Welcome to How To Mac

I have worked for many years in education and consultated with many schools on their mac issues and new installs. In this time I have gained a large understanding of the common problems and issues which may occur during a new install.  I hope this helps IT support members to challenge an install of a mac server and if not help is always available here!

Pac file example for iPhone/iPad/iPod Touch

Posted by Ross on April 25th, 2012

With services like webdav or MDM you may need to have a proxy in place to access the internet on your device. But because the standard settings for proxy does not allow you to add exceptions and the only way it can be done is by using a pac file and adding exceptions within the file. You will see an example of a working pac file. You will notice http://files.domain.com has been added. This is one proxy exception but you can add multiples.

 

———-Pac File content———-

function FindProxyForURL(url, host)
{
// variable strings to return
var proxy_yes = “PROXY IP:Port”;
var proxy_no = “DIRECT”;
if (shExpMatch(url, “https://mdm.domain.com*”)) { return proxy_no; }
if (shExpMatch(url, “http://files.domain.com*”)) { return proxy_no; }
// Proxy anything else
return proxy_yes;
}

—– Pac File End————

Just copy the pac file content into text edit and add your proxy and exceptions. Once done you then need to save the file as proxy.pac and store on an internal web server.

VN:F [1.9.17_1161]
Rating: 0.0/5 (0 votes cast)
VN:F [1.9.17_1161]
Rating: 0 (from 0 votes)

Netboot not working across VLAN’s

Posted by Ross on April 22nd, 2012

If you are having issues with accessing your image system across multiple vlans but it works fine on the same VLAN as your net boot server. In order to get around this you will need to add an IP Helper-address (net boot server IP) to the vlans you wish to image to on your core switch you will then be able to see the net boot server on all vans.

VN:F [1.9.17_1161]
Rating: 0.0/5 (0 votes cast)
VN:F [1.9.17_1161]
Rating: 0 (from 0 votes)

Script to bind to Active Directory (10.7)

Posted by Ross on April 22nd, 2012

This script can be run with Remote desktop to bind multiple computers based on the parameters specified within the script.

Simply select the machines with remote desktop  you wish to join to Active Directory and select unix command. Then amend the script below to your network and paste into the unix box. Then set to run as “root” and send the command. You will then see the result of the script. This script will only run if the machine is currently not bound to Active Directory already.

———————Script Start—————————-

######

#

# Script altered by Ross Hamilton – Howtomac.co.ukedumac.co.uk

# Script originally made by Mike Bombich

# Designed for 10.7 Lion

# Re-edited April – 2012

#

######

#Computer name collected

computerid=`/usr/sbin/scutil –get ComputerName`

 

# Standard parameters

domain=”" # fully qualified DNS name of Active Directory Domain

udn=”" # username of a privileged network user

password=”" # password of a privileged network user

ou=”" # Distinguished name of container for the computer EG; ou=computers,DC=domain,DC=com

 

# Advanced options

alldomains=”" # ‘enable’ or ‘disable’ automatic multi-domain authentication

localhome=”" # ‘enable’ or ‘disable’ force home directory to local drive

protocol=”" # ‘afp’ or ‘smb’ change how home is mounted from server

mobile=”" # ‘enable’ or ‘disable’ mobile account support for offline logon

mobileconfirm=”" # ‘enable’ or ‘disable’ warn the user that a mobile acct will be created

useuncpath=”" # ‘enable’ or ‘disable’ use AD SMBHome attribute to determine the home dir

user_shell=”/bin/bash” # e.g., /bin/bash or “none”

preferred=”-nopreferred” # Use the specified server for all Directory lookups and authentication

# (e.g. “-nopreferred” or “-preferred ad.server.edu”)

admingroups=”" # These comma-separated AD groups may administer the machine (e.g. “” or “APPLE\mac admins”)

 

# Login hook setting — specify the path to a login hook that you want to run instead of this script

 

