
9. When the process is complete, you should see an "Operation successful" or

"Operation failed" message. Click Done to close that window, or the Show
Details triangle to verify any errors.
10. You will be able to verify that the partition was created because it will
show on Disk Utility's left-side menu and in the Finder's sidebar.
We mentioned earlier that there are two main ways of formatting a disk in macOS:
adding a partition, and the other is by erasing the disk. In the following section, we
will see how formatting is done by erasing a disk.
Erasing/reformatting disks
If you choose to erase a disk (not a volume or a partition), Disk Utility will create a
partition with a new volume format. Always remember that erasing a disk will
destroy its contents. If you will be erasing a system disk, you should use Disk Utility
from macOS Recovery.
[ 273 ]
Follow these steps to erase/format a disk:
1. Open Disk Utility.

2. Select the disk in the sidebar menu, and click Erase in the toolbar (Figure
6.19):
Figure. 6.19 – Erasing a disk
3. Enter a volume name, a Format (the default is APFS), and a Scheme (the
default is the GUID Partition Map). The format options you can choose in
the Format dropdown are shown in Figure 6.20:
Figure. 6.20 – Volume formats
The Scheme options, which we discussed earlier in the chapter, are

[ 274 ]
Figure. 6.21 – Partition schemes
4. You might see a Security Options button when erasing certain storage
devices. If you click on it, you will be able to choose from four security
settings to erase your data. These options are Fastest, Two-Pass
Erase, Three-Pass Erase, and Most Secure (Figure 6.22):
Figure. 6.22 – Secure erase options
Note that secure erase options are not available for solid-state drives
(SSD). The security alternative for this type of disk would be turning
on FileVault encryption.
When available, the security options and how they deal with erasing data are
explained here:
Fastest: This is the default method and the fastest. Data erased with this
method might be recoverable through third-party utilities.
Two-Pass Erase: This method overwrites with random data once and then
overwrites with a single pass of zeros. This means data is overwritten
twice.
[ 275 ]
Three-Pass Erase: It overwrites with random data twice and then

overwrites with a single pass of known data. This method is compliant
with the US Department of Energy (DOE) security requirements for
securely erasing data.
Most Secure: This method overwrites with seven different passes of
random and patterned data. Needless to say that this is the most secure
option and the one that takes longer to complete. This method is compliant
with the US Department of Defense (DOD) security requirements for
securely erasing data.
When you erase a volume, a new empty volume is created, and

when you start using it, data will be written on top of the old data.
So, as long as the volume has not been overwritten with new data
yet, the contents may still be on the disk. You might be able to
recover the data through third-party tools if you erased it by
mistake.
5. Move the slider to the appropriate position or leave it as the default, and
click OK.
6. Review all the details and, when ready, click Erase.
7. When the process is finished, click Done.
And that's it! You have successfully erased and reformatted your disk.
Next, we will see some other important actions that you might need to perform with
macOS storage, such as resizing and deleting existing partitions.
Resizing/deleting a non-APFS partition

Earlier, we saw how to add a partition formatted as Mac OS Extended (Journaled),
FAT, or exFAT. In this section, we will see how to increase/decrease the size of those
partitions.
To increase the size of a partition formatted with Mac OS Extended, FAT, or exFAT,
you will need to delete the partition/volume right after the partition you want to
enlarge to make space for it. There is no easy way to resize without deleting another
partition first and potentially losing data; other options would be to use Terminal (for
advanced users only) or third-party software.
[ 276 ]
Take into account that it is not possible to increase the size of the last
partition on any device.
First, we need to delete a partition. Follow the steps indicated here:
1. Make sure you have a backup of your data before attempting any partition
changes.
2. Open Disk Utility. In the sidebar, select the disk (not a volume) with the
partition you want to increase the size to, then click Partition (Figure
6.13). If you see a prompt asking you to select Add Volume or Partition,
choose Partition.
3. On the pie chart, select the volume immediately after the partition you
want to increase the size of so that it shows in the color blue, and click the
Remove sign (-), as shown in Figure 6.23.
4. Once you are certain this is the partition you want to delete, click Apply.
5. You will see a prompt warning you that this action will remove the
partition and its data. Verify and click Partition:
Figure. 6.23 – Deleting partitions
[ 277 ]
6. When the process is complete, click Done. You should see an Operation
successful or Operation failed message. Click Done to close that window,
or click the Show Details triangle to verify any errors.
7. As you can see in Figure 6.24, the partition next to the one you just removed
now occupies the space liberated.
So, that's it! You have just increased the size of an existing partition:
Figure. 6.24 – Resizing partitions
[ 278 ]
Decreasing the size of a partition can be done in a much simpler and non-destructive
way (no data loss):
1. Follow steps 1 to 3 from the previous procedure.

2. Next, press Command + Shift, and you will see the control handles appear,
as shown in Figure 6.25. Drag the handles to decrease the size of the
partitions as needed and click Apply:
Figure. 6.25 – Reducing partitions
[ 279 ]
3. You will see a prompt warning you that this action will resize the partition.
Verify the information and click Partition.
4. As you can see in Figure 6.26, the partition has been resized, and a new
"Untitled" partition now appears, occupying the liberated space:
Figure. 6.26 – Reduced partition
Now that you have learned how to format, add, increase, and decrease partitions, let's
see how to use APFS, the current macOS default volume format.
Using APFS volumes

With APFS, the current macOS volume format, there is really no need to partition a
disk unless you need a different volume format such as Mac OS Extended (HFS+), a
scenario we saw in the previous section; otherwise, adding volumes to the APFS
container would be the best way to manage your storage in macOS.
[ 280 ]
In this section, we will look at the following topics:
Converting volumes to APFS

Adding a volume to an APFS container
Deleting/erasing an APFS volume
Let's begin by exploring how to convert volumes to APFS.
Converting volumes to APFS

If you are still using HFS+, switching to APFS is very easy. If running a macOS
version older than High Sierra, all you need to do is upgrade to High Sierra or later,
and the installer will automatically convert your system volume (by default named
Macintosh HD) to APFS if supported by your Mac and storage device. Other non-
system volumes, including external ones, can be manually converted.
The following filesystems in your system volume will be automatically converted

without having to do anything special:
HFS+
Fusion
Core Storage
FileVault
If for any reason, volumes are not converted to APFS by the update process, or if you
want to convert an external disk, you can do it manually without data loss. To do
that, follow the steps indicated here:
1. Open Disk Utility, right-click the volume in the sidebar list, and
select Convert to APFS...
2. You will be asked to confirm. If you are sure, click Convert to proceed.
3. You will be able to monitor the process by clicking the Show
Details triangle.
4. When the process is complete, you will see a Conversion to APFS is
complete or Operation successful message in the details window.
Click Done to close that window.
[ 281 ]
5. If you look in the sidebar in Figure 6.27, you will notice that the partition
converted is now wrapped inside a container as a result of the conversion
to APFS:
Figure. 6.27 – Converting to APFS
You can also convert a volume to APFS by changing the format to APFS, a procedure
we saw earlier, in the section on how to modify partitions (Figure 6.15). However, this
is a destructive process.
If you want to take advantage of the APFS space-sharing feature, the best option is to
add volumes to one APFS container, and that is what we will look at in the next
section.
Adding a volume to an APFS container

Taking advantage of the space-sharing feature in APFS requires volumes to be in the
same APFS container. As long as volumes are part of the same APFS container,
they can take advantage of the free space in other volumes.
To add a new volume to an existing APFS container, follow these steps:
1. Open Disk Utility.

2. In the sidebar, select the APFS container you want to add a volume to and
click the Add Volume icon (+) circled in red in Figure 6.28:
[ 282 ]
Figure. 6.28 – Adding volumes to APFS container
3. Give the new volume a name. In the Format dropdown, select the variant
of APFS you want to use or leave it as the default format, as seen in Figure
6.29.
Figure. 6.29 – Adding a volume to an APFS container
4. You will see a Size Options... button, which you can use to manage APFS
volume allocation manually. The available options are the following:
Reserve Size: Ensures that a specific storage size will be
available for this volume.
Quota Size: Limits how much storage this volume can allocate.
5. When ready, click OK.
[ 283 ]
6. Click Add to add the volume.

7. When the process is complete, you will see an Adding is complete message
or Operation successful in the details window. Click Done to close that
window.
Now that you know how to add an APFS volume, let's examine how to delete it or
erase it.
Deleting/erasing an APFS volume

Deleting an APFS volume will remove it from the container and permanently erase all
the data in that volume. To delete a volume, do the following:
1. Select the APFS volume you want to delete in Disk Utility's sidebar.
2. Click the delete volume button (-) in the top toolbar.
3. You will see a prompt to confirm. Make sure the correct volume will be
deleted and click Delete.
Erasing an APFS volume will permanently erase all the data in the volume, but the
empty volume will remain in the container. To erase a volume, do the following:
1. Select the APFS volume you want to erase in Disk Utility's sidebar.
2. Click the Erase button in the top toolbar.
3. You will see a prompt to enter a volume name and format. You can change
it if necessary, and click Erase when ready.
We have finished this section on using APFS volumes, including adding, deleting,
and erasing volumes. In the next section, we will examine a set of important recurrent
tasks.
Mounting, unmounting, and ejecting

disks/volumes
Unproperly connecting and disconnecting storage devices can have unwanted
consequences, such as data corruption. In this section, we will look at how to do it
properly through mounting, unmounting, and ejecting.
[ 284 ]
Mounting a volume is the action of establishing a logical connection to a storage

volume. This procedure adds the filesystem to the existing file hierarchy so that it's
accessible to the user. Although macOS automatically mounts volumes contained in a
disk when they are connected physically to the computer, mounting is not the same
as a device just being connected to the machine: a device can be connected, but the
volumes it contains may not necessarily be mounted.
When a physical storage device is connected to a Mac, the volumes appear in the
Finder and Disk Utility, except for encrypted volumes. Encrypted volumes require
you to enter the password to unlock it first before they can be seen in the Finder or
Disk Utility.
What's the difference between unmounting and ejecting?
The action of unmounting volumes on a disk means disconnecting it from a Mac

machine in a clean manner to maintain data integrity. It is not a good practice to
physically disconnect a device without first unmounting its volumes. On the other
hand, ejecting will not only unmount the volumes in a disk, but it will also physically
disconnect the device from the Mac.
In Figure 6.30, the volume appears dimmed, which means that the disk is physically
connected, but the volume is not mounted. If you select that volume, a message in the
center of the window will indicate so:
Figure. 6.30 – Unmounted volume
In the following section, we will look at the various methods to unmount/eject a disk.
[ 285 ]
Unmounting and ejecting

There are different ways you can unmount a volume and eject a disk in macOS. Note
that these actions will unmount and eject a volume/disk:
Drag the volume to Trash in the Dock.

Select the volume from the Desktop and press Command + E. If the volume
is open in the Finder, the operation will fail.
Open the Finder and click the Eject icon next to the volume (Figure 6.31) to
eject it. Ejecting from the Finder will unmount the volume first and next
eject (disconnect) it. If the disk has several volumes, macOS will ask you if
you want to eject all the volumes or just the one selected:
Figure. 6.31 – Ejecting a volume
In the Finder, select the volume, then choose File, and Eject from the top
menu.
Select the volume, right-click, and select Eject "[volume name]."
Select the volume, click the Action button in the Finder toolbar, and
select Eject "[volume name]" (Figure 6.32):
[ 286 ]
Figure. 6.32 – Ejecting a volume with the Action button
Besides all the methods to unmount and eject we just saw, you can also use Disk
Utility to eject and unmount a volume. You won't be able to unmount or eject a
volume when files from that volume are open. You need to close any open files, and
sometimes even the Finder, to unmount or eject the volume.
To unmount a volume from Disk Utility, do the following:
Select the volume in the side menu, click the Unmount button at the top, or
click the Eject button beside the volume name, as seen in Figure 6.33.
Figure. 6.33 – Unmounting from Disk Utility
[ 287 ]
If a file from another user is preventing unmounting or ejecting, the Finder

will ask whether you want to force eject the volume, and it will also
attempt to close the applications and files preventing it. You could click on
Force Eject... once or twice (Figure 6.34), and the Finder will quit the
application to release the volume.
Figure. 6.34 – Force Eject
Other options are to log out the user, preventing the release of the volume,
or restart the Mac. These options are preferable to just unplugging the disk
without properly unmounting the volumes and risking data corruption.
It's important to know that HFS Extended, Journaled formats use "journaling" as
crash protection. So, if an unexpected interruption disconnects the device without
unmounting (for example, in the event of a power outage), as soon as the power is
back, the system will verify the volumes and attempt to repair them. Journaling
allows this by keeping a history of the filesystem changes. Therefore, you need to
keep the disconnected device plugged in when the power returns for this process to
occur.
In APFS, journaling is no longer necessary since the system uses "copy-on-write,"

which is much more efficient at keeping a "data history" than journaling.
Now that we have seen how to unmount and eject disks/volumes, let's see how to
mount or remount them.
Mounting
To mount a volume, all you need to do is plug the storage device into the Mac.
However, mounting volumes previously unmounted and still connected by cable can
be done from Disk Utility.
If a volume is unmounted, but the device is still connected to the Mac, it will
show dimmed in the Disk Utility sidebar. If you want to remount that volume, all you
need to do is select the volume and click the Mount button in the toolbar (Figure 6.35):
[ 288 ]
Figure. 6.35 – Mounting volumes from Disk Utility
In the case of an encrypted volume, the Mount button will be grayed out or disabled.
To mount it, you would need to choose File from the menu, then select Unlock, and
enter the password to unlock the volume.
If a disk is not visible in Disk Utility, it means it was ejected

completely, and you need to reconnect it again by physically
disconnecting and reconnecting the disk cable to the Mac.
In this section, we have seen all about disks, volumes, and partitions, including how
to examine storage, manage partitions, use APFS volumes, and mount/unmount and
eject disks. In the next section, we will see how to optimize storage space.
Optimizing storage space

macOS provides tools to optimize the space in your system volume to keep your
storage in an optimal condition, have enough free space, keep your Mac clutter-free,
and perform important organizational tasks. This requires you to dedicate time to do
some cleaning and organizing. macOS provides you with useful tools that you can
take advantage of to make this task easier and quicker.
[ 289 ]
macOS's Storage Management tool offers you the following actionable

recommendations to help you optimize your storage:
Store in iCloud
Optimize Storage
Empty Trash Automatically
Reduce Clutter
You can access the Storage Management tool through Spotlight or the Storage tab in
the About This Mac tool we saw earlier in this chapter (Figure 6.5). Click
the Manage... button beside the system volume (usually Macintosh HD). Then, you
will see the interface shown in Figure 6.36:
Figure. 6.36 – Storage Management
When the tool opens, you will see the types of files you have and the space they
occupy on the left side. If you have a lot of files, the process of calculating the sizes
may take a while.
Let's examine the Storage Management options in more detail.
[ 290 ]
Store in iCloud
The first option you will see, Store in iCloud, recommends storing your files, photos,
and messages in iCloud. To save space, you should only keep recent files and
optimized photos on your local disk.
To use this option, do the following:
1. Click the Store in iCloud... button.

2. A prompt will open where you will have the following options to select:
Desktop and Documents: Choose this option to store all files from the
Desktop and Documents folders in iCloud Drive. When you have limited
storage space, only the files recently opened are kept locally. Files stored in
iCloud will have a download icon; therefore, if you need the original file,
all you need to do is double-click on this icon to download the file.
Photos: With this option, all original photos and videos will be stored in
iCloud Photos. When you have limited storage space, only optimized
versions of the photos are kept locally.
Messages: This option will store all messages and attachments in iCloud.
When you have limited storage space, only the messages and attachments
recently opened are kept locally.
3. Once you have selected the appropriate boxes, click Store in iCloud.
4. If iCloud is not enabled in your account, you will be asked to sign in to
iCloud.
Let's examine the next option.
Optimize Storage
The Optimize Storage option recommends enabling the removal of movies and TV
shows that you have already watched.
To enable this option, do the following:
1. Click the Optimize... button.

2. You will see a confirmation prompt. Click Optimize.
3. A green checkmark will appear once the optimization is complete.
[ 291 ]
When you optimize storage for movies, TV shows, and email

attachments, you don't require iCloud storage space.
Let's explore the next option.
Empty Trash Automatically

By turning on this option, items that have been in Trash for more than 30 days will be
automatically erased.
To enable this option, do the following:
1. Click the Turn On button.

2. You will see a confirmation prompt. Click Turn On if you are sure of this
action, as it prevents you from recovering files that you might have erased
by mistake more than 30 days ago.
Let's look at the last option to manage storage space.
Reduce Clutter
This option will allow you to sort and delete documents and other content stored on
the Mac. This process requires time, but the sorting tools make it easier to make
decisions.
To use it, do the following:
1. Click the Review Files button. This option will help you sort through your
files to delete the ones you no longer need.
2. When you click that button, you will see the following five tabs (Figure.
6.37):
Large Files: This sorts through large files so that you can erase those
occupying a lot of space and that you don't really need.
Downloads: This sorts the downloaded files and allows you to
permanently erase them, especially installers, which are usually very big.
Unsupported Apps: In this tab, you can permanently erase unsupported
apps.
[ 292 ]
Containers: In this tab, you can explore application containers and erase
data not needed anymore.
File Browser: This sorts the folders that are larger in size so that you can
explore them and see which files you can delete:
Figure. 6.37 – Reduce Clutter
You can also find other categories in the left panel to sort files by type: Documents,
Music, Trash, and more to help you with your storage optimization efforts.
And with this section on optimization, we have reached the end of this chapter.
Please be sure to review the summary and the further reading resources for more
information on the topics covered in this chapter.
[ 293 ]
Summary
In this chapter, we discussed several basic concepts necessary to understand macOS
storage, including what disks, volumes, and partitions are, and how you can examine
and manage them in macOS. We explored the macOS filesystem and how its
hierarchy structure can be classified into four domains (local, system, user, and
network) according to their purpose. We also examined the advantages of the new
default filesystem: APFS. Finally, we learned about the tools macOS provides to
optimize your storage space.
By now, you should feel comfortable with describing macOS-supported filesystems;

describing and understanding the macOS default APFS filesystem; understanding the
differences between disks, volumes, and partitions in macOS; examining storage;
partitioning a disk; erasing a disk or volume; adding volumes to an APFS container;
and mounting, unmounting, and ejecting disks/volumes.
In the next chapter of this book, we will examine an important topic that describes
how access to the filesystem and storage is managed through ownership and
permissions.
Further reading
If you want to check out the fine-grained technical details about the Apple Mac's File
System, you can visit this page:
File System Basics: https://developer.apple.com/library/archive/

documentation/FileManagement/Conceptual/FileSystemProgrammingGuide/
FileSystemOverview/FileSystemOverview.html#//apple_ref/doc/uid/TP40010672-
CH2-S
[ 294 ]
7
Understanding Ownership
and Permissions
Ownership and permissions in macOS control authorizations to access filesystem
resources. In other words, they control which users have what kind of access to which
resources.
In this chapter, you will learn how macOS manages ownership and permissions, and
how access rights priorities are assigned according to macOS's main policy. Also, you
will learn how to manage file and folder access through the tools macOS provides.
Finally, you will explore the options for sharing files through the default sharing
folders available in the macOS filesystem.
By the end of this chapter, you will be able to describe file ownership and permissions
in macOS, manage file and folder ownership and permissions and use the macOS
default sharing folders effectively to share resources with other users.
This chapter is divided into three main topics:
Understanding ownership and permissions

Managing access and ownership
Using macOS shared folders
Understanding Ownership and Permissions Chapter 7

Understanding ownership and

permissions
We need to review a few concepts to clearly understand how ownership and
permissions are managed in macOS. More specifically, we need to understand what
permissions and ownership are, the types of permissions macOS uses, and how they
work in macOS. At the end of this section, you will be able to describe the macOS
permissions and ownership model.
In this section, we will explore the following topics:
What are ownership and permissions in macOS?

Access Control Lists (ACLs)
Access hierarchical rules
File flags
macOS's filesystem security policy
Let's begin by understanding what ownership and permissions are in the context of
macOS.
What are ownership and permissions in

macOS?
A "permission" is the granted right to perform an operation, which can vary from
executing code to accessing certain data or resources, such as files and folders. macOS
uses a combination of the UNIX ownership and permission model, POSIX Access
Control Lists or ACLs, BSD file flags, and other features such as ownership
verification.
In macOS, the permissions that can be applied to files and folders are as follows.
[ 296 ]
Permissions that can be configured from the Finder for the file level are the following:
Read & Write: Users/groups can open, read, and modify files.
Read only: Users/groups can open and read files but cannot modify them.
No access: No access of any kind is allowed to the file.
Permissions that can be configured from the Finder for the folder level are as follows:
Read & Write: Users/groups can explore the contents of the folder and
modify its contents (add, edit, remove files).
Read only: Users/groups can explore the contents of the folder, but they
cannot make any changes.
Write only (Drop Box): Users/groups are not allowed to explore the
Dropbox folder, but they can drag, copy, or move items to it.
No access: No access of any kind is allowed to the folder.
"Execute," the UNIX permission that allows executing a file, is assigned to folders
when read access is granted, but it cannot be modified or configured through
the Finder. This permission can only be managed by administrators through
Terminal.
At the same time, the permissions we just described are applied to users based on a
structure of three types of POSIX-style ownership tiers that define specific privilege
rules. All files and folders have a permission level assigned to these ownership tiers,
which are the following:
Owner
Group
Everyone
[ 297 ]
This ownership model is common on UNIX systems, and it relies on the principle that
every file and folder belongs to at least one owner and one group. Let's look at each of
the three types of ownership tiers in more detail:
Owner: By default, the owner is the user who created (or copied) an item.
Users usually own all the items in their home folders. On the other hand,
the "root" user owns items such as resources and applications.
Group: An item inherits the group permissions from the folder it was
created in. The group tier includes all users that are not owners of a specific
item. There are three main groups of ownership already configured by
default in macOS; however, you can add your own groups, which you
create in the User & Groups preferences. You can explore Chapter 4, User
Accounts Management, to review how. The groups that exist in macOS by
default are the following:
staff: Local users belong by default to this group, including

administrators.
admin: Administrators belong to this group.
wheel: There is only one member of the wheel group: the
root user. Most system resources and application items
belong to the wheel group as well.
Everyone: At the same time, each of the files and folders has a setting for
everyone else who is not an owner. In other words, any user (local, sharing,
guest) who is not an owner or does not belong to a group belongs to the
Everyone tier.
Apart from the preceding ownership tiers, we have what are known as Access
Control Lists or ACLs, which provide a filesystem ownership and permission
structure with more flexibility and customization options.
[ 298 ]
Access Control Lists (ACLs)

In macOS, POSIX Access Control Lists (ACLs), or rules, are added to expand the
standard UNIX ownership and permission model described earlier in order to have
more flexibility and customization options for fine-grained access. In a nutshell, ACLs
are a set of permissions or rules applied to a specific user or a group. These rules
define the type of access (view, read, write) to folders and files for every
administrative, standard, guest, and sharing user. At the same time, permissions in
macOS can be granted at various levels, such as directories, subdirectories, files,
applications, and even specific pieces of data.
This is very useful when you have departments in an organization. For example, you
could create a Sales Department group and define a set of permissions for specific
folders for that department, and a Marketing group with another set of permissions
for that department.
If an ACL rule is defined for a user or group, this rule has precedence over the
standard UNIX permissions. You will see the order of precedence a little bit later in
this chapter. But now, let's see the types of permissions that can be configured in
macOS and how they work in a hierarchical fashion.
Access hierarchical rules

Permission rules are applied hierarchically; that is, they are applied to a folder
hierarchy structure. They are very effective, yet they provide a lot of flexibility since
they allow users to have individual access permissions to every folder and file in the
system. In that sense, they can also be quite customized and complex.
In summary, access to a resource is based on the following two factors:
The item's permissions and ownership

The permissions and ownership of the folder where the item resides
Let's look at some examples to better understand how this works in a real context.
[ 299 ]
Case 1
We have a folder that belongs to the staff group.
This group has Read & Write permissions for this folder.
We have two files inside: one has Read & Write permissions, the other has
Read only permissions.
With these permissions enabled, staff members can do the following:
Explore the folder and make changes to it, that is, add, remove, or edit files.
Read, and edit the file with Read & Write permissions.
Open and read the file with Read only permissions, but not make changes
to it. However, since they have Read & Write access to the folder where
this file resides, they can copy, move, rename, or delete the file. Therefore,
this file is not secure simply because it is Read only since the higher
permissions at the folder level allow tampering with it. In fact, users could
copy the file's contents in another file, and since they have full permissions
for the folder, they could replace the file.
Case 2
We have a folder that also belongs to the staff group.
This group has Read only permissions on this folder.
We have two files inside: one has Read & Write permissions, and the other
has Read only permissions.
So, staff members can do the following:
Explore the folder, but they cannot make any changes to it, such as adding,
deleting, or editing files.
Make changes to the file that has Read & Write permissions, but they
cannot move it, copy it, rename it, or delete it because of the Read only
permissions for the folder. However, users could delete the file contents
and leave it blank because of the Read & Write permissions.
View the file with Read only permissions. They could copy the file to
another folder, but they wouldn't be able to replace it in the folder because
of the Read only access; modifying this file is not possible.
These two cases are just an example of the possibilities, and sometimes complexity,
that permissions offer in this model.
[ 300 ]
Now, besides permissions and ACLs, macOS uses other resources that also help
manage access to items: file flags. In the next section, we will examine a practical case
where file flags are used to control access.
File flags
macOS supports file flags, which are intended to override UNIX permissions in very
specific situations. These file flags allow controlling access at a per-file level. They are
very useful when permissions are assigned to a folder recursively, for example, but
you want a specific file to be excluded from those permissions and to have its own,
more restrictive access.
Let's consider this scenario:
We have a folder with two files that belongs to the staff group.
The folder has recursive Read & Write permissions.
Because permissions are recursive, the two files in the folder have Read &
Write permissions, but a lock flag has been enabled on the second file.
So, staff members can do the following:
Access and modify the folder and the first file.

Although the second file, and the folder where this file resides, have Read
& Write permissions, users cannot make any changes to this file, nor at the
folder level, nor the file level. They cannot edit it, nor move it, or delete it.
What happened in this case?
The file owner enabled the locked attribute for the second file. This flag prevents any
user who is not the owner of that file from editing, moving, deleting, or renaming it
until the owner clears the flag. The only one who can perform any modifications to
the file is the owner. Actually, the owner could even delete the file, even if it was still
locked.
The file could be copied to another folder, at which point the user who copied it
would become the new owner and could disable the file lock, but the original file
would still be locked, and it wouldn't be possible to replace it with this new, unlocked
version.
[ 301 ]
macOS currently allows the use of the "locked" file flag only through the user
interface. Other flags can be used in macOS, but that would require the use of
Terminal.
To enable the locked file flag, follow these steps:
1. Open the Finder and select the file you want to lock.
2. Press Cmd + I to open the Inspector window.
3. Enable the Locked checkbox circled in red in Figure 7.1:
Figure 7.1 – Using the Locked flag
Now that you know how file flags work in macOS, it is important to examine the
macOS filesystem security policy, which details exactly how access rights are
determined in the context of permissions and ACLs. In the following section, we will
see the priorities determined by the application of this policy.
[ 302 ]
macOS's filesystem security policy

In macOS, the determination of access rights depends on UNIX permissions, which
include the file flags and POSIX Access Control Lists described earlier. In addition,
the macOS File System Security Policy determines which access rights (or ownership
calling requests) have precedence in complex permission and ownership scenarios.
The policy checks the following in order to grant or deny permission to a resource:
If the application’s sandbox does not allow access, then the request is
denied.
If ownership checking is disabled for the volume, the request proceeds.
If there is an ACL set for the file, it is evaluated to determine the access
rights.
If there is a file flag that denies access, the request is denied.
If the user ID matches the owner of the file (the “user” or "owner"
permissions), then those permissions are used.
If the group ID matches the group for the file, then the “group” permissions
are used.
Otherwise, the “other” permissions are used.
In Figure 7.2, we can see a graphical representation of these priorities:
Figure 7.2 – macOS filesystem security policy
[ 303 ]
In this section, we saw what ownership and permissions in macOS are, how Access
Control Lists or ACLs help to add flexibility to the UNIX model, how hierarchical
rules work, how we can use file flags to restrict access at a per-file level, and the
priorities the macOS File System Security Policy uses to grant or deny access to a
resource. This information will help you manage ownership and permissions to
customize access to your macOS resources if needed.
In the next section, we will see how to manage permissions and ownership using the
tool available for all macOS users for that purpose, the Finder.
Managing access and ownership

In this section, you will learn how to verify an item's ownership and permissions and
manage access and ownership to customize permissions according to your specific
needs. The topics we will cover are the following:
Verifying an item's ownership and permissions

Changing an item's ownership and permissions
Ownership in non-system volumes
Granting and changing permissions
Deleting permissions
Permission customization examples
Let's begin by learning how to verify an item's ownership and permissions.
Verifying an item's ownership and

permissions
In macOS, the Finder is the tool that lets you verify an item's ownership and level of
permissions. It does this by displaying a secondary window called the Info or
Inspector window, shown in Figure 7.1, which allows you to inspect the information
regarding an item's owner, the groups it belongs to, and the permissions granted. The
Info window provides a lot of information about a file, but we will only focus on the
section related to ownership and permissions in this chapter.
[ 304 ]
There are several ways to display the Info window. With the item you want to
inspect selected in the Finder, you can do the following:
Press Cmd + I.
Go to File in the menu and select Get Info.
Use the secondary click to select the Get Info option.
This tool can also be used in Dynamic Inspector mode, which lets you inspect items
dynamically. This means that if you select another item in the Finder, the Inspector
window will change to show the new item's information, without having to close the
Inspector window.
To use the Dynamic Inspector feature, do the following:
1. Select an item in the Finder and press Cmd + Option + I.

2. Select another item in the Finder, and the window will dynamically change
to reflect the new item's info.
The ownership and permissions info is shown at the bottom of the window, in
the Sharing & Permissions section, as seen in Figure 7.3:
Figure 7.3 – The Info window
[ 305 ]
This is how you should interpret the information you see:
In the Name column, you will see the list of users and groups with access
to this item. Remember, we said that all files and folders have permissions
granted to the three ownership tiers by default: owner, group, and
everyone.
The Privilege column lists the permissions associated with ownership tiers
listed in the Name column.
The user at the bottom of the users list, before the groups, displayed in a
circled icon (macOS Big Sur), is the item's owner. In Figure 7.3, hertanava
(Me) owns this item and has Read & Write permissions.
Other users are displayed with single-user icons. In the example,
patrickjohnson is a user added to the permissions list with Read
only access to this item.
The groups that have access to this item are displayed with a two-user icon.
In the example, there is only one group, the staff group, that has Read &
Write permissions for this item.
Every resource has a setting for everyone, which is displayed with a three-
user icon. In this case, everyone has Read & Write permissions on this
item.
The item's owner can change the item's permissions, but only administrators can
change both an item's ownership and permissions. We will explore that next.
Changing an item's ownership and

permissions
The default ownership and permissions settings are, in most cases, enough for any
standard user. Although you might never feel the need to change them, you can do so
from the Finder's Info window. For example, you might want to change who owns a
specific item for security reasons or add an additional user and grant them
permission to access an item for easy collaboration.
The user who created an item is usually the user who owns it. Take into account that
to change permissions of items you don't own, you need administrator privileges. In
the case of ACLs, the Finder only allows limited configuration options. If you need
more complex permissions and ACLs, you can use Terminal.
[ 306 ]
To change an item's owner, follow these steps:
1. Select the item in the Finder and open the Info window.
2. Click the small lock icon in the lower-right corner (Figure 7.4).
3. Enter your credentials to authenticate as an administrator, if necessary.
4. You will need to add the user as an entry in the permissions list if it's not
already in it. For that, click the Add (+) button in the lower-left
corner (Figure 7.4). You can select a user already on the list of users or
create a new user with the New Person button (Figure 7.8). By default, new
users will be added to the list with Read only permissions, as you can see
in the case of patrickjohnson in Figure 7.4:
Figure 7.4 – Adding users
5. For this example, let's assign ownership of this item to patrickjohnson,

who has already been added to the Name column.
[ 307 ]
6. To make him the owner of this item, select him in the list, click the small
gear icon at the bottom, and select Make "patrickjohnson" the owner, as
seen in Figure 7.5:
Figure 7.5 – Changing ownership
7. At this point, the new owner will move to the bottom of the users
permissions list, and its icon will change, as you can see in Figure 7.6:
[ 308 ]
Figure 7.6 – New owner
Notice that, although patrickjohnson is now the owner, he still has Read only
permissions, but since he's the owner now, he will be able to change permissions for
this item for any user without having to authenticate as an administrator. We will see
how to change that in the Granting and changing permissions section.
The changes will be applied immediately, but as long as you keep the Info window
open, you will be able to revert the ownership configuration by clicking the gear icon
at the bottom of the window and choosing Revert changes (Figure 7.5). This option is
useful if you made a mistake or if you want to test different configurations to see their
effect on an item. Take into account that this is not an "undo" type option; it will
revert to the original configuration in effect when the Info window was opened.
This ownership configuration we just customized works in resources in the system

volume. But what happens if I want to extend the configuration to non-system
volumes? This is what we will look at in the next section.
[ 309 ]
Ownership in non-system volumes

Many users still use external disks for file storage and transfer. However, most
computers cannot identify ownership on those devices because they don't use the
same user account database. This means that when a disk with files created on a Mac
is used on another Mac, the second machine will not recognize the file ownership
those files had on the first Mac. The default behavior of macOS for non-system
volumes (internal or external) is to ignore the ownership of those disks to facilitate
access. This is true, even if the user is exploring a volume that they did not mount
initially; they will still be able to explore the volume. The only way ownership would
be recognized is if you had a centralized network of users where all the Macs in your
network share the same user database.
However, administrators can change this behavior and force macOS to recognize
ownership in non-system external and internal volumes. To do this, follow the steps
given here:
1. Open the Finder, and select the non-system volume for which you want
ownership to be recognized. Open the Info window for that volume.
2. Next, click the lock at the bottom of the Info window to authenticate as an
administrator.
3. Next, you will see that the Ignore ownership on this volume checkbox is
selected by default, as shown in Figure 7.7. Deselect it to change the
behavior for that volume:
Figure 7.7 – Changing non-system volume ownership
[ 310 ]
Note that this procedure will not work with volumes formatted as
FAT or exFAT.
Let's now discover how to add additional permissions using the Finder and the Info
window.
Granting and changing permissions

Granting new permissions would be necessary if you wanted to allow access to
specific files and folders to additional users or groups for easier collaboration.
If you want to grant new permissions for a user or a group, follow these steps:
1. Select the file you want to grant permissions for, open the Info window,
and click the Add (+) button, as shown in Figure 7.4.
2. A window will appear to allow you to search and select a user or group
from the list. At this point, you will have the choice to create a new user as
well. Take into account that using the New Person button will create a new
sharing-only user account, the same way you would create it from the
Users & Groups preferences.
3. Click the New Person button to create a new sharing-only user or select a
user from the Users & Groups list or a contact from your Contacts list. For
this example, let's choose John Adams from the Users & Groups list and
click Select:
Figure 7.8 – Adding a new user
[ 311 ]
4. The new user in the list, John Adams, is added to the list with the
default Read only permissions.
5. To change the permissions, click on the Read only privilege for
johnadams and select an available permission such as Read & Write, as
Figure 7.9 – Changing permissions
6. Once that is done, the list will reflect the new privileges for johnadams as
Read & Write.
And that's it! You have successfully added a new user and granted them permission
to an item.
[ 312 ]
Notice that the actions in the preceding example were performed without having to
authenticate and with the lock engaged. This is because the user making the changes
is the owner of this item. If I weren't the owner of this file and tried to change the
permissions, I would get an error message like the one shown in Figure 7.10:
Figure 7.10 – Permission change not allowed
So, you see how adding permissions is very easy through the tools macOS provides.
Deleting permissions is even easier, as we will see in the next section.
Deleting permissions
You might want to delete permissions to increase the security for certain sensitive
items or remove permissions from users and groups that don't really need access to
those resources.
Deleting permissions granted to a user or a group is straightforward. Just select the

user or group and its permission or privilege from the list under the Sharing &
Permissions section in the Info window and click the delete button (-) in the lower-
left corner. If you are not the owner of the file, you will need to authenticate as an
administrator.
When deleting permissions, take the following into account:
You cannot delete the original owner of an item through the Info window.
You cannot delete the everyone group permission through the Info
window.
To delete the staff group, you will need to authenticate as an administrator.
So far, we have seen how to add and delete permissions. In the next section, we will
explore how to change permissions for items for specific scenarios.
[ 313 ]
Permission customization examples

Permission customization depends on the levels of sensitive information you have on
your computer or network and the policies that secure that information. This chapter
does not intend to cover those possibilities as there are many and they are beyond the
scope of this book. But we'll describe the essential details so that you understand the
tools to manage those permissions individually or in an enterprise setting.
macOS is pre-configured in a way that files and folders are normally secure for file
and folder sharing. This means most users will never feel the need to change
permissions. However, there are scenarios in which it is important to consider
permission customization, especially with shared computers and shared
environments.
The first detail to consider is that, to facilitate access, all new files and folders are
created with Read only access for other users who are not the owners. This is of
particular importance when users place items in the root of their home folders or if an
administrator places an item in the root of the system volume, the local library, or the
Applications folders. Although it is not a good practice to place items in those
locations, if for any reason you or anyone else does, you should be aware of the
default read-only access to those items.
Here, we will use two scenarios to exemplify how customization can help improve
the security and privacy of certain resources. The first shows how to restrict access to
an item, and the second, how to propagate folder permissions.
Example 1: Restricting access to an item

In this first scenario, we will discover how to restrict access to an item.
Let's place a file in the root of a user's home folder. We have seen earlier that users,
even guests, can browse other users' home folders. Therefore, this file placed in the
root of the home folder can be seen by all users. Let's change its permissions so that
only the owner can see it.
For the first scenario, we will follow these steps:
1. Select the file placed in the root of the user's home folder for which you
want to change the permissions.
2. Open the Info window, and scroll down to the Sharing &
Permissions section.
[ 314 ]
3. Start by removing all users and groups from the permissions list through
the delete button (-) circled in red in Figure 7.11 (except for the original
owner, who cannot be removed).
4. To delete the staff group, you will need to authenticate as an administrator
by clicking the lock icon at the bottom right.
5. You will notice that you cannot remove the everyone group. This is
because this group needs to be able to browse through the home folder to
access the shared folders. But, you can restrict access to the file. To do so,
change the file's permission setting to No Access, as shown in Figure 7.11:
Figure 7.11 – Deleting permissions
And that's it! You have secured a file by customizing the permissions to restrict access
to it. Now, only the owner will be able to see it and modify it.
In the next example, we will look at a second practical scenario.
Example 2: Propagating folder permissions

In this second scenario, we will discover how to propagate permissions granted to a
folder to all files in it.
For this example, we will choose the Pictures folder.
[ 315 ]
First, let's change the folder's permissions:
1. Select the Pictures folder and open the Info window. As mentioned
earlier, you will notice that the permissions for the everyone group
are Read only.
2. Change the everyone permissions to Read & Write. You will notice that
despite having changed the folder's permissions, the items inside still have
the Read only permission for the everyone group. This is because
permissions changed through the Info window do not propagate to the
items inside the parent folder.
Follow the steps indicated here to propagate permissions applied to a folder to the
items in it. Take into account that to do that, you will need administrator privileges:
1. Change the Pictures folder permissions for everyone from Read only
to Read & Write.
2. Next, click on the lock icon at the bottom to authenticate as an
administrator, if you've not already done so.
3. Click on the gear icon at the bottom and select Apply to enclosed
items... as shown in Figure 7.12:
Figure 7.12 – Propagating permissions
[ 316 ]
4. Also, take into account that this action is not easily reverted. This is why, at
this point, you will see a warning before accepting this action (Figure
7.13). Click OK if you are sure this is what you want to do:
Figure 7.13 – Warning
5. Now, if you open the Pictures folder, you will be able to verify that the
folder's permissions for the everyone group have been propagated to the
items in it.
Take into account that propagated permissions will not apply to

locked items inside a folder; they will remain in their original state.
This section concludes our learning about managing ownership and permissions. In
the next section, we will see how we can easily share files through the folders
provided by default in the macOS filesystem and the permissions that allow this.
[ 317 ]
Using macOS shared folders

Sharing files with other users is a big part of our daily work as Mac users. As we saw
in Chapter 6, The macOS File System: Disks, Volumes, and Partitions, there are folders in
the default macOS filesystem that you can use to share files. Learning to use these
folders will save you a lot of time when sharing resources among users on the same
Mac or a network. By the end of this section, you will understand how these folders
work, and you will be able to use them effectively to share resources.
Three folders are intended for file sharing in macOS:
Public
Drop Box
Shared
Let's examine how they work.
The Public and Drop Box folders

The Public folder is located in every user's home folder. The Drop Box folder is
located inside the Public folder, as shown in Figure 7.14.
Figure 7.14 – Public and Drop Box folders
[ 318 ]
These are the two premises you need to take into account to use these two folders:
1. Other users can view the contents of the Public folder, even users who
connect remotely can see what's in this folder, but they cannot add items or
make changes.
2. Other users can add files to the Drop Box folder, but they cannot see its
contents. Once a user "drops" a file in that folder, only the owner of that
home folder will be able to recover it. In other words, it's a folder for other
users to "drop" files for you (the owner of the home folder) to recover.
Let's examine the permissions of the Public folder. As you can see in Figure 7.15, this
folder has Read only access for the staff and everyone groups. This means other
users can read (explore) that folder. They can browse the contents of that folder, but
they cannot place any files inside it. If I were an administrative user, I could
authenticate and place files in it. However, any files placed in a user’s Public folder
can be read by all Mac users but edited or deleted only by the file owner:
Figure 7.15 – The Public folder's permissions
[ 319 ]
Now, let's examine the permissions for the Drop Box folder located inside
the Public folder from the perspective of the home folder owner, Patrick Johnson. As
you can see in Figure 7.16, it has a custom permission: Write only (Drop Box) for
the everyone group. This means other users can write (drop items) to that folder.
Also, notice there are two entries for the owner, patrickjohnson: there is a Read &
Write permission, and there's a Custom ACL setting for this folder, which allows the
owner of the home folder to have full access to the items in this Drop Box folder. The
files created or copied into Drop Box are owned by the user who created or copied
them, even if they are in another user's home folder.:
Figure 7.16 – The Drop Box folder's owner permissions
If another user, such as John Adams, would like to drop items for Patrick, they can
browse the system folder to locate the Public and Drop Box folders from the root of
the system volume (Macintosh HD), as seen in Figure 7.17:
[ 320 ]
Figure 7.17 – Browsing to another user's Drop Box folder
Since John doesn't have Read permissions, he cannot see the folder's contents. But he
has Write only (Drop Box) permissions because he is part of the staff group, so he can
drop files for Patrick.
Also, notice that all other sub-folders in Patrick's home folder have a red icon, which
means other users cannot access them.
Now that you understand how to get the most out of these two sharing folders, let's
look at another folder that helps us share in macOS, the Shared folder.
The Shared folder

The Shared folder is another folder provided by the macOS folder filesystem
structure to share files. This folder is located in the Users folder, and users can
browse to it from the root of the system volume (usually Macintosh HD), as shown in
Figure 7.18.
Figure 7.18 – Browsing to the Shared folder
[ 321 ]
But there is something different and unique about this folder. If we examine this
folder's permissions, in Figure 7.19, we can see that the owner of this folder is the
system user, the everyone and wheel groups have Read & Write permissions, and
there is no staff group in the list. This is an excellent example of custom permissions.
Moreover, this folder has a permission configuration called "sticky bit," which
prevents users from deleting any items they don't own. Only the user who owns the
item is allowed to delete it. Take into account that sticky bit permissions can only be
managed from Terminal.
Figure 7.19 – Shared folder permissions
As you can see from the permissions in Figure 7.19, everyone has Read & Write
permissions, which means users on the Mac can access and recover files placed in the
Shared folder, without the restrictions of the Public and Drop Box folders, but only
the original owner can edit or delete a file placed in this folder.
And with this section on sharing through the default folders provided by the macOS
filesystem, we conclude this chapter about ownership and permissions. Be sure to
check the following summary to recap what we have learned here.
[ 322 ]
Summary
In this chapter, we understood how ownership and permissions work in macOS, how
we can manage them, and how to use the folders provided by macOS for sharing
files.
After reading this chapter, you should feel comfortable with understanding how
ownership and permissions work in macOS, and be able to describe the types of
permissions and ownership tiers used. Also, you will now understand how ACLs
provide more flexibility to the permissions model and how to use flags, such as the
"locked" flag, to restrict access to specific items. You can now manage items'
permissions and change their ownership, as well as make ownership in non-system
disks be recognized. Finally, you should be able to take advantage of the macOS
shared folders to share files with other users effectively.
In the next chapter, we will explore system resources and shortcuts, including system
resources such as preference files and fonts, and shortcuts such as aliases.
[ 323 ]
8
System Resources and
Shortcuts
In Chapter 6, The macOS File System: Disks, Volumes, and Partitions, we saw how
macOS organizes the filesystem through domains that make it easier for the user to
find the files they need and, at the same time, keep a clean, clutter-free interface, and
a secure system. This chapter will focus in more detail on the system resources
distributed in that filesystem structure.
Learning about system resources is important because you need to know what kind
of system resources macOS uses to function, their purpose, and where they are
located, in case you need to access them for troubleshooting. Moreover, you will learn
about shortcuts, their purpose in macOS, and how to create your own.
By the end of this chapter, you will be able to locate system resources in macOS,
explore the types of system resources available, uncover and hide files and folders,
manage font resources, understand shortcuts in macOS, and create and manage
shortcuts.
The main topics that will be covered are the following:
Understanding system resources

Managing system resources
Understanding shortcuts in macOS
System Resources and Shortcuts Chapter 8

Understanding system resources

In general, system resources in the macOS environment are files needed by the
operating system and the software installed on your computer to function properly
and provide the expected functionality. These resources are located across the
filesystem we explored in Chapter 6, The macOS File System: Disks, Volumes, and
Partitions, and they include a variety of files such as utilities, fonts, extensions, and
more. Understanding what these resources do and where they are located is
important for you to be familiar with how macOS functions and for troubleshooting.
Most macOS system resources are located in the user and local Library folders in the
system volume. Precisely, the Library folders keep user and system resources
organized and separated from the rest of the files. This is why application and user
data is also found in these folders. This is intentional so that the Applications and
user home folders that are frequently accessed by users don't contain files they don't
really need to see.
In this section, we will explore the following:
Types of system resources in macOS

System resource domains
Sandboxing
Let's begin by exploring the types of system resources macOS uses.
Types of system resources in macOS

There are ten common types of system resources in macOS. The following six will be
covered in this chapter:
Extensions
Frameworks
[ 325 ]
Fonts
Preference files
LaunchAgents and LaunchDaemons
Logs
These four resources are covered in other chapters and sections of this book:
Preference Panes: These panes provide interfaces for various

configurations accessible from the System Preferences, such as the Users &
Groups preferences, the Security & Privacy preferences, and so on. These
panes are referenced in every chapter of this book.
Containers and Group containers: These resources are covered in the
Sandboxing section later in this chapter.
Keychains: These resources are covered in detail in Chapter 5, Managing
Application Support: A folder in the user and local Library folders that
contains files required by apps, such as help files and templates.
Let's learn about the first six types of resources in more detail.
Extensions
Also known as kernel extensions or kexts, these are resources for the system kernel.
The following has been sad by Joe Auricchio, from the Mac CoreOS group:
Kexts have been part of macOS since the very beginning, and you can use them to
build powerful and innovative apps that extend the built-in functionality of the
operating system. (WWDC 2019)
Kexts can attach themselves to the kernel or core to perform low-level tasks that
cannot be performed in userspace. Their main objective is to provide driver support
for networking, hardware, and peripherals. Antivirus software, firewalls, VPN
clients, DNS proxies, and more also use kernel extensions.
They can be found in the System/Library/Extensions

and /Library/Extensions folders. You can recognize them because of their .kext
extension.
[ 326 ]
However, since macOS Catalina (10.15), several improvements have been added to
kexts to facilitate development and debugging, reducing the risk to data security,
privacy, and the system. These improvements are possible through the introduction
of two new technologies that are designed to be run in userspace and not in the
kernel. Actually, "kernel extensions" will be deprecated and replaced by "system
extensions." Eventually, software using kernel extensions will trigger a notification
warning the user about the deprecated API and recommending that they contact the
developer for alternatives.
System extensions: They replace the "kernel extensions" functionality. They extend
the operating system's functionality and are part of the application but run in
userspace instead of the kernel. Developers can build three types of system extensions
in macOS Catalina and later:
Network: They replace the previous Network Kernel Extensions. They can
act as content filters, reroute traffic, and connect to a VPN.
Endpoint: They replace the previous kauth event monitoring. They allow
the development of detection and response, antivirus, and data loss
prevention apps.
Driver: They replace the previous device drivers kexts based on IOKit.
They are created with Driver Kit, a new SDK that is based on and replaces
the previous IOKit. It is designed to build device drivers in userspace
instead of the kernel. These extensions and Driver Kit allow you to control
hardware devices such as USB, serial, and so on.
Apple has informed developers that macOS .15 (Catalina) will be the
last release to fully support kexts. Developers will need to switch to
system extensions after that.
Let's take a look at the next type of system resource.
Frameworks
Frameworks are directories that contain code libraries. Their main purpose is to
provide resources for apps and system processes. They are located in the
/System/Library folder.
[ 327 ]
You can verify which frameworks are loaded into your macOS through the System
Information tool (you can review Chapter 6, The macOS File System: Disks, Volumes,
and Partitions, to learn how to access this tool):
1. Access the System Information tool.

2. Select the Software section on the left side.
3. Select the Frameworks option, as seen in Figure 8.1.
4. Select any framework to view more details about it, such as version
number, developer, and more:
Figure 8.1 – Frameworks
Fonts
Fonts are probably the most popular resource used by regular users. macOS supports
many types of fonts, including bitmap, TrueType, OpenType, and PostScript fonts.
They are used for the typefaces available for displays and printers.
[ 328 ]
Fonts are installed in these folders on your Mac:
/System/Library/Fonts: These fonts are required by macOS and can't

be disabled.
/Library/Fonts
The most recent list of fonts included in macOS by default can be

found at this link: https://support.apple.com/HT211240.
Preference files
Preference files store system and app configuration information. Whenever you
configure an application or a system setting, those settings are stored in these files. It
is common to delete preference files when an app is behaving unexpectedly or after a
migration. The specific steps to troubleshoot apps are covered in Troubleshooting
Tips.
Preference files are located in these folders:
Apps not sandboxed: ~/Library/Preferences

Sandboxed apps:
~/Library/Containers/[bundleID]/Data/Library/Preferences
and ~/Library/Group
Containers/[bundleID]/Data/Library/Preferences
For example, for the Scrivener app, the preference file would be located here:
~/Library/Containers/com.literatureandlatte.scrivener3/Data/Librar
y/Preferences
You can recognize preference files because they have the .plist extension.
Now, let's take a look at the next type of system resource.
[ 329 ]
LaunchAgents and LaunchDaemons

LaunchAgents and LaunchDaemons are resources that start services automatically
and run as background processes managed by the launchd process. Their main
purpose is to assist launchd processes with starting services when needed, either at
system startup or user login:
LaunchAgents are per-user processes specific to the user currently logged

in and that run while the user remains logged in. They are located in the
local, system, and user Library folders.
LaunchDaemons are processes that are always running in the background,
even without any users logged in. They are located in the local and system
Library folders.
Let's take a look at the last type of system resource we will see in this section.
Logs
Logs are files that contain information about activity and errors from nearly all
system processes and applications. They are located in all local Library folders and
also in the /var/log folder.
You can see logs through the Console application, which can be accessed from the
Applications/Utilities folder, or you can access it quickly through Spotlight.
We'll look at more about how to use Console to troubleshoot issues in
Troubleshooting Tips.
Now that we have explored the main types of system resources in macOS and know
what they are responsible for, we will explore how they are organized. System
resources in macOS are organized into domains; let's look at how that works.
System resource domains

As mentioned earlier, the clean, concise look macOS provides is achieved through a
combination of the filesystem structure, by hiding files and folders that a standard
user will not need to see, and the distribution of system resources into filesystem
domains.
[ 330 ]
System resource domains are used to distribute resources into domains to organize
them to increase user and system security and reliability and improve the user
experience at the same time. There are four domains in macOS where system
resources are found:
User
Local
Network
System
We saw a detailed description of these domains in Chapter 6, The macOS File System:
Disks, Volumes, and Partitions, if you want to go back to review them.
It is common to find some resources duplicated in these domains. For this reason,
there is a priority system in place when it comes to the system looking for the
resources it needs, from specific to general. In other words, if two or more copies of
the same resource are found, the priority the system will use is as follows:
1. User domain
2. Local domain
3. Network domain
4. System domain
This means that if a similar resource is found in more than one of these domains, the
system will prioritize the resource found in the User domain, and so on, until the
System domain, the last one in the priority list.
macOS also uses other technologies to ensure system resources and data security. One
of those technologies is called sandboxing. In the next section, we will see how this
technology is used to keep your system more secure.
Sandboxing
Sandboxing is an access control technology used in macOS that works at the kernel
level to make apps more secure and minimize the risk to the system and user's data.
This is possible because sandboxing limits an app's privileges so that it accesses only
the resources needed for its intended functionality.
[ 331 ]
A sandboxed app can access items inside a folder called a container. This folder
"contains" the resources of each sandboxed app available for users. Without
sandboxing, most apps would have unrestricted access to all user data and system
resources. With sandboxing, apps are only allowed access to the resources located
here:
~/Library/Containers/[bundleID]/Data
How does it work?
When a sandboxed app is used for the first time, macOS creates a Container folder.
The user that launched the app will have an individual container for that app, which
will simulate the user's home folder. macOS creates and maintains this separate
container folder for each sandboxed app used.
At the root of the Container folder, you will find the following items:
A property list file with the .plist extension, which contains the app
information.
A Data folder, which is the app's active container that simulates the user's
home folder.
Figure 8.2 – Containers
[ 332 ]
As you can see in Figure 8.2, in the Preview app container, there is the property list
file, Container.plist, and the Data folder, which includes the same folder
structure you would find in a user home folder: Desktop, Documents, Download,
Library, Movies, Music, and Pictures. All the folders with arrows in their icons
are actually aliases to the user's actual home folder. We learn about aliases later in this
chapter.
There are other types of containers called Group Containers, or shared app group
containers, used for resources intended for sharing; in other words, these folders
contain resources shared by apps. Developers of sandboxed apps can request these
group containers to be created by the system to facilitate app resource sharing. These
containers are located in the user's Library folder, inside a folder called Group
Containers:
Figure 8.3 – Group Containers
Similar to normal containers, when an app is first used, and requests access to shared
resources, macOS automatically creates the group container folder. These folders can
be recognized easily because they have a distinctive identifier, such as
"group.com.apple.notes," as seen in Figure 8.3.
Since 2012, all apps submitted by developers to the Mac App Store
must use sandboxing.
Now that you know the types of system resources macOS uses and how they are
organized and distributed into domains and containers for user experience and
system security, let's examine how to manage them.
[ 333 ]
Managing system resources

You will sometimes need to manage system resources for specific purposes, such as
troubleshooting or verification, or you might need to see a file hidden by default.
In this section, we will cover the following common topics you will typically deal
with as an administrator concerning managing system resources:
Uncovering hidden files and folders

Managing font resources
In the next section, we will see how to access or uncover hidden items or hide
resources you don't want to see or don't want others to see.

