Tiny Deathstars of Foulness

The WD MyCloud is a pretty single-purpose device. It’s a disk with a network interface, and as with Direct Attached Storage, the MyCloud Network Attached Storage is pretty easy to connect to.

First, let’s look at connecting to the web interface via the menu item, where you can drag and drop files to the device. Once the device is configured, use the WD menu item to see your device. From there, click on the name of your device.

Alternatively, you could visit and sign into the web interface there. 

In both cases, you’ll see a list of files and then in the sidebar, you’ll see those options to configure settings, add integrations, view active its, and view photos that are on the device. 

From here, you can simply drag and drop files into the web page, just like with a box or dropbox account, but the files are stored on the device. Additionally, you can send a link to a file or folder. To do so, right-click on the object you wish to share and then click Share Link.

At the resulting screen, you’ll see a link. Click Copy to copy the link into your clipboard so you can paste it into an email.

You may also want other users to be able to log into your WD MyCloud. To allow them to do so, open Settings and click on Add User. Then provide the email address for the user and click on Send Invites.

Finally, you can also mount  the drive directly to computers. To do so, click on “Connect to Server” (or Command-K) from the Finder.

At the Connect to Server screen, enter the address of the server and click Connect. If you don’t know the address and you’re on the local network of the device. Additionally, if you have the menu item installed, you’ll see the device in the sidebar of your Mac. 

It’s worth noting that with the exception of the ability to share a link to a file or folder, the permissions on the device are pretty much wide open, as you can see below. Additionally, any files you bring into the device will end up with the same wide open permissions. And while you can change permissions on files, they’ll revert back. So if you will need more granular capabilities with file permissions, this might not be the device for you. This device is a very inexpensive way to do very small workgroups or home file sharing, but beyond that it could be too basic for a lot of business use cases. What I like about it though, is that it doesn’t pretend to be anything but what it is. And it does that very well, in a very easy-to-use way.

Now the MyCloud NAS comes with removable drives and a more robust interface. It’s still easy to use, but you can configure RAID levels, basic iSCSI functionality, and users. I still wouldn’t put this in front of large workgroups, but to replace a macOS Server for a small business, or as a basic NAS head, it’s a solid, easy-to-manage device.

March 19th, 2018

Posted In: Mac OS X, Mac OS X Server, Network Infrastructure

Tags: , , , ,

Leave a Comment

Over the years, I’ve setup dozens of Synology Network Appliances for customers and friends. But I never thought of doing much writing in the NAS space, be it for ReadyNAS, Thecus, Buffalo, etc. The interfaces seemed to change too fast and my focus was always on the management and connectivity of Apple devices. Slowly, over the years, small business servers have gone from being something you could make a decent living to something that should probably be hosted in the cloud.

Unless you have a design requirement that just can’t work in the cloud. And for that, there are a ton of options. Today we’ll cover the basic setup of a Synology to fill one of those options. Synology has a number of models. There are those that have multiple drive bays that allow you to run a RAID 50 and there are those with just two drive bays, that allow you to run RAID 1, or 0. But most have a similar, and sleek setup process. Start by putting all the drives in the bays and then powering up your device.

When the device comes online, plug in your Ethernet cable (preferably to a gig or 10gig interface) and then open your web browser and go to You’ll see a pretty basic screen with details about the device. Click Connect.

When prompted, click Set Up.

When prompted, install the latest security updates (note: you want to do this before you start sending sensitive credentials over the wire. It’s fast. )

This is important. Those drives you put in that Synology were empty, right? ‘Cause if you proceed here, they better be. Or they will be after. If they are empty, check the box and click OK.

At the “Create your administrator account” screen enter the hostname you want to be given to your server, a username, password, password a second time to make sure, and blood type. Wait, blood type goes on the next screen, so click Next.

Sike! No blood type required. At the superfluous Congratulations screen, click next again!

At the maintenance window, select a time that the device can install updates and reboot. Also, it’s a good idea to check both of the boxes at the bottom – S.M.A.R.T. tests don’t always save you from catastrophic data loss, but it does save you way more than if you don’t use it. And bad sector warnings aren’t good either. Click Next.