### End of configuration

 

# Activate the AD plugin

defaults write /Library/Preferences/DirectoryService/DirectoryService “Active Directory” “Active”

plutil -convert xml1 /Library/Preferences/DirectoryService/DirectoryService.plist

sleep 5
# Bind to AD

dsconfigad -f -a $computerid -domain $domain -u $udn -p “$password” -ou “$ou”
# Configure advanced AD plugin options

if [ "$admingroups" = "" ]; then

dsconfigad -nogroups

else

dsconfigad -groups “$admingroups”

fi

dsconfigad -alldomains $alldomains -localhome $localhome -protocol $protocol \

-mobile $mobile -mobileconfirm $mobileconfirm -useuncpath $useuncpath \

-shell $user_shell $preferred
# Adding search Path

sudo dscl /Search -create / SearchPolicy CSPSearchPath

defaults write /Library/Preferences/DirectoryService/SearchNodeConfig “Search Node Custom Path Array” -array “/Active Directory/All Domains”

Dsconfigad -passinterval 0

———————Script End—————————-

VN:F [1.9.17_1161]
Rating: 0.0/5 (0 votes cast)
VN:F [1.9.17_1161]
Rating: 0 (from 0 votes)

Join computer to Active Directory 10.7

Posted by Ross on April 22nd, 2012

In order to join your computer to active directory you will need to bind your computer using a utility called Directory Utility. This use to be located in the utility folder in 10.5 but it was moved to “/System/Library/CoreServices”. In order to access the utility you will need to access the menu item go when you are on finder and then select “Go To Folder”. Once you see the box below you will need to go to the location specified in the image below. “/System/Library/CoreServices/”

Once you are in the CoreServices folder you will find a large amount of applications. If you look for an Application called Directory Utility and open it. Directory Utility allows you to connect to services such as LDAP, Active Directory.

Now you are in the Directory Utility app please see below.

If you click Active Directory you will be presented with the following.

From here you simply need to add your FQDN for your active directory domain. Also a computer name you would like to register against active directory.

If you click the advance option you will see below.

The “force local home directory on a start up disk” is an important option which can cause issues if you have the wrong option set. If you have the option ticked anyone one who logs in will automatically have a local user account setup. So any work saved will be saved to the local user folder. Also the computer will mount the specified home directory within Active Directory. So users can easily transfer work to and from their network user area.
If the box is unticked then users will have their home drive on the mac pointing to their network home drive. So any work done within the user are on the logged in computer will be automatically saved to the users network drive.

*NOTE*

Home drive path is specified within Active Directory under home drive path. If you do not use this option you will not be able to use the unpicked option.

Now you have completed the advance options you can now click the bind button. You will be presented with the following box

You need to use the credentials of a user account which has write delegate access to the OU or container you wish to place the computer into active directory. You can specify the computer ou search path but you can leave this by default as it will place the computer into the Computers OU. So its important that the user account you want to bind with has write access to this OU.

Once you click OK with the correct settings your machine will now be connected to Active Directory. You can now login with an Active Directory Username / Password.

VN:F [1.9.17_1161]
Rating: 5.0/5 (1 vote cast)
VN:F [1.9.17_1161]
Rating: +1 (from 1 vote)

How To Mac relaunch

Posted by Ross on April 19th, 2012

After a long inactive period I have reopened How To Mac with a new design and up to date guides on bringing Apple into your education establishment. If you have any specific requests on what you would like on how to mac please send me details by clicking on contact.

Thanks for visiting.
Ross Hamilton

VN:F [1.9.17_1161]
Rating: 0.0/5 (0 votes cast)
VN:F [1.9.17_1161]
Rating: 0 (from 0 votes)
« Older Entries
RSS FeedRSS Subscription!
Follow me!Follow me!
Powered by WordPress | Designed by: 7Graus | Thanks to 7Graus WP Themes
Login

AWSOM Powered