Customising the search criteria of OS X’s “All My Files” feature

Now, before I begin, I am well aware that many of you have not embraced the ‘All My Files’ feature of OS X since its introduction in OS X Lion. However, for those of you that have, you can tweak the search criteria this feature uses just like you can with any Saved Searches you create in OS X Finder.

Customizing the search criteria of OS X's "All My Files" feature

Simply right-click (Control-click, or two-finger click with a trackpad) on the sidebar entry, and choose Show Search Criteria. You will then see the Smart Search characteristics that power this entry and you can tweak and re-save the search criteria you prefer.

NOTE: You can not save over the existing All My Files saved search, but you can just save a new search instead. It’s fairly quick, painless, and non-destructive.

Disclaimer:

While the author has taken care to provide our readers with accurate information, please use your discretion before acting upon information based on the blog post. Amsys will not compensate you in any way whatsoever if you ever happen to suffer a loss/inconvenience/damage because of/while making use of information in this blog.

This feature has been tested using OS X v10.8.4 which was the latest Mac OS release at the time of writing.

How to get your scroll bars back, permanently

I have spoken to a few people recently, who have called the Amsys Helpdesk, that find the default feature in 10.7 and 10.8 which removes the scrolling bars in different windows, such as Mail and Safari, a bit frustrating. However, it’s not as difficult as you would think in order to turn it back on…

Simply load System Preferences from either the applications folder or the  logo and select General.

system preferences

 

Within General there are some different settings you can use regarding your custom requirement with the scrolling bars, pick which option you would like and from then on you will be able to see the scrolling bar.

getting your scroll bars back

Let us know if this issue affects you and if this quick fix helps.

How to arrange your Applications folder by category

OS X Lion introduced a few nice updates to the OS X Finder, one of which is improved sorting. I’d like to tell you all about one example which I find rather handy.

I am often rummaging through my Applications folder to see what apps I have installed that could open a certain type of file, fortunately OS X Lion added a useful option called ‘Application Category’.

What this little gem does is intelligently sort through all your apps and place them into their corresponding categories. Unfortunately, there are apps it doesn’t know how to categorise, therefore you will end up with an ‘other’ section at the bottom.

However, all in all, this can be rather useful to sort out your apps for easier definition.

Here’s how to do it:

Step 1. Navigate to your /Applications folder on your hard drive.
Step 2. With the Applications folder open in the Finder, select the main ‘View’ menu and select ‘Arrange By’:

sort your applications folder by category

 
Step 3) Now select, ‘Application Category’:

select application category in os x

 
Step 4) Enjoy looking through all your apps which are now sorted into useful categories!

apps sorted into categories in applications folder

 
This ‘Arrange By Application Category’ option is also available for the default Utilities folder (within the Applications folder), as well as any Applications folder created within a user’s home folder.

Disclaimer:

While the author has taken care to provide our readers with accurate information, please use your discretion before acting upon information based on the blog post. Amsys will not compensate you in any way whatsoever if you ever happen to suffer a loss/inconvenience/damage because of/while making use of information in this blog.

This feature has been tested using OS X v10.8.3 which was the latest Mac OS release at the time of writing and also using the latest Internal and external Apple keyboards.

5 useful OS X timesaving tips

If you have a preferred shortcut or tip that we haven’t yet featured, please feel free to add them in the comments below or email, blog@amsys.co.uk and we’ll include them in a future blog.

time saving tips for os x

image credit: constant contact

 

1. Add your signature to PDFs

Forget about printing off a document in order to sign it and then scan or post it back to the  recipient! With the release of Lion you can add add your signature directly to PDF documents, read how you can do this on your Mac here.

 

2. Prevent accidental replacement: use Stationery Pad

Hugo, one of our Apple trainers, recommends Stationery Pad, which has a great and easy way to convert a normal document into a template. You can use the “stationery pad” option to prevent accidental replacement of the original file by enabling this feature when you try to open that file, the Finder then creates a duplicate and opens that instead.

To find this option, get “info” on a file (⌘+I) and select the “Stationery pad” check-box under the “General” section.

 

3. Sorting folders/sub folders in Apple Mail

Mark Palmer, from our helpdesk, shows you how you can sort your Apple mail folders into sub folders in these simple steps.

 

4. Clear all open windows in one click to show the finder

Anton, also from our helpdesk, says that there are two ways that you can achieve this.

  1.  Perform the keyboard shortcut CMD and F3 to tidy away, and same shortcut again to return all windows back to the foreground
  2.  While holding down the CMD and ALT keys click on the Dock’s Finder icon.

 

5. Setting up window policy banner in OS X Lion & Mountain Lion

Many companies have usage policies which users have to be made aware of whenever they use a company computer. Applying these policies has often been done via email, word of mouth or on printed documentation or signs. However, since the arrival of Lion you can now display a banner at the Login Window that requires a user to acknowledge before proceeding. Find out you can enforce your usage policies on OS X here.

 

Setting up window policy banner in OS X lion & Mountain Lion

I cannot believe I haven’t yet blogged about this superb feature which was released in OS X Lion.

Many companies have usage policies which users have to be made aware of whenever they use a company computer. Applying these policies has often been done via email, word of mouth or on printed documentation or signs.

Many schools, colleges and universities will need to make students aware of exactly what access they are entitled to on a public computer and perhaps where to correctly save their work.

OS X Lion introduced the ability to display a banner at the Login Window that requires a user to acknowledge before proceeding. Perfect for enforcing these usage policies.

Here’s the simple steps to create a Login window policy banner:

Step 1: Create a text document with the information you wish to display at the login window. You can use either a Plain Text File (.txt), Rich Text Format (.rtf) or Rich Text Format Directory (.rtfd).

Step 2: Save this file with the title ‘PolicyBanner’ to your desktop. (The document MUST be titled exactly ‘PolicyBanner’ as one word, with a capital P and B).
Here’s an example of a document you could create, notice you can add images as well as text to the document, so perhaps a company logo would be a nice touch:

Step 3: Copy the PolicyBanner file to the /Library/Security/ folder, authenticating as an Administrator user.

Voilà! You’re done! Next time the login window is displayed on the computer, the user will be faced with this policy banner, which is titled ‘Agreement’. They will have to click ‘Accept’ before they can login.

This feature has been tested with OS X v10.7.0 through to OS X v10.8.2 which was the latest Mac OS release at the time of writing.

Lion Tip: Never Queue for A Printer Again!

Have you ever needed to print quickly but your default printer is busy printing someone else’s stuff?

Instead of having to open your printer’s print queue, stop and delete your print job, select another printer and re-print, why not create a printer pool? It’s easy to do and will save you time and frustration!

As long as you have more than one printer available to you, when you print to a printer pool, the system will automatically print to whichever printer is available to accept a new print request.

So, the question is how to create a pool?

Well, it is actually rather simple.

Just access Print & Scan preferences within System Preferences and select the printers you would like to have in the pool by pressing the Command or Shift key.

When you do this the window will display a “Create Printer Pool…” option.

As with other printers, you can share the pool and delegate user access. If you have a spare computer to use for this purpose, you can create a pool of your printers on it, and then share the pool to the network and grant specific user access to the pool, effectively creating a basic print server. (You won’t, however, get the true benefit of a Print Server like print quotas etc).

If you select more than one printer in the Printers List of Print & Scan preferences, the Printer Pool feature becomes available as shown below :

Create a printer pool in mac os x lion

Selecting the ‘Create Printer Pool…’ option allows you to give your Printer Pool a name :

Create Printer Pool in Lion

After naming your Printer Pool it will appear as a ‘virtual printer’ in your Printers List :

Printer Pool it will appear as a 'virtual printer' in your Printers List

You can now print to the ‘pool’ and whichever printer is free first will print out your print job!

Lion Tip : How to Quickly Force Quit the Current Active Application

Have you ever accidentally clicked on an application in the Dock or had an application hang and need to force quit the application quickly?
Hold down the Command+Alt+Shift+Escape keys together for a couple of seconds to force quit the currently active application without the usual confirmation dialog shown below. Please be aware though that there will be no warning at all, the currently active application will quit immediately and therefore there is the risk of losing unsaved changes!
Don’t forget you can use the Command+Alt+Escape keys to access the Force Quit window shown below to allow you to manually select which Application to force quit.
This feature has been tested using Mac OS X v10.7.4 which was the latest Mac OS release at the time of writing and also using the latest Internal and external Apple keyboards.

