Instead of using the Cisco VPN client to access the ITCom VPN, you can use Snow Leopard’s built-in VPN client to do so. Here are the steps involved:

1. Open the Network preference pane in System Preferences.
2. Click the plus sign to add a new network interface.
   • For Interface, select VPN.
   • For VPN Type, select Cisco IPSec
   • Write a descriptive description.
3. Navigate to the ITCom page to download the desired VPN profile (either off-campus or on-campus).
4. Viewing the profile as a text file, you can see key-value pairs with the format KEY=VALUE.
5. Back in the Network preference pane, select your newly-created VPN. Set the following values:
   • Server Address: set to the Host value in the profile.
   • Account Name: set to your uniqname.
   • Password: set to your Kerberos password (though you'll still need to enter it upon connecting).
6. Click “Authentication Settings...”. Set the following settings:
   • Shared Secret: set to the GroupPwd value in the profile.
   • Group Name: set to the GroupName value in the profile.

Connect to the VPN and you’ll be able to access campus resources from home.

If you're using MCX, that should be all you need to do. If you're using Radmind, the easiest way to propagate that setting (aside from local MCX) is to write it to /Library/Preferences/com.apple.Safari.plist with the defaults command.

1) use a cname and

2) does not appear to require the MAC address of the license server in the config line.

/Applications/MATLABver/licenses/network.lic:

SERVER license-server.x.x.x.x 27000
USE_SERVER

done.

	Label
	edu.umich.printdialog.default.extended
	ProgramArguments
	
		/usr/bin/defaults
		write
		-g
		PMPrintingExpandedStateForPrint
		-bool
		TRUE
	
	RunAtLoad
	

Because the Label string is edu.umich.printdialog.default.extended, the plist is written to /Library/LaunchAgents/edu.umich.printdialog.default.extended.plist.

#!/bin/sh

# a script to randomize the computer's wake time

pmset=`whereis pmset`
type=wakeorpoweron
days=MTWRFSU

# The maximum number of seconds past 3:15 AM to wake up.
maxsleep=5400

# Randomize the number of seconds.
sleeptime=`perl -e 'srand (time ^ $$ ^ unpack "%L*", \` ps axww | gzip\`);\
        print int(rand( $ARGV[0] ));' $maxsleep`

# Default time to wake up is 3:15 AM.
hours=3
minutes=15
seconds=0

# Convert the number of seconds into hour, minutes, seconds

# Subtract hours.
while [ $sleeptime -gt 3599 ]
do
        # At least 1 hour.
        let "hours += 1"
        let "sleeptime -= 3600"
done

# Subtract minutes.
while [ $sleeptime -gt 59 ]
do
        # At least 1 minute.
        let "minutes += 1"
        if [ $minutes -gt 59 ]
        then
                let "hours += 1"
                let "minutes -= 60"
        fi
        let "sleeptime -= 60"
done

seconds=$sleeptime


# Convert to xx:xx:xx format

if [ $hours -lt 10 ]
then
        tmp=$hours
        hours="0${tmp}"
fi

if [ $minutes -lt 10 ]
then
        tmp=$minutes
        minutes="0${tmp}"
fi

if [ $seconds -lt 10 ]
then
        tmp=$seconds
        seconds="0${tmp}"
fi

fulltime="${hours}:${minutes}:${seconds}"

${pmset} repeat ${command} ${type} ${days} ${fulltime}

root# ls -1 /var/db/dyld/
dyld_shared_cache_i386
dyld_shared_cache_i386.map
dyld_shared_cache_rosetta
dyld_shared_cache_rosetta.map
dyld_shared_cache_x86_64
dyld_shared_cache_x86_64.map
shared_region_roots

Whereas on an older, PowerPC-based system, you see this output:

root# ls -1 /var/db/dyld/
dyld_shared_cache_ppc
dyld_shared_cache_ppc.map
dyld_shared_cache_ppc64
dyld_shared_cache_ppc64.map
shared_region_roots

Without being properly managed, you may see error messages in the system log as follows:

To properly manage this with Radmind, you should do the following:

• Include the directories /private/var/db/dyld and /private/var/db/dyld/shared_region_roots in your base transcript. The items in the latter directory should also be included and managed with Radmind.
• Ensure you’re using Radmind version 1.11.0 or higher, as those versions support exclude patterns.
• Add the following lines to your command file (the comments are optional):

  # Exclude prebinding cache files
  # dyld_share_cache files come in i386 and powerpc flavors
  x ./private/var/db/dyld/dyld_shared_cache_*
  # Is there more than an *.applesaved version of this file?
  x ./private/var/db/dyld/update-prebinding-paths.txt.*

• Add the update_dyld_shared_cache command to your Radmind scripts to ensure that the libraries are updated when you apply system updates. This should be a post-apply script (or after lapply in your main Radmind script).

