• Articles and Books,  iPhone,  Mac OS X,  Mac OS X Server,  Mac Security

    Migrating Objects From Active Directory To Apple School Manager

    Apple School Manager is a portal used to create classes, import students, manage Managed Apple IDs, and link all these things together. You can use a Student Information System (SIS) to create these classes, import students, etc. But, only if you have a SIS with an API that Apple links to. If you don’t, you’ll need to import data using csv files. And you’ll need to import four csv files: Classes, Instructors, Staff, and of course Students. Many schools will already have this data in Active Directory or another LDAP-based solution. Here, we’ll look at getting the information out of Active Directory and into csv. The LDIFDE utility exports and imports objects from…

  • iPhone,  JAMF,  Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Casper 9.9 Now Available, Unlocking All The New Awesomeness In iOS 9.3

    Casper 9.9 has shipped! After the most thorough of testing and field enablement, JAMF has shipped Casper 9.9, with tons of new awesomeness for iOS 9.3. You now have the ability to do Lost Mode, which allows you to see where a lost device is, and allows your users the peace of mind that their privacy is protected by informing them that administrators looked at the location of a device (and you can assign a custom Lost Mode message, for example providing a reward for the return of a lost device). You can also manage a number of Notification Center features. You now have the ability to use the Classroom App…

  • iPhone,  Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    The 12 Days Of Krypted

    Merry Christmas ya’ll! On the first day of Christmas my true love gave to me one 32 gig iPad On the second day of Christmas my true love gave to me two bash one-liners On the third day of Christmas my true love gave to me three Red Hat servers On the fourth day of Christmas my true love gave to me four email blasts On the fifth day of Christmas my true love gave to me five retweets On the sixth day of Christmas my true love gave to me six regular expressions On the seventh day of Christmas my true love gave to me seven lines of perl…

  • Active Directory,  Windows Server,  Windows XP

    Use Syslog on Windows

    There are a number of tools available for using Syslog in a Windows environment. I’ll look at Snare as it’s pretty flexible and easy to configure. First download the snare installation executable from http://sourceforge.net/projects/snare. Once downloaded run the installer and simply follow all of the default options, unless you’d like to password protect the admin page, at which point choose that. Note that the admin page is by default only available to localhost. Once installed, run the “Restore Remote Access to Snare for Windows” script. Then open http://127.0.0.1:6161 and click on Network Configuration in the red sidebar. There, we can define the name that will be used in syslog (or leave…

  • Active Directory,  Windows Server

    Create a Forest Trusts In Active Directory

    Trusts in Active Directory allow objects from one Domain or Forest to access objects in another Domain or Forest and allows administrators. To setup a trust: Login with a user in the Domain Admins group if you are setting up a Domain trust or Enterprise Admins if you are setting up a Forest trust (if you cannot use an account in one of these groups, you can use an account in the Incoming Forest Trust Builders group) Open Administrative Tools Open Active Directory Domains and Trusts Right-click the name of the domain Click Properties Click on the Trust tab Click New Trust Click Next Click on the Trust Name page…

  • Active Directory,  Mass Deployment,  Windows Server,  Windows XP

    Change Active Directory Forest Mode With A Script

    Changing the Forest Mode in Active Directory can be scripted. I find this useful when regression testing such tasks in a sandbox (e.g. restore image, automate login, change mode, run tests, etc). The script is very simple. First, you’ll import he ActiveDirectory modules: Import-Module -Name ActiveDirectory Then you’ll check for the mode prior to running: Get-ADForest | Format-Table ForestMode Then you’ll change the forest and domain modes (one per line): Set-ADForestMode –Identity “krypted.com” –ForestMode Windows2008Forest Set-ADDomainMode –Identity “krypted.com” –DomainMode Windows2008Domain Then you’ll report the result: Get-ADForest | Format-Table Name , ForestMode The end result could be as simple as three lines if just testing: Import-Module -Name ActiveDirectory Set-ADForestMode –Identity “krypted.com”…

  • Active Directory,  Windows Server

    Ask PowerShell Who Hasn’t Changed Their Active Directory Passwords

    You can use PowerShell to pretty much get anything you want out of Active Directory. Let’s say you want to see when the last time a user changed their password was. You can use the Get-ADUser commandlet to obtain any attribute for a user in the Active Directory schema. To use Get-ADUser, you’ll need to define a scope. In this example, we’ll do so using the -filter option and filter for everyone, using an *. That could be a lot of data, so we’re also going to look for the property, or attribute of PasswordLastSet using the -Properties option: Get-ADUser –filter * -Properties PasswordLastSet We can then add a little…