Export macOS Server DataWe’re not going to import this, as it only takes a few seconds to configure new settings. Additionally, if you have outstanding services built on macOS Server, you might be able to pull this off without touching client systems. First, let’s grab which protocols are enabled, running the following from Terminal: sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:enabled sudo serveradmin settings vpn:Servers:com.apple.ppp.l2tp:enabled Next, we’ll get the the IP ranges used so we can mimic those (or change them) in the new service: sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:IPv4:DestAddressRanges Now let’s grab the DNS servers handed out so those can be recreated: sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:DNS:OfferedServerAddresses:_array_indexsudo serveradmin settings vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index Finally, if you’re using…
-
-
Replace the Web Services in macOS Server with MAMP Pro
In an earlier article, I mentioned that MAMP Pro was still the best native GUI for managing web services on the Mac, now that macOS Server will no longer serve up those patchy services. After we cover the management in this article, you’ll likely understand why it comes it at $59. So you’ve installed MAMP. And you need more than the few basic buttons available there. So MAMP Pro came with it and you can try it for a couple of weeks for free. When you open MAMP Pro, you’ll see a screen where you can perform a number of management tasks. This is a more traditional side-bar-driven screen that…
-
Getting Started with Autopkgr
Autopkgr is basically a small app that allows you to select some repositories of recipes and then watch and run them when they update. It’s a 5 minute or less installation, and at its simplest will put software packages into a folder of your choosing so you can test/upload/scope to users. Or you can integrate it with 3rd party tools like Munki, FileWave, or Jamf using the JSSImporter. Then if you exceed what it can do you can also dig under the hood and use Autopkg itself. It’s an app, and so it needs to run on a Mac. Preferably one that doesn’t do much else. Installing Autopkgr You can…
-
Using sysadminctl on macOS
macOS 10.13 brings changes to sysadminctl. You know those dscl scripts we used to use to create users? No longer supposed to be necessary (luckily they do still work). Now you can create a user with a one-liner, and do other forms of user management, such as enabling FileVault for a given user, or managing the guest accounts. However, you can’t do these tasks as root or via sudo. You have to do so with other admin accounts per Apple kbase HT208171 (in fact, this article has been in my queue waiting for that issue to be fixed – but keep in mind I’m not prefacing these with sudo in the below…
-
Check the EFI Version of a Mac
I’d written an efi version checker. But the lovely Andrew Seago texted me one that’s better than mine. So I present it here: current_efi_version=`/usr/libexec/efiupdater | grep "Raw" | cut -d ':' -f2 | sed 's/ //'` echo "current_efi_version $current_efi_version" latest_efi_version=`ls -La /usr/libexec/firmwarecheckers/eficheck/EFIAllowListShipping.bundle/allowlists/ | grep "$current_efi_version"` echo "latest_efi_version $latest_efi_version" if [ "$latest_efi_version" == "" ]; then echo "EFI FAILED" exit 1 else echo "EFI PASSED" exit 0 fi
-
SIP-Protected Apps In macOS
The following is a list of application bundles that come pre-installed with macOS that are protected by SIP: /Applications/App Store.app /Applications/Automator.app /Applications/Calculator.app /Applications/Calendar.app /Applications/Chess.app /Applications/Contacts.app /Applications/DVD Player.app /Applications/Dashboard.app /Applications/Dictionary.app /Applications/FaceTime.app /Applications/Font Book.app /Applications/Game Center.app /Applications/Image Capture.app /Applications/Launchpad.app /Applications/Mail.app /Applications/Maps.app /Applications/Messages.app /Applications/Mission Control.app /Applications/Notes.app /Applications/Photo Booth.app /Applications/Photos.app /Applications/Preview.app /Applications/QuickTime Player.app /Applications/Reminders.app /Applications/Safari.app /Applications/Siri.app /Applications/Stickies.app /Applications/System Preferences.app /Applications/TextEdit.app /Applications/Time Machine.app /Applications/Utilities /Applications/iBooks.app /Applications/iTunes.app /Applications/Utilities/Activity Monitor.app /Applications/Utilities/AirPort Utility.app /Applications/Utilities/Audio MIDI Setup.app /Applications/Utilities/Bluetooth File Exchange.app /Applications/Utilities/Boot Camp Assistant.app /Applications/Utilities/ColorSync Utility.app /Applications/Utilities/Console.app /Applications/Utilities/Digital Color Meter.app /Applications/Utilities/Disk Utility.app /Applications/Utilities/Grab.app /Applications/Utilities/Grapher.app /Applications/Utilities/Keychain Access.app /Applications/Utilities/Migration Assistant.app /Applications/Utilities/Script Editor.app /Applications/Utilities/System Information.app /Applications/Utilities/Terminal.app /Applications/Utilities/VoiceOver Utility.app /Applications/Utilities/X11.app Note: Files located in /System, /usr, /bin, and /sbin are recursively protected as well.
-
Install macOS Server 5.4 On A Mac Running macOS 10.13 (High Sierra)
The first thing you’ll want to do on any server is setup the networking for the computer. To do this, open the System Preferences and click on Network. You usually want to use a wired Ethernet connection on a server, but in this case we’ll be using Wi-Fi. Here, click on the Wi-Fi interface and then click on the Advanced… button. At the setup screen for the interface, provide a good static IP address. Your network administrator can provide this fairly easily. Here, make sure you have an IP address and a subnet mask. Since we need to install the Server app from the Mac App Store, and that’s on the Internet,…
-
Configure The VPN Service In macOS Server 5.4 on High Sierra
macOS Server has long had a VPN service to allow client computers to connect to a network even when they’re out of the home or office. And as with many a service on macOS Server, this is one of the easiest VPN servers you’ll ever setup. The server was once capable of running the two most commonly used VPN protocols: PPTP and L2TP. And while PPTP is still accessible via the command line, L2TP is now configured by default when you setup the server using the Server app. Setting Up The VPN Service In macOS Server To setup the VPN service, open the Server app and click on VPN in…
-
Configure The Adaptive Firewall In macOS Server 5.4 for High Sierra
macOS Server 5.4 running on High Sierra (macOS 10.13) has an adaptive firewall built in, or a firewall that controls incoming access based on clients attempting to abuse the server. The firewall automatically blocks incoming connections that it considers to be dangerous. For example, if a client attempts too many incorrect logins then a firewall rule restricts that user from attempting to communicate with the server for 15 minutes. If you’re troubleshooting and you accidentally tripped up one of these rules then it can be a bit frustrating. Which is why Apple gives us afctl, a tool that interacts with the adaptive firewall. To enable the adaptive firewall, use the -f…
-
statshares in Server 5.4 for macOS High Sierra
The statshares option has an -m option to look at a mount path for showing the path to the mount (e.g. if the mount is called krypted this should be something like /Volumes/krypted): smbutil statshares -m /Volumes/krypted When run, you see a list of all the attributes OS X tracks for that mount path, including the name of the server, the user ID (octal), how SMB negotiated an authentication, what version of SMB is running (e.g. SMB_1), the type of share and whether signing, extended security, Unix and large files are supported. Additionally, if you’d like to see the attributes for all shares, use the -a option after statshares: smbutil…