Friday, September 11, 2009

Command Line Favorites #1

So I've been collecting some of my favorite and most used CLI commands. I figured, now that Snow Leopard is out, why not share them!


##"Name of Command or what it does"
#"Comments from the actual command or script that it is in"

Command Line Favorites for OS X Leopard

##Change en0 to DHCP:
sudo ipconfig set en0 DHCP

##Enable ARD for etcadmin:
#etcadmin user
sudo /System/Library/CoreServices/RemoteManagement/ -activate -configure -access -on -users etcadmin -privs -all -restart -agent -menu
#all users
sudo /System/Library/CoreServices/RemoteManagement/ -activate -configure -access -on -restart -agent -privs -all

##Change Password for admin from ARD:
dscl . -passwd /Users/admin oldpass newpass ; kickstart - configure -privs -all -users admin

On 10.4 / 10.5:

dscl . -passwd /Users/USERNAME OLDPASS NEWPASS

##Copy text to remote location:
sudo cat /file.txt | ssh user@host 'cat - >> ~/file.txt'

##Quicklook from the Command Line:
qlmanage -p filename.jpg

#Usage: qlmanage [OPTIONS] path...
-h Display this help
-r Force reloading Generators list
-p Show a preview of the documents
-t Show thumbnails of the documents
-s size Size for the thumbnail
-f factor Scale factor for the thumbnail
-c contentTypeUTI Force the content type used for the documents
-g generator Force the generator to use

#Quick Look launch in the background:
qlmanage -p filename.jpg &

##Add highlighting to Stacks grid view:
defaults write mouse-over-hilte-stack -boolean yes
killall Dock

##SSH Authorized Keys
sudo ssh-keygen -t dsa -f ~/.ssh/id_dsa -C "whatever comment"
sudo cat /private/var/root/.ssh/ | ssh user@host 'cat - >> ~/.ssh/authorized_keys'
sudo cat /private/var/root/.ssh/ >> /private/var/root/.ssh/authorized_keys

##Rsync Backup
sudo rsync -xrlptgoEv --progress --delete / /Volumes/Evolve


##Disable Time Machine "use this disk"
defaults write DoNotOfferNewDisksForBackup -bool YES

##Spoof Mac Address
Retrieving your current MAC address

First, you’re going to want your current wireless MAC address so you can set it back without rebooting. Launch the Terminal and type the following command:
ifconfig en1 | grep ether
You’ll know see something like:
ether 00:12:cb:c6:24:e2
And the values after ‘ether’ makeup your current MAC address. Write this down somewhere so you don’t forget it. If you do, it’s not the end of the world, you’ll just have to reboot to reset it from a change.

Spoofing a MAC address

To spoof your MAC address, you simply set that value returned from ifconfig to another hex value in the format of aa:bb:cc:dd:ee:ff

For this example, we will set our wireless MAC address to 00:e2:e3:e4:e5:e6 by issuing the following command:
sudo ifconfig en1 ether 00:e2:e3:e4:e5:e6

The sudo command will require that you enter your root password to make the change.

Verifying the Spoofed MAC address worked

If you want to check that the spoof worked, type the same command as earlier:
ifconfig en1 | grep ether
Now you will see:
ether 00:e2:e3:e4:e5:e6
Meaning your MAC address is now the value you set it to. If you want to further verify the spoof, simply login to your wireless router and look at the ‘available devices’ (or attached devices) list, and your spoofed MAC address will be part of that list.

If you want to set your MAC address back to its real value, simply issue the above ifconfig commands with the MAC address that you retrieved in step 1. You can also reboot your Mac.

