Archive

Author Archive

Penn State MacAdmins Conference 2013 and 2014 music playlists

July 27, 2014 Leave a comment

I found myself wanting to pull together a mix of the best of the Penn State MacAdmins playlists, so I looked up both 2013 and 2014 playlists. For those who also want both Spotify playlists, please see the links below:

Penn State MacAdmins 2013 Spotify: http://spoti.fi/macadmins13

Penn State MacAdmins 2014 Spotify: http://tinyurl.com/psumacmusic

My thanks to @jaharmi for having the 2013 link available on his blog. Like him, I’m posting these links because I want an easy way to find them later.

Saved application states and Office 2011 EXC_BAD_ACCESS application crashes

July 26, 2014 1 comment

I had an interesting issue crop up yesterday. One of our users sent in a ticket to report that Word 2011 on her laptop kept crashing with an EXC_BAD_ACCESS error. None of her other Office 2011 applications were exhibiting the behavior; it was specific to Word 2011.

Screen Shot 2014-07-25 at 10.33.23 AM

When this error has cropped up in the past, I’ve fixed it in the past by removing Word’s Normal.dotm template from /Users/username/Library/Application Support/Microsoft/Office/User Templates or removing the com.microsoft preference files for the affected application from /Users/username/Library/Preferences.

So this time, I moved the following files to a new folder that I created on the user’s desktop:

/Users/username/Library/Application Support/Microsoft/Office/User Templates/Normal.dotm
/Users/username/Library/Preferences/com.microsoft.Word.plist

Then I logged the user out, asked them to log back in and had them relaunch Word. Crash. EXC_BAD_ACCESS error again. This was going to be an unusual one…

Read more…

Session videos available from Penn State MacAdmins Conference 2014

July 22, 2014 Leave a comment

The good folks at Penn State have posted the session videos from the Penn State MacAdmins Conference 2013. The sessions slides and videos are all accessible from the Penn State MacAdmins’ Resources page at the link below:

http://macadmins.psu.edu/conference/resources/

As all the session videos have been posted to YouTube, I’ve linked my FileVault 2 session here:

The Extending OS X Management Systems with Scripting session I co-hosted with Jeremy Reichman is linked here:

Firefox 31 allows access on non-Windows platforms to Sharepoint and IIS sites using HTTPS

July 22, 2014 1 comment

As part of Firefox 31’s release, Mozilla made a change to enable support for NT LAN Manager version 1 (NTLMv1) network authentication when connecting to sites that are using HTTPS to allow encrypted communication via SSL between Firefox 31 and the website in question. This is to address the change made in Firefox 30, which disabled support for NT LAN Manager version 1 (NTLMv1) network authentication for sites using either HTTP and HTTPS.

NTLMv1 authentication to sites using HTTP is still disabled by default. For more information on why HTTPS is now enabled while HTTP remains disabled, this Mozilla bug report discusses the issue.

A way to tell if the NTLMv1-using site you’re trying to access is using HTTP or HTTPS is to check the connection address. If it begins with https://, you should be OK. If it begins with http:// , Firefox 31 will still block NTLMv1 authentication.

If you need to enable NTLMv1 authentication for an HTTP site that uses NTLMv1 authentication, Mozilla has provided a workaround to non-Windows users of Firefox, in the form of a setting that can be toggled to allow NTLMv1 authentication. This workaround should allow Mac and Linux users to continue using NTLMv1 authentication on HTTP sites, which will allow access again to SharePoint-based or IIS-backed web applications. For those folks who need it, I have the workaround documented here.

Interviewed on Command-Control-power

July 21, 2014 Leave a comment

I was interviewed on Tuesday, July 15, 2014 by the good folks behind Command-Control-power. I had a lot of fun doing it and they’ve now posted the interview at the following link:

http://commandcontrolpower.com/podcast/2014/7/20/059-interview-with-rich-trouton

Here’s links to the people, conferences and most of the tools that came up during the interview:

People

Tom Bridge – http://bits.tombridge.com

Graham Gilbert – http://grahamgilbert.com

Ed Marczak – http://www.radiotope.com

Conferences

Penn State MacAdmins – http://macadmins.psu.edu

MacSysAdmin – https://macsysadmin.se

MacTech Conference – http://www.mactech.com/conference/

WWDC – https://developer.apple.com/wwdc/

Tools

FileVault 2 – http://support.apple.com/kb/ht4790

fdesetup – https://developer.apple.com/library/Mac/documentation/Darwin/Reference/ManPages/man8/fdesetup.8.html

AutoPkg – https://github.com/autopkg/autopkg

Casper – http://www.jamfsoftware.com/products/casper-suite/

Munki – http://code.google.com/p/munki/

Hardware Encrypted External Drives
Ironkey – http://www.ironkey.com

Categories: Interviews

AutoPkgr – A GUI for AutoPkg

July 15, 2014 7 comments

The Linde Group has released a new tool on Github: AutoPkgr, a GUI interface for AutoPkg. In my working with the initial release today, I’ve been impressed with the problems it solves for Mac admins who want to get started using AutoPkg but aren’t sure where to begin.

