So I had a request that involved something I had never actually thought or bothered to do: customize the finder icon in the dock… I figured it would just be an image and therefore that it couldn’t actually be that difficult. And I was correct. Remarkably, the icon is actually called finder.png (you may have noticed that smaller iPhone and OS X images are almost always png files these days): /System/Library/CoreServices/Dock.app/Contents/Resources/finder.png So I renamed it to finder.old using this command: sudo mv /System/Library/CoreServices/Dock.app/Contents/Resources/finder.png /System/Library/CoreServices/Dock.app/Contents/Resources/finder.OLD Then grabbed a new png icon and threw it in the same place with the same name (in this case the logo was called UGA.png before and…
-
-
How to use iSCSI on Mac OS X
iSCSI is a network storage protocol that allows sending and receiving of SCSI commands over a TCP/IP network. This allows you to leverage Ethernet, a low cost network medium to get SAN performance and network based storage. While you can use pretty much any Ethernet switch, I’d recommend that if you’re going to use iSCSI that you dedicate a switch to it, or use quality switches and build a dedicated VLAN for your iSCSI traffic. Recently, I’ve recently been seeing a lot of traffic about whether or not you can use iSCSI with Mac OS X. The answer, yes. As with Xsan, to get started with iSCSI you’ll need an…
-
Mac OS X: Directory Services Debug Log
When you’re trying to troubleshoot issues with Directory Services on Mac OS X sometimes the best thing you can do is put the directoryservices daemon into debug mode. To do so you would use the following command: killall -USR1 Directory Service By default errors get trapped into this file: /Library/Logs/DirectoryService/DirectoryService.error.log But when in debug mode using -USR1 you can see more specific errors in the /Library/Logs/DirectoryService/DirectoryService.error.log file. You can then use commands such as tail in conjunction with grep in order to isolate issues to specific strings such as ADPlugin. If you choose to use -USR2 for debugging then the logs will get written into the /var/log/system.log file. To disable verbose…
-
Mac OS X: Disable ACLs on External Volumes for Leopard
ACLs are great. They allow you a ton of additional options with permissions. But they’re not for everyone and they are enabled by default on all volumes in Leopard. But the following command can be used to disable ACLs on External volumes in Leopard: sudo fsaclctl -d -p /Volumes/<volume-name>
-
Extend the AD Schema in 2008 Server using ldifde
To import directory objects, at the command prompt, type the following command, and then press ENTER: ldifde–i-ffilename-sservername:port-m-ausername domain password To export directory objects, at the command prompt, type the following command, and then press ENTER: ldifde-e-ffilename-sservername:port-m-ausername domain password
-
Final Cut Server: Video Tutorials
These have been up for awhile but I found myself pointing them out to someone earlier today and so thought I’d post a link: http://www.apple.com/finalcutserver/tutorials/
-
Mac OS X: Force LDAP Signing using dsconfigad
dsconfigad did not support signing of LDAP packets in 10.4.x. However, this was an upgrade that was introduced in the 10.5 version of the AD Plug-in. Provided that your Active Directory environment uses LDAP signing, a standard policy with DCs, you can mirror your settings on the DC in dsconfigad by using the -packetsigning option followed by either an allow, disable or require variable. To force LDAP signing, just run the following command: dsconfigad -packetsigning required To then disable signing if your environment doesn’t support it use the following command: dsconfigad -packetsigning disable The default variable is allow, which will use LDAP signing when possible.
-
Mac OS X for Unix Geeks
Today I received a copy of Mac OS X for Unix Geeks from O’Reilly, for which I was the technical editor on. Great read, especially for the *nix to Mac switcher. Check it out here: Big pat on the back to Brian Jepson, Ernest Rothman and Rich Rosen for releasing a great new version of their book!
-
Mac OS X: Check Point FDE
So we’ve been messing around with Check Point for awhile. But we never actually had to mass deploy it until recently. After messing around for awhile, we decided that we actually kinda’ like how they do things. There are various strategies you can take with how you choose to deploy the software, but they all boil down to building an *.ips file and either publishing it through a network mount as part of the installation package for Check Point FDE. The software automatically begins to encrypt the drive when you push it out, so you don’t need to push out an image with a pre-encrypted drive, although you will need…
-
Mac OS X: Managed Preferences without Open Directory
Yes, you can apply an MCX against a local account easily using the -mcximport and -mcxexport dscl extensions. Simply setup the MCX like you want it for a managed account using Workgroup Manager and then from the interactive dscl environment do a -mcxexport <Path to account> -o <filename> and then copy the file to a target system. Then, on the target system, do a -mcximport <path to account> -o <path to same filename>. Then test! Happy policy making!