The Finder hides specific folders located at the root of the system volume for security
purposes or because users don't really need to see them regularly. Those hidden
folders contain resources needed for running macOS processes.
One of those hidden folders is the user's Library folder. If you need to see it, there
are temporary and permanent methods to access it, and we will look at them next.
More specifically, we will explore the following:
Accessing the Library folder temporarily

Accessing the Library folder permanently
Let's begin by exploring the first option.
[ 334 ]
Accessing the Library folder temporarily

If you want to access your user's Library folder exceptionally, these are the methods
you can use. They are as follows:
Through the Go menu in the Finder: This is perhaps the quickest way to access this
folder.
1. Hold down the Option key and select the Go menu in the Finder. The
Library folder option will then be revealed, as seen in Figure 8.4:
Figure 8.4 – Accessing the Library folder
[ 335 ]
Using the Go to Folder... option: This method requires that you enter the path to the
folder you are trying to access.
1. In the Finder menu, select the Go menu item, and select the Go to
Folder...option at the bottom (Figure 8.4).
2. A window will appear for you to enter a folder path. If you were trying to
access the user's Library folder, you would enter ~/Library. In this
case, ~/ is an abbreviated way to represent the current user's home folder,
so instead of writing the whole path to the current user's home folder, you
just type the tilde symbol.
3. As soon as you start to enter the first characters of the path, an
autocomplete feature will make suggestions, and you can just use the Tab
key to complete the rest of the path, as seen in Figure 8.5:
Figure 8.5 – Go to the folder menu
4. Click the Go button, and that's it!
This last method works for any hidden folder, provided that you
know the path, or at least the first part of the path.
Using Spotlight
Spotlight is one of the quickest ways to find anything on your Mac, including files
and folders. Just enter Library and you will be shown all the relevant results. The
problem is perhaps that you will be shown many results, and the Library folder
may not be among the results at the top of the list. If you scroll down, you will see the
folder results, as shown in Figure 8.6.
You can change how Spotlight shows results in the System

Preferences.
[ 336 ]
You will have to distinguish between the several Library folders available in your
filesystem:
Figure 8.6 – Spotlight results
Using Command + Shift + . (dot):
Another way to view hidden files in a folder is to use the Command + Shift + . (dot) key
combination. For example, open the Finder and select the root folder (Macintosh HD)
on the sidebar. Next, press the key combination indicated. You will see a screen
similar to the one in Figure 8.7:
Figure 8.7 – Unhiding files
[ 337 ]
To hide the files again, repeat the same key combination.
We have seen temporary ways to access the Library folder. In the next section, we
will explore the permanent methods.
Accessing the Library folder permanently

If you use this folder regularly, you can make it permanently visible. Follow these
steps to do that:
1. Open the Finder window and select the user's home folder. If it does not
show up, review Chapter 2, Installing and Configuring macOS.
2. With the user's home folder selected in the Finder's sidebar, go to the View
menu and choose Show View Options.
3. A window will appear. Make sure the Show Library Folder option is
checked. Once that is done, the Library folder will show in the user's
home folder in the Finder, as seen in Figure 8.8:
Figure 8.8 – Showing the Library folder permanently
[ 338 ]
Another method to access files and folders hidden by default by macOS is through
Terminal. You can even pick specific items to hide; perhaps a folder you don't want
anyone to see. If you want to see how to hide files and folders so that they won't be
visible in the Finder, see Chapter 16, Using the Command Line, for precise instructions
on using the command line for this purpose.
In this section, we saw how to access and uncover the Library folder. In the next
section, we will explore how to manage font resources.
Managing font resources

Managing fonts is a common task for both users and administrators. You will find
yourself frequently adding, deleting, and organizing fonts that you need available for
your apps. The actions we will explore in this section are the following:
Installing fonts
Font location preferences
Resolving duplicate fonts
Disabling/removing fonts
The main app used for managing fonts in macOS is Font Book. This app allows you
to install, enable, disable, and validate fonts, and organize them into collections. It can
also help identify duplicate fonts. Font Book can be found in the Applications
folder (Figure 8.9):
Figure 8.9 – Font Book
Once open, the left panel lets you select All Fonts or other collections. Selecting any
font in the list will show a preview, as seen in Figure 8.10 and Figure 8.12.
[ 339 ]
Any fonts that are available but have not been downloaded will appear grayed out.
To download them, just right-click on the dimmed font, and select Download
"[Font]" Family (Figure 8.10):
Figure 8.10 – Downloading a font
There are several methods to install fonts. We will explore them in the next section.
Installing fonts
Installing fonts can be done in the following ways.
Through the Finder: When you double-click a font you want to install in the Finder,
Font Book will open it and show a preview. At that point, you just need to click on the
Install Font button (Figure 8.11) so that Font Book validates and copies the font into
the font's folder in the user's library:
Figure 8.11 – Installing fonts
[ 340 ]
Through the Font Book app: There are a couple of ways to add fonts through the
Font Book app:
Open Font Book and drag the fonts to All Fonts.

Open Font Book and click the Add (+) button in the toolbar (Figure 8.12).
Next, browse to the font file to add it:
Figure 8.12 – Adding fonts
Dragging and dropping: Drag any font to the user's Library fonts folder (Figure
8.13):
Figure 8.13 – Dragging fonts
You might need to restart the system after the font is installed if it
doesn't appear in your app's font options.
[ 341 ]
Administrators can drag any font to the root Library fonts folder to make that font
available to all users. You can actually configure where the system will save fonts by
default; let's look at that next.
Font location preferences

If you are an administrator, you can configure the default location where Font Book
will save fonts through the Font Book preferences:
1. Open the Font Book app.

2. Select the Font Book menu and select Preferences.
3. In the dropdown next to Default Install Location (Figure 8.14), you can
select to install fonts in the user's Library folder (User), which means the
font will only be available to the current user, or in the local Library
folder (Computer), which means the font will be available to all users:
Figure 8.14 – Font location preferences
Since fonts can be placed in the various Library folders available in the macOS
filesystem, you might end up with duplicates. We will see next how to deal with
them.
[ 342 ]
Resolving duplicate fonts

There are several ways to resolve duplicate fonts:
You can check the box for Resolve duplicates by moving files to the Trash
in the Font Box preferences (Figure 8.14) if you want inactive copies of fonts
to go in the Trash.
When a duplicate font is selected in Font Book, you will see the Multiple
copies of this font are installed warning (Figure 8.15):
Figure 8.15 – Resolving font duplicates
At that moment, you can choose one of these two actions:
Resolve Automatically: The duplicate font will be disabled or moved to the

Trash if you configured that option in the Font Book preferences.
Resolve Manually...: A new screen will be presented so that you can verify
and decide what to do.
To identify duplicate fonts in Font Book, do the following:
1. Go to the Edit menu and then select Look for Enabled Duplicates... (Figure
8.16):
[ 343 ]
Figure 8.16 – Looking for font duplicates
2. Next, you can click Resolve Manually or Resolve Automatically (Figure

8.17) to remove the duplicates:
Figure 8.17 – Looking for font duplicates
Next, let's see how to disable or remove fonts that are duplicated or no longer needed.
[ 344 ]
Disabling/removing fonts
You can disable a font you don't use or no longer need:
1. In the Font Book app, select the font, right-click, and select Disable "[Font]"
Family, or deselect the box at the top, marked with a red circle in Figure
8.18:
Figure 8.18 – Disabling fonts
2. Disabled fonts appear grayed out. To re-enable them, just select the font,
right-click, and select Enable "[Font]" Family, or check the box at the top.
Removing fonts permanently
To remove a font permanently, select it from the list and press the Delete key. If you
are sure this is what you want to do, click Remove when you see the confirmation
prompt.
[ 345 ]
Removing a font installed for all users requires administrator privileges. Also, take
into account that, as mentioned earlier, fonts that are used by the system cannot be
removed as System Integrity Protection (SIP) prevents it. SIP is explained in detail in
Chapter 15, Managing Security in macOS.
Restoring the original fonts
You can restore macOS original fonts if needed. To do that, while in Font Book, go to
the File menu and select Restore Standard Fonts... You will need to authenticate as
an administrator to do that.
Take into account that restoring standard fonts will remove any
custom fonts installed. The removed fonts will be placed in the
Fonts (Removed) folder, next to the Library folder.
In this section, we learned how to manage system resources, including how to unhide
files and folders you might need to access and how to manage fonts.
Besides domains, sandboxing, and hiding files and folders, macOS uses another
method to organize and optimize the filesystem, called "shortcuts." There are a few
types of shortcuts used in macOS, and we will explore them in the next section of this
chapter.
Understanding shortcuts in macOS

Shortcuts are resources in macOS used to avoid duplicate resources and to organize
and optimize the filesystem. In the context of macOS, "shortcuts" means files that
point to other files or folders. macOS uses these shortcuts to point to a single item (the
original one) that needs to be in multiple locations instead of having multiple copies
of that same item. Knowing about shortcuts is important so that you know how to
locate the original items and perhaps create your own shortcuts to organize your
filesystem.
In this section, we will look at the following topics:
Types of shortcuts
Creating shortcuts
Let's start by looking at the types of shortcuts macOS uses.
[ 346 ]
Types of shortcuts
There are three types of primary filesystem shortcuts used in macOS:
Aliases
Symbolic links
Hard links
Let's explore in a little more detail how they are different from each other.
Aliases
Aliases are shortcuts that contain information that allows the system to know where
the original item is, even if it's renamed or moved, as long it is in the same original
volume. This is possible because of two important pieces of information the alias has:
the UID of the file it links to and the file's complete path. Therefore, we could say that
aliases are dynamic links that point to files and folders.
Aliases can be created through the Finder, but not from Terminal, and actually, they
won't be recognized in Terminal.
An alias can be identified in the Finder through the small arrow that appears in the
lower-left corner of the item's icon. In the example in Figure 8.19, all the folders with
arrows are aliases:
Figure 8.19 – Aliases
[ 347 ]
You can find out where that alias is pointing to through the Info window. Just select
the item and press Cmd + I. The Info window will tell you what kind of resource this
is, and you will see that it is indeed an alias (Figure 8.20) and where it points to. In the
example in Figure 8.20, this Desktop alias is pointing to
/Users/administrator/Desktop:
Figure 8.20 – Info window
Another way to locate the original item the alias is pointing to is to right-click on the
alias and choose Show Original from the contextual menu, which will take you to the
folder containing the original item.
Next, let's see another type of shortcut, the symbolic link, and how it is different
from an alias.
[ 348 ]
Symbolic links
Symbolic links, also known as "symlinks" or "soft links," come from UNIX system
design and can also be used in macOS. Both aliases and symbolic links are shortcuts
to an item, but they are not equal. We could think of symbolic links as advanced
aliases. Here are some of the differences from aliases:
Symbolic links don't only point to files and folders, as aliases do. They
work in all applications on the system, including Terminal.
Apps see symbolic links as if they were the same as the original item they
link to.
Contrary to aliases, symbolic links don't have UID information; therefore,
they can easily be broken if the item is changed. In fact, any change to a
symbolic link, such as renaming it or moving it to another location within
the volume, will break it.
Although the Finder can follow symbolic links, it cannot create them.
Symbolic links can only be created through Terminal.
When to use symbolic links instead of aliases
You would use symbolic links when you need to not only point to a folder or file but
also to have an app interpret the shortcut as if it were the actual file or folder. For
example, say an application has its files stored at /Applications, but you want its
directory to be stored in MyVolume/Applications. You can move the directory to
this last location and then create a symbolic link at/Applications pointing to
/MyVolumes/Applications. The application will try to access the directory at the
usual location, and it will be redirected by the symbolic link to the new location
where the directory actually is.
Finally, let's examine the last type of shortcut supported in macOS.
Hard links
Hard links also come from the UNIX system design. Like aliases and symbolic links,
they are also references to an item. But in this case, they are actual (additional)
references to an original item. Let's clarify what this means.
[ 349 ]
A normal file usually has two parts: the bits that make up the file's content, which is
usually stored in a physical disk, and the name that points to that content. If we
consider this, we could say that all files have at least one hard link or "name." In this
case, in macOS, hard links are "additional" references because it is like another hard
link or "name" pointing to the same bits. Therefore, a hard link is not a copy, is not an
alias, and is not a symbolic link; it is the same file but accessed via another address.
If this seems confusing, think about a single file with different names, but it is not a
duplicate; it is the same content, accessed through different names. Therefore,
removing a hard link will not remove the original item; it will only remove the hard
link or extra name:
In macOS, hard links are used for both files and folders, and they can only
be created through Terminal.
A good example of hard links in macOS is Time Machine backups, which
use hard links for items that haven't changed since the last backup, making
them an excellent way of saving space in the backup process.
Now that we understand the differences between the types of shortcuts used in
macOS and how they are used, let's see how we can manage them.
Creating shortcuts
In macOS, managing shortcuts of the "alias" type is very simple. They can be
managed from the Finder in most cases, but there are also other ways you can go
about it.
In this section, we will explore the different methods to create aliases. We will not
explore how to create symbolic links and hard links because they can only be created
in Terminal and are to be used by advanced users and/or administrators and are
beyond the scope of this book.
[ 350 ]
To create an alias in macOS, you can use any of the following methods:
Open the Finder, select the item you want to create an alias for, then go to
the Finder menu, click the File menu item, and select Make Alias, or right-
click the item and select Make Alias, as seen in Figure 8.21. Take into
account that creating some aliases will require administrator privileges:
Figure 8.21 – Creating aliases
Select the item in the Finder and select Make Alias from the action menu,
Figure 8.22 – Creating aliases with the Action menu
[ 351 ]
Drag the item to the new location while holding down the Option + Cmd
keys. In Figure 8.23, the Calculator app is dragged to the Desktop, creating
an alias for this app:
Figure 8.23 – Creating aliases by dragging
The last method is actually the only one that will not create the alias
with "alias" appended to the name.
And with this section, we have concluded the content for this chapter on system
resources and shortcuts. Be sure to check the following summary to recap what we
have learned in this part and to find out what comes next.
Summary
Having reached the end of this chapter, you now understand system resources and
the types macOS uses, such as extensions, frameworks, fonts, preference files, and
more. You also understand other methods macOS employs to keep the filesystem
clean, organized, and more secure, such as domains, sandboxing, and hidden items,
and you know of several methods to unhide items hidden by default. You can
manage the most familiar type of system resource for a standard user: fonts. You
discovered yet another method used for filesystem organization – shortcuts,
including aliases, symbolic links, and hard links, and their purpose. And you know
how to create your own aliases to organize your own filesystem.
In the next chapter, we will explore metadata in macOS, what it is used for, and how
to manage it. We will also look at handy tools for quickly and efficiently searching
and performing day-to-day tasks, such as Spotlight.
[ 352 ]
9
Understanding Metadata and
Searching
Metadata is pieces of information that help describe and identify content. Metadata is
important in every search system since it's this information that comes into play when
users search using the search tools and what can make their searches relevant and
satisfactory. In this chapter, you will learn what types of metadata macOS uses and
how it uses this metadata. You will also learn about the different search tools
available in macOS for efficient searching.
By the end of this chapter, you will be able to describe how macOS uses metadata and
the metadata resources available in macOS (such as tags) that you can use to organize
data and improve searching. You will use the Spotlight tool for efficient searching
and Siri to perform hands-free tasks and searches with the help of Apple's voice
recognition technology.
More specifically, the topics we will cover are the following:
Understanding metadata in macOS

Using macOS tags
macOS searching tools
Understanding Metadata and Searching Chapter 9

Understanding metadata in macOS

Metadata is bits of information about a file or folder used to describe data and stored
in a separate document. Types of metadata can be names, content type, origin,
creation date, modification date, ownership information, condition, and much more.
Simply put "metadata is data about data." This phrase has been around for a while and
it's an excellent, short way to describe what metadata is and what it does.
Metadata helps organize, locate, and manipulate data to make it easier to identify it
and find it. This metadata can be stored in several locations and various formats. It
can refer to any kind of information, such as documents, video files, images, sounds,
and so on.
In macOS, filesystem metadata is used mainly to locate and manipulate files.

Examples of filesystem metadata in macOS are file flags, extended file attributes (that
is, tags, comments, and file extensions), and permissions.
In this section, we will explore the most important types of metadata used in macOS.
Types of metadata available in macOS

There are several metadata types in macOS that serve different purposes, from
overriding permissions to letting you organize your data with flexibility and
convenience. Those metadata types are the following:
File flags
File system tags
The AppleDouble file format
Additional extended attributes
Let's explore in more detail what each of the preceding metadata types does in
macOS.
[ 354 ]
File flags
File flags are a remnant of the original macOS design and are used for additional
access control since they can override applied permissions. This means that if a file
flag that prohibits access is in place, access will be denied, regardless of the current
permissions. Common file flags are the locked flag and the hidden flag. As we saw
earlier, the locked flag can be activated from the Info window, and the hidden flag is
activated from Terminal.
We saw in detail how to manage the locked flag in Chapter 7, Understanding

Ownership and Permissions, if you would like to go back to review this.
Let's take a look at the next type of metadata: filesystem tags.
File system tags

Tags are a type of metadata known as macOS "extended attributes." They allow you
to "tag" an item with specific keywords to identify and organize items without having
to move them to special folders, or for quicky searching and finding those items,
regardless of where they are stored in your Mac, even if they are in iCloud. Since OS
X Mavericks, you can assign multiple tags and create custom colors and tag
keywords. In Figure 9.1, we can see an example of a tagged file in macOS:
Figure 9.1 – macOS tags
[ 355 ]
Some applications may not recognize tags if developers didn't

include them in their app development process.
The next type of metadata we will examine is the AppleDouble file format.
The AppleDouble file format

The AppleDouble file format is actually a flag that was implemented to deal with
resource forks. The problem was that other file systems, such as FAT, didn't know
what to make of the metadata attributes included with content since they are only
supported in volumes formatted with APFS or Mac OS Extended. The solution for
macOS (and OS X before that) was to store system metadata and extended attributes
in a separate, hidden file. But in certain file systems, such as FAT, Xsan volumes, and
NFS shares, a saved file containing metadata is split into two files with the same
name, but one of the files has a ._ at the beginning. I'm sure you have seen those files
before. Some file systems, such as Windows, now automatically hide those files so
that users don't get confused. But you can still see them in external disks as we see in
Figure 9.2:
Figure 9.2 – AppleDouble
There are additional extended attributes that are worth exploring since they can be
very useful as metadata. Let's explore them.
[ 356 ]
Additional extended attributes

There are other types of extended attributes in macOS, besides hidden and locked
flags, which help with file identification and searching. Some examples are Stationary
pad, the Hide extension option, and Comments.
You can manage them from the Inspector or Info window (Figure 9.3). We learned
how to use the Info window in Chapter 7, Understanding Ownership and Permissions,
if you would like to go back to review it:
Figure 9.3 – Additional extended attributes
[ 357 ]
Let's take a look at what they do briefly:
Stationary pad lets you use a file as if it were a template or stationary.

When the checkbox is selected, a new file will be created from that file, and
the one with the Stationary pad flag will remain unchanged (as long as the
flag is enabled).
When enabled, the Hide extension option prevents the file extension (such
as .jpeg or .pdf) from being shown.
The Comments attribute is also self-explanatory: you can add comments
that will be used as metadata and, therefore, they can be used for searching.
Now that you understand the types of metadata that are available in macOS, let's see
how to manage the ones that will be the most useful for users in regard to data
organization and searching purposes: tags.
Using macOS tags

macOS provides multiple easy ways to view tagged files, tag a file, and customize a
tag. You will find opportunities to manage tags practically all over the macOS
environment. macOS already comes with custom ready-to-use tags, such as color tags
and a list of common keyword tags, but you can also create your own as we will see
here.
In this section, we will learn about the following:
Viewing tagged items

Using tags
Creating tags
Deleting tags
Advanced tag management
Let's begin by exploring how to view tags.
[ 358 ]
Viewing tagged items

Tagged items can be viewed from many locations, including the following:
The Finder Sidebar: When you select a tag in the left sidebar, the files
tagged with that tag will appear in the right window, as shown in Figure
9.4:
Figure 9.4 – Viewing tagged files in the Finder
The Finder search box: When you enter a tag in the search box, you will be
able to select it from the search results, and appropriate tagged files will
appear, as seen in Figure 9.5:
Figure 9.5 – Viewing tagged files in the search box
[ 359 ]
Most Open or Save document dialogs: With an Open or Save document

dialog open, select a tag from the left sidebar or the top dropdown, as
Figure 9.6 – Viewing tagged files from Open or Save dialogs
Now that you know how to view tagged files, let's explore how to tag files.
Using tags
Tagging files is straightforward, and there are also multiple places where you can add
tags to a file.
Take into account that you can add one or more tags to a file. To do so, follow any of
these methods:
Right-click on a file you want to tag and select the tags from the contextual
menu. The selected tags will show a checkmark, as you can see in Figure
9.7:
[ 360 ]
Figure 9.7 – Tagging files
If you don't see the tags you want to use, right-click on a file and select
the Tags... option below the color tags (Figure 9.7). A prompt will appear,
and you can start typing any tag in the input box (Figure 9.8), or click Show
All... to see all the tags and select one from the list:
Figure 9.8 – Using multiple tags
[ 361 ]
You can also tag files from the Info window. Start typing any tag in the
input box or select Show All... to see all tags and select one from the list.
Now that you know how to tag a file with the built-in color tags or from the list of
common keywords, let's see how we can create our own custom tags.
Creating tags
Creating a new tag can also be done in multiple places. Basically, wherever you can
view tags, you will also be able to create custom tags. Let's see the main methods for
doing this.
Creating tags from the Finder

Let's see how to create tags from the Finder. Follow the steps given here:
1. Select a file in the Finder, right-click, and select Tags... from the contextual
menu (Figure 9.7).
2. Start typing the tag name you want to create next to the other tags. If the
tag does not exist in the list, you will see Create new tag "[tag
name]" (Figure 9.9).
3. Assign a color if you want, and press Enter:
Figure 9.9 – Creating tags from the Finder
[ 362 ]
Let's see how to create tags from a preview file in the next section.
Creating tags from a file preview

To create tags from a file preview, follow the steps given here:
1. Select a file in the Finder and select the Gallery view type from the icon
circled in red in Figure 9.10.
2. Scroll down the preview information to find the Tags section and click Add
Tag (Figure 9.10):
Figure 9.10 – Creating tags from the file preview
3. Follow the same procedure to add a new tag as explained in the previous
examples.
You can also create and/or assign tags in a similar manner in any document's Open or
Save As... dialogs.
You now know how to add tags, so let's learn how to delete them next.
[ 363 ]
Deleting tags
Follow these steps to delete or remove a tag with the Finder.
To remove a tag from a file, do the following:
1. Right-click on a file and select the Tags... option below the color tags
(Figure 9.7).
2. Position the cursor next to the tag you want to delete (Figure 9.8) and press
the Delete key.
To remove a tag permanently, do the following:
1. Open the Finder, and right-click on a tag you want to remove from the
sidebar, as shown in Figure 9.11.
2. Select Remove from Sidebar or Delete Tag "[tag name]"... if you want to
delete it permanently:
Figure 9.11 – Deleting/removing tags
Note that you can also rename a tag using this method.
You now know how to create and delete tags, but there's an advanced method to
manage tags, and we will see it next.
[ 364 ]
Advanced tag management

This method provides you with a more advanced way to manage tags, including
adding, deleting, customizing, and organizing tags. To use this method, follow these
steps:
1. Go to the top menu of the Finder.

2. Select Preferences and then select the Tags tab, as shown in Figure 9.12:
Figure 9.12 – Managing tags from the Finder preferences
[ 365 ]
You can do the following:
Arrange tags by dragging and dropping them into place.

Select your favorite tags by dragging them to the Favorite Tags window.
Add or delete tags with the Add (+) and Delete (-) buttons
Select which tags you want to see in the sidebar.
You can also change the color of the selected tag in the preceding window. Just right-
click on the tag and select any color you want to assign to it.
Now that we have learned how to view, use, create, and delete tags that help you
identify and organize your files, you will see how to perform powerful searches in the
next section about macOS searching tools.
macOS searching tools

Efficient searching is an important feature in any system. You will spend many hours
of your computer time searching for files, folders, and other resources. macOS offers
advanced technologies for the best searching user experience. In this section, we will
explore the main tools macOS offers:
Using Spotlight
Using Siri
Let's explore Spotlight first.
Using Spotlight
Spotlight is an advanced macOS autocomplete search technology service. This
service uses metadata to create index databases that enable you to perform instant
and relevant searches. With Spotlight, you can find files, apps, images, and virtually
anything you are looking for.
[ 366 ]
Spotlight lets you search metadata such as filenames, file flags (such as locked files,
keywords in comments, and more), modification dates, tags, file content, and other
information stored in files such as images and movies (for example, camera
manufacturer).
Spotlight has sort of evolved into a search engine since it searches not only in the local
macOS filesystem volume, Time Machine backups, and iCloud drive, but also in
shared files on other Mac clients, servers, and disks shared via AirPort Wi-Fi access
points. Since OS X Yosemite, the Spotlight service also suggests results from other
locations, such as the web, the App Store, Maps, and more.
Spotlight's suggested results are called Spotlight Suggestions, and they are an
intelligent combination of usage history, location, and authorized user information to
provide accurate and relevant results.
To use Spotlight, just click on the magnifying glass in the upper-right corner of your
Mac, as shown in Figure 9.13:
Figure 9.13 – Using Spotlight
[ 367 ]
Actually, Spotlight is the quickest way to open an app, as we can see in the following
example. As soon as you start typing the app name, the autocomplete function will
show you the relevant results, with the TOP HITS at the beginning, as shown in
Figure 9.14:
Figure 9.14 – Spotlight top hits
Notice that the preceding results include definitions, documents, folders, and more.
But you can configure how the results are shown through the Spotlight preferences.
[ 368 ]
Follow these steps to do that:
1. Open System Preferences, and click on the Spotlight pane.

2. In the Search Results tab, you can select categories of information you
want to include or exclude from your searches so that you get more
relevant results (Figure 9.15):
Figure 9.15 – Spotlight preferences
[ 369 ]
3. In the Privacy tab, you can tell Spotlight which locations, such as folders or
volumes, you want to exclude from searches using the Add (+) and Delete
(-) buttons, as shown in Figure 9.16:
Figure 9.16 – Spotlight privacy preferences
[ 370 ]
4. You can also click the Keyboard Shortcuts... button, which will take you to
the Keyboard preferences where you can configure key combinations for
frequent searches (Figure 9.17):
Figure 9.17 – Spotlight keyboard shortcuts
Besides searching, you can use Spotlight for other useful tasks, such as performing
calculations and market-based currency conversions.
[ 371 ]
For example, to perform a currency conversion, we type 150 CAD, and we obtain the
conversion to popular currencies, as seen in Figure 9.18. This feature works with any
conversion type you want to attempt, such as longitude, volume, and so on:
Figure 9.18 – Spotlight conversions
To perform a calculation, just type in the operation, as shown in Figure 9.19:
Figure 9.19 – Spotlight calculator operations
Now that you know what a practical and useful tool Spotlight is, let's see another
equally useful tool in the next section: Siri.
Using Siri
Apple defines Siri as "an intelligent assistant that offers a faster, easier way to get
things done." Siri is Apple's voice recognition technology tool for hands-free tasks,
and it can be used on Mac models from 2018 and later.
[ 372 ]
Siri has many capabilities, but the most important ones are listed here:
Making calls and sending texts

Making proactive suggestions based on your routine and your information,
such as sending a message or calling a colleague because you will probably
be late for a meeting, or reminding you of important calls
Performing everyday tasks, such as setting alarms, timers, and reminders,
getting directions, and viewing your calendar
Searching and playing the music you want
Controlling home appliances
Answering all kinds of questions
Searching for all kinds of information, such as files, and even where your
car is parked
Using shortcuts for routine tasks to do things even faster
Follow these steps to activate Siri:
1. Unless you disabled it during macOS installation, Siri is enabled by

default.
2. If it's not, open System Preferences and click the Siri icon.
3. Make sure Enable Ask Siri is activated, as well as Listen for "Hey Siri", if
you want Siri to activate every time you use that phrase (Figure 9.20):
Figure 9.20 – Enabling Siri
[ 373 ]
Follow these steps to use Siri:
1. Just say "Hey Siri," then make your request, or press the Siri button at the
top right of your Mac screen. At that moment, Siri will start listening, and
you can make your request while holding down the button (Figure 9.21):
Figure 9.21 – Using Siri
2. Siri will stop listening to your request when you release the button.
If you don't issue a voice command, Siri will show you suggestions for voice
commands you can use for specific apps, such as Finder, System Preferences, and so
on, as shown in Figure 9.22:
Figure 9.22 – Siri voice command suggestions
[ 374 ]
If you double-click on the arrow next to any of the options on the list (the Finder, for
example), you will see more examples of phrases you can use, such as "Open my
Expenses folder", as seen in Figure 9.23:
Figure 9.23 – Siri suggested voice commands
You can visit this link if you would like to learn more about How to
use Siri on your Mac: https://support.apple.com/HT206993.
And with this, we have reached the end of this chapter on metadata and searching.
Make sure to check the following summary to recap what we have learned.
[ 375 ]
Summary
In this chapter, you learned how macOS uses metadata and about the types of
metadata available; namely, file flags, filesystem tags, AppleDouble, and additional
extended attributes, such as the stationary pad and the locked attribute. You also
learned how to manage tags to identify and organize your files. You learned about
the macOS searching tools, such as Spotlight, for efficient and fast searching, as well
as other practical tasks, such as calculations and currency conversions. Finally, you
learned how to use Apple's voice recognition technology with Siri for the same
purpose, in addition to assisting you with common daily tasks.
You are now fully equipped to use the types of metadata and search tools macOS
offers and configure and manage them to improve the user experience for resource
organization and searching.
In the next chapter, we will learn all about managing apps and documents.
[ 376 ]
10
Managing Apps and
Documents
As a macOS user or administrator, you will spend a lot of time managing apps and
documents. Therefore, you must familiarize yourself with the tools and features
macOS offers to facilitate those tasks. In this chapter, you will explore how apps work
in macOS, how to use the App Store, how to install and manage apps and app
extensions, how to share apps with family members, and how to use the features that
macOS provides to manage documents on the spot. By the end of this chapter, you
will be able to use all these features to work with apps and documents quickly and
efficiently.
More specifically, the following topics will be covered in this chapter:
Understanding apps in macOS

Using the App Store
Installing and managing apps
Managing app extensions
Sharing apps
Managing documents

Managing Apps and Documents Chapter 10
Understanding apps in macOS

macOS benefits from a large and thriving community of developers. Most popular
applications are available in versions for macOS and can be downloaded from the
App Store or directly from the developer's website. As for the software that is still not
available for macOS, you have alternatives as well. You can either use the built-in
Boot Camp tool, which allows you to install and use Windows on Mac, or you can
also use third-party alternatives, such as Parallels Desktop, which allows you to have
a fully integrated virtual machine for using Windows on Mac without even having to
leave your current user session. We will also explore the current state of macOS's app
compatibility with 32- and 64-bit apps, Universal apps, and iOS apps.
To use apps in macOS, we need to know the types of apps that macOS supports, and
we will talk about them in the following sections of this chapter. More specifically, we
will cover the following:
Supported macOS environments

App compatibility
Let's begin by exploring the app environments that macOS supports.
Supported macOS environments

The primary application environments or frameworks supported by macOS fall into
one of the following development categories:
Native macOS
Universal macOS binary
Unix-based
Open source
Let's briefly describe each of these categories.
[ 378 ]
Native macOS
Native macOS applications are developed in high-level application environments.
Cocoa and Java are the most commonly used programming interfaces for bringing
applications into macOS. Carbon was also used until some time ago, but because of
its limitations with recently implemented features in OS X and macOS, it is officially
deprecated, and Apple no longer recommends its use for app development. Apps
developed with Carbon are considered legacy apps.
If you are (or plan to become) a developer, it is the style of your app that will
determine what you should use as your core objects for its implementation. Apple
developers have been developing native apps using the Cocoa framework, an object-
oriented framework that supports the creation of single-window and multi-window
apps, and the Swift programming language for some time now. With Cocoa, apps can
have the following styles:
Single-window utility app: A good example of this type of app is the

calculator.
Single-window library-style app: A good example of this type of app is
the iPhoto app, which has only one window. From that single window, the
user interacts with its collection or library of items.
Multi-window document-based app: A good example of this is the Text
Edit app, which uses a separate window for every document you open.
No matter which type of style you choose, all apps use the same core set of
objects: model, view, and controller. Cocoa provides the default behavior for most of
these objects.
If you are interested in developing apps for macOS and wish to

know more about app development in Cocoa, I recommend that you
visit the Apple Developer website: https://developer.apple.com/
library/archive/documentation/General/Conceptual/
MOSXAppProgrammingGuide/CoreAppDesign/CoreAppDesign.html.
However, bear in mind that Apple announced the introduction of a new framework
called SwiftUI, specially created for Swift, since the Cocoa framework was created to
work with Objective C. This created problems for developers. SwiftUI is a declarative
way of declaring user interfaces for any Apple platform. Although it is still relatively
new, it is clear that SwiftUI will grow and improve to become the main means of
developing apps for Apple devices very soon.
[ 379 ]
You can find more information about SwiftUI here: https://

developer.apple.com/tutorials/SwiftUI.
The preferred integrated development environment (IDE) for writing the code for
your Apple apps is Xcode, which is integrated with the Cocoa and Cocoa Touch
frameworks and supports the development of apps for all of Apple's devices: Mac,
Apple Watch, iPhone, iPad, and so on. The programming language that is most
widely used in Xcode is Swift, but you can use other languages, such as Objective C,
C++, and Python. XCode now supports SwiftUI as well.
To learn more about Xcode, including step-by-step guides, you can

visit the official Xcode site at https://developer.apple.com/xcode/
.
The other native app development environment we mentioned is Java, which is used
to create cross-platform applications. Java applications work in macOS by installing
the Java Runtime Environment (JRE). In macOS, you are prompted to download and
install the latest Java runtime directly from Oracle's site. If you need Java, in general,
you should download the latest Java version for macOS directly from this link:
https://www.java.com.
If you need to use legacy applications that require the older Java SE 6 runtime, you
can go to this link and install Java for macOS 2017-001 (https://support.apple.com/
kb/DL1572). This package installs the legacy Java SE 6 runtime for macOS 10.13 High
Sierra, macOS 10.12 Sierra, macOS 10.11 El Capitan, macOS 10.10 Yosemite, macOS
10.9 Mavericks, macOS 10.8 Mountain Lion, and macOS 10.7 Lion. This package is
only intended to support legacy applications. Otherwise, you should keep your
software up to date by installing the latest Java version, as indicated here.
Once you've installed Java, you will be able to examine and customize some settings
through the Java icon that will appear in System Preferences, as shown in the
following screenshot:
[ 380 ]
Figure 10.1 – Java in macOS
A separate panel will open, where you will be able to see all the available options for
Java, as well as find out which version you have installed:
Figure 10.2 – Java preferences
[ 381 ]
In the next section, we will explore macOS apps that run natively on both Apple
silicon and Intel-based Macs.
Universal macOS binary

Developers can now create apps that run natively on both Macs with the Apple M1
silicon chip, as well as on Intel Macs. A universal binary contains executable code for
both architectures. Actually, it is now recommended by Apple that all developers
convert their compiled code into universal binaries that include executables for both
64-bit Intel and the arm64 architecture.
To update their code, developers can use Xcode 12.2 and later.
For more information on universal binaries, visit this link: https://

developer.apple.com/documentation/xcode/building_a_
universal_macos_binary.
Now, let's explore the other supported environment in macOS: Unix.
Unix-based
macOS is compatible with most Unix software. However, Unix apps can only be
accessed via Terminal. There is an open-source project called XQuartz, which
developed a tool similar to the X.org X Window System, also known as X, a
windowing system that provides the basic framework for a GUI environment, which
is common in Unix systems. This version for Mac that's supported by Apple even
came included in OS X at some point, but no longer is. If you wish to try it out, you
will need to install it from the development site at www.xquartz.org. You could also
search for other similar third-party solutions for Unix apps on macOS.
Finally, let's talk about open source.
[ 382 ]
Open source
Apple supports and encourages open source development, and it contributes to many
projects of that type, such as the Swift programming language. If you would like to
know more about these projects, you can visit the open source page on the Apple
Developer site (https://developer.apple.com/opensource/). You can also visit the
Mac Ports page (https://www.macports.org/), an open source community for
designing, compiling, installing, and upgrading either command-line, X11, or Aqua-
based open source software on the Mac operating system.
And with that information on supported macOS environments, you now have an idea
of the potential of macOS apps. The next section will cover an important change in
the compatibility of certain apps with macOS; namely, 32-bit apps.
App compatibility
App compatibility has gone through great improvements as Macs add new
technology and new macOS versions are released. In this section, we will look at the
current state of app compatibility with macOS and with Macs with the M1 silicon
chip. The topics we will explore are as follows:
Compatibility with 32- and 64-bit apps

Universal and Intel apps
iOS/iPadOS apps in Mac (Apple silicon only)
Let's start by exploring compatibility.
Compatibility with 32- and 64-bit apps

32-bit apps were the standard when there were 32-bit processors and 32-bit operating
systems, but 32-bit apps are a thing of the past: it is an outdated technology. Today,
64-bit mode processes can perform high-precision functions faster and constitute the
standard for app development. 64-bit apps offer the benefit of more memory and
better performance.
macOS has been using 64-bit processing since Snow Leopard (2009), and although
macOS still offers support for 32-bit legacy apps, it has been encouraging developers
to transition to 64-bit for a long time to ensure that their apps take advantage of the
latest macOS features and optimizations. For example, recently introduced Apple
technologies, such as Metal graphics acceleration, only work with 64-bit apps.
[ 383 ]
This is also the reason why, when you launch a 32-bit app in macOS Mojave, an alert
appears, warning you that the app has not been optimized for Mac. An alert also
appears if you are trying to install a 32-bit app.
Starting with macOS Catalina, 32-bit apps are no longer compatible with macOS. You
can still run your 32-bit apps in older versions of macOS. So, be sure to update your
apps or contact the developer to enquire as to when they will provide a 64-bit
version.
Universal and Intel apps

All Mac apps must now be of the Universal kind, which run natively on Macs with the
Apple M1 silicon chip. Apps that have been created for Macs with an Intel processor
and have not been updated to Universal yet will require the Rosetta 2 translation
layer technology to run in Macs with the M1 chip.
If you are not sure whether your app is universal or Intel, you can do the following to
find out:
1. Go to the Apple menu ( ).

2. Select About This Mac.
3. Click on System Report.
4. Scroll down to Software on the sidebar.
5. Select Applications.
6. Check the list on the right-hand side. You will be able to verify whether the
app is Universal or Intel:
[ 384 ]
Figure 10.3 – App compatibility
You can also ascertain whether an app is Universal through the Info window:
1. Open the Applications folder.

2. Select the app you want to obtain information for.
[ 385 ]
3. Right-click on the app and select Get Info.

4. You will see the information next to Kind, as shown in the following
screenshot:
Figure 10.4 – Universal app
If you have a Mac with the Apple M1 silicon chip, you may be asked to install Rosetta
to open apps that are not yet Universal. When you see the prompt, click on the Install
button:
[ 386 ]
Figure 10.5 – Installing Rosetta
And that's it! Rosetta will run in the background; there is nothing else you need to do
to use an app that is not yet Universal. Just open the app normally.
iOS and iPadOS apps (Apple M1 silicon)

Macs with the Apple M1 silicon chip can run iOS and iPadOS apps because they
share the same arm64 architecture. We will learn how to install iOS and iPadOS
apps in the Installing apps from the App Store section.
In this section, you learned which frameworks are supported on macOS so that you
know which types of apps can be developed on the respective system. You also
learned what 32- and 64-bit apps are, the status of compatibility of macOS with 32-bit
apps, and what to do in the case of an incompatible app. At the same time, we learned
how to run apps that are not yet of the Universal kind and optimized for Macs with
the Apple M1 silicon chip. Finally, we learned how Macs with the Apple M1 silicon
chip can even run iOS apps. We can now move on to learn how to use the App Store
to download and install apps.
[ 387 ]
Using the App Store

The App Store provides a single interface platform for finding, downloading, and
installing apps for Mac, iPhone, iPad, iPod touch, and Apple TV. This
platform, available since OS X Snow Leopard (10.6.6), is very user-friendly since you
don't need to enter license numbers or go through activation processes. At the same
time, it is the most secure way to install apps since Apple reviews each app before it
can be made available for download in the App Store.
The App Store also has an education program called the Apple School Manager
(www.school.apple.com/), through which Apple helps schools obtain access to and
experience Apple's technologies. In addition, there is a business program called Apple
Business Manager (www.apple.com/business/it) that helps enterprises adopt Mac and
helps employees make the most of those technologies. Both programs allow
businesses and educational organizations to acquire multiple licenses for App Store
software.
If you are an individual user, you need an Apple ID to install apps from the App
Store. In the next section, you will learn how the App Store works with your Apple
ID to provide you with a seamless app installation experience.
The App Store and your Apple ID

To install free or paid apps from the App Store, you need an Apple ID. If you don't
have an Apple ID, you will learn how to create one easily in this section. More
specifically, we will look at the following topics:
Logging in to the App Store

Creating an Apple ID
Creating an Apple ID without a payment method
Managing your account
Let's explore how to log in to the App Store.
Logging in to the App Store

You can find the App Store in the Applications folder, in the Dock, or you can use
the Spotlight to find it quickly. Although you don't need an Apple ID to browse
available apps, you do need it to download or purchase an app.
[ 388 ]
The first time you access the App Store, you will see the Discover page. Here, you
will be able to browse categories and apps or use the search field to look for a specific
app without signing in. However, you will need an Apple ID to install an app and
view your purchases and history.
The following screenshot contains different icons that appear next to the apps:
If you have already downloaded the app in the past with this Apple ID but
not on this machine, a cloud download icon will appear.
If you didn't download the app, you will see a GET button.
If you have downloaded the app to this machine, you will see an OPEN
button. Here, you can see that there is a download icon for the iMovie app,
which means it was downloaded in the past with this account, and an
OPEN button for the Pages app, which means that it has already been
downloaded and installed on this Mac:
Figure 10.6 – App Store
[ 389 ]
If you attempt to download an app, the following will happen:
1. You will be asked to sign in. If you don't have an Apple ID, don't worry;
creating one is easy, and we'll cover this shortly. If you have an Apple ID,
enter it, enter your password, and then click Sign In.
2. If you have two-factor authentication turned on, you will need to enter the
code from your second-factor device to enable your Apple ID on your Mac.
3. And that's it! With the Apple ID set up, you are ready to download apps.
When your Apple ID has not been used with the App Store previously, the following
will happen:
1. You will be prompted to review your information.

2. Then, you will need to enter your contact information and your payment
method.
3. Once your information has been reviewed and corrected if necessary, you
will be ready to download an app.
If you can't make purchases or update apps (including free apps),

you will probably have to update your payment method or add a
new one.
If you don't have an Apple ID, you can easily create one. We will do this in the next
section.
Creating an Apple ID
You can create an Apple ID through one of the following methods:
On your Mac, iPhone, iPad, or iPod touch through the App Store
On a PC through iTunes for Windows
On the Apple ID web page (appleid.apple.com), from any device with
browser support
[ 390 ]
To create an Apple ID, you would normally need to provide a payment method. At
the time of writing this book, the accepted methods are as follows:
Most major credit and debit cards

Apple Pay (if available)
Store credit (gift cards or using funds that have been added to your Apple
ID)
There are country/region-specific payment methods that you can

review at this link: https://support.apple.com/en-us/
HT202631#methods.
Now, let's examine the process of creating an Apple ID through the App Store:
1. Open the App Store and find a free app you would like to download.
2. Click on the GET button.
3. When you click the button, it will turn green and change to INSTALL, as
shown in the following screenshot. Click that button:
Figure 10.7 – Installing from the App Store
[ 391 ]
4. When you're asked to sign in, click the Create Apple ID button, as shown
here:
Figure 10.8 – Creating an Apple ID
5. Next, enter an email and password, select your country, check the Terms
and Conditions box, and then click Continue:
Figure 10.9 – Entering your email and password
6. Enter your name, date of birth, select your security questions, and then
click Continue.
7. Next, provide a payment method and billing address and click Continue:
[ 392 ]
Figure 10.10 – Payment method and billing address
8. An email will be sent to the email provided, which will include a

verification code that you have to enter here:
Figure 10.11 – Verifying your Apple ID
9. And that's it! As soon as you enter the correct code, you will see a message
indicating that this Apple ID can be used to access all Apple services on
this Mac.
If you only want to install a free app and don't wish to enter payment information,
there is a way to create an account without providing a payment method.
[ 393 ]
If you are using an existing Apple ID, you might be able to remove the payment
method you provided when you sign into the App Store, iTunes Store, or Apple
Books. However, you will need to provide one when you make a purchase. If you
cannot remove your payment methods, see the next section, where we'll explain why
that can happen.
Creating an Apple ID without a payment method

You can create an Apple ID without having to provide a payment method on the App
Store on your iPhone, iPad, or iPod touch, or on a Mac or PC (iTunes for Windows).
Let's see how that works in the App Store:
1. Follow the same process described in the previous section for creating an
Apple ID up to Step 7.
2. When you arrive at the window where you have to enter your payment
information, choose None (Figure 10.10).
3. Enter your billing address, even if you selected None; otherwise, you will
not be able to proceed.
4. Next, you might be asked to provide and verify a phone number if you're
eligible to use two-factor authentication.
5. Continue with Step 8 in the previous section to complete this process.
In some cases, the None option will not appear, or you may not be able to remove a
payment method from your App Store account. There could be several reasons for
that, including the following:
If you're using an existing Apple ID with the App Store or iTunes for the
first time, you will need to provide a payment method.
If you have active subscriptions in that Apple ID, you need to have at least
one valid payment method on file. If you want to remove your payment
method despite the subscriptions, you will need to cancel the subscriptions
first and then try again to remove it.
If you have Family Sharing set up, and you are the family organizer, you
must have at least one valid payment method. If you would like to remove
the payment method anyway, you should turn off purchase sharing first.
We'll explain how to do this in the Sharing apps section, later in this chapter.
[ 394 ]
You must have a payment method valid in the country or region where
you are physically located. Try changing an existing Apple ID to the
country or region you are in (if you moved or are traveling, for
example). You might be able to remove the payment method once you have
changed your country or region.
You won't be able to remove a payment method if you have a pending
charge. As soon as the balance is paid, you will be able to remove it.
Now that you know how to create an Apple ID from the App Store, you will learn
how to manage your account.
Managing your account

Once you have created your Apple ID, you can do the following to manage your
account (what you see may vary, depending on the macOS version you have
installed; this is what you will see on macOS Big Sur):
1. Click on your name that appears in the bottom-left corner, as shown in the
following screenshot.
2. You will see your purchased apps and links labeled View Information and
Redeem Gift Card:
Figure 10.12 – Accessing your account
3. If you click on View Information, you will be asked to sign in with your
Apple ID. Enter your Apple ID and password, and then click Sign In.
[ 395 ]
4. Here, you will be able to make any desired changes to your account. You
will notice that the Payment Information field indicates No credit card on
file since we created this Apple ID without a payment method. You will be
able to add a payment method here in the future if you want to download
paid apps:
Figure 10.13 – Verifying your account details
In this section, you discovered how easy it is to use the App Store and log in with an
Apple ID. You also learned how to create an Apple ID to be used with the App Store,
with or without a payment method set up. You will now be able to sign in, manage
your account, and start installing your favorite apps. There are several methods for
installing apps, and that is what we will cover next.
Installing and managing apps

Installing and managing apps is a common task for administrators and users.
Therefore, you need to know all the available methods as well as the related tasks,
such as updating and uninstalling, in order to perform these actions effectively and
provide support to other users. These are the topics that we will cover in this section:
Installing apps
Examining packages and bundles
Updating apps
[ 396 ]
Uninstalling apps
Exploring installed apps and app preference files
Monitoring open processes and apps
Let's start by learning about the methods for installing apps on macOS.
Installing apps
By default, macOS allows you to install apps using two main paths:
The App Store

Other traditional installation methods
The first option is the (default) recommended option for app installation in macOS.
We will examine both paths in the following section.
Installing from the App Store

Since OS X 10.9 Mavericks and later, administration privileges are not required to
install apps from the App Store. This means that anyone with a user account and an
Apple ID can install or purchase apps on your Mac. If you want to restrict this
behavior, you can disable the App Store for standard accounts through Screen Time.
We covered Screen Time in Chapter 4, User Accounts Management.
To install apps from the App Store, the following are required:
OS X Snow Leopard (version 10.6.6) or later

An Apple ID
A good internet connection (some apps can be several GB in size)
Installing apps from the App Store is straightforward. Just follow these simple steps:
1. Open the App Store.

2. Look for the app you want to install and click on the app's name to go to
the app details page.
[ 397 ]
3. If the app is free, you will see a GET button, as shown in the following
screenshot. If it's not free, you will see the price instead. If you scroll down,
you will find information about the app's version, download size,
developer, the app description, and screenshots, if available:
Figure 10.14 – The app details page
4. When you're ready to install, click the GET button to download it (or the
price button to purchase it).
5. The GET button will change to INSTALL. Click it to install the app.
6. You may be asked to sign in again.
7. The first time you download an app, you might be able to tell the system
that a password is to always be required, never, or after 15 minutes, as
shown in the following screenshot. You can change this setting later on
from the Security & Privacy preferences in System Preferences, via the
General tab:
Figure 10.15 – Password for additional purchases
8. The app download will start immediately, and it will be saved directly in
the Applications folder in the root system volume by default (usually
Macintosh HD).
[ 398 ]
9. You will be able to monitor the app download progress in several locations,
including the Purchase page of the App Store, the Launchpad, and the
Finder. Here, we can see the download's progress in the Launchpad:
Figure 10.16 – Monitoring app downloads
In the next section, we will learn how to install iOS and iPadOS apps from the App
Store for Macs with the Apple M1 silicon chip.
Installing iOS and iPadOS apps (Apple M1 silicon)

As we mentioned earlier, Macs with the Apple M1 silicon chip can run iOS and
iPadOS apps. There might be more than a few methods to install these apps. Here, we
will describe two methods of using the App Store:
You can download apps you have previously purchased on your iPhone
and iPad, which are linked to your Mac with the same Apple ID.
You can search for apps.
Perform the following steps to use the first method:
1. Open the App Store.

2. Click on your profile tab in the lower-left corner (Figure 10.12).
3. Below Account, select iPhone & iPad Apps.
4. Install the app you want, just like any other app.
5. Once installed, open the app as you would any other app.
[ 399 ]
Perform the following steps to use the second method:
1. Go to the official website of the app you want to download.

2. Click the download link, which will normally launch the App Store.
3. Install the app, as indicated previously.
In this section, we saw how easy it is to install apps using the App Store, including
iOS and iPadOS apps, if you have a Mac with Apple silicon. Next, we will look at the
other installation methods that are available.
Other installation methods

The second path for app installation is done through other installation methods,
normally from trusted developers. This is to protect you from unknown and
potentially harmful apps.
When installing apps that are not in the App Store, the installation method will
depend on the app developer. In general, installations are done using one of the two
following methods:
Drag and drop

Installation packages
Let's review briefly how these two methods work.
Drag and drop

Although a drag and drop application will normally come with instructions for you
to drop it in the Applications folder in the root system volume (usually Macintosh
HD), although not recommended, technically, you could drop the app anywhere. As
we saw in Chapter 6, The macOS File System: Disks, Volumes, and Partitions, you can
create your own Applications folder in your home folder and drag the application
there. The system recognizes this folder, and it will make the application available
just for you, as opposed to all users on the Mac.
For example, this application comes with instructions to drop the app in
the Applications folder:
[ 400 ]
Figure 10.17 – Drag and drop installation
As we mentioned earlier, only apps that have been installed from the App Store can
be installed by anyone. If you are installing through any other method, you will be
asked to authenticate as an administrator.
Let's examine another method for installing apps in macOS through packages.
Using packages
Custom packages using native installation assets will have the .pkg or .mpkg
filename extension. Non-native installers will have the .app extension. Installing
these packages will also require administrative privileges.
Perform the following steps to install a package:
1. Double-click the installer package.

2. You will be asked for permission to access the required folders, as shown
here:
Figure 10.18 – Installer permission
[ 401 ]
3. The package might run a compatibility verification to determine whether it

can be installed on this Mac.
4. If the software is compatible, you will see a custom installer open, as shown
in the following screenshot. Observe the instructions to complete the
installation:
Figure 10.19 – Custom package installation
5. That's it! You have successfully installed an app using a custom package.
As you can see, installing an app with any of the two methods is very user-friendly.
However, bear in mind that applications that are not in the App Store or are
identified as being from "unknown developers" are subject to security measures
implemented by macOS. However, if you are sure that an app from an unknown
developer is secure and you wish to install it anyway, you can override this default
behavior. We will examine the security measures that macOS implements and how to
override them in Chapter 15, Managing Security in macOS.
When you install packages, you might want to see what is inside them. There is
actually a way to examine those packages, as we will see next.
[ 402 ]
Examining packages and bundles

App installers can come in packages or bundles, and although both could be confused
as being the same, they are not. A package is presented to the user as a single file,
while a bundle is a folder that has a hierarchical structure containing executable code
and the resources needed by that code in order for the application to run.
After downloading a package, you can examine its contents through the Finder:
1. With the package selected, right-click and select Show Package Contents,
Figure 10.20 – Examining packages
[ 403 ]
2. Next, you will be able to browse the files the package contains as you
would any normal folder, as shown in the following screenshot:
Figure 10.21 – Examining package contents
In this section, we saw the app installation options for macOS. Next, we will look at a
task you will deal with afterward: how to update your installed apps.
Updating apps
In the previous sections, we learned how to install apps in different ways. The options
to update them are as follows:
The App Store

Automatic updates
Manual updates
Let's review each of these methods next.
App Store
This method is for apps that have been installed via the App Store. When there is an
update available, a red number appears in the App Store icon, signaling the number
of updates available. Just click on the icon, and you will be taken to the App Store
Updates tab to apply those updates.
Automatic updates
You can configure how updates are automatically downloaded or installed without
the need to do anything. We learned how to configure this option in detail in the
Upgrading macOS section in Chapter 2, Installing and Configuring macOS.
[ 404 ]
Manual updates
For apps installed through the App Store, you can manually verify whether there are
any updates available directly in the Updates section of the App Store, which is
located on the left-hand side menu. You can also find and manually download all
Apple software updates at this link: www.support.apple.com/downloads.
For apps that have not been installed through the App Store, you will have to
manually verify this in the app itself (usually through their Help menus) or through
the developer's website. Some applications have notification systems to communicate
with you regarding updates through other means, such as email.
Besides installing and updating, another common action you might want to perform
is to uninstall an app, which is what we will learn how to do in the next section.
Uninstalling apps
Users who are not used to Macs find that uninstalling apps on macOS is so easy that
it seems they must be doing something wrong. This is because they are not used to
Mac's app development model, which is different from other operating systems.
Uninstalling apps in macOS can be achieved through any of these three
straightforward methods:
Through the Launchpad

By dragging an app to the Trash
Through an uninstaller package
Let's take a look at how to use these methods.
Launchpad
This option only works for apps that have been downloaded from the App Store.
Perform the following steps to use it:
1. Open the Launchpad from the Applications folder, or click on it from the
Dock if you have it there.
2. Click and hold on the app you want to uninstall until you see the icons
begin to bounce and an X appear at the top-left of the icon, as shown in
Figure 10.22.
[ 405 ]
3. Click on the X icon of the app you want to remove:
Figure 10.22 – Uninstalling apps from the Launchpad
4. You will see a warning asking you if you are sure you want to remove the
app. Click Delete if you are sure.
5. You might have to authenticate as an administrator to proceed.
If the app does not have an X on the icon, this means it was probably
not installed through the App Store and cannot be uninstalled from
the Launchpad. Try the other methods instead.
Now, let's examine the second method.
Dragging to the Trash

This is the most commonly used method to uninstall apps. It can be used not only
with apps installed through the App Store, but with any app. However, bear in mind
that with some apps, this method could leave some files behind. If you don't want
any files to remain, you can use third-party software to help you remove all files.
To use it, just go to the Applications folder and drag the app you want to remove
to the Trash, as simple as that.
Now, let's examine the last method.
Custom uninstaller
Although rare, some apps come with a built-in uninstaller included when the
developer deems it necessary.
[ 406 ]
To use this method, you would normally have to ask app support to find out where
this package is located, or sometimes it might be included in the app's contextual
menu. For example, the Avast Security software we installed earlier provides its own
custom uninstaller that can be accessed from the top menu, as shown in the following
screenshot:
Figure 10.23 – Using a custom uninstaller
It's always important to verify the developer's documentation to ensure which is the
best way to uninstall software in macOS.
So far, we have covered the important topics of installing and managing apps. In the
next section, we will learn how to explore and monitor installed apps.
Exploring installed apps

The main tool for managing apps in macOS is the Finder tool. However, there are
other tools that you can use for specific tasks related to apps, such as System
Information and Activity Monitor.
[ 407 ]
If you need to know which apps are installed on your system, including third-party
software, you can use the System Information tool to scan your apps to view a list of
installed apps and their locations.
Perform the following steps to use the System Information tool to explore apps and
their extensions:
1. Open the System Information tool, as explained earlier.

2. Scroll down to the Software section in the side menu, and then
select Installations, as shown here:
Figure 10.24 – Exploring app installations
3. You will be able to see the apps that have been installed on your Mac on
the list, along with some pertinent information, such as the version that's
been installed, the source (Apple or third party), and the installation date.
[ 408 ]
You can explore the extensions that have been installed on macOS
through Extensions, right above the Installations section of the System Information
tool.
Apps have preference files, and they can be explored through the Finder tool, as we
will see next.
Exploring app preference files

Bear in mind that, in general, app preferences are stored in XML files in the form of
property lists. These files have the .plist filename extension.
These files are stored in the user's Library folder, in the Preferences folder,
at ~/Library/Preferences.
As we saw in Chapter 8, System Resources and Shortcuts, sandboxed apps store the
preference files in the container folder, at ~/Library/Containers/[Bundle
ID]/Data/Library/Preferences.
Here, [Bundle ID] is the name that identifies the app.
You can view and edit the content of those files through various methods. The
following are the two that are most frequently used:
The Finder Quick Look feature allows you to view the contents of the file.
The Quick Look feature will be examined later in this chapter, in the
Managing documents section.
The Xcode app allows you to view and edit these files.
You can obtain Xcode for free from the App Store.
While you can explore apps through the System Information tool, macOS also has
another tool for monitoring open apps and processes. Let's examine that next.
[ 409 ]
Monitoring open processes and apps

macOS provides a tool for inspecting running processes, managing them, and
exploring how they affect your Mac's performance. This tool, called Activity Monitor,
allows you to do the following:
Close unresponsive apps and processes.