##Display full paths as Finder window titles
defaults write _FXShowPosixPathInTitle -bool YES

##Add Bonjour to screen sharing application
defaults write ShowBonjourBrowser_Debug 1

##Add functionality to 10.5 Screen Sharing app
defaults write \
'NSToolbar Configuration ControlToolbar' -dict-add 'TB Item Identifiers' \

##Add IP Printer


# Tests to see if printer exists
# Requires the printer name as a parameter.  Returns 1 if the printer exists.

function printerExists()
 if [ $# -ne 1 ]; then
   echo "Incorrect parameters"
   return 0
   lpstat -p | awk '{print $2}' | while read printer
     if [ $1 = "${printer}" ]; then
       return 1

# Printer Name cannot Include any spaces
# User friendly printer name"
prDescription="Lab Printer"
# Location
prLocation="The Lab"
# IP Address of printer
# PPD Filename... assumes it is installed on machine
prPPD="HP LaserJet 4350.gz"

#Test If Printer is already installed
printerExists $prName

if [ $prExists -eq 1 ]; then
 echo "Printer already exists. Skipping: \"$prName\""
 # Add Printer Command
 lpadmin -p "${prName}" -D "${prDescription}" -L "${prLocation}" \
 -E -v lpd://"${prAddress}" -P "/Library/Printers/PPDs/Contents/Resources/$prPPD" \
 -o HPOption_Tray3=Tray3_500 -o HPOption_Duplexer=True -o InstalledMemory=Mem96_127 -o Duplex=DuplexNoTumble


#The important part is the lpadmin and lpoptions commands.  if you look at thee man pages.
#it also is a good idea to add an option to not share the printer.

#I've actually made this into a package so users can install it themselves.
#Hope that helps!

lpadmin -p printer_name -E -v lpd://printer_and_queue_address -m printer_model_ppd_file -L "text_description_of_printer_location"
lpadmin -p "163_Chambers_Color" -E -v lpd:// -P "/Library/Printers/PPDs/Contents/Resources/HP Color LaserJet 4550.gz" -L "163_Chambers_Color" -o "printer-info='163 Chambers'"

lpadmin -p B-Copier -v eqtrans://printserver/b_mfp -E -P "/Library/Printers/PPDs/Contents/Resources/HP LaserJet M5035 MFP.gz"

I have all of my printers setup using a shell script that adds them all at once. It makes setting up printers using ARD quick and easy.
• Printers are available immediately.
• For leopard machines, make sure to send the command as root or an admin. Otherwise users will need admin authentication before printing.
• Make sure to substitute the appropriate device URI (after -v)

Another quick tip is to delete all printers quickly. You can do it using the name, but I do it using a script that I grabbed somewhere.


lpstat -p | awk '{print $2}' | while read printer
 echo "Deleting  Printer:" $printer
 lpadmin -x $printer

#Leopard Delete printer

launchctl unload "${CUPS_PLIST}"
launchctl load "${CUPS_PLIST}"

##Use your own SUS Server

#Software Update command line:
sudo defaults write CatalogURL ""

#Software update program:
sudo defaults write /Library/Preferences/ CatalogURL ""

#To Reverse just Delete:
sudo defaults delete /Library/Preferences/ CatalogURL

##CLI Software Update:

sudo softwareupdate -i -a

##Change Computer Name from CLI

defaults write /Library/Preferences/SystemConfiguration/preferences System 'NetworkHostNamesLocalHostName

##Stop Spaces fro switching when an app is opened and have it open the app in that space
defaults write workspaces-auto-swoosh -bool NO
killall Dock

##Enable ssh on machine
To enable SSH go to the terminal and type in the following:

sudo /sbin/service ssh start

That should start the SSH server on the computer. SSH should be activated even if you restart the computer until you type the following into the terminal:

sudo /sbin/service ssh stop

##KRun command to execute task at some point in time: Exmple ARD
We resolved this issue in the environments we manage by:

1. Set all Macs to turn themselves back on at 03:01AM
2. Added to /etc/crontab

50 3 * * * root /System/Library/CoreServices/RemoteManagement/ -restart -agent

##log into remote machine from cli and ARD
osascript <   tell application "System Events"
       keystroke "LOGIN_NAME"
       keystroke return
       delay 3.0
       keystroke "PASSWORD"
       delay 3.0
       keystroke tab
       keystroke return
       keystroke return
   end tell