Apple Configurator updated to 1.1

By Richard Mallion

For those who use the Apple Configurator for their iOS deployment, good news, Apple have just updated it.

Version 1.1 now has the following additions.

  • Improved reliability and ease of use when installing paid apps with Volume Purchase Program redemption codes
  • A new preference to disable the automatic removal of apps or profiles installed by the user when a configuration is reapplied to a supervised device
  • A new preference to disable reapplying a configuration each time a supervised device is connected to Apple Configurator
  • The profile editor now indicates when a profile cannot be installed on a supervised device due to a missing value in a required field

The Apple Configurator  is available on the Mac App Store.

How to Instantly Lock your Mac OS X Screen in Lion

Please Note: Click here for the updated blog post for Instantly Locking your Screen in Mavericks.

One of the most common questions I’m asked by Mac users is how to quickly lock the screen when needing to walk away from your desk and leave your computer.

The easiest and quickest way to lock a Mac OS X screen is to use the keyboard shortcut of holding down the Control+Shift+Eject keys together.

When you press these keys together, your Mac display screen will go black and lock the Mac screen, requiring a user to enter their user account password before the Mac can be used again, providing you have this setting enabled. (Essentially, these keys execute two commands. Firstly, they turn off the display lamp, then they optionally start the lockscreen facility).

If you do not have the password required feature enabled, then follow these simple steps to set this up on any Mac:

  1. Launch System Preferences.
  2. Open the “Security & Privacy” preference pane and select the “General” tab.
  3. Click the checkbox next to “Require password after sleep and screen saver” – you can select either immediately or a preferred time interval.
  4. Close System Preferences and you’re done!
How to Instantly Lock your Mac OS X Screen in Lion

 

This feature is a great option to enable in environments where you may have sensitive data on your Mac that you want to ensure is not accessible when you leave your Mac powered on.

This feature has been tested using Mac OS X v10.7.4 which was the latest Mac OS release at the time of writing and also using the latest internal and external Apple keyboards.

How to Remove the “Popping” Volume Sound on a Mac

Lion Tip: Tweaking the System Volume and Brightness Adjustments

Have you ever wished that your mac didn’t make those popping noises whenever you are adjusting the volume through the keyboard? Or want to adjust the volume or brightness more precisely than the default up and down keys?

Well, here are some little treats for you!

1) The popping lets you know just how loud the volume currently is. But if you want to change your volume but not hear the pop, just hold down the ‘Shift’ key while changing the volume and you will still see the progress bar increasing and decreasing but no popping!!

2) Want to adjust the volume and brightness in smaller Increments? Hold down the Shift+Option/Alt Keys whilst pressing the volume or brightness UP or DOWN keys to see the setting adjusting in a smaller amount!

3) To open Sound or Display Preferences quickly for more audible and video tweaking select Option/Alt+Volume or Brightness Controls

 

NOTE: Theses shortcuts from 10.6 were removed in 10.7.0 but have now been restored in 10.7.4

How to Disable “All My Files” in Lion

One of the new features of OS X Lion was the new finder view “All My Files.” The idea behind this was that it would show all the files stored on your computer in different categories (such as Contacts, Spreadsheets, Presentations etc..)

The downside to this is that when you have a large number of files on the computer, it becomes quickly unmanageable and is something that many people have asked me how to disable.

If you wish to turn this off and disable it as the default Finder view, simply go to the Finder in the top left menu bar and select Preferences.

disable all my files in lion

Under the General tab, where it says “New Finder Window shows” choose something other than All My Files (such as your home folder).

disable all my files in lion

disable all my files in lion

To remove it from the sidebar, then select Sidebar in the top menu and uncheck its icon to stop it ever appearing to you again!

remove all my files from the sidebar

Lion Tip: Using Quick Look within Mission Control

Mission Control is a great new feature in Lion, however as it scales down all open apps and windows on your screen, it’s not always easy to clearly see which document is which.

One hidden feature in Lion is that you can press the space bar when hovering over one of the small window previews in Mission Control to zoom in on that window optimising the Quick Look feature so you can take a closer look! (Wait until the desired window preview has the blue highlight around it before pressing the space bar).

Initial Mission Control Window:

Quick Look in Mission Control

Using QuickLook within the Mission Control Window (Notice the Preview document has zoomed in) :

Quick Look in Mission Control

Nice! :)

Do You Know These 3 Hidden “Resize Windows” Features in Lion?

With the introduction of Mac OS X Lion the way we resize Finder or application windows has been (IMHO) dramatically improved in that we can now resize a window from any corner or edge. Previously to Lion we could only use the bottom-right corner of a window to resize.

With Lion’s new resize window we also have a few hidden options. These include:-

  • Resize a window while holding down the “alt” key. Resizes a window equally on both sides.
  • Resize a window while holding down the “shift” key. Resizes a window proportionally.
  • Resize a window while holding down the “cmd” key. Resize a window in the background without making it the active window.

Lastly we have have a final bonus window feature that has been in Mac OS X for years but still amazes the uninitiated when first shown.

Minimise any window to the Dock while holding down the “shift” key minimises in slowmo. Still amazing!

See also Russell’s slow motion list view tip

How to Reset Profile Manager

So you have read Darren’s great blog post on configuring Profile Manager and you decided to go for it, but even afterreset profile manager all the wonderful advice it didn’t do what you expected, so you fiddle with it and poke it for a while with no joy, now you’re considering blowing it all away and starting again.

STOP, before you go down that one way street you might want to try resetting Profile Manager with this one liner.

sudo sh /usr/share/devicemgr/backend/wipeDB.sh

Apple Releases Mac OS X 10.7.4

By Richard Mallion

Apple has released the Mac OS X 10.7.4 Update for client and server. This update includes a variety of bug fixes and security updates. Two of the most significant changes are a fix to a restoring windows bug and a patch for a potential security issue with FileVault passwords. An update to Safari is also bundled within the software update.

The complete change log for 10.7.4 client is as follows:

  • Resolve an issue in which the “Reopen windows when logging back in” setting is always enabled.
  • Improve compatibility with certain British third-party USB keyboards.
  • Addresses permission issues that may be caused if you use the Get Info inspector function “Apply to enclosed items…” on your home directory.
  • Improve Internet sharing of PPPoE connections.
  • Improve using a proxy auto-configuration (PAC) file.
  • Address an issue that may prevent files from being saved to an SMB server.
  • Improve printing to an SMB print queue.
  • Improve performance when connecting to a WebDAV server.
  • Enable automatic login for NIS accounts.
  • Include RAW image compatibility for additional digital cameras.
  • Improve the reliability of binding and logging into Active Directory accounts.

The complete change log for 10.7.4 Server is as follows:

File Sharing

  • defining custom names for file share points
  • using Kerberos authentication
  • emptying trash when using a network mounted home directory
  • using WebDAV with third-party iOS clients
  • copying files and Finder information over SMB
  • general reliability of SMB file services

Profile Manager

  • enhanced payloads and management settings for iOS and OS X clients
  • reliability of device enrollments after changing server hostname
  • configuring VPN management settings
  • using profiles to join 802.1x networks
  • installing enterprise iOS applications
  • setting iCloud, Spotlight and Media Restrictions for OS X clients

Web Server

  • improved handling of URL redirects and alias matches

Mail Server

  • improved reliability of SMTP services
  • prevent overwriting of manually configured greylisted mail servers

The update also includes specific fixes for:

  • more flexible service data storage
  • reconfiguring DNS settings when changing hostnames
  • editing DNS expirations
  • archival and migration of Open Directory
  • preserving local accounts during upgrades

How To: Configure Lion Profile Manager

how to configure lion profile managerAs a twice-stung Lion Server configuration engineer, I approached the Lion Profile Manager Service with much apprehension. And it did not disappoint.

Please bear in mind I was using the 10.7.2 update of Lion Server at the time and was plagued with cryptic error messages and a complete failure to run. Eventually I abandoned my testing to concentrate on more pressing matters, the VPN testing, see my previous blog posts: Lion Server and VPN and Lion Server and VPN Episode 3.

After the release of 10.7.3 and the fixing of the VPN service (but requiring me to fully reinstall my server from scratch) I decided to take another plug at configuring Profile Manager. Again, I was met with more disappointment, but at least the service now turned on and was accessible via the web pages. This meant I could manually install profiles, but I could not actually enrol devices (one of the main features of Lion Profile Manager).