Monitor the impact of apps and processes on your Mac's energy
consumption.
Monitor real-time CPU, memory, network, and disk status.
Run diagnostics.
Verify whether your Mac needs more RAM.
Perform the following steps to use Activity Monitor:
1. Open Activity Monitor under Utilities in the Applications folder, or use

Spotlight to find it quickly.
2. In the View menu, you can configure which processes to show on each
pane.
The types of processes you can see are as follows:
Active: Processes that are running and not sleeping

Inactive: Processes that are running but are sleeping
Windowed: Processes that create windows (usually apps)
You can also filter processes according to the following criteria:
All Processes: Processes running on your Mac

All Processes, Hierarchically: Processes that belong to other processes
(parent/child)
My Processes: Processes owned by your user account
System Processes: Processes owned by macOS
Other User Processes: Processes not owned by the root or current user
GPU Processes: Processes owned by the computer's GPU
Selected Processes: Processes you selected in the Activity Monitor
window
Applications in last 12 hours: Only apps running processes in the last 12
hours
Processes, by GPU: Processes that are running, grouped by GPU
[ 410 ]
Here, we can see the View menu, through which you can access all the filtering
options mentioned previously:
Figure 10.25 – Viewing all processes
There are five main areas you can examine:
CPU
Memory
Energy
Disk
Network
All the panes show these three columns:
Process Name
PID: The process ID
User: The user who owns the process
Now, let's look at the additional details you can examine in each of them.
[ 411 ]
CPU
The CPU pane, as shown in the following screenshot, shows the processes that affect
the processor. The columns you have available for filtering are as follows:
% CPU: Total CPU percentage x the number of processor cores a process is

consuming
CPU Time: Amount of time a process has been active since the Mac last
started up
Threads: Number of thread operations in a process
Idle Wake Ups: Number of times a process awoke from sleep mode
If we examine the % CPU column shown in the following screenshot, we'll see
that there is a process called macOS Catalina that is using 42.1% of one processor
core:
Figure 10.26 – CPU monitoring
In all panes, there is more key information you can examine at the bottom. In this
case, we can see the following:
System: Percentage of CPU capability being used by processes belonging to

macOS
[ 412 ]
User: Percentage of CPU capability being used by apps opened by the user
or by processes opened by those apps
Idle: Percentage of CPU capability not being used
In the next section, we will explore how Activity Monitor helps you gather data about
the memory in your Mac, as well as ascertain whether you need to increase your
RAM.
Memory
The Memory pane, as shown in the following screenshot, shows the memory
resources being used. The main columns you have available for filtering are as
follows:
Memory: Amount of memory each process is using

Threads: Number of thread operations in a process
Ports: Number of ports in use by the process:
Figure 10.27 – Memory monitoring
[ 413 ]
In the bottom section, we can see the following:
MEMORY PRESSURE: This graphic shows how efficiently your memory

serves your processes based on the data provided by the details to the
right; for example, Swap Used or Wired Memory. The color represented
helps you ascertain whether you require more memory:
A green color means your Mac is using its RAM efficiently.
A yellow color means your Mac may require more RAM soon.
A red color means your Mac definitely needs more RAM.
Physical Memory: Amount of installed RAM
Memory Used: Amount of RAM being used
Cached Files: Size of files cached into unused memory by the system
Swap Used: Amount of space used on the startup disk to swap memory to
and from RAM
App Memory: Amount of memory being used by apps
Wired Memory: Amount of memory required by the system to operate
Compressed: Amount of memory compressed to have more RAM available
In the next section, we will explore how Activity Monitor helps you gather data
regarding energy consumption.
Energy
The Energy pane, as shown in the following screenshot, shows the energy being used
by each process. The columns you have for filtering are as follows:
Energy Impact: Current app energy consumption; the lower, the better.
12 hr Power: Average app energy consumption in the last 12 hours, or since
the Mac was powered on, whichever is shorter; the lower, the better.
App Nap: A feature of some apps that allows them to consume very little
energy when they are opened but are not in use. This feature can activate
when an app is behind other active windows or in a space that is not being
viewed. In this column, it shows whether App Nap is active for this app.
[ 414 ]
Graphics Card: This shows whether a process requires a high-performance

GPU. It only appears in Macs with one or more graphics cards.
Preventing Sleep: Any apps that are preventing the Mac from entering
Sleep mode:
Figure 10.28 – Energy monitoring
There is useful information about the battery at the bottom of the pane if you are
using a Mac notebook.
related to storage.
[ 415 ]
Disk
The Disk pane, shown in the following screenshot, shows the data that's been read
and written to the disk by each process. The columns you have for filtering are as
follows:
Bytes Written: The total number of bytes written to storage by a process

Bytes Read: The total number of bytes read from storage by a process:
Figure 10.29 – Disk monitoring
Reads in: Total number of times data was read from storage
Writes out: Total number of times data was written to storage
Reads in/sec: Rate of read operations
Writes out/sec: Rate of write operations
Data read: Total data read from storage
Data written: Total data written to storage
Data read/sec: Speed per second at which data is being read
Data written/sec: Speed per second at which data is being written
related to the network and the volume of data that travels through it.
[ 416 ]
Network
The last pane is the Network pane, as shown in the following screenshot, and it
shows the data being sent or received over the network. The columns you have for
filtering are as follows:
Sent Bytes: Number of bytes sent by the process to the network

Rcvd Bytes: Number of bytes received by the process from the network
Sent Packets: Number of packets sent by an app to the network
Rcvd Packets: Number of packets received by an app from the network:
Figure 10.30 – Network monitoring
Packets in: Total number of packets received

Packets out: Total number of packets sent
Packets in/sec: Number of packets received per second
Packets out/sec: Number of packets sent per second
Data received: Total data received from the network
Data sent: Total data sent to the network
Data received/sec: Amount of data received from the network per second
Data sent/sec: Amount of data sent to the network per second
[ 417 ]
In this section, we have covered some important tasks related to installing and
uninstalling apps and the different methods available to accomplish this. We also
learned how to explore and monitor apps and open processes using the System
Information and Activity Monitor tools. In the next section, we will discover how to
manage app extensions that have been developed to enhance apps' features and
capabilities.
Managing app extensions

Apple has a vibrant community of developers and, as a result, there are many
extensions available that you can take advantage of. App extensions have been
available since OS X Yosemite, and they allow completely different apps to interact
with one another, offering extended functionality, actions, and content to users. Apps
make use of extensions and widgets to extend app functionality to other parts of the
system. Developers can include these extensions to add sharing, photo editing, and
document manipulation functionalities, among other, to their applications.
A good example of the use of these extensions can be seen in the Preview app, which
includes markup features to allow you to manipulate images or PDF documents.
These features are also available in other apps, such as the Mail app. For instance,
when you include an attachment in an email, a button lets you access the Preview
markup features, as shown in the following screenshot. This means that you will be
able to mark up your attachment without the need to open any other app:
Figure 10.31 – App extensions
[ 418 ]
In this section, we will learn how to explore apps and extensions that have been
installed on your system. More specifically, we will cover the following:
Types of extensions
Managing app extensions and widgets
Let's start by learning how to explore apps and extensions installed on your Mac.
Types of extensions
As we mentioned earlier, extensions allow different apps to interact with each other,
offering extended functionality, actions, and content to users. Thus, it is important
that we learn in which situations users can take advantage of them, which will save
them time and make their work more efficient. These extensions can be categorized
based on the locations where they allow features to be added, namely, the following
two locations:
Finder
The sharing menu
Let's explore these two types of extensions.
Finder
These types of extensions allow a badge to be included on local folders, which lets us
know the sync status of remote items, such as the one shown in the following
screenshot:
Figure 10.32 – Sync extensions
[ 419 ]
They also allow us to include contextual menus in popular cloud storage apps to
manage syncing and a menu in the Finder toolbar to manage sync settings, as shown
Figure 10.33 – Sync settings
Now that you know how extensions can improve functionality in the Finder, let's
discover the second location where they add functionality as well.
Sharing menu
The extensions for the Sharing menu provide more options, such as sharing photos,
videos, and other content. Here, we can see these extensions in action from the Finder
Sharing menu:
Figure 10.34 – Sharing extensions
Now that you have a pretty good idea of the types of extensions you can use in
macOS, let's explore how to manage them.
[ 420 ]
Managing app extensions and widgets

In macOS, app extensions are usually bundled in the developer's app offering the
extension. This means that they are installed automatically when you install the main
app.
You can inspect and manage those extensions through the Extensions preferences in
System Preferences. Perform the following steps to view and manage your
extensions:
1. In System Preferences, click the Extensions pane.

2. Select the Added extensions tab if you want to view all the extensions that
have been added from the apps you've installed on macOS. Here, you can
see that we have an extension from Microsoft OneNote enabled in the
Share Menu, and other extensions that have not been enabled:
Figure 10.35 – Extension management
[ 421 ]
The other tabs in the left-hand side panel allow you to configure extensions in more
specific sections of macOS, such as Finder, Photos Editing, and Share Menu. For
example, the Actions tab allows you to select extensions for editing or viewing
content, such as Markup actions, as shown in the following screenshot:
Figure 10.36 – Actions extensions
Let's explore the last option, which is a bit different from the rest. The Finder tab
allows you to select quick actions and document providers to show in the Finder.
Here, we can see several quick actions that have been selected for the Finder:
[ 422 ]
Figure 10.37 – Quick actions
In portable Macs with a touch bar, you will see an additional tab where you can
configure quick actions for the touch bar.
In this section, we learned how extensions are an important part of the macOS user
experience and give us access to functionality, as well as sharing options. However,
app sharing is also an important feature. Let's take a look at how we can share apps
on macOS next.
Sharing apps
Sharing apps is a capability that macOS offers to users so that they can share
purchased apps with family and friends through a feature called Family Sharing,
which we will explore in detail in this section.
[ 423 ]
However, if you own more than one Mac, apps purchased on one of them can also be
easily shared and installed on your other Macs as well. To do that, you will need to
enable the ability for purchased apps to be automatically downloaded on your other
Macs via the App Store's preferences:
1. Open the App Store, go to the App Store menu, and then Preferences.
2. Enable the Automatically download apps purchased on other
devices option, as shown here. You will need to sign in with your Apple ID
to configure this option; otherwise, this option will be dimmed:
Figure 10.38 – Downloading apps that have been purchased on other devices
That being said, let's examine the Family Sharing feature and learn how to take
advantage of it.
Family Sharing
Family Sharing is a feature, available since OS X Yosemite 10.10, that offers users a
great way to share apps with family or friends. Through this feature, you can create a
Family Sharing group composed of a maximum of six members (or six Apple IDs),
who can then take advantage of downloaded/purchased apps. Purchases that are
made by any group member can be shared with the other members, as long as they
enable them.
[ 424 ]
This is what you can do through the Family Sharing feature:
Download and share eligible music, movies, TV shows, books, and apps
from the iTunes, Apple Books, and App Stores.
Get an Apple Music family subscription, and then invite family members to
join. You can learn more about the family subscription here: https://
Share family photos and videos.
Set up a family calendar.
Share an iCloud storage plan for your family's photos, videos, documents,
and suchlike.
Find your family members with the Find My Friends app.
Find family members' devices with the Find My iPhone app.
Manage your child's account, turn on Ask to Buy, or use Screen Time with
Family Sharing.
To use Family Sharing, you need the following:
A Mac with OS X Yosemite and later, or an iPhone, iPad, or iPod touch

with iOS 8 and later
An Apple ID
To be signed in to iCloud with that Apple ID
A valid payment method set up with the main Apple ID account
Bear in mind that users can be a part of only one Family Sharing
group at a time.
In a Family Sharing group, there is one organizer who will be the main account and
will invite other Apple IDs into the group to share app purchases. If the organizer has
multiple Apple IDs in iTunes, they can add each of their accounts to the group in
order to share purchases from those Apple IDs as well. The organizer must also have
a valid payment method set up in their account, as all purchases for this group will be
made using that main account. Family Sharing members can also purchase apps
using redemption codes. Bear in mind that unauthorized purchases or downloads can
happen through Family Sharing. If you want to restrict app purchases or downloads,
you can do so through the Screen Time feature. We covered Screen Time in Chapter
4, User Accounts Management.
[ 425 ]
To share purchases through Family Sharing, you need to use the

App Store in the same country or region as your other family
members.
Children under 13 must join a Family Sharing group to use Game Center and will
have to ask for approval to make any purchases, even for free items. However,
besides the organizer, another adult in the group can be designated as a parent or
guardian and will be able to approve or reject purchases requested by the children in
the group. For that to work, you will have to create Apple IDs specifically for the
children in your family group, who will have restricted access to purchasing. You can
use the restrictions options in Screen Time to limit the apps you want to allow per
user. You can also choose an age requirement, which will limit purchases and/or
opening applications to the users in that age range. All other regular Apple ID
accounts require a member to be at least 13 years old.
If a user has access to browsers different from Safari, nothing

prevents them from downloading apps from the internet. Therefore,
in a controlled environment, it is important to restrict those as well.
Now that you have a good idea of what Family Sharing is, in the next few sections,
we will explore the following key tasks related to Family Sharing:
Enabling Family Sharing

Purchase sharing
Start sharing purchases
Stopping purchases and Family Sharing
Let's begin by enabling this feature.
[ 426 ]
Enabling Family Sharing

Perform the following steps to enable Family Sharing. Bear in mind that the process
may vary slightly in different versions of macOS. In the following example, we will
be exploring the process on macOS Big Sur:
1. Make sure you are signed in to iCloud with a valid Apple ID on your Mac.
This will be the group's organizer.
2. Open System Preferences, and then click the Family Sharing icon, as
shown in the following screenshot. Bear in mind that this icon will not
appear if you are not signed in to iCloud with a valid Apple ID:
Figure 10.39 – Family Sharing
[ 427 ]
3. The first time you enable Family Sharing, you will see a screen similar to
the following. Click Get Started to start the setup:
Figure 10.40 – Getting started with Family Sharing
4. Next, you will be asked to confirm whether you wish to invite members to
this group or create a child account. For this example, we will choose Invite
People:
Figure 10.41 – Inviting people
[ 428 ]
5. You will then be asked how you would like to send the invitation: by mail,
message, or in person. For this example, we will choose Mail:
Figure 10.42 – Send Invitations screen
6. At this point, you will need to enter the email of the person you want to
invite and send the email:
Figure 10.43 – Sending an email invitation
7. Once you've done this, you will see a confirmation that the family member
has been invited and that you will be notified when they join. Then, click
Done. The family member will have to accept the invitation from the email
to be added to the group.
[ 429 ]
8. Next, you will see the main Family Sharing preferences, where you will be
able to invite more members through the Add (+) icon, circled in red in the
following screenshot. You will also notice that you are shown as the
organizer. Other members will appear on the list below the organizer as
they are added:
Figure 10.44 – Family sharing
9. And that's it! You have now set up Family Sharing.
In the tabs you see in the preferences, you will be able to set up access to different
types of content for members, as well as configuring location sharing and purchase
sharing. In the following section, we will learn how to set up purchase sharing.
[ 430 ]
Purchase sharing
If you wish to allow members to make purchases or subscribe to services through the
Family Sharing feature, you will have to set up a payment method. Perform the
following steps to do this:
1. Open the Family Sharing preferences in System Preferences.

2. Select the Purchase Sharing tab shown in the following screenshot and
then click Add Payment Method...:
Figure 10.45 – Add Payment Method...
3. You might be asked to sign in again with your Apple ID.
[ 431 ]
4. On the next window, click the Add Payment button:
Figure 10.46 – Add Payment
5. Next, you will be able to add a payment method, which includes credit
cards and PayPal.
If you used PayPal as your payment method, you can verify it through a
code you can obtain from your PayPal account by logging in and using this
link: https://www.paypal.com/getcode. Once you've logged in to PayPal,
you should obtain a code like the one shown in the following
screenshot. You should enter this into the Verification Code field:
Figure 10.47 – PayPal verification
[ 432 ]
6. Next, you will have to set up purchase sharing. While on the Purchase
Sharing tab, click the Set Up Purchase Sharing... button, as shown here:
Figure 10.48 – Setting up purchase sharing
7. You will be asked to confirm whether you want to use your current Apple
ID for purchases or whether you want to use a different payment method,
as shown here. Click Share Purchases to continue with the Apple ID
displayed:
Figure 10.49 – Purchase sharing confirmation
[ 433 ]
8. You will then be shown the payment method that will be used for
purchases that are initiated by group members. Click Continue:
Figure 10.50 – Payment method confirmation
9. Next, you will be asked to accept the terms and conditions. Check the box
to agree and click Agree.
10. You will now see a confirmation dialog indicating that you are now sharing
purchases. Click Done.
11. And that's it! You are now ready to share and allow purchases in your
sharing group.
Now that a payment method and purchase sharing have been set up, we can start
sharing purchases with our group members.
[ 434 ]
Start sharing purchases

Once your members have accepted the invitations you've sent, you can start sharing
your content. Perform the following steps to view shared content:
1. Open the App Store (or another Apple app you want to download content
from, such as Music) and make sure you are signed in with the Apple ID
you're using with Family Sharing. To verify that, go to the Store menu and
then click on View My Account [your Family Sharing Apple ID]....
2. Go to the Purchased page. The location of this page depends on the app
you are using:
For iTunes: Click on Store. Purchased will be under Quick
Links on the right-hand side.
Apple Books: Click on Books Store. Purchased will be under
Quick Links on the right-hand side.
App Store: Click on the profile icon or your photo in the bottom-
left corner, as shown in the following screenshot:
Figure 10.51 – App sharing
[ 435 ]
3. Once you've logged in to the App Store, the family member will be able to
see the content that's been shared by other members by selecting a member
from the Purchased by dropdown, as shown here:
Figure 10.52 – Members' purchases
To share family photos and videos, do the following:
Open the Photos app, tap the Albums tab in the left-hand
menu, select Family under Shared Albums, and then add the photos and
videos you want to share to that album, as shown here:
Figure 10.53 – Sharing photos and videos
[ 436 ]
To set up the family calendar, do the following:
Open the Calendar app and click the Family tab, as indicated in the
following screenshot, to add, view, or change events and reminders in the
family calendar:
Figure 10.54 – Family calendar
If, for any reason, you don't want to share the family photo album, calendar, or
reminders, you can unsubscribe from them on your Mac or also on iCloud.com.
Now that you know how to enable Family Sharing and purchases, let's explore how
to disable these features.
Stopping purchases and Family Sharing

If, at some point, you realize you no longer wish to use Family Sharing or share
purchases, then you can amend this.
[ 437 ]
To only stop allowing purchases, do the following:
1. Open the Family Sharing preferences in System Preferences.

2. Select the Purchase Sharing tab.
3. Deselect the Share My Purchases checkbox:
Figure 10.55 – Disabling sharing purchases
You can also stop family purchase sharing so that your group members lose access to
all shared purchases and will not be able to make new shared purchases. To do this,
perform the following steps:
1. In the Purchase Sharing tab, click the Turn Off... button that appears in the
bottom-right corner, as shown in the preceding screenshot.
2. You will see a warning asking you to confirm this action. Click Stop
Purchase Sharing if you are sure.
[ 438 ]
You can also disable Family Sharing altogether. Perform the following steps to do
this:
1. From the Family Sharing preferences page, select the Family tab.
2. Click the Details... button to the right of the organizer's name.
3. You will see a dialog where you can confirm the action. Click Stop Family
Sharing if you are sure, as shown in the following screenshot:
Figure 10.56 – Stopping Family Sharing
If a child is part of a Family Sharing list, they will have to be

transferred to another family to allow Family Sharing to be turned
off.
In this section, we learned how to use the Family Sharing feature with groups of
family members and friends. We saw how to enable it, as well as how to disable it. In
the next section, we will transition from apps to documents as macOS also has many
features that help make document management easier. We will cover those features
next.
Managing documents
Managing documents is as important as managing apps for both administrators and
users. In this section, we will review the macOS features that simplify document
management for users. The features we will explore are as follows:
Launch Services
Quick Look
Quick Actions
Autosave
Resume
[ 439 ]
Versions
Locking
I have divided the preceding features into two parts for your convenience, as features
tend to be grouped together according to what you can do with a document before it's
opened and what you can do while working with a document.
Using the Launch Services, Quick Look, and

Quick Actions features
The first three features are intended to help you before you open a document. These
features are as follows:
Launch Services
Quick Look
Quick Actions
Let's take a look at these features.
Launch Services
Launch Services is a process that maintains a database of filename extensions and
apps that can open documents with those extensions. This is how, when you double-
click on a document, macOS knows exactly which app to use in order to open it.
If the application to open a specific type of file is not installed on your system, Launch
Services can open the file using its built-in preview mode. Still, you can configure it to
open the file with the application you indicate, which will override the Launch
Services database.
By the way, macOS does not show file extensions. This is the default configuration.
But if, like me, you find it useful to see the extensions since they help you identify the
app the file should be opened with, you can configure that via the Finder
Preferences:
1. In Finder, go to the Finder top menu, and then select Preferences....

2. Go to the Advanced tab and activate the Show all filename
extensions box, as shown here:
[ 440 ]
Figure 10.57 – Showing filename extensions
Bear in mind that this is a global setting; therefore, it will apply to all files. If you want
to see extensions on a per-file basis, instead of using the previous procedure, select
the file that you want to see the extension for and then open the Info window by
pressing Command + I. You will see an option to hide the extension. Deselect it. You
will now see the extension just for that file, as shown in the following screenshot:
Figure 10.58 – Showing filename extensions per individual file
[ 441 ]
Now, if you want to change which app a specific file will open with, you can do so
from the same Info window. You will see that there is an Open with: section, as
shown in the following screenshot. From the drop-down menu, you can select the
application you want to use to open that file. Bear in mind that this change is
permanent unless you change it back again via the same method:
Figure 10.59 – Choosing an app to open a file
If you don't want this action to be permanent, you can use another per-file method.
This can be achieved through the contextual menu. Right-click on the file and choose
the Open With option, as shown here:
[ 442 ]
Figure 10.60 – Choosing an app to open a file once
If you want the change to be permanent for this file, select the file while holding
down the Option key to reveal the Always Open With option, as shown here, and
save the change to the file's metadata:
Figure 10.61 – Choosing an app to open a file with always
[ 443 ]
You can also apply the change to all the files with that extension. For that, click the
Change All button when you are presented with the warning prompt.
The changes to Launch Services are per user. Other users will have
to make the changes in their own accounts.
Now, let's examine the next feature, which allows you to preview many types of files.
Quick Look
This is a technology that, with the help of plugins, enables you to preview files of
nearly any type without having to open the application. The application doesn't even
have to be installed in order for this feature to work. The plugins that make this
happen are located in the Library folders.
However, previewing files is not all you can do with this feature. You can also edit,
mark up, or annotate these files without ever opening another application.
The plugins included by default in macOS allow you to preview and edit the
following types of files:
Audio and video that can be opened in QuickTime

Graphic files (including digital camera files), as well as PDF, EPS, JPEG,
and PNG files
Text/script files
Microsoft Office files
Pages, Numbers, and Keynote files
Internet files, such as web files and iChat transcripts
The apps that support this feature are as follows:
Finder
Time Machine
Email
Most open-and-save browser dialogs
Printer queues
Any application that supports Quick Look
[ 444 ]
To use the Quick Look preview feature, all you need to do is select a document and
press the Space bar.
Another way to use the Quick Look preview feature is by right-clicking on the
document and selecting the Quick Look menu option, as shown here:
Figure 10.62 – Using Quick Look
To quit the Quick Look window, press the Space bar again or click the Close button.
The Quick Look technology is also used in other macOS features, such as the icon
views in the Finder and the inspector or Info window:
When multiple files are selected, you can navigate those files with the
arrow keys near the top-left of the window or press the Left Arrow and
Right Arrow keys.
If a document has several pages, you can also navigate down.
When Quick Look is engaged, you have other options you can use from the
title bar menu, such as opening the item and using the share button. The
sharing options will depend on the type of file, as well as other settings.
As we mentioned earlier, you can perform several useful actions on a file
with Quick Look engaged; these are called Quick Actions, which we will
see in the next section.
Next, let's explore the last feature in this group; that is, Quick Actions.
[ 445 ]
Quick Actions
This feature allows you to perform quick actions on a selected file. The built-in actions
that are available will depend on the type of file you're looking at. You can use the
Quick Actions feature either with Quick Look engaged or without it being engaged:
If Quick Look is engaged, the actions are available from the title bar menu.
If Quick Look is not engaged, the actions will be available when you right-
click on the file and select Quick Actions from the contextual menu.
Quick Actions can also be used when you're viewing a file in Column or
Gallery mode. In the following screenshot, the photo is being viewed in
Gallery mode, and we can see the Quick Actions in the right panel, below
the file details.
Here are the built-in actions that are available directly from the Finder:
Rotate (image or movie)

Mark up (document or image)
Trim (movie or audio)
Customize:
Figure 10.63 – Using Quick Actions
[ 446 ]
Let's learn how to use these options:
To rotate a file, click Rotate Left. By default, you can rotate to the left, but if
you press the Option key, you will be able to rotate to the right.
To mark up an item, click the Markup button.
To trim an audio or video file, perform the following steps:
1. Click the Trim button, and then drag the yellow handles.
2. To see a preview of your changes, click Play.
3. Click Revert to restore your original version.
4. Once you're satisfied with the changes, click Done to save them
and choose to replace the original file or create a new one.
Customize: This option appears when you click on More.... With this
option, you can open the Extensions preferences and choose which Quick
Actions will appear in the Finder's preview pane.
The next set of features are useful when you are already working with documents, as
we will see next.
Using the Autosave, Versions, Locking, and

Resume features
This section is concerned with another set of features that are useful for automating
actions when you're working with documents. These features are as follows:
Autosave
Versions
Locking
Resume
Let's learn how to use each of these features in more detail.
Autosave
The Autosave feature allows certain apps to save a file when changes have been
made. A user working on a document with this feature enabled only needs to save the
document once; the rest of the time, it will be done automatically.
[ 447 ]
You can identify an app that supports autosave when it has the following options in
its File menu:
Duplicate
Rename
Move To
For example, if you open the Preview app and examine the File menu, you will notice
that it has a Duplicate option instead of Save as..., and that it also has the Rename
and Move To options.
Some apps in macOS, such as Photos, iTunes, and Preview, already use this feature
by default because using autosave with these apps is very natural. Some of
the applications that support this feature are TextEdit, Pages, Numbers, and Keynote.
When you create a new document with TextEdit, for example, when you want to
close the document or quit the application, you will be asked whether you want to
save the changes. You must choose the location and save the document the first time
this happens. After that, the document will be saved automatically when you make a
significant change, close the application, select the Finder, or attempt to access the
document from another app. Also, if you are working on a document for a long
period of time, without pausing, it will be saved every 5 minutes.
However, you should know that you can also use Save as.... by pressing the Option
key to reveal it in the app's File menu.
If you have saved the original document at least once, when you use the Save as....
option, and you have made changes, you will be asked whether you want to apply
the changes to the original document as well.
The duplicate option will create a copy of the same document in the same location,
but with the word Copy appended to the name. It is useful to keep a copy of the
original file without modifications and to make changes to the duplicate file.
If you don't feel comfortable using autosave, or if you prefer to save the file yourself,
this feature can be disabled in System Preferences, in General Preferences, by
selecting the Ask to keep changes when closing documents option (Figure 10.66).
The next feature we will explore is related to autosave, and allows the use of
versioning.
[ 448 ]
Versions
The Versions feature works in combination with Autosave. Apps that support
autosave also support document versions. This feature allows you to revert to any
previously saved version of the document easily.
What's interesting about this feature is that you can navigate to a version of the
document and restore the whole version or insert just sections of the document into
its latest version.
To revert to a previous version of the document, just go to the app's File menu, and
then select Revert To, Last Saved, or Last Opened.
You can see the whole history of a document by going to the app's File menu,
selecting Revert To, and then choosing the Browse All Versions option. The interface
you will see will be very similar to that of Time Machine. You will see the current
version on the left side, and on the right-hand side, you will see the previous
versions. You can use the arrows to scroll up or down the versions, or you can click
directly on the date of the version you are looking for:
Once you have found the version you are looking for, just click Restore.
If you want to restore just a section of the changes, select the section, copy
it, and paste it into the current version.
Bear in mind that if you send a document by email or copy it to a

shared location, it will not retain a version history. If you need to
use versioning with collaboration, the best option is to use iCloud
Drive, which will be covered next.
Locking
What this feature does is prevent a document from being changed or from autosaving
unwanted changes. A locked document or folder cannot be moved, modified, or
deleted. Any app that supports autosave can use the Locked feature.
To use this feature, select the document you want to lock and open the Info window.
Next, select the Locked checkbox. We explored how to use this file flag in Chapter
7, Understanding Ownership and Permissions.
When a document is locked, you will see a warning that will suggest duplicating the
file to create a new copy that you will be able to modify while keeping the original
unchanged.
[ 449 ]
Bear in mind that duplicating or moving a locked document that

does not support autosave will just create another locked copy until
its owner unlocks the file.
When a document is locked, this is indicated in the title bar, as shown in the
following screenshot. You can also lock/unlock a document from the title bar:
Figure 10.64 – Locked file
Let's now examine the last feature in this group.
Resume
The Resume feature allows applications to be reopened automatically when you log
out or shut down your computer, either on purpose or because of a power failure.
When an application quits for these reasons, not only are any opened documents
automatically saved, but the application's state is also saved. When the Mac is
restarted, or the user logs back in, it returns to how the user left it when it was quit,
including documents or windows being restored – even the position of where you
last scrolled to on a window.
This feature is enabled by default on macOS for logging out actions. If you wish to
disable it, you can do so by deselecting the Reopen windows when logging back
in checkbox in the dialog that appears when you're logging out, as shown here:
Figure 10.65 – Disabling the Resume feature at logout
[ 450 ]
You can also configure this from System Preferences by going to

the General Preferences menu. If the Close windows when quitting an
app checkbox is selected, as shown in the following screenshot, open documents and
windows will not be restored when you reopen an app or log back in:
Figure 10.66 – Disabling the Resume feature
Finally, if the option is disabled, you can temporarily enable this option by holding
down the Option key when logging out. In this case, it will only work the next time
you log back in.
In the final section on managing documents, we will learn how to take advantage of
iCloud so that you can have access to your documents from any device.
[ 451 ]
Using documents in iCloud

iCloud Drive is a storage and access solution that is part of the iCloud tools, available
since OS X Yosemite. Documents saved in iCloud Drive remain available and up to
date across all of your devices.
This is what iCloud Drive allows you to do:
You can keep files and folders up to date across devices: iPhone, iPad,
iPod touch, Mac, or PC, and iCloud.com.
You can create new files and folders from apps using iCloud.
You can work on a single file across multiple apps.
You can access files from your Mac desktop and Documents folder.
You can share files with anyone.
To enable iCloud Drive, you require the following:
Your device should be updated to the latest macOS or iOS version.

You will need to set up and enable iCloud on all of your devices.
You will have to be signed in to iCloud with the same Apple ID on all of
your devices.
To access iCloud Drive from a Windows PC, make sure you have at least
Windows 7 or later. You will need to download iCloud for Windows from
this link: https://support.apple.com/HT204283.
Visit these links to verify the recommended minimum

requirements for using iCloud Drive and for instructions on
setting up iCloud Drive on other devices: https://support.apple.
com/HT204230 and https://support.apple.com/HT204025.
You can store any type of file in iCloud Drive, provided that it is 50 GB or less in size.
However, Apple recommends that you don't store app folders, libraries, or .tmp files.
Also, make sure that you are not exceeding your iCloud storage limit. When you first
set up iCloud, you automatically get 5 GB of free storage. If you need more space,
there are plans that you can access for a fee to increase your storage limit.
Perform the following steps to set up iCloud Drive on your Mac (this procedure may
vary, depending on the macOS version you're using):
1. If you aren't already, sign in with your Apple ID.

2. Open System Preferences and then click on the Apple ID icon.
[ 452 ]
3. Select the iCloud tab and activate the iCloud Drive checkbox, as shown in
the following screenshot:
Figure 10.67 – Enabling iCloud Drive
[ 453 ]
4. You will see an Options button appear beside iCloud Drive. Click on it,
and then select the apps whose files you want to sync in iCloud Drive, as
shown here:
Figure 10.68 – Files to sync in iCloud Drive
Bear in mind that if you are using OS X Yosemite 10.10 or earlier,

you won't be able to access documents in iCloud Drive directly from
your Mac, but you will be able to access them from the iCloud
website at www.icloud.com.
Also, when you have iCloud Desktop & Documents enabled on one Mac and you
then enable it on another Mac, the Desktop & Documents content on the other Mac
computer will be moved into subfolders in the iCloud Desktop & Documents folder.
For example, if you add a second Mac called Mac2 to iCloud Desktop & Documents,
you will have a folder called Mac2 with a subfolder called Desktop, along with
another subfolder called Documents, in the iCloud Desktop & Documents folder.
[ 454 ]
If you disable iCloud Desktop & Documents on your Mac, the items will be moved
to a subfolder in iCloud Drive, and a new local empty desktop and Documents folder
will be created in the local user account. If you want to copy your files to the new
empty folder, you will have to do so manually.
And with this section on iCloud documents, we have reached the end of this chapter.
Be sure to check out the summary for a quick recap on what was covered.
Summary
In this chapter, we explored a variety of supported macOS environments, including
native macOS, universal binary, Unix, and open source-based app environments. We
saw what happens with 32-bit apps in the latest versions of macOS. Then, we saw
how to use the App Store and create an Apple ID to make the most of its features. In
the following section, we saw how to install and manage apps, including app
extensions. Next, we discovered how to share apps with family members and friends
through a feature called Family Sharing. Finally, we looked at multiple features,
including Quick Look, Quick Actions, Autosave, Versions, Locking, and Resume, that
macOS offers to manage documents quickly and efficiently, including syncing your
documents across devices through the use of iCloud Drive.
Now that you have finished this chapter, you are fully equipped to manage apps and
documents, and also take advantage of all the features macOS provides you with in
order to do so thoroughly and efficiently.
In the next chapter, we will examine the backup and archiving options in macOS,
including Mac's proprietary tool, Time Machine.
[ 455 ]
11
Backups and Archiving
Optimizing your storage, as well as keeping your data safe and available in case of
any potential loss, is vital for good administration. macOS provides several
options for this purpose. Archiving and backing up are two different ways of
managing storage, safeguarding your information, and saving space.
In the first section of this chapter, we will explore the archiving methods that
are available in macOS. You will learn how to use them and in which cases they are
most suitable. Also, macOS has a proprietary tool known as Time Machine, which
was designed exclusively for backing up your data and managing your storage. In the
second part of this chapter, you will learn how to configure and use Time Machine for
your backups.
By the end of this chapter, you will know how to use archiving techniques, as well as
Time Machine, to archive and back up your data safely and efficiently on macOS.
In this chapter, we will cover the following topics:
Archiving in macOS
Using Time Machine for backups
Backups and Archiving Chapter 11

Archiving in macOS
Archiving is a recommended practice that allows you to save space and keep your
files organized. On macOS, this can be achieved through just one method or a
combination of at least two methods. As opposed to backing up, archiving is usually
a manual task requiring user involvement. However, it could be automated with the
use of third-party software or specific scripts.
In this section, we will cover the technologies macOS uses to facilitate archiving. We
will examine two easy-to-use archiving methods that you can utilize in macOS, which
are as follows:
ZIP archives
Disk images
Let's explore when it is best to use a ZIP archive instead of a disk image.
ZIP archives
Archiving through ZIP files involves a combination of multiple files to create a
compressed file destined for long-term storage or for faster and more efficient
network transfer. A ZIP file is just a compressed archive. Compression in these types
of files is variable, and the amount of compression that can be accomplished depends
on the types of files being compressed. For example, a 50% compression can be
achieved if you include text files, such as Word documents. However, in the case of
media files, most of them are already compressed, and there will be virtually no
difference when they are included in a ZIP file. Compressed files of this type are easy
to recognize because they have the .zip extension.
[ 457 ]
Here are the advantages of using ZIP archives:
They are ideal for smaller amounts of data.

They are easier to create and manage using Finder.
They are compatible with most third-party operating systems, which
usually have software to decompress them.
In macOS, ZIP files are managed through both Finder and Archive Utility. Both tools
work together to offer you a convenient way to compress and expand files. We are
already well-familiarized with Finder and how to access it.
Archive Utility is macOS's built-in tool for file compression and expansion. It is
located in the /System/Library/CoreServices/Applications folder, as shown
Figure 11.1 - Archive Utility
However, the quickest way to access it is through the Spotlight tool and the
contextual menus in Finder. Files that have been compressed using this tool will have
either the .cpgz extension by default or the .zip extension, depending on whether
you're using the tool directly or through the contextual menus in Finder. You can
change this behavior through the utility's preferences, as we will see in this section, so
that it always compresses as a .zip file.
[ 458 ]
Follow these steps to create a ZIP archive using Finder:
1. In Finder, select the file or files you want to compress. You can hold down
the Shift key to select several items adjacent to each other or use the
Command key to select several items that are not adjacent.
2. Choose File, then Compress, as shown in the following screenshot, or use
the secondary click to achieve the same result through the contextual menu:
Figure 11.2 - Compressing files
Depending on the size of your files, the time it will take to complete this
process will vary. As soon as it is completed, by default, a ZIP file with the
name of the file, or with the name Archive.zip if you compressed several
files, will appear in the same folder as the original file(s).
Follow these steps to create a ZIP archive directly through Archive Utility:
1. Open Archive Utility using Spotlight and select File, then Create Archive...,
Figure 11.3 - Creating an archive
[ 459 ]
2. Then, select the folder or file you want to archive. Take into account that
you cannot choose several items at a time with this tool, but you can select
a folder.
3. As we mentioned earlier, you will see that the file that's been created has
the .cpgz file extension. We will learn how to permanently change this
behavior shortly.
Expanding a compressed archive is as simple as double-clicking the file. This action

will decompress and expand the archive in the same folder or location as the original
file.
Take into account that you don't have the option to extract
individual items from a ZIP archive using Finder.
Follow these steps to customize Archive Utility's preferences:
1. Go to Archive Utility and select Preferences... from the top menu.

2. You will see the dialog shown in the following screenshot. Here, you will
find many options, such as where to save the expanded files by default,
what do to do after expanding them, and much more. To always use .zip
as the compression format, select it from the Use archive format drop-
down menu:
Figure 11.4 - Archive Utility preferences
And that's it! As you can see, using ZIP files in macOS is very easy. In the next
section, we will see when it is best to use disk images instead of ZIP files.
[ 460 ]
Disk images
Disk images are files that look and act like mountable volumes. These images can be
compressed, encrypted, and secured. Also, permissions can be set; for example, you
can make them read-only. They are widely used for distributing macOS software over
the internet. You can create a disk image of virtually any size, as long as you have the
local storage capacity for the size you want to create. Disk images have the .dmg
extension.
The following is a list of criteria for when it is best to use disk images:
They should be used for larger amounts of data.

They are suitable for creating backups, as well as for archiving entire
filesystems, such as a Time Machine backup.
When you require greater flexibility than what a ZIP file allows.
However, although they offer more flexibility and options, you must take the
following into account:
Disk images are harder to create and manage.

They cannot be created through Finder.
They can only be created through the Disk Utility.
Take into account that, in general, disk images created in macOS can
only be used by Mac computers. You would need third-party
software to open .DMG files from other operating systems, such as
Microsoft Windows.
In macOS, you can use Disk Utility to create a disk image or use
the hdiutil command in Terminal.
In the following subsections, we will explore how to use Disk Utility to create disk
images. More specifically, we will look at the following options:
Creating disk images with Disk Utility

Changing a disk image's format
Restoring a disk image to a disk
Let's start by learning how to create disk images.
[ 461 ]
Creating disk images with the Disk Utility

Disk Utility allows you to create several types of disk images that serve different
purposes. These are as follows:
Blank disk image for storage: This is an empty disk image that you can
add data to. You can then use this image to create disks, CDs, or DVDs so
that you can archive your data.
Disk image from a disk or connected device: This disk image contains
data, as well as free space, on a physical disk or another connected device,
such as a USB device. As long as there is free space, you may keep adding
data to it. You can use it to restore the disk image to another volume later
on.
Disk image from a folder or connected device: This disk image includes
the contents of a folder or connected device, such as a USB device, but
unlike the previous type of disk image, it doesn't copy the device's free
space to the disk image; therefore, you cannot add more data to it. As in the
previous case, you can restore that disk image to another volume at a later
date.
Secure disk image: You can create an encrypted disk image if you want to
archive sensitive or confidential information that should be kept protected
and accessible only to authorized users.
Next, we will walk through how to create the first type of disk image described – a
blank disk image for storage purposes.
You can explore how to create all the available types for disk images
by going to https://support.apple.com/guide/disk-utility/
create-a-disk-image-dskutl11888/mac.
[ 462 ]
Follow these steps to create a blank disk image:
1. Open Disk Utility. Then, select File, then New Image, and finally Blank
Image..., as shown in the following screenshot:
Figure 11.5 - Creating a blank disk image
2. You will see the following dialog window. Enter a name in the Save As box
and indicate Where you want to save the image:
Figure 11.6 - Blank disk image creation options
[ 463 ]
3. In the Name field, enter the name of the disk image. This is the name that
will appear in Finder's sidebar, once you've opened the disk image. The
default name is Untitled.
4. Next, enter a Size value for the disk image. The default is 100 MB.
5. In the Format pop-up menu, choose one of the following options:
If the disk image will be used with a Mac running macOS 10.13
or later and has a Solid-State Drive (SSD), choose APFS or
APFS (Case Sensitive).
If the disk image will be used with a Mac running macOS 10.12
or earlier, choose Mac OS Extended (Journaled) or Mac OS
Extended (Case-sensitive, Journaled).
If the disk image will be used with a Mac or Windows computer

and is 32 GB or less, choose MS-DOS (FAT). Choose ExFAT if
it's over 32 GB.
6. If you want to encrypt the disk image, click the Encryption pop-up menu,
and select the type of encryption. You can choose 128-bit AES encryption
(which is recommended) or 256-bit AES (which is more secure but
slower). If you choose to encrypt, you will be asked to provide a password.
7. In the Partitions pop-up menu, choose a partition layout. The options you
have here are as follows:
CD/DVD
Single partition – Apple Partition Map
Single partition – GUID Partition Map (default option)
Single partition – Master Boot Record Partition Map
No partition map
[ 464 ]
8. In the Image format pop-up menu, choose one of the following options:
Sparse bundle disk image: This format creates an expandable

file that shrinks and expands according to needs and as the user
adds data to it. The "bundle" part means the directory data for
the image is stored as a bundle. This image will have
the .sparseimage file extension. The maximum image size has
to be defined at image creation.
Sparse disk image: This format also creates an expandable file
that shrinks and expands according to your needs. No additional
space is used. This image will also have the .sparseimage file
extension.
Read/write disk image: Default option. This format allows you
to add files to the disk image once it's been created. It uses the
.dmg file extension.
DVD/CD master: This option changes the image's size to 177 MB
(CD 8 cm). It uses the .cdr file extension.
Once you have selected an option, click Save, and then Done. For this
example, we will use the default option.
9. This process can take a while, depending on the amount of data you have
and the format you've selected. However, you will see a dialog that will
allow you to monitor the disk image's creation progress. Click Done when
it's finished.
10. You will see that the image has been saved where you indicated, with the
.dmg extension.
11. To mount it, just double-click the disk icon on your desktop or in the
Finder's sidebar.
12. And that's it! You can add the files you want to add, and when finished,
you can eject the disk image.
If you decide to change the disk image format later, you can do so; we will learn how
to do just that next.
[ 465 ]
Changing a disk image's format

You can change a disk image's format through Disk Utility by following these steps:
1. Select Images from the Disk Utility's top menu, and then choose Convert...
Figure 11.7 - Converting a disk image
2. Choose the image you want to convert. For example, let's choose
the .dmg image we created in the previous section.
3. You will have the option to choose a new name, a location to save to, the
encryption type, and the image format, as shown in the following
screenshot:
Figure 11.8 - Converting a disk image – options
[ 466 ]
In this case, you can choose from the following Image Formats:
read-only: The disk image can only be read and can't be written to, but they
open faster and are easier to create.
compressed (default option): The data is compressed, making the disk
image smaller but read-only.
read/write: With this format, you can add data to the disk image once
you've created it.
DVD/CD master: This format includes a copy of all the sectors of the disk
image so that when another DVD or CD is created using the disk image,
the data is copied as-is. Therefore, it can be used with third-party apps.
It's a good idea to select compressed (the default option) as the image format to save
space.
Finally, we will learn how to restore this disk image to a physical disk.
Restoring a disk image to a disk

To restore a disk image to a physical disk, you will need to erase it first. If you need to
review how to erase a disk or volume, please go back to Chapter 6, The macOS File
System: Disks, Volumes, and Partitions. However, the disk image restore process will
erase the target disk for you. If the disk image you want to restore has several
partitions, you will have to restore each partition individually. You cannot restore
several volumes in different partitions simultaneously.
Follow these steps to restore a disk image with a single volume to a disk:
1. Open Disk Utility and select the volume that you want to restore in the
sidebar. Beware that this needs to be the disk/volume that was erased for it
to hold the copy.
2. Once you've done this, click the Restore icon at the top and choose the
volume you want to copy, as shown in the following screenshot:
[ 467 ]
Figure 11.9 - Restoring a disk image
3. If you're restoring from a disk image, click the Image... button and
navigate to the disk image, as shown in the following screenshot:
Figure 11.10 - Restoring from a disk image
4. Once you've selected the image, click Restore.
To restore a disk image that contains multiple volumes to a disk, you will need to
partition the destination disk first and then follow the process explained here to
restore each volume individually. If you need to review how to partition a disk, you
can review Chapter 6, The macOS File System: Disks, Volumes, and Partitions, where
this is explained in detail.
[ 468 ]
For detailed information about disk images, read the manual (man)
page by entering the man hdiutil command in the Terminal.
With this, we have covered the essential aspects of archiving in macOS, including the
use of ZIP archives and disk images. However, there is another important task related
to data security and archiving that we will cover in this chapter. Backing up is
perhaps the most essential and often neglected task in terms of data security and
recovery, in terms of the potential data loss that all systems are at risk of, for countless
reasons. Therefore, in the next section, we will explore the tool macOS provides for
this purpose.
Using Time Machine for backups

In the previous section, we saw that we can use compressed files for archiving, and
although these files can be used as a backup option as well, macOS has its own
proprietary, built-in, automated tool specifically designed for this purpose. macOS's
main tool for managing backups is called Time Machine. With this tool, you can back
up the entire filesystem on your machine, including system files, apps, emails, and
regular files such as music, photos, and documents. The tool also allows you to
browse, restore, and recover data from entire filesystem backups. This allows you to
restore a specific snapshot of your system exactly as it was at the moment of the
backup. Time Machine is integrated with the operating system, so you won't have to
exit any application to do a backup or perform any other related action.
In this section, we will cover the following topics:
Understanding Time Machine

Configuring Time Machine
Restoring a Time Machine backup
Let's start by understanding how Time Machine works.
Understanding Time Machine

Time Machine is macOS's efficient tool for backing up tasks and optimizing your
storage space. All macOS applications, and also many third-party ones that support
it, can use Time Machine directly. Applications that don't include support can still use
Finder and the Time Machine interface to browse the filesystem for backups.
[ 469 ]
Time Machine is efficient because it ignores files that don't need to be backed up. This
includes files that can easily be recreated after a restore, such as temporary files or
any other files that can be considered as caches, indexes, and the items in your Trash.
During app development, developers can also include directives so that Time
Machine doesn't back up specific app data that doesn't need to be backed up. By
default, the system excludes locally attached volumes to prevent backups of backups.
Time Machine copies files without compressing them, which makes it easier to access
them. The first time you use the application, Time Machine creates a backup of almost
your entire filesystem, except for the ignored items mentioned earlier. Other items
can also be defined as "exempt" in Time Machine's preferences and will be ignored as
well. After that, subsequent backups are done by tracking the original filesystem's
changes in the background. When a user is connected to the backup system, the next
backup is performed automatically in the background, but after that, only the
changed items are copied into the backup volume. The unchanged items are included
through hard link pointers to the previous backup in order to simulate a full
filesystem backup. This is also another way this system can save a lot of space.
Now that you understand how Time Machine works, let's examine where you can
store your backups while using this tool.
Where can you store your backups?

Take into account that, although Time Machine is a feature that's built into every
macOS system, to store your backups, you need an external storage device. Once you
have selected an external device as your backup disk, Time Machine will
automatically make the following backups:
Hourly backups for the past 24 hours of data

Daily backups for the past month of data
Weekly backups for all previous months of data
If your backup disk becomes full, the oldest backups will be deleted
to make space for the new ones; therefore, it is possible that you
won't be able to restore very old items if they have been erased.
[ 470 ]
Take into account that Time Machine is not efficient at backing up large databases or
files that change too often. This is because it would have to back up the entire
database every time a change is made in the database; it doesn't matter if the change
is very small or large. This means you could run out of space quite quickly. Because
of this, older items will start to get deleted to make space for new backups.
However, Time Machine will warn you if it has to delete items to free up space.
Keep in mind that you cannot change how Time Machine deletes
older items.
Since OS X Mountain Lion, you can select more than one backup disk for Time
Machine backups. If you have two disks configured, backups will be done one at a
time. The backup for the first disk will be done first, and in the following hour, the
backup for the second one will be done.
The external storage devices you can use to back up with Time Machine are as
follows:
Any external drive connected to your Mac through USB, Thunderbolt, or

FireWire
Any external drive connected to an AirPort Extreme Base Station (802.11ac
model) or AirPort Time Capsule
Another Mac configured as a Time Machine destination
A Network-Attached Storage (NAS) device that supports Time Machine
over the SMB protocol
Currently, the preferred storage format for Time Machine backups is AFPS or APFS
Encrypted. However, macOS still supports Mac OS Extended (Journaled) or HFS+
and Xsan formats. If you select a disk for the backups formatted with APFS, FAT32,
or another format different from APFS, Time Machine will ask you whether you want
to reformat the disk. Remember that if you reformat the disk, all information
contained in it will be erased. If you're using the Master Boot Record (MBR) partition
scheme, some partitions may not be available for use with Time Machine.
Technically, you could also create a separate APFS volume in your internal disk for
backups, but this is not recommended because if your disk becomes damaged for any
reason, you will lose your backups as well.
[ 471 ]
If you wish to learn more about storage disks for Time Machine
backups, please go to https://support.apple.com/en-us/
HT202784.
If your storage disk is not available for any reason, by default, Time Machine creates
and saves "local snapshots" into the internal disk, provided there is enough space.
Once your Mac has connected to the backup volume again, the snapshots are
converted into regular backups and saved into the backup volume. This is only a
temporary solution that should not be used as a permanent backup strategy. This is
because your internal disk can become full very quickly; if your disk should become
inaccessible for any reason, you will also lose access to your local backups.
Now that you understand how Time Machine works and where you can save your
backups, let's examine how to configure it.
Configuring Time Machine

To configure Time Machine, you need to connect any of the external storage devices
indicated earlier to your Mac. When Time Machine is enabled, it will scan your
system for an external disk or a network share, and it will ask you to choose one as
the backup volumes that's available. Time Machine will be up and running as soon as
you choose a disk for your backups, but there are options you can adjust.
[ 472 ]
The main tool that's used to manage Time Machine can be found in the System
Preferences panel, as shown in the following screenshot:
Figure 11.11 - Time Machine preferences
These preferences allow you to do the following:
Select an external or network backup disk.

Verify the backup's status.
Manually configure settings.
Choose to back up manually or automatically.
Time Machine's preferences can also be accessed through the icon at the top of the
menu bar (if the option to show the icon is selected).
Follow these steps to configure Time Machine:
1. Open Time Machine's preferences, as shown in the preceding screenshot.

2. Click the Select Backup Disk... button to add the first backup disk, as
shown here:
[ 473 ]
Figure 11.12 - Time Machine configuration
3. Select the volume/disk you want to use for Time Machine. If you want to
encrypt the backup, enable the Encrypt backups checkbox at the bottom of
the dialog. Note that when you choose this option, you need to take into
account that the content of the volume/disk will be erased since it is a
formatting option; when you're ready, click Use Disk. The backup process
will start 2 minutes after you select the disk:
Figure 11.13 - Selecting a backup disk
4. If you select an additional disk, you will be asked whether you want to
replace the previous disk or whether you want to use both.
[ 474 ]
5. To add/remove a disk, click Add or Remove Backup Disks, respectively.

6. If you want Time Machine to show in the top menu bar, make sure
the Show Time Machine in menu bar option is selected (Figure 11.12).
7. If you want backups to be done manually, not automatically, you should
uncheck the Back Up Automatically checkbox (Figure 11.12) or set the
on/off switch to off (Mojave and earlier). In this case, you can initiate a
backup manually using the Time Machine icon in the menu bar.
If you're using encryption, when the disk is reconnected, you will be asked for a
password to decrypt the contents. At this point, it is a good idea to include the
password in the keychain system so that you can access it automatically, as well as so
that backups can take place without you having to provide your password every
time. Make sure to save the password in a secure place because if you forget that
password, your encrypted contents will be lost, and there is nothing you will be able
to do about it.
Time Machine backups on network shares cannot be encrypted. Therefore, securing

the physical disk is very important.
In Figure 11.12, you will notice there is an Options... button, which allows you to
configure which items to exclude (exempt) from your backups. You can define entire
volumes to exclude if you find them unnecessary, or specific user account folders,
such as the Guest user folder, as shown in the following screenshot:
Figure 11.14 - Excluding items from backups
If you are using a Mac notebook, you will have additional options related to battery
power.
You can also stop Time Machine backups if you made a mistake during the
process, as we will explain next.
[ 475 ]
Stopping Time Machine backups

If you are using local volumes, backups can be postponed or stopped by
disconnecting the backup disk. However, remember that a local snapshot will be
created on your Mac until you reconnect the backup volume.
If a backup is in progress and you want to cancel it or eject the disk, you can click the
X button to the right of the progress bar to cancel it.
Another option is to deselect the Back Up Automatically checkbox (Figure 11.12) so

that backups are only done manually, whenever you decide to do them. A more
permanent choice would be to remove the disk from Time Machine's preferences.
We mentioned earlier that when your backup disk is not available, a temporary local
snapshot is created until the backup disk is available again. These snapshots can take
up a lot of internal disk space. The only way to avoid these snapshots is to disable
automatic backups by ensuring the Back Up Automatically checkbox (Figure 11.12) is
deselected.
Now that you know how to configure Time Machine, let's discover how to use the
tool to restore a backup.
Restoring a Time Machine backup

Restoring items or entire system backups with Time Machine is very user-friendly,
and it's mostly done using the built-in Time Machine interface, or Finder in some
cases. The Time Machine interface allows you to browse your backups until you find
the specific point in time you are looking for. On the other hand, Finder only allows
you to restore specific items.
More specifically, Time Machine offers four different ways you can restore data from
a Time Machine backup. These are as follows:
Using the Time Machine interface

Restoring only specific items using Finder
Using Migration Assistant to restore user accounts or entire home folders
Restoring the entire system with macOS Recovery
Which option to use will depend on what you want to accomplish. Let's briefly learn
how to use each of these options.
[ 476 ]
Using the Time Machine interface

The Time Machine interface can be accessed through the Time Machine app in the
Applications folder or through the top menu icon. This option allows you to
browse through specific dates of backups and select the one you wish to restore.
Follow these steps to use this option:
1. Go to the Applications folder and double-click the Time Machine icon.

2. Browse the date of the backup you're looking for using the arrow to the
right or the browsable dates, as shown in the following screenshot:
Figure 11.15 - Restoring a backup
3. Once you've selected a backup, click the Restore button.
After restoration, your system will go back to the exact state, files, and configuration
it had at the moment of that backup.
Sometimes, we don't want to restore the whole backup, just certain files. Let's learn
how to do that.
[ 477 ]
Restoring only specific items

This can be done by navigating the items of your backup history in Finder. In this
case, files will be located at the root of the backup volume, in a folder
called Backups.backupdb, as shown in the following screenshot:
Figure 11.16 - Restoring individual files
You will see folders whose names correspond to the date and time of the backup. If
several computers are being backed up, the name of each computer will be included.
Once you've located the file(s) you want to restore, select them and copy/paste or
drag them to your Desktop or another folder on your Mac.
You can also use the Time Machine interface to restore individual items. Just select an
item, and you will be able to preview it. However, take into account that you cannot
modify the items contained in these folders as you normally would in Finder, and
you shouldn't even try because you will corrupt the backups. Once you've located the
file you want to recover, just click Restore.
Next, let's examine another way to restore Time Machine backups.
[ 478 ]
Using the Migration Assistant

As mentioned previously, this tool allows you to restore entire user home folders or
other information from a Time Machine backup. This tool also allows you to transfer
information from one Mac to another, as well as non-system data, computer settings,
and apps.
Take into account that you should not use the Migration Assistant to
restore entire systems.
The Migration Assistant can be accessed during the initial system configuration after
installation. It can also be accessed through the Applications/Utilities folder.
In this section, we'll learn how to use the Migration Assitant to restore a Time
Machine backup during macOS installation. The window shown in the following
screenshot will appear during the Setup Assistant process, after installation:
1. Select the first option to restore From a Mac, Time Machine backup or
Startup disk, as shown in the following screenshot:
Figure 11.17 - Restoring with the Migration Assistant
[ 479 ]
2. Next, select the Time Machine backup disk and click Continue, as shown
here:
Figure 11.18 - Selecting the backup disk
3. Next, you will have to select the backup you want to restore. Click
Continue when you're ready.
4. Finally, you will be able to select which information to restore, such as
entire user accounts, other files and folders, and so on. Click Continue
when you're ready.
This process can take some time, depending on how much information you are
restoring. Finally, let's learn how to use Time Machine to restore backups from
macOS Recovery.
[ 480 ]
Using macOS Recovery

When you have full backups that include the system volume, the Recovery system is
the appropriate tool to use. Take into account that restoring the full system will erase
the destination disk.
For this method, you will need to start up from the Recovery system, as explained in
Chapter 2, Installing and Configuring macOS.
Follow these steps to use this method:
1. Start up from macOS Recovery.