A QuickConnect account allows you to access your server remotely. That’s a great thing to have. If you have one, provide it here; otherwise, give Synology an email address and password and they’ll make it simple to manage your device remotely (which includes grabbing files off it when you’re at work, etc).

Copy that link (although it’s kinda’ easy to remember as it’s<DEVICENAME>). 

I’m ok skipping the recommended packages, as I like to have more control of what’s installed on my devices, but if you’re just going to use a Synology as a basic file or Time Machine server and want as few steps as possible here, click Install. 

That’s it, click OK to be donezo. 

When you finally get into the main screen, notice that it’s kinda’ like a stripped down KDE interface. The main two things to know are Control Panel and Package Center. If you skipped installing some of the packages in the previous step, you’ll do that in Package Center. But first, let’s check out the global device settings by clicking on Control Panel.

At the Control Panel, the main things most users will want to do first are manage accounts and addresses (if you’re going to connect client computers to a file server, for example, you’re gonna’ want a static IP). So let’s click Network to configure a network interface. 

The General tab is for configuring your default gateway, upstream name servers, etc. Click Network Interface so we can enter a static address for a LAN interface. But before you do, take note that the Traffic Control tab provides the ability to do some basic traffic shaping if this box is going to run multiple services.
Let’s click on the LAN interface.

Here, you can enter the IP, subnet mask, gateway, and name server. Make sure the IP doesn’t overlap with an existing device or with a DHCP pool. I won’t go into configuring a Synology for VLAN tagging or to be a first class citizen on an 802.1x network, but note that both of those options are available here. Click OK to save your changes.

You didn’t pay good money for this thing for no reason. So next, let’s close these screens and go back to the main screen. Open Package Center. 

As you can see, there are a ton more services here than, for example, the built-in services on a macOS Server. And it’s as easy as clicking on the Install button to get started with each.

March 15th, 2018

Posted In: Network Infrastructure

Tags: , , , ,

Leave a Comment

The past couple of years has forced me to rethink many of my recommendations for how you backup computers in small office and home environments. Previously, I would have said that you could use a disk attached to an Apple AirPort. But the AirPort Base Station is no longer being made. Previously, I would have said you could use Time Machine Server, a service built into macOS Server in 5.4 and below. But that service is no longer being made in macOS Server by Apple and is now found in the Sharing System Preference pane . Previously, I might have even said to use the home edition of CrashPlan, which could have backed up to their cloud and/or a home server. But that plan is no longer being offered by Code 42.

So what are we to do? Well, luckily now the offerings out there are just endless. One of those offerings is so easy, you can run out to Best Buy, return home with a WD (Western Digital) drive, and be up and running in about 5 minutes. I’ll cover other options when I cover file services and Synology. But in the meantime, let’s look at setting up a WD drive, account, and configuring both to work with Time Machine. 

Setup Your WD Hard Drive
First, we’ll setup the drive. This is pretty straight forward. Plug the ethernet cable into your network, wait for the drive to boot up, and then go to the MyHome setup page.

Here, you’ll be prompted to setup a My Cloud Home account. Enter a name, email address, and password. Then click on Create Account.

You’ll then be prompted for the device you plugged in, which is discovered on the network. Click Connect.

Choose whether you want to share product improvement data. Ever since my team as a product manager I’m a huge fan of doing so, so I clicked Share.

Once that’s done, you’ll be prompted to get the desktop app. While not absolutely necessary, it’s not a bad idea. If you want the app, click Download.

Once the app is done downloading, open the directory and open the installer.

Click Install Now.

Once complete, you’ll see the menu bar. Click it and then add your device if you don’t see it by clicking on “I don’t see my device” 

When prompted, enter your email address and password that you created earlier and then click on Sign In.

Click Skip.

Next, in the notifications area for updating the software make sure to run that. There was a pretty bad vulnerability awhile back and that will make sure you’re good. Then click on the name of your WD MyCloud Home.

