Archive

Archive for October, 2016

Enabling the “Remove items from the Trash after 30 days” setting on macOS Sierra

October 30, 2016 2 comments

A new feature in macOS Sierra is the ability to put items in the Trash and have those items automatically be deleted after 30 days. This option can be set in the Finder preferences using the process shown below:

1. Open the Finder preferences

Screen Shot 2016 10 29 at 9 03 20 PM

2. Select the Advanced options

Screen Shot 2016 10 29 at 9 03 29 PM

Screen Shot 2016 10 29 at 9 03 34 PM

3. Check the Remove items from the Trash after 30 days checkbox.

RemoveTrashAfter30Days

 

It’s also possible to enable or disable this setting from the command line. To enable the Remove items from the Trash after 30 days setting, the following defaults command can run by the logged-in user:

defaults write com.apple.finder FXRemoveOldTrashItems -bool true

Screen Shot 2016 10 29 at 9 04 44 PM

To disable it, the following defaults command can be run by the logged-in user:

defaults write com.apple.finder FXRemoveOldTrashItems -bool false

Screen Shot 2016 10 29 at 9 21 04 PM

For those who want to enable the Remove items from the Trash after 30 days setting using management profiles, I’ve created a .mobileconfig file and posted it here on Github:

https://github.com/rtrouton/profiles/tree/master/RemoveTrashAfter30Days

Categories: Uncategorized

Fixing server connection issues by changing network interface order

October 25, 2016 1 comment

I had one of my customers report a problem today after applying software updates to his Mac. His Mac had been able to automount certain network shares via NFS before the updates, but was unable to access those shares following the updates.

I connected remotely to the Mac and verified that I was unable to manually mount the NFS mounts.


computername:tmp username$ cat /etc/automounts/misc
mars -fstype=nfs,rw,bg,hard,intr,tcp,nolock server.name.here:/misc/datastore
pluto -fstype=nfs,rw,bg,hard,intr,tcp,nolock server.name.here:/misc/roulette
sol -fstype=nfs,rw,bg,hard,intr,tcp,nolock server.name.here:/misc/sol
computername:tmp username$ mkdir misc
computername:tmp username$ mkdir -p misc/datastore
computername:tmp username$ mkdir -p misc/pluto
computername:tmp username$ mkdir -p misc/sol
computername:tmp username$ sudo mount -t nfs server.name.here:/misc/datastore /tmp/misc/datastore
Password:
mount_nfs: can't mount /misc/datastore from server.name.here onto /private/tmp/misc/datastore: Operation timed out
computername:tmp username$ sudo mount -t nfs server.name.here:/misc/datastore /tmp/misc/datastore
mount_nfs: can't mount /misc/datastore from server.name.here onto /private/tmp/misc/datastore: Operation timed out
computername:tmp username$

view raw

gistfile1.txt

hosted with ❤ by GitHub

When I tried to run the showmount command to get a list of the available NFS mounts on the server, I also received a timeout message:


computername:~ username$ showmount -e server.name.here
showmount: Cannot retrieve info from host: server.name.here: RPC failed:: RPC: Timed out

view raw

gistfile1.txt

hosted with ❤ by GitHub

I was about to send this on to the team that handled our NFS shares, when I remembered I hadn’t verified that I could access the server. Sure enough, I couldn’t:


computername:~ username$ ping server.name.here
PING server.name.here (192.168.0.23): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
^C
— server.name.here ping statistics —
6 packets transmitted, 0 packets received, 100.0% packet loss
computername:~ username$

view raw

gistfile1.txt

hosted with ❤ by GitHub

I could ping Yahoo however, so I could contact the internet.


computername:~ username$ ping wwww.yahoo.com
PING oob-media-router-rc1.prod.media.wg1.b.yahoo.com (72.30.203.4): 56 data bytes
64 bytes from 72.30.203.4: icmp_seq=0 ttl=54 time=16.922 ms
64 bytes from 72.30.203.4: icmp_seq=1 ttl=54 time=18.082 ms
^C
— oob-media-router-rc1.prod.media.wg1.b.yahoo.com ping statistics —
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 16.922/17.502/18.082/0.580 ms
computername:~ username$

view raw

gistfile1.txt

hosted with ❤ by GitHub

So I couldn’t access an internal network resource, but I could access the internet. What made this puzzling was that I was connecting remotely to the Mac via the IP address associated with this person’s Ethernet address. This IP address should not have had issues accessing internal network resources. What had happened? For more, see below the jump.

