Get Folder or Volume Size in Terminal

February 28, 2020 ~ Ed ~ Leave a comment

du -sh /directory/path

macOS Server Account Lockout Policy Enforcement

February 14, 2020 ~ Ed ~ Leave a comment

In light of macOS Server removing the Account Lockout Policy Enforcement feature from the GUI, one can still apply this enforcement by way of terminal command on the Open Directory Server itself. For Example:
Set LDAP Account Policy Enforcement:

pwpolicy -a <<diradmin>> -p <<password>> -u <<username to unlock> -setpolicy "maxFailedLoginAttempts=1"

** This sets 5 password failed attempts along with 60days password reset

sudo pwpolicy -a diradmin -u edtester -setpolicy "maxMinutesUntilChangePassword=86400 maxFailedLoginAttempts=5"

Unlock account:

pwpolicy -a <<diradmin>> -p <<password>> -u <<username to unlock> -setpolicy "isDisabled=0"

Link to technical article: https://superuser.com/questions/577273/osx-server-ldap-pwpolicy-how-to-disable-a-account

Helpful links:
https://www.jamf.com/jamf-nation/discussions/14460/pwpolicy-at-single-user-mode

https://krypted.com/mac-security/programatically-setting-password-policies/

https://www.unix.com/man-page/osx/8/pwpolicy/

Company and or Government Policy Warning banner Splunk web login pageyouyou

February 9, 2020 ~ Ed ~ Leave a comment

Splunk forum member: lguinn2 shows us to:

Put the following in the configuration file web.conf (perhaps in etc/system/local or etc/apps/search/local)

login_content =

Your message here

Found information here: https://answers.splunk.com/answers/320607/is-there-way-to-add-a-warning-message-in-splunk-we.html

Adobe Check expiration of volume or enterprise serial numbers

February 7, 2020 ~ Ed ~ Leave a comment

Run AdobeExpiryCheck tool
Run AdobeExpiryCheck on a local Windows machine
Launch command prompt and run the AdobeExpiryCheck tool.
The tool displays the product licensing identifier, the encrypted serial number, and the expiration date.

https://helpx.adobe.com/enterprise/kb/volume-license-expiration-check.html

Link to Adobe Creative Cloud Software: Adobe Creative Cloud 12-month Plan Subscription

Adobe CC 2018 Enterprise make-adobe-cc-license-pkg

February 7, 2020 ~ Ed ~ Leave a comment

Timothy Sutton timsutton – Bromont, Québec – Tim has written a script that packages adobe serialization tools

This is a command-line tool that makes it easier to deploy Adobe Creative Cloud device license files (output by the Creative Cloud Packager application) on OS X, by building them into a standard OS X package installer.

Timothy Sutton timsutton – Bromont, Québec

https://github.com/timsutton/make-adobe-cc-license-pkg

Remove Host from Splunk Searches Data Summary

February 7, 2020August 29, 2020 ~ Ed

Rich Mahlerwein writes on a Splunk comment:
Carefully craft a search that returns those rows and ONLY those rows. There’s isn’t enough information here to know precisely what it is that search will look like.

You could start by doing something like a * | stats count by sourcetype to find out what sourcetype the ones you want to get rid of are, since I think this is your determining factor (remove all of that older sourcetype).

Once you’ve determined the sourcetype (or anything unique) of the data you want to remove, craft yourself a search that displays just those events. Perhaps

index=* sourcetype=Y

Make double sure this works right. It should include ALL the rows you want to have removed, but include NO rows that you want to keep. This is the search we’ll use to actually do the delete with.

Then follow the steps in the documentation on removing data from indexes using YOUR search to prevent those results from showing up again. To recap “how to delete data” from the docs, it’s basically
1) Add “delete” capabilities to a role (preferably use a special user)
2) Log in as that role
3) Use that search we made above, double-check that it returns the right data and only that data.
4) Then run that search | delete
5) Watch the output, it’ll tell you how many events got deleted.

Then log OUT as that special user (and I’d suggest disabling it, but you can do what you want), log back in as your usual user and check that you only have the right data in there now.

This is all thanks to:
Rich Mahlerwein
http://www.sideviewapps.com

Global Launch Daemons launchd

February 4, 2020August 29, 2020 ~ Ed

Save the file here:
/Library/LaunchDaemons/examplelaunchd.plist

set root permission:
sudo chown root /Library/LaunchDaemons/examplelaunchd.plist

sudo launchctl load -w /Library/LaunchDaemons/examplelaunchd.plist

You can stop the service using the unload subcommand.
sudo launchctl unload /Library/LaunchDaemons/examplelaunchd.plist

sudo launchctl list

Link:
https://serverfault.com/questions/194832/how-to-start-stop-restart-launchd-services-from-the-command-line

what’s keeping my Mac awake

February 2, 2020August 29, 2020 ~ Ed

pmset -g assertions

link: https://www.macworld.com/article/1168151/find-out-whats-keeping-your-mac-awake.html

If you are looking for the nuclear option like I was:

sudo systemsetup -setcomputersleep Never

Schedules a repeating wake or power on event every tuesday at 12:00 noon, and a repeating sleep event every night at 8:00 PM.

pmset repeat wakeorpoweron T 06:00:00

https://www.dssw.co.uk/reference/pmset.html

link here:https://gist.github.com/pwnsdx/2ae98341e7e5e64d32b734b871614915

https://gist.github.com/pwnsdx/2ae98341e7e5e64d32b734b871614915

Find Every Application (.app) Anywhere on the Mac via Command Line

February 1, 2020 ~ Ed ~ Leave a comment

Find Every Application (.app) Anywhere on the Mac via Command Line

sudo find / -iname *.app > ~/Desktop/EveryMacDotApp.txt

Once again, thanks to OSXDaily for this technical tidbit: http://osxdaily.com/2015/05/25/list-all-applications-mac-os-x/