2. Once you're in the Recovery interface, select Restore from Time Machine,
Figure 11.19 - Restoring from Time Machine
3. Next, you will see a dialog containing information about Time Machine.
Review it and click Continue.
4. The system will scan for available Time Machine backup disks and let you
select a disk or local snapshot to restore, as shown in the following
screenshot. Once selected, click Continue:
[ 481 ]
Figure 11.20 - Selecting your backup disk
5. Now, select the backup you want to restore and click Continue.
6. And that's it! Wait for the process to finish, and you're done.
Even if your main system disk is damaged, you can still access the Recovery system
from a local Time Machine backup disk since a copy of the hidden recovery volume is
copied into the local backup disk.
Follow these steps to start up from a local Time Machine backup:
1. Start up your Mac while holding down the Option key and select the disk
that contains the Time Machine backup. In a Mac with the Apple M1
silicon, you would press the Power button until you see the Options
screen.
2. The Assistant tool will do a scan to locate backups, or you can select one.
3. Next, follow the same procedure we explained in the previous section
Using the Migration Assistant.
In this section, we saw what Time Machine is and the options we have to store
backups with this tool. We also explored how to configure Time Machine and the
various methods we can use to restore a backup using the Time Machine interface,
Finder, the Migration Assistant, and macOS Recovery.
With that, we have completed this chapter on backing up and archiving. Be sure to
review the summary for a quick recap on the topics that were covered.
[ 482 ]
Summary
In this chapter, we explored the archiving methods available for users in macOS,
including .zip files and disk images. We also learned how to use macOS's built-in
tool called Time Machine for backing up and archiving tasks. You can now use a
variety of archiving methods to organize your old files and store them, using either
ZIP files for small amounts of data or disk images for large amounts of data or
continuous archiving. You also understand how Time Machine works, and you can
now use it to manage your backups or restore data using those backups.
In the next chapter, we will look at networking, including understanding how

networking works in macOS, configuring networking, using the tools that are
available to us, and more.
[ 483 ]
12
Networking in macOS
Today, all of our devices are connected to the internet in one way or another. But
that's not all; devices also communicate with one another. How these devices
communicate and transmit/exchange/share information is where "networking" comes
into play. Networking is a very complex topic. It is more than just connecting a user
to the internet; it involves many types and flavors of protocols, software, hardware,
and technologies, many times all used simultaneously. Although it is not possible to
cover that complexity in this book, we will review the essentials of some networking
topics so that you can have an idea of how it all works in macOS and to make the
most of its available networking capabilities.
This chapter covers aspects related to network configuration that are specific to
macOS. We will start with some basic concepts to refresh your knowledge of
networking fundamentals. Next, we will look at the configuration and advanced
options available in macOS. By the end of this chapter, you should feel comfortable
configuring network connections and services in macOS and using the tools available
for this purpose.
We will cover the following topics in this chapter:
Understanding networking concepts

macOS network configurations
Advanced network configurations
Networking in macOS Chapter 12
For this chapter, you will require the following:
Access to a Mac with administrative privileges

Basic knowledge of networking
An internet connection
Understanding networking concepts

Before we can move on to configuring networking in macOS, it's a good idea to
review some fundamental concepts to understand what lies beneath the surface of the
options available. More specifically, we will see a general overview of the networking
models, in addition to some concepts that all system administrators should be
familiar with.
The topics we will cover in this section are as follows:
Networking models
Fundamental networking concepts
Let's begin this overview with the very early developments in networking – the
emergence of networking models.
[ 485 ]
Networking models
A networking model, sometimes also known as a networking architecture or
blueprint, is a comprehensive set of documents that describe in detail each function,
small and general, required for a network. Collectively, these documents define
everything that should happen in order for a computer network to work (Cisco
certification guide: http://www.ciscopress.com/articles/article.asp?p=1757634
seqNum=2).
Since the earliest implementations of computer networks, different companies started

to develop their own protocols and technologies. Very quickly, they realized that
incompatibility was a big issue. To solve this problem, the International
Organization for Standardization (ISO) first proposed the Open Systems
Interconnection (OSI) reference model in 1984 as a way to obtain abstraction through
layering strategies to reduce the complexity of the networking architecture. In layered
models, each interface or host communicates through specific protocols in each layer,
and each layer relies on the previous layer.
Although there are other models we could talk about, we will discuss the two most
significant models for modern networking:
The OSI model

The TCP/IP protocol stack model
Let's start with the fundamental aspects of the OSI model.
The OSI reference model

OSI stands for Open Systems Interconnection. As its name suggests, it is a model
that serves as an industry-standard reference or, in other words, a framework for the
design of network systems. We won't go into much depth regarding how it works,
just enough so that you can understand its logic.
[ 486 ]
OSI's main characteristic is that it can be explained through layers, seven layers to be
precise. Each layer explains a part of the networking process; in other words, how
data moves along a network. The following Figure 12.1 can help you quickly
understand what each layer is responsible for:
Figure 12.1 – The OSI model, by Offnfopt, under CC0 1.0; from Wikimedia Commons
The layers of the OSI model are explained as follows:
The Physical layer is responsible for the physical connection between

devices. The information in this layer is received and converted into bits to
be passed on to the data layer. Hardware such as modems and cables are
part of this layer.
[ 487 ]
The Data Link layer is the node-to-node message delivery layer. Here's
where we start to deal with the Protocol Data Units, or PDUs, which are
the pieces of information or packets being transmitted at each network
layer. In each layer, the PDU has a different name. In the Data Link layer,
the PDU is known as a "frame." A "frame" is a chunk of data sent as a unit
over the Data layer. When a frame arrives, this layer transmits it to the host
using its MAC address (see more on this in the Fundamental networking
concepts section later in this chapter). Key components in this layer are the
Network Interface Card (NIC) and the host machines' device drivers, as
well as switch and bridge devices. You will find definitions for these two
devices in the Router address section later in this chapter.
The Network layer is where data is transmitted from one host in a network
to another host in another network. The PDU in this layer is known as a
"packet." Packets are segments or chunks of data wrapped in data
structures, which contain the information needed to deliver the data to its
destination. This layer is where packets get routed through the shortest
route, and the sender/receiver IP is attached to the header. This layer is
handled by devices such as routers.
The Transport layer is the heart of the OSI and is operated by the OS. It is
responsible for delivery of the message in full, as well as acknowledging
successful data transmission. PDUs in this layer are known as "segments."
Formatted data is in this layer from the layers beneath and segmented into
smaller chunks or segments.
The Session layer is responsible for session establishment, maintenance,
and termination.
The Presentation layer, also known as the Translation layer, is where
message translation, encryption/decryption, and compression occur in
order to comply with the correct data format for transmission over the
network.
The Application layer, also known as the Desktop layer, is implemented by
the network applications. They produce data to be transferred over the
network. This is also the layer where the user views the data that has been
received. Good examples of these applications are browsers.
In the very early days of the Macintosh, networking was provided by a technology
called AppleTalk. This was a networking system organized as protocols arranged in
layers known as the Apple Talk protocol stack. What's interesting about this model is
that it was based on the OSI model.
[ 488 ]
The AppleTalk networking system is no longer in use. Similarly, like the OSI model, it
was deemed too complex and was not widely adopted. However, the OSI model was
the precursor of the Transmission Control Protocol/Internet Protocol (TCP/IP)
model, which was open, simpler, had fewer layers, and, more importantly, was
widely adopted.
The OSI model is really the precursor of modern networking architecture. It did not
detail many of the services and protocols in each layer, but instead described what
should happen in each layer; in other words, it is a descriptive model. Today, most
networking in Apple macOS and iOS devices is done through the TCP/IP networking
model, which we will examine in general terms in the next section.
TCP/IP model
The difference between the TCP/IP model and the OSI model is that the TCP/IP
model focuses on the protocols used at each layer. Therefore, it is very useful for
networking architecture. The hierarchical structure of the TCP/IP protocol suite
doesn't exactly correspond to the OSI reference model, but it has its similarities. The
TCP/IP protocol suite was originally defined as a hardware-based, four-layer
architecture, comprising the application, transport, internet, and link layers.
Although there are many descriptions available, we will use the one Apple uses:
TCP/IP stands for Transmission Control Protocol/Internet Protocol, and is a suite of
open communication protocols aimed at interconnecting devices on a network, which
can be internal or external; for example, communication within an intranet or with the
internet with the purpose of end-to-end data transport. Basically, TCP/IP determines
how devices communicate in order for data to be transmitted over a network. The
TCP part is responsible for ensuring that data arrives in full at its destination, and the
IP part provides network addressing and routing.
The TCP/IP model is composed of four layers, as you can see in Figure 12.2:
[ 489 ]
Figure 12.2 – TCP/IP protocol stack
The Data Link Layer, or the Physical Layer, is where hardware connects
with the hosts to transport raw packets from one host to another host in the
same physical network. This layer is where we find "network interfaces,"
which are discussed in more detail below. Each network interface is
generally connected to one or more interfaces, and the connection between
them is known as a "link," hence the name of the layer. From the user's
standpoint, data passes through the following types of links in this layer:
Wi-Fi, Ethernet, cellular networking, and so on.
The IP Layer is the routing layer, where packets travel from one host to
another, and they are able to pass across multiple physical networks,
traveling from router to router, along a path known as a "route." Each link
they follow from one router to another is known as a "hop." Also, in this
layer, packets are split into several pieces (fragmentation or segmentation
process) at one end and reassembled at the other end. However,
fragmentation is not free of problems; especially, in terms of packet loss,
speed, and overhead; therefore, modern TCP systems use techniques to
maximize the available network bandwidth and verify packet loss.
The Transport Layer is actually composed of several transport layers. Data
travels in this layer, as it does in the IP layer, too. But the difference with
the IP layer is that port numbers are added to the picture, allowing a
definition of which services in a host receive which types of messages. At
this layer, the two most common protocols that provide transport from host
to host are the Transmission Control Protocol (TCP) and the User
Datagram Protocol (UDP). These two protocols also depend on another
protocol known as the Internet Control Message Protocol (ICMP), which
is used to detect connection failures. More on these protocols will follow.
[ 490 ]
The Application Layer is the top layer, and it is composed of protocols

such as the Hypertext Transfer Protocol (HTTP), File Transfer Protocol
(FTP), and Domain Name System) (DNS). This layer comprises specific
applications, either custom implemented or provided by default by your
OS.
As of today, most networking in macOS and iOS/iPadOS is based on the TCP/IP

protocol. If you are a developer, unless you require compatibility with other
protocols, you should develop for TCP/IP.
As mentioned earlier, TCP/IP is a protocol-focused model composed of many

protocols. We won't go over all of them here, but we will review some of the most
important related concepts in the next sections, especially those you will encounter
while configuring macOS networking options.
Fundamental networking concepts

In this section, we will review several important concepts to understand how to
configure networking in macOS. These are concepts that you will always encounter
when configuring networks as an administrator or advanced user, and therefore you
must be familiar with them. These concepts are as follows:
Host
Network interfaces
LAN and WAN
MAC address
IP addresses and subnet masks
Router address
Network protocols
Let's begin by reviewing the first concept: what is a host?
Host
When talking about networking, you will see the word "host" appear quite frequently.
A host is a device connected to a network that acts as an endpoint for network
communication. Hosts can receive or/and send data. A host can be a computer, a
server, and even a portable device, such as a cellphone.
[ 491 ]
Another concept you will encounter frequently are network interfaces.
What are network interfaces?

A network interface is a link-layer interconnect. In other words, it is the point of
interconnection between a computer and a private or public network. It is the
medium through which data flows to your computer.
In general, a network interface is an NIC, and it can be physical or virtual. When they
are physical, they define the physical network connections, known as hardware
network interfaces (Wi-Fi, Ethernet). When they are virtual, they are known as
virtual network interfaces, or Virtual Private Networks (VPNs), and they define
logical network connections that work on top of the hardware network connections.
A host, like a Mac computer, can have many network interfaces. The most widely
known physical network interfaces are Ethernet (wired) and 802.11 (wireless
networking), which you probably know as Wi-Fi. As mentioned earlier, you can also
have Bluetooth and Ethernet in the same host. Each network interface can be
connected to additional interfaces, which may or may not be physical. Either way,
each of these connections is known as a "link." Even if it's not a physical connection,
you can think of this link as a cable or a wire.
A VPN connects to a private network (for example, a company's internal network

with specific access rules and restrictions) through the physical network or the
internet.
macOS includes built-in support for the following physical and wireless hardware
interfaces:
Ethernet
Wi-Fi
FireWire
Thunderbolt Bridge
Thunderbolt
Bluetooth PAN
USB
VPN
PPPoE
6to4
We will describe each of these briefly in the following sections.
[ 492 ]
Ethernet
Ethernet used to be (to a certain extent, and for now, it still is) the most commonly
used wired technology for connecting Local Area Networks (LANs). With this
technology, data travels over a twisted-pair copper cable. It is a protocol that belongs
to the IEEE 802.3 family of standards. It operates at the Data Link layer of the TCP/IP
stack that enables devices to communicate with one another.
Ethernet has been in every desktop Mac since 1997, even offering multiple Ethernet
interfaces in some models. Portable Macs also used to have built-in Ethernet
interfaces, but since wireless technologies started to predominate, and in order to be
consistent with the portable design of these machines, recent portables no longer have
them. However, Apple offers optional USB Ethernet and Thunderbolt-to-Gigabit
Ethernet adapters if you need to use Ethernet in a portable Mac that does not have
this interface built in.
Ethernet is definitely the most widely used "wired" interface today. Let's now review
the most widely used "wireless" interface today: Wi-Fi.
Wi-Fi
Wi-Fi belongs to the IEEE 802.11 family of wireless standards. Today, it is the most
widely used technology for connecting wireless LANs. Wi-Fi has been available in
desktop and portable Macs since 2006. In older Mac computers, Wi-Fi used to be
known as AirPort. This name was still used for some time in relation to the Apple Wi-
Fi network-based stations family (AirPort Express and AirPort Extreme), although
these are now discontinued from sale.
In the next section, we will explore another type of interface, known as the "bridged
network interface," or, as you probably know it better: FireWire.
FireWire
FireWire is the name Apple designated and trademarked for its version of the IEEE
1394 bridged network interface, a high-performance serial bus for connecting devices
to a computer. FireWire was a standard in many older Mac computer models. It
enabled the creation of small ad hoc networks using daisy-chained FireWire cables.
For a while, it seemed that FireWire was the data transfer technology that would
dominate the market and would become the standard across the board. However,
due to the resurgence of more effective technologies, such as Thunderbolt, FireWire
seems to have adopted a less prominent role. You can still use FireWire in Mac
computers with FireWire 400 or FireWire 800 ports (ports that can transfer data up to
400 or 800 Mbps, respectively).
[ 493 ]
The difference between FireWire and the next interface we will explore is that
FireWire has a maximum throughput of around 3.2 Gbps, while Thunderbolt can
reach up to 10 Gbps. Let's examine Thunderbolt in more detail.
Thunderbolt Bridge
Thunderbolt Bridge, or the bridge network interface, is standard in most newer Mac
computers and offers better performance compared with its predecessor, FireWire. It
is a very high-speed, high-performance data transfer technology, and it is also very
flexible as it allows many adapters to be used effectively; for example, you can use a
Thunderbolt to FireWire adapter, or a Thunderbolt to Ethernet adapter. It also allows
small ad hoc networks to be set up using daisy-chained Thunderbolt cables. The
Thunderbolt port on your Mac can be used to connect a display, a TV, a storage
device, and more. In macOS, you would use Thunderbolt Bridge in combination with
an Ethernet adapter to connect to a network.
At the same time, Thunderbolt has evolved and improved. Today, there is
Thunderbolt 3, which has a maximum transfer rate of 40 Gbps, twice as fast as
Thunderbolt 2, four times faster than USB 3.1, and eight times faster than USB 3.0.
The Thunderbolt 3 port in portable Macs also allows charging through the same
cable.
macOS supports Thunderbolt 1 and 2. A Thunderbolt 3 (USB-C) port is available in

newer MacBook and iMac computers.
In the next section, we will explore a less powerful but widely used interface for
different purposes: Bluetooth.
Bluetooth
Bluetooth is an industry specification for mobile, computer, and other device
communication, using a short-range wireless connection. Bluetooth is the standard
for connecting a range of devices to your computer or mobile phone, such as
headphones, mice, and keyboards. Most Mac computers that have Wi-Fi also support
Bluetooth. macOS and iOS also support Bluetooth as a network bridge for mobile
phones and for hotspots that can be used to provide internet connectivity via a
cellular network.
[ 494 ]
Bluetooth PAN stands for Bluetooth Personal Area Network, and it allows you to
use your Bluetooth-enabled mobile phone as a modem to connect your Mac to the
internet. However, take into account the fact that the speed you obtain will be up to
56 kilobits per second (Kbps), and also that your mobile phone service provider has
to allow you to use your phone as a modem.
In the next section, we will cover perhaps the most popular communication interface:
USB.
USB
The Universal Serial Bus, better known as USB, is a plug-and-play interface for
communication between a computer and peripheral devices, such as digital cameras,
cell phones, media players, flash drives, scanners, and printers. "Plug-and-play"
means that the OS will automatically discover and configure a new peripheral device
without the need to restart the computer. macOS and iOS also support USB as a
network bridge for mobile phones and for hotspots that can be used to provide
internet connectivity via a cellular network.
In the next section, we will explore another type of network service, which uses
hardware network interfaces to create a virtual network.
VPN
A Virtual Private Network, or VPN, is a very popular network service. A VPN
creates a logical (virtual) network within a hardware network interface. In simple
terms, it does this by masking your IP address and creating an encrypted tunnel from
your client to the network-routing device that provides the VPN service. VPNs are
quite often used to protect personal information and data. These are some of the cases
where they are used:
To encrypt data before it travels through a network

To increase data security, privacy, and anonymity
To filter, segregate, and aggregate traffic across LAN connections
macOS makes it easier to allow connections to common virtual network services

through a virtual network service interface. You can even configure multiple separate
interfaces for each network location.
[ 495 ]
macOS supports the following connection protocols for VPNs:
A VPN virtual network service interface via L2TP over IPSec

A VPN virtual network service interface via Cisco (Cisco IPSec)
IKEv2
A VPN via the Point-to-Point Tunneling Protocol (PPTP) is available in
macOS X El Capitan and earlier versions only
In the next section, we will explore a less well known protocol supported in macOS:
PPPoE.
PPPoE
Point-to-Point Protocol over Ethernet (PPPoE) is a protocol that can be used to
connect to your Internet Service Provider (ISP). In macOS, it is mostly used for
connecting through AirPort Utility. When using AirPort Utility Setup Assistant to set
up a new base station or extend an existing network, it automatically configures the
network settings. This way, you don't need to manually configure the base station's
settings unless otherwise instructed by your ISP or network administrator, who
should provide you with the account name, password, and other information for your
PPPoE account, for a manual configuration of the base station.
Finally, we will examine yet another interface option offered in macOS: 6to4.
6to4
The 6to4 option is straightforward. It allows you to configure a network configuration
port when you need to connect to an IPv6 address, and your ISP or network does not
offer IPv6 connectivity.
In the next section, we will learn how to identify which network interfaces are
available on your specific Mac.
[ 496 ]
How to identify which network interfaces are available?

Now that you know which network interfaces are supported in macOS, you will want
to know which ones are available on your Mac computer. Perform the following steps
to find out:
1. Open the System Information tool. You can find it in the Utilities folder
in the Applications folder, or you can use Spotlight to find it quickly.
2. On the left-hand side, under Hardware, you will see all the interfaces
available for this Mac (Figure 12.3). Select any interface, such as
Thunderbolt and, to the right, you will be able to see the types of
Thunderbolt interfaces available, as well as their characteristics. In Figure
12.3, we see that there are two Thunderbolt ports. We selected the first
Thunderbolt Bus, and we can see in the lower-right section the speed,
whether there is any device connected to the port, and more:
Figure 12.3 – Available interfaces
[ 497 ]
The System Information tool allows you to see all the hardware interfaces. If you
want to see only the network interfaces, you can use the Network Utility application
(macOS Catalina and earlier; this tool has been deprecated in macOS Big Sur). The
quickest way to find it is by using Spotlight. Perform the following steps:
1. Type Network Utility in the Spotlight search.

2. Next, click on the drop-down menu to see all the available network
interfaces, as shown in Figure 12.4:
Figure 12.4 – Available network interfaces
You can also find out which network interface you are currently using in the
following manner:

2. Click the Network icon. This is where most network configurations are
managed in macOS.
[ 498 ]
On the left-hand side, you will see the type of interface. If you are using
Ethernet, that's what you will see. If you are using a wireless interface, you
will see wireless or Wi-Fi. If your machine has both interfaces, you will see
both. Typically, portable Macs don't have Ethernet interfaces, while desktop
Macs do. In Figure 12.5, you can see the network interfaces of an iMac, and
this is why you see an Ethernet interface in the list:
Figure 12.5 – Network interfaces
In this section, we explored all the network interfaces offered as an option in macOS,
including the most popular ones, such as Ethernet, Wi-Fi, USB, and VPN, as well as
less well known interfaces, such as PPPoE. These network interfaces are used to
connect us to LANs and WANs, which is what we will cover next.
[ 499 ]
LAN and WAN

LAN stands for Local Area Network, and it refers to a group of devices (computers,
other devices, and peripherals) connected to the same network through a wired or
wireless connection (the latter often referred to as WLAN). There is also another type
of LAN, the VLAN, or Virtual LAN, which is a grouping of network nodes organized
without any infrastructure changes, useful for network organization. This basically
means that VLANs are like subnetworks within another single switched network.
They are used to organize and extend networks without adding any extra routers,
switches, or cables. Cables, switches, routers, and so on are also parts of the LAN.
LANs are mostly created through a network interface, such as Wi-Fi or Ethernet.
The main characteristic of a LAN is that all devices on it share the same server in a
limited geographic area. LANs are typically set up in offices and homes to share
resources such as storage, printers, scanners, and communicate with each other.
LANs can be a few users in a home, or hundreds in a large office.
Contrary to a LAN, a WAN, which stands for Wide Area Network, is not limited by a
geographic area. By definition, it should cover a large geographic area. Actually,
several LANs can be interconnected in a WAN through several routers or similar
devices. A good example of an application of a WAN is a large office with several
offices worldwide, each with their own LANs, and all connected through a WAN.
Another good example of a WAN is the internet, which connects LANs and other
larger networks around the world to the internet.
WANs can also be wired or wireless. Examples of wired WANs are Ethernet
connections wired through fiber or optical cables. Wireless WANs can use mobile
technologies such as LTE.
Another important difference between LANs and WANs is that the former are
usually kept private within a local environment, while WANs are rarely privately
owned, although the infrastructure can be leased from a carrier or an ISP for security
and confidentiality purposes.
All devices connected through networks have addresses that help to identify them in
the network. We will see more about these addresses next.
What is a MAC address?

All devices that communicate on the internet have two addresses: a MAC (physical)
address and an Internet Protocol (IP) address.
[ 500 ]
A MAC, or Media Access Control address, adapter address, or physical address in

some contexts, also known as an EHA, or Ethernet Hardware Address, prior to the
appearance of wireless technologies, serves to identify a device's physical network
interface address on the same local network.
A MAC address is a unique identifier assigned by the network adapter or NIC

manufacturer to identify a physical network interface on a local network. Therefore,
MAC addresses are tied to one network interface permanently. Since computers can
have several network interfaces, as we saw earlier, they can have more than one MAC
address and, at least, one for each network interface type, such as an Ethernet port or
a Bluetooth interface.
A MAC address is normally formed by 48-bit numbers, in 6 groups of 2-digit

hexadecimal numbers, separated either by colons or hyphens.
In Figure 12.6, there are two MAC addresses in this iPhone example, one for Wi-Fi
and one for Bluetooth:
Figure 12.6 – MAC address
[ 501 ]
Depending on the type of Mac you have, and the type of service you are using, you
will usually find this information for your MAC computer by performing the
following steps:

2. Next, go to the Network panel.
3. Click on the Advanced tab, as shown in Figure 12.7:
Figure 12.7 – Advanced configuration
[ 502 ]
4. Click the Wi-Fi tab and then look at the bottom of the window:
Figure 12.8 – Wi-Fi MAC address
5. In Figure 12.8, we are looking at the MAC address of the Wi-Fi interface for
this Mac.
We mentioned earlier that, apart from MAC addresses, there are other types of
addresses, such as the router and the IP address. We will see more about IP addresses
next.
[ 503 ]
IP addresses and subnet masks

While a MAC address identifies a physical network interface on a local network, an
IP address serves to identify a device globally. Another way to explain the purpose of
an IP address is that it is used to identify the location of a device on a network, be it
local or remote. These addresses are used by the TCP/IP protocol stack as the primary
identification method in both LANs and WANs.
Another difference with the MAC address is that, while the latter is permanently tied
to a physical network interface (or, in other words, it is fixed), the IP address is not
permanently tied, nor is it fixed. The IP address changes as the device connects to
different networks.
There are currently two commonly used types of IP address: IPv4 and IPv6. IPv4 was
the first widely used IP addressing scheme, and it is still in use today. In the next
sections, we will explore the following:
IPv4
IPv6
Subnet masks
Let's start by exploring IPv4.
IPv4
An IPv4 address is a 32-bit number organized into four groups of three-digit
numbers, known as octets, separated by periods, as illustrated in Figure 12.9. Each
octet can have a value between 0 and 255:
Figure 12.9 – IPv4 address
[ 504 ]
The bytes of the IPv4 address can be classified into two parts: the network part and
the host part (Figure 12.10):
Figure 12.10 – IPv4 address parts
The network portion specifies the unique numbers assigned to your network and also
identifies the network class (refer to the following link for more information on the
TCP/IP and Data Communications Administration Guide: https://docs.oracle.com/cd/
E19504-01/802-5753/planning3-18471/index.html). In Figure 12.10, the network
part takes up two bytes of the IP address.
On the other hand, the host part is the part of the IP address assigned to each host. It
uniquely identifies the machine on the network. For each host on the network, the
network part of the address will be the same, but the host part will be different.
Today, there is another type of addressing scheme that will eventually push back
IPv4, and we will explore this next.
IPv6
As millions of devices are added to the global market every year, there was concern
that IPv4 might run out of available addresses. The response to this concern was the
IPv6 addressing scheme, which is increasingly being adopted nowadays. The
advantage of IPv6 compared to IPv4 is that it is a much larger number and therefore
allows a huge range of addresses. This way, IPv6 ensures that there are enough
addresses for any device today and in the future. This is because it is a 128-bit
alphanumeric string (IPv4 is only numeric) and it is constructed as shown in Figure
12.11:
[ 505 ]
Figure 12.11 – IPv6 address
Although the advantages of using IPv6 are clear, there are still some drawbacks,
namely the following:
IPv4 is still widely used. As of the release of this book, Google statistics
(https://www.google.com/intl/en/ipv6/statistics.html#tab=ipv6-
adoption) calculated that IPv6 native adoption was only around 33%
(https://www.google.com/intl/en/ipv6/statistics.html#tab=ipv6-
adoption).
IPv6 addresses are more complex and harder to interpret.
Communication between IPv4 and IPv6 is not natively possible, and it
requires extra equipment.
Making the switch from IPv4 to IPv6 is not an easy process.
Ultimately, it is quite obvious that IPv4 will run out of addresses and, unless another
technology appears to solve the problem, the transition to IPv6 is imminent. So far,
the process has been slow, and we don't know how long it will take, but it is
happening. On June 8, 2011, the World IPv6 Day testing event took place with the
participation of Google, Facebook, and other leading technology companies.
Following a successful test, it was decided to organize the World IPv6 Launch on
June 6, 2012 (www.worldipv6launch.org). The decision to enable IPv6 in products and
services will ultimately depend on ISPs, home networking equipment manufacturers,
and internet companies around the world. As for Apple products, IPv6 has worked
out of the box since macOS X (10.5).
[ 506 ]
In macOS, both IPv4 and IPv6 are configured automatically by default, but if you ever
need to configure them manually, you can refer to the instructions in the Advanced
network configurations section later in this chapter.
macOS supports the following IP configuration options:
Using DHCP (default): The computer obtains the IPv4 address using the
Dynamic Host Configuration Protocol (DHCP).
Using DHCP with a manual address: This is when your ISP uses a DHCP
server but provides you with a specific IP address to use.
Using BootP: Your ISP provides IP addresses using the bootstrap protocol
(BootP).
Manually: Your ISP provides you with a specific IP address, subnet mask,
and router address information to use.
For IPv6, macOS supports the following configuration options:
Automatically: Your computer obtains the IPv6 address automatically.

Manually: Your ISP or network administrator provides you with a specific
IPv6, router address, and prefix length to use.
Link-local only: This option disables IPv6. This option may be needed to
avoid configuration problems in networks where IPv6 is not needed; for
example, in most private networks.
Now, in local networks with many hosts, administrators may decide to divide the
network into subnets. When they do this, they will need to assign a subnet number,
and this is where we will see subnet masks.
Subnet masks
Subnet masks are used by network devices to identify the local network range and to
determine whether outgoing data is destined for a particular network device on a
LAN. The subnet number defines the ranges of IP addresses that can be used in a
network. In simpler terms, the subnet mask determines how the IPv4 address is split.
[ 507 ]
IPv4 addresses and subnet masks have the same format; that is, a 32-bit number
arranged in four groups of octets. The InterNIC organization (www.internic.net),
which administers internet domain names, divides IP addresses into classes. The
most common of these are classes A, B, and C. Class C networks use a default subnet
mask of 255.255.255.0. To know which subnet mask you need depending on
which class your IP belongs to, you need to look at the most significant IP address
byte (starting from the far left):
0-127: Class A
128-191: Class B
192-xxx: Class C
Why "mask"? Because that is what a subnet mask does. A good way to explain it is
this: If a computer's IP address is 192.168.1.102, for example, and its subnet mask
is 255.255.255.0, then the computer (and every other device attached to the same
network) will assume that every IP on that computer's local network will be in the
format 192.168.1.xxx, with xxx being the only part that will change (https://
superuser.com/questions/54802/what-is-a-subnet-mask-and-the-difference-
between-a-subnet-mask-of-255-255-255-0).
In the same way, the number represented by the "0" in the subnet mask means that
IPs in that network can be anything from 192.168.1.104.0 to
192.168.1.104.255.
It is important to mention that with IPv6, the subnet ID is built into the address. In an
IPv6 address, the first 48 bits are the network prefix, the next 16 bits are the subnet ID
used for defining subnets, and the last 64 bits are the interface identifier, as illustrated
in Figure 12.12:
Figure 12.12 – IPv6 unique local unicast address structure
(Michel Bakni, CC BY-SA 4.0: https://creativecommons.org/licenses/by-sa/4.0, via Wikimedia Commons)
Finally, we have a different type of address, the router address, that we also need to
be aware of, and we will explore this next.
[ 508 ]
Router address
Before talking about the router address, it is important to differentiate between
several pieces of hardware: modem, router, bridge, and switch.
The classic definition of a modulator-demodulator, which you are probably aware of

from the abbreviated and more popular term "modem", is the following: a modem is
a piece of hardware that modulates or, in other words, converts an analog signal from
a phone or wire into a digital signal that a device such as a computer can understand.
In essence, a modem's purpose is to connect networks (and the devices on them) to
the internet.
On the other hand, a router is an appliance (physical or virtual) that creates a network
among the devices in your LAN and directs the traffic from the internet to the
devices. In more technical terms, a router identifies a packet header's destination IP
address, determines the best route for the packet to reach its destination, and then
forwards it. A router is a traffic director: where two or more networks meet, that is
where a router will be present.
Now, from the first dial-up modems (the ones that used to make that very distinctive
noise those in my generation remember quite well) to the present day, these devices
have gone through great transformations. Modems no longer work in the same way
as the old ones, but the name remained because it is familiar. Today, it is common to
have a device that combines the functions of a modem and a router, and most of them
also include Wi-Fi technology for wireless connections to the internet.
On the other hand, a switch is a device that moves data between devices. It is mostly
used for transferring data packets among various network devices, such as routers
and servers. It allows you to connect multiple devices to a router; in order words,
they expand the router's capabilities, and they are generally built into the router since
they participate in routing traffic to the appropriate devices.
Routers and switches use routing tables to determine where the network traffic
should go. Remember that a router identifies a packet header's destination IP address.
It does that by examining the routing table to identify where the device IP is located
or to which switch it is connected to send it that way.
Finally, there is a process called "network bridging" in networking, which divides a

single network into multiple network segments. Thus, a bridge is a device that
connects two physical network segments.
[ 509 ]
Having defined all that, all routers have two IP addresses: a private address on the
local network, and an external, public address used for communicating with other
networks on the internet. The external facing address managed by a router is set
when it connects to the ISP. Normally, routers will have the first available address in
the local address range. Most ISPs will assign these common router private addresses:
192.168.0.1 or 192.168.1.1.
Why would you need to know this address? You will normally need this address to
access the manufacturer's panel in order to perform network configurations such as
changing the network password or name. You will also need it to perform ping tests
and to configure static addresses for IoT devices.
In macOS, you can ascertain the IPv4, IPv6, and router addresses here:

2. Click the Network panel.
3. Click on the Advanced tab (Figure 12.7).
4. Select the TCP/IP tab, as shown in Figure 12.13:
Figure 12.13 – IPv4, IPv6, and router addresses in macOS
[ 510 ]
In Figure 12.13, you can see a typical configuration. This machine has an IPv4 address
of 192.168.0.16, a subnet mask of 255.255.255.0 (which makes sense since this is
a "Class C" IPv4 address), and a router address of 192.168.0.1, the first available
address in the range this network can have. The subnet is telling us that the network
this machine is connected to can assign IP addresses from 192.168.0.1 to
192.168.1.255. On the other hand, this ISP provider is not using IPv6 addressing
yet.
To use networking in macOS, we need to use network protocols. We will explore how
that is done next.
Network protocols
We mentioned earlier that TCP/IP is a suite of protocols. A network protocol is a set
of rules and processes that define how devices communicate over a network.
Next, we will review some of these protocols because we will most likely encounter
them when configuring networking in macOS. The protocols that we will explore in
this section are the following:
DHCP
DNS
TCP and UPD
ICMP
Let's begin with the protocol on which TCP/IP relies heavily for configuration: DHCP.
What is DHCP?
The default protocol macOS uses to acquire the TCP/IP configuration and assign IPv4
addresses is known as the Dynamic Host Configuration Protocol (DHCP). This
protocol enables the assignment of an IP address to a computer automatically from a
defined range of addresses configured for a network, thereby assisting in the
automatic configuration of network clients. This is very useful in large networks with
many clients, where manual configuration would take too much time and be prone to
human error. It is common for routers to provide the DHCP service, or an
independent server can also provide it.
Another essential protocol for networking configuration is DNS. Let's explore this
now.
[ 511 ]
What is DNS used for?

In the TCP/IP model, the Domain Name System (DNS) is the protocol that facilitates
network naming. Friendly names are preferred because they are easier to understand
and remember than IP addresses. You are more likely to remember apple.com than
you are to remember 17.253.144.10. This protocol helps resolve a DNS name to an
IP address because it can translate host-given "names" to their corresponding IP
addresses. So, for example, if the DNS name is apple.com, the protocol can translate it
to the appropriate IP it is required to know, which is 17.253.144.10. It does this via
processes called forward and reverse lookups. You can experiment with forward and
reverse lookups with online tools such as WhatsMyIP (https://www.whatismyip.
com/reverse-dns-lookup/).
Of course, none of this would work without a transport protocol that allows data to
travel between hosts and networks. We will explore the most popular ones next.
TCP and UDP

We mentioned earlier that, in the TCP/IP model transport layer, the two most
common protocols that provide transport from host to host are the Transmission
Control Protocol (TCP) and the User Datagram Protocol (UDP). They both have
advantages and disadvantages that are briefly summarized in Figure 12.14, and are
suitable for different purposes:
Figure 12.14 – TCP versus UDP
[ 512 ]
Apple's Developer site recommends that, as a rule, when developing for Apple
devices, you should generally avoid UDP unless you have to support an existing
protocol that uses it (https://developer.apple.com/library/archive/
documentation/NetworkingInternet/Conceptual/NetworkingConcepts/
NetworkingLayers/NetworkingLayers.html).
On the other hand, these two protocols also depend on another protocol, ICMP,
because it helps detect data transmission failures. We will explore this protocol next.
ICMP
TCP and UDP depend on another protocol known as ICMP, which is used to detect
connection failures through ICMP packets. Although ICMP is not mandatory for TCP
and UDP sockets to connect successfully, detecting connection failures is significantly
reduced. ICMP packets are also required for the ping tool, which is used to diagnose
network problems.
In this section, we have explored the fundamental networking concepts you need to
be familiar with in order to properly manage networking in macOS. We reviewed
what network interfaces (Ethernet, Wi-FI, USB, and so on) are, you learned how to
identify which interfaces are available in your Mac, we reviewed what a LAN and a
WAN are, what MAC, IP, and router addresses are and how to find them in your
Mac, and finally we reviewed the main protocols that participate in this
communication process (DHCP, DNS, TCP/UDP, and ICMP).
Now that we have finished reviewing some of the most important networking
concepts and have a clearer idea of how it all works, let's move on to our options for
configuring networking in macOS.
macOS network configurations

In the previous section, we explored all the essential networking concepts we need to
be familiar with in order to make the most of the options available in macOS. In this
section, we will see how network configuration works in macOS, including the tools
offered for a seamless configuration, as well as the customization options available.
More specifically, the topics we will cover are the following:
Initial network configuration

Connecting to Wi-Fi
Other types of networks
What are network locations?
[ 513 ]
Configuring additional network services

Bonjour
All network preferences and configuration options are managed from System
Preferences through the Network panel (Figure 12.15):
Figure 12.15 – Network preferences
[ 514 ]
Take into account the fact that network preferences can only be
managed and modified by users with administrative privileges. If
you are a non-administrative user and want to make changes, you
will have to authenticate as an admin to do so.
Let's now go into the details, starting with the initial network configuration that
happens when macOS has just been installed.
Initial network configuration

Apple has made this goal a priority: the design of its hardware and its software
development should make in general as easy as possible for the user. This is
especially true for network configuration. I still remember the days when you needed
to call a technician to configure your network settings. This has changed over the
years, and perhaps Apple has been one of the first (if not the first) companies to
implement this "zero-configuration" philosophy in its products.
During the initial network configuration, the Setup Assistant plays a major role. As
we have seen in Chapter 2, Installing and Configuring macOS, the Setup Assistant is
deployed when you power up a new Mac or when a fresh macOS installation has
been performed. This assistant is very easy to use. What happens during this setup is
that any active interfaces will be identified and enabled. This includes an automatic
connection to unrestricted (open) wireless networks. Also, the configuration of the
TCP/IP network protocol via DHCP will be attempted. DHCP is enabled by default
for Ethernet and Wi-Fi interfaces, which means that, in most cases, network
configuration will be performed automatically. Most users won't have to do anything
to configure their network connectivity, aside from entering their network
authentication passwords.
[ 515 ]
If, after the initial configuration, you wish to make changes or configure additional
networks, you can do so from the Network panel in System Preferences. If you are
using a version earlier than macOS Sierra, you can also use a tool called Assist Me,
which can be found at the bottom of the Network panel. What this option does is
bring back the Setup Assistant to help you configure your network and to provide
some diagnostics.
Let's now explore in more detail the connection to the most popular network
interfaces, starting with Wi-Fi.
Connecting to Wi-Fi
Connecting to Wi-Fi in a Mac is a pretty basic task. As mentioned earlier, a recently
installed machine will connect automatically to "open" Wi-Fi networks (that is,
networks that don't require any authentication). A secure wireless network will, of
course, require you to enter the network authentication password. However, a Mac
that has already been configured can remember and reconnect automatically to
authenticated Wi-Fi networks.
For secure wireless networks, macOS supports the following Wi-Fi authentication
protocols:
WEP (Wired Equivalent Privacy)

WPA/WPA2 Personal (Wi-Fi Protected Access)
WPA2/WPA3 Personal
Dynamic WEP
WPA/WPA2 Enterprise
WPA2 and WPA3 Enterprise
[ 516 ]
When joining a secure network through WEP or WPA authentication, the system
automatically saves the password into the system keychain. This means that the Mac
will automatically reconnect to any Wi-Fi network to which it has connected in the
past. You can verify the authentication protocol in the Network panel, in the Wi-Fi
tab, as seen in Figure 12.16:
Figure 12.16 – Authentication protocol and SSID
There may be closed or hidden networks that cannot be seen for security reasons, but
you can find them through their SSID. The SSID, or Service Set Identifier, is used to
identify a Wi-Fi network name and its associated configuration. The SSID is basically
the network name. In Figure 12.17, we can see that the SSID is ARIAS NETWORK,
but we could log in to other SSIDs, such as DASHEN ESTUDIO, if we know the
password.
[ 517 ]
If you know the SSID name and password of another Wi-Fi network you want to
connect to, you can use the information to connect to that network. Perform the
following steps to do so:
1. Go to the Network panel in System Preferences.

2. Click on Join Other Network... from the Network Name dropdown.
3. Make sure that Wi-Fi is selected on the list of network services on the left-
hand side:
Figure 12.17 – Joining other networks
[ 518 ]
The same can be achieved from the Wi-Fi status menu, but for that, make
sure the Show Wi-Fi status menu option, located at the bottom, is enabled
(Figure 12.17). If that is the case, you will see the Wi-Fi icon appear in the top
menu bar, as shown in Figure 12.18, and you can click Other Networks to
join another network:
Figure 12.18 – Joining other networks through the Wi-Fi status icon
As mentioned earlier, network settings are managed by administrative

users. However, non-administrative users can access the most common Wi-
Fi network settings they might need from the Wi-Fi status menu, and they
can also see the Wi-Fi signal strength indicator.
When you select the Network Name menu or the status menu, macOS
automatically scans all available networks for you to select from. macOS
always remembers any networks it has connected to at any time in the past.
If it detects that one of these networks is nearby, it will reconnect
automatically. If no Wi-Fi networks are found, then you could try the Join
Other Network... option.
4. Enter the exact network name or SSID in the Network Name field, and
then select the Security authentication protocol and the password (Figure
12.19):
[ 519 ]
Figure 12.19 – Authentication regarding joining other networks
You can find out which type of authentication protocol you are using by logging in to
your router address to verify the information. Remember that the router address is
usually something like 192.168.0.1, and you need to know the login information,
which, by default, is something generic, such as admin (user) and password
(password), unless you or someone else changed it. Once you log in to see your router
information, you can identify the type of authentication protocol. If you have access
to your router dashboard, you can also change the SSID name and the password
provided by your ISP to a different SSID name and password. The procedure will
change depending on the router brand you are using. You can always ask your ISP
for this information.
However, connecting to wireless networks is not all you can do in macOS, so let's see
some other examples next of how you can use other types of networks.
Other types of networks

There are other types of networks you can create with macOS. Let's examine two of
them:
Ad hoc networks
Enterprise
We will see how to configure them in the following sections.
[ 520 ]
Ad hoc networks
Ad hoc networks are also known as computer-to-computer networks, which are
temporary wireless networks that allow one-time connections, useful for sharing files
or to share internet connectivity with other devices, such as PCs and iOS devices.
Although this type of network might seem very similar to, or even the same as, the
AirDrop feature in macOS and iOS devices, it is not. AirDrop can only be used
between Apple devices, whereas ad hoc networks can also be used with other non-
Apple OSes, such as Windows.
You can create these ad hoc networks using your Wi-Fi connection. The following are
the steps required to do that. Be aware that these instructions are for macOS Catalina
and earlier. For macOS Big Sur, please refer to the section following these
instructions:
1. Go to the Wi-Fi status menu.

2. Click on Create Network...:
Figure 12.20 – Creating ad hoc networks
3. Enter a name and leave the default Channel 11 (or choose another one). For
this example, we will call this network Temporary. When ready, click
Create (Figure 12.21):
[ 521 ]
Figure 12.21 – Details for creating ad hoc networks
Notice that the Wi-Fi icon has changed and that Network Name has
changed, as seen in Figure 12.22:
Figure 12.22 – Using the ad hoc network
[ 522 ]
Now, all Wi-Fi-enabled computers or devices nearby will be able to join the
network by selecting it from the status menu or by using the network name,
as we can see in this nearby iPhone in Figure 12.23:
Figure 12.23 – Connecting to an ad hoc network
This feature has been deprecated in macOS Big Sur; however, you can still enable an
ad hoc network. To do so, perform the following steps:
1. Open System Preferences and then click Network.

2. In the service list on the left, make sure Wi-Fi is selected, and then click
Advanced.
3. Make sure the Show legacy networks and options checkbox is enabled
(Figure 12.16).
4. Click OK, and then click Apply.
5. Follow the steps indicated earlier to create the ad hoc network. You will
now see the Create Network... option appear in the Wi-Fi status menu.
Take into account the fact that for joining networks on some
computers, such as PCs, other settings might be required.
[ 523 ]
Once you are done, disable the network since it would be a security risk to leave it
enabled. To disable an ad hoc network, just do any one of these two actions:
Turn off the Wi-Fi hardware interface through the button that appears in
Figure 12.23.
Choose another Wi-Fi network from the list.
When you perform any of the preceding actions, the ad hoc network will disappear
from the list.
In the next section, we will discuss briefly another type of network you can create
with macOS.
Enterprise
Enterprise networks are set up and authenticated through the WPA/WPA2 Enterprise
(802.1X) protocol. This configuration is created by an enterprise network
administrator who will provide you with the authentication details to join the
network. Only network administrators can grant access to a WPA/WPA2 Enterprise
authenticated network, and it will require them to modify the system keychain.
This authentication method is mostly used in an enterprise setting where your Mac is
configured to use a directory service and MDM. This topic is not covered in this book,
but you can find more information here: https://support.apple.com/HT207431.
Actually, in macOS, you can use several services simultaneously, each with its own
set of preferences and configurations. The feature that makes this possible is network
locations. We will examine how this feature works next.
[ 524 ]
What are network locations?

Network locations are saved states of network preferences and settings, including the
information of the network interface, service, and protocol settings. All of this
information is saved in one location. This is useful for differentiating between
network configurations. For example, if you use the same computer to connect to a
Wi-Fi network at home and use it to connect to an Ethernet network from your
workplace, you can have both configurations saved in two different network
locations. Also, network locations allow you to have more than one network interface
in one location. For example, you could have a location where both Wi-Fi and
Ethernet are active. Network locations are also useful for troubleshooting network
issues and testing.
Although only administrative users can define and save network locations, other non-
administrative users can switch between locations from the Apple menu if more than
one exists.
Something to always take into account is the fact that macOS has at least one default
active network location at all times. If for any reason, you need to turn off networking
in your machine, you can accomplish this by creating a network location with all
network interfaces disabled. This way, your Mac is completely off the radar of any
network.
To identify the default active network location in macOS, perform the following steps:

2. Click on the Location dropdown at the top. Automatic will show by
default, as seen in Figure 12.24, and if there are no additional network
locations, nothing else will show in the dropdown.
If there is more than one network location, the system will automatically attempt to
connect the first location in the list in order to establish a TCP/IP connection via
DHCP.
Here are some examples of network location configurations, just to give you an idea
of what you could do:
Take into account that this will affect all users. Locations are system-
wide settings.
[ 525 ]
Scenario 1: Configure a network location that has no interfaces enabled, thereby

preventing any connections.
1. Go to System Preferences and click on the Network panel icon.

2. If you are not an administrator, click the lock to authenticate as an admin.
3. Next, choose Edit Locations... from the Location menu, as seen in Figure
12.24:
Figure 12.24 – Editing network locations
4. Click the + (Add) button to add a new location.
[ 526 ]
5. Next, enter a name for the location. For this example, we will name it No
connection and then click Done:
Figure 12.25 – Editing network locations
6. A location with default settings will be created. If you made a mistake, you
can use the Revert button (Figure 12.26), which will revert to the previous
active network configuration. We don't wish to revert, so we will continue
with the steps for this scenario:
Figure 12.26 – Reverting a network location
[ 527 ]
7. Next, we will select each of the services on the left-hand side and click the -
(Delete) button to remove them, as explained in Figure 12.27:
Figure 12.27 – Deleting network services
8. To apply the location, administrative users can select it from the Location
drop-down menu and then click Apply.
Once a network location is selected, it remains active even if the Mac

is restarted until it is changed again.
9. And that's it! You now have an additional location you can use according
to the situation.
[ 528 ]
Now, if non-administrative users log in to their profile and see that there is no
connection, they can change the network location from the Network panel or by
selecting the Apple menu and then selecting a location that has interfaces enabled,
such as Automatic, as seen in Figure 12.28. This way, the user regains access to a
location where there are active interfaces:
Figure 12.28 – Changing locations
Be aware that the Location menu does not appear in the Apple
menu when only one location exists.
Perform the following steps to prevent a user from changing the location without
authorization. Refer to the Custom Wi-Fi configuration section in the last section of this
chapter.
[ 529 ]
Scenario 2: Create a network location with the Wi-Fi interface disabled:
1. Follow steps 1-4 from scenario 1, and name the connection No Wi-Fi.
2. With the location just created selected in the Location menu, select the Wi-
Fi interface, and then select Make Service Inactive from the gear menu, as
seen in Figure 12.29:
Figure 12.29 – Changing locations
[ 530 ]
3. Click Apply.
4. A non-administrative user cannot reactivate the Wi-Fi service for that
location. So, unless there is another location with an active Wi-Fi service to
which they can switch, they won't be able to access Wi-Fi.
To delete a location, perform the following steps:
1. Go to the Location menu.

2. Click on Edit Locations...
3. Select the location you want to delete.
4. Click the - (Delete) button (Figure 12.27).
As you can see, network locations can be very useful for changing full configurations,
from simple ones to configurations for specific purposes, places, or specific
restrictions.
However, apart from the network services listed by default in the Network panel list
that appears to the left (the ones we deleted earlier), you can add additional services,
and that's what we will cover next.
Configuring additional network services

You can configure additional network services in macOS besides those configured by
default and listed in the left-hand side panel. The following interfaces can be used to
configure additional network services in macOS:
Thunderbolt Bridge
Thunderbolt
Bluetooth PAN
Wi-Fi
Ethernet*
VPN
PPPoE
6 to 6
[ 531 ]
Take into account that this list may vary according to the type of Mac you have and
the model. For example, some older Mac machines still have FireWire interfaces,
while others don't, and portable Macs don't have Ethernet interfaces. We have
already described these interfaces earlier in this chapter (What are network interfaces?).
* If your Mac doesn't have an Ethernet port, you can use a USB to
Ethernet adapter or a Thunderbolt to Gigabit Ethernet adapter.
In the next section, we will see an example of a service configuration: VPN

configuration.
VPN configuration
VPN configuration can be done in two ways: through a configuration profile and
manually. The use of configuration profiles is beyond the scope of this book, but
installing them will normally be as easy as double-clicking on the configuration file,
unless your service provider gives specific instructions.
Automatic VPN connections via certificate-based authentication and

VPN on-demand services can only be configured through
configuration profiles.
You can verify whether you have any profiles installed in System Preferences
| Profile preferences. Be aware that if no profiles are installed, the Profile preferences
will not appear.
[ 532 ]
To manually configure a VPN or manage a current connection, or add any other

service for that matter, perform the following steps:

2. To add a VPN interface, click the + (Add) button below the services list
(Figure 12.29).
3. In the Interface drop-down menu, select VPN (Figure 12.30).
4. Next, select the VPN type. For this example, we will select L2TP over IPSec
(Figure 12.30):
Figure 12.30 – Adding a VPN service
5. Enter a name for the new VPN service or leave the default, and then click
Create.
6. Once the connection is created, you will see the new service appear on the
service list, as seen in Figure 12.31, and you can see the basic configuration
to the right:
[ 533 ]
Figure 12.31 – Configuring a VPN service
7. Enter the VPN server address and account name if using user-based
authentication.
8. And that's it! You can select this connection at any time from the network
services list.
[ 534 ]
You can have multiple VPN configurations in the same interface. To do that, perform
the following steps:
1. While in the Network panel, select the VPN service from the list.
2. Go to the Configuration drop-down menu and select Add
Configuration..., as seen in Figure 12.32. In this menu, you can also rename
and delete a configuration that you created:
Figure 12.32 – Adding a VPN configuration
3. Enter a name for the new configuration in the pop-up window.

4. Next, define the authentication method by clicking on the Authentication
button and entering the information (Server Address and Account Name)
provided by the VPN service administrator.
5. If you don't include a password at this point, it won't be added to the
keychain system, and you will be asked to enter it every time you try to
connect.
[ 535 ]
By default, the system sends traffic through the VPN only if the VPN server defines
routing information. Also, by default, VPN interfaces are placed at the bottom of the
network services list, which means that it will not be the first choice to use as a
network service interface. You could manually reorder the services and put the VPN
connection at the top of the list to be processed first. This behavior can also be
changed through the following steps:
1. Select the VPN service.

2. Go to the Advanced settings and choose the Options tab.
3. Check the box to Send all traffic over VPN connection (Figure 12.33):
Figure 12.33 – Sending all traffic over a VPN
Once the configuration connection is authenticated and established, the TCP/IP and
DNS settings are automatically configured by the PPPoE protocol.
In short, VPN configuration will very much depend on the VPN service provider's
instructions, so be sure to review their instructions carefully.
[ 536 ]
So far, we have seen the most common and useful network configuration options that
you are likely to encounter as an administrator. But there is much more you can do.
However, for most connections, Mac makes it as simple as it can be, and we will see
the technology behind that next.
Bonjour
Bonjour is Apple's implementation of the zero network configuration standard, which
allows the automatic and efficient discovery of services and devices on a local
network. The Bonjour protocol allows the advertising and discovery of services
through multi-cast DNS (MDNS) and link-local addressing. It was initially designed
to help locate Apple services on a network with one router, but it quickly became
popular and started to be implemented outside of Apple environments.
Bonjour works out of the box in macOS, iOS, and iPadOS in Apple, but it can be
installed in Windows computers and integrated into applications, such as Safari. On
macOS, Bonjour is enabled by default; there is nothing you need to do to enable it.
If you want to take a look at how it works, you can examine which devices are being
broadcast through Bonjour. For that, you would need to download and install the
Bonjour browser, which is now named Discovery, from the Apple Store.
Once it is installed, when you open it, you will be able to see and browse Bonjour-
enabled devices on your networks, such as other computers, printers, and more. The
most important detail is that you will be able to see important information belonging
to each device, such as their IP addresses. This is very useful in large networks with
many devices.
Now that we have seen the basic network configurations in macOS, including the
initial network configuration, connecting to Wi-Fi, creating other types of networks,
such as ad hoc networks, configuring network locations, and adding additional
network services, let's look at some of the advanced network configurations that are
possible in macOS.
[ 537 ]
Advanced network configurations

In previous sections, we saw the basic network configurations possible in macOS. In
this section, we will see more advanced options. It's important to note that because
the default network configuration launches the DHCP process automatically as soon
as an interface becomes active, in most cases, network configuration is pretty much
automatic in macOS. However, there are custom configurations that are useful for
system administrators. In this section, we will explore these advanced network
configurations. More specifically, we will cover the following topics:
Custom Wi-Fi configuration

Manual TCP/IP configuration
NetBIOS/WINS
802.1X configuration
Network proxies
Manual Ethernet configuration
As mentioned earlier, all custom network settings in macOS are managed from the
Network panel in System Preferences by selecting the network interface you want to
customize and then clicking the Advanced button. You will require administrator
privileges to make changes in this section.
Let's review some of the available configurations accessible through the Advanced
button.
Let's start by reviewing the custom Wi-Fi configuration.
Custom Wi-Fi configuration

Custom Wi-Fi configuration can be useful when features need to be restricted, for
example, when users are required to connect just to specific wireless networks, when
only one specific should be allowed, or when you don't want users to be able to create
ad hoc networks. You can disable user access to Wi-Fi settings, and the system will
only connect to the preferred networks indicated in this list. You can also use drag-
and-drop to reorder the networks according to priority.
Let's now see how to restrict the options for users:

2. Select a Wi-Fi service from the list.
[ 538 ]
3. Click the Advanced button.

4. Make sure you are on the Wi-Fi tab.
5. You can make the following choices to restrict these actions for non-
administrative users:
The ability to create computer-to-computer (ad hoc) networks
(macOS Catalina and earlier)
The ability to change networks
The ability to turn Wi-Fi on or off
By default, these options are allowed. Therefore, if you want to restrict users
from performing these actions, you can check the appropriate optional
boxes (Figure 12.34):
Figure 12.34 – Restricting Wi-Fi service
[ 539 ]
You could also include these restrictions within a network location configuration.
When you add them as part of a network location, they will apply only when that
location is active.
To add new wireless networks, perform the following steps:
1. Follow steps 1-4 from the previous instructions.