At this point I have to be honest and say I was more annoyed than I can get across without profanity so I left this alone. That was until I went through more guides and tried attempt number three. Eventually this resulted in success!

In a move to save others from my grief, I have decided to share the steps I took to configure my Lion Profile Manager Server. Next time I will also go through common failures and ways to resolve them.

Please note: This guide is designed for those who are at least fairly familiar with Lion Server and its configuration and just want to know what hoops they need to jump through, when and how.

The Step-By-Step: Part 1

1. Install a fresh copy of Lion Server, created the default admin account (plus a second as a backup, should the first ever become corrupt in the future!) and install all Software Updates, including the manual installation of the Server Admin Tools (including Workgroup Manager and Server Admin).

2. Configure the server with its Manual IP address details, including it self as the first DNS server.

 3. Launch Server Admin and enable to DNS service. Configure both forward (‘A’ record) and reverse (‘PTR’ record) for your server.

For example, my server was ‘test.internal.amsys.co.uk’ with the IP 10.0.0.56.

I created the Primary domain of ‘internal.amsys.co.uk’ and then created the DNS records for test.internal.amsys.co.uk < – > 10.0.0.56.

(This step can be actually carried out on another server, indeed a non-mac server with the appropriate changes made in step 2, however, I have kept this local for ease of instruction).

4. Run the checkhostname command to confirm and correct the DNS hostname as far as the OS is concerned. This requires you to launch the terminal application and type the following command in:

sudo changeip -checkhostname

This will spit out a message. The key line you are looking for is “There is nothing to change” in which case, move onto step 5.If any other message is displayed, than it will also spit out the command to correct the issue. This is displayed after the ‘e.g.’. Simply copy and paste this into the terminal, as root. Once complete, rerun step 4 until ‘there is nothing to change’.

5. Next step is to check the DNS of the server a second method to ensure all is ok. Launch the terminal application and type the following command in:
hostname

This should spit out the hostname the server thinks it should have, in our example, this should spit out test.internal.amsys.co.uk.Now copy the hostname and type the following command into the terminal window:
dig [ hostname ]

Where the ‘[ hostname ]’ is the result from the first part of step 5. In our example, this would be dig test.internal.amsys.co.uk.

This will spit out an IP address in the ‘Answer’ section. This should match what has been set it steps 2 and 3, in the case of our example 10.0.0.56.

Finally, type the following in the terminal window:
dig –x [ IP Address ]

Where the ‘[ IP Address ]’ is the result from the above test.
This should spit out the hostname as we found in the first part of this step.

Please Note: If any of these should not produce the correct results, you will need to recheck all of your DNS settings as, if these values are not correct, all of the next step will fail.

6. Right, the next step is to get a new SSL certificate from the Server.app.

a. Launch the Server.app and connect to the server.

b. Select your server under the ‘HARDWARE’ heading and, once loaded, select the ‘Settings’ Tab.

c. Find the ‘SSL Certificate’ section and click the ‘Edit’ button.

d. Click the Action Cog and select ‘Manage Certificates…’.

e. Click the plus (‘add’) symbol and select ‘Create a Certificate Identity..’ option.

f. On the new page, fill in the full FQDN the iOS devices will use to access your server (most likely this will be the external DNS name). Leave the Type fields as ‘Self Signed root’ and ‘SSL Server’ as defaults and TICK the ‘Let me override defaults’ box. Click ‘Create’, followed by ‘continue’.

g. Leave the Serial Number and validity Period as defaults (unless you feel like experimenting) and click ‘Continue’.

h. In the Email Address Field, type in an administrators email address, NOT an individual user’s email and preferable one not hosted on this server. Fill in the Common Name with the FQDN from step 6f. Fill in all of the other boxes as appropriate and click ‘Continue’.

i. Leave the Key Pair information screen at defaults and click ‘Continue’.

j. And the same for Key Usage, Extended Key usage and Base Constraints screens (3). Click ‘Continue’ on all three.

k. On the ‘Subject alternate Name Extension’ screen, remove anything in the iPAddress box. In the dNSName box, fill in all of the FQDNs that people can access your server from, separated by spaces. Click ‘Continue’.

l. Once complete click ‘Done’ followed by ‘allow’ on the Keychain warning screen. Finally, once your new certificate is added to the list, click ‘OK’.

7. The Next step is to set the new SSL Certificate for use on out server:

a. Click the SSL Certificate Edit button again.
b. In the Certificate drop down box, select your newly created self signed certificate. Click ‘OK’. Wait 30 – 90 seconds for the certificate to be set to the relevant services.

8. The final Step on the preparation side of things is to go to the ‘Web’ service and launch this service. Leave the settings at default and just turn it on. Check the default webpage loads fine.

The Step-By-Step: Intermission

And deep breaths! Go have a cup of tea. We’re halfway through, with all of the prep work carried out. All of these steps are necessary I’m afraid, as even one wrongly configured part above will cause the failure of the profile manager service configuration with its lovely cryptic error messages.

The Step-By-Step: Part 2

Nice break? Finished your tea? Lets get back in….

9. Relaunch the Server.app, if required, and select the profile manager service.

10. Select the ‘Configure’ button and follow through each screen, letting the wizard create an Open Directory Master as required.

11. Whilst this is going on, navigate to https://appleid.apple.com and create a new Apple ID. We would recommend this is created as a company one, not an individual’s. More importantly, this will have to have NOT been used previously to issue Apple Push Certificates.

12. Ensure to also register a non-iCloud / non-MobileMe email address and to follow the steps to verify this address.

13. When prompted, use this new Apple ID to get the Apple Push Certifications.

14. Set the newly created Intermediate certificate when prompted and wait for the Profile Manager Configuration wizard to complete. Once this has been done, turn the Profile Manager service on.

15. This may take up to 5 minutes to sort it self out, but once the spinning cog disappears from the lower right corner, move onto step 16.

16. Create a test user account in OD (or import from an OD backup).

17. On the iOS device, connect to your newly created server’s webpage via safari and navigate to the profile manager section.

18. When prompted, login as a user (either the test user or a proper OD user), clicking continue on any warnings.

19. Once logged into, navigate to the second tab ‘Profiles’ and download and install the Trust Profile.

20. Once complete, return to Safari, reload the page and return to the first tab ‘Devices’

21. Final step: click and install the enrol profile!

And (finally!) there you have it. This will add the device to the devices list and allow Over the Air management. Don’t forget to forward those ports through the firewalls!

Conclusion

I hope this rather long post helps out others and saves them grief!

Stay tuned for my next post, full of possible error messages and steps I took to eliminate them!

As always, please feel free to ask questions, or make suggestions for future topics in the comments below.

Read the follow up to this post which discusses solutions to profile manager configuration problems.

 

Links

Apple’s Mac OS X Server

Server Admin Tools Download 10.7.3 

Create an Apple ID

If you require server or mac support click here.

While the author has taken care to provide our readers with accurate information, please use your discretion before acting upon information based on the blog post. Amsys will not compensate you in any way whatsoever if you ever happen to suffer a loss/inconvenience/damage because of/while making use of information in this blog.

How to Create a Hidden Admin Account in Lion

In previous versions of Mac OS X we have been able to create a hidden administrator, this required a fair number of steps to properly hide the user. In Lion Apple have automated the process for us, all you need to do now is add a . in front of the account name as shown below.

how to create a hidden admin in lion

Lion Tip: Creating a Different Backdrop in Launchpad

Launchpad in Lion gives you a nice graphical way to browse and load all your apps. However the default backgroundpicture or ‘backdrop’ as it’s called is a blurred version of your current user’s desktop picture.

There is a cheeky little way to change this by hitting ‘⌘ + ‘B’ on your keyboard whilst in Launchpad.

This shortcut will then toggle between blurred, normal and grayscale background versions of your current user’s desktop picture.

Nice little touch! :)

Sad News : For those of you that have run the Mac OS X 10.7.3 update, this has removed this feature. This feature is available throughout the beta releases of Mac OS X lion until the Mac OS X 10.7.2 update.

How to Remove Annoying “Pop Up” Warnings & More in Lion

Following on from my iTunes rating tip last week, I thought you may like a collection of my favourite ‘defaults’ commands to change hidden Mac Preferences.

