Tiny Deathstars of Foulness

There is a little tool in OS X called opendiff. This command can be used to bring up a quick and dirty graphical view of changes in a file. For example, if you run opendiff followed by two file names, you’ll see what’s different in the two files and what’s the same:

opendiff test test1

The result then looks as follows.

Screen Shot 2016-08-26 at 1.03.16 PM

Note that in the above screenshot, a and b are in white lines and the others are grey, as those are consistent in the two files and the c has been removed and replaced with the four lines on the left. In larger files, this is pretty useful as it provides quick insight into what is different between two files, like what changed in a script between two different versions.

August 27th, 2016

Posted In: Mac OS X, Mac OS X Server, Programming

Tags: , , , , ,

Leave a Comment

When using Apple Configurator, you can assign an existing supervision identity to be used with devices you place into supervision. To do so, first open Apple Configurator and click on Organizations.

Screen Shot 2015-10-26 at 5.05.48 PM

From Organizations, click on the plus sign (“+”).

Screen Shot 2015-10-26 at 5.05.51 PM

From the Create an Organization screen, click Next.

Screen Shot 2015-10-26 at 5.05.55 PM

When prompted to provide information about your organization, provide the name, phone, email, and/or address of the organization.

Screen Shot 2015-10-26 at 5.06.02 PM

If you are importing an identity, select “Choose an existing supervision identity” and click on Next.

Screen Shot 2015-10-26 at 5.06.06 PM

When prompted, click Choose to select the identity to use (e.g. exported from another instance of Apple Configurator or from Profile Manager).

Screen Shot 2015-10-26 at 5.06.20 PM

Click Choose when you’ve highlighted the appropriate certificate.

Screen Shot 2015-10-26 at 5.06.24 PM

Click Done.

August 23rd, 2016

Posted In: Apple Configurator, iPhone

Tags: , , , , ,

Leave a Comment

Namespace conflicts can be interesting. Especially with multiple local domains. To grab the path of a directory domain of a currently logged in user (when running as the user) using a script, you can run the following:

dscl . -read /Users/`whoami` | grep AppleMetaNodeLocation | awk '{print $2}'

You can then replace the string we’re using with grep if you’d like to pull a different attribute from the user record, you’d use the following:

dscl . -read /Users/`whoami` | grep UniqueID | awk '{print $2}'

August 22nd, 2016

Posted In: Mac OS X, Mac OS X Server, Mac Security

Tags: , , , ,

Leave a Comment

We’ve all got a box sitting around somewhere, full of cables and devices that used to blink away at us until we snuffed the life out of it all by replacing it. Some of us have 10 of those, full of tangled cables that maybe went to that one camera that we lost in 2009. Many of us remember the exact price we paid for each device in those boxes, such as that $699.99 firewall. It can be challenging to replace that device with one that costs 10% of that price, even though it’s more than ample to meet our needs. And we have a hard time imagining that after only using the thing for 6 years that it’s now out-of-date. After all, don’t I still have that one sweater I bought during my freshman year of college? Won’t I need that laptop I replaced 3 years ago?

Chances are that you should burn that sweater and send the firewall and old laptop off for recycling. Of course, always make sure that you won’t be losing some data and have a backup of anything you’re getting rid of (that stored files), but chances are that some of that old stuff is completely incompatible with modern systems. Some things you should also consider throwing out:

  • That old tape drive that has the backups from your server from 10 years ago.
  • All those cables with pins in them. These days, HDMI, Lightning, USB, and Thunderbolt has completely replaced cables that have pins that get bent. They were great when the industry was young, but if you’re tossing things out, get rid of those old things…
  • Old monitors. Yes, that 15-inch LCD cost you $500. No, you don’t have any devices that use the kind of cable that connects it to a computer.
  • Old hubs, switches, cable modems, wireless access points, and firewalls. These days, most things are wireless. If you have a bunch of old devices that connected various Ethernet-based systems sitting around, toss ‘em. If you need to buy a new one, it will be super-cheap, and putting an old one on your network is likely to cause poor performance, network-wide. Old network appliances can also conflict with the addressing used on newer devices, and can cause outages.
  • Old printers and scanners. These days, you might go months without printing, and like old cars that haven’t been driven in forever, they might require a mechanic to get working. Printers are $50 at Target. Ink costs more these days. When a printer has a problem, give it a good clean, and if the problem persists, recycle!
  • Apps that charge you a recurring fee. Yup, these don’t fit in that plastic bin with the wires, but they cost you money. Likely every month. Everything from cloud services you tested to in app purchases that are billing monthly should be reviewed and cancelled if no longer needed.