Add IFTTT Alerts

I want to see when new updates, channels or options are added, so I’m going to enable that. To do so, click on Services in the sidebar. and then click on Enable for IFTTT.

Assuming the terms of service are acceptable, click “I Agree”

When prompted, choose to connect to IFTTT.

From the IFTTT site, click Connect.

Choose which options to give IFTTT for the MyCloud API.

Browse the channels and enable each that you’d like and then click “Turn on.”

Mount the MyCloud Drive
Next, open a “Connect to Server” dialog box (Command-K from the Finder) and click on Browse.

Click on the MyCloud-XXX where XXX is the identifier for your MyCloud account.

Click on the timemachinebackup folder.

The folder should initially be empty. Now let’s open the Time Machine System Preference pane.

Click on “Select Backup Disk…”

Choose Your MyDisk From Time Machine

Choose the TimeMachineBackup directory for the MyCloud Device and click on “Use Disk.”

You’ll then want to create a user for backing up. To do so, go back to the site and click on settings. Then click on “Add user…” and enter an email address.

The email address will get an email to setup an account. Do so and then once you’ve configured the user, enter the email address and password when prompted.

Now wait for the first backup to finish. If you ever see any errors, check them; otherwise, you should backup to the device as with a locally attached drive, but you won’t need to plug directly into the drive to run backups.

This doesn’t solve for a lot of use cases that Time Machine Server would have been better for. But it’s a simple task that should cost you a little over a hundred bucks and get you backing up. I’m still a fan of cloud services. Backblaze, Carbonite, and others will backup your data for an annual fee of a little less than what a MyDrive costs. I’ll cover those in later articles, but for now, you’ve got a backup on your network, which even if you use one of those services is a great option in the event of hardware failure, as you can quickly get back up and running with a full system restore!

March 12th, 2018

Posted In: Mac OS X, Network Infrastructure

Tags: , , , , , ,


I covered managing devices based on policy in One of those policies is “modern authentication”, Azure Passthrough Authentication, or OAuth if you will. To enable it, log into Exchange Online via PowerShell and run the set-OrganizationConfig to set -OAuth2ClientProfileEnabled to True: Set-OrganizationConfig -OAuth2ClientProfileEnabled $true If you’re using Skype, do an override: Set-CsOAuthConfiguration -ClientAdalAuthOverride Allowed Now check that OAuth was enabled properly: Get-CsOAuthConfiguration And viola, you’ve caught up to where WordPress was at with OAuth 8 years ago! Next, check the global ADFS authentication rule: Get-AdfsAdditionalAuthenticationRule And you can use Set-AdfsAdditionalAuthenticationRule. Now, you should be able to check the ADFS rules required for a given MFA requirement: Get-AdfsRelyingPartyTrust –Name "Krypted" And then if necessary, set them: Set-AdfsRelyingPartyTrust –TargetRelyingParty Krypted –AdditionalAuthenticationRules ‘c: [Type == "", Value == "S-1-5-21-Insert your Group SID here"] && [Type == "", Value == "false"] => issue(Type = "", Value = "");’ You can then check groups: GetADGroup -Identity "Krypted Users"

May 9th, 2017

Posted In: Microsoft Exchange Server, Network Infrastructure, Windows Server

Tags: , , , , ,

There’s a macOS tool called AssetCacheLocatorUtil located at /usr/bin/AssetCacheLocatorUtil. The output is in… stderr. Because stderr is so fun to work with (note that sed -i only works with stdin). So, to update the caching server(s) you are using and only print the IP address of those, you’d do the following: /usr/bin/AssetCacheLocatorUtil 2>&1 | grep guid | awk '{print$4}' | sed 's/^\(.*\):.*$/\1/' | uniq If you use Jamf Pro and would like to use this as an extension attribute, that’s posted here: I didn’t do any of the if/then there, as I’d usually just do that on the JSS.

