Tiny Deathstars of Foulness

Back when I worked with Xsan a lot more than I do now, one of the things we spent a lot of time doing was working with metadata and journal data on Xsan volumes. You can also view journal data for non-Xsan volumes. The hfs.util binary is used to view journal data about volumes. In this example, we’ll look at the journal size and location the boot volume of our system:

/System/Library/Filesystems/hfs.fs/Contents/Resources/hfs.util -I /Volumes/Macintosh\ HD

The output shows the size of the journal and the location, as follows:

/Volumes/Macintosh HD : journal size 40960 k at offset 0x1a38b000

November 25th, 2015

Posted In: Mac OS X, Mass Deployment

Tags: , , , , , ,

Leave a Comment

The hostinfo command displays information about your host; namely your kernel version, the number of processors the kernel is configured for, the number of physical processors active, the number of logical processors active, the type of those processors, which ones are active, the amount of memory available, tasks, threads, and average load.

Run hosting without any arguments or options:


The output would be as follows (ymmv per system):

Mach kernel version:
Darwin Kernel Version 15.0.0: Wed Aug 26 19:41:34 PDT 2015; root:xnu-3247.1.106~5/RELEASE_X86_64
Kernel configured for up to 4 processors.
2 processors are physically available.
4 processors are logically available.
Processor type: x86_64h (Intel x86-64h Haswell)
Processors active: 0 1 2 3
Primary memory available: 16.00 gigabytes
Default processor set: 395 tasks, 1711 threads, 4 processors
Load average: 1.78, Mach factor: 2.21

There are a bunch of other commands that can provide far more detailed information about your system. However, hostinfo has remained basically unchanged for 13 years, so if I can get something there, I can trust it’s fairly future-proofed in my scripts.

November 23rd, 2015

Posted In: Mac OS X

Tags: , , , ,

Leave a Comment

Screen Shot 2015-11-18 at 6.13.02 PM

Repair permissions was unceremoniously removed from OS X in El Capitan. This staple of the Mac gurus toolkit disappeared. There was no 21 gun salute, there was no flaming casket sent out to sea and there was no sweet, sweet wake to get drunk at. Instead, there was pain. There was pain, because when the button disappeared, the need did not. Need proof? If you haven’t yet run it, let’s check your system to verify the permissions of the standard packages:

sudo /usr/libexec/repair_packages --verify --standard-pkgs --volume /

In the above command, we used the repair_packages binary, which has not changed in awhile. We then feed that the –verify option and the –standard-pkgs option, finally providing the volume of the current boot volume using –volume followed by the /. Pretty straight forward. Assuming there’s something to repair, the below will actually run that repair operation:

sudo /usr/libexec/repair_packages --repair --standard-pkgs --volume /

Where’s the sweet, sweet button? The rest of the screen is so darn lonely without it.

Screen Shot 2015-11-18 at 6.13.02 PM

And now that you know the command, feel free to throw it in your self service. That way users can do it without opening terminal or using an admin password!

November 22nd, 2015

Posted In: Mac OS X, Mac OS X Server, Mass Deployment

Tags: , , , , ,


When I was doing a lot of hiring, the pool of Mac Admins was smaller. And it was in a way easier for me to recruit people, because I knew a lot of them. As the pool has grown and a lot of the talent has matured, keeping your finger on the pulse of the hiring market around Apple has become much more challenging. Also, I’ve recruited far more developers and marketing professionals than Apple engineers in the past couple of years. But, there are still a number of places that you can look to find good Mac and iOS engineers looking for a gig. Here’s a quick and dirty list (which can be used to find jobs as well, I suppose) of a few of the better places to look for people you might choose to try and hire:

