krypted.com

Tiny Deathstars of Foulness

macOS Server 5.4, running on High Sierra, comes with a number of alerts that can be sent to administrators via servermgrd and configured since the 5th version of the Server app. To configure alerts on the server, open the Server app and then click on Alerts in the Server app sidebar.



Next, click on the Delivery tab.

 

At the Delivery screen, click on the Edit button for Email Addresses and enter every email address that should receive alerts sent from the server. Then click on the Edit button for Push Notifications. Here, check the box for each administrator of the server. The email address on file for the user then receives push notifications of events from the server.


 

Then, check the boxes for Email and Push for each of the alerts you want to receive (you don’t have to check both for each entry). Alerts have changed in macOS Server, they are no longer based on the SMART status of drives or capacity; instead Delivery is now based on service settings.

September 27th, 2017

Posted In: Mac OS X Server

Tags: , , , ,

macOS Server 5.2, running on Sierra, comes with a few new alerting options previously unavailable in versions of OS X. The alerts are sent to administrators via servermgrd and configured in the 5th version of the Server app. To configure alerts on the server, open the Server app and then click on Alerts in the Server app sidebar. Next, click on the Delivery tab. screen-shot-2016-09-25-at-11-37-02-pm At the Delivery screen, click on the Edit button for Email Addresses and enter every email address that should receive alerts sent from the server. Then click on the Edit button for Push Notifications. Here, check the box for each administrator of the server. The email address on file for the user then receives push notifications of events from the server. screen-shot-2016-09-25-at-11-38-07-pm
Click on OK when you’ve configured all of the appropriate administrators for alerting. Click on the Edit… button for Push and if Push notifications are not already enabled you will run through the Push Notification configuration wizard. screen-shot-2016-09-25-at-11-38-54-pm Then, check the boxes for Email and Push for each of the alerts you want to receive (you don’t have to check both for each entry). Alerts have changed in macOS Server, they are no longer based on the SMART status of drives or capacity; instead Delivery is now based on service settings.
Finally, as with previous versions of macOS Server, snmp is built in. The configuration file for which is located in the /private/etc/snmp/snmpd.conf and the built-in LaunchDaemon is org.net-snmp.snmpd, where the actual binary being called is /usr/sbin/snmpd (and by default it’s called with a -f option). Once started, the default community name should be COMMUNITY (easily changed in the conf file) and to test, use the following command from a client (the client is 192.168.210.99 in the following example): snmpwalk -On -v 1 -c COMMUNITY 192.168.210.99

October 9th, 2016

Posted In: Mac OS X, Mac OS X Server, Mac Security

Tags: , , , , , ,

The jamfHelper binary is used to deploy an alert to client computers that are enrolled in the JSS. This can be a full screen alert with headings, icons, text, and countdowns. This could also just be a small utility window that informs a user that something was installed. You can do similar tasks with push notifications, but I find that a lot of times an APNs update will disappear before someone can click on it. Therefore, we can use the jamfHelper binary to send alert screens in OS X. We’ll go through a couple of minor examples here. The first is to send a window called KRYPTED that is full screen, with test as the text and “test heading” as a larger bolded heading. Here, we’ll use -title to send a title to the screen, -windowType to set the type as fs, -description for our text payload and finally -heading for the heading on the screen: /Library/Application\ Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -title "KRYPTED" -windowType fs -description "test" -heading "test heading" We called the helper using the full path to the jamfHelper binary, located at /Library/Application\ Support/JAMF/bin/jamfHelper.app/Contents/MacOS/. You might have this stored elsewhere. We also quoted our title, description, and heading. Doing so allows us to use more than one word. I find that I frequently expand variables in this command, so make sure to expand them properly. The second example we’ll run through is using a little utility window (more similar to a push notifications screen than many of the others). This is a small screen, with a location that you can easily control. Notice that the above command was full screen, so you couldn’t see the title. Here, we’ll display a title and then just a little quick text that says “Firefox is now on your computer” /Library/Application\ Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -title "Firefox" -windowType hud -description "Firefox" -description "Firefox is now on your computer" Which results in a screen that looks like this. Screen Shot 2015-12-07 at 11.10.31 AM If you used the hud windowType instead of utility in the above command, your screen would look as follows. Screen Shot 2015-12-07 at 11.10.50 AM There are other ways to do things like this (e.g. bighonkintext), but if you use Casper, this is integrated, requires no other languages (e.g. python), and is simple. Enjoy!

December 8th, 2015

Posted In: JAMF, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , ,

The Server app, when run on OS X Yosemite, comes with a few new alerting options previously unavailable in versions of OS X. The alerts are sent to administrators via servermgrd and configured in the Server app (Server 3.5). To configure alerts in Yosemite Server, open the Server app and then click on Alerts in the Server app sidebar. Next, click on the Delivery tab. Alerts1 At the Delivery screen, click on the Edit button for Email Addresses and enter every email address that should receive alerts sent from the server. Then click on the Edit button for Push Notifications. Here, check the box for each administrator of the server. The email address on file for the user then receives push notifications of events from the server. Alerts2 Click on OK when you’ve configured all of the appropriate administrators for alerting. Click on the Edit… button for Push and if Push notifications are not already enabled you will run through the Push Notification configuration wizard. Alerts3 Then, check the boxes for Email and Push for each of the alerts you want to receive (you don’t have to check both for each entry). Alerts have changed in OS X Server, they are no longer based on the SMART status of drives or capacity; instead Delivery is now based on service settings. Finally, as with previous versions of OS X Server, Mavericks Server has snmp built in. The configuration file for which is located in the /private/etc/snmp/snmpd.conf and the built-in LaunchDaemon is org.net-snmp.snmpd, where the actual binary being called is /usr/sbin/snmpd (and by default it’s called with a -f option). Once started, the default community name should be COMMUNITY (easily changed in the conf file) and to test, use the following command from a client (the client is 192.168.210.99 in the following example): snmpwalk -On -v 1 -c COMMUNITY 192.168.210.99

