Skip to content

Instantly share code, notes, and snippets.

View zoocoup's full-sized avatar

Jason Broccardo zoocoup

12 followers · 3 following
View GitHub Profile
@zoocoup
zoocoup / SecureToken and sysadminctl in 10.13 (based on 10.13.4)
Last active June 4, 2023 22:25
### Updated to reflect changes introduced with 10.13.4. Update to 10.13.4 if needed before attempting to make
SecureToken-related changes. ###
sysadminctl is a tool Apple introduced in 10.10 for working with system user accounts. In 10.13, sysadminctl is Apple's
recommended tool for working with user accounts in the CLI, replacing functionality that has long been provided by dscl
and adds new features available only in 10.13. sysadminctl can be used to change user passwords, create new users or
check the status of a new-to-10.13 security feature named SecureToken.
SecureToken is a non-visible APFS file system attribute, unlike the SIP protected flag or file creation date, that triggers
the creation of a new AuthenticationAuthority entry in a user's local account record
@zoocoup
zoocoup / Casper Packaging & Deployment
Last active October 8, 2018 20:46
Overview of packaging for Casper
Casper Packaging & Deployment
# This document was made for my coworkers as I was leaving a previous job. The content should
# be applicable in most environments.
# Last Edit 20131008 - jkb | @zoocoup
This document is an overview of packaging applications, plug-ins and files or deployment with Casper.
_Testing the Application_
@zoocoup
zoocoup / Ubuntu Server Up-to-Speed Cheatsheet
Last active May 6, 2019 20:21
Ubuntu Server Up-to-Speed Cheatsheet
# Making the Switch from RHEL to Ubuntu Server?
# I needed to start supporting Ubuntu 12.0.4 Servers after three years of working with Scientific Linux 5/6 (RHEL-variant)
# This is the cheatsheet I put together to help get over some of the differences
# Last Edit 20130508
_Root_
The root account is not enabled by default. Ubuntu wants to to use sudo to elevate privileges. The first created account will be an administrator in the sudoers group.
Config file: /etc/sudoers (use visudo)
@zoocoup
zoocoup / Add site to Safari's Java whitelist (draft)
Last active December 16, 2015 08:28
Add site to Safari's Java whitelist via script
#!/bin/sh
# Add a site to the Java whitelist in Safari with Safari 5.1.9+ on 10.6.x and Safari 6.0.4+ on 10.7+
# Safari must be restarted before changes to whitelist load
# Get the currently logged in user
LIU="`/usr/bin/w | grep console | awk '{ print $1 }'`"
DATE="`date '+%FT%TZ'`"
# Make a copy of user's existing Safari prefs first before overwriting
@zoocoup
zoocoup / Preventing Installation Errors When Deploying Software With Casper 8.x
Last active October 13, 2015 06:57
Preventing Installation Errors When Deploying Software With Casper 8.x
# These are issues I ran into based on how I use Casper. Your experience might vary.
# Last Edit - 20131008 jkb | @zoocoup
Casper's error checking and reporting isn't sophisticated or exact; sometimes an error isn't really an error.
It is possible for a policy to fail a first or second time and then be successful on a subsequent attempt. Be sure
to check status log and/or client detailed inventory before flushing policy and running again or
troubleshooting the package/process.
_Scripts Are Not Written Properly_
If you have a syntax error in a script, the script will fail and Casper will throw a policy error. Depending on
@zoocoup
zoocoup / LKDCinfo
Created November 14, 2012 00:44
Any Documentation I Can Find on the Local KDC (LKDC)
# The LKDC is wanting for official documentation. Here's any bits of information I've found as of 20121113
The LKDC is used for local authentication for peer-to-peer services, specifically AFP file sharing, Screen Sharing
and Back to My Mac.
AFP548 “Kerberos in Leopard: The Local KDC part 1”:
http://web.archive.org/web/20100603060100/http://www.afp548.com/article.php?story=20080709091503862
(The original article seems to have been lost when the site
redesigned, but here's a cached version)