April 17th, 2017

Posted In: Mac OS X, Mac Security, Mass Deployment, Network Infrastructure, precache

Tags: , , , , , , , , , ,

You can quickly and easily back up your Filewave databases using the fwcontrol command to stop a Filewave server (thus preserving the integrity of the data you are backing up) and then backing up the database using the /fwxserver directory. To get started, we’ll first down the server. This is done using the fwcontrol command along with the server option and the stop verb, as follows: sudo fwcontrol server stop Now that there won’t be data trying to commit into the database, let’s make a backup of the database directory using the cp command: cp -rp /fwxserver/DB ~/Desktop/Databasebak To start the database, use the decontrol command with the server option and the start verb, as follows: fwcontrol server start Note, if you will be moving to a new Filewave server, you would want to lock clients during this transition, so before restarting your server, use the sqlite3 command to set the status to 1 in the user table: sqlite3 /fwxserver/DB/server.sqlite 'update user set status = 1;'

February 15th, 2017

Posted In: Mac OS X, Mac OS X Server, Mac Security, Network Infrastructure

Tags: ,

Prepare for your network administrators to cringe… I’ve spoken on these commands but never really put them together in this way, exactly. So I wanted to find a coworker on a network. So one way to find people is to use a ping sweep. Here I’m going to royally piss off my switch admins and ping sweep the subnet: ping Next, I’m going to run arp to translate: arp -a Finally, if a machine is ipv6, it wouldn’t show up. So I’m going to run: ndp -a Now, I find the hostname, then look at the MAC address, copy that to my clipboard, find for that to get the IP and then I can flood that host with all the things. Or you could use nmap… :-/

