Monday, 3 October 2016

Enable Flash Player for all sites in Safari via the command-line / script

A little script that enables Adobe Flash Player for Safari on MacOS on all sites.  Useful for managed computers.

defaults write ManagedPlugInPolicies ' "com.macromedia.Flash Player.plugin" =         {
            PlugInDisallowPromptBeforeUseDialog = 1;
            PlugInFirstVisitPolicy = PlugInPolicyAllowWithSecurityRestrictions;
            PlugInHostnamePolicies =             (
                    PlugInHostname = "";
                    PlugInIsFreshlyExpired = 0;
                    PlugInPageURL = "";
                    PlugInPolicy = PlugInPolicyAllowWithSecurityRestrictions;
                    PlugInRunUnsandboxed = 1;
            PlugInRunUnsandboxedOnFirstVisit = 1;
exit 0

Thursday, 28 July 2016

How to Backup and Restore El Capitan Calendar Server (caldav)

With Server 5.1, the socket location to connect to the caldav database changed.

Make sure Calendar Server is switched OFF for this whole procedure....

sudo serveradmin stop calendar

To backup your existing calendar database...

/Applications/ -h /var/run/caldavd/PostgresSocket/ -U caldav caldav -c -f ~/Desktop/caldav.sql

To restore it, you may first want to drop the existing database...

sudo dropdb -h /var/run/caldavd/PostgresSocket -U caldav caldav

then create a new one...

sudo createdb -h /var/run/caldavd/PostgresSocket -U caldav caldav

Then import the backup you made at the start....

sudo cat caldav.sql | sudo psql -h /var/run/caldavd/PostgresSocket -U caldav caldav

Now you can start the service again...

sudo serveradmin start calendar

NOTE: If you receive an error using DROPDB about the database being accessed by other users, try this..

Manually connect to psql...

sudo psql -h /var/run/caldavd/PostgresSocket -U caldav caldav

Find and kick all active connections..

 pg_terminate_backend (

 pg_stat_activity.datname = 'target_database';

Quit PSQL...


Then try the dropdb again...

sudo dropdb -h /var/run/caldavd/PostgresSocket -U caldav caldav

Wednesday, 23 September 2015

How to reset Software Update Server on Mac OS 10.10 Yosemite / 10.11 El Capitan

This article briefly details how to reset a misbehaving Software Update Server on Mac OS 10.10 Yosemite or 10.11 El Capitan.  It was tested on server version 5.0.4 but should work on 4.x too.

This can (and for simplicity, probably should) all be done from / command line without touching GUI.

Firstly, stop the Software Update Service if it's running: -

sudo serveradmin stop swupdate

Next, move the old config files out of the way (but keep them just in case for now).

sudo mv /Library/Server/Software\ Update/Cache  /Library/Server/Software\ Update/Cache.old  
(the server should automatically create a new folder after a few moments)
sudo mv /Library/Server/Software\ Update/Config/swupd.conf /Library/Server/Software\ Update/Config/swupd.conf.old
sudo mv /Library/Server/Software\ Update/Config/swupd.plist /Library/Server/Software\ Update/Config/swupd.plist.old

... and wipe the old logs and cache...

sudo rm /Library/Server/Software\ Update/Log/*
sudo rm /Library/Server/Software\ Update/Cache/*

... and the old data directory where the downloaded updates are stored...

sudo rm /Library/Server/Software\ Update/Data/*

Next, we need to set a couple of things....  Firstly, we need to tell it the port to use to serve updates (strangely it doesn't populate the default port for itself).

sudo serveradmin settings swupdate:portToUse = 8088

If you use a custom Data directory for your updates (eg. you put them on a different volume), then make the directory, give ownership to softwareupdate and update the config to point at it...

sudo mkdir /Volumes/myDisk/swupdate
sudo chown -R _softwareupdate:_softwareupdate /Volumes/myDisk/swupdate
sudo serveradmin settings swupdate:updatesDocRoot = "/Volumes/myDisk/swupdate/"

One more thing, depending on the URL you use in your MDM to point clients to the server, you may need to create a soft link in the Data html folder to point clients to the software update catalog file (revise this as necessary if you moved your data folder someplace else): -

sudo ln -s /Library/Server/Software\ Update/Data/html/index-10.11-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog /Library/Server/Software\ Update/Data/html/index.sucatalog

Ok!  Now fire it back up...

sudo serveradmin start swupdate

Go make a coffee, take a walk or do something fun for awhile while it downloads the new catalogues...

