It can be tough to get information about larger Mac deployments. I’ve written a few books on it. Apple has built some pages on it. But many prefer to consume their content through video. As such, Sean Collins has teamed up with Lynda.com to put together an IT Administrator’s Guide for El Capitan. With topics ranging from SIP to DEP, and all the acronyms in the middle, Sean’s soothing voice will guide you through what you need to get started with a new Mac deployment. Many a job can seem daunting, but with this latest addition to our arsenal, you’ll instantly feel less intimidated. It’s like the Sun A of…
-
-
My El Capitan Enterprise Mac Security Book Now Shipping
If you’re interested in Mac Security, the next edition of my Enterprise Mac Security book is now shipping. You can get it here http://www.amazon.com/Enterprise-Mac-Security-OS/dp/148421711X. The book is shipping from 3rd party sellers, but should ship directly from Amazon soon at the regular price. I don’t usually know exactly when, but it should also appear for Kindle and on the Apple Books store as well. Hope you enjoy!
-
Create Crypt Password Hashes
Linux and OS X come with the makekey command installed, usually in /usr/libexec/makekey. You can use this binary to create /etc/passwd file entries of hashed passwords. To use the command, simply pipe some text into the command. Here, we’ll echo testpassword into makekey: echo testpassword | /usr/libexec/makekey And we’ll get a simple output, such as: woNH11o4mqvAc There are certainly other ways to do something like this, but when writing a script you may use in either a Linux or OS X environment, this is one place where you should have a modicum of success crossing platforms.
-
Securely Erase Freespace and Volumes In OS X Without Disk Utility
One of the options thats a tad bit hidden in OS X is the Secure Erase option, which runs a multi-pass erase on a volume. Additionally, there’s no option to Secure Erase free space on a volume. But you can still securely erase whatever you’d like (other than you boot volume obviously), when needed. To do so, use the diskutil command along with the secureErase option. The format of the command to secureErase freespace is: diskutil secureErase freespace [level] [device] The levels are as follows (per the man page as not all of these are specified in Disk Utility): Single-pass zero-fill erase Single-pass random-fill erase US DoD 7-pass secure erase…
-
Disable .dsstore Files On USB Drives
Long ago, I did an article on disabling those pesky files that show up for Windows computers but not Macs on network volumes when you browse folders. These are metadata files and have a number of uses. But if you have a lot of files in a folder on a USB drive or if you move the USB drive to a Windows computer, you might not want .dsstore or metadata files on USB drives either. To disable, use the following command, which writes a DSDontWriteUSBStores boolean key into com.apple.desktopservices: defaults write com.apple.desktopservices DSDontWriteUSBStores -bool true
-
Enable The Built-In Web Server In OS X
OS X has a built-in web server called Apache. It’s been there for a long, long time. Once upon a time, you could enable web sharing using System Preferences. This is no longer a feature in the Sharing System Preference pane, but you can actually enable it quicker than you could before. To do so, we’ll use apachectl: /usr/sbin/apachectl start To then stop the web server: /usr/sbin/apachectl stop To see the apache status: /usr/sbin/apachectl status Or: /usr/sbin/apachectl fullstatus The default site is stored in /Library/WebServer/Documents. You can then edit this there, or replace the index.html.en file with a file/hierarchy that you wish to have. Enjoy.
-
Bash: Check That A Script Is Running As Root
Pretty much every script I’m working on these days must be run as root. Checking what user is running something is pretty straight forward, as there’s a built-in shell variable for $USER that contains the user running a script. To see this real quick, simply run the following: echo $USER You can then put this into your scripts. I’ve been using the same block of code for decades, which can be run in a script by itself if you’d like to paste this into one. if [[ $USER != "root" ]]; then echo "This script must be run as root" else echo "You are root" exit 1 fi Note: Keep in mind…
-
Troubleshoot Spotlight Indexing Issues Using mddiagnose
Spotlight just kinda’ works. Except when it doesn’t. Which is luckily pretty rare, for the use cases that Spotlight was designed for. But when it doesn’t work, you have a few tools that I’ve highlighted over the years to help you out, including articles on shared volumes, manually indexing, disabling Spotlight, and a few others. But what if you need to go in more depth to isolate an issue? For this, Apple has provided us with a tool called mddiagnose, in /usr/bin. In the following command, we’ll run an mddiagnose to dump a bunch of system statistics that we can then look at. Here, we’ll do that to a folder…
-
Add Another Partition To Your Mac
By default, most computers come with one partition and one volume on that partition. Well, in OS X there’s also a recovery partition, but that’s hidden so we’ll pretend like there’s just one. You can create additional volumes, which are useful for a number of different scenarios. The operation of creating partitions usually involves resizing a partition. That can be somewhat dangerous, so make sure to backup your Mac before doing so. To create an additional partition (and by default an HFS+ filesystem on that partition), first open Disk Utility from /Applications/Utilities. Note that by default, the boot volume is highlighted. You can’t create a partition inside a volume or…
-
Author Pages on Take Control Books
Now there are author pages on Take Control Books. While it only shows the 10.10 version of the OS X Server book, check out https://www.takecontrolbooks.com/catalog/author/charles-edge for mine. Soon, you should see the 10.11 version.