January 7th, 2017

Posted In: Mac OS X, Network Infrastructure

Tags: , , , , , ,

DHCP, or Dynamic Host Control Protocol, is the service used to hand out IP addresses and other network settings by network appliances and servers. The DHCP Server built into macOS Server 5.2 on Sierra is similar to the DHCP service that was included in Server 10.2 from the good ‘ole Panther days. It’s pretty simple to use and  transparent, just as DHCP services should be. To install the service, open the Server app and then click on the Show button beside Advanced in the server sidebar. Then click on DHCP. screen-shot-2016-09-28-at-10-20-57-am At the DHCP screen, you’ll see two tabs: Settings, used for managing the service and Clients, used to see leases in use by computers that obtain IP address information from the server. You’ll also see an ON and OFF switch, but we’re going to configure our scopes, or Networks as they appear in the Server app, before we enable the service. To configure a scope, double-click on the first entry in the Networks list. screen-shot-2016-09-28-at-10-21-37-am Each scope, or Network, will have the following options:
  • Name: A name for the scope, used only on the server to keep track of things.
  • Lease Duration: Select an hour, a day, a week or 30 days. This is how long a lease that is provided to a client is valid before the lease expires and the client must find a new lease, either from the server you’re configuring or a different host.
  • Network Interface: The network interface you’d like to share IPs over. Keep in mind that you can tag multiple VLANs on a NIC, assign each an interface in OS X and therefore provide different scopes for different VLANs with the same physical computer and NIC.
  • Starting IP Address: The first IP address used. For example, if you configure a scope to go from to you would have 50 useable IP addresses.
  • Ending IP Address: The last IP address used in a scope.
  • Subnet Mask: The subnet mask used for the client configuration. This setting determines the size of the network.
  • Router: The default gateway, or router for the network. Often a .1 address for the subnet used in the Starting and Ending IP address fields. Note that while in DHCP you don’t actually have to use a gateway, OS X Server does force you to do so or you cannot save changes to each scope.
  • DNS: Use the Edit button for DNS to bring up a screen that allows you to configure the DNS settings provided as part of each DHCP scope you create, taking note that by default you will be handing out a server of if you don’t configure this setting.
The DNS settings in the DHCP scope are really just the IP addresses to use for the DNS servers and the search domain. The search domain is the domain name appended to all otherwise incomplete Fully Qualified Domain Names. For example, if we use internal.krypted.lan and we have a DNS record for wiki.internal.krypted.lan then we could just type wiki into Safari to bring up the wiki server. Click the minus sign button to remove any data in these fields and then click on the plus sign to enter new values. screen-shot-2016-09-28-at-10-22-02-am Click OK to save DNS settings and then OK to save each scope. Once you’ve build all required scopes, start the service. Once started, verify that a new client on the network gets an IP. Also, make sure that there are no overlapping scopes and that if you are moving a scope from one device to another (e.g. the server you’re setting up right now) that you renew all leases on client systems, most easily done using a quick reboot, or using “ipconfig /release” on a Windows computer. If you have problems with leases not renewing in OS X, check out this article I did awhile back. So far, totally easy. Each time you make a change, the change updates a few different things. First, it updates the /etc/bootpd.plist property list, which looks something like this (note the correlation between these keys and the settings in the above screen shots.: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" ""> <plist version="1.0"> <dict> <key>NetBoot</key> <dict/> <key>Subnets</key> <array> <dict> <key>allocate</key> <true/> <key>dhcp_domain_name</key> <string></string> <key>dhcp_domain_name_server</key> <array> <string></string> </array> <key>dhcp_domain_search</key> <array/> <key>dhcp_router</key> <string></string> <key>lease_max</key> <integer>3600</integer> <key>name</key> <string>192.168.210 Wi-Fi</string> <key>net_address</key> <string></string> <key>net_mask</key> <string></string> <key>net_range</key> <array> <string></string> <string></string> </array> <key>selected_port_name</key> <string>en0</string> <key>uuid</key> <string>B03BAE3C-AB79-4108-9E5E-F0ABAF32179E</string> </dict> </array> <key>allow</key> <array/> <key>bootp_enabled</key> <false/> <key>deny</key> <array/> <key>detect_other_dhcp_server</key> <false/> <key>dhcp_enabled</key> <false/> <key>old_netboot_enabled</key> <false/> <key>relay_enabled</key> <false/> <key>relay_ip_list</key> <array/> </dict> </plist> Settings from this file include:
  • dhcp_enabled – Used to enable dhcp for each network interface. Replace the <false/> immediately below with <array> <string>en0</string> </array>. For additional entries, duplice the string line and enter each from ifconfig that you’d like to use dhcp on.
  • bootp_enabled – This can be left as Disabled or set to an array of the adapters that should be enabled if you wish to use the bootp protocol in addition to dhcp. Note that the server can do both bootp and dhcp simultaneously.
  • allocate – Use the allocate key for each subnet in the Subnets array to enable each subnet once the service is enabled.
  • Subnets – Use this array to create additional scopes or subnets that you will be serving up DHCP for. To do so, copy the entry in the array and paste it immediately below the existing entry. The entry is a dictionary so copy all of the data between and including the <dict> and </dict> immediately after the <array> entry for the subnet itself.
  • lease_max and lease_min – Set these integers to the time for a client to retain its dhcp lease
  • name – If there are multiple subnet entries, this should be unique and reference a friendly name for the subnet itself.
