Advanced Printer Deployment with Addigy (MDM)

Comment

Advanced Printer Deployment with Addigy (MDM)

Standard Printer Deployment Limitations

The documented process for deploying printers with Addigy and other MDMs (reliant on configuration profiles) is simply not as good as printer deployment methods with Munki. Specific drawbacks with the MDM approach include:

No Printer Driver Detection
Configuration profiles do not check if the required printer driver (PPD) is available before adding a printer. If the driver is not present, the printer is still added but with a generic (feature limited) printer driver. Even if the driver is installed later on, the printer will not update to use the correct driver.

No Automated Printer Reinstall
Printers are only added during the install of a configuration profile. If a user removes a printer in System Preferences it is not automatically reinstalled, even though the printer configuration profile is still present.

No Automated Printer Removal
Removing the configuration profile that originally added the printer does not remove the printer. The printer still needs to be manually removed via System Preferences or a script.

Unable to Customise Printer Settings
Administrators often need to configure printer options such as single/double sided printing, A4/US Letter paper size, etc. Printer configuration profiles are yet to include these customisations.

Unable to Alter Printer Settings Over Time
Printers get replaced, networks change and finance departments decide grayscale printing should be the new default. The ability to push out new versions of the same printer with slightly different settings is useful.

Printer Sharing is Enabled
Printers are being added with the “Share this printer on the network” option enabled. I have yet to come across a situation where printer sharing was intentionally enabled, it should be disabled by default.

No Printers in Self Service
Unlike software, profiles cannot be added to Self Service. An issue for organisations that want staff to pick and choose printers.

Minor Gripes
Printers deployed with Addigy are added to CUPS with a generic printer name (e.g. mcx0, mcx1, etc).
Printer profiles installed by Addigy are not signed.

Advanced Printer Deployment Method

The Munki nopkg (no package) method of deploying printers addresses all the issues listed above. I have rewritten the scripts to work with Addigy.

1) To personalise the scripts below please enter your printer details.









. .

2) Log into Addigy go to Policies > Catalog > Custom Software > Add Software +

3) Enter a Software Identifier that includes the printer’s display name. The version number should also match the one provided above. Optionally, prefix the name with the target organisation’s initials/short name, for example: SCHL - Leo (Year 7).

4) Enter a brief description, set the category to Printers and set a custom icon, it will be displayed in Self Service.

5) Scroll past Upload Files and copy and paste in your personalised Installation Script.

#### Installation Script ####

# Script is based off of nopkg code written by Walter Meyer and Nick McSpadden in the early days of Munki. Rewritten in 2019 by Michael Page for use with Addigy.

### Printer Variables ###
# Variable current_version is useful for deploying printer alterations over time. The version should always match the Custom Software version in Addigy.
# Incrementation examples: 1.1.0 = Printer location description changed, 2.0.0 = Printer has been replaced with a newer model.
current_version="1.0.0"

# The printer name displayed to users, once printer has been deployed this should not change, as changing the name will result in duplicate printers.
display_name="Leo (Year 7)"

# Physical location of the printer.
location="Safari Building"

# Protocol used to connect to the printer (dnssd, lpd, ipp, ipps, http, socket).
protocol="lpd"

# Network address of the printer can be an IP address, hostname or DNS-SD address.
# DNS-SD address example: "HP%20LaserJet%20400%20colorMFP%20M475dn%20(626EDC)._ipp._tcp.local./?uuid=434e4438-4637-3934-3737-a45d36626edc"
address="10.118.227.10"

# Path to printer driver (PPD).
driver_ppd="/Library/Printers/PPDs/Contents/Resources/HP Color LaserJet Pro M252.gz"

# Specific options for the printer.
# To find available options, manually add the printer to a Mac and run: lpoptions -p "$insert_cups_printer_name_here" -l
# To list installed CUPS printer queue names run: lpstat -p | /usr/bin/awk '{print $2}'
option_1="PageSize=A4"
option_2="Duplex=None"
option_3=""

### Nothing below this line needs to change. ###

# Function to convert dot separated version numbers into an integer for comparison purposes.
# Examples: "2.1.0" -> 2001000, "52.14.7" -> 52014007.
function version {
    echo "$@" | /usr/bin/awk -F. '{ printf("%d%03d%03d\n", $1,$2,$3); }';
}

# Set name to be lowercased display_name with only alphanumeric characters.
name=$(echo "$display_name" | /usr/bin/tr -dc '[:alnum:]' | /usr/bin/tr '[:upper:]' '[:lower:]')

# Ensure required printer driver is on disk.
/bin/ls "$driver_ppd"

# Determine if the printer was previously installed.
if [ -f "/private/etc/cups/deployment/receipts/${name}.plist" ]; then
    # Get the script version number that was used to install the printer.
    installed_version=$(/usr/libexec/PlistBuddy -c "Print :version" "/private/etc/cups/deployment/receipts/${name}.plist")
    echo "Previously installed version of ${name}: $installed_version"
else
    echo "Printer ${name} was not previously installed."
    installed_version="0"
fi

# If a matching print queue with that name already exists.
if /usr/bin/lpstat -p "$name"; then
    # If the installed printer version is equal (or somehow newer) to the printer version in this script.
    if [ "$(version "$installed_version")" -ge "$(version "$current_version")" ]; then
        # The printer installed is the current or newer version, no need to reinstall it.
        echo "The installed printer (${name}) is already up-to-date, no need to reinstall."
        exit 0
    fi
    # Printer installed is of a lesser version, therefore we will remove the outdated printer, ready for reinstall.
    echo "The installed printer (${name}) needs to be updated, will remove and reinstall."
    /usr/sbin/lpadmin -x "$name"
fi

# Install the printer.
/usr/sbin/lpadmin -p "$name" -L "$location" -D "$display_name" -v "${protocol}"://"${address}" -P "$driver_ppd" -E -o landscape -o printer-is-shared=false -o printer-error-policy=abort-job -o "$option_1" -o "$option_2" -o "$option_3"

# Create/update a receipt for the printer.
/bin/mkdir -p /private/etc/cups/deployment/receipts
/usr/libexec/PlistBuddy -c "Add :version string" "/private/etc/cups/deployment/receipts/${name}.plist" 2> /dev/null || true
/usr/libexec/PlistBuddy -c "Set :version $current_version" "/private/etc/cups/deployment/receipts/${name}.plist"

# Permission the directories properly.
/usr/sbin/chown -R root:_lp /private/etc/cups/deployment
/bin/chmod 755 /private/etc/cups/deployment
/bin/chmod 755 /private/etc/cups/deployment/receipts

exit 0

6) Copy and paste in your personalised Conditions Script.

#### Conditions Script ####

# Script is based off of nopkg code written by Walter Meyer and Nick McSpadden in the early days of Munki. Rewritten in 2019 by Michael Page for use with Addigy.

### Printer Variables ###
current_version="1.0.0"
display_name="Leo (Year 7)"

### Nothing below this line needs to change. ###

# Function to convert dot separated version numbers into an integer for comparison purposes.
# Examples: "2.1.0" -> 2001000, "52.14.7" -> 52014007.
function version {
    echo "$@" | /usr/bin/awk -F. '{ printf("%d%03d%03d\n", $1,$2,$3); }';
}

# Set name to be lowercased display_name with only alphanumeric characters.
name=$(echo "$display_name" | /usr/bin/tr -dc '[:alnum:]' | /usr/bin/tr '[:upper:]' '[:lower:]')

# Determine if the printer was previously installed.
if [ -f "/private/etc/cups/deployment/receipts/${name}.plist" ]; then
    # Get the script version number that was used to install the printer.
    installed_version=$(/usr/libexec/PlistBuddy -c "Print :version" "/private/etc/cups/deployment/receipts/${name}.plist")
    echo "Previously installed version of ${name}: $installed_version"
else
    echo "Printer ${name} was not previously installed."
    installed_version="0"
fi

# If a matching print queue with that name already exists.
if /usr/bin/lpstat -p "$name"; then
    # If the installed printer version is equal (or somehow newer) to the printer version in this script.
    if [ "$(version "$installed_version")" -ge "$(version "$current_version")" ]; then
        # The printer installed is the current or newer version, no need to reinstall it.
        echo "The installed printer (${name}) is already up-to-date, no need to reinstall."
        exit 1
    fi
fi

# Printer configuration is outdated or missing, trigger install printer.
exit 0

7) Copy and paste in your personalised Remove Script.