October 17th, 2014

Posted In: Mac OS X, Mac OS X Server

Tags: , , , , , ,

Mavericks Server comes with a few new alerting options previously unavailable in versions of OS X. The alerts are sent to administrators via servermgrd and configured in the Server app (Server 3). To configure alerts in Mavericks Server, open the Server app and then click on Alerts in the Server app sidebar. Next, click on the Delivery tab. Screen Shot 2013-10-04 at 8.30.47 PM At the Delivery screen, click on the Edit button for Email Addresses and enter every email address that should receive alerts sent from the server. Then click on the Edit button for Push Notifications. Here, check the box for each administrator of the server. The email address on file for the user then receives push notifications of events from the server. Screen Shot 2013-10-04 at 8.29.40 PM
Click on OK when you’ve configured all of the appropriate administrators for alerting. Click on the Edit… button for Push and if Push notifications are not already enabled you will run through the Push Notification configuration wizard. Screen Shot 2013-10-04 at 8.40.33 PM Then, check the boxes for Email and Push for each of the alerts you want to receive (you don’t have to check both for each entry). Alerts have changed in OS X Server, they are no longer based on the SMART status of drives or capacity; instead Delivery is now based on service settings.
Finally, as with previous versions of OS X Server, Mavericks Server has snmp built in. The configuration file for which is located in the /private/etc/snmp/snmpd.conf and the built-in LaunchDaemon is org.net-snmp.snmpd, where the actual binary being called is /usr/sbin/snmpd (and by default it’s called with a -f option). Once started, the default community name should be COMMUNITY (easily changed in the conf file) and to test, use the following command from a client (the client is 192.168.210.99 in the following example): snmpwalk -On -v 1 -c COMMUNITY 192.168.210.99

October 23rd, 2013

Posted In: Mac OS X Server

Tags: , , , , , , , , , , , ,

Mountain Lion Server comes with a few new alerting options previously unavailable in versions of OS X. The alerts are sent to administrators via servermgrd and configured in the Server app. To configure alerts in Mountain Lion Server, open the Server app and then click on Alerts in the Server app sidebar. Next, click on the Delivery tab. At the Delivery screen, click on the Edit button for Email Addresses and enter every email address that should receive alerts sent from the server. Then click on the Edit button for Push Notifications. Here, check the box for each administrator of the server. The email address on file for the user then receives push notifications of events from the server. Click on OK when you’ve configured all of the appropriate administrators for alerting. Then, check the boxes for Email and Push for each of the alerts you want to receive (you don’t have to check both for each entry). Options include:
  • Certificate expiration: One of the certificates installed on the system (including Push) will expire soon and needs to be updated.
  • Disk unreachable: A disk that was mounted on the server is no longer available (you will get these when you rotate offsite backup hard drives if using spinning or solid state disks)
  • S.M.A.R.T. status: A disk has an error with its S.M.A.R.T. What this really means usually is that it would be very smart to replace the disk that’s likely to fail soon
  • Disk space: The server is running out of hard drive space
  • Mail storage quota: A violation to the mail quota is exceeded
  • Virus detected: A virus was detected on the server
  • Network configuration change: The port state of the server changed, an IP address changed, etc.
  • Software updates: There are software updates available to be installed on the server computer
Some of these settings can be configured a little more granularly. For example, by default the disk space alert is sent when there is only 5% of the free space available on the server. To increase this to 10, edit the serveradmin settings to swap info:notifications:diskFull:freeSpaceThreshold with 10 rather than 5: sudo serveradmin settings info:notifications:diskFull:freeSpaceThreshold = 10 To see a list of all notifications options run: sudo serveradmin settings info:notifications Which provides the following: info:notifications:certificateExpiration:active = no info:notifications:certificateExpiration:who = _empty_array info:notifications:suAvailable:active = no info:notifications:suAvailable:who = _empty_array info:notifications:diskFull:active = no info:notifications:diskFull:who = _empty_array info:notifications:diskFull:freeSpaceThreshold = 5 Finally, as with previous versions of OS X Server, Mountain Lion Server has snmp built in. The configuration file for which is located in the /private/etc/snmp/snmpd.conf and the built-in LaunchDaemon is org.net-snmp.snmpd, where the actual binary being called is /usr/sbin/snmpd (and by default it’s called with a -f option). Once started, the default community name should be COMMUNITY (easily changed in the conf file) and to test, use the following command from a client (the client is 192.168.210.99 in the following example): snmpwalk -On -v 1 -c COMMUNITY 192.168.210.99

August 4th, 2012

Posted In: Mac OS X, Mac OS X Server, Mac Security

Tags: , , , , , , , , ,