  • net_address – The first octets of the subnet followed by a 0. For example, assuming a /24 and 172.16.25 as the first three octets the entry would be
  • net_mask – The subnet mask clients should have
  • net_range – The first entry should have the first IP in the range and the last should have the last IP in the range. For example, in the following example the addressing is to
  • dhcp_domain_name_server – There should be a string for each DNS server supplied by dhcp in this array
  • dhcp_domain_search – Each domain in the domain search field should be suppled in a string within this array, if one is needed. If not, feel free to delete the key and the array if this isn’t needed.
  • dhcp_router – This entry should contain the router or default gateway used for clients on the subnet, if there is one. If not, you can delete the key and following string entries.
If you run the serveradmin command, followed by the settings verb and then the dhcp service, you’ll see the other place that gets updated: serveradmin settings dhcp The output indicates that dhcp:static_maps = _empty_array dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:WINS_secondary_server = "" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:selected_port_name = "en0" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:dhcp_router = "" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:dhcp_domain_name_server:_array_index:0 = "" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:net_mask = "" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:WINS_NBDD_server = "" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:net_range_start = "" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:lease_max = 3600 dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:dhcp_domain_search:_array_index:0 = "internal.krypted.lan" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:descriptive_name = "192.168.210 Wi-Fi" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:WINS_primary_server = "" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:net_range_end = "" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:dhcp_ldap_url = _empty_array dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:WINS_node_type = "NOT_SET" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:net_address = "" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:dhcp_enabled = yes dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:dhcp_domain_name = "internal.krypted.lan" dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:WINS_scope_id = "" dhcp:subnet_defaults:logVerbosity = "MEDIUM" dhcp:subnet_defaults:WINS_node_type_list:_array_index:0 = "BROADCAST_B_NODE" dhcp:subnet_defaults:WINS_node_type_list:_array_index:1 = "HYBRID_H_NODE" dhcp:subnet_defaults:WINS_node_type_list:_array_index:2 = "NOT_SET" dhcp:subnet_defaults:WINS_node_type_list:_array_index:3 = "PEER_P_NODE" dhcp:subnet_defaults:WINS_node_type_list:_array_index:4 = "MIXED_M_NODE" dhcp:subnet_defaults:dhcp_domain_name = "" dhcp:subnet_defaults:WINS_node_type = "NOT_SET" dhcp:subnet_defaults:routers = _empty_dictionary dhcp:subnet_defaults:logVerbosityList:_array_index:0 = "LOW" dhcp:subnet_defaults:logVerbosityList:_array_index:1 = "MEDIUM" dhcp:subnet_defaults:logVerbosityList:_array_index:2 = "HIGH" dhcp:subnet_defaults:dhcp_domain_name_server:_array_index:0 = "" dhcp:subnet_defaults:selected_port_key = "en0" dhcp:subnet_defaults:selected_port_key_list:_array_index:0 = "bridge0" dhcp:subnet_defaults:selected_port_key_list:_array_index:1 = "en0" dhcp:subnet_defaults:selected_port_key_list:_array_index:2 = "p2p0" dhcp:subnet_defaults:selected_port_key_list:_array_index:3 = "en1" dhcp:logging_level = "MEDIUM" Notice the correlation between the uuid string in /etc/bootp.plist and the arrayid entry for each subnet/network/scope (too many terms referring to the same thing, ahhhh!). Using the serveradmin command you can configure a lot more than you can configure in the Server app gui. For example, on a dedicated DHCP server, you could increase logging level to HIGH (as root/with sudo of course): serveradmin settings dhcp:logging_level = "MEDIUM" You can also change settings within a scope. For example, if you realized that you were already using and 201 for statically assigned IPs elsewhere you can go ahead and ssh into the server and change the first IP in a scope to 202 using the following (assuming the uuid of the domain is the same as in the previous examples): serveradmin settings dhcp:subnets:_array_id:B03BAE3C-AB79-4108-9E5E-F0ABAF32179E:net_range_start = "" You can also obtain some really helpful information using the fullstatus verb with serveradmin: serveradmin fullstatus dhcp This output includes the number of active leases, path to log file (tailing that file is helpful when troubleshooting issues), static mappings (configured using the command line if needed), etc. dhcp:state = "RUNNING" dhcp:backendVersion = "10.11" dhcp:timeOfModification = "2016-10-04 04:24:17 +0000" dhcp:numDHCPActiveClients = 0 dhcp:timeOfSnapShot = "2016-10-04 04:24:19 +0000" dhcp:dhcpLeasesArray = _empty_array dhcp:logPaths:systemLog = "/var/log/system.log" dhcp:numConfiguredStaticMaps = 1 dhcp:timeServiceStarted = "2016-10-04 04:24:17 +0000" dhcp:setStateVersion = 1 dhcp:numDHCPLeases = 21 dhcp:readWriteSettingsVersion = 1 Once started, configure reservations using  the /etc/bootptab file. This file should have a column for the name of a computer, the hardware type (1), the hwaddr (the MAC address) and ipaddr for the desired IP address of each entry: %% # hostname hwtype hwaddr ipaddr bootfile a.krypted.lan 1 00:00:00:aa:bb:cc b.krypted.lan 1 00:00:00:aa:bb:cc You can start and stop the service either using the serveradmin command: serveradmin stop dhcp serveradmin start dhcp Or using the launchctl: sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/bootps.plist sudo /bin/launchctl load -w /System/Library/LaunchDaemons/bootps.plist Finally, you can define DHCP options in /etc/bootp.plist. This process isn’t necessarily support, there is no GUI control for options, and options are not as widely used with devices as they once were. However, it’s absolutely an option if needed.