2. Click the + (Add) button that appears below the network list (Figure 12.34).
3. Enter a new network name, and then choose the authentication protocol
from the Security drop-down menu. For this example, we will leave the
default setting of WPA2/WPA3 Personal and enter the password (Figure
12.35):
Figure 12.35 – Restricting Wi-Fi service
4. That's it! You have created a new Wi-Fi network profile.

5. After you are done with all your changes, don't forget to click OK and then
Apply to save them.
Deleting a network is easy. Just select it and click the - (Delete) button that appears
below the network list (Figure 12.34).
Let's now explore the next option as regards advanced configuration: manual TCP/IP
configuration.
[ 540 ]
Manual TCP/IP configuration

In general, it won't be necessary, but the manual configuration of TCP/IP may be
required in certain cases, for example, when using a custom DHCP or DNS server.
This will imply manually configuring IPv4 or IPv6 addressing.
Perform the following steps:
1. While in the Advanced section, select the TCP/IP tab.

2. For IPv4, use the drop-down menu to select Manually, as shown in Figure
12.36:
Figure 12.36 – TCP/IP manual configuration
3. Enter the details for the IPv4 address, subnet mask, and router, as provided
by your ISP.
Similarly, for IPv6, perform the following steps:
1. Follow steps 1-4 from the previous instructions.

2. Click the Configure IPv6 menu, and then Manually.
3. Enter the IPv6 address, router address, and prefix provided by your
network administrator or ISP.
[ 541 ]
When you configure TCP/IP manually, you will probably have to configure the DNS
settings:
1. While in the Advanced section, click the DNS tab. You will notice that
automatic settings are cached from the DHCP service, as seen in Figure
12.37, but you can change these settings.
2. To edit an address, double-click its entry in the list:
Figure 12.37 – DNS configuration
3. After making any changes, always click OK and then Apply to save the
settings.
To add a DNS server's IP address, click the + (Add) button (Figure 12.37).
If configuring multiple DNS servers or search domains, the system will prioritize
them according to the order in which they appear in the list.
To delete an address, just select it and click the - (Delete) button.
Be aware that if the IP address of a DNS server is not specified, the

Mac will not be able to resolve DNS hostnames. Therefore, at least
one DNS must be specified.
Let's now explore the next option as regards advanced configuration: NetBIOS/WINS.
[ 542 ]
NetBIOS/WINS
Windows Internet Name Service (WINS) is Microsoft's implementation of the
NetBIOS Name Service (NBNS), a name server and service for NetBIOS computer
names. Older Windows computers use them to provide network identification and
service discovery. From a practical point of view, this is used by other Windows
machines to discover Mac machines dynamically. You can use it, for instance, to share
printers from your Mac with Windows clients. macOS provides support for both on
any active network interface (except for VPN connections).
The Mac computer's NetBIOS name is configured automatically, as you can see in
Figure 12.38, but in some cases, you will need to select the NetBIOS Workgroup
manually. Workgroups are used to facilitate navigation in large networks with lots of
users. This is done by grouping devices into smaller workgroups. In networks with
few computers, there is usually just one workgroup. Perform the following steps to
manually configure the NetBIOS and WINS settings:
1. While in the Advanced section, select the WINS tab and enter a unique
name, if necessary. Note that NetBIOS and workgroup names are always in
capital letters and cannot contain spaces or special characters.
2. Select a workgroup from the menu or enter another name:
Figure 12.38 – The WINS configuration
3. Next, click the + (Add) button at the bottom of the WINS configuration and
enter the server's IP address. If several servers are configured, they will be
accessed in the order in which they appear on the list.
4. Click OK and then Apply to save the changes.
In the next tab, we have the settings for the 802.1X protocol. Let's see what we have
there.
[ 543 ]
802.1X configuration
As mentioned earlier, the 802.1X protocol is an enterprise option for wired and
wireless networks. There are two configuration options in this case:
Through WPA/WPA2 enterprise authentication

A configuration profile
In both cases, the details are provided by a network administrator. When configuring
through a profile, the profile file provided by the administrator is installed just by
double-clicking on it.
Be aware that when using this protocol, no changes can be made through the
Advanced configuration. This is why you see a profile configuration when you go to
the 802.1X tab (Figure 12.39). Details will only appear when a profile has been
installed:
Figure 12.39 – The 802.1X configuration
In the next tab, we have the Proxies configuration. Let's now explore the options
available in this case.
Network proxies
A proxy server is an intermediary between a client, like a computer or another server,
from which another client requests a service. It is a way to avoid direct access to the
computer or server providing the service. A network administrator will normally
provide this type of configuration.
[ 544 ]
Perform the following steps to configure proxies:
1. While in the Advanced section, click the Proxies tab.

2. There are several options available:
Auto Proxy Discovery
Automatic Proxy Configuration
Web Proxy (HTTP)
Secure Web Proxy (HTTPS)
FTP Proxy
SOCKS Proxy
Streaming Proxy (RTSP)
Gopher Proxy
You can manually configure the proxy settings by checking the appropriate boxes
next to each protocol and enter the connection information provided by the network
administrator for each protocol. In Figure 12.40, we can see the details that need to be
provided for configuring a web proxy (HTTP):
Figure 12.40 – The configuration of proxies
[ 545 ]
If you want any specific hosts and domains to bypass the proxy, you configure these
as well in the bottom box provided for that purpose.
The final tab in the Advanced configuration section is the Hardware tab, which is
essentially the Ethernet configuration. We will explore this next.
Manual Ethernet configuration

If you have specific instructions for Ethernet, you can implement a manual
configuration as well:
1. While in the Network panel, select the Ethernet service you want to
configure from the list and then click Advanced.
2. Choose Manually from the Configure menu:
Figure 12.41 – Ethernet configuration
3. Settings such as speed, duplex, and MTU in the Hardware tab are
automatically cached and pre-populated. Therefore, you can take
advantage of that and change only what you need to change.
4. Once you are done making any changes, don't forget to click OK and then
Apply to save them.
And with this review of the advanced network configuration options, including
manual Wi-Fi, TCP/IP, DNS configuration, and more, we have reached the end of this
chapter. Make sure to read the summary for an overview of what we covered and
what is coming next.
[ 546 ]
Summary
Now that you have reached the end of this chapter, you should feel comfortable
configuring network connections and services in macOS and using the tools available
for that purpose. You have revisited essential networking concepts, such as the OSI
model and the TCP/IP model, and how they work to make networking possible. You
have also reviewed other important concepts, such as network interfaces and network
protocols, as well as which ones are supported by macOS. By now, you can connect to
Wi-Fi and other networks, create network locations for specific places and/or
restrictions, and configure other network services, such as a VPN network. At the
same time, you are able to make advanced changes to the network configuration.
In the next chapter, we will go into network services in greater detail, including how
to use the sharing services available in macOS to make your work faster and easier.
Further reading
The Internet, by Jens Lechtenbörger (https://oer.gitlab.io/oer-courses/cacs/
Internet.html#/slide-1)
TCP IP and Data Communications Administration Guide, by Oracle (https://docs.

oracle.com/cd/E19504-01/802-5753/6i9g71m2b/index.html)
[ 547 ]
13
Using macOS Network
Services
In the previous chapter, we learned about the many network protocols macOS
supports. In this chapter, you will learn about network services that take advantage of
those protocols to access various network and sharing services. These services
provide perhaps the most essential functionalities for Mac users. We are talking about
key services such as email and calendar and other, more advanced services such as
file sharing and screen sharing. Also, there is a feature that was introduced in one of
the latest releases of macOS, called Continuity. This feature lets users use those
services seamlessly on all their devices. In this chapter, we will explore those essential
network services, as well as the Continuity feature. Advanced sharing services will be
covered in the next chapter.
More specifically, in this chapter, we will cover the following topics:
Using network services in macOS

Continuity
Before we get started, let's see what we'll need for this chapter.

An iCloud account (recommended)
An Apple ID (recommended)
Using macOS Network Services Chapter 13
Using network services in macOS

In this section, you will explore what network services are in the context of macOS,
the types of network services that are available, how to configure them, and how to
use them.
More specifically, we will explore the following topics:
Understanding network services in macOS

Types of network services available in macOS
What are network services accounts?
How to configure network services and apps
Let's start by understanding what network services are in the context of macOS.
Understanding network services in macOS

When we mention network services, we are referring to software located in a server
that provides a specific service and has a client that allows the user to interact with
that service. A good example of this is a mail service/server. Communication is
accomplished because both the mail client (such as Mail or Outlook) and the server
where the service resides recognize the network protocols being used. In other words,
clients and servers from different sources or providers can communicate effectively
through network protocols, such as TCP or UDP. These protocols can handle multiple
communications, and they do this through the use of different port numbers defined
for that purpose in each client or server software. For example, TCP uses port 80 to
allow web traffic through to a web browser.
Network services in this context are not to be confused with services such as Ethernet
and Wi-Fi. The network services we will be talking about here refer to client and
server software and services that communicate with each other through network
protocols and standards.
Besides network services and protocols, there's another important component in this
communication process, when it comes to accessing a service: the appropriate
authentication process. Once authentication has been passed, the authorization
process proceeds, and the connection is established.
macOS has many proprietary pieces of client software that allow users to access
essential network service functionalities such as email, calendar, messaging, and
more.
[ 549 ]
At the same time, there are different types of network services available in macOS;
we'll explore them next.
Types of network services in macOS

Network services can be of different types, depending on their functionality in the
macOS environment. In macOS, they usually fall into either of these two types:
Standalone dedicated
Integrated
Standalone services are dedicated apps, such as email clients and web browsers. On
the other hand, integrated services mean they are integrated into the OS; they don't
require you to install any extra software and they work out of the box. An example of
such a service is a printing service.
In general, network services are detected through any of these three methods:
Automatically: Automatic service discovery is used by popular services

such as Gmail, Yahoo! Mail, and more. macOS offers automated built-in
access mechanisms, as we will see shortly.
Manually: Manual service configuration means you have to provide the
service location, host address, name, and perhaps other configuration
details to allow communication.
Dynamic Service Discovery: This method allows you to browse a list of
available services. We saw an example of this type of service in the
previous chapter through the use of Bonjour.
In the next section, we will look at the different types of service accounts that are
available in macOS for standalone dedicated services.
Network services accounts

In this section, we will explore the most popular network services that have
standalone apps bundled with macOS. These services are as follows:
Mail
Notes
Calendar
Reminders
[ 550 ]
Contacts
Messages
FaceTime
Safari
Let's learn more about each of these services.
Mail
The Mail app is a proprietary app for managing all email communications in macOS.
These are some of the app's features:
You can have multiple accounts from different providers.

You can create folders and sort your emails to organize them.
You can add and mark up attachments without leaving the app.
macOS's Mail app supports all standard email (encrypted and non-encrypted)
protocols, as well as several authentication standards. More specifically, it supports
the following:
Post Office Protocol or POP on TCP port 110 (encrypted POP will use TCP
port 995)
Internet Message Access Protocol or IMAP on port TCP 143 (encrypted
IMAP on port 993)
Simple Mail Transfer Protocol or SMTP on port 25 (encrypted SMPT on
ports 25 and 465) and 587 for iCloud, depending on the mail server's
functionality and the administrator's preferences
The IMAP and SMTP protocols are the default for iCloud.
To learn more about how to use the Mail app, visit this link: https:/
/support.apple.com/HT204093.
[ 551 ]
In the case of Exchange, since this service doesn't use standards for mail
communications, but instead uses Exchange Web Services (EWS), it relies on the
standard ports for web traffic (that is, TCP port 80 for standard transport and port
443 for secure transport).
If you wish to check out the full list of ports the Apple products and
services use, visit this link: https://support.apple.com/HT202944.
Let's explore another popular network service, called Notes.
Notes
The Notes app offers an enhanced experience that sets it apart from other note taking
apps. Here are some of its features:
Gallery view for efficient organization

Synchronization with your other Apple devices (when you're using
Internet Accounts to configure them)
Ability to add or drag/drop media such as photos, video, maps, and
drawings to your notes
Ability to add content directly from Safari and other apps
Collaboration with others by inviting them to make changes
To learn more about how to use the Notes app, visit this
link: https://support.apple.com/guide/notes/welcome/mac.
Your notes can also be available on multiple devices when you're using iCloud. You
can also use other non-iCloud accounts, but they will rely on EWS or IMAP. In that
case, the app will create special mailboxes for your notes. These mailboxes will not be
used by your Mail app but will be managed by the Notes app.
[ 552 ]
For example, in the following screenshot, we can see a Google account that has been
configured to handle macOS Notes in Gmail. As you can see, a Notes folder has been
created and there is a single note inside it:
Figure 13.1 - macOS Notes in Gmail
Single notes can be shared via Messages, AirDrop, Reminders, and more through the
Share button on the Notes toolbar, as shown in the following screenshot:
[ 553 ]
Figure 13.2 - Notes sharing
In macOS Big Sur, you have an additional sharing option for collaboration purposes.
You can assign permissions to specific users through the Share this note with others
button, as shown in the following screenshot. The permissions you can assign are as
follows:
Only people you invite can make changes

Only people you invite can view:
Figure 13.3 - Notes sharing for collaboration
[ 554 ]
Users upgrading to macOS from older versions of Mac OS X, when the enhanced
notes app was not available, will be asked to upgrade to the new Notes service in
order to use its media and sharing capabilities. In this case, what happens is that the
existing Notes service will be moved to iCloud and will only be compatible with the
Notes app on Mac computers with El Capitan or later. If you are using older versions
of OS X, you will still be able to access your notes through the iCloud website.
In the next section, we will examine another popular service, the Calendar.
Calendar
The Calendar app was previously known as iCal. This app allows you to integrate
your calendar with many other calendar services that use EWS or the CalDAV
protocol. We will explore this protocol in more detail later in this chapter.
With this app, you can do the following:
Configure multiple accounts; for example, you can have your events from
iCloud and also from Google accounts.
Use colors to code each calendar for quick identification.
Send and receive event invitations.
Add locations with maps to show the exact location of the event.
Share your calendar with family and friends.
To learn more about how to use the Calendar app, visit this
link: https://support.apple.com/guide/calendar/welcome/mac.
The Calendar app supports several network calendar services; we'll look at what
those are next.
Network calendar services

Network calendar services are calendar and scheduling client/server protocols
that allow users to access calendar data on a server. Users can schedule meetings with
other users on the same server or with other servers through these services.
[ 555 ]
The Calendar app supports the following network calendar services:
CalDAV
Internet-based
Exchange-based
Web Pub/Sub
Email invitations
Let's explore each of these options a little bit more.
CalDAV: This is a collaborative calendaring protocol standardized by the

Internet Engineering Task Force (IETF). CalDAV is an extension of
the Web-Distributed Authoring and Versioning file-sharing
protocol, simply known as WebDAV, which we will explore in more detail
in Chapter 14, Using macOS Sharing Services. Because it is an open
standard, developers can create software to include or connect to CalDAV
services. In macOS, CalDAV uses WebDAV as a transport mechanism on
TCP port 8008 and port 8443 for encrypted communications.
Internet-based: The Calendar app can use internet-based calendar services
such as iCloud, Yahoo, and Google. They use CalDAV and HTTPS over
TCP port 443.
Exchange-based: The Calendar app supports Exchange-based calendar
services. It uses TCP port 80 for standard transport and port 443 for secure
transport.
Calendar Web Pub/Sub: This lets you share calendars by publishing
iCalendar files to WebDAV servers. You can also subscribe to calendar files
with the .ics extension (iCalendar) hosted on WebDAV servers. This
feature works when you're using the iCalendar file URL.
Email invitations: Both the Mail and Calendar apps support sending and
receiving calendar invitations as email attachments.
Another useful app in macOS that takes advantage of network services is the
Reminders app. We will explore it now.
[ 556 ]
Reminders
The Reminders app was redesigned for macOS Catalina. Before Catalina, Reminders
was pretty much integrated with the Calendar app.
To learn more about how to use the Reminders app, visit this
link: https://support.apple.com/guide/reminders/welcome/mac.
With this app, you can do the following:
Use it with one account or with multiple accounts and access all your
reminders in a single list
Have multiple lists
Set up subtasks for each reminder
Use location-based reminders so that they are fired when you arrive at a
certain location
The following screenshot shows what the interface looks like on macOS Big Sur:
Figure 13.4 - Reminders app
[ 557 ]
In the next section, we will explore the Contacts app.
Contacts
The macOS Contacts app was previously known as Address Book. With this app, you
can do the following:
Access your contacts from multiple accounts.

Create groups automatically through the Smart Groups feature.
Use maps in your contact cards.
Import contacts from other apps.
To learn more about how to use the Contacts app, visit this
link: https://support.apple.com/guide/contacts/welcome/mac.
This app also integrates with contact network services such as EWS, Card Distributed
Authoring and Versioning or CardDAV, and the Lightweight Directory Access
Protocol or LDAP.
CardDAV, another extension of WebDAV, is the contact service standard in macOS,

and since it is an open standard, developers can create software to connect to
CardDAV services. This service uses WebDAV as a transport mechanism on TCP port
8800 for standard transport and port 8843 for secure transport.
Exchange-based contact services use TCP port 80 for standard transport and port 443
for secure transport.
Contacts databases can be searched via LDAP, the standard for network directory
services. LDAP uses TCP port 389 for standard transport and port 636 for secure
transport.
Next, we will explore yet another popular and useful communication app: Messages.
[ 558 ]
Messages
The Messages app was previously known as iChat. Messages is an enhanced version
of the former messaging app since you can do much more than just send and receive
messages. The Messages app works with your iCloud/Apple ID account. With the
Messages app, you can do the following:
Send unlimited messages between Mac, iPhone, iPad, or iPod touch devices
(through iMessage).
Add images or files to a conversation.
Use high-resolution messages.
Use audio recordings.
Use FaceTime to start an audio or video conference (more details about
FaceTime will be provided shortly).
Use screen sharing and remote screen sharing.
Use file sharing.
Create and manage groups.
Share your location.
Use Siri to send, receive, and reply to messages (macOS Sierra and later).
To learn more about the Messages app, visit this link: https://
The next app we will look at is related to the Messages app; they work together to
provide messaging and video conference services to users, and it's called FaceTime.
FaceTime
FaceTime is the audio and video conferencing app for Apple devices.
To use a Mac computer for FaceTime audio or video calls, there are some
requirements you need to meet:
OS X Lion 10.7 or later

A microphone and/or camera (built-in or connected)
An Apple ID
[ 559 ]
To learn more about the FaceTime app, visit this link: https://
With the FaceTime app, you can do the following:
Make group calls with up to 32 people (who have the FaceTime app
installed on another Mac, iOS device, or iPadOS device and are connected
to the internet).
Use Animoji, stickers, and more.
Use the front and back camera.
Use Live Photos (macOS Mojave 10.14.3 and later).
Group FaceTime is available with the macOS Mojave 10.14.3

Supplemental Update or later, iOS 12.1.4 or later, or iPadOS, and
may not be available in all countries or regions.
Finally, we will explore the default macOS internet browser.
Safari
Safari is the web browsing app for all Apple devices. There is virtually no
configuration needed for Safari, but you do have advanced options you can take
advantage of.
Here are some of its features:
Intelligent tracking prevention

Sandboxing
Fingerprinting defense
Protection against suspicious websites
Private browsing
Secure password management
Synchronization with all your Apple devices (through iCloud)
To learn more about the Safari app, visit this link: https://support.
apple.com/safari.
[ 560 ]
Web communication in Safari (HTTPS) is encrypted on TCP port 443.
With that, we have finished reviewing all the standalone network services apps that
come bundled with macOS for easily configuring essential network services, such as
email, notes, calendar, reminders, contacts, messages and chat, video conferencing,
and web browsing. Next, we will learn how to configure these services.
Configuring network services and apps

In general, configuring network services in macOS is done by configuring an Internet
Account. The essential apps (Mail, Contacts, Calendar, and Notes) that provide
network services can be configured through these different methods:
Automatically
Manually
Through configuration profiles
At the same time, some services are configured differently than the rest. We will learn
how to configure the following services separately:
Adding additional email accounts

Configuring services with an iCloud account
Configuring Messages
Since configuring accounts through a configuration profile is as simple as double-

clicking the profile provided by the administrator, we won't spend more time on that,
but we will explore how to automatically and manually configure the essential apps.
Automatic configuration for essential apps

The following are the most popular accounts that can be configured automatically in
macOS:
iCloud
Microsoft Exchange
Google
Yahoo
AOL
[ 561 ]
Configuring some services will also configure other related services. For example,
configuring the Google service will allow you to configure four services. Let's see
how that works.
Follow these steps to configure network services with a Google account:

2. Click on the Internet Accounts icon, as shown in the following screenshot:
Figure 13.5 - Internet Accounts – System Preferences
[ 562 ]
3. Click on a service provider from the list on the right. For this example, we
will choose Google:
Figure 13.6 - Supported accounts
4. These configurations are very straightforward; however, they may vary,

depending on the service provider. For example, in the case of Google, you
will see a prompt to open a web browser to continue configuration. Click
on Open Browser.
5. Next, you will see the Google sign-in window, asking you for permission to
access your Google account.
[ 563 ]
6. Once authorized, you will see the following window, which will ask you
which services you want to configure with this account. In this case, we
select to configure Mail, Contacts, Calendars, and Notes with this single
Google account, as shown in the following screenshot:
Figure 13.7 - Services configured
7. Once you have checked the services you wish to use with this account,
click Done.
And that's it! You have configured four network services with a Google account
quickly and easily. In the next section, we will learn how to configure accounts
manually, if you need to do that.
[ 564 ]
Manual configuration for essential apps

You can choose to configure a network service manually, perhaps because it is not on
the list of services that allow for automatic configuration. Let's get started:
1. Follow the steps from the previous procedure until Step 2.
2. On the Internet Accounts configuration panel, go to the bottom of the list

and click Add Other Account... (if you don't see the list of options, click on
the + (Add) button at the bottom of the configured services list, as shown in
the following screenshot):
Figure 13.8 - Manual configuration
3. You will see the following account options that you can configure
manually:
Mail
CalDAV
CardDAV
LDAP
Game Center:
[ 565 ]
Figure 13.9 - Manual configuration options
4. Choose one of these options and enter the details for the account you want
to configure, as provided by your administrator.
With that, we have learned how to configure accounts automatically and manually.
Now, let's explore specific configurations that are done a little differently than what
we just saw.
Adding additional email accounts

In the previous example, we configured the Mail app with a Google account. But
what if we wanted to add an additional email account? If that's the case, you can do
the following:
1. Open the Mail app.

2. Click on the Mail top menu and choose Add Account....
3. You will be asked to select a provider from a list, similar to the one we saw
in Figure 13.6.
4. Next, just follow the instructions, which are similar to adding an Internet
Account, as we saw earlier.
[ 566 ]
You will find the Mail general configuration option, as well as configurations for each
mail account you have set up by going to the Mail menu and then clicking the
Preferences menu option. These preferences allow you to manage your email
accounts and set up preferences such as fonts and colors, view options, message
composing, adding signatures, and rules, as shown in the following screenshot. The
Accounts tab also allows you to add additional email accounts; all you need to do is
click on the + (Add) button and follow some steps that are similar to the ones we saw
earlier:
Figure 13.10 - Additional mail accounts
So, now that your Mail, Contacts, Calendar, and Notes apps have been configured,
let's learn how to configure many services that will be synced across all your Apple
devices.
Configuring services with an iCloud account

As we saw when we configured our services with a Google account, the apps you can
configure in one go will depend on the service provider. Configuring with Google or
Yahoo, for example, will allow you to configure apps such as Mail, Calendar, Notes,
and Contacts.
[ 567 ]
But if you want to configure the most services with a single account, the
recommendation is to use an iCloud account. Configuring with iCloud also allows
you to set up additional services such as iCloud Drive, iCloud Keychain, Find My,
Photos, and more, and ensures your information will be synced across your Apple
devices. Let's explore how this configuration works:

2. Click on the Internet Accounts icon, as shown in Figure 13.5.
3. Choose iCloud from the list of service providers.
4. You will be asked to sign in to iCloud with your Apple ID or create an
Apple ID if you don't have one.
5. You might be asked to enter your two-factor authentication code if you've
already set it up, or to configure it.
6. When verification is complete, the iCloud account will be set up, and you
will see that you have many more options to configure, as shown in the
following screenshot. Also, notice that you have been assigned 5 GB of
iCloud storage and that a Game Center account has also been added:
Figure 13.11 - iCloud services
[ 568 ]
Now that you know how to configure your network services with a third-party
provider such as Google and how to enable many other services when using iCloud,
let's find out how to configure the Messages service.
Configuring Messages
The Messages app also requires an Apple ID, but it is not configured by going
through the same procedure we saw earlier; you will need to do it separately. To use
the Messages app, you will need to set up iMessage with your Apple ID. iMessage is
an instant messaging service that is developed by Apple exclusively for Apple
devices. If your Apple ID is not configured yet, you will be asked to provide it the
first time you open the Messages app, as shown in the following screenshot:
Figure 13.12 - Configuring Messages
And with this configuration, we have reached the end of this section on setting up
network services, including essential services such as email, notes, calendar, and
more, and learned how they can be configured automatically and manually. We also
learned how to take advantage of many other network services when using an iCloud
account and an Apple ID, as well as sync capabilities across all your Apple devices.
Furthermore, Apple has implemented a nice feature that extends the capabilities of
these services so that you can use them seamlessly across your Apple devices. This
feature is called Continuity, and we will explore it in the next section.
[ 569 ]
Continuity
Continuity is a series of features that allow you to move your work between your
Apple devices seamlessly; that is, to start working on one device and continue to
work on the other without interruption or loss of information. Several individual
features make up the Continuity feature as a whole. At the time of writing this book,
these are the features that are included in the Continuity set:
Sidecar
Continuity Markup and Sketch
Text Message Forwarding
Cellular Calls
Continuity Camera
Auto Unlock
Handoff
Universal Clipboard
AirDrop
Apple Pay
Instant Hotspot
The following are the general requirements you will need to use the Continuity
feature:
Each device needs to be signed into iCloud with the same Apple ID.
Each device needs to have Bluetooth turned on.
Each device needs to have Wi-Fi turned on (or cellular data for iPhone).
Most devices require a specific feature to be enabled on each device.
Also, to use these features, your devices need to meet certain device
requirements, depending on the device's type. You can verify these
requirements here: https://support.apple.com/HT204689.
Note that AirDrop was covered earlier in this chapter. You can find more details on
each feature and how they work for all devices by going to https://support.apple.
com/HT204681.
Next, we will provide a brief overview of each of the Continuity features. Let's begin
with Sidecar.
[ 570 ]
Sidecar
Sidecar is a Continuity feature that lets you extend your workspace by using an iPad
as a second display. You can also use your iPad to mirror the main display and show
the same content so that you can share what you are doing with others.
This feature works perfectly in combination with Apple Pencil to design, edit photos,
or create 3D models.
Two other Continuity features related to this one are Markup and Sketch, which we'll
describe next.
Continuity Markup and Sketch

The Continuity Markup feature allows you to make corrections to documents, sign
them, and mark them. When you use Apple Pencil with an iPad or even your finger
with an iPhone, you will see the changes immediately appear on your Mac.
The Continuity Sketch feature allows you to sketch on your iPad or iPhone, and those
changes will automatically be inserted into a document on your Mac.
Let's continue with this overview of Continuity.
Text Message Forwarding

With this feature, any SMS/MMS messages that are sent or received on your iPhone
can appear on your Mac, and you can continue your conversations from there.
The general requirements that apply for this feature to work are as follows:
Devices need to be signed into iMessage with the same Apple ID.
The iPhone needs to be turned on and connected to Wi-Fi or a cellular
network.
Follow these steps to set it up for your Mac:
1. Open the Messages app and select Preferences from the top Messages
menu.
2. Select the iMessage tab. Make sure you are signed in with the appropriate
Apple ID (the same one you used on the device you want to use the
features with).
[ 571 ]
3. Then, on your iPhone, go to Settings | Messages | Text Message

Forwarding, as shown in the following screenshot:
Figure 13.13 - Configuring Text Message Forwarding
4. Choose your Mac's name and any other additional devices that you want to
use to send and receive text messages that appear on the list.
And that's it! You will now see any text messages that have been sent to your iPhone
appear on your selected device (Mac or other).
Note that Continuity can be applied not only to SMS but to calls as well, as we will
see next.
Cellular Calls
This feature allows you to make and receive calls from your Apple devices in the
same network as your iPhone. You can answer or receive a call, send a voicemail, or
send a message to the caller. This works with Mac, iPhone, iPad, or iPod touch.
[ 572 ]
For this feature, in addition to the general requirements for the Continuity features
that we saw at the beginning of this section (except the Bluetooth requirement), you
also need the following:
Each device needs to be signed into FaceTime with the same Apple ID.
Each device needs to be connected to the same network through Wi-Fi or
Ethernet.
To make a call, follow these steps:
1. Open the FaceTime app and choose Preferences from the top FaceTime
menu.
2. Ensure you are signed in with the appropriate Apple ID (the same one you
used on the device you want to use the features with).
3. Then, make sure the Enable this account checkbox is selected.
4. Select the way you want to be reached for FaceTime. If your other device is
logged in with the same Apple ID and it is enabled as well, you should see
the number appear to enable it by selected the checkbook, as shown in the
Figure 13.14 - Configuring Cellular Calls
[ 573 ]
5. You will now be able to move the mouse over any phone number in
Contacts, Calendar, Safari, or any other app that automatically detects
phone numbers, as shown in the following screenshot. Click the arrow in
the box that highlights the phone number and choose to call using
iPhone or FaceTime Audio:
Figure 13.15 - Using Cellular Calls
Another way to call is by opening the Contacts app; for example, searching
for a contact, right-clicking the call button, and selecting an option such
as Call Using iPhone, as shown in the following screenshot, or opening the
FaceTime app, entering a phone number, and clicking the call icon:
Figure 13.16 - Using Cellular Calls with Contacts
[ 574 ]
Note that a notification will appear when you receive a call to your iPhone. Click on it
to answer the call.
Another excellent feature in this set is the Continuity Camera, which we will examine
next.
Continuity Camera
With this feature, you can use a photo you've taken on your iPhone, for example, or a
scanned document, and have it available on your Mac to use immediately.
This feature has some requirements that you should take into account:
Both the Mac and Apple device(s) must have Wi-Fi and Bluetooth turned
on.
Both the Mac and Apple device(s) must be signed into iCloud with the
same Apple ID (using two-factor authentication).
The Mac must have macOS Mojave or later installed.
The iOS device must be using iOS 12 or later.
It works with these specific apps:
Finder
Keynote 8.2 or later
Mail
Messages
Notes
Numbers 5.2 or later
Pages 7.2 or later
TextEdit
If you have met these requirements, then follow these steps to use it with your Mac.
In this example, we are using the Continuity Camera with an iPhone:
1. On your Mac, open a supported app. For this example, we will open the
Mail app.
2. Go to the File menu, select Insert from iPhone (or use the Photos icon to
the right of the Mail app, as shown in the following screenshot), and click
on Take Photo:
[ 575 ]
Figure 13.17 - Using the Continuity Camera
3. A message will appear in your application, similar to the one shown in the
following screenshot. Look at your iPhone, and you will see that it has
become activated to take a picture. Once you can see that your iPhone is
ready, take a photo:
Figure 13.18 - iPhone activation message
[ 576 ]
4. Next, click Use on your iPhone, and the image will appear in your email
message, as shown in the following screenshot. You can use the Image Size
dropdown to the right-hand side to select whether you want to use the
image's Actual Size, as shown in the following screenshot, or a smaller size
that might be more appropriate for email transfer:
Figure 13.19 -Using the photo you took on a device on your Mac
And that's it! At this point, you can see how incredibly useful this feature is. Let's
continue exploring other Continuity features.
Auto Unlock
Auto Unlock works in combination with an Apple Watch when it's close to your Mac.
The way this works is that when you're using an Apple Watch, your Mac recognizes
that you're nearby and automatically logs you in.
Apart from the general requirements for Continuity, you can verify whether your
Mac supports Auto Unlock as follows:
1. Go to the Apple menu and, while clicking the Option key, select System
Information.
2. From the left menu, scroll down to the Network section.
3. Select the Wi-Fi option.
4. If your Mac supports Auto Unlock, it will appear in the window to the
right, as shown in the following screenshot:
[ 577 ]
Figure 13.20 - Verifying Auto Unlock
Next, we'll look at Handoff.
Handoff
With the Handoff feature, you can start working on a device with a supported app
and switch to another device nearby to seamlessly continue working on the same
thing. The following apps are supported for use with the Handoff feature:
Mail
Maps
Safari
Reminders
Calendar
Contacts
Pages, Numbers, and Keynote
Some third-party apps
[ 578 ]
To turn on Handoff, follow these steps:
1. Go to System Preferences and click General.

2. Activate Allow Handoff between this Mac and your iCloud devices at the
bottom.
3. Do the same with your other devices. To learn more about how to activate
this feature on each device, please go to https://support.apple.com/
HT209455.
Let's look at an example of how to use Handoff:
1. Let's assume you are working on a Calendar item on an iPhone.

2. Next, look at the left-hand side of the Dock, as shown in the following
screenshot, and click the message that appears to switch from your iPhone
to the Mac Calendar app:
Figure 13.21 - Example of using Handoff
A similar feature to Handoff is the Universal Clipboard, which we will explore next.
Universal Clipboard
The Universal Clipboard feature allows you to copy content from one Apple device
and paste it on another. It works with text, images, photos, and videos.
For the Universal Clipboard to work, Handoff has to be enabled on both devices.
Refer to the previous section to learn how to turn it on.
To use Universal Clipboard, follow these steps:
1. Make sure Handoff is enabled (see the previous section).

2. Copy the content (for example, text), which will be automatically added to
the other device's clipboard.
[ 579 ]
3. On the other device, paste the content from the clipboard.

4. The copied element will remain there briefly or until you copy another item
on any of your devices.
As you can see, using this feature is very simple and useful. The next feature we will
look at is a popular one among Apple device users: AirDrop.
AirDrop
AirDrop is a feature that allows you to quickly share documents, photos, videos, and
more to a nearby Mac, iPhone, iPad, or iPod touch. We will cover this feature in more
detail in Chapter 14, Using macOS Sharing Services.
The next feature we will explore has to do with payment capabilities for online
shopping, and it's called Apple Pay.
Apple Pay
Apple Pay allows you to add credit, debit, or prepaid cards and use them seamlessly
on Mac, iPhone, iPad, or Apple Watch for your purchases. Take into account that to
use this feature on more than one device, you will need to add each card to each
device.
For this feature, you need the following:
An eligible device
Visit this link to verify which devices are eligible for Apple Pay:
https://support.apple.com/HT208531.
A card from a participating card issuer
Visit this link to verify the participating card issuers: https://

The latest version of iOS, watchOS, or macOS

An iCloud account with the same Apple ID on each device
[ 580 ]
Finally, let's look at Instant Hotspot.
Instant Hotspot
With this feature, you can share an internet connection from your iPhone or iPad
(with Wi-Fi and cellular capabilities) to your Mac without having to enter a password.
In addition to the general requirements for Continuity, you need to make sure your
carrier allows Personal Hotspot.
To use Instant Hotspot with an iPhone, for example, follow these steps:
1. Make sure Instant Hotspot is enabled on your iPhone.

2. Go to the Wi-Fi status icon on your Mac's menu bar and choose the name of
the iPhone or iPad that's providing Personal Hotspot. If the name does not
appear in the list, try Other Networks, or try turning your iPhone's hotspot
on and off.
3. When you find the network and select it, the first time you connect, you
will be asked to enter the hotspot's password, which can be found on your
iPhone. Once you've connected, the Wi-Fi status icon in the menu bar will
change to the Personal Hotspot icon, as long as your device is connected.
This can be seen in the following screenshot:
Figure 13.22 - Instant hotspot
And with this overview of the individual features of Continuity, we have reached the
end of this chapter on network services. Be sure to check out the following summary
for a quick review of what was covered.
[ 581 ]
Summary
In the first section of this chapter, we learned how network services work in macOS,
how to use them, and how to configure them. You should now feel comfortable
configuring all types of network accounts for daily work tasks, such as the Mail,
Notes, Calendar, Reminders, Contacts, Messages, FaceTime, and Safari apps. In the
second section, we looked at the Continuity set of features, which allow you to
seamlessly extend your work from your Mac to other devices in the Apple ecosystem,
such as your iPhone, iPad, and so on. These features are Sidecar, Markup and Sketch,
Text Message Forwarding, Cellular Calls, Continuity Camera, Auto Unlock, Handoff,
Universal Clipboard, AirDrop, Apple Pay, and Instant Hotspot. You now know what
these features do, their requirements, and how you can take advantage of their
capabilities.
In the next chapter, we will look at another group of network services, this time
related specifically to sharing, including services such as remote controlling and
screen sharing.
[ 582 ]
14
Using macOS Sharing
Services
n the previous chapter, we learned about the many network protocols macOS
supports, and we explored how to configure related essential services such as email,
calendar, and messaging. In this chapter, you will learn about network services that
take advantage of those same protocols to access additional network and sharing
services. These services provide perhaps the most practical functionalities for users of
a Mac computer. First, we will talk about services such as file sharing and screen
sharing. In the latter half of this chapter, we will explore the various ways to remote
control a Mac and use other sharing services, such as printer sharing.
In this chapter, we will cover the following topics:
Understanding sharing services

Remote controlling and screen sharing
Other sharing services
Let's begin with the technical requirements for this chapter.

Using macOS Sharing Services Chapter 14
Understanding sharing services

Sharing services extend the functionalities of your Mac so that you can collaborate
with other users through sharing. macOS lets you share files, folders, and other
services, such as your screen or a peripheral (such as a printer) connected to your
Mac, with users on your network.
In this section, we will see how file sharing works in macOS, including a very popular
sharing feature among Mac users: AirDrop. We will cover the following topics related
to the sharing services on macOS:
What are file-sharing services?

Using file sharing in macOS
What is AirDrop?
Let's start by exploring file-sharing services.
What are file-sharing services?

File-sharing is where you publicly or privately share data or space in a network, and
this is typically done through several levels of access permissions. It allows users to
access files according to the privileges they've been granted: read, view, write, copy,
print, and so on. File-sharing can also mean users have a certain quota of storage
capacity in a common filesystem.
On macOS, you can share files and folders with others on your network. You can
even share your entire Mac or specific folders with everyone or just with specific
users.
In this section, we will explore the following topic:
Network file service protocols supported by macOS
File-sharing services use specific protocols, depending on the application. Let's

review the network protocols macOS supports for these types of services.
[ 584 ]
Network file service protocols

File-sharing protocols are client-server applications that allow file sharing between
servers and devices. Some protocols have been around for a long time now, such as
FTP. However, other newer technologies have become very popular in the last
decade. In this section, we will explore the following protocols:
FTP/FTPS
SFTP
SMB
AFP
NFS
WebDAV
Let's start with the oldest protocol around:
FTP/FTPS: The File Transfer Protocol, or FTP, is a client-server standard

internet protocol for transferring files over a TCP/IP connection. It relies on
two communication channels between the client and the server: a
command channel for conversation control and a data channel for file
content transmission. It requires the use of a client app, such as FileZilla,
but there are also web-based options available now, such as Serv-U File
Transfer Protocol Server (a paid service), which can compensate for the
nuisance of having to install an app to access the server and offers web-
based, user-friendly interfaces. To use it, the user logs onto the FTP server
with the appropriate credentials, either through an application such as
FileZilla or another web app. Servers may allow what is known as
"anonymous" FTP, which allows some content to be available without the
user needing to provide credentials. Then, the client initiates the
conversation with a server by requesting a file download, for example.
Because FTP was a pioneering technology in file sharing, it became popular

very quickly; therefore, it is supported on nearly every platform and
operating system. Although it allows users to upload, download, delete,
copy, move, and rename files on a server, it still has very basic functionality.
For this reason, even though it is still a widely used technology for
accessing server files, it has lost some of its popularity due to other more
robust, user-friendly technologies that offer more features and flexibility.
[ 585 ]
FTP on macOS uses TCP ports 20 and 21 for standard transmission and
TCP ports 989 and 990 for SSL-encrypted transmission (FTPS).
With macOS, you don't need a client such as FileZilla to connect to FTP. You
can connect directly from the Finder. However, take into account that the
Finder only supports read capabilities with FTP/FTPS: you can view, copy,
and download files to your computer, but you can't copy files into the
server, nor can you rename or delete files. If you need to perform those
tasks, you will have to install an FTP client, though you can also use
Terminal to access both FTP and FTPS.
SFTP: This protocol is based on the Secure Shell (SSH) protocol.

It provides two methods for authenticating connections:
Credentials: Like with FTP or FTPS, you use a user ID and
password; however, with SFTP, these credentials are
encrypted, making it more secure.
SSH keys: SSH private and public keys are generated for
server-side authentication. When you connect to the server,
the client software will transmit your public key to the server
for authentication. If the public key matches your private
key, as well as your user/password, then authentication will
succeed. SFTP uses SSH encryption on TCP port 22.
SMB: The Server Message Block, or SMB, is a client-server

communication protocol used for sharing files, printers, and other
resources on a network. It's mostly used by Windows computers, but it is
supported on other platforms. SMB is used on macOS for Microsoft
Windows file and print services, including macOS Windows File Sharing
(we will see how this works in scenario 2, later in this chapter). macOS
supports SMB version 3 (OS X Yosemite and later) on TCP ports 139 and
445.
AFP: The Apple Filing Protocol, or AFP, is Apple's proprietary protocol. It

allows users of multiple computers to share files over a network. The
current AFP version is 3.x, and it works on TCP port 548 and is encrypted
over SSH on port 22.
Take into account that it is not possible to share Apple File System
(APFS) volumes over AFP.
[ 586 ]
NFS: The Network File System, or NFS, is also a distributed filesystem

protocol that allows users to view and, in some cases, store and update files
remotely. Originally developed by Sun Microsystems (managed by the
Internet Engineering Task Force, or IETF), it is mostly used on UNIX
systems.
WebDAV: The World Wide Web Distributed Authoring and Versioning

protocol, or WebDAV, is a set of extensions for HTTP and HTTPS that
allows file management and editing between users located remotely from
each other. It provides read/write access to file services and interoperability
capabilities. This protocol is the IETF standard for collaborative authoring
across the web. macOS supports WebDAV on TCP port 80 for HTTP and
443 for HTTPS.
Now that we know which file-sharing protocols macOS supports, let's examine the
practical aspects of file sharing on macOS.
Using file-sharing on macOS

Using file-sharing on macOS requires some configuration, and that's what we will see
next. More specifically, we will cover the following topics:
Enabling file-sharing on macOS

How to connect to file shares
Disconnecting from a mounted share
Let's begin by understanding how file sharing works on macOS.
[ 587 ]
Enabling file-sharing on macOS

The main tools you will use to enable and configure file-sharing on macOS are as
follows:
The Sharing preferences, which can be accessed from System

Preferences (Figure 14.1).
The Users & Groups preferences, which can be accessed from System
Preferences (Figure 14.1):
Figure 14.1 – Sharing preferences
[ 588 ]
The Finder sidebar.

The Network folder, which can be accessed by going to the Finder sidebar
or the Go menu, and then selecting Network, as shown in the following
screenshot:
Figure 14.2 – The Network folder
The Network folder is not a common folder: it shows dynamically discovered

network file services. It is a location that changes dynamically as services are
discovered or disappear. It also shows the currently mounted filesystems and
information that's been discovered via the dynamic service protocols; that is, Bonjour
and SMB/NetBIOS/WINS. Also, any connected servers will appear in this folder, as
shown in the preceding screenshot.
When sharing is enabled in macOS, the following occurs:
10 users can connect simultaneously (if more users need to connect, you
will need to use macOS Server).
The Public folder for each user is shared automatically.
Any user that's been set up in the Users & Groups preferences will be able
to connect to the Mac over the network.
An administrator will have access to the entire Mac.
[ 589 ]
Guests will be able to access shared folders if this has been enabled in the
For sharing files, you will be able to select the following types of users:
Users with accounts on your Mac
Users from the network users or network groups
A person from your Contacts, for whom you can create an
account
You can configure the following permissions for sharing:
Read & Write: Allows users to see and copy files from the folder.
Read Only: Allows users to view the contents of the folder but not copy
files to it.
Write Only (Drop Box): Allows users to copy files to the Drop Box folder
but not view its contents.
No Access: Users cannot see nor copy files to the folder (only available for
the Everyone group).
To enable file sharing (this should be done on the machine you want to connect to
from another Mac), follow these steps. Take into account that only an administrator
can enable and modify file-sharing settings:
1. Open System Preferences and click the Sharing icon (shown in Figure
14.1).
2. Select the File Sharing checkbox, as shown in the following
screenshot. When you do this, you will see a green dot, and the state will
change to On. You will also notice that each user's Public folder is then
automatically shared:
[ 590 ]
Figure 14.3 – Enabling file sharing
To select a specific folder to share, do the following:
1. Click the + (Add) button at the bottom of the Shared Folders list.
2. Browse the folder, select it, and click on the + (Add) button.
To prevent a folder from being shared, do the following:
1. Select the folder in the Shared Folders list and click - (Remove).
We mentioned earlier that you could select three types of users to share files. If you
select a user from Contacts, you will need to create an account for that contact:
1. Go to Sharing Preferences, if you're not already there.

2. Click the + (Add) button that appears below the Shared Folders box (Figure
14.3), select a user from the Contacts list, and click Select. For this example,
we will add a user called Sandra.
[ 591 ]
3. Create a password for that user and click Create Account. Take into
account that this action will create a Sharing account (not a Standard
account). You can verify this if you go to the Users & Groups preferences.
4. You will be asked to authenticate as an administrator. When ready,
click Modify Configuration.
5. By default, the user will have Read Only permission, which means they
will be able to view files in the folder but not copy to it. To change this
behavior, make sure the folder you want to share is selected in Shared
Folders, select the user from the list of Users, right-click on the user, and
change the permissions to Read & Write, as shown in the following
screenshot. You can do this action for each folder in the list:
Figure 14.4 – Changing a user's permissions (part I)
[ 592 ]
You will notice that there is an Options... button. If you click on it, you will see that,
by default, only the SMB protocol is enabled. On versions prior to macOS Big Sur,
you will also see Share files and folders using AFP. This option no longer exists in
macOS Big Sur as the ability to share files and folders using AFP has been deprecated.
Here, you can also choose which users you want to allow for Windows File Sharing:
Figure 14.5 – Changing a user's permissions (part II)
Also, remember that guests can access shared folders on a Mac. To turn off Guest
access, follow these steps:
1. Go to the Users & Groups preferences in System Preferences (Figure 14.1).

3. Select the Guest User account from the user list.
[ 593 ]
4. Make sure Allow guests users to connect to shared folders is deselected,

as shown here:
Figure 14.6 – Preventing guests from connecting to shared folders
And that's it! You have now enabled file sharing and granted permissions to a specific
folder for a user.
[ 594 ]
Later in this chapter, we will learn how the shared folders appear when we're
connecting from another computer (scenario 2's example).
Now that we have seen how to configure file sharing on macOS, we will now
examine how to connect to file shares.
How to connect to file shares

File shares are locations where files can be shared. In other words, they are local or
remote locations to which users can connect to save, recover, and share files. There a
few methods we can follow to connect to file shares, which will depend on the type of
share you will be using. In this section, we will look at the following:
Automatic discovery
Authentication
Manual connection through SMB and AFP
Manual connection through NFS, WebDAV, and FTP
Creating automatic connections
Let's examine how automatic discovery works.
Automatic discovery
Automatic discovery works by simply browsing the services that have been
discovered dynamically through the Finder. This can be done from two locations in
the Finder:
The Finder sidebar

The open dialog of any application
[ 595 ]
For the first option to work, it has to be enabled in the Finder preferences:
1. Go to the Finder preferences, the General tab, and select all the checkboxes
to enable mounted network volumes to appear on Desktop, as shown in
the following screenshot. You can enable the same in the Sidebar tab as
well if you want:
Figure 14.7 – Changing a user's permissions
The sidebar list will show up to eight discovered services. If you need to see
more than eight, click All at the bottom of the list. This link will actually
take you to the Finder's Network folder.
What you will see will depend on how big your network is. In a large
network, you might see several subfolders, each representing a domain, and
inside them, the shared resources that have been configured for that
network area. In a small network like this one, you will see only one level.
With the second option, when file shares are mounted, they will appear in the open
dialog of any application, as shown here:
[ 596 ]
Figure 14.8 – Visualizing network locations from an open dialog
When you want to access a file share, you need to authenticate. We will learn how to
do that next and save the authentication information so that you don't need to do it
every time.
Authentication
To access shared resources from another Mac or even a Windows computer that
already appears in your Network folder, you will need to authenticate. If the location
you want to connect to has not appeared yet in the Network folder, it means you
need to configure the connection. Don't worry; we will see that in the coming
sections.
[ 597 ]
Take into account that when you see the Network folder in the List or Gallery View,
you will not see the button to authenticate. You will need to change the view to
Columns to see the button, as shown here:
Figure 14.9 – Connecting to a network location
To authenticate to a network location that appears in the Network folder, follow these
steps:
1. Go to the Network folder and select the Connect As... button, as shown in
the preceding screenshot. You will have these options to select from:
Guest
Registered User
Using an Apple ID:
[ 598 ]
Let's examine when you should use each option:
Guest: To connect anonymously, if it's allowed by the network file service.

Registered User: To authenticate using a local or network account. If you
will be connecting to a macOS machine, the username you will have to
enter here is the same you use to log into that Mac, but without any spaces
or capital letters. If there are spaces in your username, they should be
replaced by a dash. You can verify the exact name you should use by going
to the Users & Groups preferences and right-clicking on your name to see
the advanced details, as shown here:
[ 599 ]
Using an Apple ID: This third option only appears when the local Mac and
the other computer where the share is are both linked by an Apple ID.
Otherwise, you will only see the first two options.
You can save this information on your Keychain at this point to avoid having to enter
this information and connect automatically by activating the Remember this
password in my keychain option (Figure 14.10).
Sometimes, automatic discovery will not find what you are looking for. In that case,
you can attempt to connect to shares manually. We will explore how we can do that
next.
Manual connection through SMB and AFP

At the beginning of this chapter, we discussed the file service protocols supported by
macOS, including SMB and AFP. To connect manually to an SMB or AFP file service,
you need to know the network identifier or URL for the file server, as well as the
authentication information.
Take into account that sharing AFP is no longer possible in macOS

Big Sur using the Sharing preferences.
To use this method, consider this scenario:
1. Enter an SMB or AFP IP address in a file explorer or the Finder. A DNS

hostname, computer name, or Bonjour name are also possible options.
These addresses look like smb:// or afp://[IP address, DNS,
computer name, Bonjour name].
[ 600 ]
2. You can find this address in a Mac with file sharing turned on. Go to
the Sharing preferences and select File Sharing. When enabled, you will
see the address that other computers can use to access (in the following
screenshot, this is the address with the red underline). Here, we can see the
SMB address, but you can also use AFP in versions before macOS Big Sur:
Figure 14.12 – Sharing address
[ 601 ]
3. On the other Mac, the one you want to use to access the file share, go to
the Finder top menu, select the Go menu, and select Connect to Server...,
as shown here:
Figure 14.13 – Connect to Server
4. In the Server Address field, enter the address you found in step 2. If you
don't specify a prefix, the Mac will attempt to guess whether it's SMB or
AFP.
5. At the end of the address, you can include the name of the specific folder or
item you want to connect to.
6. At this point, you will have two options: Browse or Connect.
7. If you click Browse, you will be taken to the Network folder; at this point,
you will be able to authenticate through the methods indicated earlier, or if
the information is in Keychain, it will connect automatically.
8. If you click Connect, you will either connect automatically, or you will
have to enter the login information.
9. Once authenticated and connected, you will see the list of volumes you can
access.
10. Select the one(s) you want to mount and double-click.
[ 602 ]
If you have used the Connect to Server option before, you will have two options to
make connection easier:
1. Click the drop-down to the right to access your connection history, as

shown in the following screenshot.
2. Click the + button to create a list of favorite servers to connect to:
Figure 14.14 – Connect to Server
Apart from SMB and AFP, there are other protocols we talked about. We will explore
how to connect to them in the next section.
Manual connection through NFS, WebDAV, and FTP

At the beginning of this chapter, we explored the protocols that macOS supports for
file-sharing services. We saw SMB and AFP in the previous section. Here, we will
learn how to connect to other services, such as NFS, WebDAV, and FTP.
When using these share services, you will need to use the appropriate prefix; the
following are examples:
NFS: nfs://[server address]/[file path]

WebDAV: http or https://[WebDAV address] /[server]
FTP: ftp:// or ftps://[server address]
These addresses will have to be provided by the target server administrator. Let's see
some practical connection examples.
[ 603 ]
Example - Scenario 1: Connect to an FTP share:
1. From the Mac you want to use to access the file share, go to
the Finder sidebar, select the Go menu, and click Connect to Server...
(Figure 14.13).
2. In the Server Address field, enter the FTP address provided by the server
administrator, as shown in the following screenshot.
3. At the end of the address, you can include the name of the specific folder or
item you want to connect to:
Figure 14.15 – Connect to Server Address
4. Click Connect. You will see a message that alerts you that you are trying to
connect. Click Connect again.
5. Leave the default to log in as Registered User and enter the FTP server
login information (FTP address, username, and password) provided by the
server administrator as-is. Once the details have been entered correctly,
click Connect.
6. Once authenticated and connected, you will see the list of volumes and
folders you can access, as shown in the following screenshot.
7. Depending on your Finder preferences, you might also see the volume
appear on the desktop:
[ 604 ]
Figure 14.16 – Connecting to an FTP server
8. You can double-click on that volume anytime to mount it. If the login
credentials were saved to Keychain, the connection will be automatic next
time.
Example - Scenario 2: Connect to Mac from a Windows computer:
1. On your Mac, go to System Preferences, go to the Sharing preferences, and

make sure the File Sharing checkbox is selected.
2. Next, click the Options... button and make sure Share files and folders
using SMB is selected, as shown earlier in Figure 14.5.
3. In the Windows File Sharing list, select the checkbox next to the user
account that will be used to connect from the Windows computer, enter the
password for that user to confirm, and click OK. Finally, click Done when
you're ready.
[ 605 ]
4. For the next step, you will need to know the name of the Mac you are
looking for (also known as the NetBIOS name); you need to take note of the
name that appears in the Network preferences, Wi-Fi Advanced
preferences, in the WINS tab, as shown in the following screenshot. At the
end of this section, you will find out how you can change this name:
Figure 14.17 – Mac NetBIOS name
5. Once you know which name to look for, on your Windows computer,
open File Explorer, click Network, and locate the Mac you want to connect
to. In the following screenshot, we can see the name of the Mac we saw
earlier appear in the Windows Network folder. If you don't see any
location in the folder, it probably means you have to configure sharing for
the Windows computer first. Check out this article (https://support.
apple.com/guide/mac-help/mchlp1659/11.0/mac/11.0) to set up
Windows computers to share files with Mac. Make sure the Mac is
powered on and connected to the same network as the Windows
computer. It may take a moment for the Windows computer to show that
the Mac is on the network:
[ 606 ]
Figure 14.18 – Locating your Mac's name on Windows
6. Double-click the Mac's name, then enter the account name and password
for the user account you selected in step 3.
7. Once authenticated, you will see the directories you are allowed to see, as
per the configuration in the File Sharing preferences. If you leave the
default options as-is, with all Public folders shared, you will see the
following:
Figure 14.19 – Shared Mac folders on Windows
The passwords of user accounts that have been used for Windows
sharing may be less secure. To protect your system, turn off the
account when it's not being used, and then turn off Windows
sharing.
Take into account that network sharing is not available when the Mac is in sleep
mode. You can change this behavior in the Energy Saver preferences.
[ 607 ]
Example - Scenario 3: Connect to a Windows computer from a Mac computer:
There are a few ways to connect to a Windows computer from a Mac computer. If you
want to review all the methods available, you can visit this link: https://support.
apple.com/guide/mac-help/mchlp1660/11.0/mac/11.0. In this example, we will
show one of the available methods:
1. On your Mac, go to the Finder's top menu, select Go, then Network, and
then go to the Network folder.
2. Identify the computer's name and double-click on it. If you don't see any
location in the folder, this probably means you have to configure sharing
for the Windows computer first. Check out https://support.apple.com/
guide/mac-help/mchlp1659/11.0/mac/11.0 for instructions on setting up
Windows computers to share files with Mac. If you see several names and
you are not sure which one is the Windows computer you want to connect
to, go to the Windows computer, click the Windows menu (usually at the
bottom-left corner), select the Configuration icon, select System, and at the
bottom of the left menu, click About. The computer's name will appear
next to Device name, as shown in the following screenshot:
Figure 14.20 – Windows computer name
[ 608 ]
3. Back on the Mac, locate the name you identified in the shared computer on
the Network folder and double-click on it; in this example, we have already
identified it. You might need to select the network area or workgroup name
for the shared computer in large environments. You can get that
information from your network administrator:
Figure 14.21 – Windows computer name
4. If an automatic connection is not enabled (through Keychain), or if it's the

first time you're connecting, you will need to click on Connect As.
5. Leave the Registered User option selected. Depending on your Windows
sharing configuration, you might need to enter a username and password,
then select volumes or shared folders on the server. In most cases, you can
also use the username and password you use to log into the Windows
computer or create a specific user to share specific folders.
And that's it! You have connected to a file share.
As a next step, you can create an automatic connection so that it is even easier to find
and connect to the share. We will see that in the next section.
[ 609 ]
Creating automatic connections

Automatic connections help you find and connect to shares quickly and easily. To
create automatic connections to network shares, you can follow any of these methods:
Use the Users & Groups preferences login options

Use shortcuts
Use aliases
Let's see how each of these methods works:
1. Through the Users & Groups preferences login options. Take into account
that you will need to authenticate as an administrator to use this method.
Follow these steps:
1. Log into the account where you want to create the automatic
connection.
3. Use the Finder and go to the Go menu to open the share's exact
location, which will then appear in the Network folder.
4. Open the Users & Groups preferences. Make sure the user you
want to create the share for is selected in the list of users and
select the Login Items tab.
5. Drag the share to the user's login items from the Network folder
into the Users & Groups preferences, as shown in the following
screenshot. An alternative to dragging and dropping is to use the
+ (Add) button to add the share:
[ 610 ]
Figure 14.22 – Adding shares to the Login Items tab
[ 611 ]
If the share does not appear immediately, try browsing to another place in
System Preferences and go back to Login Items to verify this. In the
following screenshot, you can see that a share and a folder inside the share
have been added to Login Items:
Figure 14.23 – Shares added to Login Items
And that's it! These shares will now open automatically the next time you
log into the account where they were added; in this case, the administrator
account.
2. Using shortcuts: Just drag the share to the right-hand side of the user's
Dock (Figure 14.24). The share will automatically connect when you double-
click on it.
[ 612 ]
3. Using aliases. Create an alias and place it in the Dock (Figure 14.24). We
saw how to do this in Chapter 8, System Resources and Shortcuts, if you
would like to review this:
Figure 14.24 – Adding shares to the Dock and Desktop
You cannot drag items from the Finder sidebar or the network
browser to the login items or the Dock. You need to be in the actual
location.
[ 613 ]
How is the Mac computer identified for sharing services?
Earlier in this section, we learned how to identify the NetBIOS name for sharing with
a Windows computer. Actually, the Mac has a default name based on the DNS name
or the name that was created by the user when macOS was installed. An
administrator can change this name in the Sharing preferences. On this Mac, for
example, the name is Herta's MacBook Pro:
Figure 14.25 – Changing the Mac's name
You can change the Mac's name by clicking the Edit... button in the
Sharing preferences menu (Figure 14.25). When you change the name, the system will
also configure the names for all the other discovery protocols.
For example, if we changed this machine's default name to something simpler, such
as Herta's Mac, then the NetBIOS/WINS name will become HERTAS-MAC, and
the Bonjour name will be Hertas-Mac.local.
[ 614 ]
So, now that you know how to connect to file shares either through automatic
discovery as well as manually, and also know how to create automatic connections,
let's find out how to disconnect these mounted shares.
Disconnecting from a mounted share

Just as it is important to unmount and eject locally mounted volumes properly, it is
also important to do the same with network volumes when you are not using them
anymore.
You can do this by using the Eject button that appears in the Finder, beside the
mounted share.
If a network share gets disconnected because of a power outage, for example, when
the power is back on, a reconnect will be attempted. If the Mac cannot reconnect after
several minutes of attempting, the system will fully disconnect from the share.
Now, besides the more sophisticated file-sharing options we have just seen, Apple
offers a quick, practical way of sharing files, and we will see that next.
What is AirDrop?
AirDrop is a secure peer-to-peer service that allows you to share and receive files,
photos, videos, websites, locations, and more from/to other Apple devices through an
ad hoc network connection via Wi-Fi and Bluetooth. AirDrop does not use your
standard Wi-Fi connection but a different radio frequency. It creates a closed network
(ad hoc) between local Apple devices. It uses Bluetooth for discovery and Wi-Fi for
file transfer. AirDrop handles file sharing through Transport Layer Security (TLS). It
does not allow you to browse for files; instead, it is a send-and receive-only, short-
range type of sharing.
[ 615 ]
Here are the requirements if you wish to use AirDrop:
Mac OS X Yosemite or later, and iOS 7 or later for the latest implementation
of AirDrop, which uses Bluetooth for wireless discovery and Wi-Fi for data
transfer.
The legacy implementation of AirDrop is only available for sharing among
computers running OS X Lion or later since it only uses Wi-Fi.
The Wi-Fi and Bluetooth interfaces have to be turned on.
Here's how you can verify whether your Mac supports AirDrop:
1. Go to Finder and then to the Go menu.