line_01='set logInUser to "admin"';line_02='set logInPassword to "donoharm"';line_03='tell application "System Events"';line_04='tell application process "loginwindow"';line_05='key code 53';line_06='delay 1';line_07='key code 125';line_08='delay 1';line_09='key code 36 using option down';line_10='delay 1';line_11='keystroke tab';line_12='delay 1';line_13='key code 117';line_14='delay .5';line_15='keystroke tab';line_16='delay .5';line_17='key code 117';line_18='keystroke return';line_19='delay 1';line_20='keystroke tab';line_21='delay .2';line_22='repeat with aChar in characters of logInUser';line_23='keystroke aChar';line_24='delay 0.2';line_25='end repeat';line_26='keystroke tab';line_27='delay .5';line_28='repeat with aChar in characters of logInPassword';line_29='keystroke aChar';line_30='delay 0.2';line_31='end repeat';line_32='key code 98 using control down';line_33='delay 0.2';line_34='keystroke return';line_35='end tell';line_36='end tell';value=$(osascript -e "$line_01" -e "$line_02" -e "$line_03" -e "$line_04" -e "$line_05" -e "$line_06" -e "$line_07" -e "$line_08" -e "$line_09" -e "$line_10" -e "$line_11" -e "$line_12" -e "$line_13" -e "$line_14" -e "$line_15" -e "$line_16" -e "$line_17" -e "$line_18" -e "$line_19" -e "$line_20" -e "$line_21" -e "$line_22" -e "$line_23" -e "$line_24" -e "$line_25" -e "$line_26" -e "$line_27" -e "$line_28" -e "$line_29" -e "$line_30" -e "$line_31" -e "$line_32" -e "$line_33" -e "$line_34" -e "$line_35" -e "$line_36") # 53=escape,125=down,117=delete

##Mount shares with apple script:
tell application Finder
mount volume "afp://ownerofsharepoint:password@serverIPhere/volumename/sharename here"
end tell

##Migrate ARD to new machine

# Copy database to remote machine:
sudo scp -Epr /var/db/RemoteManagement root@machinename:/var/db

# Copy /Library prefs
sudo scp -Ep /Library/Preferences/

# Copy home dir prefs
sudo scp -E

# Copy home dir Application Support Remote Desktop dir
sudo scp -Er /Users/username/Library/Application Support/Remote Desktop

##Bind or unbind to leopard server
dsconfigldap -v -r oldserver.somewhere.lan
dscl /Search -delete / CSPSearchPath /LDAPv3/oldserver.somewhere.lan
dsconfigldap -v -a newserver.somewhere.lan
dscl /Search -create / SearchPolicy CSPSearchPath
dscl /Search -append / CSPSearchPath /LDAPv3/newserver.somewhere.lan

#Set up mac Mail sript
# Create_Email_Account v1 
#          Created: Feb 2007
#         Modified: 18-06-07
#           Author: D Savage
#                   Humanities and Social Science Support
#                   Information Services
#                   University of Edinburgh
#   Description:
# Script to setup thunderbird and mail for new staff, runs once
# by using the users loginwindow.plist, then deletes the file
# mac must be bound to AD!
# Disclaimer:
# We accept no responsibility for, nor do we warrant the merchantibility or 
# fitness of this script. Any use or modification is at your own risk, though 
# we would request notification of any modification required.

#Set environ
#get user shortname
user=`who | grep console| awk '{print $1}'`

#fetch data from AD
Get_AD_Data ()
dscl localhost -read "/Active Directory/All Domains/Users/${user}" | grep "^${role}:" | awk '{print $2}'

empType=`Get_AD_Data employeeType` 
firstN=`Get_AD_Data FirstName`
lastN=`Get_AD_Data LastName` 

fullN=`echo $firstN $lastN`
#Only students don't use staff mail so
email=`echo ${user}`
AccountName="Staff M ail Service"

#if a student then use sms
if [ "$empType" == "Student" ];
email=`echo ${user}`
AccountName="Student Mail Service"

#End environ
thunConf=`find /Users/$user/Library/Thunderbird/Profiles/ -name 'staff.mail.server*' -o -print`
mailConf=`ls /Users/${user}/Library/Mail | grep "staffmail"`
if ! [ -z $mailConf ] && ! [ -z $thunConf ]
exit 0;

ls /Users/${user}/Library/Thunderbird/Profiles/ | grep -v '^[.*]' > /tmp/thun.txt

