Surviving OS X as a Windows Admin

1Dell World User Forum

UFIL522: Surviving OS X as a Windows AdminJeffrey J Hoover, Senior TrainerMichael Klocek, Learning Development

Dell WorldUser Forum


Agenda

• Comparing OSX & Windows

• Permissions

• Preferences

• Security

• Launchd

3 Dell World User Forum

Comparing OSX & Windows


Buttons & Windows

• A bit different


Menus

• At the top of the screen

• Varies by Application

• Standards


Dock

• Shows Running or saved items

• Configurable


Navigation

• Program Switching– Command-Tab– Click on Dock Icon

• Program Launching– Dock– Launchpad– Spotlight– Finder double-click

• Finding Files – Finder Navigation– Finder Search/Spotlight– /usr/bin/find

› $ find /Library -name "AMP*" -print


General Concepts

• It’s like Windows, only different– Some people say very different– Others say not so much

• Windows is a GUI with a command line option

• OS X is a GUI running on Unix

• K1000 needs command lines


Comparisons

OS X Windows

Terminal Command Prompt

Disk Image (DMG) ISO

Command Key Control Key

Command-C Control-C

Finder Windows Explorer

Safari IE

Firefox Firefox

System Preferences Control Panels

.APP .EXE

Menu Start

OS X Windows

ls (UNIX command) dir (DOS command)

/Volumes/ C:\

/ \

daemon Service

Plist files for configuration

Registry files for configuration

/System C:\Windows\

Dock Task Bar

App wide Menus Window Menus

Get Info Properties

Folders (Finder) Directories


Example Keyboard Shortcuts (Boot)Option Display all bootable volumes (Startup Manager)

Shift Perform a Safe Boot (start up in Safe Mode)

Left Shift Prevent automatic login

C Start from bootable media (DVD, CD, USB thumb drive, and so forth)

T Start in FireWire target disk mode

N Start from NetBoot server

X Force Mac OS X startup (if non-Mac OS X startup volumes are present)

D Use Apple Hardware Test

Command-R Use Recovery (OS X Lion or later)

Command-V Start in Verbose Mode

Command-S Start in Single User Mode

Command-Option-P-R Reset NVRAM / parameter RAM

Hold down the Media Eject (⏏) key or F12 key, or mouse or trackpad button

Eject removable discs


Keyboard Shortcuts

Key

Name Note

⌘ Command key Could also have (Apple Logo)

^ Control key

⌥ Option key Could also have ‘alt’

⇧ Shift key

⇪ Caps Lock

fn Function key

⏏ Eject key Makes the ‘F’ keys dual purpose

Dell World User Forum

Demo: Navigation


Deeper into OS X

• File System

• Terminal

• Library Directories

• Permissions and ownership

• Preferences & Property Lists (plists)

• Security


File System

• Command line is essential for KACE

• Unix – FreeBSD/Darwin distribution– Case Sensitive– Forward Slashes


Structure

File structure starts at the Root of the Drive. Not much is visible in the GUI, but the command line reveals more.


Terminal

• Command line is the way to go with the K1000

• Shell– Think: CMD or PowerShell– OS X supports: bash (default), csh, ksh, sh, tsch, & zsh

• Manual Pages ‘/usr/bin/man’– e.g., ‘man ls’ will show you the manual for the ls command

• Navigation is similar, but listing the directory contents is different– cd = change directory. – $ cd /Library will take you to the /Library directory– ls = list. Similar to dir command.– ifconfig = ipconfig


Bash Tricks & Survival

• !$ - Use the last ‘noun’ in history.– $ ls /bin #shows the list of the /bin directory– $ cd !$ #Changes to the /bin directory

• ~ - shortcut to current user’s home directory– cd ~\Library #changes to the local user’s /Library

• . - current directory

• .. – parent directory

17


Terminal Tricks (bash). Current directory $ open .

.. Parent directory $ cd ..

!7 Rerun 7th command in history $ !7

!! Repeat the last command $ sudo !!

!$ Use the last noun used $

History 10 Show the last 10 commands

!grep Run the last command that started with ‘grep’

$ !grepgrep 389/etc/services

<tab> Autocomplete /Lib<tab>

<arrow up> scroll through history

./ Execute something in the current directory

$ ./AMPTools set HOST=kbox.example.com


Terminal Tricks (bash)dirs show directory stack $ dirs

pushd Push a directory into stack $ pushd ~/Library/Preferences

popd cd to the next dir in stack $ popd

grep Search for something $ grep 389 /etc/services

| pipe – execute another command on the output

$ ps –ax | grep AMP

^x^y Replaces x with y in previous command

$ cat fiel$ ^fiel^file

> Redirect output $ cat etc/hosts > /tmp/hosts.txt

; Separate two commands $ uptime > uptime.txt ; cat uptime.txt

sudo Run command with Admin Privileges

$ sudo make me a sandwich


Demo: Terminal Commands


Library

• Library directories are the home to:– Configuration files– Fonts– Plug-ins– Preferences– Scripts– …and more.

• Several different Library directories on the system:– System– Network– Local– User


Library

• /Library– Local Library for application, developer, and all user use– Typically the best place for Fonts, Plug-ins, and other

resources needed by all users. – Has Application Support and Preferences– Non dynamic path

• ~/Library– User Library– Dynamic Path– Usually used for user preferences and other user items


/Network/Library

• Rarely used, requires Directory binding

• Usually the last place something is looked for


~/ (User’s Home)

• User’s files• Default folder structure• ~/Library is hidden by

default• Mail• Preferences• User Application

Settings (Application Support)


Permissions


Permissions

• GUI

• Get Info…


Permissions

• UNIX File Permisions– /bin/chmod to Change

› chmod 775 ~/Documents› chmod +rw ~/Documents


Ownership

• UNIX ownership Rules – Owner and Group

• /bin/chown to Change– chown root:wheel /Library/LaunchAgents/foobar.plist


Demo: Permissions


Preferences


System Preferences

• Apple Control Panels

• Third Party Control Panels

• Most write to plists or other config files


System Preferences


System Preferences


Demo: Add User


Demo: Enable SSH


Preferences

• Behind the GUI

• PLIST (Property List) files are like Registry Keys– Not mandatory, but wide-spread

• Checks in ~/Library first, then /Library

• ~/Library/Preferences/com.apple.finder.plist– Contains information about windows, Desktop, icons, views, etc.


PropertyList files

• XML or binary based

• Change or view with – /usr/bin/defaults – /usr/libexec/PlistBuddy– Text Editor– XCode


/usr/bin/defaults

• defaults read – list values– $defaults read com.apple.finder CreateDesktop– 1

• defaults write – change value– $defaults write com.apple.finder CreateDesktop -bool false

• May need to restart effected process – $killall Finder

› This works because the finder is monitored by launchd and always kept running


/usr/bin/defaults

• Don’t use defaults if there is a command write to do it…

• Return System Name1. PlistBuddy -c 'Print System:System:ComputerName'

/Library/Preferences/SystemConfiguration/preferences.plist

2. system_profiler SPSoftwareDataType |grep Computer|awk '{ print $3 }’

3. defaults read /Library/Preferences/SystemConfiguration/preferences.plist System |grep "ComputerName =" |awk '{ print $3 }'|sed s/\"//g | cut -f 1 -d';’

4. scutil --get ComputerName


Demo: Defaults


Security


Security

• Standard Sysadmin procedures and policies apply

• Gatekeeper (authorized Apps)

• FileVault (Disk Encryption)

• Certs and Keychains


Security – Standards

• Create a Separate Administrator AccountSystem Preferences > Users & Groups

• Disable Automatic LoginSystem Preferences > Users & Groups (Login Options)

• Require Password Lock when SleepingSystem Preferences > Security & Privacy > General

• Require Password to Modify PreferencesSystem Preferences > Security & Privacy > General

• Block All Incoming ConnectionsSystem Preferences > Security & Privacy > Firewall (Advanced)

• Do Not Allow Safari to Open Safe FilesSafari > Preferences > General

• Update Software RegularlySystem Preferences > Software Update


GateKeeper

"Gatekeeper is a new feature in Mountain Lion and OS X Lion v10.7.5 that builds on OS X's existing malware checks to help protect your Mac from malware and misbehaving

apps downloaded from the Internet." --Apple

• Relies on Certs between the Developer and Apple.

• It is there for a reason… but it can get in the way.


Gatekeeper

• System Preferences– Security level

• Anything new may get caught.

• Some things are quarantined


Gatekeeper

• You may have seen these:


Gatekeeper

• Get around it by right-clicking (control-click) and choose Open

• Then confirm you meant to open that


Gatekeeper

• If cert isn’t present or valid, gatekeeper interrupts and Quarantines the application

• Quarantines can be manipulated using /usr/bin/xattr


FileVault 2

• Disk Encryption

“FileVault 2 uses full disk, XTS-AES 128 encryption to help keep your data secure. With FileVault 2 you can encrypt the contents of your entire drive.”

• Lion & Mountian Lion only (10.7+)

• Recovery Key! Don’t lose it!

• FileVault originally only encrypted User’s Home directory.


FileVault 2

• Recovery Key! Don’t lose it!


Keychain


Keychain

• Keychain Access.app– Holds passwords (that you choose to have the system save)– Certificates – Secure Notes, etc.

– Can be leveraged via Command line for Scripts› you read the username like this from the command line

security find-internet-password -s ftp.home.com | grep "acct" | cut -d '"' -f 4

› The service is what you entered in keychain, but without the prefix. And finally your password

security 2>&1 >/dev/null find-internet-password -gs ftp.home.com | cut -d '"' -f 2

› That’s all. No more plain text passwords in your script.


Launchd(Like Services in Windows)


/sbin/launchd

• Service management framework

• Always running

• Monitors processes

• Scheduled actions

• Daemons run across the system

• Agents run as the User


/sbin/launchd

• Agent files

• ~/Library/LaunchAgents/ ... .plist

• /Library/LaunchAgents/ ... .plist

• /Library/LaunchDaemons/ ... .plist

• /System/Library/LaunchAgents/ ... .plist

• /System/Library/LaunchDaemons/ ... .plist

• /Network/Library/LaunchAgents/ ... .plist


/sbin/launchd

<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"><dict>

<key>Label</key><string>com.kace.ampagent</string><key>ProgramArguments</key><array>

<string>/Library/Application Support/Dell/KACE/bin/AMPAgent</string></array><key>WorkingDirectory</key><string>/Library/Application Support/Dell/KACE/bin</string><key>RunAtLoad</key><true/><key>KeepAlive</key><true/>

</dict></plist>

http://www.apple.com/DTDs/PropertyList-1.0.dtd

http://www.apple.com/DTDs/PropertyList-1.0.dtd


Demo: Launchd


Round-Table Discussion

Topics for discussion:

• Differences in K1 Management of MacOS– Patching– Software Distribution– Scripting

• How does Netboot work?


Thank you.


KACE Support Portal Migrating to Dell Software Support Portal

• Starting in November, all KACE Support Portal material will be migrated to the Dell Software Support Portal

• All service requests will be submitted online or by phone

• Same great content– Knowledge base articles– Video tutorials– Product documentation– JumpStart training

• Check out the Support Portal Getting Started videos

Date post:	25-Jul-2015
Category:	Software
Upload:	dell-world
View:	73 times
Download:	2 times