#### Remove Script ####

# Script is based off of nopkg code written by Walter Meyer and Nick McSpadden in the early days of Munki. Rewritten in 2019 by Michael Page for use with Addigy.

### Printer Variables ###
display_name="Leo (Year 7)"

### Nothing below this line needs to change. ###

# Set name to be lowercased display_name with only alphanumeric characters.
name=$(echo "$display_name" | /usr/bin/tr -dc '[:alnum:]' | /usr/bin/tr '[:upper:]' '[:lower:]')

# Remove printer from system.
/usr/sbin/lpadmin -x "$name"

# Remove associated printer install receipt.
/bin/rm -f "/private/etc/cups/deployment/receipts/${name}.plist"

8) Click SAVE CHANGES > REVIEW CHANGES > CONFIRM CHANGES.

9) Go to Policies > select the relevant organisation > Software > Click Add App to add the printer to the policy and optionally enable Self Service. Tip: always deploy to a test group first.

10) Lastly Deploy Changes and test!

Additional Tips

  • Any required printer drivers should be installed beforehand, however the order is not critical as the installation script first checks if the PPD (driver) is on disk before attempting to add the printer.

  • To deploy an alteration for a printer go to Policies > Catalog > Custom Software > click the name of the printer (not Edit) > New Version > increment the version number > Add Version > follow the steps above, skipping steps 2 and 3.

  • Printers are removed shortly after a Mac is removed from an Addigy policy.

  • Not working? Start a GoLive session with a Mac > click the Deployments tab > Custom Software > Deploy the printer to see where it is failing. Often the printer will not install if the referenced PPD path is incorrect or the printer driver has yet to be installed.

Comment

How to Transfer an AUSkey Between Macs

1 Comment

How to Transfer an AUSkey Between Macs

Current documentation on moving/copying an AUSkey between Macs is scarce, below are recent steps taken for a successful AUSkey migration.

  1. On the new Mac download and install the AUSkey Chrome & Firefox plugin from the Australian Business Register.

  2. On both Macs, open Finder > click Go in top menu bar > hold down an option key and select Library from the menu.

  3. Copy the following two directories from the old Mac to the same place on the new Mac:

  • ~/Library/AUSkey

  • ~/Library/Application Support/AUSkey

Note: AUSkey no longer requires Java to be installed.

1 Comment

Creating Gradient Backgrounds in Swift

5 Comments

Creating Gradient Backgrounds in Swift

Gradient backgrounds started becoming popular around the time of iOS 7 (2013). With just a little code, adding a gradient background can uplift a dull looking user interface (UI).

There are many ways to create background gradients, below is just one simple approach:

In a new Xcode iOS project, open Main.storyboard, from the Object Library drag a new View onto the View Controller. Set the View’s top, bottom, left and right constraints to be zero and ensure ‘Constrain to margins’ is deselected.

 

Add an IBOutlet to ViewController.swift with the name backgroundGradientView and connect it to the newly added View.

 

Below super.viewDidLoad(), create a gradient layer and apply it to your View.

import UIKit

class ViewController: UIViewController {

    @IBOutlet weak var backgroundGradientView: UIView!
    
    override func viewDidLoad() {
        super.viewDidLoad()
        
        // Create a gradient layer.
        let gradientLayer = CAGradientLayer()
        // Set the size of the layer to be equal to size of the display.
        gradientLayer.frame = view.bounds
        // Set an array of Core Graphics colors (.cgColor) to create the gradient.
        // This example uses a Color Literal and a UIColor from RGB values.
        gradientLayer.colors = [#colorLiteral(red: 0, green: 0.5725490196, blue: 0.2705882353, alpha: 1).cgColor, UIColor(red: 252/255, green: 238/255, blue: 33/255, alpha: 1).cgColor]
        // Rasterize this static layer to improve app performance.
        gradientLayer.shouldRasterize = true
        // Apply the gradient to the backgroundGradientView.
        backgroundGradientView.layer.addSublayer(gradientLayer)
    }

    override var shouldAutorotate: Bool {
        return false
    }
    
}

Example Code Result

By default the gradient is rendered vertically from top to bottom, you can further customise the gradient by setting gradient start and end positions.

