• Mac OS X,  Mac OS X Server

    DNS: Install BIND on macOS

    The DNS service in macOS Server was simple to setup and manage. It’s a bit more manual in macOS without macOS Server. The underlying service that provides DNS is Bind. Bind will require a compiler to install, so first make sure you have the Xcode command line tools installed. To download Bind, go to ISC at https://www.isc.org/downloads/. From there, copy the installer locally and extract the tar file. Once that’s extracted, run the configure from within the extracted directory: ./configure --enable-symtable=none --infodir="/usr/share/info" --sysconfdir="/etc" --localstatedir="/var" --enable-atomic="no" --with-gssapi=yes --with-libxml2=no Next, run make: make Then run make install: make install Now download a LaunchDaemon plist (I just stole this from the org.isc.named.plist on a…

  • bash,  Mac OS X,  Mac OS X Server,  Mac Security,  Ubuntu

    Programmatically Grab Active DNS Servers On macOS

    One of my favorite things about grabbing things with scripts is just how many ways (and sometimes how needfully or needlessly convoluted you can make them) to grab the same pieces of information. For example, something as simple as what hosts you use to resolve names on a Mac. There are a number of ways to grab what DNS server a device is using in macOS. So when you’re running a script you might choose to grab DNS information one way or another, according to what you’re after. Some of this might seem more complicated than it should be. And that’s correct… resolv.conf The /etc/resolv.conf file is updated automatically to…

  • Mac OS X,  Unix

    View The Content Of Files Without Comments In Bash

    So I comment a lot of lines out in my /etc/hosts file. This usually means that I end up with a lot of cruft at the top of my file. And while I write comments into files and scripts here and there, I don’t always want to see them. So I can grep them out by piping the output of the file to grep as follows: cat /etc/hosts | grep -v "^#" You could also do the same, eliminating all lines that start with a “v” instead: cat !$ | grep -v "^v"

  • Mac OS X,  Mac Security

    Remove All User Keychains Except One in macOS

    macOS has keychains. Sometimes they’re a thing. When they are you might want to delete them. Let’s say you have an admin account. You want to keep the keychains for that account, but remove all the others. For this, you could do a shell operator to extglob. Or you could do a quick while loop as follows: ls /Users | grep -v "admin" | while read USERNAME do; rm -Rf "/Users/$USERNAME/Library/Keychains/*" done; If you borrow this, be careful.

  • Mac OS X,  Mac OS X Server,  Mac Security

    Clear Expired Shells In macOS

    Recently, I got a strange message when trying to run a command: You have exceeded the maximum number of shell sessions. I’d seen a series of commands but never really needed to use them, so I ran: shell_session_delete_expired And viola, life was good. My command run. Of course, the next time I went to close the terminal correctly using the exit command. Upon doing so, I noticed: logout Saving session… …copying shared history… …saving history…truncating history files… …completed. [Process completed] So, I opened a new shell and ran: shell_session_update And go the same result. Same with: shell_session_save Fun.

  • Mac OS X Server

    Reset an Unresponsive Server 5.2 on macOS Sierra

    The Server 5 app that installs on Sierra is great. But sometimes a change doesn’t get committed properly or has a mismatch with a certificate, and the server doesn’t respond properly… I know, you’ve been told that host name changes and IP changes are all kinds of OK at this point; “look, Charles, there’s a button!” Well, go ahead, click it. Don’t mind me, you might just be alright. But then again, you might not if you’re running Open Directory, Profile Manager, or a few other services… When it works it’s a thing of beauty. But when it doesn’t, you might be restoring some stuff from backup. But just before you…

  • Mac OS X Server

    Manage Groups In macOS Server 5.2 Running On Sierra

    There are a couple of ways to create groups in macOS Server 5.2, running on Sierra. The first is using the Server app, the second is using the Users & Groups System Preference pane and the third is using the command line. In this article we will look at creating groups in the directory service with the Server app. Once a server has been an Open Directory Master all user and group accounts created will be in the Local Network Group when created in Server app. Before that, all user and group objects are stored locally when created in Server app. Once promoted to an Open Directory server, groups are created in the Open…

  • Uncategorized

    Use The Profiles Command In Sierra

    You might be happy to note that other than the ability to interpret new payloads, the profiles command mostly stays the same in Sierra. You can still export profiles from Apple Configurator or Profile Manager (or some of the 3rd party MDM tools). You can then install profiles by just opening them and installing. Once profiles are installed on a Mac, mdmclient, a binary located in /usr/libexec will process changes such as wiping a system that has been FileVaulted (note you need to FileVault if you want to wipe an OS X Lion client computer). /System/Library/LaunchDaemons and /System/Library/LaunchAgents has a mdmclient daemon and agent respectively that start it up automatically.…

  • Mac OS X Server

    Change Xcode Log Paths In macOS Server 5.2

    The logs in Xcode Server (Server 5.2 for Sierra) by default point to /Library/Server/XcodeLogs/credserver.log. This takes all of the output from xcscredd and xcscredhandler. If you’re doing a lot of debugging then logs can be pointed to another location, such as another drive. The path to the logs is defined in the /Applications/Server.app/Contents/ServerRoot/System/Library/LogConfiguration directory. The file to edit is a standard property list, XCSCredentialServer.plist: <?xml version=”1.0″ encoding=”UTF-8″?> <!DOCTYPE plist PUBLIC “-//Apple//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd”> <plist version=”1.0″> <dict> <key>claimedFacilities</key> <array> <string>servermgrd</string> <string>servermgr-listener</string> <string>servermgr-notify</string> </array> <key>claimedSenders</key> <array> <string>servermgrd</string> <string>servermgr-listener</string> <string>servermgr-notify</string> </array> <key>logMaximumLevel</key> <string>debug</string> <key>logPath</key> <string>/Library/Server/Logs/servermgrd.log</string> </dict> </plist> Once open, look for a key called logPath. Change that to the desired path, such…

  • Mac OS X

    Capture Smaller Screenshots On Retina Displays In Sierra

    By default, screenshots are pretty big on a retina display on a Sierra machine. Like about 4 times the size they should be. I haven’t found a defaults key I can use yet to reduce them, so I’ve been using this little screenshotting app called RetinaCapture, available at https://gumroad.com/l/retinacapture. Basically, when you’re running it, you just open it up and click on the Window button. There, you can select a window to screenshot. Once you’ve selected the window, you’ll be prompted to save it somewhere with a name. I don’t love having to use any 3rd party apps for my screenshotting workflow. In fact, it bugs the crap out of me. Screens get resized…