Just toss all of it out. It will feel liberating to do so, and you’ll free up those plastic bins for other more useful stuff, like those VHS tapes of the Golden Girls!

August 10th, 2016

Posted In: Articles and Books

Tags: , ,

One Comment

Apple has defined some best practices to be taken when using Profiles. Obviously these don’t cover every situation, but they cover all but edge cases and lay out a pretty good description of why you should do the things we’ve mostly figured out to do by trial and error thus far. Great job to the OS X Server documentation team!

Screen Shot 2016-08-01 at 8.23.04 AM

August 2nd, 2016

Posted In: Mac OS X Server

Tags: , , , ,

I’ve worked with a lot of organizations switching between Mobile Device Management (MDM) solutions in my career. And I’ve seen the migration projects go both really, really well, and really, really poorly. In most cases, the migration is somewhat painful no matter what you do. But in this (my first) article on the JAMF blog, I try and organize my thoughts around a few things to look out for when migrating between MDMs/MAMs, and some context/experience around those.

Screen Shot 2016-06-23 at 11.45.32 AM

June 23rd, 2016

Posted In: Articles and Books, iPhone, JAMF, Mac OS X

Tags: , , , , , ,

The seventh episode of the MacAdmins podcast is now available! This is my first time sitting out an episode, which might explain why it’s the best episode so far!

June 21st, 2016

Posted In: MacAdmins Podcast

Tags: , , , , ,

Hey Devops peeps! Got this, so just quoting and posting:

Just a reminder that the Early Bird rate for the MacDeployment Conference ends on Monday (May 16) at 23:59 MT. This applies both to the Conference day (June 16, CAD $75) as well as the Conference + Workshop days package (June 16 + 17, CAD $275). While the conference is meant to serve (and further build) the Mac Admins community in Alberta (Canada), it is open to all. Speakers include Tom Bridge, Luis Giraldo, Tim Sutton, and Teri Grossheim. For further information, visit

You should go.

May 16th, 2016

Posted In: Consulting, Mac OS X, Mac OS X Server, Mac Security, MacAdmins Podcast, Mass Deployment

Tags: , ,

May 6th, 2016

Posted In: Mac OS X, Mac OS X Server

Tags: , , , , , , ,

A number of systems require you to use complex characters in passwords and passcodes. Here is a list of characters that can be used, along with the name and the associated unicode:

  •    (Space) U+0020
  • ! (Exclamation) U+0021
  • ” (Double quotes) U+0022
  • # (Number sign) U+0023
  • $ (Dollar sign) U+0024
  • % (Percent) U+0025
  • & (Ampersand) U+0026
  • ‘  (Single quotes) U+0027
  • ( (Left parenthesis) U+0028
  • ) (Right parenthesis) U+0029
  • * (Asterisk) U+002A
  • + (Plus) U+002B
  • , (Comma) U+002C
  • – (Minus sign) U+002D
  • . (Period) U+002E
  • / (Slash) U+002F
  • : (Colon) U+003A
  • ; (Semicolon) U+003B
  • < (Less than sign) U+003C (not allowed in all systems)
  • = (Equal sign) U+003D
  • > (Greater than sign) U+003E (not allowed in all systems)
  • ? (Question) U+003F
  • @ (At sign) U+0040
  • [ (Left bracket) U+005B
  • \ (Backslash) U+005C
  • ] (Right bracket) U+005D
  • ^ (Caret) U+005E
  • _ (Underscore) U+005F
  • ` (Backtick) U+0060
  • { (Left curly bracket/brace) U+007B
  • | (Vertical bar) U+007C
  • } (Right curly bracket/brace) U+007D
  • ~ (Tilde) U+007E

April 29th, 2016

Posted In: iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , , , , , ,

Next Page »