// Diagonal: top left to bottom corner.
gradientLayer.startPoint = CGPoint(x: 0, y: 0) // Top left corner.
gradientLayer.endPoint = CGPoint(x: 1, y: 1) // Bottom right corner.

// Horizontal: left to right.
gradientLayer.startPoint = CGPoint(x: 0, y: 0.5) // Left side.
gradientLayer.endPoint = CGPoint(x: 1, y: 0.5) // Right side.

Finding colours that blend well together can be a little hit and miss, thankfully uiGradients and iOS 7 Colors have a nice collection of gradient swatches.

Diagonal

Horizontal

5 Comments

Extract & Decode Forgotten Billion WAN Service Password

Comment

Extract & Decode Forgotten Billion WAN Service Password

Forgotten Internet credentials can be recovered by contacting your ISP. They can also be easily decoded from a backup configuration file.

First download the backup configuration file (backupsettings.conf) by selecting Configuration > System > Backup / Update > Backup Settings.

Open backupsettings.conf in a text editor and search for WAN service username, the following line will contain the password, Base64 encoded.

 

Copy and paste the encoded password into the field below to decode the password.


Comment

Configure a Raspberry Pi as a Wi-Fi to Ethernet Router

Comment

Configure a Raspberry Pi as a Wi-Fi to Ethernet Router

Recently, I found myself in a situation where a client was moving to a new office, within the same building. Up until the move they had been sharing an Internet connection with a neighbouring business, however the new office had a completely separate network and networked photocopier.

The client had applied for the Internet to be connected at the new office, however due to the pace of the ISP it was not ready in time and a temporary Internet connection was required to get them operational.

They were still able to access their neighbours Wi-Fi From the new office, but were not able to access the new photocopier as it was connected to their new network.

To temporarily provide an Internet connection to the new network two solutions came to mind:

  1. Connect a 4G modem to the router; with the number of devices on the network mobile data charges could become excessive.
  2. Configure a spare Raspberry Pi to connect to the neighbours Wi-Fi and share it out the Ethernet port, connected to the WAN port of the new network's router.
Network Diagram

Going by the title you know which option I went with. Thankfully Gus at Pi My Life Up has a written a great guide to achieve just that.

Tips

  • Before you start to follow the guide you will need to copy Raspbian Stretch Lite to a microSD card. You can find the steps to do so here.
  • Instead of following Step 4, run sudo raspi-config to connect the Raspberry Pi to Wi-Fi, as this will limit the Wi-Fi chipset to operate within your country's channel restrictions.
  • After following Gus' guide I had an intermittent error during boot; "Failed to start dnsmasq - A lightweight DHCP and caching DNS server", this was resolved by removing the line bind-interfaces in /etc/dnsmasq.conf.

Comment

Backing Up Your Mac

Comment

Backing Up Your Mac

Ever accidentally deleted an important file, experienced a drive failure or discovered computers don't drink coffee? Reliable backups protect you from losing your irreplaceable data. Today's blog post is an unbiased overview of all the popular backup options available to Mac users.

Syncing Services & "The Cloud"

It is important to point out that many syncing services (e.g. Dropbox, Resilio Sync, etc.) can also be configured to act as somewhat of a backup. Since that is not their intended use I have not included them in this overview.

Several of the backup solutions below store data with the vendor (cloud backup). As security breaches have become common place, trusting vendors and their ability to protect user data has never been more challenging. For this reason many vendors allow advanced users to take ownership of the encryption key, preventing anyone but the user from accessing the data.

Time Machine Logo.jpg
 

Time Machine is built into macOS making it very easy to back up your Mac.

Key Points

  • Unlike most alternatives, Time Machine includes both system files and user data.
  • Supports multiple backup destinations, allowing for geographically separated backup drives (e.g. one at work and one at home).
  • Compatible with Migration Assistant making the process of restoring data to a new Mac easy.
  • Theoretically supports backing up to network shares (e.g. AirPort Time Capsule, server or NAS), in practice I have found it unreliable.
  • Support for Power Nap, allowing backups to occur while the Mac is asleep.