2. If an AirDrop menu appears, then your Mac supports AirDrop.
Here are some details you should take into account to use AirDrop:
Make sure the device of the person you want to share with is within the
Bluetooth range (usually around 30 ft).
Verify that you and the other person's devices have Wi-Fi and Bluetooth
turned on.
Personal Hotspot needs to be turned off.
If you're not in the other person's Contacts, make sure their AirDrop is set
to Everyone in order to receive the file. Otherwise, have them add you to
their Contacts.
There are several ways to open the AirDrop interface:
1. Open Finder and select the AirDrop icon from the sidebar.
2. You can also select AirDrop from the Finder's Go menu.
3. Press Shift + Cmd + R.
When the AirDrop interface is open, it will automatically scan for other compatible
devices within range.
[ 616 ]
To send a file, follow this step:
Drag and drop the file you want to send to the icon that represents the
other device, as shown in the following screenshot:
Figure 14.26 – Sending a file with AirDrop
Alternatively, select the file you want to share and use the Share button in
the context it appears in; for example, the Finder.
When you are receiving a file, these options will be presented to you:
Accept, in which case the file that's received will be saved to the
Downloads folder.
Accept & Open, which saves the file in the same location, but also opens it.
[ 617 ]
Decline, which cancels the transfer and notifies the other user:
Figure 14.27 – Receiving a file with AirDrop
We have reached the end of this section on sharing services, where we have explored
the file-sharing service protocols macOS supports, learned what file-sharing services
are, how to use them on macOS, including how to connect to different types of file
shares, such as FTP, computers in the same local network, and even a Windows
computer, and how to share files quickly and easily between Apple devices with
AirDrop. Now that we have a good idea of the sharing possibilities on macOS, let's
move on to yet another practical sharing feature: remote controlling and screen
sharing.
[ 618 ]
Remote controlling and screen sharing

Remote controlling is an essential feature for Mac support specialists. Seeing the
user's screen and controlling the mouse and keyboard is essential to providing
support. It is also very useful if you need to access your Mac remotely. macOS offers
three built-in methods to remote control your Mac:
Via System Screen

Via Messages Screen Sharing
Via Apple Remote Desktop (ARD)
The client software for these methods is included in macOS. However, the
administrative software for ARD that is used to control other Mac systems is sold
separately.
Remote controlling must be enabled on the target computer. You will

need administrative privileges for this procedure:
1. Go to the Sharing preferences in System Preferences.

2. Enable the Remote Management option, as shown in the following
screenshot:
Figure 14.28 – Enabling Remote Management
[ 619 ]
3. When you enable Remote Management for the first time, a prompt will
appear, asking you what you want to allow, as shown in the following
screenshot. Select all the appropriate options, such as Observe and
Control, and click OK. These options can be accessed and modified at any
time by clicking the Options... button (Figure 14.28):
Figure 14.29 – Remote Management options
4. You can modify the default setting and change it to All users or Only these
users (Figure 14.28).
5. The Computer Settings... button allows you to add more operating systems
so that you can access your screen sharing service. When you attempt to
access screen sharing, the currently logged-in user on the Mac that will be
shared will have to authorize this action. By default, only local authorized
users and groups are allowed to request permission to use screen
sharing. You can change this behavior by selecting Anyone may request
permission to control screen, as shown here:
Figure 14.30 – Computer Settings
[ 620 ]
Here, you can see that another option in these settings is for VNC viewers to control
the screen with a password. Standard third party means users cannot authenticate
using the macOS methods we will describe next. If you enable this option, you can
specify the password for VNC access.
Take into account that VNC viewers cannot use the clipboard copy,
file copy, or virtual desktop features.
There are also third-party solutions for remote access that you might want to
explore. macOS screen sharing is backward compatible with OS X Lion and later, and
it can control previous OS X systems with ARD remote management. Let's examine
the three methods mentioned previously for remote controlling in more detail.
Now that remote controlling is enabled on the target computer we want to connect to,
let's discover how we can actually connect through the methods listed previously. We
will begin with System Screen.
Remote controlling via System Screen

Remote controlling via System Screen is based on the Virtual Network Computer
protocol or VNC. With this type of sharing, you have the following benefits:
Encryption for both viewing and controlling traffic.

Ability to copy files and clipboard content between computers.
Ability to access a virtual desktop on another Mac, also known as virtual
login, separate from your local login account information and exclusive for
remote access via screen sharing. This means that the user could use the
virtual desktop and the local account at the same time.
To remote control a computer through this method, make sure the target computer
has remote management or VNC enabled. For the connection to succeed, the target
Mac must have at least screen sharing enabled, but to use remote management
features, they have to be enabled as well.
Enabling Remote Management will also enable screen sharing

(including ARD).
[ 621 ]
Enabling remote management via System Screen is a four-step process:
1. Connecting
2. Authenticating
3. Controlling
4. Adjusting settings
Let's see each of these steps in more detail.
Connecting
Connecting to a remote Mac to control it via System Screen starts with any of these
two methods involving the Finder, which allows connection to the shared screen in
the first place.
1. Browse and select the computer from the Finder sidebar or

the Network folder (works only for screen sharing or ARD hosts on the
local network).
2. Through the Finder's top menu, then the Go menu, choose the Connect to
Server menu option (works for any host with screen sharing, ARD, or
standard VNC services).
Follow these steps to use the first method:
1. Open the Finder sidebar and then browse and select the computer from the
list. Alternatively, open the Network folder.
2. Once you have located the computer you want to control, click the Share
Screen... button, as shown here:
Figure 14.31 – Connecting to Share Screen
[ 622 ]
Next, you will need to authenticate. We will see the authentication methods in the
next section.
Follow these steps to use the second method:
1. While in the Finder sidebar, choose the Go menu option and then Connect
to Server.
2. Enter VNC, followed by the computer's IP address, DNS hostname, or
Bonjour name. For this example, we will enter the IP address shown here:
Figure 14.32 – Entering the server address
3. Click Connect.
Next, you will need to authenticate. We will see the authentication methods in the
next section.
Authenticating
Authentication can take place in many scenarios, and it can be done through the
options we already described previously: Guest, Registered User, and Using an
Apple ID.
The default option to authenticate is Registered User. What happens next will
depend on the status of the target computer you are trying to connect to. Let's
examine the most common ones.
First, make sure the target computer is turned on. If the computer is in sleep mode, it
will need to be configured for network wake in the Battery preferences (Energy
Saving preferences in versions before macOS Big Sur). The following scenarios
assume the remote computer is on.
[ 623 ]
Scenario 1: The target computer is a Mac running macOS or OS X, but there isn't any
logged-in user. In this case, you can immediately connect to the Mac as a standard or
administrative user.
Scenario 2: The target computer is a Mac running macOS or OS X, and there is a

standard user that's logged in who is not an administrator. In this case, you can log in
as the same currently logged-in user and connect immediately, or log in as an
administrator.
Scenario 3: The target computer is a Mac running macOS or OS X, and there is an

administrator user logged into the remote Mac. In this third possible scenario, you
will need to choose from these options:
1. Ask for permission. In this case, the administrative user that's logged into
the target Mac will be prompted to allow or deny your connection (Figure
14.33). To accept, the target Mac should click Share Screen:
Figure 14.33 – Accepting the connection request
2. Log into a virtual desktop. In this case, you can immediately connect to
your standard account through a virtual desktop.
Take into account that, in this scenario, the other user will not know
you are remotely using the virtual desktop on the computer. They
can verify this by checking the Fast User Switching menu or the
Now that we have established a connection with the target Mac and we have
authenticated it, let's explore how to control it.
[ 624 ]
Controlling
Once connected and authenticated, a new window will open on the Mac you are
using to access the target Mac remotely. At this point, you will be able to see the
remote Mac and perform the following tasks:
Use the keyboard, including keyboard shortcuts

Use mouse movements
Use the clipboard to share content from the clipboard
Drag files from the Finder to the remote computer desktop
If you see a binoculars icon, this means that you can watch but not control the
system.
If you see a pointer, this means you can control it. In this case, the Control button will
also be active:
Figure 14.34 – Remote controls
Now that we are successfully controlling the target Mac, let's look at the additional
settings we can adjust.
[ 625 ]
Adjusting settings
You can adjust the default screen size and quality from the Screen Sharing
preferences. For that, go to the Screen Sharing menu at the top left. Select
the Preferences menu option. You will see the options shown here:
Figure 14.35 – Screen Sharing Preferences
Take into account that the screen's quality will also depend on the quality of your
network connection. If you have a bad connection, you might have to wait a few
seconds until the screen renders correctly.
In the Toolbar menu, you will see other useful options, such as Scaling and
Clipboard. The latter option lets you use the Shared Clipboard to Get or Send
clipboard elements.
To quit screen sharing, just go to the Screen Sharing menu and select Quit Screen
Sharing.
Now that we have seen remote controlling via System Screen, let's see the second
remote controlling method, via Messages Screen Sharing.
Remote controlling via Messages Screen

Sharing
This option uses remote control via the Message app's screen sharing feature. This
works among Mac computers only.
[ 626 ]
The interesting part of this option is that you can use on-demand screen sharing when
the system screen sharing service we just saw is not enabled. This means that screen
sharing does not have to be enabled in the Sharing preferences, as required for the
previous method. This is possible because the Messages app uses its own
communication services to initiate screen sharing.
With this method, you can do the following:
Initiate screen sharing.

Use voice chat simultaneously between the two computers.
Locate other Mac computers you could control through active chats and
available buddies.
Use screen sharing in both directions:
Use reverse screen sharing, which means that when your
Mac finds a target computer to control, the first Mac can
push its screen to the target Mac. This is useful if you want to
demonstrate to the other user how to do a certain task.
The requirements for this to work are as follows:
Both Macs have to be signed into the Messages app

Users must be signed into iCloud
Follow these steps to initiate screen sharing:
1. Open the Messages app.

2. Select a user to start a text chat with on another computer that they will
screen share with you. Use the + icon to do so:
Figure 14.36 – Screen Sharing via Messages
[ 627 ]
3. Once the user is selected, send a message and click the Details icon.
4. Click the Share icon. You will have two options: Invite to Share My
Screen or Ask to Share Screen.
5. If you select the second option on the remote computer, the user will see a
message asking them to Accept or Decline the request:
Figure 14.37 – Accepting Screen Sharing via Messages
If the remote user clicks Accept, and this is a user you know and
frequently share the screen with, it is a good idea to save their
information in Contacts at this point. This way, the screen-sharing
session will start immediately the next time you initiate it, without any
messages asking the other user to accept.
If both computers support voice chat, it will be initiated automatically.

You can configure the audio and video settings in the Messages
preferences. The options are the same as for system screen sharing. By
default, the binocular button will be active, which means you can
watch the computer screen but not control it.
6. If the user accepted, you will see the remote Mac. Click the pointer (Figure
14.34) to request permission to control.
7. At this point, the remote user will get a message asking for permission to
control the Mac. From the Screen Sharing menu, the remote user can also
allow you to control the screen without asking for permission.
You can also explore additional options for customizing the view, very similar to the
previous method.
Finally, let's take a look at the third option for remote controlling, this time via ARD.
[ 628 ]
Remote controlling via Apple Remote Desktop

(ARD)
This is the third option for remote controlling, and it requires the ARD Apple Remote
Management software. It works in combination with ARD. It lets you manage
multiple Mac computers across your network. ARD is an advanced, paid software
with many features. This book focuses on free functionalities, but you can find out all
about it here: https://support.apple.com/guide/remote-desktop/welcome/mac.
The current version of ARD is compatible with macOS Mojave 10.14.6 and later.
And with this information, we have reached the end of this section. We explored the
remote controlling options in macOS through screen sharing via System Screen, the
Messages app, and ARD. In the next section, we will briefly explore additional
sharing services in macOS.
Other sharing services

macOS offers additional sharing services that can be quite useful in small and large
networks alike. We will explore the following services briefly:
Internet Sharing
Printer Sharing
Bluetooth sharing
Remote Apple Events
Remote Login
Media Sharing
Let's begin by reviewing Internet Sharing in macOS.
Internet Sharing
Through the Internet Sharing option, you can share your internet connection with
other users on your local network. You can do this even over an Ethernet connection.
This is practical when you are connected through Ethernet, and you need to share
your internet with another local computer, or the opposite; that is, if you are
connected through Wi-Fi and need to share your internet to computers using
Ethernet.
[ 629 ]
In this example, we will explain how to share the internet from a Mac connected
through Wi-Fi to another local machine using Ethernet:
1. Open System Preferences, click Sharing, and then activate Internet

Sharing. If you are unable to activate the option and you see options or
a message that indicates you haven't set a port to share the connection, you
will have to select the Share your connection from and To computers
using options and select a port first, as indicated in the next step. Only after
you have done this will you be able to activate the Internet
Sharing checkbox.
2. Click Share your connection from from the pop-up menu and choose the
internet connection you want to share, such as Wi-Fi.
3. Select To computers using to share your internet connection over Ethernet.
Take into account that the Ethernet option will not appear if your Mac does
not have an Ethernet interface.
4. A warning message will ask you to confirm whether you want to proceed.
5. Click Wi-Fi Options and give your network a name. Next, click the
Security menu, choose WPA2 Personal, enter a password, and then click
OK.
6. Now, select the Internet Sharing checkbox.
7. Now, the other devices will be able to join this connection.
In the same way you can share the internet, you can also share peripheral devices.
Let's see how that works next.
Printer Sharing
This section explains sharing printers with another Mac computer. These instructions
are for non-network (or non-wireless) printers that are plugged directly into your
computer. Yes! You can share those printers with other computers.
For this to work, the computers must be on the same local network and running OS X
10.4 or later.
Follow these steps:
1. Open System Preferences, click Sharing, and activate the Printer

Sharing checkbox.
2. Below Printers, select the printer you want to share.
3. The default setting will be Everyone or all users on your network.
[ 630 ]
4. You can restrict access to specific people:

1. Click the + (Add) button at the bottom of the Users list.
2. Select a user from Users & Groups, which includes a user on
your Mac computer.
3. Select a user from Network Users or Network Groups, which
includes all users on your network.
4. Select a person from your contacts, for which you will have to
create an account at this point.
If you add users to the users' list, access to the shared printer is No Access by default
for all users (Everyone) on your network. To change this behavior and grant access to
the printer to Everyone, click the triangle and choose Can Print.
To remove a user, select it from the list and click the - (Remove) button. Take into
account that you can't remove Everyone.
Next, let's look at Bluetooth Sharing.
Bluetooth Sharing
Bluetooth sharing in macOS is useful for controlling how your Mac handles files that
have been exchanged between devices through Bluetooth; for example, when you're
exchanging files between your Mac and an Android phone.
However, if you wish to share files between Mac and iOS devices, the best choice is to
use the following tools:
AirDrop (which was covered earlier in this chapter)

Handoff
iCloud (covered in Chapter 10, Managing Apps and Documents)
The method explained here is for controlling how files are shared between a Mac and
other Bluetooth devices, such as Android phones:
1. Open System Preferences, and then go to the Sharing preferences. Next,

activate the Bluetooth Sharing checkbox.
2. You can now configure options for these situations:
When receiving items, choose from the following options:
Accept and Save to save all items sent to your Mac
Accept and Open to open the items
[ 631 ]
Ask What to Do to decide what to do each time a

file is sent
Never Allow, if you don't want to accept any
items that are sent to your Mac
For Folder for accepted items, choose from the following
options:
The folder that you want to store accepted files in
(the default is the Downloads folder).
Choose Other... to select a different folder.
When other devices browse, choose from the following options:
Choose Always Allow to let devices browse your
Mac
Ask What to Do to manually decide what to do
each time a device tries to browse your Mac
Never Allow, if you don't want other devices to
browse your Mac
Folder others can browse, choose from the following options:
The folder on your Mac that other devices can
browse (the default is the Public folder).
Choose Other... to select a different folder.
Another sharing option is the ability to use Remote Apple Events. Let's explore it
next.
Remote Apple Events

An Apple Event is a task that can be performed on a Mac, such as “Save a document.”
When Remote Apple Events is turned on, an AppleScript program running on a
remote Mac can interact with your Mac to perform certain tasks, such as opening,
saving, or printing a document located on your Mac. In order words, your Mac
computer can accept Apple Events from apps running on other computers.
[ 632 ]
To configure this option, follow these steps:
1. Go to System Preferences, and then to Sharing. Next, activate the Remote

Apple Events checkbox.
2. Choose from these options to specify who can send events:
All users: Any user on your Mac and anyone on your network.
Only these users: Click the + (Add) button, then choose who can
send events. Use Users & Groups for users in your Mac, and
Network Users and Network Groups for users on your network.
The next option in the Sharing preferences that we will explore is Remote Login.
Remote Login
When Remote Login is enabled, you can allow a remote computer to access your Mac
through Secure Shell (SSH). This is useful when you need to access and perform
advanced administrative tasks on your computer remotely by connecting through the
command line.
Take into account that you can't use Telnet to log into your Mac.
Follow these steps to use Remote Login:
1. Go to System Preferences, click Sharing, and then activate the Remote

Login checkbox. Take into account that enabling Remote Login also enables
secure FTP or SFTP.
2. Specify which users are allowed to log in from these options:
All users: Any of your computer's users and anyone on your
network.
Only these users: Use the + (Add) button to choose users from
your Mac. Network Users and Network Groups includes people
on your network.
[ 633 ]
3. In the following screenshot, we're selecting Patrick as the only user that can
remotely log in:
Figure 14.38 – Enabling Remote Login
4. Open Terminal or an SSH client from the remote computer you want to use
to access your Mac.
5. Type in the ssh command and then press Return.
6. Then, follow this format to log in: ssh username@IPaddress. For this
example, we will use Patrick's username since we enabled him in step 3. If
you don't know your Mac's username and IP address, open the Remote
Login pane of the Sharing preferences. Your username and IP address are
shown below the "Remote Login: On" indicator:
$ ssh patrickjohnson@192.168.0.12
7. Follow the prompts in Terminal, enter Patrick's password, and press Enter:
[ 634 ]
Figure 14.39 – Remote Login from a Terminal
Here, you can see that the user is now connected from the remote computer to
Patrick's Mac account and is now able to perform tasks by using the command line.
Finally, we will review one more sharing option available in the Sharing preferences:
CD or DVD sharing.
Media Sharing
The Media Sharing option allows other devices on your network to browse and play
downloaded music, movies, and TV shows.
To activate it, go to the Sharing preferences, activate the Media Sharing checkbox,
and select the appropriate options.
Media Sharing is turned on when you select one of these two options: Home Sharing
or Share media with guests. The first option allows you to access your media library
on all your devices where you're signed in with the same Apple ID. The second
option allows you to share your media library with other computers on the same
network.
And with this information, we have reached the end of this chapter. Make sure you
check out the summary for a quick review of what we have covered.
[ 635 ]
Summary
In this chapter, we have looked at some very useful features in macOS for sharing
services, including various file-sharing services, how to use them, and how to use
AirDrop for quick, short-range file-sharing. We also saw how to use remote
controlling via System Screen, Messages, and ARD. You can now enable and
configure file-sharing services, including connecting to popular protocols such as FTP
and connecting to file shares on other Macs and even Windows computers. Using
AirDrop to send and receive files from nearby Apple devices is also a task you can
perform with ease. You now know how to remote control a Mac through the different
methods we covered. Finally, you are now aware of other sharing services available
on macOS, such as internet, printer, Bluetooth, Remote Apple Event Events, Media
Sharing, and how to log in remotely to your Mac using SSH.
In the next chapter, we will look at some important measures, tools, and technologies
that are available on macOS.
[ 636 ]
15
Managing Security in macOS
In this day and age, it is crucial to consider all the security measures and technologies
available to protect our company's, clients', and users' security and privacy. We will
see various security tools and features macOS has available to increase protection.
Apple Platform Security ensures all Apple devices' operating systems are protected in
all five main areas: hardware, system, data, applications, and services. In this chapter,
we will explore the most important tools and features to understand how security is
approached in macOS in those five areas. Take into account that most of the tools and
measures we discuss in this chapter require administrative privileges.
System security
Hardware security
Application security
Data security and encryption
User and services security
By the end of this chapter, you will know how to use and apply these tools and
features to improve security on the macOS machines you administer. Let's begin with
the technical requirements for this chapter.
Managing Security in macOS Chapter 15

A Mac computer with administration privileges
Understanding System Security

When we talk about system security, we mean the tools and features aimed at
maximizing the operating system's security. This includes security during the Mac
machine's boot-up process, operation, and access to key files and folders. macOS
system security can be approached through the currently available features, as well as
the application of specific measures and tools. By the end of this section, you will be
aware of what you have at your disposal to protect macOS. This is what we will
examine in this section:
macOS security features

Recommended security measures
Bonjour/zero-configuration and mDNS security concerns
What is System Integrity Protection (SIP)?
Let's review these features and measures and how they can help you.
macOS security features

macOS offers several features that are designed to improve security and privacy.
Concerning this, the following are the latest features implemented.
Features implemented in macOS Big Sur:
Signed system volume or SSV: macOS now uses a signed system using a
cryptographic technology that prevents the execution of files (and/or
access) that don't have a valid Apple signature. This means that the
integrity of system content is verified at runtime, and any data that doesn't
have a valid cryptographic Apple signature is rejected. This also allows
software updates to run in the background without user involvement.
[ 638 ]
System extensions: Since macOS Big Sur, Kernel Extensions (or KEXTs)
are being deprecated and replaced by system extensions. This improves
security because extensions will not have access to the macOS kernel
anymore and will run in user space. Developers are now instructed to
transition their software out from KEXTs and provide support to System
Extensions. If an app is using a deprecated KEXT, this will trigger a prompt
to contact the developer. And that's what you should do if this happens:
The developer has to provide you with an alternative or, in some cases, if
the extension is not deprecated yet, you will be able to temporarily allow it
from the System Preferences, as shown in Figure 15.1.
Figure 15.1 – Blocked extension notification
Safari Privacy Report: In addition to the cross-site tracking feature that

prevents sites from tracking you through third-party content providers,
macOS now provides a "Privacy Report" in Safari, which allows you to find
out which websites are tracking you. More on this in Chapter 5, Managing
Privacy in the App Store: The App Store now features a section that
describes the privacy practices of the developer whose app you want to
download and install so that you know exactly how your data will be used
and whether it will be shared in any form.
The following features are implemented in macOS Catalina or earlier:
Read-only volume: macOS runs in a read-only, dedicated volume separate

from the rest of the data. This considerably increases the security of your
system files. There is nothing the administrator or user needs to do to take
advantage of this feature, as it comes pre-configured in macOS. This is why
when you use the Disk Utility (or the Terminal), you now see two default
volumes: the Macintosh HD volume, which is the system read-only volume,
and a separate volume called Macintosh HD - Data, where your data is
stored.
[ 639 ]
App permission: Apps now require your permission before accessing files
in Documents and Desktop folders, iCloud Drive, and other external
volumes. In Figure 15.2, we can see the prompt that appears when an app
installer is trying to access files in your Desktop folder. You can choose to
allow it according to whether you trust the application installer or not.
Figure 15.2 – Allowing apps to access files and folders
Find My: This app allows you to locate a missing or misplaced Mac, even if
it's offline or sleeping in some cases. And you could potentially lock the
Mac and/or erase the system disk. We explore this feature in more detail in
the Understanding User security section at the end of this chapter.
Activation Lock: Works in combination with Find My, and it is covered in
the same section mentioned earlier.
macOS built-in firewall: Unlike other traditional network firewalls, the
macOS built-in firewall allows or denies connections on a per-app basis
and not based on network port numbers. It even has a stealth mode, which
prevents the Mac from responding to unauthorized network connections,
including ping, traceroute, and port scan. This tool is explored in more
detail in the same section mentioned earlier.
System Integrity Protection (SIP): This feature is covered in detail at the
end of this section.
Malware protection: macOS has two built-in technologies for malware
protection: XProtect and the Malware Removal Tool (MRT). They are
covered in more detail in the Understanding Application security section later
in this chapter.
Besides these features, there are other measures and tools you can take advantage of.
Let's begin by reviewing some recommended practices to increase security.
[ 640 ]
Recommended security measures

The measures and tools we will see here are intended for protecting the system's
integrity. But take into account that all measures, whether aimed specifically at a
system, application, data, or user security, ultimately combine to provide integral
system protection.
Make sure you implement the following measures:
Make sure automatic updates are turned on for system data files and
security updates: In order to receive security updates, including XProtect
and MRT, automatic updates must be turned on in the System Preferences.
Review the section on System Updates in Chapter 2, Installing and
Configuring macOS, for more information on the procedure.
Require users to log in with their own accounts: Remember that the first
account created after installing macOS is an administrative account. You
should make sure that other users logging into the same machine have
their own accounts so they can have their own files and settings separated
from the other users. If it's a one-time use, you can always take advantage
of guest accounts. User and guest accounts are covered in detail in Chapter
4, User Accounts Management.
Require users to use secure passwords: Make sure users don't use
passwords that are easy to guess (such as 1234 or 0000). The account
creation process in macOS offers a tool to create secure passwords.
Passwords are covered in detail in Chapter 5, Managing User Security and
Privacy.
Lock the machine when it is not in use: This is important so that no one
can access your machine while you are away. This can be achieved by
configuring your Mac to log out after being idle for a certain period of time.
Follow these steps to configure this:
2. Click the Security & Privacy icon.
3. Make sure you are in the General tab.
4. Click the lock to authenticate as an administrator.
[ 641 ]
2. Click the Advanced tab at the bottom of the window.

3. Enable the Log out after...minutes of inactivity checkbox and set
an amount of time that makes sense depending on your
environment, such as 5 minutes in a crowded environment or
more time if there's less risk of other users accessing your
computer, as shown in Figure 15.3.
Figure 15.3 – Automatic log out
Ensure users won't change system-wide settings: This is an important step

to prevent users from changing system settings that will affect all users so
that the lock is displayed for administrator authentication. Follow these
steps to activate this option. Follow the steps in the previous procedure
but, in this case, activate the Require an administrator password to access
system-wide preferences checkbox(Figure 15.3).
Requiring a password after waking up: You can also configure your Mac
to require a password when it's picked up (woken) from Sleep mode or
while the screen saver is running. Follow these steps to achieve that:
1. Follow the steps from the previous procedure up to step 4.
2. Enable Require password...after sleep or screen saver begins, as
[ 642 ]
Figure 15.4 – Requiring a password after sleep or screen saver
3. Set the amount of time to something that makes sense according

to your environment. You can choose up to 8 hours.
Using hot corners to lock your screen: This will automatically start the
screen saver when your Mac is inactive for some time, and it allows you to
use a shortcut by placing the pointer at a corner of the screen to activate it
yourself. Figure 15.5 shows the four hot corners that can be configured in
macOS.
Figure 15.5 – Hot corners
[ 643 ]
Follow these steps to configure hot corners:

2. Click the Desktop & Screen Saver icon.
3. Click the Screen Saver tab.
4. Make sure the screen saver you wish to use is selected.
5. Next, click the Hot Corners button, as indicated in Figure 15.6:
Figure 15.6 – Accessing hot corners
[ 644 ]
6. Click the pop-up menu of the corner you want to configure and
select the Start Screen Saver option or any of the actions
available in the drop-down. In the example that follows, we
choose the top-left corner. You can choose to configure one or all
four hot corners. You can also configure to start the action by
pressing the Control, Option, Shift, or Command keys with a hot
corner; press the key you want to use (such as Shift) while
clicking the configuration drop-down menu. In Figure 15.7, we
configured the top-left hot corner to Start Screen Saver and the
lower-left hot corner to Disable Screen Saver but with the Shift
key. Click OK when ready.
7. Now, whenever you position the pointer on the hot corner you
just configured, the selected action will be executed. In the case
of the lower-left hot corner, the action will execute when we
position the pointer in that corner and press Shift at the same
time.
Figure 15.7 – Configuring hot corners
Limit the number of administrative users: You can have other

administrative users, apart from the first administrative account created
when you installed macOS. These users will have advanced permissions to
create, manage, and delete other users, and also install and remove
software, and modify configuration settings. Therefore, a good practice is
to have 2 or a maximum of 3 administrative accounts. It's not a good idea
either to have just one since if that user loses access to the account for any
reason, you will probably have to take extreme measures to regain access to
the machine, such as reinstalling the system, with the potential of loss of
data. Having more than 3 administrators is not recommended either.
As we know, macOS also provides an easy network configuration, but certain

concerns could impact security and that's what we'll address next.
[ 645 ]
Bonjour/zero-configuration and mDNS

security concerns
Bonjour is Apple's zero-configuration protocol for easy network configuration of
devices on a local network. This results in little or no administration or configuration
required to set up networking on a Mac.
However, although its benefits are clear for users, developers, and administrators
should be aware of the security implications.
Bonjour uses Multicast DNS (mDNS) for performing DNS-like operations on the
local link in the absence of any conventional Unicast DNS server. It works even when
no infrastructure is present and also during infrastructure failures.
In environments where security has to be closely monitored, other measures must be

implemented to ensure the cooperation of participants and network administrators to
distinguish suspicious Multicast DNS messages that could constitute a threat to the
system and/or the company.
These are some of the recommended measures:
WPA2-PSK (Wi-Fi Protected Access 2/Pre-Shared Key) or encryption

should be used in wireless environments to ensure only authorized users
are active on the network.
In open network environments (such as Wi-Fi hotspots), administrators
should make sure to implement the appropriate security measures.
Using advertising services with unicast Wide-Area Bonjour, configured
manually or automatically with the help of Bonjour Hybrid Proxy gateway
products; or other Bonjour gateway products offered by Wi-Fi access point
vendors.
Finally, let's explore a key component of Apple's security implementation for their
devices: System Integrity Protection.
What is System Integrity Protection?

System Integrity Protection or SIP is a security mechanism designed to ensure
system resources are secure. This technology, available since OS X El Capitan and
later, protects the booter and kernel – in other words, all system resources – from
malicious writes on a system running macOS.
[ 646 ]
It does this by preventing users and processes (including malicious software) from
altering core macOS items, even if these users have advanced permissions
(administrator or root privileges). It even restricts the root user account from certain
actions on protected parts of the system. This system also protects core macOS apps
(apps bundled with the OS), such as Safari, Messages, and so on.
SIP protects these specific items:
/System
/usr
/bin
/sbin
/var
Pre-installed core apps bundled with the macOS installer
If an app you want to use is not able to run because of compatibility issues with SIP,
the best recommendation is to ask the developer to provide a compatible version.
Otherwise, you can disable SIP following these steps:
Disabling SIP greatly reduces macOS's security and integrity since

any software could modify or overwrite a system file, either
intentionally or unintentionally. You should avoid disabling SIP.
1. Restart the Mac and enter the Recovery interface as appropriate for your
Mac model (Intel-based or M1 chip).
2. Open the Terminal from the Utilities menu.
3. Enter the csrutil disable command.
4. Enter reboot to reboot the Mac.
Because of the security risk of disabling SIP, you should reenable it as soon as
possible. To reenable SIP, follow these steps:
1. Follow steps 1 and 2 indicated earlier.

2. Enter the csrutil enable command.
3. Enter reboot to reboot the Mac.
Take into account that the SIP setting is saved to the computer's firmware; therefore,
resetting the Parameter RAM (PRAM) will also reenable SIP. Resetting PRAM is
covered in Troubleshooting Tips. Performing a software update may also re-enable
SIP.
[ 647 ]
And with this explanation, we have reached the end of this section. We reviewed the
tools and features macOS offers to protect system security, including the latest
features introduced in macOS Big Sur and Catalina, such as the Signed System
Volume (SSV) and the Read-Only system volume. We also saw the recommended
security measures that should be implemented, and what you could do if you are
concerned about mDNS. Finally, we saw how System Integrity Protection (SIP)
protects your system resources.
In the next section, we will explore the available tools macOS offers for hardware
security.
Understanding hardware security

In the same manner, as we saw for the system in the previous section, security for
Apple devices is built into the hardware as well. In this section, we will examine the
tools and features macOS provides for increasing hardware security. By the end of
this section, you will be able to configure and take advantage of these key features.
The three main important tools we will explore in this section are the following:
Firmware password
T2 Security Chip (Intel-based Macs)
Macs with the Apple M1 silicon chip
Both these tools are managed through the Startup Security Utility, which can be
accessed through the Recovery system as we will see later in this section. Let's learn
more about these features.
Firmware password
The firmware password is used to prevent your Mac from starting up from any disk
other than the one configured as the startup disk. Its primary purpose is to prevent
unauthorized users from using startup shortcuts (such as the Option key) to bypass
other passwords in place to access the computer's operating system and make
changes. Take into account that the firmware password is no longer supported in
Macs with the Apple M1 silicon chip. We explained this tool in detail, as well as how
to configure it in Chapter 5, Managing User Security and Privacy, if you would like to
go back to review it.
The firmware password is not the only tool available at the startup level. In the next
section, we will see another, more recent and more powerful, feature.
[ 648 ]
T2 Security Chip (Intel-based Macs)

The Apple T2 Security Chip is Apple's second-generation, custom chip for specific
Mac computer models. The T2 chip works in combination with Startup Security
Utility, which is accessible through the Recovery system.
The T2 chip enables your Mac to have the following capabilities:
New levels of security by including a coprocessor that secures Touch ID

data
New encrypted storage capabilities through Full System Encryption in
combination with FileVault (explained in the section about FileVault that
follows)
Secure Boot and External Boot capabilities (explained shortly)
The T2 chip's image signal processor works in combination with the
FaceTime HD camera for improved tone mapping, exposure control, and
autoexposure/auto white balance based on face detection.
You can follow these steps to find out whether your Mac has the T2 chip:
1. Go to the Apple menu and press the Option key to reveal the System
Information option.
2. On the left menu, look under the Hardware section.
3. Select the Controller option; if you have the T2 chip, it will display here, as
Figure 15.8 – T2 security chip
You can also visit this link (https://support.apple.com/

HT208862) to verify whether your Mac model includes the T2 chip.
[ 649 ]
Here, we will explore the three main security features used in combination with the
T2 Security Chip:
Secure Boot
External Boot
Activation Lock
Let's start with the Secure Boot feature.
Secure Boot
This feature works only in computers with the Apple T2 security chip. Secure Boot
ensures only a legitimate and trusted operating system loads at startup.
Secure Boot offers three levels of security:
Full Security: This is the default setting, offering the highest level of
security. It ensures only your current OS or, otherwise, an Apple trusted
and signed OS, runs on your computer. The OS is verified during startup
and, if it cannot be verified as legitimate, the Mac will connect to Apple to
download additional information to verify it. If despite this attempt, the OS
cannot be verified, this happens:
In the case of macOS, an alert will be displayed to download
a software update to reinstall macOS or choose another
startup disk that will also be verified before allowing it to
run.
If you are attempting to run Windows, an alert will be
displayed to inform you that you need to install Windows
through Boot Camp Assistant.
Medium Security: This allows any version of a signed OS (macOS or
Windows) to run. This means that even an OS that once was trusted by
Apple but no longer is will be able to run. If the OS cannot be verified, this
happens:
In the case of macOS, an alert will be displayed to download
a software update to reinstall macOS or choose another
startup disk that will also be verified before allowing it to
run.
[ 650 ]
In the case of Windows, an alert will be displayed to inform

you that you need to install Windows through Boot Camp
Assistant.
No Security: If this option is selected, no verification is done at OS startup.
You can configure Secure Boot through a tool called Startup Security Utility:
1. Turn on your Mac, or restart it, and press Command + R as soon as you see
the Apple logo to start up from the macOS Recovery interface.
2. When you see the Recovery interface, go to the Utilities menu at the top,
and select Startup Security Utility.
3. Authenticate as administrator.
4. You will see the Startup Security Utility configuration window. You will
notice that, by default, Full Security (Figure 15.9) is selected. You can leave
this default, recommended setting, or change it according to your
requirements.
Figure 15.9 – Configuring Secure Boot
Now that you understand what Secure Boot does and how to use it, let's examine
another feature that is available with the T2 chip: External Boot.
[ 651 ]
External Boot
This feature allows you to control startup from external media, such as an external
drive or a flash drive. It also works in combination with the T2 chip. By default, it is
set to Disallow booting from external media.
In some cases, for example, when you need to reinstall from external media, you will
need to modify this configuration to allow booting from external media. Follow these
steps to modify the default, recommended setting:
1. Follow the steps stated in the previous section to open Startup Security
Utility.
2. Next, in the External Boot section at the bottom, select Allow booting from
external media and quit Startup Utility.
3. Then, you can go to the Apple menu and choose the Startup Disk menu
option.
4. Select the external disk you want to boot from.
5. You will now be able to restart the Mac to boot from the external
disk. Alternatively, you can use the Option key at startup to choose a disk to
boot from (if a firmware password is configured, you will need to provide
it to continue).
Finally, let's explore the third feature that works when a T2 chip is available on a Mac
machine.
Activation Lock
This is another feature that works in combination with the T2 security chip. It helps
prevent anyone from using your Mac without authorization. This is useful if your
Mac ever gets stolen, lost, or misplaced. It also works in combination with the new
feature Find My. If you meet the requirements, just enable Find My, and Activation
Lock will be enabled automatically. You will find more details on using the Find
My and the Activation Lock features in the Understanding User Security section at the
end of this chapter.
macOS also has technologies and features in place to protect apps, as we will discover
next.
Next, we will explore how these features are different in Macs with the Apple M1
silicon chip.
[ 652 ]
Macs with the Apple M1 silicon chip

Hardware security works differently in Mac with the Apple M1 silicon chip. This chip
verifies whether the version of macOS loaded during startup is authorized and
continues to verify system integrity in the background while the Mac is functioning.
This is why the T2 chip will no longer be present in Macs with the M1 chip since the
security features it provided have moved to the new silicon chip.
As a consequence, Startup Security Utility in Macs with the M1 chip has changed and
been renamed Startup Security Utilities. You now have the following options:
Full Security: Ensures only the current OS, or a signed OS trusted by

Apple, runs. It requires a network connection at installation.
Reduced Security: Allows any version of a signed OS, trusted at any point
in time by Apple, to run. This option has two settings:
Allow user management of kernel extensions from identified
developers.
Allow remote management of kernel extensions and
automatic software updates.
You can configure these options through Startup Security Utilities:
1. Turn on your Mac, or restart it, and press and hold the Power button until
you see the Options gear icon.
2. Select Options and click Continue.
3. Select a known administrator and enter the password. Click Next to
continue.
4. When you see the Recovery interface, go to the Utilities menu at the top,
and select Startup Security Utilities, as seen in Figure 15.10:
Figure 15.10 - Startup Security Utilities
[ 653 ]
5. You will see the Startup Security Utilities configuration window (Figure
15.11). As you can see, the Firmware password option no longer appears
and we now see the options described earlier. You can leave the default,
recommended setting (Full Security), or make changes according to your
requirements.
Figure 15.11 - Startup Security Utilities options
In this section, we saw the tools provided for hardware-related security, including the
firmware password, and the features used in combination with the T2 chip in Intel-
based Macs. We also saw how these features change in Macs with the M1 silicon chip.
In the next section, we will examine application security.
Understanding application security

macOS uses process security mechanisms, and built-in technologies such as System
Integrity Protection (SIP), described earlier in this chapter, to protect the system
resources and allow system-wide access to apps only when it's strictly necessary.
Other technologies are employed to make apps more secure, such as app sandboxing,
as well as features that protect your Mac from viruses and malware, compromised
apps, and unauthorized access, in particular, when you wish to install third-party
apps. In this section, you will learn about all these technologies and features, as well
as how to configure them. By the end of this section, you will be able to configure
them according to your specific security needs.
[ 654 ]
The topics we will explore will be divided into two main sections:
Application security technologies

Verifying app security settings
Let's start by exploring the macOS application security technologies.
Application security technologies

macOS uses several technologies for improving app security, and most of them are
interrelated in some form or work in combination with each other. These specific
technologies are the following:
App sandboxing
Code signing
File quarantine
Gatekeeper
Malware detection
Notarization
Let's explore briefly what they are, and how they help to protect the system and
users.
App sandboxing
Through sandboxing, apps are isolated from the rest of the user and system resources
and are allowed access only to the resources they need. In other words, this
technology prevents apps from accessing user files and folders they don't need to
carry out their functions. An easy way to explain how sandboxing works is that apps
"play" inside a container that has no, or very limited, access to system and user files.
Naturally, this technology increases system and user security. As of June 2012, it is a
requirement for all apps available from the App Store to use app sandboxing. There is
nothing the user needs to do to take advantage of app sandboxing; it is really
developers who have to integrate it during development.
Besides sandboxing, macOS uses additional verification mechanisms to ensure app

authenticity and integrity, as we will see next.
[ 655 ]
Code signing
The system uses code signing to verify software authenticity and integrity. It verifies
whether the app is from a known developer and that it hasn't been tampered with
since it was last signed. App developers have to take into account that before their
apps can be submitted to the App Store, they must be signed with a certificate issued
by Apple. Developers must obtain their unique Developer ID to be able to generate
Developer ID certificates. The App Store verifies the certificate and makes sure it
hasn't been altered. If it finds a problem, the app is removed. This is why the safest
place to download apps is the App Store.
For more information about obtaining a Developer ID and

Developer ID certificates, visit this link: https://developer.apple.
com/developer-id/.
If you choose to download apps from the internet or directly from a developer's
website, macOS still protects your Mac through two other technologies: File
quarantine and Gatekeeper, which both work in combination with code signing; let's
explore the first one next.
File quarantine
File quarantine is a feature that validates apps that download files from the internet.
In this case, when a user attempts to open an item downloaded from an unknown
source (the internet, for example), the system displays a warning, like the one seen in
Figure 15.12.
Take into account that this feature only works with specific "quarantine-aware" apps
that can include quarantine attributes in files from external sources:
Quarantine-aware apps: Safari, Messages, iChat, and Mail.

Attributes: Date, time, a record of the file's download origin.
When you open a file through any of these quarantine-aware apps, you will see a
warning like the following:
[ 656 ]
Figure 15.12 – Quarantine notification
If the user that downloaded the file opens it, the quarantine attributes are removed.
However, if other users open the file, the warning will display every time. Take into
account that the user who downloaded the file is the only one who can remove the
quarantine attributes by opening the file.
Also, consider the following:
Applications other than the ones mentioned previously will now display
the quarantine warning.
Copying a file from external media, such as a USB, to the Finder will not
activate the quarantine warning.
A code-signed app will not display a quarantine warning.
This feature works in combination with another feature that we will look at next.
Gatekeeper
Gatekeeper is another Apple technology that works in combination with file
quarantine and code signing. It is designed to ensure only trusted software runs on
your Mac and that it does not contain malware. A signed app will not trigger a
warning when opened as it is considered to be safe. But, if you download apps from
the internet or directly from a developer's website, macOS still protects your Mac
through Gatekeeper. In this case, Gatekeeper checks the Developer ID signature to
verify the developer's identity, and it verifies that the app has not been altered. If the
app is not signed by an identified developer or notarized, Gatekeeper will prevent
you from opening it. However, if you are sure the app you downloaded is safe, you
can bypass this protection that prevents it from opening. The procedure is explained
in the Verifying app security settings section.
Gatekeeper also protects your system from malicious plugins that may be included
with apps. Gatekeeper opens the apps from read-only locations, which prevents the
loading of harmful plugins included with apps.
[ 657 ]
Next, let's examine the built-in technology macOS uses for malware detection.
Malware detection
Malware detection works in combination with the quarantine and notarization
features. Since Mac OS X Snow Leopard, the macOS update system automatically
updates a list of known threats. When you open a quarantined file, the system verifies
malware included in the list of updates.
macOS uses two technologies for malware protection: XProtect and the Malware
Removal Tool (MRT):
XProtect is macOS antivirus and malware technology. XProtect uses YARA

signatures. YARA is a multi-platform tool that helps researchers identify
and classify malware samples through signature-based detection.
Signature-based detection involves having a predefined repository of
signatures or fingerprints that represent known threats. When a match is
found, the file is categorized as a "threat" and blocked. You can visit this
link if you want to learn more about YARA: http://virustotal.github.
io/yara/. Apple monitors new threats and updates signatures
automatically and independently from the system updates, via automatic
updates. XProtect verifies whether there is malicious content present
whenever an app is first launched and when it has been changed. If your
Mac detects malicious content, you will see a warning that will prevent you
from opening the app, and it will give you the option to move it to the
Trash.
The Malware Removal Tool (MRT) is an engine that takes care of getting
rid of any infections if it finds them. It does this based on the updates it
receives from Apple via automatic updates. When it finds malware, it
removes it and verifies the system on restart and login.
Finally, let's explore another technology that works in combination with malware
detection.
Notarization
Notarization works in combination with malware detection. It is a process that
informs you that Apple has carried out a security check and confirms that no
malicious software was found. macOS Catalina and later requires software to be
notarized and requests your approval before opening software that has not been
signed or notarized to make sure you understand the risks of doing so.
[ 658 ]
When you open an app that has been notarized by Apple, you will see a message like
the one in Figure 15.12.
In the next section, we will explore how to verify the configuration of the security
settings related to the technologies we just saw and how you can make some changes
to bypass the protections that prevent you from opening certain apps.
Verifying app security settings

You can verify the settings related to the technologies and features we just explored in
macOS through System Preferences, as well as making the necessary changes to
bypass the limitations it imposes on an app opening (at your own risk).
Follow these steps to verify the app security settings:
1. Open the System Preferences.

2. Click on the Security & Privacy icon, and select the General tab.
3. You can see in Figure 15.13 that Allow apps downloaded from: App
Store is selected by default. You can change this behavior here to also allow
apps from identified developers not necessarily available just through the
App Store.
Figure 15.13 – App security settings
[ 659 ]
If your Mac is still configured with the default settings, and even if it's configured to
Allow apps downloaded from: App Store and identified developers, you might not
be able to install an app that was not downloaded from the App Store. Let's see next
what to do in that case.
Opening a non-notarized or unidentified app

After you download and install an app that does not pass the notarization process,
when you try to open it, you may receive a warning that the app cannot be opened, as
Figure 15.14 – App security notification
Follow these steps if you still wish to open the app:
Take into account that opening apps from unknown developers or

that are not notarized by Apple is a security risk.
1. Click OK in the notice in Figure 15.14.

2. Go to Security & Privacy in System Preferences.
[ 660 ]
3. You should see a notice at the bottom that indicates the app was blocked
(Figure 15.15). Click the button to Open Anyway:
Figure 15.15 – App security notification
4. A new warning will appear with the option to Open the app. Click on
Open Anyway.
5. In this case, we are sure this app is safe, therefore, we will go ahead and
open it. When you choose Open Anyway, an exception will be recorded in
the security settings, and you will be able to open the app from that point
on.
In this section, we explored the technologies related to app security, such as app
sandboxing, code signing, and more. Also, we saw how to verify your app security
settings and make the necessary changes to open apps from unknown developers. In
the next section, let's explore the technologies that allow you to keep your data safe.
[ 661 ]
Understanding Data security and

encryption
Besides system, hardware, and application security, macOS also provides tools and
features to protect your company's and users' data. In this section, we will explore the
main technology macOS offers specifically for data security and protection:
encryption. By the end of the section, you will understand how data security and
encryption work in macOS and how to configure it. More specifically, we will explore
the following:
Types of encryption
FileVault
Encryption in Macs with an M1 chip
Encrypting external media
Let's begin by learning the types of encryption available in macOS.
Types of encryption
macOS offers two types of encryption:
Full-Disk Encryption: This type of encryption is available for Macs that

don't have the T2 security chip. It provides XTS-AES-128 encryption with a
256-bit key. It is performed through the FileVault tool at the file system
driver level, and it encrypts the startup disk. FileVault is explained in detail
in the next section.
Full-System Encryption: This type of encryption is available for Macs that
have the T2 security chip (Intel-based only). The T2 chip uses an advanced
built-in hardware-accelerated AES engine for 256-bit key encryption tied to
a unique identifier in the T2 chip. You don't need to do anything to benefit
from this encryption as it automatically encrypts and decrypts the SSD
when connected to the Mac with the T2 chip. Because this encryption is
integrated into the T2 chip hardware, if the chip becomes damaged, access
to the encryption keys could be lost; therefore, it is recommended to have a
backup of your data with Time Machine or other methods.
Although the SSDs of computers that have T2 chips are encrypted automatically, it is
recommended to turn on FileVault for extra protection. This way, decryption is not
performed automatically, but a password is required to decrypt the data instead. We
will explore FileVault in the next section.
[ 662 ]
What is FileVault?
FileVault is a macOS encryption technology that helps to protect user data. It
accomplishes this through the seamless conversion of the standard system volume
into a protected system volume.
FileVault is available since OS X Lion (10.7) and later. The current version of FileVault
is also sometimes referred to as FileVault 2, in order to distinguish it from the older
version running in Macs with versions older than OS X Lion, now known as FileVault
Legacy; however, most Macs now use the new version.
FileVault can be used both with Mac computers with the T2 security chip or without
it. The difference will be the type of encryption available for the system volume:
FileVault without the T2 chip uses full-disk encryption to protect data on

your startup disk. This type of encryption is explained earlier in this
section.
On the other hand, FileVault with the T2 chip uses full-system encryption,
which was explained earlier in this section.
When FileVault is enabled, what happens is that your Mac will always require your
user account password to log in. The FileVault technology includes account password
synchronization, and this means that if you change your user account password, it
will automatically sync with FileVault. You won't need to do anything. There's no
need to re-encrypt the volume when users change their password, and that's one of
the advantages of this technology. Also, there's minimal impact on the user
experience since you can continue to work on your computer while the encryption is
being completed. In fact, most processes and applications will continue to behave as
usual and won't be affected by the volume encryption. The time it takes to encrypt
will depend on the amount of data in the disk.
Take into account that when FileVault is turned on, the Guest
account will only be able to use Safari; it won't have access to the
encrypted disk, and it won't be able to create files.
In this section, we will learn how to manage FileVault, including the following:
FileVault Recovery
Enabling FileVault
Turning off FileVault
[ 663 ]
Changing your recovery key

Recovering FileVault access
Encryption with the Apple M1 chip
Let's find out how to enable FileVault, but first, we need to decide which recovery
option we will be using.
FileVault Recovery
There are a few methods, depending on your version of macOS, to unlock a system
when the user forgets or lose their password so that they or an administrator can
regain access to the computer and reset the user account password:
1. OS X Mavericks (only): You can use a FileVault recovery key, which

includes security questions and answers.
2. OS X Yosemite or later: You can use the iCloud account to unlock your Mac
and reset the password.
3. OS X Lion or later: You can create a local recovery key and keep it safe in a
secure place where you will remember where to access it if needed (not on
your system disk!).
4. Institutional recovery key (IRK): This key allows you to regain access to
your data through a FileVault master keychain.
These methods will be explained in detail later in this section; we mention them here
because you need to know which method you will use when you enable FileVault. If
you need more detail on how each method works, you can review the section that
details each method before you enable FileVault.
Enabling FileVault
In older versions of macOS, it was possible to enable FileVault during the initial
configuration of a recently installed or upgraded Mac through the Setup Assistant. In
macOS Big Sur, you can enable it by following these steps:

3. Click the FileVault tab.
[ 664 ]
5. Click Turn On FileVault... as shown in Figure 15.64:
Figure 15.16 – Enabling FileVault
6. Next, you should select how you want to unlock the disk and reset your
password if you forget it. This is very important since you won't be able to
access the disk if you forget your password. For this example, we will
choose the first option in Figure 15.17, Allow my iCloud account to unlock
my disk:
Figure 15.17 – Selecting the FileVault recovery method
WARNING: If you lose your account password and don't have a

recovery method or key, you won't be able to access your disk and
data. No technician and not even Apple's support personnel will be
able to help you.
[ 665 ]
FileVault might take a while to encrypt, depending on the amount of data,

but it will do it in the background, and you can continue to use your Mac
while the process is completing. You will see the encryption progress in the
FileVault tab in System Preferences.
7. When the procedure completes, you will see the message FileVault is
turned on for the disk "[disk name]".
8. Restart the computer for FileVault to start asking for a password to log in
and access the data.
Now, the next time you turn on your Mac, you might see the screen is now light gray,
and you will need to enter your user account password for the system disk to
decrypt. Login will take a little longer now as the disk has to be decrypted.
If there are other users on the same machine, they are authorized to decrypt the disk
as well. However, in older versions of macOS, you may see a window prompting you
to enable each user to access the protected disk. Just click the Enable User... button for
each user.
If for any reason, you no longer need to encrypt your startup disk, you can turn off
FileVault as easily as you turned it on. The procedure is explained next.
Turning off FileVault

If you want to disable disk encryption, perhaps because you sold your computer,
follow these steps to turn off FileVault:

2. Next, click on the Security & Privacy icon.
3. Click the FileVault tab.
5. Click Turn Off FileVault. The procedure will take more or less time,
depending on how much data you have. You will see a progress bar that
allows you to monitor the process.
6. When the procedure completes, you will see the message FileVault is
turned off for the disk "[disk name]".
And that's it! The next time your restart the Mac, you will no longer be asked to
provide your user account password to decrypt the disk.
[ 666 ]
Now, if you want to change your recovery key, you can do it by following the
procedure explained next.
Changing your recovery key

There is no way to change your recovery key while FileVault is turned on. As long as
you know your user account password, you can change your recovery key at any
time, but it will require turning off FileVault. Follow these steps:
1. Turn off FileVault as indicated in the procedure explained in the previous

section. Wait until the procedure finishes.
2. When you see the message that indicates FileVault is turned off for the
disk "[disk name]", you can proceed to turn on FileVault again following
the procedure indicated earlier to enable it and choose a different recovery
key.
If you have lost access to your Mac, for example, because you don't remember your
user account password, you can recover access through the method you selected
when enabling FileVault or even through other user account password recovery
methods, as we will see next.
Recovering FileVault access

These are the methods you have available to recover access to your account if
FileVault is turned on and you don't remember your password or have lost access to
your account:
Using your iCloud account to reset your password (default recovery

method)
Resetting with the local Recovery key
Resetting using the regular user account password reset methods
These methods are explained in Chapter 5, Managing User Security and Privacy; we
won't repeat them here. Please, feel free to go back to that chapter to review them in
detail. Let's see a quick overview of each next.
[ 667 ]
Using your iCloud account

When you enable FileVault, you are asked to select a recovery method by choosing
between two methods to set up a recovery key. Using your iCloud account is the
default method, which sets up a recovery key that you don't see as it is saved in your
iCloud account for you. All you need is to remember your iCloud account user name
and password to use it.
The alternative recovery method is reviewed next.
Resetting with the local Recovery Key

When enabling FileVault, the alternative option you are offered as a recovery method
is to set up a local Recovery Key, which you can use to reset your password. In this
case, however, you do need to save it in a safe place and remember where you stored
it, in case you need it later for recovery.
If neither method is useful for you because you lost access to your iCloud account or
you don't remember where you stored the local Recovery Key, then you can try the
regular account password reset methods explained below.
Resetting using the regular user account password reset methods

These methods are those you have available when trying to reset your user account
password, and they are all explained in Chapter 5, Managing User Security and
Privacy:
Through the Users & Groups preferences: This method assumes you have
lost access to your account, but an administrator has access and can help
you through the Reset Password... button in the Users & Groups
preferences.
Using the Reset Password assistant: If FileVault is turned on and you
forgot your account password, you can use the Reset Password assistant.
Using the resetpassword command: This method requires you to enter
Recovery mode and use Terminal.
Using your Apple ID: If the option is enabled, you can use it as well to
reset your user account password.
In this section, we saw how FileVault provides encryption for your system disk, how
it works, how to enable it and turn it off, and how to recover access to your encrypted
disk if you lose access to your account.
[ 668 ]
Encryption with the Apple M1 chip

In addition to full-disk encryption with FileVault, Macs with the Apple M1 silicon
chip have dedicated hardware that protects the login password and enables file-level
encryption. Third-party app developers can use this file-level encryption to help
protect sensitive data.
Macs with the Apple M1 silicon chip don't require the T2 chip anymore, as the
features it provided are transferred to the new chip. Therefore, Mac models that
today have the T2 chip will not have it anymore when released in the M1 chip model
version.
In the next section, we will see how we can also encrypt external disks with macOS.