# config done here

osascript <tell application "Mail"
set theAccountName to "$AccountName"
set theMailServer to "$mailServer"
set theUsername to "$user"
set theFullName to "$fullN"
set theEmailAddresses to "$email"
set theSMTPName to "$SMTPName"
set theAccount to make new imap account with properties {name:theAccountName, user name:theUsername, server name:theMailServer, full name:theFullName, email addresses:theEmailAddresses, uses ssl:true}

end try

set theSMTPServer to make new smtp server with properties {server name:theSMTPName}
set smtp server of theAccount to theSMTPServer
end tell

killall "Mail"

#Thunderbird config starts here


cat /tmp/thun.txt | ( while read profileName; 

cat <> $prefFile
user_pref("mail.account.account2.identities", "id1");
user_pref("mail.account.account2.server", "server2");
user_pref("mail.accountmanager.accounts", "account1,account2");
user_pref("mail.accountmanager.defaultaccount", "account2}");
user_pref("mail.identity.id1.doBcc", false);
user_pref("mail.identity.id1.doBccList", "");
user_pref("mail.identity.id1.draft_folder", "mailbox://nobody@Local%20Folders/Drafts");
user_pref("mail.identity.id1.drafts_folder_picker_mode", "0");
user_pref("mail.identity.id1.escapedVCard", "");
user_pref("mail.identity.id1.fcc_folder", "mailbox://nobody@Local%20Folders/Sent");
user_pref("mail.identity.id1.fcc_folder_picker_mode", "0");
user_pref("mail.identity.id1.fullName", "${fullN}");
user_pref("mail.identity.id1.organization", "");
user_pref("mail.identity.id1.reply_to", "");
user_pref("mail.identity.id1.smtpServer", "smtp1");
user_pref("mail.identity.id1.stationery_folder", "mailbox://nobody@Local%20Folders/Templates");
user_pref("mail.identity.id1.tmpl_folder_picker_mode", "0");
user_pref("mail.identity.id1.useremail", "${email}");
user_pref("mail.identity.id1.valid", true);
user_pref("mail.root.imap-rel", "[ProfD]ImapMail");
user_pref("mail.root.none-rel", "[ProfD]Mail");
user_pref("", "[ProfD]Mail/Local Folders");
user_pref("mail.server.server1.hostname", "Local Folders");
user_pref("", "Local Folders");
user_pref("mail.server.server1.type", "none");
user_pref("mail.server.server1.userName", "nobody");
user_pref("mail.server.server2.capability", 17593141);
user_pref("mail.server.server2.download_on_biff", true);
user_pref("mail.server.server2.hostname", "${mailServer}");
user_pref("mail.server.server2.isSecure", true);
user_pref("mail.server.server2.login_at_startup", true);
user_pref("mail.server.server2.max_cached_connections", 5);
user_pref("", "${AccountName}");
user_pref("mail.server.server2.namespace.personal", "\"\"");
user_pref("mail.server.server2.namespace.public", "\"Shared Folders/\"");
user_pref("mail.server.server2.socketType", 3);
user_pref("mail.server.server2.timeout", 29);
user_pref("mail.server.server2.type", "imap");
user_pref("mail.server.server2.userName", "${user}");
user_pref("mail.smtp.defaultserver", "smtp1");
user_pref("mail.smtpserver.smtp1.auth_method", 1);
user_pref("mail.smtpserver.smtp1.hostname", "${SMTPName}");
user_pref("mail.smtpserver.smtp1.port", 25);
user_pref("mail.smtpserver.smtp1.try_ssl", 0);
user_pref("mail.smtpserver.smtp1.username", "${user}");
user_pref("mail.smtpservers", "smtp1");


rm -dfr /Users/${user}/Library/Preferences/loginwindow.plist

exit 0;

#Fix ard issue
osascript -e 'tell app "ARDAgent" to do shell script "chmod 0555 /System/Library/CoreServices/RemoteManagement/"';

## Script for phoning home
#Set the computername
systemsetup -setcomputername $(/bin/hostname)

#Phone home
SUBJECT="New Host Added: "

