krypted.com

Tiny Deathstars of Foulness

The JSS has the ability to upload multiple .vpptokens, and using those, you can upload separate tokens for sites and then provide App Store apps to different sites based on each having some autonomy by having their own token. This is a pretty cool feature. And using the GUI, you can see when each token expires. You can also see a list of tokens using the API. To see a full list of all the tokens, we’ll just use a basic curl command here:

curl -s -u myuser:mypassword https://kryptedjamf.jamfcloud.com/JSSResource/vppaccounts

This provides an array of output that has the number of tokens in <size> and the id of each along with their name in <id> and <name> respectively, as follows

<?xml version="1.0" encoding="UTF-8"?><vpp_accounts><size>2</size><vpp_account><id>2</id><name>test</name></vpp_account><vpp_account><id>3</id><name>test2</name></vpp_account></vpp_accounts>

Once you know the id of a token, you can pull a bunch of information about that token using the following command:

curl -s -u myuser:mypassword https://kryptedjamf.jamfcloud.com/JSSResource/vppaccounts/id/2

The output would be as follows, with the expiration_date indicated:

<?xml version="1.0" encoding="UTF-8"?><vpp_account><id>2</id><name>test</name><contact/><service_token>xxxxxxxxxxyyyyyyyyyyyzzzzzzzzzaaaaaaaabbbbbbbbbbccccccc</service_token><account_name>krypted</account_name><expiration_date>2017/06/30</expiration_date><country>US</country><apple_id/><site><id>-1</id><name>None</name></site><populate_catalog_from_vpp_content>true</populate_catalog_from_vpp_content><notify_disassociation>true</notify_disassociation></vpp_account>

Or to limit the output to just the expiration date of the token, we’ll use sed to constrain:

curl -s -u myuser:mypassword https://kryptedjamf.jamfcloud.com/JSSResource/vppaccounts/id/2 | sed -n -e 's/.*<expiration_date>\(.*\)<\/expiration_date>.*/\1/p'

The output should just be a standard date, as follows:

2017/06/30

You can then loop through the output of the vppaccounts, build an IFS array, and display the dates for each, listing sites that are about to expire. For anyone that has a lot of sites with individual tokens, this might come in handy. Enjoy.

Hat tip: I thought I’d have to do this using a database query, but it turns out that the field where the stoken  is stored contains encrypted data different than the initially encoded base64, which I showed how to decrypt at What’s Really In A VPP Token File from Apple’s VPP?. This is to keep that data private. Instead, hat tip to Christian Dooley, who figured out that this is actually available in the API instead, and therefore I didn’t have to hit the database directly to write this article.

June 30th, 2016

Posted In: JAMF

Tags: , , , , , ,

IFTTT makes the possibilities practically endless for what you can do with an Amazon Echo running Alexa. IFTTT provides workflows that connect Alexa to many of the most popular cloud services on the Internet. For example, Alexa can make a spreadsheet of all the songs you listen to using your Prime account, Email you a shopping list, sync To-Dos to Evernote, find your phone, set reminders on your phone, extend Alexa to manage your TV using Harmony, run Wink shortcuts, print files, manage a Wemo bulb (Belkin), control otherwise unsupported thermostats, control items within apps (e.g. make all your Hue lights a given color), time things (e.g. turn on the air conditioning for an hour), lock a door using an otherwise unsupported lock (e.g. with a Smarthings), do random things (e.g. assign a random color to a Hue light), interface with Google Calendar, and so much more.

Basically, if a service can interact with IFTTT using an API, then your Alexa can be made to talk to it. But first, let’s connect your Amazon Echo to IFTTT. To get started, first go to the Alexa channel on IFTTT at Amazon Alexa Channel on IFTTT.

When the page loads, click Connect.

Screen Shot 2016-05-28 at 11.01.41 PM

You’ll then be prompted to sign into IFTTT using your Amazon account. Enter your username and password and then click “Sign in using our secure server”.

Screen Shot 2016-05-28 at 11.02.05 PM

You’ll then be prompted to trust IFTTT from Amazon. Click Okay.

Screen Shot 2016-05-28 at 11.02.17 PM

Then you’ll be able to setup recipes. Let’s say you’d like to put your shopping list on a Slack channel so you can be judged even more harshly than you already are…

Screen Shot 2016-05-28 at 11.18.36 PM

Enjoy.