Useful ‘defaults’ Commands to Change Hidden Mac Preferences

Have you ever wanted to remove an annoying ‘pop-up’ warning or dislike having to re-confirm an action in the Finder?

Most of these pop-ups, warnings and verification windows can be disabled and other features enabled using unix commands.

The Terminal application is located inside /Applications/Utilities on your Mac computer and allows you to write to preference (.plist) files to change settings on your Mac.

All you need to do is open this application and at the Terminal prompt ($), enter ‘defaults write’ followed by the name of preference you wish to change, and the new value. Then press the Enter key.

For example:

change preferences

There are many of these settings you can change, but here are a collection of what I think are some of the most useful in Mac OS X Lion:

Make Dock icons of hidden applications translucent
defaults write com.apple.dock showhidden -bool true

Enable iTunes track notifications in the Dock
defaults write com.apple.dock itunes-notifications -bool true

Disable the “Are you sure you want to open this application?” dialog
defaults write com.apple.LaunchServices LSQuarantine -bool false

Enable AirDrop over Ethernet and on unsupported Macs running Lion
defaults write com.apple.NetworkBrowser BrowseAllInterfaces -bool true

Avoid creating .DS_Store files on network volumes
defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool true

Disable the warning when changing a file extension
defaults write com.apple.finder FXEnableExtensionChangeWarning -bool false

Disable the warning before emptying the Trash
defaults write com.apple.finder WarnOnEmptyTrash -bool false

Empty Trash securely by default
defaults write com.apple.finder EmptyTrashSecurely -bool true

Show the ~/Library folder
chflags nohidden ~/Library

Disable local Time Machine backups
hash tmutil &> /dev/null && sudo tmutil disablelocal

Viewing additional system info at the Login window which were available in 10.6 but removed in clean install of 10.7. Click on the top right hand corner clock for details.
sudo defaults write /Library/Preferences/com.apple.loginwindow AdminHostInfo HostName

NOTE – I highly recommend that you perform a full backup of your hard disk before modifying any preference files settings.

Please also note that some of these settings may be reset after applying the next Apple 10.7 OS update.

Happy tweaking! :)

While the author has taken care to provide our readers with accurate information, please use your discretion before acting upon information based on the blog post. Amsys will not compensate you in any way whatsoever if you ever happen to suffer a loss/inconvenience/damage because of/while making use of information in this blog.

Lion Tip: How to Move Downloads in Lion

Safari in Lion has a new download manager, that sits at the top to the right of the search bar.

For those of you that like to move downloaded items away from the default ‘Downloads’ folder, the download manager can do this directly.

To immediately move the downloaded file out from your Downloads folder without having to access the Downloads folder first, click and drag the downloaded file from the Safari download manager menu straight into the folder where you want it!

(Remember to actually drag the downloadable file’s icon whilst dragging!)

Much quicker than having to manually open the Downloads folder and then transferring the file! :)

Apple Configurator – In Detail

It is easy for an enterprise environment to configure and manage iOS devices.  Easy with an OS X Lion server in place.  But this is not always the case.  On the release of iPad 3, Apple also introduced the Apple Configurator.

With the new tool you can impose restrictions within the profile that you assign to the devices To tackle these needs. You can now address deployment frustrations by creating various profiles for the devices (such as one for office workers, and others for bosses and supervisors) that offer restrictions to hardware such as cameras and built-in services like FaceTime or the App Store, and also which allow you to specify which Apps can be used. When the profile is set up, you can then supervise the devices using it and make adjustments to the profile that are applied the next time the device is connected to the Mac (do keep in mind the device is wiped when updated in this way).

The last option the Configurator program offers is user and group assignments. You can set up lists of employees or students and assign different devices to them using check-out and check-in routines, save documents created by users on their devices, and even preview them if needed.

To an extent, Apple Configurator is similar to the OS X Server’s Open Directory options for managing multiple Macs in a workgroup. If you are familiar with OS X Server or even have used the basic OS X Parental Controls and have created restricted and custom Mac accounts and system setups, then similar principles apply with the Configurator.

While the Configurator does run on OS X, it so far is fairly separate from many of the services built into the OS. For instance, it does not interface with any settings in iTunes, and requires you to create a separate list of available users instead of accessing the system’s directory or your Address Book contacts for user and group information. Despite this, the program is relatively easy to use and should offer robust deployment options for employers, teachers, or other supervisors who have a Mac available through which to manage their iOS devices.

This now offers a tool for small to medium business, as well as home users – a way of managing devices without the need for a server.

Download Apple Configurator

 

How to Stop iCal AutoFill with Incorrect Data

Have you ever had the annoying issue in iCal where it autofills the contact with incorrect data (mistyped names, incorrect email address)? This quick fix found by my colleague Charlie ‘SuperNerd, Wonderchild, The all-knowing’ Selwyn will resolve all of these problems:

First Quit iCal

  • Navigate to the user’s library by selecting the ‘go’ menu in finder and clicking the ‘go to folder’ option, then type the following:
Go to folder

(If you have Lion you can select the go menu in finder then hold down the ‘Option’ key (aka Alt) which will display the users library.)

  • Hit enter and navigate through to ‘Caches’ > ’com.apple.iCal’ > ‘Previous Recipients.plist’ (as seen below) and delete this file.
  • Once this has been done iCal will only autofill with contact info from your current address book and contacts on the server, I would hope these contacts will be correct.
ical folders

Training: Mac OS X and Windows Training

As some of you may know, despite working in a support role for the last 6 or so years, I have only recently certified as an ACSA (Apple Certified Systems Administrator). Enjoying my new found smugness I quickly found out that Apple will only provide the ACTC (Apple Certified Technical Coordinator) certification for Lion onwards, therefore making me ACSA forever!

I quickly recertified my ACTC for Lion to continue my ability of smugness, until my Manager had a brain wave; ‘We need more Windows Certified engineers, go get some books and get certified!’ My first port of call was the Microsoft Certifications webpage, and boy is it confusing….

Apple Certification Process

Apple Certification Process

Since Lion’s release, Apple’s Certification process has become a lot simpler:

For the cross platform Desktop Support / Helpdesk Technician there is the ACA (Apple Certified Associate) certification. This is a fairly basic offering and one that most technicians avoid, in favour of the ACSP (see below)

For the Hardware Technician there is still the ACMT (Apple Certified Macintosh Technician) that involves a Hardware and basic software course and exam.

For the dedicated Mac Desktop Support / Helpdesk Technician there is the ACSP (Apple Certified Support Professional) certification. This is a more in depth course for the standard technician including general troubleshooting but concentrating on the Client OS.

And finally, for the Mac Server Support Technician there is the ACTC (Apple Certified Technical Coordinator) certification. To obtain this certification, you will have needed to pass the ACSP requirements, plus an additional Server Essentials course, therefore making you fully support qualified in the Lion OS.

The benefit of this system is that, no matter which Certification an Apple support professional has, you can tell what level of work they are certified for.

Microsoft Certification Process*Microsoft Certification Process

On my initial research, the Microsoft Certification Process looked very similar. You have your separate levels (shown to the right) and it all looked very straightforward. That is until I delved further.

It would seem Microsoft offer a more tiered certification, in that you can be Microsoft Certified, but a MCTS would be a less qualified technician than a MCITP or even an MCM!

But it seemed even this view is skewed with inconsistencies! It seems a lot of the certifications (for example the Small Business Server) are limited to certain levels and the nearest equivalent on the next level is a fairly large leap.

After more research and detailed reading it seems that you are better off picking an area you want to specialise in, and then look at the levels you can certify in.

My Choices

After much pondering and reading I have decided to first concrete any self-taught Windows knowledge followed by expanding my Windows Server knowledge. On this note I have elected to attempt the following Certifications/Exams:

MCTS: Configuring Windows 7 – 70-680
MCITP: Windows 7 Enterprise Desktop Support Technician – 70-685
MCITP: Enterprise Desktop Administrator on Windows 7 – 70-686
MCTS: Windows Small Business Server 2011 Standard, Configuration – 70-169
MCITP: Server Administrator on Windows Server 2008 – 70-640, 70-642 & 70-646

Conclusion

Some may ask why a happy Mac Engineer is openly discussing Microsoft Certification, but a requirement nowadays is the ability to support, not just one system alone, but a larger mixed environment, including any random strange reactions between the two.

What are your experiences of the certification processes? What do you think of my choices? Any stories to share?

As always, let us know in the comments.