Data Retention

  • Hourly backups for the past 24 hours.
  • Daily backups for the past month.
  • Weekly backups for all previous months.
  • The oldest backups are deleted when the backup disk becomes full.

User Experience

Setup

To start using Time Machine simply purchase an external hard drive (any brand), plug it into your Mac and click Use as Backup Disk. It is also advisable to select the Encrypt Backup Disk checkbox, preventing anyone from accessing your backup data without a password.

Time Machine Setup
 

After that backing up is as simple as plugging in a USB.

Restoring Data

    Enter Time Machine (Recommended)

    Open Launchpad > OtherTime Machine > On the right select the date you wish to go back to > Select the files you wish to recover and click Restore.

     

    Finder

    In Finder select the name of the backup disk in the sidebar > Backups.backupdb > COMPUTERNAME > Select the date you wish to go back to > Copy and paste the files you wish to restore.

     
    CrashPlan Logo
     

    Unfortunately, Code42 the creators of CrashPlan now only offer backup solutions for small business and enterprise markets. Although this is not for individuals, business owners would benefit from considering CrashPlan for their backup needs.

    Key Points

    • Support for all the major platforms (macOS, Windows and Linux).
    • By default only the user's home directory is backed up.
    • Australians back up to CrashPlan's Sydney data centre.
    • CrashPlan can also be configured to back up to a local disk.
    • CrashPlan for Small Business targets businesses with less than 200 employees.

    Data Retention

    Data retention is user configurable, backup storage with CrashPlan is unlimited and by default all user files are retained!

    CrashPlan Backup Schedule
     

    User Experience

    Setup

    1. Sign up for the free trial here.
    2. Download and install the CrashPlan app.
    3. Sign into the app and select a backup destination (e.g. CrashPlan PRO Australia).

    Restoring Data

    CrashPlan App (Recommend)

    Open CrashPlan app from the Launchpad > Click Get Files, select the date you wish to restore from and select files you wish to restore. By default, files are restored to the Downloads folder, but this can be set to the files original location or another directory.

     

    CrashPlan Web Restore

    Sign into the CrashPlan website > Select Devices > Active > Click the restore icon next to the relevant computer > Choose the date and the files you wish to restore.

     
    Backblaze Logo
     

    Backblaze is a cost effective cloud backup solution.

    Key Points

    • Supports both macOS and Windows.
    • Includes a Locate My Computer feature similar to Find My Mac.

    Data Retention

    • Unlimited storage.
    • Backblaze only keeps copies of files for 30 days after deletion.
    • External drives being backed up to Backblaze must be connected at least once every 30 days to avoid backup deletion.
    • If the computer running Backblaze does not connect to Backblaze's servers within 6 months all backup data is deleted.

    User Experience

    Setup

    1. Sign up for the free trial here.
    2. Download and install Backblaze.

    Restoring Data

    Restoring data is done through the Backblaze website. Customers have the option of downloading required files for free or ordering a USB drive to be mailed to them, at additional cost.

    Carbonite Logo
     

    Carbonite is a popular Windows cloud backup vendor, with support for macOS.

    Key Points

    • Supports both macOS and Windows.
    • The Mac application user interface layout feels somewhat unpolished compared to its competitors.

    Data Retention

    Just like Backblaze, Carbonite Safe Basic Backup files are only kept for 30 days after deletion.

    User Experience

    Setup

    1. Sign up for a free trial here.
    2. Download and install Carbonite.

    Restoring Data

    Carbonite App (Recommended)

    Click the Carbonite icon the menu bar and select Open Carbonite. Select the relevant location in the sidebar > select the deleted file or folder > click Get this back.

     

    Carbonite Website

    To restore files Carbonite recommend using their Mac app, however backed up files can be downloaded via their website. Simply sign in > click View files and select the files you wish to download.

     
    Acronis True Image 2018 Logo
     

    Acronis have been creating backup software for over 15 years and specialise in bare metal backups (similar to Time Machine & Carbon Copy Cloner).

    Data Retention

    Users are able to configure the number of versions archived.