October 13th, 2016

Posted In: Mac OS X Server, Network Infrastructure

Tags: , , , ,

Dropping network connections can be incredibly frustrating. And finding the source can be a challenge. Over the years, I’ve found a number of troubleshooting methods, but the intermittent drop can be the worse to troubleshoot around. When this happens, I’ve occasionally resorted to scripting around failures, and dumping information into a log file to find the issue. For example, you may find that when a network connection fails, you have a very strong signal somewhere, or that you have a very weak signal on all networks. I’ve found there are three pretty simple commands to test joining/unjoining, and using networks (beyond the standard pings or port scans on hosts). The first is the airport command, along with –disassociate. This just unjoins all networks: sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport --disassociate The second is a quick scan. Here, I’ve grep’d out the network I’m after (aka SSIDofNetwork – a very likely wireless network name), but when looking for environmental issues, you might choose to parse this into a csv and output all networks: sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -s | grep SSIDofNetwork Finally, you can join a network. You might have to escape out special characters in a password and it’s never wise to put a password into a script, etc. But, quick and dirty, this will join that SSIDofNetwork network: sudo networksetup -setairportnetwork en0 "SSIDofNetwork" mysecretpassword Anyway, loop it, invoke it however you invoke it, etc. Hope this helps someone, and if you have other tricks you’ve found helpful, feel free to throw them in the ‘ole comments!

How Users Feel About Intermittent Networking Issues

August 26th, 2016

Posted In: Mac OS X, Mac OS X Server, Mac Security, Network Infrastructure, Programming

Tags: , , , , , , ,

When I was speaking at MacADUK, I asked Tom Bridge about starting a podcast. He’s got a great voice, and I thought he’d be a great co-host. Before we were able to get to that when we got home, Adam Codega, independently of the conversation I’d had with Tom, dropped a note on Twitter to see who else might be interested in doing a Podcast. A few people responded that they’d be interested in also jumping in on a new Podcast. Over the next few weeks, decisions were made that the podcast would be hosted as a part of, the format, the hosting location, and lots of other really cool stuff. And some of us got together and recorded the first episode. And then, last night, we recorded the second episode just in time to get that into editorial before Episode 1 is released. And soooooo, episode 1 is out! It includes Tom Bridge, Emil Kausalik, Adam Codega, and myself. We also have an interview with some of the organizers from the Penn State Mac Admins conference, which I wasn’t able to sit in on, but find just fantastic. And Tom did some of the editing. Aaron Lippincott (@dials-Mavis) did a lot of work on the mastering and deserves lots of credit there (he made everyone sound way betterer). And John Kitzmiller did a lot of work on the domain and website and DNS type of stuff, as well as helping with hosting of the podcast assets as well. And Adam’s done a lot of work on the back end linking things together, so a great team effort. The next episode also features Pepijn Bruienne and Marcus Ransom (who I lovingly decided we should call the He-Man of the Mac Universe) and covers the latest iOS 9.3 release, as well as some information about the Classroom app. So stay tuned for that, but click below to give the episode a listen, or find on iTunes once it appears (and I’ll post a link to that once we can). Overall, I’m really stoked to get this thing going, and that the group has built a great system for future episodes, that should be sustainable for many, many episodes. I’m also really stoked to be able to get to work with this specific group – I’m a big fan of everyone, and I look forward to many episodes to come! So follow on Twitter at @MacAdmPodcast and feel free to let us know if you’ve done something awesome and we should mention it or interview you! Screen Shot 2016-03-28 at 10.39.29 AM

March 28th, 2016

Posted In: iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Network Infrastructure, personal

Tags: , , , , , ,

Next Page »