* Please note: I am new to the Microsoft Certification process and these are just opinions I have on them via my own (very) limited knowledge!

Links

Amsys Training:

Apple Certification

Microsoft Certification

10.7.3 server update – WebServer

The recently released Mac OS X 10.7.3 update finally added some functionality to the Web Server, is this a sign that Apple is listening to the masses?

Now we have some of the functionality back that we had in 10.6 server, for me the only thing that is missing is the ability to turn

the Modules on and off without having to go through terminal and modifying the config files!

Apple specified the following capabilities about the web pane in the 10.7.3 Server release notes:

  • enable .htaccess overrides
  • edit web sites’ domain names
  • map multiple domains into a single web site
  • configure redirects and aliases
  • specify custom index files
  • choose SSL certificates for individual websites

by Hugo Costa

 

 

 

 

 

Will Apple’s New Annual Upgrade Cycle Cause Problems?

By Richard Mallion

When Apple announced the developer preview of Mount Lion, Mac OS X 10.8, one of the changes that has kind of gone unnoticed was that OS X  was moving to a yearly release cycle like iOS. This is great way to introduce new features for consumers, but will it cause problems for organizations that have a large number of Macs such as businesses and education?

If you take Microsoft Windows as an example, businesses typically take 2 or 3 years to fully transition to a major new release. Not only has it not been 3 years since Lion shipped, but it has not yet been 3 years since the release of Snow Leopard, Lion’s predecessor.

For each OS X release, businesses and schools have to test all their apps for compatibility, both commercial and bespoke in house apps, no easy task considering I know of one company who has over 200 different applications deployed to their Mac suite.  If 10.5, 10.6 and 10.7 are any indication we can alway expect issues with the new release,  Active Directory integration being a great example.

But saying that iOS has proved an annual release schedule can work.

So going forward IT departments will have to embrace this change. More planning will be required. For example you may have to buy extra spare machines to deploy if the apps you rely on  require an older legacy system. Having sophisticated deployment solutions , such as Casper from JAMF, to help you manage the upgrade process would always help as well as having procedures to test the next OS in your environment.

When it comes to actual testing then you don’t need to wait until Apple release the OS to the public. Anyone can sign up to the Mac OS X developer program and grab the betas that Apple will release. Not only will this give you a head start in your preparations but you can also send feedback to Apple based on bugs and features requests which can only help in the long term.

If you need any advice on areas covered in this blog then feel free to contact our support department at support@amsys.co.uk

 

How To: Repair User Permissions in Mac OS X Lion

By Richard Mallion

One issue with Mac OS X that pops up every now and again are incorrect permissions. For various reasons permissions on folders, files or applications can get set incorrectly causing random problems from applications quitting to not being able to save your files.

The Disk Utility application, which can be found in your utilities folder, has a repair permissions option. This is useful for repairing system wide and application permission problems.

However an area it will not repair are incorrect permissions in your home folder. In Lion, there is an additional Repair Permissions application utility hidden away. This tool is located inside boot Repair Utilities. Here’s how to access it.

  1. Restart Lion and hold down the Command and R keys. This boots your Mac to the recovery partition Lion installed.
  2. You will boot into the Repair Utilities screen. On top, in the Menu Bar click the Utilities item then select Terminal.
  3. In the Terminal window, type resetpassword and hit Return.
  4. The Password reset utility launches, but you’re not going to reset the password. Instead, click on the icon for your Mac’s hard drive at the top. From the drop-down below it, select the user account where you are having issues.
  5. At the bottom of the window, you’ll see an area labeled ‘Reset Home Directory Permissions and ACLs’. Click the Reset button there.

The reset process takes a couple of minutes. When it’s done, quit the programs you’ve opened and restart your Mac.

Lion Tip : Rearrange Menu Bar Items

I have occasionally wanted to change the order of the menu bar items at the top right of my screen. Some i use more than others and fancy them in a certain order.

Well, if you hold down the ‘Command’ key while clicking on any OS X system menu bar item, you can drag them into your desired order!

Worth noting though that this may not work with some third party menu bar apps, but seems to work with most!

menu bar

Enjoy!

By Russell Harris

Lion Server and VPN – Episode 3

Return of the Jedi PPTP!

February 1st 2012. The day PPTP graced the Server.app GUI for the first time.

For those who have no idea what I’m on about (which is most people generally) this blog post is a hark back to my Lion: 6 Months on and Lion Server and VPN  posts.

Almost as if by magic, on the 1st of February Apple released the 10.7.3 combo update for both Server and Client. Included in both are a number of updates but I want to concentrate on Lion Server and the VPN updates.

VPN

vpn

However, one unclear, yet necessary step is to enable your Lion Server as an Open Directory Server “Lion Server: Configuring and enabling PPTP”.  As a general rule of thumb, I do not like to enable and use a directory service unless required as you can’t get a more stable user database then standalone local accounts!

So just a word of advice: Make sure you back up, and do so regularly!

Testing

To test out the updated VPN server I created ten test users. Five were created in the Open Directory (via Workgroup Manager) and were called ‘PPTP1’ through to ‘PPTP5’. The remaining five were created in the local directory (again, using Workgroup Manager) and were called ‘L2TP1’ though to ‘L2TP5’. These were then allocated out to the Amsys best and brightest to test.

Results

Overall, both L2TP and PPTP seem to be back to their more robust Snow Leopard incarnation. Both protocols accept connections and created the required tunnels without failures. Additionally, these tunnels seem to be very stable. Well, as stable as you can get running tunnels over the Internet.

However a strange…’feature’… was found. The L2TP users, created in the local directory, would fail with an authentication error. Upon further investigation by the Amsys team, the PPTP users worked fine on both protocols, not just PPTP. It would seem that to run a PPTP and L2TP VPN service; all users must be Open Directory users. Not a deal breaker, but certainly good to know.

Conclusion

It seems Apple Server VPN is back and working as well as ever (despite a change in requirements). We have now taken the steps of reintroducing Lion Server as a viable SOHO VPN solution with our clients.

And now, over to you guys! Have you tired Lion Server 10.7.3? Any successes? Any problems?
Would you like a more step-by-step guide on how we set it up?
As always, let us know in the comments.

Links

Apple Lion Server

Apple Lion Server download

Apple Lion Server 10.7.3 Combo download

About the Lion Server 10.7.3 update

Apple Knowledge Base article HT4748: Lion Server: Configuring and enabling PPTP

Looking for Server Support? Why not check out our Server Support Service.

Carbon Copy Cloner Updated to Better Support Lion

By Richard Mallion

My old favourite disk cloning tool has been going for 10 years. Mike Bombich has just released a new version, bringing it up to version 3.3.4

Among the hi-lights is the ability to clone Lion’s recovery hd and to more easily make an Lion Installer.

Full release notes can be found here.

 

 

Lion Internet Recovery for older 2010 Macs

By Richard Mallion

Apple has released new Firmware Updates for the older 2010-model Macs, including the MacBook Pro, MacBook Air and iMac. The update adds Internet Recovery for Lion. Internet Recovery enables installation of Mac OS X 10.7 via an internet connection. This is intended for use on a failed hard drive or a blank drive that’s never had OS X installed on it.

All Macs introduced from 2010 onward now have access to Internet Recovery features  with the exception of the Mac Pro which so far has been left out.

 

Lion Tip: Customising System Preferences

Lion has a really nice new feature added to System Preferences allowing you to customise which preference panes are offered to each user.

Individual preference icons can be manually hidden by the user thanks to the new “Customize…” menu item.

 

lion tip system preferences

The user can now tick and un-tick the preference panes as desired to display and hide depending on their own choice.

 

lion tip system preferences

Useful for administrators to setup a user account and then hide any settings that they don’t want the user to play with! :)

by Russell Harris

 

Problems with Apple’s Latest Mac OS X updates

By Richard Mallion

After the flurry of updates from Apple this week we now have some fall out.

The first is to do with Apple’s Security Update for Snow Leopard.  Many of the users who updated their systems with Apple’s most recent security patches found themselves unable to run PowerPC legacy apps via the Rosetta compatibility layer. Apple today  released a new version of that update (Security Update 2012-001 v1.1) which is now available, and it should resolve the issues.

The second is do with the 10.7.3 update for Lion. Apple have pulled the delta version of the update and left just the combo version available for download. No reason was given but speculation is thats its todo with issues of applications crashing followed by graphical artifacts in response to user input in various windows. Hopefully Apple will post a new version of the delta update shortly. For the time being if you have installed the 10.7.3 delta update and are experiencing problems then try reapplying 10.7.3 with the combo update.