In the previous section, we saw the main technology macOS uses for encrypting and
protecting your system disk. However, you probably use removable media; despite
the growing popularity of cloud storage, it is still quite often used, and you probably
have sensitive information on it. macOS provides a method to encrypt your
removable media as well.
Follow these steps to encrypt external media in macOS:
When encrypting external media using macOS, the media format

will be converted to APFS first, and then the data will be encrypted.
Be sure to take this into account before proceeding.
1. Open Finder.
2. Select the external volume/media you want to encrypt, either on the sidebar
or on the desktop.
3. Right-click the volume/media and select Encrypt.
4. You will be asked to enter a password. IMPORTANT! Copy this password
in a safe place so that you will remember it. This is not the same password
as your user account. If you lose this password, you will permanently lose
access to the data stored in the volume/media. There is no recovery method
in this case.
[ 669 ]
5. Verify the password by entering it again.

6. Enter a password hint, which is not a bad idea. Use a meaningful hint to
help you remember your password or a hint of where you stored it.
7. When ready, click Encrypt Disk.
And that's it! When the process completes, your volume/media will be encrypted, and
you will be required to enter a password to decrypt it and access the data on that
media.
In this section, we explored the tools and technologies macOS offers for data security.
We examined how macOS uses encryption, which types of encryption are available,
and the main technology macOS uses to encrypt and protect the system disk, called
FileVault. We also saw how to encrypt external media to protect your data further.
You can now use these tools to ensure your clients' and your users' data is safe.
Now that we have examined most of the tools and measures for system, app, and
data security, let's now look at some additional tools to enhance user security.
Understanding User security

In the previous sections in this chapter, we addressed the technologies, tools, and
features that help you protect the system, hardware, application environment, and
data. Adopting measures to protect user security and privacy are as important as
those we have seen so far. Although we covered a great deal on user security and
privacy, through the use of passwords, the keychain system, and more, in Chapter 5,
Managing User Security and Privacy, there are additional tools and features you can
take advantage of to enhance user security in a more general way. In this section, we
explore these macOS features designed for that purpose:
Two-factor authentication
Login Options
Firewall
Screen Time
Find My
Guest account
Family sharing
Let's examine each of these options.
[ 670 ]
The iCloud Security Code and two-factor

authentication
The iCloud Security Code and two-factor authentication provide additional
protection for your Apple ID account. This way, your Apple ID account can only be
accessed by your Apple trusted devices, such as your Mac, iPad, iPhone, or iPod.
In the latest macOS versions, the iCloud Security Code is a number generated from a
two-factor authentication device enabled for your Apple ID and iCloud. This is
because now when you create an Apple ID, you are requested to provide a trusted
phone number for verification purposes, and two-factor authentication is turned on
by default. When you associate your Apple ID with your account on a Mac, iCloud is
set up with two-factor authentication turned on as well in the same way, by
providing a phone number.
The code generated will appear on the phone or another Apple device you provided
and associated with your iCloud account. If you don't have access to either of those
devices, then the code will be accessible on the first device, usually the Mac where
you activated the Apple ID initially. But this code will most likely be pointless
because if you forgot your login password, it is very likely that you won't be able to
access that Mac. It's a good idea to have other devices associated with this Apple ID if
you want to recover login access through the Apple ID.
When you are trying to authorize a new device to use your Apple ID, you will see a
message like the one in Figure 15.18 on the device you provided as the second factor.
Figure 15.18 – Two-factor authentication
[ 671 ]
When you click on Allow, you will see a security code on the second-factor device, as
Figure 5.19 – Generating a two-factor authentication code
Next, you will need to enter that code on the device you are trying to approve for
using the Apple ID. In the example in Figure 15.20, we enter the verification code in
the Mac we want to authorize:
Figure 15.20 – Entering the two-factor authentication code
In earlier macOS versions, iCloud Security Code was an additional technology

intended to protect your iCloud Keychain when you used it with an Apple ID, but
two-factor authentication was not enabled. When this was the case, macOS asked you
to enter or create an iCloud Security Code to trust a specific device. This code could
also be used to allow access to other devices with the same Apple ID, add more
devices, and regain access to the iCloud keychain if you lost access to all your devices.
[ 672 ]
When you first enabled the iCloud keychain service for a given Apple ID, you were
prompted to enter the security code. It was not mandatory to set it, but if you didn't,
you would have needed to have physical access to the original device where the
service was initially set up to authorize access to the information stored in the iCloud
keychain for a new device. As mentioned earlier, if you lost access to all your devices,
you could regain access to your iCloud keychain by adding a new device through this
code. If you lost access to all your devices and didn't have a security code, the only
option was to reset the iCloud keychain, but in this case, all the contents of your old
keychain would be lost.
This is why the process has been simplified by using two-factor authentication by
default to authorize other devices. However, we detail this information here since this
change is recent, and there might be users using older versions of macOS.
There were several methods to set up this code:
1. Code Plus Verification

2. Complex Security Code
3. Random Complex Security Code
Code Plus Verification was the default method for adding this code, and it works in
combination with an SMS text message validation. With this method, you would be
asked to choose a six-digit code and provide a phone number for the text messages.
Complex Security Code was an advanced method for a more complex and more
secure code. It comprised a code of up to 32 characters.
Random Complex Security Code was also an advanced method where a random,
complex code of up to 32 characters was generated. However, in this case, you would
need to provide a phone number since the method was combined with text message
validation.
If you lost access to the phone number for the text message
validation, you would need to contact an authorized support
professional for assistance.
[ 673 ]
To see, edit, or disable the iCloud security code, you would go to iCloud
Preferences and click the Options button next to the keychain item. In macOS
Catalina and later, the Options button no longer shows, but you can go to the Apple
ID preferences, click the Password & Security menu, and click the Edit button to add
trusted phone numbers, get a verification code, or turn on the Recovery Key feature
(Figure 15.21):
Figure 15.21 – Managing two-factor authentication
Of course, you can also manage two-factor authentication from your Apple ID
account on the Apple ID website: https://appleid.apple.com. Another way you can
increase user security is by restricting the login options. Let's explore how that works.
[ 674 ]
Login options
In the Users & Groups preferences, you have extra options that can be used to
enhance user security and privacy. These are as follows:
Automatic login
Display of usernames
Let's explore these options in the following sections.
Automatic login
This option allows you to automatically log in as a specific user when the Mac is
turned on, without the need to enter a password. This option is disabled by default,
and it should stay that way if more security is desired.
To verify whether this is the case, do the following:

2. Click on the Users & Groups icon.
4. Click on the Login Options tab at the bottom.
5. Make sure Automatic login is set to Off, as seen in Figure 15.22:
Figure 15.22 – Login Options
[ 675 ]
You could also choose any user from the list and enable Automatic login for that user
if you are certain that it does not constitute a security risk.
Take into account that if FileVault is turned on, the Automatic

login option will be disabled.
Let's explore another setting in the same location that you can use to protect your
users' privacy.
Display of usernames
These extra options in the Users & Groups preferences allow you to protect your or
your users' privacy better. For example, you can do the following:
Change the login window to display as Name and password instead of List
of users. This will show blank name and password fields instead of the
username (Figure 15.22).
Change the Show fast user switching menu option from Full Name to
Account Name or even Icon for more privacy (Figure 15.22).
Fast user switching is covered in more detail in Chapter 4, User Accounts

Management.
Next, we'll explore a built-in tool that protects against unwanted connections from
outside.
Enabling the firewall

The macOS built-in firewall prevents unauthorized connections from the internet or
other networks. It is preconfigured to work out of the box, but you can make changes
if you are an advanced user with specific requirements.
Follow these steps to verify the firewall settings:

3. If the firewall is off, authenticate as administrator and click the Turn On
Firewall button, as shown in Figure 15.23:
[ 676 ]
Figure 15.23 – Turning on the firewall
4. After enabling it, you should be able to click on the Firewall Options...
button.
5. You will be presented with more options to customize the firewall (Figure
15.24):
Block all incoming connections: If enabled, it will block all
incoming connections from nonessential services and apps,
allowing only essential connections such as DHCP, Bonjour,
IPSec, and so on. If you enable this option, you might have
problems using certain apps. For this reason, it is disabled by
default. If you choose to use it, you have Add (+) and Remove (-)
icons below to add applications for which you wish to allow
connections.
Automatically allow built-in software to receive incoming
connections: This option is selected by default. It allows built-in
apps and services signed with a valid certificate to be
automatically added to the list of allowed apps.
Automatically allow downloaded signed software to receive
incoming connections: This option is selected by default. It
allows downloaded apps and services signed with a valid
certificate to be automatically added to the list of allowed apps.
[ 677 ]
Enable stealth mode: This option is disabled by default. If

enabled, it prevents your Mac from responding or
acknowledging requests that reveal its presence in the network,
including ICMP requests like pings.
Figure 15.24 – Firewall advanced settings
The next feature we will explore is related to controlling and monitoring.
[ 678 ]
Screen Time
This feature, available since macOS Catalina, replaces the parental controls that were
available in previous versions of macOS. This tool is very helpful for monitoring kids'
screen time usage and restricting the type of content they can see. More specifically,
Screen Time allows you to do the following:
Track usage
Limit usage
How to enable Screen Time and use its features is explained in detail in Chapter 4,
User Accounts Management.
Next, we will see another important feature designed to offer you recovery options if
your Mac is misplaced, lost, or stolen.
Find My
Find My is a feature (available since macOS Catalina) that combines Find My iPhone
and Find My Friends to allow you to locate and even protect your Mac if it's
misplaced, lost, or stolen.
To use this feature, you need the following:
An Apple ID.
An iCloud account.
Location Services must be turned on.
Access to iCloud on another device or the internet.
Your Mac and devices must be updated to the latest macOS version (at
least iOS 13 for devices and iPadOS for iPad) and watchOS if you plan to
use your Apple Watch.
To enable this feature, we need first to make sure Location Services is turned on:
1. Open System Preferences and click on the Security & Privacy icon.
2. Select the Privacy tab and then Location Services, as shown in Figure 15.25.
3. Next, click on the lock icon at the bottom to authenticate as an
administrator.
[ 679 ]
4. Activate the Enable Location Services checkbox at the top.

5. Next, go to the bottom of the list and click on the Details... button next to
System Services.
Figure 15.25 – Enabling Location Services
6. Make sure the Find My Mac checkbox is enabled, as seen in Figure 15.26:
Figure 15.26 – Enabling Find My in System Services
[ 680 ]
Next, we need to enable Find My Mac:
1. In System Preferences, click on the Apple ID icon at the top.

2. Click iCloud on the side menu.
3. Activate the Find My Mac checkbox.
4. If asked if you want to use the location of this Mac, click the Allow button.
5. If you see a Details button besides Find My Mac, it means you need to
enable Location Services, as indicated in the previous group of steps.
To configure Find My, follow the steps given here:
1. After enabling Find My Mac in the previous steps, you will see an Options
button besides Find My Mac (Figure 15.27). If you see a Details button
instead, it means you need to enable Location Services, as indicated earlier.
Figure 15.27 – Enabling Find My Mac
[ 681 ]
2. Click the Options button; you will have these options to configure (Figure
15.28):
Find My Mac: This enables locating, locking, or erasing the Mac.
Find My network: This new feature enables locating the Mac
even if it's not connected to Wi-Fi or a data network. This is
possible thanks to a crowdsourced network of millions of Apple
devices that use Bluetooth technology to detect a nearby device
and report the approximate location to the owner.
Figure 15.28 – Configuring Find My Mac
3. Click Done when finished.
If your Mac is misplaced or stolen, and Find My is set up, this is what you can do:
Locate your device on a map

Play a sound
Lock your Mac
Erase your Mac
Remotely lock your device
Display a message onscreen for whoever has your Mac
Let's explore these options in more detail next.
Locating your Mac on a map

If your Mac is misplaced or stolen, and Find My is set up as indicated in the previous
section, you can locate it on a map. Here's how you can do that:
1. Sign in to iCloud.com (or open the Find My app on your iPhone, iPad, or
iPod touch).
[ 682 ]
2. Click on Find.... Don't worry if it says Find iPhone as in Figure 15.29; in this
section, you will find all your Apple devices that have Find My enabled,
including your Mac:
Figure 15.29 – Locating a lost Mac
3. By default, you will see the location of all your devices on a map, but you
can select a specific device from the All Devices drop-down list, as seen in
Figure 15.30:
Figure 15.30 – Locating a device
[ 683 ]
4. Select your device from the list. You will see a window open with actions to
perform (Figure 15.31). We will see these actions in more detail in the next
section. You can also choose Directions to open the location in the Maps
app and obtain directions.
Let's examine another action we can perform after the Mac has been located on the
map.
Playing a sound
Once you have located your Mac on the map, you can do a few actions; one of them is
playing a sound. This is useful if your Mac is misplaced in a large office, for example.
For playing a sound to work, your Mac must be nearby and online. If your Mac is
offline, it will play the sound when it connects to a network:
1. Follow the steps indicated in the previous procedure.

2. Select a device from the drop-down list.
3. Click the Play Sound button (Figure 15.31).
Figure 15.31 – Actions available on the lost Mac
As you can see in Figure 15.31, the Lock and Erase Mac options will also appear in the
same location as the Play Sound button; however, there are specific requirements for
locking and erasing that we will describe next.
[ 684 ]
Locking your Mac

This feature will mark your computer as lost and lock it with a passcode. You can also
display a message on the screen for the person who finds it or has it. This feature
works in combination with Activation Lock.
These are the requirements for this feature:
A Mac with macOS Catalina or later installed

The Apple T2 security chip (Intel-based Macs only)
An Apple ID with two-factor authentication enabled
Find My Mac enabled
Secure Boot configured in the default setting Full Security
External Boot configured in the default setting "Disallow booting from
external media"
Activation lock must be enabled
Follow these steps to verify whether Activation Lock is enabled:
1. Go to the Apple menu and select About This Mac.

2. Click the System Report... button.
3. Make sure Hardware is selected in the left pane.
4. Take a look at the bottom of the right panel. You should see Activation
Lock Status with the value Enabled:
Figure 15.32 – Verifying Activation Lock
Activation Lock turns on automatically when you configure Find My. If you see
Disabled instead, it means Find My is not enabled or your Mac does not have the T2
security chip.
[ 685 ]
Once these verifications are done, you can proceed to lock your Mac:
1. Follow the steps to locate your Mac on a map.

2. Click Lock or Mark As Lost (Figure 15.31). If asked, confirm you want to
lock your Mac by clicking Lock.
3. You might be asked to provide any of the following information:
Passcode: This is a numeric password different from all your
other passwords, used only for marking your device as lost or to
erase it remotely. If you recover your Mac, you will have to
unlock it with the same passcode.
Family Sharing: You will have to enter a passcode for a family
member's lost device, if a passcode is not set. For this, you will
also need the family member's Apple ID password.
Contact information: Enter a phone number if you want it to be
displayed on your Mac's locked screen.
Message: If you want, you can enter a custom message for the
person who found it or has it to be displayed on your Mac's
locked screen.
4. Click Activate if required.
5. You will see one of these two statuses in the Mark As Lost section:
Activated: It means the device has successfully been marked as
lost.
Pending: Will show if the device is not connected to Wi-Fi and
until it goes online again.
Make sure to disable Activation Lock if you sell or give away your Mac. This can be
achieved through two methods:
Through System Preferences:

2. Click Apple ID and then iCloud.
3. Deselect the Find My Mac checkbox.
4. You will be asked to enter your Apple ID password. Enter it and
sign out.
If you don't have access to the Mac, you can go to the iCloud portal and
follow the procedure to erase the Mac, which will also disable Activation
Lock. This procedure is explained next.
Another action you can perform is to erase your Mac to protect your information if
you have no other choice. Let's see how you can do that.
[ 686 ]
Erasing your Mac

In many unfortunate cases, users might not be able to recover their Macs. You can
also remotely erase them to protect your data if this is the scenario you are facing.
Take into account the following important information if you decide to erase the Mac:
The whole Mac will be erased, including data and information.

You won't be able to attempt to locate your Mac with Find My later on.
If using Activation Lock, it will be turned off. If this is the case, the person
in possession of the Mac will be able to turn on and use the Mac.
Follow these steps to erase your Mac:
1. Follow the steps to locate your Mac on a map.

2. Click Erase Mac (Figure 15.31).
3. Click on Next until the Mac is erased.
4. Click the x icon that appears next to your Mac.
And with this, we have covered pretty much everything about the Find My feature.
We saw how to enable it and use the actions enabled, such as locating your Mac on a
map, playing a sound, locking it, and even erasing it.
Next, we will discuss a couple more features that require your attention to keep your
users and data secure.
Guest accounts
Guest accounts allow any person to temporarily use your Mac without having to
create an account, protecting your data at the same time. The important detail to
remember about guest accounts is that all data and settings will be removed after the
user logs out of the guest account. (Make sure anyone using a guest account knows
that! Many users don't.)
Guest accounts are covered in detail in Chapter 4, User Accounts Management.
[ 687 ]
Family Sharing
Family Sharing is a feature that allows you to share App Store purchases and
subscriptions with other family members without having to share your personal
Apple ID. Besides protecting your Apple ID, it allows you to control children's
permissions in combination with the Screen Time features. With Family Sharing and
Screen Time, you can approve purchases and downloads.
Family Sharing is covered in detail in Chapter 10, Managing Apps and Documents.
And with this feature, we have reached the end of this section, where we explored
tools, features, and practices to protect user security. We examined the iCloud
Security Code, how to enable two-factor authentication, and the login options that can
help you protect user privacy. We also reviewed features that are quite recent, such as
Screen Time, and others that have been around for some time but have been
improved, such as Find My.
We have also reached the end of the chapter. Be sure to check the summary below for
a quick recap of what we covered.
Summary
In this chapter, we explored tools, measures, technologies, and features macOS offers
to help you protect your security and privacy, as well as your users'. We saw them
grouped into five main areas: system, hardware, application, data and encryption,
and user security. You are now aware of which macOS security features protect the
system, such as System Integrity Protection (SIP), and the recommended security
measures that you should implement to promote a safe environment, such as always
requiring the use of secure passwords. At the same time, you know how to enable a
firmware password for extra security to avoid unauthorized users bypassing the
system startup through keyboard shortcuts. You also know how to use FileVault for
full-disk or full-system encryption to protect your data. Finally, you are now aware of
the extra features that help you and your users be more secure, such as Screen Time
and Find My.
In the next chapter, we will explore some advanced techniques for administration
through the use of the command-line Terminal.
[ 688 ]
16
Using the Command Line
The command line is an advanced and powerful way to interact with macOS without
the use of the GUI. Although most fundamental administrative tasks can be done
using the macOS GUI, sometimes it can be more practical to execute them through the
command line. Some advanced administration tasks can only be executed through
this tool.
The macOS command-line tool is based on the Unix operating system. Take into
account that there are hundreds of Unix commands; there's a lot you could do!
However, in this chapter, we will explore how this tool works in macOS. We will see
some examples of some of the most used commands, when and why you should use
the command line in macOS, when you should use the sudo command, and other
common commands you can use to manage files and monitor the system.
Remember that this tool is very powerful and that you can
potentially render your system unstable or unusable if you don't use
it correctly. Proceed with caution.
Using the command-line tool

Monitoring and diagnosing the system
Let's start by reviewing the technical requirements.

Using the Command Line Chapter 16

You should feel comfortable using the command line
Using the command-line tool

Let's review some basic aspects of the command-line tool in macOS. The command-
line interface (CLI) is the most complete tool for executing and processing commands
that look like text strings. Because most user interfaces like the one you see when you
power on your Mac, also known as a GUI, only include commands through buttons
and menus to make the interface user-friendly and to provide most users with the
most commonly used functionalities, these interfaces could be limited for advanced
users or administrators. For this reason, a CLI allows them to access many more
commands, if not all the commands that are available. The CLI has been used for a
long time, and it still remains a very powerful tool.
Regardless of how you connect to the command-line tool (we will explain the
different ways you can access it shortly), you obtain access to the input and output of
a Unix shell process or shell scripting. Different shells have different features and
may use a different syntax. More specifically, this is what we will discuss in this
section:
When and why you should use the command-line interface

Understanding the structure of a command-line string
The sudo command
The command-line interface in macOS
The default shell in macOS
Terminal shell commands
Let's start by examining when and why you should use the command line.
[ 690 ]
When and why you should use the command-

line interface
The command line is to be used for administrative tasks when it makes more sense to
use it rather than using the usual user interface; for example, when you need to run
batch commands, change permissions system-wide, perform tasks as root, and so on.
You should use the command line if you are an advanced user or administrator and
feel comfortable using it. The following are some of the advantages of using the
command line:
More troubleshooting and administration options available

Access to the full filesystem
Remote login through SSH
Running commands as a system administrator or root user
Automation of repetitive tasks through scripting
Remotely manage devices through MDM
Remotely manage Mac computers through Apple Remote Desktop
Now, let's examine what a command string looks like in macOS.
Understanding the structure of a command-

line string
Before we explore the actual command string, we must talk a little bit about the
command prompt. The command prompt is the starting line where all macOS Unix
commands are entered and run. It provides key information to the user. The
information that's included in the command prompt is as follows:
The machine's name

The current directory
The current user
[ 691 ]
In the following screenshot, % is the default zsh prompt symbol. Other shells use
other symbols; for example, bash uses $. We will learn more about the default shell in
macOS later in this chapter. We can see that the machine name is macos-big-sur, the
username is administrator, and the current directory is the home folder, represented
by ~, which is a short way to point to the user's home folder:
Figure 16.1 - Command-line prompt
Now that you know the command-line prompt's structure, let's talk about the
command-line string. It has four parts:
Name
Options/flags
Arguments
Extras
The general form of a UNIX command can be represented in the following way:
[command] [-option(s)/flag(s)] [argument(s)] [extra(s)]
The different parts of the preceding command can be explained as follows:
The command portion is the command name or the "verb." It describes what
you want to do and what the command does.
Think about the option(s)/flag(s) part as if they were the "adjectives," which
modify how the command will run.
The argument(s) are the objects that the command will act on, typically a
directory path or a file.
The extra(s) part is any extra options.
Let's analyze the following command, for example:

rm -r Desktop/folder-to-remove
[ 692 ]
If we break this down:
rm is a command that stands for "remove."

-r is a flag that stands for "recursively."
Desktop/folder-to-remove is an argument that points to the directory
(including the path) that should be removed.
What this command will do is remove the directory specified and all the contents in
it, as indicated by the -r flag.
Now, take into account that if you want to run commands as a superuser or as a user
different from the currently logged-in user, you will need to use the sudo command.
Let's take a brief look at the sudo command.
The sudo command

This is a very important command. The sudo command, or "superuser do," allows us
to run commands as a root user. It is a temporary way to grant a user administrative
rights. You will use it when you need to perform an action as root; in other words,
you will use it when you want to perform administration actions that will affect the
system or other users and that only the root user or superuser can perform, such as
installing software packages, editing configuration files, and so on.
You don't need to enable the root user account to use this command, but you do need
to be at least an admin to use it.
To run commands using sudo, you need to access macOS's built-in command-line
tool or use other tools that support shell scripting.
Let's analyze the following command, for example:

sudo ls -l /Users/johnadams/Documents
If we break this down:
sudo is the command that grants this user administrative rights for this
action.
ls is the command or action that stands for "list."
[ 693 ]
-l is the option that stands for "long," which means the command will be
displayed in long filename format.
/Users/johnadams/Documents is the argument that shows the path to
the directory the command should run on.
Once the command is executed, we will see some output that provides information
such as the owner of the files, the permissions, and the group they belong to. This can
be seen in the following screenshot:
Figure 16.2 - Example of the command's structure
In the following section, we will explore Terminal, the utility provided in macOS to
access the command line.
The command-line interface in macOS

macOS has its own built-in app to run command-line strings or, in other words, its
own shell application: Terminal. You can also use other Terminal emulators or shell
applications, such as iTerm (www.iterm2.com) or Hyper (www.hyper.is), for an
enhanced experience, especially if you are a heavy command-line user.
In this section, we will explain how to access Terminal and configure the
aforementioned features. We will cover the following topics:
Using macOS Terminal

Creating customized profiles
Using marks and bookmarks
Let's start by learning how to use macOS Terminal.
[ 694 ]
Using macOS Terminal

There are many ways to use the command line in macOS. Many of them depend on
the use of Terminal:
You can access Terminal through the /Applications/Utilities folder,

Figure 16.3 - Accessing Terminal from Finder
You can access Terminal via the Recovery interface. Just to recap, you can
do that by holding down the Command + R (Intel-based) key combination or
by holding down the Power button (Apple M1) when your Mac is starting
up. If you need to review more about the Recovery system, check
out Chapter 2, Installing and Configuring macOS. When presented with the
Recovery interface, go to the Utilities menu and select Terminal, as shown
Figure 16.4: Accessing Terminal from the Recovery system
[ 695 ]
You can also use remote login, which will usually be an SSH connection
that you can establish through an app such as WinSCP
(www.winscp.net/). It is an open source software that will let you connect
via SSH to a remote Mac, usually from a Windows computer. There are
other configurations necessary to use remote login, and we talk about them
in Chapter 14, Using macOS Sharing Services.
Finally, you can use single-user mode, which shows you a minimal UNIX
command-line environment that's useful mostly for attempting to repair
the startup drive, mounting drives, reading and writing files, and starting
some system daemons. We learned how to enter this mode in Chapter
3, The Start Up Process, if you want to review it.
If you will be using Terminal, you can take advantage of many features this tool
offers. Here are some of the most useful ones:
Customized profiles: macOS Terminal has predefined profiles, but you can
use customized profiles as well. You can customize many elements of the
Terminal experience, such as colors, fonts, background, and more.
Marks and bookmarks: Terminal output can quickly become very long.
You can add marks and bookmarks to navigate this output more easily.
Customize windows: You can use the inspector or Info window to
customize the windows, including changing their titles and background
colors.
Let's look at some of these features in more detail.
Creating customized profiles

Profiles can be used to customize colors, font, background, and other Terminal
window elements. macOS Terminal comes with a set of predefined profiles, but you
can also create your own custom profiles.
Follow these steps to use profiles:
1. Open the Terminal app, as indicated previously.

2. In the Terminal top menu, select Preferences...
3. Select the Profiles tab at the top and choose a predefined template from the
left-hand side or add a new profile by clicking on the + (Add) button at the
bottom, as shown in the following screenshot.
[ 696 ]
4. Explore the options in the Text, Window, Tab, Shell, Keyboard, and
Advanced tabs to customize your profile even further:
Figure 16.5 - Terminal Profiles
[ 697 ]
You can also apply a profile to a specific Terminal window. To do that, follow these
steps:
1. Go to the Shell top menu option.

2. Select Show Inspector.
3. Select the Profile tab, and then select a profile. In the following
screenshot, we chose the Homebrew profile for this window:
Figure 16.6: Terminal window profile
Besides customizing your Terminal experience, you can also take advantage of some
of the features to manage your Terminal's output by using marks and bookmarks, as
we will explore next.
Using marks and bookmarks

Marks and bookmarks help you navigate your Terminal output to find a specific
command prompt, select and copy parts of the output, and more. Let's take a look:
Marks are used mostly to mark command-line prompts and lines in the
Terminal's output. The Terminal app uses brackets [ ] as marks, as shown
Figure 16.7 - Command-line prompt marks
[ 698 ]
You can change this behavior so that prompts are not marked anymore. To
do this, with the Terminal app open, go to Edit in the top menu, next to
Marks, and make sure Automatically Mark Prompt Lines is deselected.
Bookmarks use heavier vertical bars, and they are mostly used to mark
sections of content. However, you can also bookmark rows or insert them
into specific parts of your output with either a timestamp or
name/timestamp. The Terminal app uses vertical bars, |, to mark
bookmarks, as shown in the following screenshot:
Figure 16.8 - Selection bookmark
Do the following to add/remove marks and bookmarks:
1. Open your Terminal app.

2. Select the rows you want to mark, right-click, and then choose Mark from
the contextual menu or the Edit top menu option. This will mark the text
with brackets. To use vertical bar bookmarks, select Mark as
Bookmark instead.
To remove a mark or bookmark, select the rows, right-click, and then choose Unmark
from the contextual menu or the Edit top menu option.
[ 699 ]
Follow these steps to insert a bookmark with a timestamp or name:
1. Open your Terminal app.

2. Choose Edit from the top menu, then Bookmarks, and then Insert
Bookmark to insert a bookmark with a timestamp. Alternatively,
choose Insert Bookmark with Name to add a name as well:
Figure 16.9 - Inserting a bookmark
3. Note that the bookmark will be inserted just above the next available
command prompt, as shown in the following screenshot:
Figure 16.10 - Bookmark location
To locate a mark or a bookmark, go to the Edit top menu option, select Navigate, and
choose one of the options to jump to a bookmark, as shown in the following
screenshot:
[ 700 ]
Figure 16.11 - Jumping to bookmarks
To locate a specific bookmark, follow these steps:
1. Go to Edit, select Bookmarks, and choose a bookmark from the list, as

shown here:
Figure 16.12 - Locating a specific bookmark
[ 701 ]
2. You will notice that if either a mark or bookmark is selected, it briefly

flashes with a yellow highlight. After that, it will be blue, as long as it
remains filtered:
Figure 16.13 - Filtering a bookmark
In this section, we learned how to customize the macOS Terminal to make advanced
administration through the command line more convenient. If you are familiar with
the command line, then you probably know that the macOS Terminal works with
Unix shells. macOS has a default shell, but you can change it according to your
requirements, as we will see next.
The default shell on macOS

As we mentioned earlier, to use the command line, you need a shell application. Let's
say we will be using the built-in macOS Terminal. Next, you need to determine which
Unix shell you will be using. By default, macOS uses the zsh shell since
macOS Catalina. Before that, bash was the default shell (OS X 10.3 Panther and later),
and tcsh was used before that. You can configure which one you will use, as we will
see next. Each shell has a diverse set of features such as shortcuts, variable handling,
better completions, and more.
[ 702 ]
zsh or the Z shell (www.zsh.org) is preferred over bash these days because it has
many improvements. These are some of the most important ones:
It has many plugins available.

It has a large community of contributors and support guides.
Directory change is automatic; all you need to do is type in the directory's
name.
Path expansion is recursive. For example, if you type /us/lo/bi, it will
expand to the correct directory; that is, /usr/local/bin.
It has automatic spelling and completion correction.
Remember that, since macOS Catalina, zsh is used as the default login and interactive
shell. Therefore, if you've recently upgraded to macOS Catalina, you will see a
warning similar to the one shown in the following screenshot:
Figure 16.14 - Shell update warning
There are at least two ways you can configure or update your shell:
Through Terminal: By running the command indicated in the warning in

the preceding screenshot.
Through the Users & Groups preferences (this will change it for a specific
user).
Follow these steps to configure the shell through the Terminal application:
1. Open the Terminal app, as shown earlier.

2. Go to the Terminal top menu and select Preferences....
[ 703 ]
3. In the General tab, in the Command (complete path) field, enter the path
to the shell you want to use. In the following screenshot, the path is
/bin/zsh. Change it as you wish:
Figure 16.15 - Updating the shell through the Terminal preferences
To configure the shell through the Users & Groups preferences, follow these steps:

2. Click on the Users & Groups icon.
4. Right-click on the username you want to configure the shell for and click
on Advanced Options.... You will see the following window:
[ 704 ]
Figure 16.16 - Updating the shell through the Users & Groups preferences
You can visit this support article for more information on changing
the default shell for the macOS Terminal: https://support.apple.
com/HT208050.
5. Select the login shell you wish to use from the drop-down menu, as shown
in the preceding screenshot.
Once you have the shell set up, you will be able to use the commands available for
that shell. Many commands are available. In the next section, we will look at some of
the most essential commands.
[ 705 ]
Terminal shell commands

There are many commands we can use in Terminal, and their availability depends on
the shell you are using. Although this is not a chapter specifically on Terminal
commands, in this section, we will look at some commonly used commands and
some examples of how to use them to get a good idea of what you can do. In the next
section, we will learn how to use Terminal with more complex commands to
hide/unhide files and folders.
You can look at the list of commands built into the specific shell you are using, known
as "builtins," by using the following commands for specific shells. These commands
will return a list of the specific shell's built-in commands, as well as examples of their
use:
Shell Command
tcsh builtins
bash help
zsh man zshbuiltins
In the following sections, we will cover the following topics:
Common commands
Hiding specific files and folders
Let's begin with the first section, where we will cover commonly used commands.
Common commands
You can use many commands with macOS Terminal, but the following are some of
the most popular and commonly used commands and key combinations that you will
probably learn off by heart very quickly. The following screenshot shows a table of
commonly used commands:
[ 706 ]
Figure 16.17 - Commonly used commands
[ 707 ]
The following are some key combinations you will also find very handy:
Figure 16.18 - Common key combinations
Let's look at some examples of the commands shown in Figure 16.17.
We will only look at some examples for a few commands, along with some
screenshots, for you to get a good idea of how they are used. Let's get started:
.: The ./file.doc string is used to indicate the file.doc file in the

current directory.
..: The ../Documents string is used to indicate the Documents folder in
the parent directory of the current directory; that is, a sibling folder of the
current directory.
~: The ~/Documents string is used to specify the Documents directory of
the currently logged-in user.
cd: As shown in the following screenshot, by running the cd
Documents command, we are changing from the current root directory to
the Documents directory. You can tell that we have changed directory
because the directory's name, Documents, appears before the prompt:
Figure 16.19 - cd command
chmod: Let's say we run the following command:
chmod 755 Documents
[ 708 ]
This will change the Documents folder's permissions to 755, which means
read, write, execute permissions for the Owner; and Read Only for Group
and Everyone.
To use this command and the next one, you need to have a good
understanding of Unix ownership and permissions. We describe
macOS ownership and permissions in Chapter 7, Understanding
Ownership and Permissions.
In the following screenshot, in the Info window, we can verify that the file's
permissions for the Documents folder have changed after running the chmod
command:
Figure 16.20 - chmod command
[ 709 ]
chown: This command is used as follows:
chown [username] [file]
For example, let's run the following command:
chown johnadams ~/Documents/test.rtf
This will change the ownership of the test.rtf file to make

user johnadams the owner. In the following screenshot, in the Info window,
we can verify that the file changed ownership to johnadams:
Figure 16.21 - chown command
ls: In the following example, we will use the ls –l command. This allows
us to see the file and folder permissions in a specific directory; in this case,
the user's home directory:
[ 710 ]
Figure 16.22 - ls command
mkdir: The syntax for this command is very simple: mkdir [new
directory].
pwd: Earlier, we changed to the Documents directory. The following
command shows the full path to that directory, as shown in the following
screenshot:
Figure 16.23 - pwd command
In the next section, we will look at another very important use of the command line,
which is to uncover hidden files and folders.

macOS uses methods to keep things clean and tidy in the filesystem. One of these
methods is hiding items. In Chapter 8, System Resources and Shortcuts, we learned
how to access files and folders hidden by default by macOS through Finder.
In this section, we will learn how to uncover all hidden files and folders
through Terminal. In the next section, we will learn how to pick specific items and
hide them; perhaps a folder you don't want anyone to see.
[ 711 ]
To show all hidden folders, run the following command in Terminal:

defaults write com.apple.finder AppleShowAllFiles TRUE
Next, enter the following:

killall Finder
If you go to Finder now, you will see many other hidden files and folders, as shown
Figure 16.24 - Unhiding files and folders
To revert to the original Finder with the hidden files and folders, just use
Terminal again and type:
defaults write com.apple.finder AppleShowAllFiles FALSE
Next, enter the following:

killall Finder
This will reset the Finder window and show the files as usual again.
[ 712 ]
Another quick way to hide/unhide files and folders without using

Terminal is to use the shortcut key combination Command + Shift + .
(period).
Just like you can access files and folders hidden by default by macOS or uncover
them all through Terminal, you can also pick specific items and hide them yourself;
perhaps a folder you don't want anyone to see. This is what we will see in the next
section.
Hiding specific files and folders

You can hide specific items in macOS so that they won't be visible in Finder. There are
two methods to do so, and you will need to use Terminal for both as it is not possible
to use the Finder for this:
Use Terminal to add a period at the beginning of an item's name

Use the hidden file flag
The first is a Unix method, and it hides the item from Finder and Terminal when
you're listing items.
The second is a Mac feature, which consists of enabling the file flag so that it's not
visible in Finder. Take into account that this method will not hide the item in
Terminal.
Follow these steps to use the first method. In this example, we will hide the file
named test.rtf, located inside the administrator's Documents folder:
1. Open Terminal.
2. Change directory to the folder that contains the file you want to hide with
the cd command (replacing this with your actual path) and
press Enter when you're ready:
cd /Users/administrator/Documents
3. Use the mv command to change the filename (replace the filename as

appropriate), and also include a period at the beginning of it. Press Enter
when you're ready:
mv file-to-hide.rtf .file-to-hide.rtf
4. At this point, the file will immediately be hidden in Finder.
[ 713 ]
To undo what you just did and show the file again in Finder, follow the same steps
you followed previously, but do the opposite to rename the file with the period to one
without a period:
1. After changing the directory to where your file is located, use the same
command, but use the file with the period first. Then, press Enter when
you're ready:
mv .test.rtf test.rtf
2. The file will immediately be visible again in Finder.
You might have to close and reopen the Finder window for the file
to be visible again.
Now, let's learn how the second method works. To hide a folder called Secrets
inside the Documents folder, follow these steps:
1. Open Terminal.
2. Change directory to the Documents folder using the cd command.
3. Enter the following command, followed by a space at the end (but don't
press Enter yet):
chflags hidden
4. Next, enter the folder's path if you know it, or drag and drop the folder into
Terminal, as shown in the following screenshot, so that the path will be
automatically entered:
Figure 16.25 - Inserting a folder path
5. You should see the full path after dragging and dropping the folder, at
which point you can go ahead and press Enter:
[ 714 ]
Figure 16.26 - Hiding an element
6. The folder will now be hidden from Finder.
You can use the Tab key to autocomplete filenames, pathnames, and
command names in Terminal.
To view the hidden folder, you can do any of the following:
Use the Go to folder... option in Finder. Click on the Go menu item and
select Go to Folder.... Next, enter the exact folder path. You can type the
whole path, or if the folder is located in your user's home folder, you can
just use the abbreviated form; that is, ~/Desktop/Secrets:
Figure 16.27 - Seeing a hidden folder by using Go to the folder
To quickly view the folder or any other hidden items, you can use the
shortcut combination Command + Shift + . (period). As soon as you do that,
the folder will appear again in Finder, but in a slightly lighter color:
Figure 16.28 - Viewing hidden elements with a shortcut
[ 715 ]
To undo what you just did and make the folder permanently visible again in Finder,
follow these steps:
1. Open Terminal.
2. This time, enter the chflags nohidden command, leaving a space at the
end (and don't press Enter yet).
3. You should now enter the path to the folder you want to uncover or use the
temporary method to make it visible through the Command + Shift + .
(period) key combination. Then, you should be able to drag and drop the
folder into the Terminal.
4. Once the path shows as complete in Terminal, press Enter; the folder will
be visible again in Finder.
And that's it!
In this section, we explored the command-line interface, as well as when and how
you can use it to perform a variety of advanced administration tasks in macOS. We
also saw how the command line works in macOS, the default shell that's currently
used, as well as additional shell commands. Moreover, we discovered how to uncover
hidden files and folders using this tool.
In the next section, we will look at the commands we can use to monitor and diagnose
the system.
Monitoring and diagnosing the system

There are useful commands you can use in Terminal to verify and repair the startup
volume. fsck is a common UNIX command that's used for system checks and
repairs. It is the equivalent of First Aid in the Disk Utility tool. For APFS volumes,
you could also use the fsck_apfs command.
To use this command, you need to restart your computer in single-user mode so that
the system disk is unmounted. You can review how to enter single-user mode by
rereading Chapter 3, The Startup Process.
Through the use of flags, you can perform extra actions. For example, the -f flag
forces journaled filesystems to be verified, such as HFS, while the -y flag answers
with "Yes" to any prompts fsck might encounter, so use it with caution. In the case of
APFS volumes, you can use the -n flag to verify without performing any repairs.
[ 716 ]
For example, once you are in single-user mode or you are sure your system disk is
unmounted, you could run the following command:
fsck_apfs -y
If there is a problem or the filesystem was altered in any way, you will see a message
stating File System Was Modified. -y is a flag that means "yes, repair any problems
encountered," without you needing to enter any additional commands yourself.
As we explained in Chapter 3, The Start Up Process, you should repeat the command
until the message "the volume appears to be OK" appears, as shown in the following
screenshot:
Figure 16.29 - Using the fsck command for disk diagnostics/repair
Once you see that message, you can make use of the command line to make the
necessary changes or fixes.
Take into account that verbose and single-user mode cannot be

accessed as explained here in Macs with the T2 chip. The alternative,
in this case, is to enter Recovery mode and use Terminal. See
Chapter 3, The Start Up Process, for more details.
[ 717 ]
In this section, we looked at a brief, basic overview of the command line and how it
works. If you want to learn more about it, or about zsh in macOS, I have left a few
great resources in the Further reading section at the end of this chapter. You can also
check out Mac Linux Command Line Kick Start in 4 hours (https://www.packtpub.com/
product/mac-linux-command-line-kick-start-in-4-hours-for-beginnersvideo/
9781789130713), which is available in the Packt library (https://www.packtpub.com/
product/mac-linux-command-line-kick-start-in-4-hours-for-beginnersvideo/
9781789130713), to learn more about Linux commands.
And with this section, we have reached the end of this chapter. Make sure that you
review the summary for a quick recap of what was covered in this chapter.
Summary
Now that you have reached the end of this chapter, you know when and why you
should use the command-line tool in macOS. You also understand the structure of a
command line-string, when the sudo command should be used, and what the
command-line interface in macOS looks like. You can also run several commands to
perform a variety of advanced actions, such as for creating directories, changing
permissions and ownership, uncovering hidden files and folders, and more. You also
learned how to customize your Terminal app by using profiles, marks, and
bookmarks. You also know that you can choose different shells that will let you
access different "built-in" commands. Finally, you know how to verify the state of
your startup disk through the use of the fsck command.
This is also the last chapter of this book. At this stage, you are fully prepared to install
and configure macOS, manage users, manage user security and privacy, and manage
files, apps, documents, network services, sharing services, and system security. If you
will be taking the Apple Certified Support Professional examination, you are now
well prepared to succeed!
In the Appendix, we will offer some troubleshooting tips that can be very helpful in a
variety of situations.
[ 718 ]
Further reading
Falstad, P. (2014). The Z Shell Manual. Retrieved from http://zsh.sourceforge.net/
Doc/Release/The-Z-Shell-Manual.html#The-Z-Shell-Manual.
Apple. (n.d.). Command Line Primer. Retrieved from https://developer.apple.com/

library/content/documentation/OpenSource/Conceptual/ShellScripting/
CommandLInePrimer/CommandLine.html.
Briegel, A. (2021). macOS Terminal and shell.
[ 719 ]
Troubleshooting Tips
In this Appendix, we will go through various FAQs related to common
troubleshooting issues. Although not every type of issue can be covered, we will
provide answers and practical suggestions for solving the most common types of
problems related to topics such as issues with apps, disks, volumes, and more; for
example, what to do if you have problems with a specific app; and what to do if a
disk shows unexpected behavior and seems to be corrupted; and so on.
The tools macOS provides and that will be frequently used for troubleshooting are
the Console and the Activity Monitor apps. Both can be accessed from
the /Applications/Utilities/ folder, though you can use Spotlight to locate
them quickly.
Some of the suggestions we will see here are for advanced users and include the use
of the Terminal app. Therefore, if you feel you cannot understand those suggestions
or feel uncomfortable manipulating some of the Mac tools or hardware, or if you still
have problems despite trying all the suggestions, you can always contact Apple
Support (https://getsupport.apple.com/), an Apple Store (https://www.apple.
com/retail/storelist/), or an Apple Authorized Service Provider (https://
locate.apple.com/).
Let's begin by looking at some suggestions for troubleshooting app issues.

Troubleshooting app issues

In this section, you will find the most common questions regarding app issues. More
specifically, we will respond to the following questions:
Where can I start to troubleshoot apps with issues?

How do I know if a Mac has enough physical memory to perform a task?
How can I quit an app that is not responding?
How can I verify if an app is optimized for an Apple M1 silicon Mac?
What if the app I want to use in my Apple M1 Mac hasn't been optimized
yet?
Let's begin addressing all these questions.
Where can I start to troubleshoot apps with issues?
Take these general steps into account when you're troubleshooting apps that are
experiencing issues. Follow them in order, going to the next step each time the
previous one proves unsuccessful:
Restart the app: If the app is not responding, we will explain how to force
the app to quit later in this section.
Open another known working document: This way, you can verify if the
problem is with the document or with the app itself. For example, if you
are working on a Word document, try to open a new document. If you are
able to open it and work on it without any problems, then it is likely that
the problem is with the other document, which is probably corrupted.
Some apps offer recovery options for corrupted documents, or you can
recover them from a backup if you have one.
Try working with another app to verify if it functions properly: This way,
you can verify if the problem is just with that app or with all the apps.
Try using another user account: This way, you can verify if the problem
happens only with your account or all the accounts on the system.
[ 721 ]
Delete cache files: Usually, macOS takes care of this automatically. This is
not a procedure that you want to do regularly, and only if the previous
suggestions don't fix the problem. Cache files might need to be removed if
you're experiencing app performance problems. Follow these steps to
remove them:
1. Make sure you have a backup.
2. Quit any open apps.
3. Go to the Finder menu, select the Go menu option, and hold
down the Option key to reveal the current user Library folder
option. Click on Library. Look for the Caches folder and double-
click on it to open it, as shown in the following screenshot. An
alternative way to reach this folder even faster is to select
the Go menu option, select Go to Folder..., and
type ~/Library/Caches.
4. Choose the folder for the app with problems (for example, Maps)
and move that folder to Trash:
Figure A.1 – Removing caches
5. Don't forget to empty your Trash afterward.
[ 722 ]
Replace preference files: Occasionally, removing preference files will also

fix problems with apps, especially performance issues due to corrupted
preference files. Preference files have the .plist extension. When you
remove them, they are recreated with new, fresh files upon the next app
launch:
1. Follow the previous procedure for the caches until step 3.
2. Look for the Preferences folder and open it, as shown here:
Figure A.2 – Removing preference files
3. Look for the .plist file you wish to remove; for example, the
Skype preferences file, as shown in the preceding screenshot.
4. Rename the file by adding _old or a similar prefix or suffix. This
is to make sure you can quickly restore the file if an error occurs
as a consequence of removing the file.
5. Open the app and make sure it's working properly. Once you
have verified this, you can permanently remove the old file to
the Trash, or if something went wrong, you can restore the file
by removing the newly created file from the Trash and restoring
the old file by removing the prefix or suffix you added.
6. Don't forget to empty the Trash.
[ 723 ]
Check diagnostic reports and log files: You can access these logs through
the Console app. We'll explain these logs in more detail in
the Troubleshooting with logs section at the end of the Appendix.
Reinstall the app: If you can't fix the problem through the previous steps,
you don't want to risk manipulating resource files, or you are not sure how
to interpret logs, then uninstalling and reinstalling the app is the last
resource but still a good and effective option.
How do I know if a Mac has enough physical memory to perform a task?
Activity Monitor shows you open apps and processes. This tool also shows historical
memory use since the last computer startup. Follow these steps:
1. Open Activity Monitor, as indicated at the beginning of the Appendix.

2. Go to the Memory tab.
3. Take a look at the information in the bottom-right boxes, especially the
values of the Swap Used and Compressed memory statistics, as shown
here:
Figure A.3 – Verifying memory availability
[ 724 ]
A low value is OK, and a high value indicates the Mac doesn't have enough real
memory for the app to run appropriately. To help you interpret these numbers more
easily, the Activity Monitor has a Memory Pressure graph at the bottom left, which
displays a color based on the free memory, swap rate, wired memory, and file cached
memory information. You can use these Memory Pressure colors to find out if your
computer is using memory efficiently:
Green: This means your computer is using its RAM efficiently.

Yellow: This means your computer might need more RAM soon.
Red: This means your computer definitely needs more RAM, in which case
you can upgrade the memory if your Mac model allows it. Alternatively,
you can close programs/processes to free up any memory if upgrading is
not an option.
How can I quit an app that is not responding?
There are three ways to force an unresponsive app to quit:
From the Force Quit Applications dialog window: You can access this
window from the Apple ( ) menu, as shown in the following
screenshot, or by pressing Option + Command + Esc:
Figure A.4 – Force Quit menu option
[ 725 ]
From the Dock: If the app is not responding, you can right-click on its icon
on the Dock and force quit from there.
From the Activity Monitor: You can use this tool to force quit a non-
responding process or app. Follow these steps to do so:
1. Open Activity Monitor, as indicated at the beginning of the
Appendix.
2. Under the Process Name list, select the process or app you want
to quit. An unresponsive process or app will be marked with Not
Responding next to it.
3. Click the X button at the top, as shown in the following
screenshot.
4. You will see a dialog window with the options to Quit, Force
Quit, or Cancel. Choose Quit or Force Quit if the first option
does not work:
Figure A.5 – Force Quit from Activity Monitor
How can I verify if an app is optimized for an Apple M1 silicon Mac?
For an app to be compatible with Macs with the Apple M1 silicon chip, they need to
be of the Universal binary kind, which means they can run on both Intel-based Macs
as well as on M1 chip-based Macs.
[ 726 ]
Follow these steps to find out if an app is optimized for M1 chip-based Macs; that is,
the Universal kind:
1. Open System Report through the Apple ( ) menu (pressing the Option key
to reveal the option) or by searching for it through Spotlight.
2. Scroll down to the Software section of the sidebar, as shown in the
following screenshot.
3. Select the Applications option nested below it, as shown here:
Figure A.6 – App compatibility with M1
4. Click on the Kind column to verify if the app is of the Universal kind,
which means it is optimized.
You can also check out https://isapplesiliconready.com, which

provides an extensive list of applications and tells you if they are
optimized for Apple M1.
What if the app I want to use in my Apple M1 Mac hasn't been optimized yet?
[ 727 ]
If the app you want to run hasn't been optimized for Macs with the Apple M1 chip
yet, then another solution is to install the Rosetta 2 app to emulate the required
architecture. The system will automatically let you know you need to install it when
you try to run an app that's been not optimized for M1 Macs, as shown in the
Figure A.7 – Rosetta install warning
If you don't see the prompt to install Rosetta, you can install it from the Terminal,
which is currently the only other alternative. Follow these steps:
1. Open the Terminal.

2. Enter the following command:
softwareupdate --install-rosetta
3. Agree to the License Agreement. And that's it!
You can also use this command to accept the License Agreement without interacting
with Terminal:
softwareupdate --install-rosetta --agree-to-license
Rosetta will run in the background, and all you need to do is just open the app as
usual.
Problems with apps can be related to disk and volume issues, for example, if a file
won't open. In the next section, we'll examine some possible troubleshooting steps for
disk and volume problems.
[ 728 ]
Troubleshooting disk and volume issues

In this section, you will find the most common questions regarding disk and volume
issues. More specifically, we will cover the following questions:
What is a helpful tool for troubleshooting and repairing partition and

volume issues?
My Mac is unresponsive. What can I do to attempt to recover the data in
the system volume?
How can I repair the startup disk in a Mac with the Apple M1 silicon chip?
We'll address these questions here.
What is a helpful tool for troubleshooting and repairing partition and volume
issues?
Disk Utility First Aid is a feature that can help you verify and repair partition
schemes and volume directory structures. Disk Utility can detect and possibly repair
problems such as corrupted files, external devices not working properly, or the
system disk not successfully starting up the Mac. However, take into account that not
all disk problems can be repaired; for example, an input/output (I/O) error, as shown
in the following screenshot, from a real troubleshooting case, occurs when the system
is unable to communicate with the disk, and most likely means a hardware failure,
either in the disk itself or with a cable. If the problem is the disk, it's usually beyond
the Disk Utility First Aid's help. If you suspect that it's a hardware problem, you can
try using the Diagnostics tool. This procedure will be explained in the Troubleshooting
system and startup issues section, later in this Appendix:
[ 729 ]
Figure A.8 – Disk I/O error
When you run Disk Utility First Aid, the tool checks the partitions and volumes on a
disk. It can also verify the contents of a single volume.
To check the startup disk or volume, follow these steps:
1. Access the macOS Recovery interface according to the right procedure for
Intel-based or Apple M1 Macs (more details on the corresponding
procedure can be found in Chapter 2, Installing and Configuring macOS).
2. Select Disk Utility from the Recovery interface and click Continue.
[ 730 ]
3. Select the startup volume (usually, this is Macintosh HD) from the left-
hand side menu, click the First Aid button, and then click Run, as shown
here:
Figure A.9 – Disk Utility First Aid
You can get several types of results from this verification:
The disk appears to be OK or it has been repaired: This means there are
no other actions to take, and you can quit. But before that, you can click
on Show Details to see more information about any repairs that might
have been done:
[ 731 ]
Figure A.10 – First Aid successful
First Aid process failed: This means Disk Utility was unable to repair the
disk or volume. At this point, you can do any of the following:
Attempt to repair it again.
Back up the data, if possible.
Reinstall macOS and reformat the disk/volume in the
process, and restore your backed-up date after that:
Figure A.11 – First Aid failed
[ 732 ]
Overlapped extent location: This means two or more files occupy the same
space in the disk. At this point, you will need to verify each affected file
and either replace, recreate, or delete them. You will find an alias for the
corrupted files in a folder called DamagedFiles, located at the disk's root.
If you have a data volume (usually Macintosh HD – Data), check it with First Aid as
well, following the same procedure described.
To check any disk or volume (other than the startup disk or volume), you can use
Spotlight to quickly locate and open Disk Utility without using macOS Recovery and
then follow the same steps described earlier.
My Mac is unresponsive. What can I do to attempt to recover the data in the system
volume?
If your Mac is not working and you have important data that is not backed up, you
can use Target Disk mode to attempt to recover the data in the system
volume. However, take into account that you need another Mac computer for this.
Also, both Macs need to have FireWire, Thunderbolt, or a USB-C port to connect to
each other. This mode uses one computer as if it was just an external hard drive or
"target." For this to work, the Mac you want to use as a target should be able to turn
on, so this is not a good solution if the Mac is not turning on. This is also a good way
to transfer large amounts of data between two Macs.
Follow these steps to use Target Disk mode on Intel-based Macs:
1. Connect both Macs with a FireWire or Thunderbolt cable.

