Thursday, June 29, 2017

EndNote X8 Activation

I've recenlty been tasked with deploying EndNote X8 to a lab of systems and found a few very helpful items, plus a "bug". This post is to document those items so that you may have an easier time deploying than I.

Thanks to Rich Trouton's DefFlounder blog, I was able to find an already existing AutoPkg recipe to create an EndNote X8 pkg for deployment. This was particularly helpful because the install instructions for EndNote X8 are written assuming a user is logged in (not to mention an admin) and the software is distributed with a .app installer (Boo!).

After testing the deployment, I found that the EndNote X8 app still requested activation on first boot. This seemed to be related to the existence of the ~/Library/Preferences/com.ThomsonResearchSoft.EndNote.plist. After a short dig, I found the software looking for the "AcceptedENX7.2EULA". Why it says 7 and not 8 is anyone's guess.

Adding this preference to the global /Library/Preferences folder prevented the additional activation checks and EndNote X8 launched as expected. Ready for the labs!

This is the defaults command we use to ensure activation prompts are dismissed:

defaults write "/Library/Preferences/com.ThomsonResearchSoft.EndNote.plist" "AcceptedENX7.2EULA" -string "1"

Friday, September 30, 2016

Profiles (.mobileconfig) are awesome!

I shouldn't be telling you anything that isn't already prevailing knowledge, but I'm excited about it anyway. Profiles have been around for a while now, but I'm just starting to adopt them more in our environment. I'm still not using an MDM for our Macs, but I know we have a gap there.

The point of this post is to remove a random text file from my desktop and to share it with everyone else, plus my blog is really stale. So, without further ramblings, here's a list of some locations where you too can find, and benefit, from existing profiles:

https://github.com/nmcspadden/Profiles
https://github.com/rtrouton/profiles
https://github.com/rtrouton/documentation_VM_profiles
https://github.com/golbiga/Profiles
https://github.com/gregneagle/profiles
https://github.com/rodchristiansen/Profiles
https://github.com/erikng/osxprofiles
https://github.com/amsysuk/public_config_profiles

I know there are more out there so please comment if you've got one! I'll be creating one eventually and will share it here, too.

Happy Profiling!

Tuesday, March 15, 2016

IST 240 Gaming with Java

I recently completed my IST 240 course at Penn State and had the opportunity to create a game in Java. As we learned Objective Oriented programming with Java, myself and Joshua Mathews designed, coded, and bug fixed "Packet Attack". 

"Packet Attack" is designed as a customizable dungeon crawler style, with a IT twist. The game focuses around the main character, a network administrator whom was quick to curse their network switches. One day, the admin was struck by lightning and transferred into the network switches! To escape, the admin would have to fight through the Firmware Bugs, Firewalls, and Viruses, traveling between the network switches through the ethernet cables till reaching the treasure chest to escape! As you fight through the monsters, on death they will drop helpful items for the hero.

The game is designed to allow you to customize the number of levels, number of rooms per level, number of monsters per room, and their difficulty. The options allow the user to generate an easy or very difficult game.

Packet Attack is a free download here: https://dl.dropboxusercontent.com/u/5442688/PacketAttack%201.0.jar

I hope you enjoy the game!

Tuesday, November 11, 2014

Playing with pwpolicy

I had a colleague ask me recently about the changes to Mavericks pwpolicy. Not having touched the tool in a few years, I was curious about the changes. Well, as the saying goes, I'm now one dead little kitty.

pwpolicy gets and sets the password policies for users on OS X. I believe binding to a directory service is required and these settings don't apply to local accounts, however I could be wrong about that, as Apple has now published an article on how Global policies can lock out admin accounts. Yay?

pwpolicy now has deprecated the commands we would have used in the past. In their place are multiple new Account Policy Keywords. All in all, it seems like a good move to use policy keywords as it will be much more customizable in the future. However, at the moment the pwpolciy man page makes my head hurt. I'm failing to grasp the whole picture here, and it's keeping me from grasping the new way of doing policies. I hope to learn more, but in the mean time I've played with the example plist in the man page. With a few simple modifications, I've added checking for numeric and non-numeric characters, as well as mixed case strings.

It appears that these policies use regex to check the password, where the new password is the variable "policyAttributePassword" and when the RegEx "matches" that it continues on.

Again, all conjecture as I've not been able to test or confirm. I am curious as to where the supplemental documentation is....Apple? Anyone else have some idea as to what's going on here? Perhaps willing to present it at a July conference in PA?


Test Plist...

<dict>
<key>policyCategoryPasswordAuthentication</key>
<array>
<dict>
<key>policyContent</key>
<string>policyAttributeMaximumFailedAuthentications &lt; policyAttributeFailedAuthentications</string>
<key>policyIdentifier</key>
<string>failed auths</string>
</dict>
</array>
<key>policyCategoryPasswordChange</key>
<array>
<dict>
<key>policyContent</key>
<string>policyAttributeCurrentTime &gt; policyAttributeLastPasswordChangeTime + policyAttributeExpiresEveryNDays * DAYS_TO_SECONDS</string>
<key>policyIdentifier</key>
<string>Change every 182 days</string>
<key>policyParameters</key>
<dict>
<key>policyAttributeExpiresEveryNDays</key>
<integer>182</integer>
</dict>
</dict>
</array>
<key>policyCategoryPasswordContent</key>
<array>
<dict>
<key>policyContent</key>
<string>policyAttributePassword matches '.{8,}+'</string>
<key>policyIdentifier</key>
<string>com.apple.policy.legacy.minChars</string>
<key>policyParameters</key>
<dict>
<key>minimumLength</key>
<integer>8</integer>
</dict>
</dict>
<dict>
<key>policyContent</key>
<string>policyAttributePassword matches '\D'</string>
<key>policyIdentifier</key>
<string>com.apple.policy.legacy.requiresAlpha</string>
</dict>
<dict>
<key>policyContent</key>
<string>policyAttributePassword matches '\d'</string>
<key>policyIdentifier</key>
<string>com.apple.policy.legacy.requiresNumeric</string>
</dict>
<dict>
<key>policyContent</key>
<string>policyAttributePassword matches '.*[A-Z][a-z]+'</string>
<key>policyIdentifier</key>
<string>com.apple.policy.legacy.requiresMixedCase</string>
</dict>
</array>
</dict>

Edit: Updated link to Global policies can lock out admin accounts HT.