Read more…

Slides from the documentation session at JAMF Nation User Conference 2016

October 20, 2016 1 comment

For those who wanted a copy of my documentation talk at at JAMF Nation User Conference 2016, here are links to the slides in PDF and Keynote format.

PDF – http://tinyurl.com/JNUC2016DocPDF

Keynote – http://tinyurl.com/JNUC2016DocKeynote

Using vfuse to create NetBoot-ready VMware VMs

October 19, 2016 1 comment

When building virtual machines for testing, my preferred method is to leverage VMware Fusion’s NetBoot support to NetBoot to a DeployStudio server and run workflows. The process to build a NetBoot-ready VM through VMware Fusion looks like this:

1. Open VMware Fusion

2. In the Select the Installation Method window, choose Create a custom virtual machine and then click the Continue button.

Create custom virtual machine

3. In the Choose Operating System window, set OS as appropriate then click the Continue button.

Os selection

4. In the Finish window, select Customize Settings.

Customize settings

5. Save the VM file in a convenient location.

6. In your VM settings, select Network Adapter.

Vm settings network adapter

7. In the Network Adapter settings, select Autodetect under Bridged Networking.

Configure bridged network settings

At that point, you can also adjust your RAM and processor settings but that’s up to you.

The VM is now configured to be NetBoot-ready, where it’s set up to run a particular macOS version but has a formatted and completely empty boot drive.

Vmware netboot screen

This setup process has been a largely manual process involving a lot of clicking in the VMware Fusion user interface and I’ve wanted to automate this for a while. Thanks to some recent changes which my colleague Joe Chilcote made to his vfuse VM creation tool, it’s now possible to automate the setup of a NetBoot-ready VM in Fusion with the following configurable options:

  • OS version
  • VM boot drive size

For more details, see below the jump.

Read more…

Categories: Mac OS X, macOS, VMware

Apple filesystem session at MacTech Conference 2016

October 19, 2016 Leave a comment

I’ll be speaking at MacTech Conference 2016, which is taking place from November 16-18, 2016 in Los Angeles at the Westin Hotel LAX. My session will be an overview of Apple’s past and present filesystems, with an introduction to Apple File System (APFS) and a discussion of its current state of development.

You can see the entire list of MacTech Conference speakers at http://conference.mactech.com/speakers/.

Enabling automatic download and installation of Microsoft Office 2016 updates

October 12, 2016 12 comments

As part of releasing Microsoft Office 2016 15.27, Microsoft has also updated Microsoft AutoUpdate (MAU) to include an interesting new feature: Automatically Download and Install. In MAU 3.8 and later, this feature will automatically download updates for Office 2016 applications and do the following:

  • If an Office application is not running – Automatically install and update the application
  • If an Office application is running – Prompt the customer and give them the option of updating later or restarting the application. If the customer chooses to restart their application, the application will be closed, updated and then re-opened

Pasted image at 2016 09 15 05 09 PM

To enable the automated download and install option, open the Microsoft AutoUpdate application and set the Automatically Download and Install option.

Screen Shot 2016 10 12 at 9 58 42 AM

For more information on this new feature, please see the following link:

What’s New in Microsoft AutoUpdate 3.8http://macadmins.software/docs/MAU_38.pdf

To enable the automated download and install option via the command line for Microsoft AutoUpdate 3.8, the following defaults command can run by the logged-in user:

defaults write com.microsoft.autoupdate2 HowToCheck AutomaticDownload

Microsoft is planning to move the MAU preferences to /Library/Preferences as part of an upcoming Microsoft AutoUpdate release, so the following defaults command can be run with root privileges to enable the automated download and install option for those future versions of Microsoft AutoUpdate:

defaults write /Library/Preferences/com.microsoft.autoupdate2 HowToCheck AutomaticDownload

