How To: Change the “Automatic Proxy Configuration” url in System Preferences via a Script

Standard

The “Automatic Proxy Configuration” url in System Preferences is used to point the clients to a PAC file to set the proxy server when on the Office LAN. Below are some scripts to manage this setting.

Continue reading

How To: Get the currently logged in user, in a more Apple approved way

Standard
NOTE: Due to macOS Monterey's prompts when Python 2 in invoked, please review the blog post here to get the logged in user instead. 

When running scripts via Jamf Pro, Munki or a launch daemon, you sometimes have a challenge to get the username of the currently logged in user.

Below has a method to achieve this, with a link to an Apple approved method.

Continue reading

Citrix Receiver Error: “You have not chosen to trust “Some CA”, the issuer of the server’s security certificate”

Standard
Screen Shot 2014-10-26 at 10.44.22

We recently replaced a the certificate on one of out Citrix Access Gateways, everything went well connecting to the CAG via a PC worked fine, but from a Mac we got the below error message.
Luckily for us, Citrix not only have a solution posted on this issue but also give detail as to why it can occur. The solution can be found here.

Getting Java 6 working on a Mac that has only had Java 7 installed

Standard

We’re in the midst of rolling out a new image to our macs on 10.8.2. Historically Java has not been needed but we added the latest Java 7 update as a matter of course, but post-rollout people now require Java 6 (how often does that happen?).

This new requirement came in just after Apple disabled Java 6 on 10.7+ Macs (as detailed a little here: http://managingosx.wordpress.com/2013/01/31/disabled-java-plugins-xprotect-updater/ ).

Greg Neagle & Rich Trouton have several solutions in re-enabling the various parts needed to get Java 6 working (however they required an order which I was not following Java 6 had never been installed as part of my image.

Continue reading

How To: Port Redirect Web Traffic On Lion Server

Standard

UPDATE: With the release of 10.7.3, you can now do this via "Server.app", so i'd advise against the below method. If you have used the below & upgraded to 10.7.3 & have an error in "Server.app" when managing the web service, click here.

Port redirection is (simply put), where an end user enters: http://mygreatwebsite.com & they are redirected to http://mygreatwebsite.com:(someport).

On Snow Leopard server you could easily set port redirects from within the Server Admin.app, but in Lion server this has all been changed.

The basics of how to enable virtual hosts on Lion server, is covered in this post. As well as links to the more advanced options.

Once Virtual Hosts have been enabled, editing /private/etc/apache2/extra/httpd-vhosts.conf enable the redirects. 

Continue reading

How To: Enable Virtual Hosts on Lion Server

Standard

UPDATE: The below can now be completed using 'Server.app' & as such i'd not advise you perform redirects this way. If you have performed the redirects as directed below, you may have an error which has a resolution mentioned here.

With the move to Lion Server, Apple stripped moved administering the Web service from the new Server.app.

This over-simplification has caused me some head scratching as many of the options I’d become familiar with had been replaced with little more than an On/Off switch.

But don’t fret! It turns out that these options still exist, it’s just you need to hunt for them.

Virtual hosts are best explained in the opening paragraph here. To enable this on Lion Server do the following

Continue reading

How To: Map Drives & Printers Based On AD Group Membership On OSX

Standard

UPDATE: Now works with Lion as it reads the correct node name as seen in Directory Utility.

Having recently started a new role, I needed a mechanism for my Mac users to map drives & printers at login.

Script Logic’s Desktop Authority is used by my new employs PC Admins to mount drives & printers on the PC Clients.

This is using AD Security Groups to map both drives & printers &  I decided to follow this methodology for the Mac clients.

This solution actually has 3 parts;

  1. AppleScript App
  2. LaunchAgent
  3. Postflight Script

And below, I’ll piece it all together.

Continue reading

Need to find out if a Mac has an Wireless Card?

Standard
UPDATE: Updated to now work with Lion

The Extension Attribute below checks to see if Mac has either an  Airport  or  Wireless & returns “Yes” is the Mac has one & “No” if it doesn’t.

Continue reading

How To: Stop Directory Utility Mounting Home Folder At Login

Standard

OSX’s built-in AD Plugin allows for the automated mounting of home/profile folders. The following can be used to disable this mounting:

sudo dsconfigad -useuncpath disable

How To: Script Generating a Kerberos Ticket Granting Ticket (TGT) during an Active Directory user’s initial login

Standard

I had this issue with a drive mapping app i create not mapping drives at initial login for AD accounts (this app will be discussed in another post shortly).

The Apple KB with the same title as this post advises how to fix, but if you wish to script it do the following:

WARNING: TEST, TEST, TEST THIS. ADDING AN EXTRA CHARACTER CAN LEAD TO YOUR MAC BEING STUCK IN A LOGIN LOOP. THE BELOW SHOULD BE ENTERED ON 2 LINES