Category Archives: Mac OS

Mac OS X: Enable an AD User to be Local Admin

Leave a reply

Most of our Macs are bound to AD now. One common task I have to do is to enable an AD user to manage the computer. You can do it through the GUI, but the user has to log on first and create an mobile account on the computer. I found that you can do it through a command line, so the user will not have to log on to the machine first. This command is dseditgroup and here is an example.

dseditgroup -o edit -n /Local/Default -u your_admin_account -p -a user_ad_account -t user admin

When you enter the command, it asks for the password of your admin account. Enter your password and press enter. The next time the user logs on, your user’s AD account will be the administrator. osx

How to Change Default Host for Cisco AnyConnect on Mac

Leave a reply

I had a post about how to change the default host for Cisco AnyConnnect on Windows. A user has asked me how to change this on Mac. I spent a few minutes to find this information. Here is how you change it:

  1. Open Terminal application.
  2. Type in the command at the Terminal window. This opens up TextEdit 
    open –e ~/.anyconnect
  3. Find and edit the DefaultHost line in TextEdit so that it is set to the host of your choice 
    <DefaultHost>vpn.mycompany.com</DefaultHost>
  4. Save the file under TextEdit.

The default host will be set to vpn.mycompany.com the next time you run Cisco AnyConnect.

anyconnect

Mac OS X: Add an AD Group to a Local Group

Leave a reply

I joined a Mac machine to our AD so that users can use their AD credentials to use the Mac. One problem is that when users logon using their AD credentials, they cannot access some of the local folders. The folders all have staff group read/write permissions set and they are good for local users. By default, the AD users are not in the staff group, so they cannot access the folders.

To add the AD users to staff group, you can use the dseditgroup command to do so. Open up a Terminal and enter the following command.

dseditgroup -o edit -n /Local/Default -u local_admin_account -p -a 'AD_DOMAIN_NAME\AD_GROUP' -t group staff

Reboot the machine and the AD users in that group should be in staff group now.

osx

App Store: An Unknown Error Has Occured

Leave a reply

While I was setting up a new Mac mini today, I ran into a strange problem. When I tried to use the App store to install Xcode, I entered my Apple ID and password and got this error: “An unknown error has occurred.” To make sure that my Apple ID was working, I checked it on a different machine, and it was fine. The problem was with this particular machine, not with my Apple ID.

I found this article on Apple’s forum. The first solution fixed my problem. What I needed to do was..

  1. Make sure App Store is closed and invoke Finder.
  2. Click on Go -> Go to Folder.
  3. Enter ~/Library/Cookies and click on Go.
    appstore-unknown-error
  4. Find this file and trash it: com.apple.appstore.plist.

Now invoke App Store and you should be able to enter your Apple ID and password without a problem. If this does not work, you can try going to ~/Library/Caches/com.apple.appstore and trashing the Cache.db file.

Hidden File or Folder under Finder on Mac OS X

Leave a reply

A user reported that a folder he created on a share folder could not be seen by other users. I tried it on several different computers connected to the same shared folder. I could not see the folder that the user created using Finder. I then tried Terminal and issued this command

admin$ ls -l
total 0
-rw-r--r--  1 admin staff 0 Dec 13 17:16 test-file.txt
drwxr-xr-x@ 2 admin staff 68 Dec 13 17:21 test-folder

The test-folder is the one that’s invisible under Finder. Notice the extra @ for the test-folder. This means that there are extra attribute keys and sizes for it. Using the command ls -l@ reveals the extra info.

admin$ ls -l@
total 0
-rw-r--r--  1 admin staff 0 Dec 13 17:16 test-file.txt
drwxr-xr-x@ 2 admin staff 68 Dec 13 17:21 test-folder
      com.apple.FinderInfo 32

For some reason, the folder was created with com.apple.FinderInfo 32 . This tells Finder that this folder is hidden- that’s why other people could not see it. To un-hide this folder, use this command:

chflags nohidden test-folder

Similarly, if you want to hide a file or a folder, use this command:

chflags hidden file-name

osx

How to Setup NFS Service on Mac Lion Server

Leave a reply

Starting from the 10.7 Lion server, Apple has removed the GUI interface for setting up the NFS service. You’ll have to set up the NFS service via command line. Here is the KB article about how to set it up.

http://support.apple.com/kb/HT4695

Basically, you need to use a text editor to edit /etc/exports to define the folders you want to share. If you have an old server set up for NFS, you can check the exports file on the old server to give you an idea on how to set them up. Once this is done, you can then use the nfsd command to manage the service. For example, to start NFS service, type

sudo nfsd start

To check the staus, type

nfsd status

One thing that’s not mentioned in the KB article is that you can adjust nfsd options in this file /etc/nfs.conf . Type

man nfs.conf

to see all the options available.

If you don’t need to set up NFS to host the user’s home directories, you can stop reading here. However, if you do need to set up NFS for home directories, read on. Apple has another KB for this issue.

http://support.apple.com/kb/ts3889

You will need to use the Directory Utility to configure it. What is missing in this KB is how to use the Directory Utility. Here are the steps:

  1. Use Finder and browse to /System/Library/CoreServices and double click on Directory Utility.
  2. Click on Directory Editor.
  3. Select Mounts from the Viewing combo box.
  4. If you have not authenticated yet, click on the padlock icon to authenticate.
  5. Click on the + icon in the lower left corner to add a mount point. You can use the other mounts in your OD as examples or refer to the KB.

When you are done editing, the record is similar to this:

RecordName: server.example.com:/Volumes/Data/Homes
RecordType: dsRecTypeStandard:Mounts
VFSLinkDir: /Network/Servers
VFSOpts: net
VFSType: nfs

Save the record and you’ll find the new server available when you re-assign the user’s home directory.

 

 

How to Automount a CIFS/AFP Share on Mac

Leave a reply

I set a Mac to be backed up by our TSM server. There was an external AFP share mounted at /Volumes/Data. I wanted to back up that share, too. The problem was that, for some reason, the share got unmounted from time to time. My first attempt at solving the problem was to write a shell script to mount the AFP share. Then, I scheduled it to run before the backup job. This was not helpful either, because the share still frequently got unmounted.

I then tried many different approaches and found that this one worked pretty well. The idea is to edit the /etc/fstab file to specify the mount information so the automount service can mount the share whenever it is being accessed. Here are the steps:

  1. Open Terminal application.
  2. Type sudo nano /etc/fstab to edit the file.
  3. Add this line. 
    host_name:/share_name /Volumes/mount_name url automounted,url==afp://user_name:password@host_name/share_name 0 0
  4. Press Ctrl + x to save the file and exit out.
  5. Type automount -vc to restart automount.

If you want to mount a cifs share, just change afp to cifs. This is one example using cifs.

host_name:/share_name /Volumes/mount_name url automounted,url==cifs://user_name:password@host_name/share_name 0 0

Note that the host_name must resolve to the actual IP address of the host computer. You could modify /etc/hosts to add the host_name to it if the host_name cannot be resolved by the DNS server.