  • One of the best places to find someone is whatever site or email list appeals to the administrators of products you run. For example, this could be the Studio SysAdmins list if you’re in the film industry, JAMF Nation if you run the Casper Suite, or the Munki forums if you use Munki. If your target is to hire someone with a specific skillset, then looking where the people who have those skills lurk is never a terrible idea. Do be gentle there, though, and know what the protocol is for posting a job (e.g. many have specific threads for job and employee seekers). But nothing is as legitimate as flexing your knowledge of a product on the products own forums. This is more challenging if you’re looking for a generalist. There you likely have more people suitable, so opening your net to a job board isn’t terrible idea. I’d also include the Mac Enterprise email list, and all the Mac conferences. Having said that, protocol is important. For example, in my opinion, it is crass to actively recruit someone at a conference if their employer paid for them to be there. Grab a card, do it when you get home if you need to.
  • It’s cheap, it’s easy to post, and I see a lot more people using this site than I see for some of the larger sites. They do aggregate data from some of the larger sites, so a lot of candidates might start their searches there.
  • Craigslist. I’ve found some of my best employees on Craigslist. You get a lot more resumes that aren’t appropriate, so you’ll spend a little more time weeding through them. It’s the cheapest place to post a job, and you’ll spend more time vetting candidates, but it’s not a bad place if you’re looking for local generalist talent and have the time to spend.
  • is one of the oldest of the recruiting sites. It’s not a terrible place to post a job. You get fewer candidates than many other places, but they’re often more qualified than you might think. I do find you get people waaaaay outside your geography, which is always hard, especially for a smaller company who can’t pull the trigger on a Visa as quickly as they’d like to fill a vacancy.
  • CareerBuilder is similar to Monster, so most of the things there apply to it as well. Pick one of these sites, if you’re looking fora good generalist. If you have a specialty, you can search their resumes but aren’t likely to find a ton of candidates in the Apple space.
  • is another big job board.
  • LinkedIn. It’s the professional social network, right? I found many really good candidates. I got a response per maybe 10 messages I sent, and of those, most were qualified on paper at a minimum. It can take some time to sort through people, but do yourself a favor and get a Premium account. It will cost less than posting a job to many of the big sites, and you’ll have much better search and communication tools at your disposal! You can also post a job there, but it only amplifies by your social network, so you’ll need a good number of connections for this  to pan out well for you.
  • This site used to have more normal techie jobs. These days they’ve gone into more executive and management, which sometimes you’ll need to hire.
  • If you need interns, check out AfterCollege.
  • Peercisely. A peer-based job board that rewards referrals. ‘Cause referrals are the best way to find employees, after all!
  • is a great spot for hourly employees. Which most Mac engineers are not. But some are…
  • is one of the most important tools many potential employees have in their job hunting arsenal. And you can post your job there. Chances are, they’ll look you up there, btw, so review what the reviews on you say.
  • Superuser, stackoverflow, (you can post jobs to these), github (who wrote the cool projects you like or contributes to them), Twitter, etc. A good strategy I used was to Google for the answer to a question I had. Sometimes I’d pick a juicy trouble ticket from the previous week and copy the text and paste it into a browser. If someone answered that question, then I might very well want them on my team. This worked best when I was after employees who could live anywhere in the US or world. It’s harder when you need an onsite engineer.
  • Slack. It’s not often that something comes along and really changes an entire community. Launched maybe a year ago, the MacAdmins Slack channel, accessible at has become a great place to find talented Mac Admins, and see what else they have have posted previously!
  • Grow your own. I’m sure this isn’t what anyone who finds this post with a Google search is going to want to find. But consider giving someone on your team a chance to become a good Mac Admin. They may surprise you!
  • Finally, The community is still small enough that you can search for speakers at the various Mac Conferences and look into whether some of them are local to you. This is kinda’ funny, because they might not even remotely be the best talent, but they might – or they might know someone looking!

Screen Shot 2015-11-12 at 9.56.41 PM

Good luck. Good people make your company and you more successful. A bad hire has the opposite impact. Choose wisely! And if you found a job and think you have a good add, post a comment. I’m always interested in how people found their gigs!

November 18th, 2015

Posted In: Apple Configurator, iPhone, Mac OS X, Mac OS X Server, Mac Security

Tags: , ,


You know how in Notification Center, how you see a banner for awhile? You can customize how long that lasts. To do so, use defaults to write a bannerTime key into They should be an integer that shows the number of seconds for the banner to display, For example, to set the banner to 10 seconds:

defaults write bannerTime 10

Or 2 seconds:

defaults write bannerTime 2

Once you set the time, log out and log back in (or reboot) for the change to take effect. Enjoy

November 17th, 2015

Posted In: Mac OS X

Tags: , , , , ,

One Comment

This is my 3,000th post on The past 3,000 posts have primarily been about OS X Server, Mac automation, Mac deployment, scripting, iOS deployments, troubleshooting, Xsan, Windows Servers, Exchange Server, Powershell, security, and other technical things that I have done in my career. I started the site in response to a request from my first publisher. But it took on a mind of its own. And I’m happy with the way it’s turned out.

My life has changed a lot over these past 11 years. I got married and then I got divorced. I now have a wonderful daughter. I became a partner and the Chief Technology Officer of 318 and helped to shape it into what was the largest provider of Apple services, I left Los Angeles and moved to Minnesota, left 318 to help start up a new MDM for small businesses at JAMF Software called Bushel, and now I have become the Consulting Engineering Manager at JAMF. In these 11 years, I have made a lot of friends along the way. Friends who helped me so much. I have written 14 more books, spoken at over a hundred conferences, watched the Apple community flourish, and watched the emergence of the Post-PC era.

In these 11 years, a lot has happened. Twitter and Facebook have emerged. Microsoft has hit hard times. Apple has risen like a phoenix from those dark ashes. Unix has proved a constant. Open Source has come into the Mac world. The Linux gurus are still waiting for Linux on the desktop to take over the world. Apps. iOS. iPad. Mobility. Android. Wearables. Less certifications. More admins. And you can see these trends in the traffic for the site. For example, the top post I’ve ever written is now a list of Fitbit badges. The second top post is a list of crosh commands. My list of my favorite hacking movies is the third top post. None of these have to do with scripting, Apple, or any of the articles that I’ve spent the most time writing.

That’s the first 3,000 posts. What’s next? 3,000 more posts? Documenting the unfolding of the Post-PC era? Documenting the rise and fall of more technologies? I will keep writing, that’s for sure. I will continue doing everything I can to help build out the Apple community. And I will enjoy it. I’ve learned a lot about writing along this path. But I have a lot more to learn.


The past 3,000 posts have mostly been technical in nature. I’ve shown few of my opinions, choosing to keep things how-to oriented and very technical. Sure, there’s the occasional movie trailer when I have a “squee” moment. But pretty technical, overall. I’ve been lucky to have been honored to speak at many conferences around the world. One thing I’ve noticed over the past few years is that when people ask me to speak at conferences, they ask me to speak about broader topics. They don’t want me doing a technical deep dive. People use the term thought leader. And while I don’t necessarily agree, maybe it’s time I step up and write more of those kinds of articles here and there.

I’ve learned so much from you these 11 years. But I feel like I’ve barely scratched the surface. I look forward to learning together over the course of the next 3,000 posts! Thank you for your support. Without it, I’d have probably stopped at 10 articles!

November 16th, 2015

Posted In: 318, Apps, Articles and Books, Bushel, Business, certifications, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Microsoft Exchange Server, Minneapolis

Tags: , , , , ,


Blueprints are a new option in Apple Configurator 2. Blueprints allow you setup a template of settings, options, apps, and restore data, and then apply those Blueprints on iOS devices. For example, if you have 1,000 iOS devices, you can create a Blueprint with a restore item, an enrollment profile, a default wallpaper, skip all of the activation steps, install 4 apps, and then enabling encrypted backups. The Blueprint will provide all of these features to any device that the Blueprint is applied to.

But then why not call it a group? Why call it a Blueprint? Because the word template is boring. And you’re not dynamically making changes to devices over the air. Instead you’re making changes to devices when you apply that Blueprint, or template to the device. And you’re building a device out based on the items in the Blueprint, so not entirely a template. But whatever on semantics.

To get started, open Apple Configurator 2.

Screen Shot 2015-11-04 at 1.00.24 PM

Click on the Blueprints button and click on Edit Blueprints.

Screen Shot 2015-11-04 at 1.00.33 PM

Notice that when you’re working on Blueprints, you’ll always have a blue bar towards the bottom of the screen. Blueprints are tiled on the screen, although as you get more and more of them, you can view them in a list.

Screen Shot 2015-11-04 at 1.00.47 PM

Right-click on the Blueprint. Here, you’ll have a number of options. As you can see below, you can then Add Apps. For more on adding Apps, see this page.

Screen Shot 2015-11-04 at 1.00.55 PM

You can also change the name of devices en masse, using variables, which I explore in this article.

Screen Shot 2015-11-04 at 1.01.11 PM

For supervised devices, you can also use your Blueprints to change the wallpaper of devices, which I explore here.

Screen Shot 2015-11-04 at 1.01.21 PM

Blueprints also support using Profiles that you save to your drive and then apply to the Blueprints.

Screen Shot 2015-11-04 at 1.01.29 PM

Blueprints also support restoring saved backups onto devices, as I explore here.

Screen Shot 2015-11-04 at 1.01.39 PM

For kiosk and single purpose systems, you can also enter into Single App Mode programmatically.

Screen Shot 2015-11-04 at 1.02.25 PM


You can also configure automated enrollment, as described here. Overall, Blueprints make a great new option in Apple Configurator 2. These allow you to more easily save a collection of settings that were previously manually configured in Apple Configurator 1. Manually configuring settings left room for error, so Blueprints should keep that from happening.

November 11th, 2015

Posted In: Apple Configurator, Mac OS X, Mass Deployment

Tags: , , , , , , , , , , , , ,


When you join a wireless network on a Mac, the information for that network is cached into the property list. You can access this information using the following command, constraining output to the LastConnected field and the next 7 lines:

<code>defaults read /Library/Preferences/SystemConfiguration/ | grep LastConnected -A 7</code>

November 11th, 2015

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , ,



I remember way back, long ago, before the iPad, and before the iPhone, Apple had official certification training for OS X Server. I think I got my first certification around 10.3. Over time, additional courses appeared. There was an Xsan course, there was an OS X Server course, and there were plans for more. At the height of the Apple certification program, you could get the following for a full on systems administration plethora of acronyms, including ACDT, ACTC, ACSA, and ACMA:


  • Mac OS X Support Essentials v10.6: Prometric #9L0-403, removed on May 31, 2012
  • Mac OS X Server Essentials v10.6: Prometric #9L0-510, removed on May 31, 2012
  • Mac OS X Directory Services v10.6 Prometric #9L0-624, removed on May 31, 2012
  • Mac OS X Deployment v10.6: Prometric #9L0-623, removed on May 31, 2012
  • Mac OS X Security & Mobility v10.6: Prometric #9L0-625, removed on May 31, 2012
  • Xsan 2 Administration: Prometric #9L0-622, removed on May 31, 2012
  • Final Cut Pro Level One: Prometric #9L0-827
  • Macintosh Service Certification Exam
  • OS X Yosemite Troubleshooting Exam


You could also go further and get an Apple Certified Trainer designation (ACT) and be able to teach these classes. Certifications aren’t everything, so it was certainly possible to get certified without having the skills, or to get l33t without getting the certs. However, they were a good guidepost for me when hiring and there were certain activities I engaged in with Apple that having the certifications was either required or extremely helpful.


But over time, Apple shifted its focus elsewhere. After the release of the iPad (and subsequent gangbuster sales of the product), the number of services and the viability of using some of those services in large environments (e.g. due to the death of the Xserve and Xserve RAID), have both decreased sharply. Meanwhile, the ease of use of the services has sharply increased. A simpler product required less training, so the ACSA went away. Additionally, Final Cut Server as a product was removed from Apple’s portfolio and so the ACMA certification disappeared. By 10.10, there were two courses for OS X and OS X Server (ACTC) and another for hardware that’s much more specific to hardware repair.


But as with the Highlander, for 10.11, there can be only one. OS X Server no longer has a course. So today, I’ll say adios, Server certs. I spent a lot of time on you. I will miss you. Or notsomuch. TBD. It’s a different world…


The book for the OS X Server 10.11/Server 5 course is still being made. I’ve heard it should be out in January. And I’ll keep writing articles and books about this stuff for as long as it’s viable. So there’s content. And I’m sure (like really sure) that there will be a third party that introduces a certification for OS X Server. So stay tuned for more on that! And be assured that the end of one era usually represents the beginning of a new era. Those on that boat to the new era usually do well!

November 10th, 2015

Posted In: certifications, Mac OS X, Mac OS X Server

Tags: , , , ,

Leave a Comment

Did you know that bash supports emojis? So do SSIDs. Let’s run a quick and easy command so that bash can enjoy the same holiday that you’re enjoying. Let’s say the name of an emoji. To do so, open the and paste this command in:

say 💩

You can also easily edit your .bash_profile. To do so, run the `vi .bash_profile` command and paste this line in:

PS1="💩   $"

Note that I put a few spaces here, after the smiling pile of poo (which I really just like to type and verbalize while sitting next to people on airplanes). The reason for the spaces is that otherwise your text might overlap with the emoji. The $ allows me to know I’m at a prompt rather than just looking at an otherwise smiling pile of poo. Anyway, save and open a new Terminal prompt. Boom. Poo. In the Edit menu of the Terminal app, there’s an “Emoji & Symbols” option, which lets you pick many, many more emojis. So you’re not just stuck with the poo I left for you here. Although I could have set it on fire and left it on your doorstep; then you’d be stuck with it…😘

October 31st, 2015

Posted In: Mac OS X

Tags: , , , , ,

Next Page »