     

    Key Points

    • Ability to backup to Acronis Cloud and/or a local disk.
    • All data including applications and system files are backed up by default.
    • An Acronis Cloud data centre is located in Sydney.
    • Acronis Cloud storage is not unlimited with storage options going all the way up to 5TB.

    User Experience

    Setup

    1. Download and install Acronis True Image 2018 from here.
    2. Open the application, create an account and set backup locations.

    Restoring Data

    Mac App

    Select the backup destination and then the Recovery tab > Select the backup version and browse for the files you wish to restore.

    Rescue Media

    Alternatively clicking the Recover Mac button in the app will create a bootable rescue USB. Once booted an entire system backup can be restored from a local disk, Acronis Cloud or network share.

    Acronis Online Dashboard

    Sign into the dashboard > Click RECOVER next to the relevant computer > Select the files you wish to download and click DOWNLOAD.

     
    Carbon Copy Cloner Logo
     

    At its core Carbon Copy Cloner (CCC) is a graphical user interface (GUI) for the handy command line tool rsync.

    Key Points

    • Makes the process of cloning all or part of a disk simple.
    • By default clones are bootable, include all system and user files and can be restored by Migration Assistant.
    • Is able to perform scheduled backups to external encrypted disks.
    • Support for backing up to network shares.

    Data Retention

    Although there is a SafetyNet feature that can be leveraged to recover modified/deleted files, CCC's primary purpose is to maintain a replica of an internal disk.

    User Experience

    Setup

    1. Download and install Carbon Copy Cloner from here.
    2. Set source (e.g. Macintosh HD), set a destination (e.g. an external hard drive) and set a schedule (e.g. hourly).

    Restoring Data

    • If the files are still present on the back up drive they can be copied directly in Finder.
    • In the event your computer's disk has been replaced or erased, Migration Assistant will happily restore data from a CCC backup.
    • In the event where files have been overwritten on the backup drive (APFS formatted) the SafetyNet feature may be able to restore modified/deleted files.

    Comment

    macOS Network Shares with Permission Inheritance

    2 Comments

    macOS Network Shares with Permission Inheritance

    Creating a network share on macOS does not automatically propagate assigned permissions to child files & subdirectories. This means if one user creates a new directory in a share, other users are able to view the new directory, but are unable to add anything to it. Correctly configuring directory permissions is the solution covered in today's blog post.

    Understanding File & Directory Permissions

    POSIX permissions are used to assign basic read, write and execute privileges to the owner (creator of the file/directory), group (a single group inherited from the parent directory) and others (everyone else).

    At the same time an access control list (ACL) can be applied to a file/directory to assign specific permissions, allowing for multiple users and groups with varying levels of access. ACLs override POSIX permissions and are comprised of access control entries (ACEs), each entry specifying a particular user or group's rights (either an allow or deny) to perform specific operations. The ACEs in an ACL are evaluated from top to bottom until an ACE that applies to the user is found, once a match is found all remaining entries are ignored, making the order of ACEs paramount.

    To allow our users to add to each others directories we simply add the file_inherit & directory_inherit attributes to an ACE. This will ensure the ACL applied to the share is inherited by child files & subdirectories.

    There are two ways to apply an ACL:

    Server app

    Select the server name in the left sidebar, click the Storage tab and drill down to the directory you wish to modify. Click the gear at the bottom of the screen and select "Edit Permissions..." Expand out assigned users & groups, tick Inheritance and click OK.

    Doing so will apply the ACL to the selected directory, but not to any subdirectories. If you wish to apply the same ACL to subdirectories, select the gear again, then 'Propagate Permissions...' and with only the Access Control List checkbox ticked click OK.

    Note: You will notice inherited permissions are greyed out in the Server app to prevent accidental editing.

    Terminal

    Those comfortable in Terminal may wish to do the same via the command line.