After awhile, you should have a clean Software Update Server ready to start work, enjoy :)

Thursday, 10 September 2015

How to create a bootable Mac OS 10.11 El Capitan Installation USB Flash Drive

This guide will quickly show you how to make a Mac OS 10.11 El Capitan bootable USB installer it will work with the Gold Master candidate just released or the Retail version when it ships in mid September.

1 - Grab a copy of the 'Install OS X El' or the 'Install OS X El Capitan GM' from the App Store.

2 - Insert a blank USB flash drive in to your mac.

3 - Go to Applications > Utilities and open

4 - Type the following command, all as one line, in to where 'Untitled' is the name of your USB drive.

sudo /Applications/Install\ OS\ X\ El\ --volume /Volumes/Untitled --applicationpath /Applications/Install\ OS\ X\ El\ --nointeraction

5 - Wait awhile and you're USB flash drive will be ready.

6 - To boot from your Flash drive, either go to Apple > System Preferences > Startup Disk and select your USB drive, or hold down 'Alt' while booting for the boot device selector screen.

Good Luck!

Thursday, 30 July 2015

Tuesday, 23 June 2015

Show more Network Users on Login Window on Mac OS X Yosemite

Mac OS 10.10 Yosemite seems to limit the number of displayed network users to around 220.

Fortunately, there is a hidden key which can be included in the loginwindow.plist which lets you work around this and increase that number... so here it is :-

sudo defaults write /Library/Preferences/ MaxNetworkUsers -int

For example: -

sudo defaults write /Library/Preferences/ MaxNetworkUsers -int 500

Once you have entered this, reboot and you should see your additional users.

Thursday, 29 January 2015

Adding delegated calendars to iOS devices under Mavericks or Yosemite and iOS8

Apple seem to just make this harder and harder.

Calendar Server in Mavericks and Yosemite has a feature called calendar delegation which allows sharing of calendars with other users.  This works great can even be leveraged to allow groups to share particular calendars either as read-only or read-write users, perfect for business etc.

The gotcha is that while you can connect to a Calendar Server (CALDAV server) from your iPhone or iPad, there is currently no option to show calendars to which you have delegated access.  A great example of Apple failing to help itself win over business customers.

Fortunately, there is a workaround which will allow you to add those calendars to which you have been granted delegated access in (quite) a few (not very) simple steps.  Read on....

PLEASE NOTE:  This guide assumes quite a bit, like that you have some terminal and calendar server experience and are running a dedicated calendar server under Mac OS Mavericks Server or Mac OS Yosemite Server and using LDAP user accounts.  You might need to modify things if that's not your setup.

Firstly, you need to find the GeneratedUID of the user whose Calendar account you have been granted delegated access to.  This is easily done using the DSCL tool from the command line.

So, on a mac that is connected to your directory open terminal and enter: -
dscl /LDAPv3/ -read /Users/username GeneratedUID
This should return a long hex code eg. '937CE9D7-4050-401C-866A-51381DAB3646'

Next, Go to Settings > Mail, Contacts and Calendars - Click 'Add Account'

Choose the account type 'Other'

Select 'Add CalDAV Account'

Enter your credentials for your calendar on the server (Don't enter the details of the delegated calendar you want access to at this point)

Once it is configured, click the 'Account' line for details.

Change the description to describe the delegated account you are adding, then click 'Advanced Settings'.

Replace the GeneratedUID at the end of the Account URL with that of the delegated account you found earlier so that the line reads something like:

Now go back and you should see your account set up

Go in to and check your results.  You should see the calendar listed and any events should appear on your calendar.

Good luck!