May 30th, 2016

Posted In: Alexa, Home Automation

Tags: , , , , , ,

My latest Huffington Post article, Twenty Cool Things You Can Do with Box is online here. It begins:

If you are looking for a secure and uncomplicated and file sharing service, you will find box.com to be a wonderful way to share files from any device. Today, it is easier than ever for businesses to operate globally regardless of how large or small they are. This is because of the digital age that makes works products easy to share or transfer. Here are twenty cool things that you can do with box.com.

Screen Shot 2016-04-01 at 9.12.58 PM

For more, click here.

 

April 1st, 2016

Posted In: Apps, cloud, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , , , , , ,

Microsoft Azure is Microsoft’s cloud services. Azure can host virtual machines and act as a location to store files. However, Azure can do much more as well, providing an Active Directory instance, provide SQL database access, work with hosted Visual Studio, host web sites or provide BizTalk services. All of these can be managed at https://manage.windowsazure.com.

windows_azure_logo6

You can also manage Windows Azure from the command line on Linux, Windows or Mac. To download command line tools, visit http://www.windowsazure.com/en-us/downloads/#cmd-line-tools. Once downloaded, run the package installer.

Screen Shot 2013-11-29 at 10.51.01 PMWhen the package is finished installing, visit /usr/local/bin where you’ll find the azure binary. Once installed, you’ll need to configure your account from the windowsazure.com site to work with your computer. To do so, log into the windowsazure.com portal.

Screen Shot 2013-12-01 at 8.25.57 PM

Once logged in, open Terminal and then use the azure command along with the account option and the download verb:

azure account download

This account downloads the .publishsettings file for the account you’re logged in as in your browser. Once downloaded, run azure with the account option and the import verb, dragging the path to your .publishsettings file from https://manage.windowsazure.com/publishsettings/index?client=xplat:

azure account import /Users/krypted/Downloads/WindowsAzure-credentials.publishsettings

The account import then completes and your user is imported into azure. Once imported, run azure with the account option and then storage list:

azure account storage list

You might not have any storage configured yet, but at this point you should see the following to indicate that the account is working:

info: No storage accounts defined
info: account storage list command OK

You can also run the azure command by itself to see some neat ascii-art (although the azure logo doesn’t really come through in this spiffy cut and paste job):

info: _ _____ _ ___ ___________________
info:        /_\  |__ / | | | _ \ __|
info: _ ___ / _ \__/ /| |_| |   / _|___ _ _
info: (___ /_/ \_\/___|\___/|_|_\___| _____)
info: (_______ _ _) _ ______ _)_ _
info: (______________ _ ) (___ _ _)
info:
info: Windows Azure: Microsoft's Cloud Platform
info:
info: Tool version 0.7.4
help:
help: Display help for a given command
help: help [options] [command]
help:
help: Open the portal in a browser
help: portal [options]
help:
help: Commands:
help: account to manage your account information and publish settings
help: config Commands to manage your local settings
help: hdinsight Commands to manage your HDInsight accounts
help: mobile Commands to manage your Mobile Services
help: network Commands to manage your Networks
help: sb Commands to manage your Service Bus configuration
help: service Commands to manage your Cloud Services
help: site Commands to manage your Web Sites
help: sql Commands to manage your SQL Server accounts
help: storage Commands to manage your Storage objects
help: vm Commands to manage your Virtual Machines
help:
help: Options:
help: -h, --help output usage information
help: -v, --version output the application version

Provided the account is working, you can then use the account, config, hdinsight, mobile, network, sb, service, site, sql, storage or vm options. Each of these can be invoked along with a -h option to show a help page. For example, to see a help page for service:

azure service -h

You can spin up resources including sites, storage containers and even virtual machines (although you might need to create templates for VMs first). As an example, let’s create a new site using the git template:

azure site create --git

Overall, there are a lot of options available in the azure command line interface. The web interface is very simple, with options in the command line interface mirroring the options in the web interface. Running and therefore scripting around these commands is straight forward. I wrote up some Amazon stuff previously at http://krypted.com/commands/amazon-s3cmd-commands, but the azure controls are really full featured and I’m really becoming a huge fan of the service itself the more I use it (which likely means I’ll post more articles on it soon).