    List

    To list existing ACLs in a directory:

    ls -le

    Add

    To recursively add inheritance to a directory simply append  file_inherit & directory_inherit tasks to the end of the existing ACE:

    # Recursively add the following ACE to all files and folders inside Directory Name, marking the ACE as inherited.
chmod -R +ai "group:marketing allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit" "Directory Name"/*

# Apply the same ACE directly to "Directory Name," without marking it as inherited (allowing it to be edited in the Server app).
chmod +a "group:marketing allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit" "Directory Name"

    Insert

    Use +a# to insert an ACE at a specific index (at index 0):

    chmod +a# 0 "group:marketing allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit" "Directory Name"

    Replace

    Use =a# to edit an existing ACE (at index 2):

    chmod =a# 2 "group:marketing allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit" "Directory Name"

    Remove 

    Use -a# to remove the first ACE (at index 0):

    chmod -a# 0 "Directory Name"

    Use -N to alltogether remove an ACL from a file or directory:

    chmod -N "Directory Name"
# Tip: chmod -RN will recursively remove ACLs

    Further Reading

    If you would like to learn more about macOS file permissions the following are great resources:

    2 Comments

    Printing Hierarchical Directory Structures in Terminal

    1 Comment

    Printing Hierarchical Directory Structures in Terminal

    Tree is an open source command line tool for recursively outputting the structure of a directory. It is useful for generating a clear representation of complex directory structures.

    Installation

    Tree is compatible with most Unix based operating systems, including macOS. Since tree is not included with macOS, here are two methods for installing it:

    Via Homebrew

    If you already have Homebrew installed simply run:

    brew install tree

    From Source Code

    1. Download the source code from GitHub:

    git clone https://github.com/execjosh/tree.git

    2. Move into the tree directory and edit the Makefile:

    cd tree
nano Makefile

    3. Comment out (prepend a #) the line under Linux defaults and uncomment (remove the #) the lines under the OS X section:

     

    Note: To save changes in nano; press control + X, then Y and return.

    4. To compile the binary simply run:

    make

    5. Move the newly generated binary into /usr/local/bin/:

    sudo mv tree /usr/local/bin/

    6. Lastly, move the manual page into /usr/share/man/man1/.

    sudo mv doc/tree.1 /usr/share/man/man1/

    Usage

    Tree has many options and the manual page goes into each one in-depth, you can view the man page with:

    man tree

    Our favourite options:

    • -C: Colour folder names to help distinguish files from folders
    • -d: Only output directories, not files
    • -H: Output as HTML with hyperlinks to files and folders
    • -N: Do not escape spaces with forward slashes or replace non=printable characters
    • -o: Send output to a file
    • -Q: Put double quotes around filenames

    Example

    Using tree to list all files and folders in a user's Music directory:

     

    1 Comment

    Demystifying the Apple Lightning to USB 3 Camera Adapter

    4 Comments

    Demystifying the Apple Lightning to USB 3 Camera Adapter

    A common question I get from travellers is, "how can I back up the photos taken with my digital camera without my laptop?"

    The answer is to get an Apple Lightning to USB 3 Camera Adapter (MK0W2AM/A | model A1619) to use with your iPad/iPhone. This adapter works with any iPad or iPhone with a Lighting port, which covers almost every iPad/iPhone sold in the last 6 years.

    Usage

    1. Simply connect your camera's USB cable into the adapter and plug the adapter into your iPad/iPhone.
    2. The Photos app will automatically launch and allow you to import specific photos or import all.
    3. Imported photos will appear in the Last Import photo album.

    Once imported, the next time your iPad/iPhone is connected to the Internet (e.g. hotel Wi-Fi), photos can be uploaded to your iCloud Photo Library.

    The Photos app also remembers previously imported photos, so you don't need to worry about accidentally reimporting the same photos again.

    Photos are not modified in any way and retain all metadata including date & time, location (cameras with GPS), camera settings used to take the photo and original filename.

    Testing the adapter with a Panasonic Lumix DMC-TZ30, I found the Photos app fails to detect AVCHD formatted videos and therefore will not import them. Unless your camera records videos as MP4 files, importing videos will almost certainly require access to a computer.

    Lightning to USB Camera Adapters.jpg

    The adapter is superior to the non-USB 3 Apple Lightning to USB Camera Adapter (MD821AM/A | model A1440).  Some digital cameras attempt to recharge when connected, the extra draw of power causes the iPad/iPhone error: "Cannot Use Device: The connected device requires too much power."

