The past couple of years has forced me to rethink many of my recommendations for how you backup computers in small office and home environments. Previously, I would have said that you could use a disk attached to an Apple AirPort. But the AirPort Base Station is no longer being made. Previously, I would have said you could use Time Machine Server, a service built into macOS Server in 5.4 and below. But that service is no longer being made in macOS Server by Apple and is now found in the Sharing System Preference pane . Previously, I might have even said to use the home edition of CrashPlan, which could have backed up to their cloud and/or a home server. But that plan is no longer being offered by Code 42.
So what are we to do? Well, luckily now the offerings out there are just endless. One of those offerings is so easy, you can run out to Best Buy, return home with a WD (Western Digital) MyCloud.com drive, and be up and running in about 5 minutes. I’ll cover other options when I cover file services and Synology. But in the meantime, let’s look at setting up a WD MyCloud.com drive, account, and configuring both to work with Time Machine. Setup Your WD Hard Drive
First, we’ll setup the drive. This is pretty straight forward. Plug the ethernet cable into your network, wait for the drive to boot up, and then go to the MyHome setup page
Here, you’ll be prompted to setup a My Cloud Home account. Enter a name, email address, and password. Then click on Create Account.
You’ll then be prompted for the device you plugged in, which is discovered on the network. Click Connect.
Choose whether you want to share product improvement data. Ever since my team as a product manager I’m a huge fan of doing so, so I clicked Share.
Once that’s done, you’ll be prompted to get the desktop app. While not absolutely necessary, it’s not a bad idea. If you want the app, click Download.
Once the app is done downloading, open the directory and open the installer.
Click Install Now.
Once complete, you’ll see the menu bar. Click it and then add your device if you don’t see it by clicking on “I don’t see my device”
When prompted, enter your email address and password that you created earlier and then click on Sign In.
Next, in the notifications area for updating the software make sure to run that. There was a pretty bad vulnerability awhile back
and that will make sure you’re good. Then click on the name of your WD MyCloud Home.
Add IFTTT Alerts
I want to see when new updates, channels or options are added, so I’m going to enable that. To do so, click on Services in the sidebar. and then click on Enable for IFTTT.
Assuming the terms of service are acceptable, click “I Agree”
When prompted, choose to connect to IFTTT.
From the IFTTT site, click Connect.
Choose which options to give IFTTT for the MyCloud API.
Browse the channels and enable each that you’d like and then click “Turn on.” Mount the MyCloud Drive
Next, open a “Connect to Server” dialog box (Command-K from the Finder) and click on Browse.
Click on the MyCloud-XXX where XXX is the identifier for your MyCloud account.
Click on the timemachinebackup folder.
The folder should initially be empty. Now let’s open the Time Machine System Preference pane.
Click on “Select Backup Disk…”Choose Your MyDisk From Time Machine
Choose the TimeMachineBackup directory for the MyCloud Device and click on “Use Disk.”
You’ll then want to create a user for backing up. To do so, go back to the mycloud.com site and click on settings. Then click on “Add user…” and enter an email address.
The email address will get an email to setup an account. Do so and then once you’ve configured the user, enter the email address and password when prompted.
Now wait for the first backup to finish. If you ever see any errors, check them; otherwise, you should backup to the device as with a locally attached drive, but you won’t need to plug directly into the drive to run backups.Conclusion
This doesn’t solve for a lot of use cases that Time Machine Server would have been better for. But it’s a simple task that should cost you a little over a hundred bucks and get you backing up. I’m still a fan of cloud services. Backblaze, Carbonite, and others will backup your data for an annual fee of a little less than what a MyDrive costs. I’ll cover those in later articles, but for now, you’ve got a backup on your network, which even if you use one of those services is a great option in the event of hardware failure, as you can quickly get back up and running with a full system restore!
krypted March 12th, 2018
Posted In: Mac OS X, Network Infrastructure
app, Apple, backup, macos, mycloud, wd, wd mycloud
The Server app that installs on High Sierra is great. But sometimes a change doesn’t get committed properly or has a mismatch with a certificate, and the server doesn’t respond properly… I know, you’ve been told that host name changes and IP changes are all kinds of OK at this point; “look, Charles, there’s a button!” Well, go ahead, click it. Don’t mind me, you might just be alright. But then again, you might not if you’re running Open Directory, Profile Manager, or a few other services… When it works it’s a thing of beauty. But when it doesn’t, you might be restoring some stuff from backup. But just before you do that restore, let’s try one more thing. Let’s try and rebuild some certificates and configuration settings that shouldn’t impact actual service operation. Let’s try to reset the Server app and let a fresh install of the Server see if it can fix issues.