Problems Installing the 10.7.3 update?

By Richard Mallion

If you have experienced problem installed the 10.7.3 update for Mac OS X via software update or are experience strange post update problems then a quick fix to try is to reinstall the 10.7.3 update via the larger combo version which you can download from Apple’s support page at http://support.apple.com/kb/DL1484

 

Lion Server Finally Getting There

By Richard Mallion

Looks like Lion server is following the standard pattern of Apple software releases lately. A new version is released with missing or reduced functionality and slowly these missing features are brought back with a series of updates. Lion Server follows in that vain with the 10.7.3 update.

This update adds missing functionality as well as including a whole host of bug fixes.

Here is a list of all the goodness:

File Sharing pane in the Server application

  • display number of connected users
  • list connected users
  • disconnect specific AFP users with a message
  • send a message to specific AFP users
  • set a login greeting message for AFP users
  • access to advanced ACL controls

VPN pane in the Server application

  • choice of enabling L2TP or L2TP and PPTP protocols
  • sharing of address ranges between L2TP and PPTP (if PPTP is enabled)
  • configure DNS name server addresses and domain names provided to VPN clients
  • option to save L2TP or PPTP settings as a configuration profile

Web pane in the Server application

  • enable .htaccess overrides
  • edit web sites’ domain names
  • map multiple domains into a single web site
  • configure redirects and aliases
  • specify custom index files
  • choose SSL certificates for individual websites

Wiki Server

  • support for editing Wiki pages from an iPad running iOS 5 or later
  • support for Active Directory groups
  • improved reliability for certain timezones
  • improved support for an administrator-specified custom tag, protocol and inline style whitelist

Profile Manager

  • updated Exchange, Mail and Restrictions payloads for iOS clients
  • updated Dock payloads for OS X clients
  • performance improvements
  • allow VPN payloads to be used by both iOS and OS X clients
  • support for External Account home folder locations
  • improved support for managing enterprise applications

The update also includes specific fixes for:

  • iCal Server auto-acceptance of meetings during free times
  • authenticated directory binding to Open Directory servers with Directory Utility
  • improved reliability of setting up Open Directory replicas
  • correctly create podcasts when bound to an Active Directory server using Podcast Publisher
  • improved support for different certificates used for IMAP/POP and SMTP in the Server application
  • improved searching of logs in the Server application
  • web password reset support when using the Internet Explorer 9 browser

Apple Releases 10.7.3 update for Lion client

By Richard Mallion

Apple has just rolled out the largest update so far for Lion, 10.7.3 which weighs in around 1GB depending on which version you download. The update consists of quite a few bugs fixes and support for some new languages. The list of changes can be found below but the standout for me are all the listed fixes for directory services and the annoying wifi issue when waking from sleep.


The OS X Lion v10.7.3 Update includes Safari 5.1.3 and fixes that:

  • Add Catalan, Croatian, Greek, Hebrew, Romanian, Slovak, Thai, and Ukrainian language support
  • Address issues when using smart cards to log into OS X
  • Address compatibility issues with Microsoft Windows file sharing
  • Address an issue printing Microsoft Word documents that use markup
  • Address a graphics performance issue after sleep on some earlier iMacs that use ATI graphics
  • Resolve a Wi-Fi connection issue when waking from sleep
  • Address an issue that may prevent Safari from opening before joining a wireless network
  • Fix a potential issue authenticating to an SMB DFS share
  • Include RAW image compatibility for additional digital camerasDirectory Services
  • Improve binding to read-only Active Directory Domain Controllers
  • Improve binding and login speed for Active Directory users in a domain whose name ends in “.local”
  • Improve reliability of Dynamic DNS (DDNS) updates by Active Directory clients
  • Allow login with an Active Directory username that contains a space
  • Improve compatibility with Active Directory schemas that have been extended with the “apple-user-homeDirectory” and “apple-user-homeurl” attributes
  • Fix home directory Dock item for Active Directory users with mobile accounts
  • Allow NIS users with MD5-hashed passwords to log in

Server Storage Theory – Mac Mini Server

For this weeks blog I’ve decided to take a break from complaining and concentrate on the theory behind server storage, paying particular attention to Apple’s Mac Mini Server offering.
 

Mac Mini Server: An Overview

As some of you are aware, Apple has shipped the server edition of its popular Mac Mini line since October 2009, with the main advantages being a second internal Hard Drive and a copy of Mac OS X Server, but at the cost of an optical drive – something rarely used on a server. Due to this Hard Drive configuration a whole new world of storage options is opened to an administrator.
lion mac mini sever

Option 1: JBOD (Just a Bunch Of Disks)

The easiest (and most common – at least with SOHO) setup is to use each hard drive for storage. This could be using the primary Hard Drive for Mail and configuration storage and the secondary Hard Drive used for file storage, or any combination of the above.
Pros: Simple and easy to configure. Very similar to how an end-user might use a second Hard Drive on a workstation.
Cons: No internal backup tool, no redundancy protection from a Hard Drive failure.

Option 2: RAID 0 (Striping)

This is the best use of the built in Hard Drives to maximise speed. This would show the entire storage as one volume of around 1TB and provide around twice the read/write speed when using the built in Hard Drives.
Pros: Around twice the read/write speed as the JDOB setup.
Cons: Double the risk of data loss (lose one Hard Drive and you will lose all the data).

Option 3: RAID 1 (Mirroring)

This is the best use of the built in Hard Drives to maximise redundancy. This would show the entire storage as one volume of around 500GB and provide around the same level of performance but with twice the redundancy.
Pros: Can survive and continue working with one Hard Drive failed.
Cons: Duplication of Data (using both Hard Drives to store the same data, effectively halving your storage paid for), no protection from accidental file deletion and/or corruption.

Option 4: JBOD with Time Machine

This uses the primary drive for all storage for all services and data, with the secondary drive used solely for a Time Machine backup of the main drive. This is the second easiest (and second most popular for SOHO) configuration for administrators.
Pros: Fully internal backups (very difficult to miss a backup!), much quicker restores if required.
Cons: Time Machine cannot completely backup a Mac OS X Server (See Apple Knowledge Base Article “Understanding Time Machine as a Server Backup Tool”.

Option 5: JBOD with OS Segregation

This uses the primary drive for the OS of the server only with all other data (including service data) storage on the secondary drive. The OS data is kept to a minimum (typically 10-15 GB) to facilitate fast backup to the secondary drive.
Pros: Stops any service data filling up the OS drive (and potentially crashing the server), allows selective and quicker restore if required.
Cons: A large portion of the primary Hard Drive storage is wasted.

Summary

No option is ideally suited to every situation and every solution. A particular set of requirements may dictate the use of, for example, option 2 for speed, in which case the solution architect would need to take into account the need for complete and often backups.

For a general use server, I tend to lean towards option 5, using a custom shell script to take a disk image (or snapshot) of the boot drive every evening, and a backup to an external Hard Drive daily. Due to the snapshots, the backup will only need to backup the secondary drive. In a real world test, I have been able to restore the boot Hard Drive’s OS is under 40 minutes!

What about you? How have you setup the storage on your Mac Mini? If given the opportunity, how would you? Any points I’ve missed?
Please let us know in the comments below.

P.S. Congratulations on McLaren for the release of their MP4-27 2012 F1 car!

Links

Apple Lion Server

Apple Lion Server download

Apple Knowledge Base Article “Understanding Time Machine as a Server Backup Tool”

Lion Server and VPN

As some of you know, I blogged last week about my experiences with Lion Server  concentrated on a particular gripe with Lion’s VPN service.

Over the last week I’ve had the chance to play with 3 different solutions to my problem (hint: one isn’t alcohol!).

VPN

iVPN

The first solution I have found, and the most reliable in use, is a program called iVPN. It markets itself as the “GUI that Apple left out”. It’s main use is to tie into the UNIX core that provides the VPN service and is present in all versions on Mac OS X, to provide the VPN server service on any Mac, client or server.

Cost: £15.00 (GBP)

Pros: It enables the PPTP and L2TP service in a nice clean GUI interface.

Cons: The license fee is £15! Also through testing, we have found it will only work with the first user account created within the Application.

