Category Archives: Mac Security

Mac OS X Mac OS X Server Mac Security Minneapolis

Reboot Your Own Machine At MacMiniColo

Even a Mac needs to be rebooted sometimes. If you host a computer at Mac Mini Colo, it’s pretty easy to reboot. To reboot your system, log into your account with MacMini Colo.
Screen Shot 2014-12-10 at 8.56.40 AM
Once logged in, click on Computers and then click on the computer that you’d like to reboot. Then click on the Reboot button and confirm the reboot.

Screen Shot 2014-10-03 at 8.55.54 AM

Mac OS X Mac OS X Server Mac Security Mass Deployment Network Infrastructure

Simple Preflight and Sanity Checking in Scripts

I was recently building some preflight scripts and was looking to record some information about a machine live, before proceeding with a script. I found the cheapest way to determine information about architectures and chipsets when scripting preflight scripts for OS X to be the arch and machine commands respectively. For example, to verify the architecture is i386, use the arch command with no options:

/usr/bin/arch

Which simply outputs “i386”:

i386

To check the machine type, simply use the machine command:

/usr/bin/machine

Which outputs as follows:

x86_64h

Mac OS X Mac OS X Server Mac Security Mass Deployment Network Infrastructure Programming Ubuntu Unix

Opposite Day: Reversing Lines In Files

The other day, my daughter said “it’s opposite day” when it was time to do a little homework, trying to get out of it! Which reminded me of a funny little command line tool called rev. Rev reads a file and reverses all the lines. So let’s touch a file called rev ~/Desktop/revtest and then populate it with the following lines:

123
321
123

Now run rev followed by the file name:

rev ~/Desktop/revtest

Now cat it:

cat !$

Now rev it again:

rev !$

You go go forward and back at will for fun, much more fun than homework… Enjoy!

Mac OS X Mac OS X Server Mac Security Mass Deployment

Refresh OS X CRLs

I recently found an existing image with a lot of stale crl information. We couldn’t rebuild the image, so we decided to instead refresh all of the crl information. This information is stored in /var/db/crls/crlcache.db. Deleting the file turned out to be problematic so we needed to clear items out of the tables instead. While this could be done using a few different tools, it turns out there’s a command built into os x to take care of this process for us called crlrefresh.

To use crlrefresh to clean up stale crlinformation and fetch new crlinformation for all CRL and certificates, use:

crlrefresh rpvv

Mac OS X Mac OS X Server Mac Security

See How Long The Active User Has Logged In On A Mac

The following will grab you an integer of the number of hours an active user has logged into a computer:

user=$( ls -l /dev/console | awk '{ print $3 }' ) ; ac users $user | awk '{ print $2 }'

 

iPhone Mac OS X Mac OS X Server Mac Security

Casper 9.62 Is Out!

Casper 9.62 is now out! And holy buckets, look at all the stuff that got fixed in this release:

Casper-Suite-9.62-Release-Notes_320_414_84_1416419790

http://resources.jamfsoftware.com/documents/products/documentation/Casper-Suite-9.62-Release-Notes.pdf?mtime=1416856726

PS – There’s also some api improvement goodness!

iPhone Mac OS X Mac OS X Server Mac Security

MacVoices Podcast With Chuck Joiner About The New Take Control Of OS X Server Book!

Yay, podcasts! Chuck Joiner was kind enough to have me on MacVoices. We did a show, now available at http://www.macvoices.com/macvoices-14223-charles-edge-helps-take-control-os-x-server

Or if you’d like to watch on YouTube or inline:

http://youtu.be/AeccoRqIrgc

Bushel iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment

Bushel Goes Into Invitation Mode!

Yesterday the Bushel team finished some new code. This code allows you to refer your friends to Bushel! This skips the codes that everyone was waiting for and lets people create accounts immediately!

Screen Shot 2014-11-24 at 10.07.02 PM

From your home screen, click on Invite Friends. Or from the Account screen, scroll down to the section that says “Invite friends to join Bushel”. From here, you can post codes to Facebook, Tweet codes, post codes to LinkedIn and even email them.

We’re not going into general availability just yet. But we’re definitely making it easier long-term to sign up and use Bushel! We hope you love it as much as we do!

Since we’re still architecting how these final screens look, the final features and stress testing the servers, also if you’re testing the system please feel free to fill out our feedback form so we know what you think of what we’re doing and where we’re going!

Or if you’re still waiting for a code, use this link to skip that process https://signup.bushel.com?r=fd0fcf9e6d914a739d29c90421c0fb45.

Articles and Books Mac OS X Mac OS X Server Mac Security Mass Deployment

My Take Control Of OS X Server Book Now Available!

Thanks to all the awesome work from Adam and Tanya Engst, Tidbits announced today that my Take Control of OS X Server is now available! To quote some of the Tidbits writeup:

Some projects turn out to be harder than expected, and while Charles Edge’s “Take Control of OS X Server” was one of them, we’re extremely pleased to announce that the full 235-page book is now available in PDF, EPUB, and Mobipocket versions to help anyone in a home or small office environment looking to get started with Apple’s OS X Server.

As you’ll likely remember, we published this book chapter by chapter for TidBITS members, finishing it in early September (see “‘Take Control of OS X Server’ Streaming in TidBITS,” 12 May 2014). Doing so got the information out more quickly, broke up the writing and editing effort, and elicited reader comments that helped us refine the text.

Normally, we would have moved right into final editing and published the book quickly, but from mid-September on, our attention has been focused on OS X 10.10 Yosemite, iOS 8, and our new Take Control Crash Course series. We were working non-stop, and while we wanted to release “Take Control of OS X Server,” we felt it was more important to finish the books about Apple’s new operating systems for the thousands of people who rely on Take Control for technical assistance.

During that time, we had the entire book copyedited by Caroline Rose, who’s best known for writing and editing Inside Macintosh Volumes I through III at Apple and being the editor in chief at NeXT. Plus, we went over the book carefully to ensure that it used consistent terminology and examples, optimized the outline, and improved many of the screenshots.

The main problem with this delay was that Apple has now updated OS X Server from version 3.2.2 (Mavericks Server, which is what we used when writing the book) to 4.0 (Yosemite Server, which is all that works in Yosemite). Updating the book for Yosemite Server would delay it even longer. Luckily for us, veteran system administrators say that you should never upgrade OS X Server on a production machine right away. And even luckier, the changes in Yosemite Server turn out to be extremely minor (a sidebar in the Introduction outlines them), so those who want to get started now can use the instructions in the book with no problem. It’s also still possible to buy Mavericks Server and install it on a Mac running Mavericks, as long as you have the right Mac App Store link from the book. We are planning to update the book for Yosemite Server (which mostly involves retaking screenshots and changing the “mavserver” name used in examples) in early 2015 — it will be a free update for all purchasers.

Screen Shot 2014-11-24 at 7.59.44 PM

You can find out more about the book at http://www.takecontrolbooks.com/osx-server. An update will be due out in early 2015, so stay tuned for more!

Bushel iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment Minneapolis

Bushel: The Device Enrollment Program (DEP) In Action

Apple’s Device Enrollment Program (DEP for short) allows you to automatically setup devices with the settings you need on devices that your organization purchases. In Bushel, we give you the ability to link an Apple DEP account up with your Bushel account. This allows devices to add themselves automatically to your Bushel when the devices are activated. We tend to think this is the coolest thing since sliced bread and so we want to make sure you know how to use the feature.

Setup Device Enrollment Program in Bushel

To get started, log into your Bushel and click on Devices. Here, click the button for Device Enrollment Program.

XcKrpO-M0gXF27l0exLKtVbNMLdI1itn8ThiXRqW3xQ

Download your certificate and go to deploy.apple.com and log into your Device Enrollment Program account. Click on Manage Servers in the Deployment Programs sidebar.

Screen-Shot-2014-10-14-at-2.12.49-PM

Next, click on Add MDM Server and provide the certificate we gave you and a name. Once Bushel has been added to your Device Enrollment Program (DEP) account, click on Assign by Serial Number to add your first device. Assuming the device is part of your DEP account, enter the serial number for the device and choose which server (the one you just added) that the device should reach out to on activation to pull settings from.

Screen-Shot-2014-10-14-at-2.13.53-PM

Once you’ve added the server, you’ll be greeted by a screen that says Assignment Complete. You can now wipe the device and upon reactivation the device will pull new settings from your Bushel.

Screen-Shot-2014-10-14-at-2.13.58-PM

The Device Enrollment Program in Bushel

Click OK and you can add more devices. Once your devices are added into the Apple DEP portal they will automatically appear in the DEP screen of your Bushel. Click on a device to assign a username and email address, if you will be using email.

xdWSZrVkYs6wWHgmzfmdkOdmZjSXVMDqrypOkqCaC3w-1

Good luck!