Now, I want to be clear, this is usually the last resort before restoring a backup. I’ve had a lot of luck with services remaining functional and preserving settings when I do this, but don’t expect that to be the case every time. Basically, we’re going to do what we looked at doing back in ’09 with AppleSetupDone but one designed just for servers, so the file is in the same place (/var/db) and called .ServerSetupDone. To remove it, close Server app and run the following command:
sudo rm /var/db/.ServerSetupDone
Once removed, open the Server app again and then let the Server app run as though it’s new. Cruft, begone! Make sure to check things like server logs in the event that the service goes unresponsive again, and be wary of performing this step multiple times as there’s likely another underlying issue that you shouldn’t be resetting the server to resolve.
krypted September 26th, 2017
Posted In: Mac OS X Server
app, macos server, not responding, reset unresponsive server app, spinning pinwheel
The codesign command is used to sign apps and check the signature of apps. Apps need to be signed more and more and more these days. So, you might need to loop through your apps and verify that they’re signed. You might also choose to stop trusting given signing authorities if one is compromised. To check signing authorities, you can use
codesign -dv --verbose=4 /Applications/Firefox.app/ 2>&1 | sed -n '/Authority/p'
The options in the above command:
- -d is used to display information about the app (as opposed to a -s which would actually sign the app)
- -v increases the verbosity level (without the v’s we won’t see the signing “Authority”)
- –verbose=4 indicates the level of verbosity
- 2>&1 redirects stderr to stdout
- /Applications/Firefox.app/ – the path to the app we’re checking (or signing if you’re signing)
Then we pipe the output into a simple sed and get the signing chain. Or don’t. For example, if you’re scripting don’t forget a sanity check for whether an object isn’t signed. For example, if we just run the following for a non-signed app:
codesign -dv --verbose=4 /Applications/Utilities/XQuartz.app/
The output would be as follows:
/Applications/Utilities/XQuartz.app/: code object is not signed at all
krypted January 12th, 2017
Posted In: Apps, Mac OS X, Mac OS X Server
app, Apple, check app signatures, codesign, MAC, productsign, signing, who signed my app
I don’t like hunting through multiple apps to turn off a light in my house. Therefore, I’ve been trying to get everything centralized in the Wink app. When it comes to managing Philips Hue lights, the Wink can turn them on and off, as well as change the percentage that a bulb is lit, acting as a dimmer.
Philips Hue lights run through a bridge, known as the Hue Bridge. This device bridges the Wi-fi network and allows the Philips Hue app to control your lights. Once your Hue lights are configured, open the Wink app and tap on Add a Product.
At the Add a Product screen, tap on Lights.
At the Lights screen, tap on Hue Lights.
At the Philips Lights screen, tap on Next.
At the next screen, tap on Sign In.
At the Link Account screen, enter the email address and password and then tap on Log in.
At the Welcome screen, tap on Yes.
At the next screen, tap on Connect Now
Tap on the only button on the Hue Bridge.
Once the Wink app can communicate with the Hue bridge, tap on the Done button.
The lights that are running through your Hue Bridge will then be displayed in the Lights screen.
You can organize your lights into Groups. For example, if you have multiple bulbs in a single room, you might choose to group them together. To do so, tap on New Group.
Provide a name for your new group and check the box for each light to add to the group.
The app has then been setup and you can control your lights.
krypted July 8th, 2016
Posted In: Alexa, Home Automation
alexa, app, hue bridge, ios, lighting control, philips hue lights
The practical uses of Wearables and Home Automation never cease to amaze me. I recently added a Kinsa thermometer to my collection of useful toys. This little device uses the 1/8th inch jack like the original Jawbone did. It works like a regular thermometer, but displays temperature on an app that runs on the iPhone. It’s simple to setup and once setup, works the same as any other thermometer.
Due to the power of the Internets, you can then select symptoms and check for common ailments that match.
You can also look at your history, tracking the rise and fall of your temperature.