AutoPkgr_small

To use AutoPkgr, you will need to have the following pre-requisites:

1. OS X 10.9.x

2. Xcode and/or the Xcode Command Line Tools installed

3. Acceptance of the Xcode license agreement.

4. A logged-in user to run the AutoPkgr application in. This user can be a standard user or have admin rights.

Once the prerequisites have been met, see below the jump for details on installation and configuration.

Read more…

Penn State MacAdmins 2014 presentations on a per-tweet basis

July 13, 2014 Leave a comment

Penn State MacAdmins 2014’s communication lines ran in a number of directions, with few more important than Twitter. Thanks to Michael Lynn capturing presentation links from Twitter, links to most of the presentations can be accessed below the jump. These presentations can also be accessed via AFP548.

Read more…

Slides from the “Extending OS X Management Systems with Scripting” Session at Penn State MacAdmins 2014

July 12, 2014 Leave a comment

PSUMacAdmins2014TheSession01

For those who wanted a copy, click on the link below for the Extending OS X Management Systems with Scripting slides in PDF format.

PDF: http://tinyurl.com/PSUMac2014ExtendScriptPDF

Slides from the FileVault 2 Session at Penn State MacAdmins 2014

July 10, 2014 Leave a comment

For those who wanted a copy of my FileVault 2 talk at Penn State MacAdmins, here are links to the slides in PDF and Keynote format.

PDF: http://tinyurl.com/PSUMac2014PDF

Keynote slides: http://tinyurl.com/PSUMac2014key

Referencing a FileVault 2 institutional recovery key as part of an fdesetup plist file in Mavericks

July 5, 2014 Leave a comment

As part of the man page for fdesetup, Apple provides a sample plist file as a guide for those who want to import authentication credentials as part of running commands with fdesetup.

Screen Shot 2014-07-04 at 9.14.18 PM

As part of the plist, there are two plist keys that reference using a keychain which contains the private key for an institutional recovery key:

KeychainPath

KeychainPassword

For KeychainPath, you will need to provide the file path to the keychain as the plist value. For KeychainPath, you will need to provide the password that unlocks that keychain.

For example, if you put the keychain file into the /tmp directory, you would reference /tmp/filename.keychain as the KeychainPath plist value. If the password to unlock that keychain is seKritPassword, you would reference seKritPassword as the KeychainPassword plist value.

Screen Shot 2014-07-04 at 9.11.03 PM

One particular thing to note is that the KeychainPath entry on the fdesetup man page references that this works with certain fdesetup commands, but does not specify which commands are applicable.

Screen Shot 2014-07-04 at 9.15.46 PM

As of OS X 10.9.4, it appears that you can leverage the KeychainPath and KeychainPassword plist keys with the following two fdesetup commands.

fdesetup changerecovery

Screen Shot 2014-07-04 at 8.52.33 PM


Screen Shot 2014-07-04 at 8.39.27 PM


fdesetup removerecovery

Screen Shot 2014-07-04 at 8.53.18 PM

Screen Shot 2014-07-04 at 8.57.12 PM

If using the current institutional key to authenticate, the plist should look like this.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>KeychainPath</key>
<string>/path/to/filename.keychain</string>
<key>KeychainPassword</key>
<string>password</string>
</dict>
</plist>

Screen Shot 2014-07-04 at 8.44.02 PM

If you are using the current institutional key to authenticate a change to a new institutional recovery key, you can also embed the public key of the new institutional recovery key in the plist. In that case, the plist will look like this.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>KeychainPath</key>
<string>/path/to/filename.keychain</string>
<key>KeychainPassword</key>
<string>password</string>
<key>Certificate</key>
<data>
(Certificate data goes here.)
</data>
</dict>
</plist>

Screen Shot 2014-07-04 at 8.43.14 PM

Follow

Get every new post delivered to your Inbox.

Join 143 other followers

%d bloggers like this: