Wednesday, 23 September 2015

How to reset Software Update Server on Mac OS 10.10 Yosemite / 10.11 El Capitan

This article briefly details how to reset a misbehaving Software Update Server on Mac OS 10.10 Yosemite or 10.11 El Capitan.  It was tested on server version 5.0.4 but should work on 4.x too.

This can (and for simplicity, probably should) all be done from / command line without touching GUI.

Firstly, stop the Software Update Service if it's running: -

sudo serveradmin stop swupdate

Next, move the old config files out of the way (but keep them just in case for now).

sudo mv /Library/Server/Software\ Update/Cache  /Library/Server/Software\ Update/Cache.old  
(the server should automatically create a new folder after a few moments)
sudo mv /Library/Server/Software\ Update/Config/swupd.conf /Library/Server/Software\ Update/Config/swupd.conf.old
sudo mv /Library/Server/Software\ Update/Config/swupd.plist /Library/Server/Software\ Update/Config/swupd.plist.old

... and wipe the old logs and cache...

sudo rm /Library/Server/Software\ Update/Logs/*
sudo rm /Library/Server/Software\ Update/Cache/*

... and the old data directory where the downloaded updates are stored...

sudo rm /Library/Server/Software\ Update/Data/*

Next, we need to set a couple of things....  Firstly, we need to tell it the port to use to serve updates (strangely it doesn't populate the default port for itself).

sudo serveradmin settings swupdate:portToUse = 8088

If you use a custom Data directory for your updates (eg. you put them on a different volume), then make the directory, give ownership to softwareupdate and update the config to point at it...

sudo mkdir /Volumes/myDisk/swupdate
sudo chown -R _softwareupdate:_softwareupdate /Volumes/myDisk/swupdate
sudo serveradmin settings swupdate:updatesDocRoot = "/Volumes/myDisk/swupdate/"

One more thing, depending on the URL you use in your MDM to point clients to the server, you may need to create a soft link in the Data html folder to point clients to the software update catalog file (revise this as necessary if you moved your data folder someplace else): -

sudo ln -s /Library/Server/Software\ Update/Data/html/index-10.11-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog /Library/Server/Software\ Update/Data/html/index.sucatalog

Ok!  Now fire it back up...

sudo serveradmin start swupdate

Go make a coffee, take a walk or do something fun for awhile while it downloads the new catalogues...

After awhile, you should have a clean Software Update Server ready to start work, enjoy :)

Thursday, 10 September 2015

How to create a bootable Mac OS 10.11 El Capitan Installation USB Flash Drive

This guide will quickly show you how to make a Mac OS 10.11 El Capitan bootable USB installer it will work with the Gold Master candidate just released or the Retail version when it ships in mid September.

1 - Grab a copy of the 'Install OS X El' or the 'Install OS X El Capitan GM' from the App Store.

2 - Insert a blank USB flash drive in to your mac.

3 - Go to Applications > Utilities and open

4 - Type the following command, all as one line, in to where 'Untitled' is the name of your USB drive.

sudo /Applications/Install\ OS\ X\ El\ --volume /Volumes/Untitled --applicationpath /Applications/Install\ OS\ X\ El\ --nointeraction

5 - Wait awhile and you're USB flash drive will be ready.

6 - To boot from your Flash drive, either go to Apple > System Preferences > Startup Disk and select your USB drive, or hold down 'Alt' while booting for the boot device selector screen.

Good Luck!

Thursday, 30 July 2015

Tuesday, 23 June 2015

Show more Network Users on Login Window on Mac OS X Yosemite

Mac OS 10.10 Yosemite seems to limit the number of displayed network users to around 220.

Fortunately, there is a hidden key which can be included in the loginwindow.plist which lets you work around this and increase that number... so here it is :-

sudo defaults write /Library/Preferences/ MaxNetworkUsers -int

For example: -

sudo defaults write /Library/Preferences/ MaxNetworkUsers -int 500

Once you have entered this, reboot and you should see your additional users.

Thursday, 29 January 2015

Adding delegated calendars to iOS devices under Mavericks or Yosemite and iOS8

Apple seem to just make this harder and harder.

Calendar Server in Mavericks and Yosemite has a feature called calendar delegation which allows sharing of calendars with other users.  This works great can even be leveraged to allow groups to share particular calendars either as read-only or read-write users, perfect for business etc.

The gotcha is that while you can connect to a Calendar Server (CALDAV server) from your iPhone or iPad, there is currently no option to show calendars to which you have delegated access.  A great example of Apple failing to help itself win over business customers.

Fortunately, there is a workaround which will allow you to add those calendars to which you have been granted delegated access in (quite) a few (not very) simple steps.  Read on....

