Archive for June, 2007

Securing Communications with SSL/TLS: A High-Level Overview

Ed. Note: While some of the functionality mentioned in the articles below is available in the Certificate Assistant, which is part of Keychain Access, the articles will give you insight into what's going on behind the scenes.

I wrote a long article for TidBITS about SSL/TLS, attempting to explain it to a lay audience. I wrote another piece for admins on how to use, which TidBITS didn't pick up, and a third piece on a couple shell scripts I wrote to help run a Certificate Authority, called cert.command & sign.command. I hope you find them interesting and useful.

  1. TidBITS: Securing Communications with SSL/TLS: A High-Level Overview
  2. Full Series (3 parts, with scripts): Securing Communications with SSL/TLS
Read more

HOWTO: prevent weak or undesirable passwords with weakpass_edit

Hidden deep in the bowels of the password server you will find some interesting, if seldom used, password policies that can be applied. Here Arek Dreyer takes a look at the weakpass_edit command and how it can help you refine your security policies.

Read more

Quota Monitor Menu

Quota Monitor Menu

By Adam Gerson 

The Situation: You have a Mac OS X Server with network home directories and disk quotas enabled.
The Problem: The Mac OS Finder on client machines does not have very good support for warning users they are approaching their file quota limit. They end up all of sudden unable to save files with little or no explanation as to why.
The Solution: QuotaMonitorMenu places the user’s home folder quota status right in the menu bar. It will also pop up warnings at regular intervals. All warnings and text are customizable.
Download (Now with package installer!)
Screen Shot

If you would like the source code or have any questions please feel free to email agerson AT mac DOT com

Read more

Active Directory Plug-in Tips

Some tips and information on the AD plugin.

Read on for some ideas about setting up home directories and links to other resources.

Read more

Changing the root password from S.U.M.

I just finished up a small article on my companies new blog about gaining access to a server or client system via single user mode and resetting the root password without any deamons running using nicl. I provide a general outline of how the basics work for local account passwords as well. Hopefully an interesting read for those lab admins who are still on the fence about using Firmware Passwords, or those not familiar about some of the local DirectoryService basics.You can find it here

Read more Webcast June 19th 2007: Intermapper

The next webcast, Intermapper, will take place on Tuesday, June 19th 2007 at 10:00am PDT.

In this webcast, join John Sutton from Dartware and Matt Federoff from Vail Unified School District as they discuss InterMapper.  Learn how InterMapper, a  cross-platform network monitoring, mapping, alerting and fault finding software, can maximize uptime with 24/7 monitoring of your network's health.  See how, with InterMapper RemoteAccess, the server/client configuration adds tremendous scalability and flexibility to monitoring your network.

The webcast ID needed to view the June 19th 2007 webcast is "MacEnterprise".

The passcode for the webcast is "257782"

For more information on how to view the webcasts, please visit:

To view the webcast, go to the following web page 5-10 minutes prior to the webcast start time:

Read more