    This error still occurs with the new adapter, however attaching a Lightning charger to the adapter resolves the error, allowing more cameras to work. If you are still getting the error: "Cannot Use Device: The connected device requires too much power." after connecting a charger, the charger is not outputting enough power for both the iPad/iPhone and the camera. Make sure you are using the charger that came with your iPad/iPhone.

    Note: If you already own the older Lightning to USB Camera Adapter, connecting the adapter to an externally powered USB hub should also resolve the error.

    Owners of the iPad Pro 10.5-inch and iPad Pro 12.9-inch will experience faster import speeds as the adapter performs at USB 3 speeds, compared to standard USB 2 speeds with other iPads and iPhones.

    Surprisingly the adapter also works with many USB devices including:

    • keyboards: with support for screen brightness, volume and playback controls
    • barcode scanners: ideal for point-of-sale terminals
    • Ethernet adapters: ideal for fixed digital kiosks, Apple list supported models here.
    • hubs: connect multiple USB devices at once
    • memory card readers (e.g. microSD, MMC, etc.)
    • microphones: for higher quality audio recording
    • Musical Instrument Digital Interface devices (e.g. MIDI keyboards)

    Note: The adapter does not provide access to storage apart from importing photos & videos.

    4 Comments

    Raspberry Pi Tips & Tricks

    Comment

    Raspberry Pi Tips & Tricks

    Introduction

    For those unfamiliar, a Raspberry Pi is a low-cost, energy efficient, highly extensible, credit card sized computer. To assist new Raspberry Pi owners I have put together my notes on the topic and will continue to append to it as new discoveries are made.

    Common Commands

    Copying a Raspberry Pi Operating System Image (.img) to a microSD Card

    Loading an initial operating system can seem like a daunting task, in fact many Mac users are unaware that copying an .img file to a microSD does not require any additional software. In this example I will be using Raspbian Stretch Lite, a good base image for most Raspberry Pi projects.

    Connect the microSD card to a Mac using an SD card adapter or a microSD to USB reader.

    To find the disk identifier of the microSD card, open Terminal and run the following command:

    diskutil list

    In my situation the microSD was mounted as /dev/disk2, I could tell this by comparing the size of the disk (31.1 GB).

     

    Before we can copy the Raspbian data to the microSD card we need to unmount the disk first with the command:

    sudo diskutil unmountDisk /dev/disk2

    Time to copy the contents of the image file to the microSD card, take note of the r in front of disk2:

    sudo dd if=~/Downloads/2017-11-29-raspbian-stretch-lite.img of=/dev/rdisk2 bs=1m

    Setting Up a Headless (No Screen) Raspberry Pi

    By default SSH (remote login) is disabled. To enable SSH create an empty file called "ssh" in the root of the SD card. On a Mac this can be achieved with the Terminal command:

    touch /Volumes/boot/ssh

    Connect to Wi-Fi

    Raspbian includes the Raspberry Pi Software Configuration Tool, this includes a user friendly way to configure network settings. To open type:

    sudo raspi-config

    If you are unable to run the above command (e.g. no display or Ethernet available) and want the Raspberry Pi to connect to Wi-Fi, create a wpa_supplicant.conf file in the root of the SD card (/Volumes/boot/) and add the following:

    ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=AU

network={
    ssid="Your Wi-Fi network name"
    psk="Your Wi-Fi password"
    key_mgmt=WPA-PSK
}

    Changing the Default User Password

    By default the username is pi and the password raspberry. Once logged into the Raspberry Pi, the easiest way to change the password is with the command:

    sudo raspi-config

    Updating Raspbian

    To check for and install any available updates:

    sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot now

    Favourite Use Cases

    Pi-hole - Block Ads On Your Local Network

    Pi-hole is one of the best uses of the Raspberry Pi hardware. Pi-hole acts as a Domain Name System (DNS) server on the local network, blocking requests to ad related networks. This results in webpages and apps displaying content without unwanted ads. The screenshots below show the difference Pi-hole makes to the website speedtest.net.

    Pi-hole also includes a nice dashboard, reporting usage and providing the ability to further blacklist/whitelist specific sites.

    Digital Signage

    Screenly & Yodeck have Raspberry Pi software allowing any TV to be used for digital signage. Updating what is displayed on screens is as easy as uploading new content via a web browser. Both currently offer a free tier for a single display.

    Comment