For those who want to enable the automated download and install option using management profiles, I’ve created a .mobileconfig file and posted it here on Github:

https://github.com/rtrouton/profiles/tree/master/EnableAutomaticDownloadandInstallofOffice2016Updates

Using Disk Utility on macOS Sierra to unlock FileVault 2-encrypted boot drives

October 11, 2016 5 comments

Starting in OS X El Capitan, Apple overhauled Disk Utility’s various functions to add new features and remove others. As of macOS Sierra, it appeared at first that the abilities to unlock or decrypt a FileVault 2-encrypted drive had both been removed from Disk Utility. After some investigation though, it looks like the ability to decrypt has been removed, but you can still unlock using Sierra’s Disk Utility. For more details, see below the jump.

Read more…

Documentation session at JAMF Nation User Conference 2016

October 11, 2016 Leave a comment

I’ll be speaking about how to various ways to document your Casper Suite and other IT needs at JAMF Nation User Conference 2016, which is being held from October 18th – 20th, 2016 in Minneapolis, MN. For those interested, my talk will be on Thursday, October 20th.

For a description of what I’ll be talking about, please see the Preparing for the Road Ahead: Documenting Your Casper Suite Setup session description. You can see the whole list of JNUC sessions here on the Sessions page.

Session videos and slides now available from MacSysAdmin 2016

October 10, 2016 1 comment

The documentation from MacSysAdmin 2016 is now available, with the session slides and videos being accessible from the link below:

http://documentation.macsysadmin.se

The videos of my sessions are available for download from here:

I also like to thank Tycho Sjögren and Apoio AB again for inviting me to speak at this year’s MacSysAdmin.

System Preferences problem when enabling FileVault 2 using an IRK is fixed in macOS Sierra

October 8, 2016 Leave a comment

Starting in OS X Yosemite 10.10.x, I noticed an issue when enabling FileVault 2 via System Preferences when using an institutional recovery key.

In Mavericks and earlier versions of OS X, the behavior of System Preferences looked like this:

  1. Click the lock to unlock the FileVault preference pane
  2. Click the Turn on FileVault… button
  3. A list of users that can be enabled for FileVault 2 is displayed. The logged-in user account is marked with the green checkbox that shows that the account is enabled.
  4. A message is displayed that a recovery key has been set by a company, school or institution.
  5. A message prompting the user to restart is displayed.
  6. Once the Restart button has been clicked, the FileVault 2 initialization process continues and restarts the Mac.
  7. The Mac restarts to the FileVault 2 pre-boot login screen.

To illustrate, I’ve made a video showing the described behavior.

In OS X Yosemite and OS X El Capitan, the behavior of System Preferences looks like this:

  1. Click the lock to unlock the FileVault preference pane
  2. Click the Turn on FileVault… button
  3. A message is displayed that a recovery key has been set by a company, school or institution.
  4. System Preferences then displays no additional messages and will appear to hang for up to two minutes.
  5. The Mac restarts without further input from the user.
  6. The Mac restarts to the FileVault 2 pre-boot login screen.

To illustrate, I’ve made a video showing the described behavior.

I had filed a bug report on the problem, which has now been closed as fixed after I was able to verify that the problem was resolved in macOS Sierra 10.12.0.

As of macOS Sierra 10.12.0, the behavior of System Preferences has returned to approximating the pre-Yosemite behavior. The process now looks like this:

  1. Click the lock to unlock the FileVault preference pane
  2. Click the Turn on FileVault… button
  3. A message is displayed that a recovery key has been set by a company, school or institution.
  4. A list of users that can be enabled for FileVault 2 is displayed. The logged-in user account is marked with the green checkbox that shows that the account is enabled.
  5. A message prompting the user to restart is displayed.
  6. Once the Restart button has been clicked, the FileVault 2 initialization process continues and restarts the Mac.
  7. The Mac restarts to the FileVault 2 pre-boot login screen.

To illustrate, I’ve made a video showing the described behavior.