December 2nd, 2013

Posted In: cloud, Network Infrastructure, SQL, Ubuntu, Unix, VMware, Windows Server

Tags: , , , , , , , , , , ,

Cumulus comes with a number of commands installed in /usr/local/Cumulus_Workgroup_Server. The assets can be in a shared directory location, such as an NFS mount mapped to /cumulus or /Volumes/Cumulus. But in the /usr/local/Cumulus_Workgroup_Server directory there are a number of commands that can be pretty useful. For example, the stop-admin, stop-cumulus, start-cumulus and start-admin commands can be used to restart the Cumulus using a simple ARD template:

/usr/local/Cumulus_Workgroup_Server/stop-admin.sh
/usr/local/Cumulus_Workgroup_Server/stop-cumulus.sh
sleep 30
/usr/local/Cumulus_Workgroup_Server/start-cumulus.sh
/usr/local/Cumulus_Workgroup_Server/start-admin.sh

There are others, such as status.sh, which shows size of repository, PIDs, and the time running. The repair.sh can be used to repair the database and remove-admin.sh and remove-cumulus.sh can uninstall the admin console and cumulus servers respectively (danger, Will Robinson). The install-admin.sh and install-cumulus.sh scripts can also be used to install these items respectively. The bin directory contains daemons such as cumulusd and services information/cumulusrad.

If you want to work with assets, you’ll probably need the Java SE JDK to run and then query the Tomcat server. This web application environment leverages Cumulus Java classes to provide the API that can then be scripted into various workflows, such as providing a site that queries images in the DAM and displays those matching a given pattern on a website.

Overall, the scripting that can be done without the API is service control oriented, but with the API and a little SOAP you can pretty much grab or change almost anything you need to.

September 27th, 2013

Posted In: Mac OS X, Mac OS X Server, Network Infrastructure

Tags: , , , , , , ,

Watchman Monitoring is a tool used to monitor computers. I’ve noticed recently that there’s a lot of traffic on the Watchman Monitoring email list that shows people want a great little (and by little I mean inexpensive from a compute time standpoint) monitoring tool to become a RMM (Remote Management and Monitoring) tool. The difference here is in “Management.” Many of us actually don’t want a monitoring tool to become a management tool unless we are very deliberate about what we do with it. For example, that script that takes a machine name of ‘rm -Rf /’ that some ironic hipster of a user decided to name their hard drive because, well, they can – well that script that was just supposed to run a fix permissions because that ironic jackass of a user in his v-neck with his funny hat and unkempt beard just accidentally cross-site script attacked himself and he’s now crying out of his otherwise brusque no-lense having glasses and you’re now liable for his data loss because you didn’t sanitize that computer name variable before you sent it to some script.

Since we don’t want the scurrilous attention of hipsters everywhere throwing caustic gazes at us, we’ll all continue using a standard patch management system like Casper, Absolute, Munki, FileWave, etc. Many organizations can still take value out of using Watchman Monitoring (and tools like Watchman) to trigger scripted events in their environment.

Now, before I do this I want to make something clear. I’m just showing a very basic thing here. I am assuming that people would build some middleware around something a little more complicated than curl, but given that this is a quick and dirty article, curl’s all I’m using for examples. I’m also not giving up my API key as that would be silly. Therefore, if I were using a script, I’d have two variables in here. The first would be $MACHINEID, the client/computer ID you would see in Watchman. This would be what you see in red here, when looking at an actual computer.

Screen Shot 2013-07-03 at 9.35.54 AM

The second variable is my API token. This is a special ID that you are provided from our friends at Watchman. Unless you’re very serious about building some scripts or middleware like right now, rather than bug them for it, give it a little while and it will be available in your portal. I’ve given the token $APITOKEN as my variable there.

The API, like many these days is json. This doesn’t send entire databases or even queries, but instead an expression of each variable. So, to see all of the available variables for our machine ID, we’re going to use curl (I like to add -i to see my headers) and do the following lookup:

curl -i https://318.monitoringclient.com/clients/$MACHINEID.json?auth_token=$APITOKEN

This is going to spit out a bunch of information, parsed with a comma, whereas each variable and then the contents of that variable are stored in quoted text. To delimit my results, I’m simply going to awk for a given position (using comma as my delimiter instead of the default space). In this case, machine name is what I’m after:

curl -i https://318.monitoringclient.com/clients/$MACHINEID.json?auth_token=$APITOKEN | awk -F"," '{ print $4}'

And there you go. It’s that easy. Great work by the Watchman team in making such an easy to use and standards compliant API. Because of how common json is I think integrating a number of other tools with this (kinda’ like the opposite of the Bomgar implementation they already have) is very straight forward and should allow for serious automation for those out there that are asking for it. For example, it would be very easy to say take this output and weaponize it to clear caches before bugging you:

“plugin_id”:1237,”plugin_name”:”Check Root Capacity”,”service_exit_details”:”[2013-07-01] WARNING:  92% (276GB of 297GB) exceeds the 90% usage threshold set on the root volume by about 8 GB.”

Overall, I love it when I have one more toy to play with. You can automatically inject information into asset management systems, trigger events in other systems and if need be, allow the disillusioned youth the ability to erase their own hard drives!

July 3rd, 2013

Posted In: cloud, FileMaker, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Network Infrastructure, Time Machine, Xsan

Tags: , , , , , ,

Since the early days, OS X Server has supported performing the serveradmin commands through a web interface. This interface was accessible at the address of the server followed by a colon and then 311 in a web browser. This feature was disabled by default in Mountain Lion. But fear causes hesitation, and hesitation will cause your worst fears to come true, so we’re going to turn it back on. To enable, use the following command:

sudo defaults write /Library/Preferences/com.apple.servermgrd requireUserAgent -bool false

Once done, open https://127.0.0.1:311 in a web browser, or replace 127.0.0.1 with the address of the server if accessing from another location. This is stimulating, but we’re out of here. So, authenticate to be greeted with a list of services.

Lawyers don’t surf.

At the Server Admin Modules page, each service output from `serveradmin list` appears. Clicking each produces the ability to run the commands you can supply using `serveradmin command` along with the service name. For example, to get a list of all of the connected AFP users in OS X Mountain Lion Server, run the following command:

sudo serveradmin command afp:command = getConnectedUsers

Now, to get the same list, click on the servermgr_afp.html link and then click on getConnectedUsers.

Life sure has a sick sense of humor, doesn’t it?

Click on Send Command to see the output.

Peace, through superior firepower.

You then see an XML output that shows who’s connected (since I’m on a flight right now, luckily no one is connected to mine). Now you also have a URL in the toolbar, which should look something like this:

https://127.0.0.1:311/commands/servermgr_afp?input=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22%3F%3E%0D%0A%3Cplist+version%3D%220.9%22%3E%0D%0A%3Cdict%3E%0D%0A%09%3Ckey%3Ecommand%3C%2Fkey%3E%0D%0A%09%3Cstring%3EgetConnectedUsers%3C%2Fstring%3E%0D%0A%3C%2Fdict%3E%0D%0A%3C%2Fplist%3E%0D%0A&send=Send+Command

Rad, unicode. I guess spaces aren’t really compliant in URLs. Before we look at that, let’s take a look at what we can do with these. If you follow what I write, you have probably noticed that I use curl for tinkering with URLs a lot. In many cases, this is not the right tool. But I usually start there and move on if need be. Six seconds. We’re going to be meat waffles.

Because we’re going to assume the server is using a self-signed cert that we don’t yet trust, we’re gonna’ use a -k along with curl. Then we’re going to follow that with the link. However, since we need to auth, we’re going to also go ahead and embed the username (in this case johhny) followed by a : and then the password (in this example, bodhi), followed by an @ in between the https:// and the server address, as follows:

curl -k https://johhny:bodhi@127.0.0.1:311/commands/servermgr_afp?input=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22%3F%3E%0D%0A%3Cplist+version%3D%220.9%22%3E%0D%0A%3Cdict%3E%0D%0A%09%3Ckey%3Ecommand%3C%2Fkey%3E%0D%0A%09%3Cstring%3EgetConnectedUsers%3C%2Fstring%3E%0D%0A%3C%2Fdict%3E%0D%0A%3C%2Fplist%3E%0D%0A&send=Send+Command

The output includes the afp:usersArray which shows active connections. The most interesting options, other than those for services you run in your environment, ar those under servermgr_info. Here, you can get PIDs for processes, kill PIDs, view logs, check file sizes, delete data and even reboot servers. Overall, this option has some security concerns, but provides some good insight into how the Server Admin tool worked under the hood in Mac OS X Lion Server and below while also serving as a functional option as an API for the  product, especially given that output is in XML, similar to the output of most other modern APIs.

Vaya con Dios, Brah.

August 20th, 2012

Posted In: Mac OS X Server

Tags: , , , , , , , , , , , , , , ,

These days, you can spend a lot of money buying really nice digital signage tools. And if you’re doing so, then you likely have some pretty dynamic content you’d like to load. Something that doesn’t necessarily lend itself to a dynamic content platform, but which is nice for the quick presentation that you whip up and want to use for a form of digital signage is Keynote presentations. These are inexpensive and can be played on monitors through AirPlay or directly through a Mac Mini connected to a television or big monitor. Great for a monitor in the company lobby, the hallway in the school or for subliminal messaging at the DMV to convince you that no, the guy with the forehead tat isn’t really going to shank you (srsly, metal detectors, pls).

There are a few issues there, though. First, for most uses, you need the presentation to either go on forever or need to queue up a bunch of them. Then, you need to set the presentation to automatically start when opened so that you can just open files through a script. Scripts being able to be set as login items for a default user. There are also some logistical issues with the physical hardware if it’s in public, but I’ll assume you’ve got those covered and move on to the technical details of how to do the above tasks.

To prepare a Keynote presentation, first open the Keynote, click on Inspector in the toolbar and then at the inspector click on the document icon (in the far left top corner of the inspector). Then, check the boxes for “Automatically play upon open” and “Loop slideshow”. This will automatically play the presentation and start it again when it’s done.


Then I’d use the second icon from the left on each slide to automate the transition to the next slide.


Then, the entire Keynote is automated. That part is all done within Keynote and the next part is just opening and closing Keynote from the command line. To open via ARD or another management tool, send the following command:

open /Users/admin/Desktop/Presentationname.key

Then to close Keynote and run something else:

killall Keynote

To close one presentation and immediately reopen a different presentation, merge the commands into one line:

killall Keynote; open /Users/admin/Desktop/Presentationname.key

Just make sure everything’s automated or the loop won’t run. Now, to automate events within Keynote will require clicking on things from an AppleScript or Automator workflow or using the AppleScript options for Keynote. To automate just clicking to move to another slide can be done with the following AppleScript (and sent via osascript), although it’s usually best done within Keynote:

tell application “System Events”
click
end tell

The following are all of the Keynote-specific options from Automator:

To close a single presentation, the following workflow would do the trick:

One challenge is that when you loop through different Keynote presentations, you would see the desktop of OS X and the Dock while Keynote is re-opening if you kill it off first. It should take a little less than a second. Once keynote re-opens, you see the menu for keynote for about another half second while the keynote document is opening. If I don’t close Keynote and instead just open a 2nd document then I see the Keynote menu bar for a split second while the second presentation is starting and I don’t end up seeing the actual Desktop. That would be done just by opening a second presentation from the command line. The caveat is that as you toggle between them, if you don’t kill off the Keynote application, you’ll end up starting where the other left off rather than at the beginning (which might be fine in a given workflow).

You can, if you need to kill the application, launch the screen saver first:

osascript -e 'tell application id "com.apple.ScreenSaver.Engine" to launch'

Or just in bash:

open -a /System/Library/Frameworks/ScreenSaver.framework//Versions/A/Resources/ScreenSaverEngine.app

This just fires up the screen saver to try and hide what you’re doing in the background. You can layer the three commands we’ve looked at on top of each other as a single command from ARD:

osascript -e 'tell application id "com.apple.ScreenSaver.Engine" to launch' ; killall Keynote ; open /Users/admin/Desktop/Presentationname.key

That would effectively kick off the screen saver, kill keynote while it’s hidden and then open the new presentation. The presentation would need to be transferred to the client system first, but that’s usually the easy part. You could also sleep the commands to bring up different presentations and bolt more logic in, although much of that is best left inside of Keynote itself. If you wanted to get extra crafty, in case the desktop did ever appear, you could have a fail safe of having the screen saver appear as the desktop background, which I wrote up awhile ago here. There are also various kiosk applications that do crazy things like replace the Finder or fire up kioskish (is that a word?!?!) browsers and the such, but all will likely require a little testing and massaging to get just right.

Overall, Apple products can make for pretty good signage options given how well they typically handle various graphics and connectivity, without buying 3rd party tools. You do get what you pay for, so it might be worth looking at some of those tools. Also, it’s worth noting that Rich Trouton wrote up a nice article on using AppleTV for this type of stuff here on his site. I’ve also scripted digital content delivery to Macs using Final Cut Server, CatDV and various scripting tools such as python. We’ve even gone so far as to programatically create the actual Keynote files, but that’s probably best saved for a github gist rather than a krypted.com post…

June 22nd, 2012

Posted In: Mac OS X, Mass Deployment

Tags: , , , , , , , , , , , ,

There is no Lights Out Management for a Mac mini Server (btw, am I the only one that noticed that these are now called Mac mini with Lion Server, where mini isn’t capitalized). While the Mac mini Server doesn’t have the Lights Out Management (LOM)/IPMI chips in it, there are a few things that we can control anyway. Convention would say that we’d get a NetBotz card for that spiffy APC we’ve got, which can do minor automation and even a little environmental monitoring. And there are a few other systems out there that can do similar tasks.

But I’m a home automation nerd these days. So I decided to look into whether my Vera can manage my mini Server botnet and what I might be getting or sacrificing. First, let’s define what we did with LOM. The first and most important is, when the system crashed, we rebooted the server. The second aspect was to maybe wake the thing up, with the 3rd to monitor the components of the system. Let’s look at the first, most important thing, rebooting.

I’m going to start with a Vera. The setup process for Vera is similar to that of a LinkSys, where you give the device an IP and then go a step further by signing up for the MiOS portal, used to remotely control the Vera through a secure tunnel. Then I’m going to add an appliance module to the system. Notably, I want a ground, so I’m going to add the Wayne-Dalton HA-04WD HomeSettings Outdoor Appliance Module. The device can be added to Vera pretty easily. To do so, open Vera and click on DEVICES and then on Add Devices in the subnav bar. From here, click on Add in the first row.

Then scroll down a little and click on Option 1.

The system will then scan for a device. At this point, you’ll see a screen telling you to manage the device. At this point, I just press the button on the device to pair it to the Z-wave network.

Once the device is seen by the Vera, we can go ahead and click on the Next button (by default they’re seen as light switches).

At the next screen, you’ll see a screen with a field you can type in. Here, provide a name for the device and give it a room that the device is in (if you’re using rooms). Click on Close and then Save (big red button after you click Close).

Click on the Continue button to commit the save and you should see your new device listed in All Devices.

At this point, click on the On and Off switches to turn systems on and off. From System Preferences, go to Energy Saver and then check the box for Restart automatically

We’ve now achieved the first goal, having a way to physically turn on and off a Mac mini with Lion Server. Better than LOM, we can do so using a web interface or an iOS app. While the lack of so many moving parts has reduced the need for environmental monitoring, we want to monitor the environment outside the box, the environment inside the box and whether the box has developed any human emotions. To monitor the environment outside the box, I’m using one of the many Z-wave thermostats available. I plan on replacing it with a Temperature and Humidity Sensor, so I can put a sensor right by the machine instead of just monitoring the temperature of the room. I also like the idea of seeing moisture levels, but that’s aside from the point.

Monitoring the inside of the system is really easy, since Apple has built snmp into Mac OS X and a quick snmpwalk will show me most everything I need to know about a box. For that, let’s just remove the default snmpd.conf file:

rm /etc/snmp/snmpd.conf

And then run snmpconf -i to create a new snmpd.conf file. This is interactive, so use option 1 and then choose the settings that work best for whatever monitoring software you’re using. With the loss of Lithium, I am a big fan of Nagios and Dartware’s Intermapper, but there are a number of other solutions that I would look at as well. Either way, this can be a very cumbersome aspect if you let it. Once you’ve configured snmpd.conf, restart it (assuming it’s running):

launchctl unload /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist
launchctl load -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist

Next, to wake up the server, we can use Wake on LAN (note that wake for network access is in the Energy Saver System Preference pane). We can also monitor the server’s IP address (ping/ICMP) and even activate a camera in the event that a motion sensor is tripped. I’ll look at these in a future automation article, where we’ll reboot the server automatically in the event that it goes offline and maybe even control an IR blaster to turn on the TV when status bars are running on the server (we might also hook up a coffee pot so we can stay awake while waiting for Lion to download during some upgrades). But for now, suffice it to say that at this point, we have some of what we had with LOM on an Xserve. It’s not everything and it’s not really pretty. But it works and would cost about the same as a module for that APC you’ve got sitting around, while also laying the groundwork for much more home and small office/small data center automation – and at about $25 per additional device, it’s priced pretty well all things considered.

Finally, if that snmp-based monitoring system happens to need to restart the devices, there’s also an API for Vera, documented at http://wiki.micasaverde.com/index.php/Luup_Requests. Being able to script an snmp-generated event that kicks off some kind of triggered response with a grid of devices is pretty cool, and while I hope to cover it eventually, I’m not sure exactly when I’ll end up with time, so might be awhile…

May 8th, 2012

Posted In: Home Automation, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Xsan

Tags: , , , , , , , , , , , , , , , , , ,

Next Page »