Thoughts: Due to the price and one user only issue, I would not recommend this. Additionally, despite a claim of a 60-day refund if you are not happy, Mac Serve does not respond to emails (at time of writing)!

 

Easy VPN

The second solution I came across is a program called Easy VPN. This markets itself as easy to use and the ‘same as OSX server’ and I have had great success but for a much worse reliability.

To make this application work, I found I had to use Server.app to turn the VPN service off, make the changes in Easy VPN, then use Server.app to turn the service on (rather than the built in on/off button). Once setup, I could successfully have 5 or 6 Macs connected without any issues. However, a few days later, it just stopped working and no amount of pleading could get it to work.

Cost: AUS $5 (around £3.35 GBP)

Pros: It enables the PPTP and L2TP service in a nice clean GUI interface, with multiple users.

Cons: Despite working fine at the start, it seems to have failed unexplainably.

Thoughts: Due to the lack of stability, I would not recommend this.

 

Admin Tool VPN

This product is unique in that it is available through Apple’s Mac App Store  and for a low price. However, installed onto a fresh Lion server, this just plain refused to work. None of the settings stuck and the on/off switch did not work.

Cost: £1.49 GBP

Pros: Super Cheap, available on the Mac App Store.

Cons: Doesn’t actually seem to work

Thoughts: Avoid

 

Conclusion

It seems I have hit a stalemate at the moment. I’m not a fan of Apple’s implementation of VPN in Lion Server, nor its lack of stability. But the alternatives are few and far between. To make matters worse, they all use the built in command line VPN solution. At the moment, the only real solution appears to be either lump-it, or shell out for a dedicated network appliance.

I will be looking into other solutions, but most likely down the security appliance route.

Well that’s enough from me, what about your stories? Please share your own views on Lion Server, VPN, and experiences, below.

Links

Apple Lion Server

Apple Lion Server download

Mac Serve’s iVPN

Squashed’s Easy VPN

Admin Tool VPN

Looking for Server Support? Why not check out our Server Support Service.

Lion Tip : Auto Complete

Auto Complete a word using F5

For those of us with poor spelling or for those times when you just have a mental block, you can get the built in dictionary to suggest words to complete a word you’ve started.

As you’re typing in a word in most Apple Apps like TextEdit or iChat, press the ‘F5′ key (‘fn’ + ‘F5′ on a portable computer’s keyboard), or you can press ‘Option+Escape’ to bring up an autocomplete menu which allows you to select from various possible completions to the word you’ve started.

 

auto complete F5

Six Months on: Lion Server, my opinion.

lion server

January marks six months since 10.7 (aka Lion) client and server was released. I’m lucky to have had the great opportunity to have installed at least five 10.7 servers into live environments for clients, in a variety of solutions and I thought I’d use this weeks blog to lay out my thoughts.

I have to be honest and say I don’t have the experience of a large number of different server versions, unlike Richard or David, but over the last few years I’ve had the chance to work with OS X Server 10.5 and 10.6 intensively on a number of projects and kind of liked the way it all worked.

Server app

The first and most obvious change is Server Admin.

No longer is this installed by default, in fact, none of the Server tools are. Neither is the underused (and arguably over-simplified) Server Preferences. To replace all of these functions, Lion Server comes installed with a new application called Server.

The name does add some confusion so I have to admit to referring to it as Server.app to help differentiate between the software and general use of the word server.

Generally speaking, it looks quite impressive. It seems largely simplified to help ‘Joe Bloggs’ setup some basic services, whilst allowing easy access to a bit more advanced (read ‘intermediate’) options by double clicking areas (such as the ‘Group’ name).

However, part of my role as a consultant requires more advanced setups or even just access to one or two advanced settings. With this in mind, after clicking around within Server.app for a while, I downloaded and installed the 10.7 Server tools. All went as expected and back came the familiar site of Server Admin and Workgroup Manager.

Where is everything?

Firstly, Workgroup Manager – this pretty much remains unchanged, with all the tabs and options it had in Snow Leopard. Great, familiar territory!

Next up, Server Admin. Large parts of Server Admin have been pulled and placed into the Server.app, leaving behind either the lesser-used services (like Netboot, NAT or Software Update) or the more complex services (like Xgrid, RADIUS or Firewall).

This isn’t necessarily a bad thing in itself as I only know a handful of sites which use at least one of these services regularly. It also allows the Server.app to remain a cleaner looking interface with minimal clutter.

However it does remove a lot of the more usual advanced options entirely from the GUI.

File Sharing

File Sharing seems to work stably and well, (as you’d hope being a standard server service for years, if not decades) you now have the option of setting each share point to be available via WebDAV, as well as SMB and AFP. As a trade off you lose the ability (in the GUI at least) of setting options such as maximum number of connections, Connect and Disconnect messages and separate naming for the same share point, accessed via different protocols.

Overall, no big loss.

Mail

Mail is a confusing one. I know a colleague who had issues with his Snow Leopard Mail server once and upgraded to Lion which managed to iron them out. The strange point with this service in Lion, which is also makes it unique, is it’s available to configure in both Server.app and Server Admin. The Server.app makes some very basic options available  (such as Web mail enabling, Mailbox quotas and Filter settings), while Server Admin provides the full options which were also featured in Snow Leopard.

On reliability, I cannot comment as I have yet to have the requirement to setup a live Apple Mail server, but I have attempted to set it up on a home server with no success (which I’ll blame on my inexperience with Apple Mail Sever rather then Lion).

VPN

This is where my main grief with Lion server lies, VPN is completely stripped from Server Admin – making Server.app the only place to run any configuration. This removes a lot of the advanced configuration, leaving just the basics.

Another sore point is that PPTP is gone (from the GUI at least). I understand it is an older technology and therefore nowhere near as good an encryption as L2TP, but of the two – PPTP is the VPN protocol I’ve had the most success configuring; connecting (including from hotel wifi!) and in use.

Apple has released instructions on enabling PPTP via the command line while ignoring the fact that the instructions had a typo in a Unix command, they still seem to fail to work.

On the flip side, you can now save a configuration profile, which can be emailed to an end user and just double clicked to configure, saving any complex instructions that can be misheard / misread.

Generally, the VPN on Lion seems to be temperamental. I have a successful L2TP connection setup to my computer at home and 50% of connections I attempt to make are greeted with an authentication error. The other 50% are successful, without changing a single setting or password!

Currently I am testing alternatives and hope to get back in another blog any successes I might have!

Well that’s enough from me, what about your stories? Please share your own views on Lion Server, and experiences, below.

Links

Apple Lion Server

Apple Lion Server download

Apple Lion Server USB Drive

Apple Lion Server Tools (10.7.2) download

Lion Tip: List View in Slow Motion

Most of you will know that if you select to minimise a window, (using the ‘yellow jelly’ at the top left of a Finder window), whilst holding down the SHIFT key, that the action is performed in slow motion.

Well, for those of you that love this slow motion feature, 10.7 has added this feature to other areas of the file system! :)

View a folder in ‘List view’.

You will now have the folder’s contents shown with a black triangle on the left hand side that you need to click to reveal the folders’ contents.
lion tip - slow motion view
Click that triangle with the SHIFT key held down and the folders’ contents are revealed or hidden in slow motion.

Those developers at Apple really do enjoy these little hidden ‘easter eggs’! :)

Lion Tip – Multiple Files One Folder

Ever have the need to move multiple items into one folder?

lion tips new folder
Well now in Lion there is a quick and easy way to do just that.

Simply highlight the folders or documents you wish to place inside of a folder, right click to bring up the contextual menu, and the top option will be to create a new folder with the highlighted selection!

 

 

 

 

 

 

 

 

 

 

How to Remove Apps from Launchpad in Mac OS X

By Richard Mallion

Launchpad is the iOS-like application launcher that came to Mac OS X with the release of 10.7 Lion.

I want to love it, but in its present format its not perfect. One of the biggest issues I face its that it has every application on my hard drive, 8 pages worth. Not only does it have all my main apps but as an example it has 18 different Adobe uninstaller applications as well.

Launchpad can also be difficult and inconsistent when deleting apps from it. Apps that where purchased from the Mac App store can be easily deleted by holding the option key and once the icons start jiggling click the “X” shown in the corner of icons that you want to delete. Be careful as this also uninstalls the app from your hard drive. However applications that were not purchased from the Mac App store cannot be removed via the UI.