/usr/bin/mail -s "$SUBJECT $(/bin/hostname)" "$TO" <
A new host was imaged today at `date`. Add $(/bin/hostname) to your ARD configuration. It's profile is:

$(system_profiler | head -n 17)

##Implement Filevault on all machines

Copy /Library/Keychains: FileVaultMaster.cer, and FileVaultMaster.keychain

#MCX settings for password hint or:
/Library/Keychains: FileVaultMaster.cer, and FileVaultMaster.keychain

#add blank password hint
sudo defaults write /Library/Preferences/ MasterPasswordHint ""

##Postflight script to set time zone and start NTP (Leopard)


#Set variables

#Set time zone, set time server, start NTP
$systemSetupLocation -settimezone $timeZone
$systemSetupLocation -setnetworktimeserver $networkTimeServer iburst
$systemSetupLocation -setusingnetworktime on

##Set computer to netboot through ARD
sudo bless --netboot --server bsdp://

##Set dns for primary interface
mainInt=$(networksetup -listnetworkserviceorder | \
awk '/\(1\)/ {$1="";sub("^ ","",$0);print}')
networksetup -setdnsservers "$mainInt"

##Backup OD to archive
echo "dirserv:backupArchiveParams:archivePassword = mypassword" > /var/root/command.txt
echo "dirserv:backupArchiveParams:archivePath = /path/to/backup/odarchive" >> /var/root/command.txt
echo "dirserv:command = backupArchive" >> /var/root/command.txt
serveradmin command < /var/root/command.txt
rm /var/root/command.txt

##Hide users with UID under 500
defaults write /Library/Preferences/ Hide500users 1

##Bind computers to OD and add to computergroups

I've started using this script to add a computer record to my ODM as part of my 1stRun OD binding script.  It also adds that machine to a ComputerList and a ComputerGroup.  I don't know the details (guessing ComputerLists are for 10.4 and earlier, ComputerGroups for 10.5 and later) but I have to add the computer to both the ComputerList and the ComputerGroup for it to show up in WGM.  (Actually, I didn't try just adding to the ComputerGroup, but when you add a machine to a Computer Group in WGM, it gets added to both the ComputerGroup and the ComputerList in LDAP.)  Here's my script:

thisComputerName="$(systemsetup -getcomputername | cut -c 16-)"
thisLocalSubnetName="$(systemsetup -getlocalsubnetname | cut -c 20-)"
thisHWAddress="$(ifconfig en0 | awk ' /ether/ { print $2 }')"

# Create a computer record using the LocalSubnetName as the record id
dscl -u diradmin -P "diradminpass" /LDAPv3/ -create /Computers/$thisLocalSubnetName macAddress $thisHWAddress
# note you get a GUID here for free, don't have to set with uuidgen

# Add the RealName attribute
dscl -u diradmin -P "diradminpass" /LDAPv3/ -append /Computers/$thisLocalSubnetName RealName "$thisComputerName"

# Add to the facultylaptops ComputerList
dscl -u diradmin -P "diradminpass" /LDAPv3/ -merge "/ComputerLists/facultylaptops" apple-computers "$thisLocalSubnetName"

# Add to the facultylaptops ComputerGroup
thisGUID="$(dscl /LDAPv3/ -read /Computers/$thisLocalSubnetName GeneratedUID | awk '{ print $2 }')"
dscl -u diradmin -P "diradminpass" /LDAPv3/ -merge "/ComputerGroups/facultylaptops" apple-group-memberguid "$thisGUID"
dscl -u diradmin -P "diradminpass" /LDAPv3/ -merge "/ComputerGroups/facultylaptops" memberUid "$thisLocalSubnetName"

## Remove leopard video and music
However the video is a QuickTime file, located here :>
The music is there :>

##To reset the local KDC
# 1. Using Keychain Access, locate the certificate and key pair in the System keychain. Delete all three entries.
# 2. Using Terminal, execute this command to remove the local KDC:
sudo rm -fr /var/db/krb5kdc
# 3. Using Terminal, execute this command to re-generate the local KDC root certificate and key pair:
sudo /usr/libexec/configureLocalKDC

##Set sleep/wake

pmset [displaysleep or disksleep] [number in minutes]