PLEASE NOTE:  This guide assumes quite a bit, like that you have some terminal and calendar server experience and are running a dedicated calendar server under Mac OS Mavericks Server or Mac OS Yosemite Server and using LDAP user accounts.  You might need to modify things if that's not your setup.

Firstly, you need to find the GeneratedUID of the user whose Calendar account you have been granted delegated access to.  This is easily done using the DSCL tool from the command line.

So, on a mac that is connected to your directory open terminal and enter: -
dscl /LDAPv3/ -read /Users/username GeneratedUID
This should return a long hex code eg. '937CE9D7-4050-401C-866A-51381DAB3646'

Next, Go to Settings > Mail, Contacts and Calendars - Click 'Add Account'

Choose the account type 'Other'

Select 'Add CalDAV Account'

Enter your credentials for your calendar on the server (Don't enter the details of the delegated calendar you want access to at this point)

Once it is configured, click the 'Account' line for details.

Change the description to describe the delegated account you are adding, then click 'Advanced Settings'.

Replace the GeneratedUID at the end of the Account URL with that of the delegated account you found earlier so that the line reads something like:

Now go back and you should see your account set up

Go in to and check your results.  You should see the calendar listed and any events should appear on your calendar.

Good luck!

Wednesday, 14 May 2014

Backing up Calendars and Profile Manager in Mavericks 10.9 Server (v3)

Once again Apple have played around with the locations of the Postgres databases that make up the backend of Calendar Server (caldav) and ProfileManager (_devicemgr).

They now reside in separate databases (my guess is this is to make each service fully independant of each other).  Thankfully they can still be backed up using PG_DUMP and PG_DUMPALL.

As of Server v3, you can use the following commands to connect to the relevant unix socket paths and perform backups either as pgdump files that can be restored using pg_restore or as raw sql files (not sure why you would want the raw sql but hey ho), anyway here's the how to...

Don't forget to sudo or run as root...

Backup Calendar Server

Backup Profile Manager

Good luck!

Monday, 3 February 2014

How to cut down and sand your SIM or Micro SIM to a Nano SIM for iPhone 5 / 6 / etc

This is the method I have been working on to cut down a mini or micro sim to a nano sim size, together with pitfalls I found along the way.

Firstly,here is a nice template courtesy of Germer Consulting you can use for measuring: -

NOTE:  Make sure you print the template the correct size (check against your SIM before you start cutting!)

WARNING!  Cutting SIM cards is one thing, sanding them is another.  This whole process could very likely kill your SIM card for good so attempt it at your peril and don't blame me if it goes wrong.

One good idea is to use any old SIM card you might have lying around to practice on first.

Step 1 - Writing
Write down the IMEI number from the back of your SIM. It's very easy to get carried away in the moment and just reach for the sand paper, but it makes sense to keep a copy of the IMEI number. You can get the number from the 'Settings' app on your iPhone of course, but not if you break it doing this :)

Step 2 - Cutting
You need a good, sharp pair of scissors. Some people suggest a sharp knife and a cutting board but the risk of the SIM slipping as you cut is very high, its a tiny thing and therefore hard to keep still.

Cut around the card to match the template above, leave about 0.8mm plastic showing along the top and bottom, about 0.3mm along the left side and around 1mm on the right side.

Finally, cut the bottom right corner and your done with step 2.

Step 3 - Sanding
Here we go! It helps if you have a digital vernier caliper like the one below, they're pretty cheap to buy online, but if not, you can work by eye and make sure you stop when you start reaching the underside of the chip (see pictures below).

So, this pic shows the SIM at 0.77mm before I start, that is pretty close to the design thickness of 0.76mm.

The sand paper.  First off, it's not sand, it's silicone carbide wet and dry paper, available from most hardware or vehicle repair shops (Halfords in this case).

 I picked a 400 grit to start with, and a 1500 grit to finish, in the end though, I only used the 400grit.

The hardest part was ensuring the SIM was flat, and that the sanding was even, I used a piece of tape on the front of the card (the contact side) to give me something to pull the SIM smoothly over the sand paper.

I placed the index finger of my other hand on the center of the card to keep the pressure even as I pulled the SIM using the tape.

I did this a few times down the sheet of sand paper, stopping and checking thickness as I went.

Eeek!  I was initally worried when during a quick check, a faint circle had appeared on the back of the card, as you can see, the IMEI number has been completely worn away.  This circle is the outline of the back of the actual SIM chip.  If you continue sanding after this point, it is extremely likely you will damage the chip permanently. 

When you can see the back of the chip, it's definately time to stop sanding.

The caliper is now reading 0.68mm, that is +0.01mm out from the design thickness of the nano SIM and given that my caliper was reading +0.01mm on the un-sanded SIM, should easily be close enough. 


That's it you should have a working nano SIM, if not, oops, time to order a new, replacement SIM :D