Using the command line there is a way to either remove all the apps or selectively remove apps from LaunchPad, regardless of where they where purchased. LaunchPad maintains a SQLite database. We can edit this database directly to remove any app or all apps we wish.

Using the Terminal – remove a single application

Open Terminal and use the following command, replacing “APPNAME” with the name of the application you want to remove from Launchpad:

sqlite3 ~/Library/Application\ Support/Dock/*.db "DELETE from apps WHERE title='APPNAME';" && killall Dock

For example, removing ”TextEdit” would be:

sqlite3 ~/Library/Application\ Support/Dock/*.db "DELETE from apps WHERE title='TextEdit';" && killall Dock

Launchpad will automatically refresh, open it to see the changes.

Using the Terminal – Remove All Applications from Launchpad

Using the Terminal again, the entire Launchpad database can be wiped free of all apps, giving you a fresh start. To do this, enter the following commands in the Terminal:

sqlite3 ~/Library/Application\ Support/Dock/*.db "DELETE from apps;"
sqlite3 ~/Library/Application\ Support/Dock/*.db "DELETE from groups WHERE title<>'';"
sqlite3 ~/Library/Application\ Support/Dock/*.db "DELETE from items WHERE rowid>2;"
killall Dock

Note that there is no undoing this unless you have a backup of the database, once you have done this you will have to manually add any applications by dragging them into the Launchpad dock icon but at least you end up with a leaner Launchpad with just the apps you want.


Lion Tip: Expand any Application’s Windows Whilst in Mission Control

Has anyone else found it a pain that whilst entering Mission Control, that an application’s windows are stacked on top each other and you can only clearly see the foremost window?

 mission control lion before

Well, i’ve  discovered a multi-gesture to expand all windows in an Application so you can have a better look at which one to switch to!

 

Enter Mission Control and move the mouse cursor over an Applications’ stack of windows. Whichever one your mouse is over will now have a blue highlight. Now use either the ’Scroll Direction’ gesture upwards, (two fingers up), or the ’Show Desktop’ gesture which is to spread out your thumb and three fingers at once. (See Trackpad preferences for more info and demos of these gestures).

 

The Applications’ stack of windows should fan out from each other, allowing you to see more of the windows’ contents. You may also notice that the other applications and the Desktop dim at the same time. You now have a much better view of all windows you have open within an application to make your choice.

mission control lion tip after

 

To exit this mode, simply scroll your two fingers downwards, or pinch your thumb and three fingers together. You can also just click off in one of the dimmed areas.

 

Nice little feature! :)

Lion Server: SMB Shares and Permissions

By Richard Mallion

Files saved on an SMB sharepoint may have group access removed when you save them.

This can happen when applications use “safe save,” which is used to minimize data loss if the save process is interrupted. The process creates an updated copy of the file that will replace the old file. That way, if the process is interrupted, the previous version of the file remains intact. As a consequence, the saved file is created as a new file with default access permissions which only allow the owner to access the file. Users who are part of a group that had access to the old file will not have access to the newly saved file.

Resolution

Turn on ACLs on the server and configure ACL inheritance on the share to save the group access.

To turn on ACLs for the SMB shared folders, execute this command on the server:

sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.smb.server AclsEnabled -bool YES
To turn off ACLs for the SMB shared folders, execute this command on the server:

sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.smb.server AclsEnabled -bool NO

 

FTP on Lion Server

By Richard Mallion

With Lion server Apple has relegated the FTP service to the command line. Its still there but now has to be enabled via the terminal.

Here are some simple instructions on how to enable the ftp service and enable ftp share points.

Enable FTP on the Server

The first thing to do is enable tnftpd, which is the FTP daemon.

To start up FTP we can use the launchd file ftp.plist which can be found in /System/Library/LaunchDaemons:

launchctl load -w /System/Library/LaunchDaemons/ftp.plist

To stop the FTP service use:

launchctl unload -w /System/Library/LaunchDaemons/ftp.plist

Enable FTP on Shares

By default share points in Lion have AFP and SMB enabled. The sharing command can be used to list and augment shares. To list enter:

sharing -l

Make note of the name for a share that you would like to enable FTP for, as well as whether AFP and SMB are enabled.
We can use the sharing command to enable each of these file sharing protocols. So think of these three services with the first one being AFP, the second FTP and the third SMB. We then use “1″ to enable that specific service and “0″ to disable.

Let’s use an example share of “Public”. Let’s also say AFP and SMB are enabled on “Public” by default. So the sharing command can be used to make a change (-e for edit) on the “Public” share, setting the services (-s) to 111 (AFP:on, FTP:on, SMB:on):

sharing -e Public -s 111

Or to enable just FTP (given that this example is a dedicated FTP server)(AFP:off, FTP:on, SMB:off):

sharing -e Public -s 010

Finally, make sure you ave the correct permissions set of the shares you are using.

Recovering A Corrupt LDAP Database On OS X Server

By Richard Mallion

A couple of times recently I have been asked to recover Open Directory running on Mac OS X Server. Each time the server was an Open Directory Master and its LDAP database had become corrupted, causing authentication issues for their clients and services. No replicas or backups where available (Remember to always backup :-) )

For each server I was able to repair the LDAP database using built in tools that Apple supply.

If you find yourself in this situation here is how to recover the database.

Apple supply a command line tool named `db_recover` which we can use to repair the LDAP database.

The database itself can be found here, /var/db/openldap folder. Even thou it is corrupted its always best to make a copy of it before attempting the repair.

To perform the repair run the `db_recover`tool:

sudo db_recover -h /var/db/openldap/openldap-data/

After a few seconds the tool should have finished. Reboot the server and see if its worked. In the past I have had to run this tool a few times in order for the database to be fully recovered.

Extend QuickLook on Mac OS X

By Richard Mallion

QuickLook is a great feature of Mac OS X which allows you to view the contents of a file simply by hi-lighting it and pressing the space bar.

Mac OS X ships supporting many different file types such as png, pdf etc but there are many third party plugins that extend Quicklook’s capabilities.

A really good resource for this is a website called http://qlplugins.com

Here you can find a range of free and commercial plug-ins.

Most of the plugins come with installers, but some you’ll need to place in the /Library/QuickLook folder manually. The plugin should work instantly, but if not you can always force the system to update by opening a Terminal window typing qlmanage -r.

To remove the plugin at a later date, simply visit the /Library/QuickLook folder and delete it.

A couple of my favourites are one that allows you to view the EXIF information embedded in an image and one that allows you to view the contents of a zip archive.

Magnifier in Preview for Lion

By Richard Mallion

Sometimes  when viewing documents in Apple’s Preview application, especially PDFs, I need to zoom into a specific part of the document to look at some fine detail.

Preview for Lion has a nice magnifier. This is in addition to the standard zoom in/out which applies to the whole document.

To activate the Magnifier tool, select from menu Tools->Show Magnifier or simply press the backtick ` key.

A rectangular view will be displayed once the tool is activated displaying the area of the document you are viewing. You can move the rectangle and adjust the size of the rectangle using pinch gesture.

Screengrab to the Clipboard Rather Than to a File

By Richard Mallion

Mac OS X has some really nice built-in screen capture software which outputs a file to the desktop. However some times its faster or more convienant for my workflow to capture a screen to the clipboard instead, so I can then paste the snapshot directly into my document I am working on rather than having to find the saved file on the desktop.

To screen grab to the clip board you just hold down the ‘control’ key in addition to the standard capture keyboard shortcuts. So for instance:

  • “Shift” + “Control” + “Command” + “3″ will capture the entire screen to the clipboard
  • “Shift” + “Control” + “Command” + “4″ will let you click and drag to capture a portion of the screen to the clipboard

 

Now you can add your signature to PDFs

Ever wanted to be able to quickly sign a document you need to email without having to print it off, sign it and then scan it back on to the computer?  Well new in Lion is the ability to add your signature directly to PDF documents.

To start the process, Open the Preview application and then select Preferences from the Preview menu.  Navigate to the Signature pane.

 

create a signature for a pdf document

Click Create Signature and a window will pop up asking you to hold your signature to the built in camera.  Please note you must sign your name in black ink on white paper.

pop up window

Click Accept and your new signature will appear in the Signature preference pane.

signature preference panel

To use your newly created signature, go to the View menu in Preview and select ‘Show Annotations Toolbar’.  Once the annotations toolbar has appeared, simply add your signature as shown below!

use your newly created sig