##OSA Dialog box restart
#Tell user to restart
osascript -e 'tell app "System Events" to display dialog "Please Restart your Computer." buttons "OK" default button 1 with title "Restart Please" with icon stop'

##Rename the boot drive

#You can use the following script to rename the boot drive:

diskutil $(df / | awk '{print $1}') newname


tell application "Finder" to set name of startup disk to "MyDiskName"


diskutil rename / newname

##Fix spotlight

mdimport -d1 /

##Set mac startup time

pmset repeat poweron MTWRF 07:40:00

##Stop Software updates automaticly

softwareupdate --schedule off

##Get the hardware model of the machine

sysctl -n hw.model

##Reset MCX managment
/System/Library/CoreServices/ -f
sudo dscl . -delete /Computers
sudo rm -rf /Library/Managed\ Preferences

##Curl file suggestions

curl should be (?) curl -O
installer is installer -pkg -target /


##Script to test for the availability of internet and download something

#Set loop variable.

if [ "$(id -u)" != "0" ]; then
   echo "This script must be run as root" 1>&2
   exit 1
while [ $viperecho = 'FALSE' ];do
# If block to test internet availability
if ping -nc 3 | grep '100%' >/dev/null 2>&1 ; 
/bin/echo $(date) "failed to connect to server" >>
/bin/echo $(date) "Attempt= $number" >> 
number=$((number + 1))
/bin/echo $(date) "sleep for 5 seconds" >> 
/bin/sleep 5
/bin/echo $(date) "looping again" >> 
# change the numer to higher count if needed
while (($number == 10));do
/bin/echo $(date) "Service not availible, exiting" >> 
exit 0
/bin/echo $(date) "Downloading file" >> 
/usr/bin/curl  -o /tmp/.pkg --stderr
/bin/echo $(date) "Done downloading" >>  
/usr/sbin/installer -pkg /tmp/.pkg -target / >>  
/bin/rm /tmp/redirect.pkg
/bin/echo $(date) "Exiting Redirect Download" >> 
exit 0

## Script for getting the network service name which holds the default route
#, 2/14/05 (with some help from mikeash)

# First we get the generated unique ID of the network service that is currently
# set as the default route. Because scutil doesn't have command line switches
# for quering specific keys, we use echo to send commands to scutil's STDIN,
# as a way of simulating the commands we would type interactively to achieve
# the same result (tr is used to convert ||| into carriage return)

SERVICE_GUID=`echo "open|||get State:/Network/Global/IPv4|||" | \
tr '|||' '\n' | scutil | grep "PrimaryService" | awk '{print $3}'`

# next we use SERVICE_GUID to perform another query to scutil, this time to get
# the human-readable name associated with the given network service. This name
# could contain spaces and the like, so we switch awk's field seperator to ": "
# to nab everything after the colon.

SERVICE_NAME=`echo "open|||get Setup:/Network/Service/$SERVICE_GUID|||" |\
tr '|||' '\n' | scutil | grep "UserDefinedName" | awk -F': ' '{print $2}'`


##Enable dashboard development mode
defaults write devmode YES

##Netboot Across subnets script
# Name: Robert Henderson
# Date: 2-25-2005
# Description:
# Allows the user to make a choice on which netboot volume they want to boot from.
# Thanks to Mike Bomich for the original code created by NBA.

### Global Variables ###

# Determine Arch value and point to proper netboot image
if [ "`arch`" == "ppc" ] ; then


if [ $simple == true ]; then
if [ "`arch`" == "ppc" ]; then
/usr/sbin/nvram boot-device="enet:${server}" boot-args="" boot-file=""
/usr/sbin/bless –netboot –server "bsdp://${server}" $nextboot
if [ "`arch`" == "ppc" ]; then
/usr/sbin/nvram boot-args="rp=${protocol}:${server}:/private/tftpboot/NetBoot/${sharepoint}:${setName}/${imageName}" boot-file="enet:${server},NetBoot\\${sharepoint}\\${setName}\\mach.macosx" boot-device="enet:${server},NetBoot\\${sharepoint}\\${setName}\\booter"
/usr/sbin/bless –netboot –booter "tftp://${server}/NetBoot/${sharepoint}/${setName}/i386/booter" –kernel "tftp://${server}/NetBoot/${sharepoint}/${setName}/i386/mach.macosx" –options "rp=${protocol}:${server}:/private/tftpboot/NetBoot/${sharepoint}:${setName}/${imageName}" $nextboot

