OpenSSL CSR with Alternative Names one-line | End Point Blog

openssl req -new -key endpoint.com.key -sha256 -nodes -subj ‘/C=US/ST=New York/L=New York/O=End Point/OU=Hosting Team/CN=www.endpoint.com/ emailAddress=administrative-not-existent-address@our-awesome-domain.com/ subjectAltName=DNS.1=endpoint.com, DNS.2=usually-not-convered-domain.endpoint.com, DNS.3=multiple-domains-crt.endpoint.com’ > http://www.endpoint.com.csr via OpenSSL CSR with Alternative Names one-line | End Point Blog

Advertisement

OS X Server Port Conflict on 8443

Apache Server now tries to consume 8443, as does Apache Tomcat. system.log will show constant failures… Apr 12 12:03:24 mbp com.apple.xpc.launchd[1] (com.apple.serviceproxy[1085]): Service exited with abnormal code: 1 If you want Tomcat to have 8443, tell Apache to stop using it by commenting out the listen… Edit /Library/Server/Web/Config/Proxy/apache_serviceproxy.conf listen 80 listen 443 listen 8008 listen 8800Continue reading “OS X Server Port Conflict on 8443”

Python to list members of Open Directory Group

#!/usr/bin/python import ldap uri = ‘ldap://localhost’ userDN = “uid=diradmin,cn=users,dc=mbp,dc=local” pw = “pwd” groupName = “cn=workgroup,cn=groups,dc=mbp,dc=local” ldapClient = ldap.initialize(uri) ldapClient.set_option(ldap.OPT_REFERRALS, 0) ldapClient.bind(userDN, pw) results = ldapClient.search_s(groupName, ldap.SCOPE_BASE) # print results for result in results: result_dn = result[0] result_attrs = result[1] # print result_dn # print result_attrs if “memberUid” in result_attrs: for memberUid in result_attrs[“memberUid”]: print memberUidContinue reading “Python to list members of Open Directory Group”

Casper Suite Documentation

Casper Suite Release Notes http://docs.jamfsoftware.com/casper-suite/release-notes   Casper Suite Administrator’s Guide http://docs.jamfsoftware.com/casper-suite/administrator-guide   JAMF Software Server Installation and Configuration Guide for Linux http://docs.jamfsoftware.com/casper-suite/jss-install-guide-linux   JAMF Software Server Installation and Configuration Guide for OS X http://docs.jamfsoftware.com/casper-suite/jss-install-guide-osx   JAMF Software Server Installation and Configuration Guide for Windows http://docs.jamfsoftware.com/casper-suite/jss-install-guide-windows   Manually Installing the JAMF Software Server http://docs.jamfsoftware.com/casper-suite/jss-install-guide-manually   QuickStartContinue reading “Casper Suite Documentation”

Disable the SD Card Reader on OS X Macs

OS X has a restrictions profile to disable external devices (USB/Thunderbolt/Firewire) but treats the SD card reader as an internal device. That makes it a challenge to align with NIST 800.53 Apple RADAR 21204193 We can do the following at startup to disable SD writes while still having read ability… /sbin/kextunload /System/Library/Extensions/AppleSDXC.kext/ We can alsoContinue reading “Disable the SD Card Reader on OS X Macs”

Unlock OS X System Panes for Non-Admin Users

It’s much easier to use “security authorizationdb” than attempting to modify /etc/authorization manually, especially since it’s not a simple plist anymore — it’s moved to a database as have many OS X preference settings. Depending on parental control settings you might be using, you may need to unlock the sysprefs generally before unlocking specific panes: /usr/bin/security authorizationdbContinue reading “Unlock OS X System Panes for Non-Admin Users”