This will allow your systems to remain up-to-date and still allow you to manage them through Radmind.

• /Applications/Firefox.app/Contents/MacOS/application.ini: Change “EnableProfileMigrator=1â€? to “EnableProfileMigrator=0â€? to disable the prompt on startup to import Safari preferences.
• /Applications/Firefox.app/Contents/MacOS/browserconfig.properties: This file contains the default homepage for the browser. Change it as you like and all newly-created profiles will lead the user to the page you specify.
• /Applications/Firefox.app/Contents/MacOS/defaults/profile/bookmarks.html: Change this file to alter the default set of bookmarks your users receive on new profile creation.
• /Applications/Firefox.app/Contents/MacOS/defaults/profile/prefs.js: This file has no settings defined by default, but you can add your own if you like. We added the following settings:
  • user_pref("browser.startup.homepage_override.mstone", "ignore"); disables a user receiving notification of a new version of Firefox when they're updated.
  • user_pref("browser.shell.checkDefaultBrowser", false); causes Firefox to skip the prompt on startup to make it the default browser.

Your needs may vary, and you can do a lot more inside the application bundle, such as putting extensions in the /Applications/Firefox.app/Contents/MacOS/extensions folder. Putting default settings here has two main advantages over putting it in the default user profile:

1. Firefox profiles are only created as needed. Not copying over a default profile reduces login time, and users who use Safari will never need a Firefox profile.
2. Using a default profile, all profiles have the same name (e.g. ~/Library/Application Support/Firefox/Profiles/m6oj7kr0.default/). The method I’ve outlined in this post results in differently-named Firefox profiles. I have no idea if this is an advantage, but Firefox’s developers randomize the profile folder name for a reason, and this method preserves their methodology.

Update 8/5/08: Added application.ini info.

Using this script, we can automate the archival process for old transcripts. Our obsolete folder isn’t included in syncs, and it’s located on a RAID array, so we aren’t concerned about data loss, merely with ensuring that our satellite servers have the transcripts that are in use.

#!/bin/bash

# Backs up a transcript to ~/transcript/obsolete

Transcript=$1
TranscriptNoPath="`echo $Transcript | awk 'BEGIN { FS = "/" } { print $NF }'`"
TranscriptNoEnding="`echo $TranscriptNoPath | sed -e \"s/\.T//\"`"
Today="`date +%Y%m%d`"
Target="/var/radmind/transcript/obsolete/${TranscriptNoEnding}.${Today}.T"

/usr/local/bin/lmerge -I $Transcript /dev/null $Target

Just change “/var/radmind/transcript/obsolete/â€? to whatever folder you want to use.

#!/bin/bash

# HostNamer - Gets proper hostname from server and tells OS X to use it.

PATH=/bin:/usr/bin:/usr/sbin:/sbin:/usr/local/bin; export PATH

get_ip(){
        IPADDR="`/sbin/ifconfig en0 | awk '{ if ( $1 == "inet" ) print $2 }'`"
        IPBEGIN="`echo ${IPADDR} | awk '{ split($1, a, "."); print a[1] }'`"
}

# Get IP address.
get_ip

# Make sure that IP is valid (i.e. starts with "141.")  If not, wait and try again.
# Will only try 10 times.
count=0

while [ "${IPBEGIN}" != "141" ]; do
        let "count += 1"
        echo $count
        if [ $count -gt 10 ]; then
                logger -is Failed to get correct IP address.
                exit 1
        fi

        sleep 10

        get_ip
done

HOSTNAME="`host ${IPADDR} | awk ' { for ( x = 1; x < 20; x++ ) if ( $x == "pointer" ) print $(x+1) }' | awk '{ split($1, a, "."); print a[1] }'`"

scutil --set ComputerName "${HOSTNAME}"
scutil --set LocalHostName "${HOSTNAME}"
scutil --set HostName "${HOSTNAME}"

# Now, rename the disk.

# Get the correct disk name to use
DiskName="`diskutil list | grep -m 1 Apple_HFS | awk '{ print $NF }'`"

diskutil rename $DiskName $HOSTNAME

The portion that checks for a correct IP (for us, 141) is there because on Intel-based Macs, we noticed that the script was called before the network was up—we’re running it via a StartupItem. We also created a link to this script in our Radmind post-apply folder, so the system will be renamed before rebooting. That way, it comes up with its correct name. Finally, we rename the hard disk to the hostname to allow for easy identifiation of in-use computers.