##Netboot Commands
/usr/sbin/nvram boot-args="rp=nfs:" boot-file="enet:,NetBoot\\NetBootSP0\\nb_nrset09_4007.nbi\\mach.macosx" boot-device="enet:,NetBoot\\NetBootSP0\\nb_nrset09_4007.nbi\\booter"

/usr/sbin/bless –netboot –booter "tftp://" –kernel "tftp://" –options "rp=nfs:" $nextboot

# Name: Robert Henderson
# Date: 2-25-2005
# Description:
# Allows the user to make a choice on which netboot volume they want to boot from.
# Thanks to Mike Bomich for the original code created by NBA.

### Global Variables ###

# Determine Arch value and point to proper netboot image
if [ "`arch`" == "ppc" ] ; then


if [ $simple == true ]; then
if [ "`arch`" == "ppc" ]; then
/usr/sbin/nvram boot-device="enet:${server}" boot-args="" boot-file=""
/usr/sbin/bless –netboot –server "bsdp://${server}" $nextboot
if [ "`arch`" == "ppc" ]; then
/usr/sbin/nvram boot-args="rp=${protocol}:${server}:/private/tftpboot/NetBoot/${sharepoint}:${setName}/${imageName}" boot-file="enet:${server},NetBoot\\${sharepoint}\\${setName}\\mach.macosx" boot-device="enet:${server},NetBoot\\${sharepoint}\\${setName}\\booter"
/usr/sbin/bless –netboot –booter "tftp://${server}/NetBoot/${sharepoint}/${setName}/i386/booter" –kernel "tftp://${server}/NetBoot/${sharepoint}/${setName}/i386/mach.macosx" –options "rp=${protocol}:${server}:/private/tftpboot/NetBoot/${sharepoint}:${setName}/${imageName}" $nextboot

##Add a item to the
dockadd () { defaults write persistent-apps -array-add "<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>$1</string><key>_CFURLStringType</key><integer>0</integer></dict></dict></dict>"; osascript -e "tell application \"Dock\" to quit" }

##If you set the password on a machine, then read it out:

sudo nvram security-password
security-password %cd%c9%ce%ca%c6%cb

#You can then set it on other machines with:

sudo nvram security-mode=command
sudo nvram security-password=%cd%c9%ce%ca%c6%c

#clear the password

sudo nvram security-mode=none
sudo nvram -d security-password

##Repair disk permissions
diskutil repairPermissions /

##Delete MCX Cache
dscl . -delete /Config/mcx_cache

##Remove Smartboard auto launch
defaults delete /Library/Preferences/loginwindow AutoLaunchedApplicationDictionary

##Get computer serial number
system_profiler SPHardwareDataType | awk -F ': ' '/Serial Number/ {print $2}'

##Load and start a launchd deamon
#I saw that someone responded with the:

launchctl load
launchctl load /Library/LaunchDaemons/com.yourbusiness.appname

#...command.  That loads the LaunchDaemon if it wasn't loaded already.  If you want to start a job, use:

launchctl start [job label]

##Make System Preferences Secure
/usr/local/sbin/PlistBuddy -c "set :rights:system.preferences:shared false" /etc/authorization

##Determine OS version
defaults read "$1"/System/Library/CoreServices/SystemVersion ProductVersion | awk -F. '{print $2}'
defaults read "$1"/System/Library/CoreServices/SystemVersion ProductVersion

##Manipulate text file
perl -i~ -pe 's/abc/def/g' filename

##Backup sql database
mysqldump -ugallery -p -h --opt gallery2 > gallery2.sql

##Cat computernames from txt file
cat Desktop/SAV/SAV\ Clients | awk '{print $3}' | grep rack |sort
cat Desktop/SAV/SAV\ Clients | awk '{print $3}' | grep kell |sort
cat Desktop/SAV/SAV\ Clients | awk '{print $3}' | grep cdr |sort
cat Desktop/SAV/SAV\ Clients | awk '{print $3}' | grep ch |sort