2. Do the following on the Mac you want to use as an external disk or target:
If the computer is off, turn it on while pressing and holding down

the T key.
If the computer is off, turn it on while pressing the Command + R key
combination to enter the Recovery interface. Then, select Startup Disk from
the Apple ( ) menu and click on the Target Disk Mode button, as shown
in the following screenshot.
If the computer is on, open System Preferences, select the Startup
Disk icon, and then click Target Disk Mode:
[ 733 ]
Figure A.12 – Target Disk Mode
3. This computer should now show up on the other computer as an external

drive. You should see the external disk icon on the Desktop or on the
sidebar menu.
4. Transfer the files you want to recover from the target Mac by dragging and
dropping them onto the other Mac.
5. Once you are done, you can disengage Target Disk mode by ejecting the
external disk icon or dragging it to the Trash.
6. You can then turn off the target Mac and disconnect the cables.
As such, Target Disk mode is not available on Macs with the Apple M1 chip;
however, they have a feature called Share Disk, which serves the same purpose.
Follow these steps to use it:
1. Connect both Macs with a USB, USB-C, or Thunderbolt cable.

2. Restart the Apple M1 Mac and turn it on while pressing the Power button
until you see the Options icon.
[ 734 ]
3. Click Options to enter the Recovery interface.

4. Select the Share Disk option from the Utilities menu, as shown in the
Figure A.13 – Target Disk Mode (Apple M1)
5. Select the disk or volume you wish to share, and then click Start Sharing.
6. On the other Mac, open Finder and click on the Network folder on the
sidebar.
7. Double-click the icon of the Mac that is being shared. At this point, you will
see a dialog window asking you to Connect As. Select Guest, and then
click Connect. The shared volume will then mount.
8. You will now be able to transfer files between both computers.
9. When finished, click the Eject button on the Mac with the mounted volume.
Sometimes, the problem might not be the disk but the startup process. In the next
section, we'll examine how to proceed when this seems to be the case.
Troubleshooting system and startup

issues
In this section, you will find the most common questions regarding system and
startup issues. The questions we will address are as follows:
How do I use Safe Mode to troubleshoot?

How do I use startup modes on a Mac with the Apple M1 chip?
If I suspect a hardware failure, is there anything I can do before taking my
Mac to a technician?
My Mac is frozen. How can I force it to restart?
What can I do if my Mac won't turn on?
What is NVRAM, and how does it help with troubleshooting?
[ 735 ]
My Mac is now unresponsive after a power outage during an

update/installation. What can I do?
My Mac shows a folder with a question mark during startup. What does
that mean?
My Mac shows a prohibitory icon during startup. What does that mean?
Let's begin answering these questions.
How do I use Safe Mode to troubleshoot?
Safe mode prevents certain items from loading when macOS starts up, including
login items, system extensions not required by macOS, and fonts not installed by
macOS. At the same time, when a Mac starts up in safe mode, the startup volume is
verified and system caches are deleted. Safe mode is useful when you are trying to
isolate problems that seem to be related to the system or startup.
Follow these steps to start up in safe mode (Intel-based Macs):
1. Restart your Mac or turn it on. Press the Shift key as soon as it starts up and
release the key when you see the login window.
2. Log into your Mac or user account as usual.
3. If the Mac logs in without problems, it most likely means a startup item is
creating the problem. Restart in normal mode and check if the problem has
been resolved.
4. If the problem was resolved, it was probably just a cache problem that's
been fixed by safe mode.
5. If the problem hasn't been resolved, you should verify if a login item is
causing the problem. To do that, follow these steps:
1. Restart and log in as usual (not in Safe mode).
2. Open System Preferences and click on Users & Groups.
3. Select the user who has the problem and select the Login
Items tab.
4. If you have any login items, uncheck all the boxes to deactivate
them.
5. Activate one item at a time and restart the Mac to verify if the
login procedure proceeds successfully until you find the one
causing the problem.
6. If this does not resolve the problem, it could be something more serious
that might require reinstalling macOS or troubleshooting other areas, such
as the disk.
[ 736 ]
How do I use startup modes on a Mac with the Apple M1 chip?
Startup modes are different on Macs with the Apple M1 silicon. Instead of using key
combinations at startup, as you would normally access them on Intel-based Macs,
they are all accessed through the Power button. In addition, there are a few more
modes you can take advantage of besides the ones we already knew from Intel Macs.
For more information on the modes also available on Intel-based Macs, you can
review Chapter 3, The Startup Process. The modes available on M1 Macs are as
follows:
Safe mode
Verbose mode
DFU mode
Startup Manager
Recovery mode
Fallback Recovery mode
Diagnostics mode
The modes that are not available anymore are as follows:
Single-User mode: An equivalent to this would be using the Terminal in

Recovery mode.
Target Disk mode: It is not available as such, but there is an equivalent
option known as the Share Disk option, which can be accessed from the
Recovery interface, as explained in the Troubleshooting disks and volume
issues section of this Appendix.
Startup mode: Choosing which volume to start up from through
the Options key is no longer available. You now have the Startup Manager
for this.
Next, we will explore how to access the available modes.
Follow these steps to start up in Safe mode:
1. If the Mac is turned on, turn it off.

2. Press and hold the Power button until you see the startup window.
3. If you have more than one disk, select the startup disk.
[ 737 ]
4. Press and hold the Shift key; you will see a Continue in Safe Mode button
appear below the startup disk. Click on that button and then release
the Shift key.
5. Follow steps 2 to 5 of the procedure for Safe mode on Intel-based Macs, as
explained earlier, to troubleshoot.
Follow these steps to start up in Verbose mode:
1. Open Terminal from the Recovery interface.

2. Run the following command:
sudo nvram boot-args="-v"
Please check out the important details about NVRAM on M1 Macs later in this
section.
The DFU or Device Firmware Update mode is actually a procedure that helps restore
or revive the firmware. We'll explain this procedure later in this section.
Startup Manager is now used to select which volume to boot from. It replaces
the Options key you used on your Intel-based Mac to choose the startup disk. You
access it by pressing and holding the Power button until the startup options and disks
are displayed, including any bootable disks.
Recovery mode is basically the same as on Intel-based Macs, but the procedure to
access it has changed. This procedure is explained in detail in Chapter 2, Installing
and Configuring macOS.
The Fallback Recovery mode is similar to the Recovery mode, but it doesn't include
the Startup Security Utilities menu option. This fallback is actually an additional
copy of the Recovery and is available for resiliency purposes. This means that if, for
some reason, you cannot access the usual Recovery mode, you have this additional
copy that you can try to access. Follow these steps to do so:
1. Turn off your Mac and press the Power button twice (do this quickly), but
hold down the Power button the second time until you see the startup
options screen.
2. You can release the Power button at that point.
You will be able to use the same options as the normal Recovery mode, except for the
Startup Security options.
The Diagnostics mode checks your hardware for errors. The procedure to start up in
diagnostics mode will be explained in the next question.
[ 738 ]
If I suspect a hardware failure, is there anything I can do before taking my Mac to a

technician?
Before visiting a technician or an Apple support outlet, you can use the Diagnostics
tool to check for hardware errors.
Follow these steps to access the Diagnostics tool on Intel-based Macs:
1. Turn off your Mac.

2. Disconnect any external devices such as disks and printers. You can leave
your mouse and keyboard connected.
3. Turn on your Mac and press and hold the D key at the same time.
4. Release the D key when you see a progress bar or if you are asked to select
a display language.
5. The Diagnostics tool will then run to check your Mac. A progress bar will
appear while it's working. Wait until it finishes and displays the results.
6. Check the codes for hints about possible issues. You can check this page for
an explanation of what the different codes mean: https://support.apple.
com/HT203747.
7. You can rerun the diagnostics check by clicking on Run the test again or by
pressing Command + R. Otherwise, click Restart or Shut Down.
Follow these steps to access the Diagnostics tool on Apple M1 Macs:
1. Turn off your Mac.

2. Disconnect any external devices such as disks and printers. You can leave
your mouse and keyboard connected.
3. Press and hold the Power button until you see the startup options screen.
Then, you can release the button.
4. Once you see the startup options screen, press and hold the Command +
D key combination until the Mac restarts.
5. Follow the same procedure for Intel-based Macs from step 5.
My Mac is frozen. How can I force it to restart?
The most appropriate and safe way to turn off your Mac or restart it is to use
the Apple ( ) menu options. However, if your Mac is unresponsive, you can try the
following:
1. Make sure all your apps are closed; you can use Force Quit if they are
unresponsive, using any of the methods explained in the Troubleshooting
Apps section.
[ 739 ]
2. If the previous method does not work and the Mac is still
unresponsive, you can force it to restart by pressing and holding the
Mac's Power button until it turns off.
What can I do if my Mac won't turn on?
If that happens, these are the general steps you can attempt for troubleshooting.
Follow them in order, going to the next step each time the previous step proves
unsuccessful:
1. Press the Power button for about 10 seconds and see if it turns on.
2. If it doesn't turn on, ensure the following:
1. Your Mac is securely plugged into a power source or has enough
battery life. You can also try another power outlet.
2. Make sure the power source cable is not damaged.
3. If you're using an external display, make sure it is plugged into a
power source and turned on. Also, you might want to verify if
the brightness is not dimmed on either the external or internal
display.
3. Reset the System Management Controller (SMC). This
system controls your power, battery, fans, indicator lights, and other
features. Resetting it may help with issues related to those components.
The procedure to reset this controller will depend on the type of Mac you
have:
For laptops with the T2 Chip (Intel-based Macs), follow these
steps:
1. Turn off the Mac.
2. Press and hold down Control + Option + Shift for about
7 seconds.
3. While still pressing down the previous keys, press
the Power button for another additional 7 seconds, and
then release all the keys.
4. Wait for a few seconds and press the Power button to
attempt to turn on the Mac.
[ 740 ]
For desktops with the T2 Chip (Intel-based Macs), follow these

steps:
1. Turn off the Mac and unplug it from the power source.
2. Wait 15 seconds and plug it into the power source.
3. Wait 5 seconds and press the Power button to attempt
to turn on the Mac.
For laptops without the T2 Chip and with a non-removable
battery (MacBook Pro mid-2009 to 2017, MacBook Air 2017 and
earlier, all MacBook models except 13-inch mid-2009 – Intel-
based Macs), follow these steps:
2. Press and hold down Control + Option + Shift.
3. While still pressing down on the previous keys, press
the Power button as well for 10 seconds, and then
release all the keys.
4. Press the Power button to attempt to turn on the Mac.
For laptops without the T2 Chip and with a removable
battery (Intel-based Macs), follow these steps:
2. Remove the battery.
3. Press and hold down the Power button for 5 seconds.
4. Reinstall the battery.
5. Press the Power button to attempt to turn on the Mac.
For desktops without the T2 Chip (Intel-based Macs), follow
these steps:
1. Turn off the Mac and unplug it from the power source.
2. Wait 15 seconds and plug it back into the power
source.
3. Wait 5 seconds and press the Power button to attempt
to turn on the Mac.
In terms of Apple M1 Silicon Macs, a Mac with the M1 chip does
not have an SMC; therefore, it cannot be reset.
2. Unplug all the peripherals connected to the computer, such as printers,
USB devices, and so on. Once they're all disconnected, press and hold
the Power button for about 10 seconds. If the computer turned off after that,
press the Power button to turn it back on.
[ 741 ]
What is NVRAM, and how does it help with troubleshooting?
NVRAM, or nonvolatile random-access memory, is a small amount of memory that

Macs use to store specific settings to quickly access them. Settings that are stored in
NVRAM include, for example, sound volume, display resolution, startup disk, and
timezone. In older PowerPC-based Macs, it was known as parameter RAM (PRAM).
If you are experiencing issues with those settings, you could try resetting NVRAM.
Follow this procedure on Intel-based Macs:
1. Turn off the Mac and restart it while pressing Option + Command + P + R.
2. Release the keys after the following occurs:
After about 20 seconds have passed.
On Macs that play a startup sound, release after the second
sound.
On Macs with the T2 Security Chip, release after the logo
appears and disappears for a second time.
3. Once the Mac has finished starting up, go to the System Preferences menu
and reconfigure the reset options if necessary.
If your Mac is using a firmware password, the aforementioned key

combination will not work. To reset NVRAM, you will need to
disable the firmware password first.
In the case of Apple M1 Silicon Macs, it is not possible to reset NVRAM using the key
combination mentioned earlier. Actually, you can't manually reset NVRAM
because your Mac does this automatically during startup, as needed. Earlier, we saw
that you can access Verbose mode through the Terminal and that the NVRAM
settings can be edited at this point; however, only use this option if you are an
advanced administrator; you could potentially break your system and be forced to
reinstall.
My Mac is now unresponsive after a power outage during an update/installation.

What can I do?
[ 742 ]
macOS offers two processes to attempt to fix an unresponsive Mac after a power
outage has interrupted an update or installation process. The processes are revive and
restore. Let's look at them in more detail:
A revive process, as the name suggests, "revives" the firmware and

reinstalls the latest version of the Recovery.
A restore process is used when the reviving process didn't fix the problem.
Take into account that erasing the internal storage is required for this
process.
These are the requirements for these processes:
A second functioning Mac

The Apple Configurator 2 app installed
A USB-C to USB-C charge cable
A USB-A to USB-C cable
Thunderbolt 3 cables are not supported
Take into account that these processes are intended for M1 and T2 chip Mac models.
To verify which M1 Mac models are currently supported and for detailed instructions
on this procedure, visit this link: https://support.apple.com/guide/apple-
configurator-2/apdd5f3c75ad/mac.
To verify which T2 chip Mac models are currently supported and for detailed
instructions on this procedure, visit this link: https://support.apple.com/guide/
apple-configurator-2/revive-or-restore-an-intel-based-mac-apdebea5be51/2.
13/mac/10.15.6.
My Mac shows a folder with a question mark during startup. What does that mean?
A folder with a question mark during startup means that the startup disk is not
available or that an operating system cannot be found.
Follow these steps to troubleshoot if the question mark appears only for a moment
before the Mac starts up:
1. Reset NVRAM. This procedure was explained earlier in this section.

2. Make sure that the correct startup disk is selected. You can check this by
going to the System Preferences menu and selecting Startup Disk.
[ 743 ]
If the question mark persists and the startup process does not complete, follow these
steps:
1. Press and hold the Power button for a few seconds until the Mac turns off.
2. Turn on the Mac in Recovery mode (by pressing the Command + R key
combination at startup).
3. Click the Disk Utility option.
4. Select the system disk and click First Aid to attempt to repair it.
5. If the repair was successful or no errors were found but the question mark
persists, reinstall macOS from Recovery mode.
My Mac shows a prohibitory icon during startup. What does that mean?
If your Mac shows a prohibitory icon, which looks like a circle with a diagonal line
through it, this means your startup disk contains an operating system, but it is not
supported.
Follow the same steps described for the question mark to troubleshoot this issue as
well.
If, after trying all the previous suggestions, you still have problems, you can
always contact Apple Support (https://getsupport.apple.com/), an Apple Store
(https://www.apple.com/retail/storelist/), or an Apple Authorized Service
Provider (https://locate.apple.com/).
In this section, we looked at many questions regarding system and startup issues. In
the next section, we'll examine some possible troubleshooting tools for network
issues.
Troubleshooting network issues

In this section, we will go through some common questions regarding network issues.
More precisely, the questions we will answer are as follows:
What are the most common issues that can interrupt network services on a
Mac?
How can you verify if your Mac is connecting effectively to another
network host?
[ 744 ]
How can you verify if your Mac is connecting effectively to a remote

network host?
How can you verify if DNS hostname resolution is working properly?
Let's begin by addressing the first question.
What are the most common issues that can interrupt network services on a Mac?
Three issues can interrupt network services:
Local issues: This means that your network settings have been configured
incorrectly or that the computer has been disconnected from the network.
Network issues: This means that the problem might be at the ISP, DNS, or
DHCP server level. In this case, you can use Network Utility to perform
ping tests or the Lookup tab to test the resolution of the DNS server. We'll
show how to do this later in this section. Take into account, however, that
this tool is only available on macOS Catalina and earlier; it has been
deprecated on macOS Big Sur.
Services issues: This means that the problem is at the device or service
level. We can verify these types of problems by going to the Lookup tab
of Network Utility, as we'll see later in this section.
How can you verify if your Mac is connecting effectively to another network host?
For this issue, you can use the Ping feature in the Network Utility tool (macOS
Catalina and earlier). What this will do is verify basic connectivity by sending
a packet and waiting for it to be returned. This way, you can verify if the connection
to another network host is working. To do this, follow these steps:
Take into account that the Network Utility tool is available on

macOS Catalina and earlier; it has been deprecated on macOS Big
Sur and some of the functionalities that have been made possible
through this tool may be able to be replicated with Terminal
commands.
1. Open Network Utility from the Utilities folder in

the Applications folder or by using Spotlight.
2. Select the Ping tab.
3. Enter the network address to ping. In the following screenshot, I have
entered the address of another computer on my local network.
4. Click the Ping button:
[ 745 ]
Figure A.14 – Network Utility ping
5. In the results window, you will see if the packets were transmitted
successfully and the percentage of packet loss.
To initiate a ping using Terminal, open the app from

the Applications/Utilities folder and use the following command:
ping [IP address or hostname]
Be sure to replace the text in brackets with the IP or hostname address you want to
ping.
How can you verify if your Mac is connecting effectively to a remote network host?
You can use the Traceroute feature in the Network Utility tool for this issue. This will
verify the connection hops between your computer and the remote host you are
trying to reach.
Take into account that Network Utility is available on macOS

Catalina and earlier; it has been deprecated on macOS Big Sur. Some
of the functionalities that have been made possible through this tool
may be able to be replicated with Terminal commands.
[ 746 ]
To do this using Network Utility, follow these steps:

2. Select the Traceroute tab.
3. Enter the internet address to trace the route to. In the following screenshot,
I have entered a remote server domain name.
4. Click the Trace button:
Figure A.15 – Network Utility traceroute
5. In the results window, you will see important information, such as the
number of hops.
To initiate a traceroute using Terminal, open the app from

traceroute [hostname]
Be sure to replace the text in brackets with the hostname address you want to
traceroute.
How can you verify if DNS hostname resolution is working properly?
You can use the Lookup feature in the Network Utility tool to do this. What this will
do is verify your DNS name resolution against the configured DNS server.
[ 747 ]

To do this using Network Utility, follow these steps:

2. Select the Lookup tab.
3. Enter the internet address to look up. In the following screenshot, I have
entered the IP address of my DNS server. Note that this is a reverse lookup;
you could do a normal lookup and enter a hostname or domain name
instead of the IP.
4. Click the Lookup button:
Figure A.16 – Network Utility lookup
5. In the results, you should see the name that the IP you've entered is
resolving to.
To initiate a lookup using Terminal, open the app from

nslookup [IP address or hostname]
Be sure to replace the text in brackets with the IP or hostname address you want to
(reverse) look up.
[ 748 ]
For Wi-Fi issues, you can use the Wireless Diagnostics app:
1. Open the Wireless Diagnostics app by pressing and holding the Option key,
then clicking on the Wi-Fi icon at the top menu bar on the right-hand side
of the screen and selecting Open Wireless Diagnostics.... Another quick
way to find it is by searching for the Wireless Diagnostics app in Spotlight.
Alternatively, you can also find it
at /System/Library/CoreServices/Applications/.
2. Once open, follow the instructions to perform an analysis.
3. When the analysis is complete, click the Info buttons for each item in the
list in the Summary to find out more about the possible issues.
In this section, we saw a few suggestions for dealing with network issues, but
sometimes, these issues are not with the network itself but with the service. In
the next section, we'll examine some troubleshooting tools for network services.
Troubleshooting network services issues

In this section, you will find some common questions regarding network services
issues. More specifically, we will address the following questions:
What can I do to troubleshoot network services?

How can I verify if a specific network service is available?
The files I'm sharing don't appear in the other device's AirDrop browser.
Why does this happen?
What is the most common reason why a peripheral won't appear in System
Information app?
Let's start addressing these questions.
[ 749 ]
What can I do to troubleshoot network services?
There are three main methods to troubleshoot network services, and we advise you to
try them out in the order shown here:
Review the network preferences and make sure they are correct.
Review the Network Utility statistics to make sure everything works as
expected.
Connect to a different network service, as this helps you identify if the
service you are trying to connect to might be the one experiencing trouble,
not your network. If you can connect to another service, then it might mean
that the service is not available. We'll explain how to verify this shortly.
How can I verify if a specific network service is available?
You can verify if a network service is available by completing the following steps:
1. Open Network Utility from the Utilities folder of


2. Go to the Ping tab and test basic connectivity, as explained in a previous

section.
If the results show no problems, this means that the service is available and
that the problem might be a firewall or ports not opening correctly. In that
case, proceed to step 3. If the results show errors or a poor connection, you
should verify your network settings and/or check them with your ISP
provider.
[ 750 ]
3. Next, you can go to the Port Scan tab to verify that the specific service ports
are open. Enter your IP address and then enter the specific port or port
interval you want to verify; otherwise, the scan will verify all ports, and
this can take too long.
In the following screenshot, we want to verify which TPC ports are open in
the interval of 0 and 3000, so we will enter that interval in Only test ports
between:
Figure A.17 – Network Utility port scan
4. The results show that there is one TCP port open (2968) and the service it
is open for (enpp).
To perform a similar verification using Terminal, open the Terminal app from
the Applications/Utilities folder and use the netstat or lsof commands. The
following is an example of using the netstat command:
netstat -ap tcp
There are many filtering options you can use with these commands and that you can
research further. In the preceding example, -a shows the active connections,
while p means protocols for tcp.
[ 751 ]
The files I'm sharing don't appear in the other device's AirDrop browser. Why does
this happen?
On a macOS, two settings can prevent devices from showing up and sharing files
(this can change, depending on the model of the Mac):
If AirDrop has been configured to only accept users from your Contacts, then other
users' devices may not show up. If you do not see a device you want to connect to,
you can try changing the setting to Everyone instead, as shown in the following
screenshot:
Figure A.18 – AirDrop discoverability setting
On some Mac models, you might see a second setting that allows you to revert to the
previous discovery method, so that older Mac computers and Macs with older
versions of the OS might be discovered.
Don't forget that AirDrop only works with nearby devices; therefore, also make sure
the device is in close proximity (about 30 feet) and that Wi-Fi and Bluetooth have
been turned on on the devices.
[ 752 ]
What is the most common reason why a peripheral won't appear in the System
Information report?
If a connected peripheral does not show in the System Information report, this
probably means there's been a hardware failure. You would have to verify if the
peripheral is connected and if the cable is not damaged, or if the peripheral itself is
not damaged.
Finally, we will explore another tool that's commonly used by experienced support
technicians for troubleshooting: logs. It's not a bad idea to start getting familiar with
them, especially if you plan to become a macOS support professional.
Troubleshooting with logs

Logs are the most effective and accurate resource to troubleshoot most of the issues
you encounter with your Mac and macOS. Take into account that reading and
interpreting logs requires more advanced skills and that it's commonly used by
experienced support and administration technicians. However, you can still find
clues about what could have gone wrong by following a log as it records a specific
procedure, such as an installation, and identify key phrases, especially where the
procedure stops and shows errors.
The Console app is where you will find all the logs for macOS, including installation,
Wi-Fi, and system logs. You can also find diagnostics reports that have been
generated by the system here. For example, you will find install.log, which helps
troubleshoot installation issues. It shows details such as when and where an
application, including macOS and its components, was installed or updated, if
authentication was granted (when required), and the user who installed the
application.
install.log can be accessed from the Window menu while macOS installation is
taking place so that you can follow it step by step. After installation, you can access it
from the Console app.
[ 753 ]
Follow these steps to view install.log:
1. Open the Console app, as indicated earlier.

2. Select Log Reports from the left panel, look for install.log in the right
panel, and select it to view its details in the bottom section of the window:
Figure A.19 – install.log in the Console app
How can I find out why an app crashed?
Logs can help you identify corrupted app resources. Although rare, corrupted
resources can also cause app problems. You may identify the problematic resources
through diagnostic reports logs, which might give you hints about which resources
the app was trying to access when it crashed, for example. Resource files can be
located both in the user's Library home folder, which means they only affect that user,
or in the local Library folder, which affects all users. Once you have identified or
potentially identified the problem file, you can move it to a different place and try to
open the app to verify if the problem has been resolved.
[ 754 ]
macOS has a feature in the Console app called "diagnostic reporting," which creates a
diagnostic report log every time an app crashes or is responsive. You can
find Diagnostic Reports in the Console app. You can also verify Crash Reports from
here, as shown in the following screenshot:
Figure A.20 – Crash reports
And with this section, we have reached the end of this Appendix. Be sure to check out
the summary for a recap of the topics that we covered.
Summary
In this Appendix, we looked at troubleshooting suggestions for common issues or
questions. You now know what steps you can take to attempt to fix various issues
related to apps, disks and volumes, system and startup issues, network issues, and
network services. Not every problem can be fixed, but these suggestions are a good
starting point for you to start troubleshooting; in many cases, the problems will be
solved. Some of the recommendations are indeed for advanced users, especially when
you need to interpret log reports or use the Network Utility, Terminal, or Console
apps.
[ 755 ]
If you feel that you cannot understand those reports, feel uncomfortable
manipulating some of the tools or hardware described in this Appendix, or if you still
have problems despite trying all these suggestions, a good idea would be to contact
Apple Support (https://getsupport.apple.com/), an Apple Store (https://www.
apple.com/retail/storelist/), or an Apple Authorized Service Provider (https://
locate.apple.com/).
Further reading
Apple Inc. (2021). macOS User Guide. Consulted January 2021, from https://support.
apple.com/guide/macbook-pro/welcome/mac
Apple Computer Inc. (1996). About Networking on the Macintosh. Retrieved December 2019,
from http://mirror.informatimago.com/next/developer.apple.com/
documentation/mac/Networking/Networking-16.html#HEADING16-0
Apple Inc. (2021). Apple Developer. Consulted June 2020, from https://developer.
apple.com/
Apple Inc. (2021). Apple Developer Documentation. Consulted June 2020, from https://
developer.apple.com/documentation/
Apple Inc. (2021). Documentation Archive. Consulted June 2020, from https://
developer.apple.com/library/archive/navigation/
Apple Inc. (2021). macOS Catalina Exam Preparation Guide.
Apple Inc. (2021). Official Apple Support. Consulted June 2020, from https://support.
apple.com/
Apple Inc. (2020). Apple Platform Security - Spring 2020.
Joe Gervais. (n.d.). What is a VPN? Retrieved January 2020, from Norton website: https://
us.norton.com/internetsecurity-privacy-what-is-a-vpn.html
Karneboge, A., & Dreyer, A. (2020). macOS Support Essentials 10.15 (1st ed.). Peachpit
Press.
Networking Layers. (2020). Retrieved January 2020, from https://developer.apple.com/

library/archive/documentation/NetworkingInternet/Conceptual/
NetworkingConcepts/NetworkingLayers/NetworkingLayers.html
[ 756 ]
Reddy Sailu, Aggarwal Anshu, Sayer Marjorie, Totty Brian, G. D. (2002). HTTP: The
Definitive Guide. O’Reilly Media, Inc.
TCP IP Overview. (2020). Retrieved January 2020, from https://support.huawei.com/

enterprise/en/doc/EDOC1100092155
The Internet. (2020). Retrieved January 2020, from https://oer.gitlab.io/oer-

courses/cacs/Internet.html#/slide-ip-udp-tcp
Wendell Odom. (2011). The TCP/IP and OSI Networking Models. Retrieved February 2020,
from Cisco Press website: http://www.ciscopress.com/articles/article.asp?p=
1757634seqNum=2
[ 757 ]
Packt.com
Subscribe to our online digital library for full access to over 7,000 books and videos,
as well as industry leading tools to help you plan your personal development and
advance your career. For more information, please visit our website.
Why subscribe?
Spend less time learning and more time coding with practical eBooks and
Videos from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
Get a free eBook or video every month
Fully searchable for easy access to vital information
Copy and paste, print, and bookmark content
Did you know that Packt offers eBook versions of every book published, with PDF
and ePub files available? You can upgrade to the eBook version at www.packt.com and
as a print book customer, you are entitled to a discount on the eBook copy. Get in
touch with us at customercare@packtpub.com for more details.
At www.packt.com, you can also read a collection of free technical articles, sign up for
a range of free newsletters, and receive exclusive discounts and offers on Packt books
and eBooks.
Index
defragmentation 256
6 encryption 256
6to4 option 496 space sharing 255, 256
APFS volumes
A adding, to APFS container 282
About This Mac tool 260 converting 281, 282
access and ownership deleting 284
managing 304 erasing 284
Access Control Lists (ACLs) 299 using 280
access hierarchical rules app compatibility 383
about 299, 301 app compatibility, by macOS
examples 300 32-bit apps 383
Activation Lock 652 64-bit apps 383
Activity Monitor 96 Intel apps 384, 385, 386
ad hoc networks 521, 523 iOS and iPadOS apps 387
Address Book 558 universal apps 384, 385, 386
administrator user account 118 app environment, by macOS
advanced network configurations Native macOS 379, 380, 381, 382
802.1X configuration 544 open source 383
about 538 universal macOS binary 382
custom Wi-Fi configuration 540 Unix-based 382
manual TCP/IP configuration 541, 542 app extensions, types
NetBIOS/WINS 543 about 419
network proxies 544 Finder 419, 420
AirDrop Sharing menu 420
about 580, 615 app extensions
considerations 616 managing 418, 419, 421, 422
file, receiving 617, 618 app issues
file, sending 617 troubleshooting 721, 722, 723, 725, 726,
interface, opening 616 728
requisites 616 app sandboxing 655
aliases App Store
about 347, 348 about 388
creating, in macOS 351, 352 account, managing 395, 396
versus symbolic links 349 Apple ID 388
APFS advantages Apple ID, creating 390, 392, 393
about 254 Apple ID, creating without payment method
394 installing 396, 397
logging in 388, 390 installing, from App store 397, 398, 399
using 388 managing 396
Apple Developer manual updates 405
reference link 383 package, examining 403, 404
Apple File System (APFS) preference files, exploring 409
about 254, 259, 586 processes, monitoring 410, 411
features 254 through Launchpad 405
Apple Filing Protocol (AFP) 586 uninstalling 405
Apple ID account updating 404
creating 131, 132, 133, 134 updating, via App Store 404
Apple M1 chip Archive Utility 458
encryption 669 archiving, in macOS
Apple M1 silicon chip 653, 654 about 457
Apple Pay 580 ZIP archives 457, 458, 459, 460
Apple School Manager program 388 Assist Me 516
Apple T2 Security Chip 113, 114 Autosave
AppleDouble file format 356 about 447, 448
application security technologies using 447
about 655
app sandboxing 655 B
code signing 656 Berkeley Software Distribution (BSD) 7
file quarantine 656, 657 Big Sur 12
Gatekeeper 657 Bluetooth 494
malware detection 658 Bonjour 537
notarization 658, 659 bookmarks 699
apps sharing bridge 509
about 423, 424 bundle 403
family sharing 424, 426
apps, installation methods
drag and drop 400
C
Calendar app, network calendar services
packages, using 401, 402
CaiDAV 556
apps, processes
Calendar Web Pub/Sub 556
CPU 412
email invitations 556
disk 416
exchange-based 556
energy 414, 415
internet-based 556
memory 413, 414
Calendar app
network 417
network calendar services 555
apps
reference link 555
automatic updates 404
using 555
bundle, examining 403, 404
Carbon 379
custom uninstaller 406, 407
Card Distributed Authoring and Versioning
dragging, to trash 406
(CardDAV) 558
installation methods 400
Cocoa framework
installed, exploring 407, 408
about 379
[ 760 ]
multi-window document-based app 379 creating 696, 698
single-window library-style app 379
single-window utility app 379 D
Cocoa interface 379 data security
Code Plus Verification 673 in macOS 662
code signing 656 Department of Defense (DOD) 276
command-line interface (CLI) Department of Energy (DOE) 276
about 690 Desktop layer 488
in macOS 694 Device Firmware Update (DFU) 738
need for 691 disk and volume issues
command-line string troubleshooting 729, 730, 731, 733, 734,
structure 691, 692 735
command-line tool disk image's format
using 690 changing 466, 467
Complex Security Code 673 disk images
computer-to-computer networks 521 about 461
connection authentication methods, SFTP creating, with Disk Utility 462, 463, 464, 465
credentials 586 restoring, to disk 467, 469
SSH 586 usage 461
Console app 753 Disk Utility First Aid 729
Contacts app Disk Utility
about 558 about 261, 262, 263, 264, 265
reference link 558 disk images, creating with 462, 463, 464,
container 332 465
Continuity features disks
AirDrop 580 about 250
Apple Pay 580 managing, in macOS 260
Auto Unlock 577 document management
Cellular Calls 572, 574 about 439
Continuity Camera 575, 577 Autosave, using 447
Continuity Markup feature 571 in iCloud 452, 453, 454, 455
Continuity Sketch feature 571 Launch Services, using 440
Handoff 578 Locking, using 447
Instant Hotspot 581 Quick Actions, using 440
Sidecar 571 Quick Look features, using 440
Text Message Forwarding 571, 572 Resume, using 447
Universal Clipboard 579 Versions, using 447
continuity Domain Name System (DNS)
about 570 using 512
features 570 domains, macOS filesystem
customization examples, of permissions local domain 258
access, restricting to item 314, 315 network domain 259
folder permissions, propagating 315, 316, system domain 258
317 user domain 258
customized profiles drives 250
[ 761 ]
Dynamic Host Configuration Protocol (DHCP) enabling 427, 428, 429, 430
511 feature 425
Dynamic Inspector mode 305 purchase 431, 432, 433, 434
dynamic partition 261 purchase, sharing 435, 436, 437
purchase, stopping 437, 438, 439
E fast user switching 161, 162
ejecting Fast User Switching 94
about 286, 288 file flags 301, 302, 355
versus unmounting 285 file quarantine 656, 657
encryption, types file shares
about 662 connecting to 595
full-disk encryption 662 file system security policy
full-system encryption 662 in macOS 303, 304
encryption File Transfer Protocol (FTP) 491, 585
working, in macOS 662 file-sharing services
Energy Saver preferences 100 about 584
energy-saving features network file service protocols 585
battery preferences 100, 101, 102, 103, 104 FileVault, recovery access methods
Safe Sleep mode 105 iCloud account, using 668
sleep mode 99 local Recovery Key, resetting 668
Standby mode 105 user account password reset methods,
using 99 resetting 668
essential apps FileVault
automatic configuration 561, 563 about 663
manual configuration 565, 566 access, recovering 667
Ethernet 493 enabling 664, 665, 666
Ethernet Hardware Address (EHA) 501 initializing 90, 91
Exchange Web Services (EWS) 552 recovering 664
Extensible Firmware Interface (EFI) 251 recovery key, modifying 667
External Boot 652 turning off 666
external GPUs (eGPUs) 8 Find My 679, 680, 682
external installer, macOS Find My, options
createinstallmedia command, using 63, 64 device data, erasing 687
macOS installer, downloading from App store device sound, playing 684
62 device, locating on map 682, 684
volume/USB, formatting 60, 62 device, locking 685, 686
external media Finder 458
encrypting 669, 670 Finder Quick Look 409
firewall
F enabling 676, 678
FaceTime app FireWire 493
about 559 firmware password 648
reference link 559 Font Book 339
family sharing font resources
about 424, 426, 688 managing 339
[ 762 ]
fonts Hypertext Transfer Protocol (HTTP) 491
disabling 345, 346
duplicate fonts, resolving 343, 344 I
installing 340, 342 iCal 555
location preferences 342 iChat 559
original fonts, restoring 346 iCloud account
removing 345, 346 services, configuring with 567, 569
removing permanently 345 iCloud Drive 452
frame 488 iCloud Keychain
full-disk encryption 662 about 221, 222
full-system encryption 662 default keychain, working 223, 225
fundamental networking concepts enabling 226, 227
about 491 iCloud Security Code 671, 672, 673, 674
host 491 iCloud
IP addresses 504 about 81
Local Area Network (LAN) 500 features 81
MAC address 500, 503 Inspector (Info) window 304
network interfaces 492 institutional recovery key (IRK) 664
router address 509, 511 integrated development environment (IDE) 380
subnet masks 504 International Organization for Standardization
Wide Area Network (WAN) 500 (ISO) 486
Internet Account
G configuring 561
Gatekeeper 657 Internet Control Message Protocol (ICMP) 490
Globally Unique Identifier (GUID) 143 Internet Engineering Task Force (IETF) 24,
Group Containers 333 556
group user account 121 Internet Service Provider (ISP) 496
groups, in macOS Internet Sharing option 630
admin 298 interrupt network services, issues
staff 298 local issues 745
wheel 298 network issues 745
guest accounts 687 services issues 745
guest user account iOS apps
about 119 installing 399
characteristics 120 IP addresses
GUID Partition Table (GPT) 251 about 504
IPv4 504
H IPv6 505, 507
hidden files and folders, uncovering iPadOS apps
about 334 installing 399
Library folder, accessing permanently 338, item's ownership and permissions
339 modifying 306, 307, 309
Library folder, accessing temporarily 335, verifying 304, 306
336, 338
Hierarchical File System (HFS) 255
[ 763 ]
local user account password
J modifying 193
Java interface 379 modifying, through Security & Privacy
Java Runtime Environment (JRE) 380 preferences 195
Java version, for macOS modifying, through Users & Groups
reference link 380 preferences 194, 195
resetting 198, 207
K resetting, with Apple ID 204, 205
kernel extensions (kexts) 326, 639 resetting, with macOS Recovery 200, 201,
Keychain 190, 191, 221 202, 203
Keychain system 221 resetting, with Users & Groups preferences
keychain, types in macOS 198, 199
about 221 local user account
default keychains 221 about 116
other keychains 223 administrator user account 118, 119
system keychains 222, 223 group user account 121
keychain guest user account 119
creating 229, 230, 231 root user account 119
items, adding 231, 232, 233 sharing only account 120, 121
locking 233, 234, 235 standard user account 117
managing 228, 229 location services 241
password, modifying 236, 237 Locking
Safari information 238 about 449
using 447
L login keychain
Launch Services 440, 441, 442, 443 types 221
launchd process login options
about 94 automatic login 159, 160
files and processes 96 configuring 159
visualizing 96, 98 fast user switching 161, 162
Lightweight Directory Access Protocol (LDAP) Screen Time, using 162
558 loginwindow process
limiting usage, Screen Time about 90, 92
always allowed 172 logout 93, 94
app limits 170 restart 93, 94
content & privacy 172 shutdown 93, 94
downtime 168, 169 logs
Local Area Network (LAN) 500 troubleshooting 753, 754, 755
local keychain password, resetting options
iCloud, using 212, 213, 214, 215 M
recovery key, using 208, 209, 210, 211 Mac Catalyst 19
Reset Password assistant, using 215, 217 Mac computer
local keychain password identifying, for sharing services 614, 615
resetting 207 Mac model and specs
resetting, with FileVault enabled 207 finding 30, 32, 33
[ 764 ]
Mac Ports macOS filesystem and storage
URL 383 about 248
Mac additional formats 257
exploring 106 disks, versus partitions 249
Macintosh HD 251 disks, versus volumes 249
macOS 11.0.x (Big Sur) 28 formatting 249
macOS 15.6.x (Catalina) 29 general concepts 248
macOS application security partitions, versus disks 249
about 654 partitions, versus volumes 249
application security technologies 655 volumes, versus disks 249
non-notarized or unidentified app, opening volumes, versus partitions 249
660, 661 macOS filesystem
settings, verification 659, 660 about 252
macOS apps APFS advantages 254
about 378 domains 258
app compatibility 383 format 252, 253
app environment 378 volume format 254
macOS architecture, layers volume formats 253
Cocoa application layer 8 macOS general features
Core OS layer 9 built-in apps 10
core services layer 8 continuity 11
graphics and media layer 8 iCloud 11
Kernel and Device Drivers layer 9 mac app store 10
macOS architecture notifications 11
overview 7, 10 overview 10
macOS Big Sur, features Siri 11
Safari privacy report 639 spotlight 11
signed system volume (SSV) 638 macOS hardware security
system extensions 639 about 648
macOS Big Sur firmware password 648
features 12, 13, 14, 15, 16 T2 security chip 649, 650
manual upgrades 37, 38, 39, 40, 41, 42, 43 with Apple M1 silicon chip 653, 654
requisites 28, 29 macOS installation
macOS Catalina, features configuring 73
activation lock 640 iCloud configuration, benefits 81, 82, 83
app permission 640 Setup Assistant process 73, 75, 76, 77, 79,
built-in firewall 640 80
find my 640 system settings, adjusting 80
malware protection 640 macOS Mojave 19
read-only volume 639 macOS network configurations
System Integrity Protection (SIP) 640 about 513, 515
macOS Catalina connecting, to Wi-Fi 516, 519, 520
features 17, 18, 19 macOS partition maps
requisites 29 about 251, 252
security and privacy enhancements 20 Apple Partition Map (APM) 252
[ 765 ]
GUID Partition Map (GPT) 251 macOS tags
Master Boot Record (MBR) 251 advanced tag management 365, 366
macOS privacy creating 362
cross-site tracking 243 creating, from finder 362
Dictation service, using 245 creating, from preview file 363
location services 241, 242 deleting 364
managing 239 tagged items, viewing 359
security & privacy settings 239 using 358, 360, 361, 362
macOS Recovery interface macOS Terminal
accessing, in Mac with M1 chip 51, 52 using 695
accessing, with macOS Big Sur 50 macOS user security
macOS Recovery system, options about 670
Network Utility 49 family sharing 688
Startup Disk 48 Find My 679, 680, 682
Startup Security Utility 49 firewall, enabling 676, 678
Terminal and Reset Password 49 guest accounts 687
macOS Recovery system iCloud Security Code 671, 672, 673, 674
about 46 login options 675
accessing, with macOS Catalina 47 Screen Time 679
bootable installer, testing 65 two-factor authentication 671, 672, 673, 674
bootable installer, using 65 macOS version
reinstallation, performing with macOS Big Sur download link 39
Recovery 54, 56, 57, 58 features, exploring 12
reinstallation, performing with macOS Catalina macOS, CLI
Recovery 52, 54 about 694
macOS Recovery customized profiles, creating 696, 698
Time Machine backup, restoring with 481, macOS Terminal, using 695
482 marks and bookmarks, creating 698, 700,
macOS searching tools 701, 702
about 366 macOS, update types
Siri, using 372, 374, 375 software updates 66
Spotlight, using 366, 368, 370, 371, 372 macOS
macOS shared folders APFS volumes, using 280
Public and Drop Box folders 318, 319, 320 archiving 457
Shared folder 321, 322 automatic upgrades 34, 36
using 318 comparing, to operating systems 23, 24
macOS system security default shell 702, 703, 704, 705
about 638 disks, ejecting 284, 285
Bonjour/zero-configuration 646 disks, mounting 284, 285
features 638, 640 disks, unmounting 284, 285
mDNS security 646 external installer, using 58, 59
measures 641, 642, 643, 644, 645 file system security policy 303, 304
System Integrity Protection (SIP) 646, 648 file-sharing, enabling 588, 589, 591, 594,
macOS system 595
overview 7, 10 file-sharing, using 587
[ 766 ]
firmware updates 72, 73 Master Boot Record (MBR) 471
industry standards, exploring 24 Media Access Control (MAC) 500
installing 33 Messages app
IP configuration options 507 about 559
manual upgrades 37 reference link 559
metadata 354 Messages service
metadata, types 354 configuring 569
network services, types 550 metadata, types
network services, using 549, 550 additional extended attributes 357, 358
overview 21 AppleDouble file format 356
ownership and permissions 296, 297 file flags 355
partitions, examining 267, 268 file system tags 355
partitions, managing 267, 268, 269, 270 metadata
partitions, modifying 267, 269, 270 in macOS 354
password types 189 types, in macOS 354
primary system initialization stages 86 methods, for connecting to file shares
reinstalling 44 authentication 597, 599, 600
reinstalling, through macOS Recovery system automatic connections, creating 610, 612
46 automatic discovery 595, 597
reinstalling, via internet recovery 45 connection, through FTP share 605
storage, examining 260 Mac, connecting from Windows computer
system initialization process 86 605, 607
system updates 70, 71, 72 manual connection, through FTP share 603
updating 66 manual connection, through SMB and AFP
upgrading 34 600, 602
upgrading, through internet 43 Windows computer, connecting from Mac
user session stage 92 608, 609
version history, exploring 21 Migration Assistant
volumes, ejecting 284 about 180, 181
volumes, mounting 284 data, transferring from Windows PC 182, 183
volumes, unmounting 284 OS X Mavericks v10.9.5, executing 184, 186
Mail app Time Machine backup, restoring with 479,
about 551 480
email accounts, adding 566 mobile user account
features 551 about 122
reference link 551 characteristics 122
malware detection 658 modem 509
malware protection, technologies mounted share
Malware Removal Tool (MRT) 658 disconnecting from 615
XProtect 658 mounting 288
Malware Removal Tool (MRT) 640, 658 multicast DNS (mDNS) 24, 25, 646
manual restoration 187
marks 698 N
marks and bookmarks network file service protocols
creating 698, 700, 701, 702 Apple Filing Protocol (AFP) 586
[ 767 ]
File Transfer Protocol (FTP) 585 Reminder app 557
Network File System (NFS) 587 Safari 560
Server Message Block (SMB) 586 network services and apps
SFTP 586 configuring 561
World Wide Web Distributed Authoring and network services issues
Versioning (WebDav) 587 troubleshooting 749, 751, 752
Network Interface Card (NIC) 488 network services
network interfaces configuring 531
6to4 option 496 detection methods 550
about 492 in macOS 549
available options, identifying 497, 499 network types
Bluetooth 494 about 520
Ethernet 493 ad hoc networks 521, 523, 524
FireWire 493 enterprise networks 524
Point-to-Point Protocol over Ethernet network user account
(PPPoE) 496 about 122
Thunderbolt Bridge 494 characteristics 122
USB 495 Network Utility tool 745
Virtual Private Network 495 network-attached storage (NAS) 471
Wi-Fi 493 networking concepts 485
network issues networking models
troubleshooting 744, 746, 747, 748 about 486
network locations OSI reference model 486
about 525 TCP/IP model 489
configuring 526, 528, 530, 531 non-APFS partition
identifying 525 resizing 277
network protocols non-local user account
about 511 about 122
Domain Name System (DNS) 512 mobile user account 122
Dynamic Host Configuration Protocol (DHCP) network user account 122
511 non-system volumes
ICMP 513 ownership 310
Transmission Control Protocol (TCP) 512 nonvolatile random-access memory (NVRAM)
User Datagram Protocol (UDP) 512 742
network proxies notarization 658, 659
about 544, 546 Notes app
manual Ethernet configuration 546 about 552, 555
network services accounts features 552
about 550 reference link 552
Calendar app 555
Contacts app 558 O
FaceTime 559 Open Systems Interconnection (OSI) 486
Mail app 551 OSI reference model
Messages app 559 about 486
Notes app 552, 553, 555 Application layer 488
[ 768 ]
Data Link layer 488 granting 311, 312, 313
Network layer 488 modifying 311, 312, 313
Physical layer 487 Point-to-Point Protocol over Ethernet (PPPoE)
Presentation layer 488 496
Session layer 488 Point-to-Point Tunneling Protocol (PPTP) 496
ownership and permissions POSIX Access Control Lists (ACLs) 299
about 296 Power Nap 103
in macOS 296, 297 primary system initialization stages, in macOS
ownership tiers, types booter 87, 88, 89
everyone 298 BootROM firmware 87
group 298 kernel 89
owner 298 power-on stage 87
system launchd stage 89, 90
P processes
package 403 types 410
packets 488 Protocol Data Units (PDUs) 488
parameter RAM (PRAM) 742
partitions Q
about 250 Quick Actions 178, 446, 447
disk/volume, formatting 270 Quick Look 444, 445
disk/volume, partitioning 270
disks, erasing 273, 275 R
disks, reformatting 273, 275 Random Complex Security Code 673
managing, in macOS 260 Reminders app
non-APFS partition, adding 271, 272, 273 about 557
non-APFS partition, deleting 276, 278, 279, reference link 557
280 remote controlling, via Messages Screen
non-APFS partition, resizing 276, 277, 278, Sharing
279, 280 about 627, 628
password types, in macOS steps 627
about 189 remote controlling, via System Screen
Apple ID account and password 190 about 625
firmware password, configuring 218, 219, authentication methods 623, 624
220 benefits 621
Keychain password 190, 191 connecting, to remote Mac 622, 623
local user account password, modifying 193 enabling, steps 622
local user account password, resetting 198 settings, adjusting 626
managing 192 remote controlling
resource password 191 about 619
root password, modifying 196, 197, 198 enabling 619, 621
system firmware password 191, 192 via Apple Remote Desktop (ARD) 629
user account password 189 via Messages Screen Sharing 626
permissions via System Screen 621
customization examples 314 Resume
deleting 313 about 450, 451
[ 769 ]
using 447 sharing services
root password about 584, 629, 632, 633, 635
modifying 196, 197, 198 AirDrop 615
root user account 119 Bluetooth sharing 631
root user file-sharing services 584
disabling 156 file-sharing, using on macOS 587
enabling 151, 152, 154 Internet Sharing option 629
log in methods 154 Media Sharing option 635
logging in 154, 156 printer sharing 630
managing 151 shortcuts, macOS
router 509 about 346
aliases 347, 348
S creating 350, 352
Safari app hard links 349
features 560 symbolic links 349
reference link 561 types 347
Safe Boot 106 single-user mode 110, 111, 112, 696
Safe mode 106, 107, 108 Siri
sandboxed app using 373, 374, 375
about 332 software updates, macOS
working 332, 333 automatic App Store updates 67, 68, 69
sandboxing 331, 333 manual App Store updates 69
Screen Time update notification, disabling 67
about 679 Solid-State Drive (SSD) 250, 464
limiting usage 167 spotlight 366
tracking usage 164 Spotlight Suggestions 367
using 162, 164 Spotlight
sectionmacOS Big Sur, features using 367, 368, 370, 371, 372
App Store privacy 639 Stacks
Secure Boot using 176
about 106, 113, 114, 650, 651 standard user account
full security 650 about 117
medium security 650 Apple ID or iCloud account, using 130
no security 651 characteristics 117
Secure Shell (SSH) protocoL 586 creating 125, 127
Self Monitoring Analysis and Reporting new user account, setup 128, 129
Technology (S.M.A.R.T.) 264 turning, into administrator account 135
Server Message Block (SMB) 586 Standby mode
service configuration example reference link 105
VPN configuration 532, 535, 537 start up modes
Service Set Identifier (SSID) 517 Apple T2 Security Chip 113, 114
Setup Assistant 515 Safe mode 106, 107, 108
sharing only account Secure Boot 113, 114
about 120, 121 single-user mode 110, 111, 112
characteristics 120 using 106
[ 770 ]
Verbose mode 109 fonts 328, 329
Startup Security Utility 649, 651 frameworks 327, 328
Storage Management options LaunchAgents 330
Auto Empty Trash 292 LaunchDaemons 330
Clutter, reducing 292, 293 logs 330
Optimize Storage 291 preference files 329
Store in iCloud 291 system resources
storage space about 325
optimizing 289, 290 domains 331
structure, user home folder hidden files and folders, uncovering 334
desktop folder 176 managing 334
library folder 178, 179 system updates
public folder 179 security configuration updates 70
subnet masks 507, 508 system data files 70
sudo command 693, 694
superuser 119 T
Swift T2 security chip
about 25, 26 about 650
features 25, 26 Activation Lock 652
switch 509 capabilities 649
symbolic links External Boot 652
about 348 Secure Boot 650, 651
advantages 349 tagged items
versus aliases 349 finder search box 359
symlinks 349 finder sidebar 359
System Administrator 119 open or save document dialogs 360
system and startup issues viewing 359
troubleshooting 735, 737, 738, 739, 740, tags 355
741, 742, 744 Terminal shell commands
system diagnosing 716, 718 about 706
system extensions, types common commands 706, 708, 709, 710,
driver 327 711
endpoint 327 hidden files and folders, uncovering 711, 712
network 327 specific files and folders, hiding 713, 714,
System Information 265, 266 715, 716
System Integrity Protection (SIP) 258, 646, Thunderbolt Bridge 494
648 Time Machine backups
system keychains restoring 476
about 222, 223 restoring, with macOS Recovery 481, 482
types 222 restoring, with Migration Assistant 479, 480
System Management Controller (SMC) 740 specific items, restoring 478
system monitoring 716, 718 stopping 476
system resources, types in macOS Time Machine interface
about 325, 326 using 477
extensions 326 Time Machine
[ 771 ]
about 469 guest user, managing 157, 158, 159
configuring 472, 473, 474, 475 login options, configuring 159
used, for storing backup 470, 471, 472 managing 123, 124
using, for backups 469 root user, managing 151
Translation layer 488 Screen Time, using 164
Transmission Control Protocol (TCP) 490, 512 standard user account, creating 125, 127
Transmission Control Protocol/Internet Protocol User Datagram Protocol (UDP) 490, 512
(TCP/IP) model user environment 98
about 489, 491 user home folder
Application Layer 491 about 174
Data Link Layer 490 local account, deleting 180
IP Layer 490 local folder, migrating 180
Transport Layer 490 local folder, restoring 180
Transport Layer Security (TLS) 615 structure 174, 175, 176
two-factor authentication 671, 672, 673, 674 user session stage
about 92
U launchd process 94
universal macOS binary loginwindow process 92
about 382 user environment 98
reference link 382 Users & Groups, login options
Universal Serial Bus (USB) 495 automatic login 675
Universally Unique ID (UUID) 143 usernames, displaying 676
unlocked
local keychain password, resetting with V
FileVault enabled 207 Verbose mode 109
unmounted filesystems 111 Versions
unmounting about 449
about 286, 288 using 447
versus ejecting 285 Virtual LAN (VLAN) 500
usage, Screen Time Virtual Private Network (VPN) 492, 495
App Usage 164 volumes
notifications 166 about 250
pickups 166 ejecting 285
user accounts, types managing, in macOS 260
about 116 mounting 285
local user account 116 unmounting 285
user accounts
additional preferences, configuring 136, 137, W
138, 140 WebDAV 556
attributes 141, 142, 143 Wi-Fi 493
deleted accounts, restoring from disk image Wide Area Network (WLAN) 500
146, 149 Wide Web Distributed Authoring and Versioning
deleted accounts, restoring from users folder (WebDAV) 587
150, 151 widgets
deleting 144, 145 managing 421, 422
[ 772 ]
World Wide Developer Conference (WWDC)
12 Y
YARA
X reference link 658
Xcode app 380, 409
XProtect 658 Z
XQuartz 382 zero-configuration networking (zeroconf) 24
ZIP archives 457, 458, 459, 460

Nava H. The macOS User Administration Guide... 2021

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Nava H. The macOS User Administration Guide... 2021

Uploaded by

Copyright:

Available Formats

The macOS User

A practical guide to implementing, managing, and

Group Product Manager: Ashwin Nair

First published: April 2021

Production reference: 1220421

Published by Packt Publishing Ltd.

About the author

Currently, Herta works as a third-party vendor in the localization of technical

My deepest thanks to Pavan Ramchandani, Publishing Product Manager at Packt.

Currently, Adam is employed with a school district in a Chicago suburb managing

Accessing the macOS Recovery interface in Macs with the M1 chip 51

The Library folder 178

Location Services 241

Disabling/removing fonts 345

Installing and managing apps 396

Chapter 11: Backups and Archiving 456

Continuity Camera 575

What is System Integrity Protection? 646

Technical requirements 690

Who this book is for

What this book covers

Chapter 2, Installing and Configuring macOS, explores the installation of macOS in

Chapter 7, Understanding Ownership and Permissions, explains how ownership and

Chapter 12, Networking in macOS, reviews basic networking concepts for

Troubleshooting Tips, provides tips and suggestions for troubleshooting various

To get the most out of this book

Download the color images

Enter the csrutil disable command.

A block of code is set as follows:

Warnings or important notes appear like this.

Tips and tricks appear like this.

For more information about Packt, please visit packt.com.

More specifically, we will cover the following topics in this chapter:

Overview of the macOS system and architecture

Basic knowledge of the macOS environment

General knowledge of operating systems and development terminology

Overview of the macOS system and

macOS can be better understood if seen as a layered architecture including key

Figure 1.1 – macOS layered architecture

Let's dive a bit deeper into these layers:

Core OS layer: Here is where low-level service technologies and

Figure 1.2 – Features and components of the macOS architecture layers

As technology advances in giant leaps, many changes are happening in Apple's

Overview of the macOS general features

Here's a summary of the essential features:

Continuity: This feature is available from OS X Yosemite and later. It lets

Exploring the new features introduced in

New features introduced in macOS Big Sur

Figure 1.3 – macOS Big Sur Control Center

Figure 1.4 – Battery preferences

Figure 1.5 – Safari

Figure 1.6 – Eﬀects in Messages

New features introduced in macOS Catalina

Figure 1.7 – New media apps

Figure 1.8 – Screen Time

Figure 1.9 – Dark/Light/Auto mode

Activation Lock: A feature similar to that of an iPhone or iPad. When the

Figure 1.10 – Take a guided tour

Figure 1.11 – Take a guided tour

Exploring the macOS version history

Version name Version number

macOS Big Sur 11.0

macOS Catalina 10.15.6

Visit this link, https://support.apple.com/en-us/HT201475, to