Overall, a cool little device and a cool little app.
krypted July 4th, 2016
Posted In: Home Automation, iPhone, Wearable Technology
app, history, iPhone, temperature
One of those fun things that Alexa can do is set alarms for you. I usually sleep around 4 or 5 hours a night, so no amount of alarms is enough to roust me out of bed. Therefore, adding Alexa on my Amazon Echo to the extensive list of alarms I have around my house is welcome. Let’s look at some things you can tell Alexa to do for ya’, when it comes to alarms. First, let’s set an alarm for noon:
“Alexa, set an alarm for noon tomorrow.”
Alexa will then repeat back the alarm she just configured. Now, let’s setup a repeating alarm for every Tuesday morning at 6am:
“Alexa, set an alarm for every Tuesday at 6am.”
Now, let’s check a list of all the alarms running on your Amazon Echo account:
“Alexa, list my alarms.”
If an alarm for tomorrow is at 11am, we can then delete it using:
“Alexa, delete the 11am alarm for tomorrow”
To snooze an alarm, just say:
You can also ask about what alarms you have for a given day. So that alarm we set for Tuesday…
“What alarms do I have for Tuesday?”
Or to ask about which ones that repeat:
“What repeating alarms do I have?”
Alexa then lists your repeating alarms.
To delete an alarm, change the sound, or set the volume, use either the Alexa app or use http://alexa.amazon.com and click on Timers & Alarms. Then click on “Manage alarm volume and default sound”.
Let’s say we wanted to explore alarms. click on Alarm and then (as seen) click on the alarm you’d like to hear a sample.
You can also configure timers. So if you’re cooking some salmon, you might say:
“Alexa, set a timer for 20 minutes”
You can also use the web interface or app to pause, cancel, or stop timers.
krypted May 29th, 2016
Posted In: Alexa, Home Automation
alarms, alexa, amazon echo, app, configure alarm, configure voices for alarms, repeating, set alarm, set timer, sounds
The LDIFDE utility exports and imports objects from and to Active Directory using the ldif format, which is kinda’ like csv when it gets really drunk and can’t stay on one line. Luckily, ldif can’t drive. Actually, each attribute/field is on a line (which allows for arrays) and an empty line starts the next record. Which can make for a pretty messy looking file the first time you look at one. The csvde command can be used to export data into the csv format instead. In it’s simplest form the ldifde command can be used to export AD objects just using a -f option to specify the location (the working directory that we’re running the ldifde command from if using powershell to do so or remove .\ if using a standard command prompt):
ldifde -f .\ADExport.ldf
This exports all attributes of all objects, which overlap with many in a target Active Directory and so can’t be imported. Therefore, you have to limit the scope of what you’re exporting, which you can do in a few ways. The first is to only export a given OU. To limit, you’ll define a dn with a -d flag followed by the actual dn of the OU you’re exporting and then you’d add a -p for subtree. In the following example we’ll export all of the objects from the sales OU to the SalesOUExport.ldf file:
ldifde -d "OU=sales,DC=krypted,DC=local" -p subtree -f .\SalesOUExport.ldf
Restoring objects still results in an error that the server is “Unwilling To Perform” the import because “The modification was not permitted for security reasons.” Basically, this just means “hey I’m not going to import into some of the fields that I know I have to reserve for objects managed by the system, such as creation date (whencreated), last changed date (whenchanged), etc. So we can take some of these and omit them from our export. You can use ADMT or just look at an ldif or csv file to determine which attributes from the schema that you think need to be omitted, but at a minimum it should include objectguid, uSNCreated, uSNChanged, whencreated and when changed (and a lot of the Exchange attributes if you’ve extended the schema for your forest). To omit use the -o and enclose the omitted attributes in parenthesis. In the following example, we’ll export to the SalesOUExportO.ldf file, and add the -o flag to the previous command:
ldifde -d "OU=sales,DC=krypted,DC=local" -p subtree -o "objectguid,uSNCreated,uSNChanged,whencreated,whenchanged" -f .\SalesOUExportO.ldf
You can also omit using the -m flag, which includes only the essential attributes, so we’ll add that to the command as well:
ldifde -d "OU=sales,DC=krypted,DC=local" -p subtree -o "objectguid,uSNCreated,uSNChanged,whencreated,whenchanged" -m -f .\SalesOUExportO.ldf
Use the -l option to limit the attributes being exported to only those specified.
The -r option restricts the export to a given category or class. For example, if we only wanted to export users, we can restrict to objectClass-User
ldifde -d "OU=sales,DC=krypted,DC=local" -p subtree -r "(objectClass=user)" -o "objectguid,uSNCreated,uSNChanged,whencreated,whenchanged" -m -f .\SalesOUExportOM.ldf
Now I’m feeling like we have a good restricted set of data that we’re moving. Let’s go ahead and give importing a shot on a target server. To do so, we’ll just use -i to specify this is an import, followed by -k to say “don’t stop if you have a problem with just one record”, -f to define a file and -j to write a log. We’ll use the working directory for the file path and the log path, assuming this is being done by calling the .exe from within powershell:
ldifde -i -k -f .\SalesOUExportOM.ldf -j .\
Once complete, the exported objects should appear once you close and re-open Active Directory Users and Computers. You can also export one object, then programmatically create objects in an ldif file as needed by importing them into Active Directory using ldifde.
krypted February 27th, 2016
Posted In: Active Directory
app, Apple, Classroom management, csv, Import Records Into Apple School Manager, ios, ldif, MAC, os x
SQL constraints the data that can be in a table. A violation of a constraint causes an action to be aborted. Constraints can be defined upon creation or using the ALTER TABLE statement once created. The general syntax of a CREATE (or use ALTER instead of CREATE) when defining constraints is as follows:
CREATE TABLE tablename
columnname datatype(size) constraintname,
columnname datatype(size) constraintname,
columnname datatype(size) constraintname,
columnname datatype(size) constraint name,
columnname datatype(size) constraint name,
Obviously, replace columnname with the name of each of your column, datatype with the types of data your column contains and constraint name with the constraint you wish to use. You have the following constraints available:
- CHECK: Verify that values meet the defined condition
- DEFAULT: Sets a default value for new rows in a column
- FOREIGN KEY: Verify referential integrity of data in a table to match values in another
- NOT NULL – Columns cannot store a NULL value (be empty)
- PRIMARY KEY – Columns cannot store a NULL value AND values in rows must be unique
- UNIQUE – Each row in a column must be unique
For example, the NOT NULL constraint would be defined as follows:
CREATE TABLE testingnotnull
telephonenumber int NOT NULL,
If you have an app sitting in front of a database, then use these with caution, as if SQL just terminates an operation your app might have unexpected integrity issues.
krypted February 21st, 2016
Posted In: SQL
app, check, create table, default, MySQL, not null, SQL, statement, unique, webapp
How secure is your data on Bushel? Your data on anything is only ever as secure as your password. At Bushel, we take a lot of precautions to protect your data, including from ourselves. We time out your session, we encrypt your session on a per-transaction basis, and we encrypt your data while at rest on our servers (although consider it like the secure enclave in iOS, where we encrypt the data that needs to be encrypted – such as FileVault keys and activation lock bypass information). These basic precautions keep your communication with Bushel secure and prevent people from doing things like hijacking your session.
Read My Article On How Bushel Protects Customer Data On The Bushel Blog
krypted August 19th, 2015
Posted In: Bushel, iPhone, JAMF
app, Blog, bushel, iPad, iPhone, protecting customer data, SaaS
Next Page »
The Apple Watch is just another wearable with a limited feature set. In much the same way that the iPhone is just another phone. But they’re not. They have apps. And the apps are what make these devices so powerful. Installing apps on an Apple Watch is pretty straight forward. But before we do, it’s worth mentioning that there are two types. the first is a glance. This is just another view for an app that is on your iPhone that the Apple Watch talks to. The second is an actual app. These have more functionality and more options. There are also built-in apps that can be shown or hidden.
Apps are managed from the phone. To install either type of app, simply open the Apple Watch app on your phone. From there, you will see any apps that have either an app or a glance available on a device.
Tap on an entry and you’ll see whatever is available for that app. New apps aren’t displayed on your Apple Watch. Use the slider to control whether it is displayed or not.
Some apps have more options. If so, tap on the app and enable those options if needed. When you enable these apps, you’ll see the icon start loading on the watch, in much the same way that an icon starts to load on a phone when you purchase the app from the App Store.
Also, some apps, when you download an update to the app, will even prompt you to install a glance for the app on your phone.
The apps show up on right side of the default apps on the watch.
Here’s the Nike app. This app only works properly when you open the app on the phone. It sits at a loading screen and only opens when the app on the phone opens. When it shows up, you can then do whatever the app is built to do. In this case, start and stop runs.
That’s it. Straight forward. Just be patient. Takes awhile for Apple Watches to communicate with phones and to move data back and forth between them.
krypted May 14th, 2015
Posted In: Apple Watch
app, Apple, apple watch, Bluetooth, communicate, howto