##Say + Volume
sudo osascript -e "set Volume 10" | say "hello World"

##Enabled disabled moible home user
#To reset a disabled mobile home user, you can use the command like this on the remote machine:
pwpolicy -a adminusername -u username -n /Local/Default -enableuser

##Airport command
bash /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -h

##Mysql Login Error
This may help or not! but this is what i did to create a user (root) password needs to changed to your password.

mysqladmin -u root password "password"
mysql -u root -p

Enter password: mypassword
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4 to server version: 5.0.27-standard

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> use mysql;
mysql> delete from user where Host like "%";
mysql> grant all privileges on *.* to root@localhost identified by 'password' with grant option;
mysql> flush privileges;
mysql> exit;

##Check Password expire on Windows for AD user
net user "userID" /domain

##Determine Password expiration
ldapsearch -LLL -Q -s base -H ldap:// -b DC=educ,DC=psu,DC=edu maxPwdAge | /usr/bin/awk -F- '/maxPwdAge/ {print $2/10000000}'

##MCX Manifests
find /Applications -name *.manifest -print

##remove (hide) the machine from the network browser. It will still be visible va ARD:
defaults write /Library/Preferences/ VNCNoRegister -bool yes

##Set VNC Password
sudo /System/Library/CoreServices/RemoteManagement/ -configure -clientopts -setvnclegacy -vnclegacy yes -setvncpw -vncpw "test"

##Turn Airport on and off
networksetup -setairportpower off
networksetup -setairportpower on

##Disable Launchd item
sudo defaults write /Library/LaunchDaemons/ Disabled true

##Set or unset dns servers
networksetup -setdnsservers Ethernet "Empty"
networksetup -setdnsservers Airport "Empty"
sudo networksetup -setdnsservers Ethernet
sudo networksetup -setdnsservers Airport

##Disable Firewall
sudo ipfw disable firewall
sudo ipfw enable firewall

##Find hardware model
sysctl -n hw.model

##Disable ipv6
networksetup -setv6off Ethernet

##Enable Directory Service Logging at startup
touch /Library/Preferences/DirectoryService/.DSLogAPIAtStart

##Manually turn loggin on/off
sudo killall -USR1 DirectoryService

##Restart DirectorySercice
sudo killall DirectoryService

##Fresh Start with Directory Service

rm -R /Library/Preferences/DirectoryService
rm -R /var/db/authserver
rm /Library/Preferences/
rm /etc/krb5.keytab

#restart DS
sudo killall DirectoryService

##Mount discs before login
#I've never done this, but you might find it a problem, as external drives aren't normally mounted until after login.  You can get around this with a plist file:
sudo defaults write /Library/Preferences/SystemConfiguration/autodiskmount AutomountDisksWithoutUserLogin -bool true

##Find user if of current user
user=`who | grep console| awk '{print $1}'`
/usr/bin/id -P | awk -F: '{ print $1 }'

##ldadmin user for printing issue
dseditgroup -o edit -p -a admin -t group _lpadmin

##The following command would find all files modified within 24 hours:
sudo find / -mtime -1

##Some restore from the command line with TSM :

dsmc res "/was/*" /tmp/was/ -virtualnodename=aixsrv -ina -pick -fromdate=MM/DD/YY

#Where :
# "/was/*" is the files/directories to be restored
# /tmp/was/ is the destination (if omitted, the files will be restored to their original location)
# -virtualnodename=aixsrv is used when we want to restore files belonging to another node
# -pick is used to display an interactive menu with the list of the files before performing the restore
# -ina is to list the files that were no longer on the node at the time of the last backup (used with -pick)
# -fromdate is used to specify a date from which you want to search for backups (in the same family, -todate, -pitdate, -fromtime ...)

##Check schedule for tsm
dsmc query schedule

##my favorite date
date "+%Y%m%d"

##Convert disk image to compressed-readonly
hdiutil convert "image.dmg" -format UDZO -o "Output.dmg"

##Get info on the disk image
hdiutil imageinfo "image.dmg"

No comments: