Scripts for adding/deleting/modifying Open Directory accounts?

Similar Messages

• Script for adding a login item for all accounts in the system

  Hi,
  Thanks for reading this query. I am new to the mac environment. I have developed a java application and created an installer of this application for MAC system.I want to run this application on starting the system. So I have written an apple script for adding this application in login items and this script will run immediately after completing installation process. And the entire process is fine. But the problem is, the application is added to login items of only the user who installed the application. But I want to get available the application in the login list of all accounts created in the system. How can I achieve this? Once more thanks in advance. I am attaching my script below:
  +*tell application "System Events"*+
  +* make login item at end with properties {path:"/Applications/MyApplication.app", hidden:true}*+
  +*end tell*+

  Hi,
  Try to use tables RSOSFIELDMAP, RSDSSEGFD and RSTRAN
  Hope it helps
  bhaskar

• Some Open Directory accounts will not log in

  At the school where I work, the Open Directory master is running 10.6.8 Server and the clients are running 10.7.4. I am preparing images to update all the clients to 10.8.3, and I've run into a curious issue.
  In our setup, we have a single Open Directory account for each classroom. They are set up for simultaneous login, and their home folders are created in /Users rather than on a network share. We have 20 or so unique room accounts, and the text boxes I'm working with now can log into almost all of them. However, there are a few that simply refuse.
  When I attempt to log into one of those accounts, the login window immediately shakes as if I've put in the wrong password. However, I've confirmed that the password is correct. I've also checked through the settings of those accounts to make sure they're in line with all the rest of them. I know that they work because our lab Macs, which are currently running 10.7.4 are able to log into them just fine.
  I've tried unbinding and rebinding the clients to the OD server, as well as manually creating a home folder in /Users, neither of which works. I have found a little bit of voodoo that seems to work sometimes. I have to bind to the OD server, then check "Allow Network Users at Login Window", then select "Only These Users", then add all of the available network users to the list. Then, I delete them all, restart the computer, and sometimes that works. Not always though.
  Has anybody run into this before?

  As far as I can tell, the server isn't logging much with regard to the passwords being refused. I have tried attempting to log in to the accounts that don't work and then checking the Open Directory logs within Server Admin, but I don't see anything either relating to that user or with a timestamp that's close to the time to log in.
  On the client side, the log entry I see that relates to that user trying to log in is:
  5/30/13 10:03:28.001 AM SecurityAgent[147]: User info context values set for r364epson
  Which log in the Server Admin app would errors like this be likely to be logged in?

• Help needed to log into an Open Directory account which has the same username as the local account

  Hello,
  I have successfully setup a Mac OS X Lion Server and it is an Open Directory Master. On the server Ihave created an account with the name 'Connor'. I have numerous Macs (allrunning OS X 10.7 Lion) connected to this server but on one of the Macs thereis a local account with the name 'Connor' too (the local and networked accountshave different passwords). I want to log into the Open Directory account onthat mac. So, I have done an authenticated bind to the server, but when I go tolog in the password box shakes. I think the computer thinks I am trying to loginto the local account and not the Open Directory account. On Windows, I canlog into either the local accounts or the networked accounts by typing\LOCAL-COMPUTER-NAME\Connor. So, I was wondering if there was a similar commandto do this on Mac.
  I don't think I haveworded this very well, so if someone doesn't understand please ask me somequestion about the problem and I will try and explain it better.
  Any help would be greatlyappreciated,
  Connor

  Maybe I didn't make myself clear. I have used directory utility to do an authenticated bind to my server. I also have no problem logging into other accounts in the Open Directory. But, I just can't log into the account which has the same name both in the Open Directory and locally.
  Was there something I missed in Directory Utility? Could you please help me if this is so.
  Thanks for replying so quickly

• Possible to convert ordinary accounts to Open Directory accounts?

  This might be a naive question. But I need to set up accounts for users on this Mac Pro configured with Leopard Server and they may need to be Open Directory accounts, i.e. we may decide to create portable accounts for the whole cluster and have them hosted on this server. I won't know for sure until we have fully discussed the intended uses of the machine, which could take some time. So I am wondering if I can just give users ordinary accounts using System Preferences and then convert them at a later date to Open Directory accounts. I tried to do this with the first account I created for myself on the system and found that the name spaces of the two kinds of accounts conflict, and it's especially hard/dangerous to change a short name (is this really true??)
  It would be confusing for users and a headache for me if everyone has two distinct and unrelated accounts. Thanks in advance for any help.

  Hi Liz
  +I do get a warning if I launch Server Preferences: it says "Server Preferences can't be used with advanced configurations of Mac OS X Server." Doesn't that confirm that I chose Advanced?+
  I guess it does?
  I'm thinking you might be getting System Preferences and Server Preferences confused? Your original post was about converting ordinary accounts to Open Directory ones? Provided you've configured the Server as an Open Directory Master with all that that entails then you can install a clean OS on your clients. Provided the DHCP Server is handing out the correct information then after the OS has been installed and at the point the Setup Assistant asks you to create the initial account you should be given a choice to either create one locally or use one that is from Open Directory. If you choose the latter option then a generic local admin account gets created anyway. This is how its supposed to work. However you could forego all of this and simply create a secure local admin account. Join the client to the ODM using the well established method. The same result is achieved.
  If you had chosen Standard instead of Advanced a lot of the auto-discovery bit comes into play. To be honest I don't really know although judging by the documentation and what some have posted here this is what happens.
  You might find this useful?
  http://discussions.apple.com/message.jspa?messageID=8940512#8940512
  Tony

• My Mac Mail constantly asks for our passwords before opening our accounts.  New iMac with OSX Maverick

  My Mac Mail constantly asks for our passwords before opening our accounts.  New iMac with OS x Maverick.  We get messages such as " Mail can't connect.  Appears to be offline due to network problems." or "The connection to the server (null) in port ) timed out."  I have confirmed server connections OK with Cox Communication and our Cox Webmail accounts.

  Hi Bob13524,
  Man, that definitely sounds frustrating! And it sounds like this issue is occurring with several accounts, so let’s see if we can troubleshoot this. The following resource provides some great information for troubleshooting Mail issues, including information on using the Connection Doctor:
  OS X Mail: Troubleshooting sending and receiving email messages - Apple Support
  http://support.apple.com/en-us/TS3276
  Thanks,
  Matt M.

• New open directory account doesn't create mail account

  Hi All
       I have a Mac Mini with lion server, Fresh out of the box i messed with it a few times to learn and then i did a clean (internet) install and started with the settings i wanted (hostname, etc) with no mistakes. (It seems Lion doesn't like applhying most changes)
  When i set it up i created one local admin user that won't be in the open directory.
  Anyway, I've set up the following :
  * Address Book
  * File Sharing
  * iCal
  * Mail
  * Profile Manager
  * and VPN
  The first open directory user i added was myself and that user managed to get assigned an email account.
  Susiquent users i've added have not been registered with the mail subsystem.
  I've checked this using the "Server Admin" additional download management tool. (Mail service on the left, Maintenance up the top and then accounts uder that)
  There is only one mail account and thats the first one i've added.
  I havn't played with the settings so other than switching things on it should "just work" but it doesn't.
  I've prevously setup vmail servers using mysql to store the accounts with postfix and courioer imap but that was in some ways simpler as nothing was under the covers. I havn't dug too much into the dovecot config files, etc as i believe there is an all knowing server configuration engine at work here that isn't doing its job (which i havn't dug into)
  Has anyone had this issue of the mail accounts not being created?
  Or can anyone point me to a fix?

  It seems to have something to do with profile manager.
  I get stack traces in the "system messages" logs for the "Server" application, grrrr.
  I'll get that info and attempt to submit a but report tonight.

• Adding Client to open Directory

  I am trying to add a client machine to Open Directory but it will not bind. It gives me a error
  Unable to add server
  An unexpected error of typr -14142 (eDDSchemaError) occurred.
  When I try to add the machine it will say machine is already in OD, but I look in OD is is not their. It will not let me over write the machine in OD eather.
  Thanks

  Is this machine a clone of another machine? My guess is you did not reset the local KDC. This will cause the issue you are describing. You need to do the following on all cloned machines as they will all contain the unique identity of the original master's LKDC. The machine that is the master does not need to be altered.
  1: Open Keychain Access.
  2: Select the System keychain.
  3: Find the three entries labeled com.apple.kerberos.kdc and delete them from the System keychain.
  4: Open Terminal
  5: Run this command to destroy the local Kerberos DB (you will need to authenticate as initial admin):
  sudo rm -R /var/db/krb5kdc
  6: Run this command to rebuild a unique LKDC for this machine:
  sudo /usr/libexec/configureLocalKDC
  7: Repeat this on all cloned machines.
  Once complete, you have re-run Directory Utility and perform your bind. You will now be creating a machine record with a unique LKDC value in OD.
  PS: You can do these steps 1 through 5 pre-cloning to avoid the issue. Then once cloned, run step 7 as a post-cloning step.
  Hope this helps.
  Message was edited by: Strontium90 - added the PS

• Script for 'Check Links Before Opening Document' preference

  I'm trying to find the VB script for changing the "Check Links Before Opening Document" checkbox on the File Handling panel in the Preferences dialog? I haven't found any documentation referring to the Links items on that panel.
  Bob

  Thanks for the info.
  Was there a document you pulled this from?
  I have an old document from CS2 days that is invaluable for providing a detailed list of available script methods and properties. Obviously things that have been added in subsequent InDesign releases aren't in this document. Later InDesign CS releases offer script SDKs that contain helpful sample scripts but I don't find a detailed summary similar to one from CS2. Have I just not found them? Or how does one find the script method/property for things not contained in the sample scripts?

• Can't login to open directory accounts unless using server machine

  I cannot login to any network accounts from my macbook on my local network i have tried bindind the machine to the open directory with local ip, local address and domain and all appear to be working but i cant login to any of the accounts although the passwords are correct.

  Hi Salda,
  I'm currently experiencing a similar problem to yours.
  My situation is that I have just created a new user account which is part of our media users group.
  This group is in the list of allowed users for our mac pro client host, but when I attempt to login using their credentials I get the same error you had, namely that their home directory is located on a afp or smb server (which is of course the case).
  I hope you can tell me a resolution that doesn't require a re-installation of the OS.
  Thanks for your help.
  Rich

• Best / most popular software or scripts for adding search function to website?

  I'm trying to find a good piece of software or script for implementing a site search function into our website.  I am relatively knowledgeable in Dreamweaver and can write CSS and XHTML at the fairly intermediate to advanced level, as well as work with JavaScript and js files, but I don't really know much ASP or "by hand" Java coding.  Their are so many scripts and software out there for adding a site search that it's hard to sort through and narrow down.  I was hoping to find reviews of the popular ones or "top 10 lists" of some sort that would help me pinpoint a good one, but can't find anything like that.  These are the primary needs of the website:
  --Has under 50 searchable pages that won't change much and probably won't exceed 50. There are product part numbers and descriptions for some 250-300 part numbers, spread across only 24 of those pages.  The remaining pages are important but no part numbers-- About Us, News, Where to Buy, History, Featured Products, etc.  The product pages are very much like an online store but we don't sell directly on the site (only thru distributors/reps).
  --We are trying to keep the price under about $50, or use a free solution
  --The pages are all static XHTML+CSS pages, but our server can run ASP (we have another website for one of our other product line divisions, on the same server, with many more products beyond 1000, which was programmed completely in ASP by an outside company about 4 years ago).  We self-host both sites.
  --Our server can't run PHP
  --The search capabilities need only be rather basic-- a keyword search with a results page that uses the same design template as the rest of the site.  It would be nice, but not mandatory, to have a search filter and/or a drop down menu to enable selectively searching only certain parts of the site, or only product/part number search vs. general search, etc. (but again, not mandatory).
  --I do have a sitemap page already on it, if that matters or helps
  Some of the ones I've found so far that looked the most promising include:  Zoom Search Engine (http://www.wrensoft.com/zoom/), Site Search Pro (http://www.site-search-pro.com/), and FX Site Search which is a DW Extension I found in the exchange (http://www.felixone.it/extensions/prod/mxssen.asp)-- (that one looks possibly technically challenging or requiring more ASP skill, though)
  Forgive me if there is a better area to post this, if so let me know.

  For a static site, your options are:
  Google ~  http://www.google.com/sitesearch/
  Freefind ~ http://www.freefind.com/
  Zoom from Wrensoft ~ http://www.wrensoft.com/zoom/
  Nancy O.
  Alt-Web Design & Publishing
  Web | Graphics | Print | Media  Specialists 
  http://alt-web.com/

• Script for adding datafile to tablespace

  Hi
  Does anyone have a template alter tablespace add datafile script handy?
  Basically, we need to, in the event of a tablespace alert, do two things:
  query that tablespace to see how much space is remaining.
  ascertain the size of the datafiles added to that tablespace already (to clarify what size we should make the additional datafile)
  finally, the command itself for adding the extra datafile.
  Thanks.
  10.0.2.0

  SELECT Total.tablespace_name "TSPACE_NAME",
  round(nvl(TOTAL_SPACE,0),2) Tot_space,
  round(nvl(USED_Space,0),2) Used_space,
  round(nvl(TOTAL_SPACE - USED_Space,0),2) Free_space,
  round(nvl(round(nvl((TOTAL_SPACE - USED_Space)*100,0),2)/(Total_space),0),2) "USED%"
  FROM
  (select tablespace_name, sum(bytes/1024/1024) TOTAL_SPACE
  from sys.dba_data_files
  group by tablespace_name
  ) Total,
  (select tablespace_name, sum(bytes/1024/1024) USED_Space
  from sys.dba_segments
  group by tablespace_name
  ) USED
  WHERE Total.Tablespace_name(+) = USED.tablespace_name and
  round(nvl(round(nvl((TOTAL_SPACE - USED_Space)*100,0),2)/(Total_space),0),2)< 20;
  the above query will display tablespaces which are having freespace below 20%
  select file_name,autoextensible,sum(bytes)/1024/1024,sum(maxbytes)/1024/1024
  from dba_data_files
  where tablespace_name='TBS_NAME'
  group by file_name,autoextensible;
  the above query will give details of datafiles like autoextensible or not etc.
  SELECT SUBSTR (df.NAME, 1, 40) file_name,dfs.tablespace_name, df.bytes / 1024 / 1024 allocated_mb,
  ((df.bytes / 1024 / 1024) - NVL (SUM (dfs.bytes) / 1024 / 1024, 0))
  used_mb,
  NVL (SUM (dfs.bytes) / 1024 / 1024, 0) free_space_mb
  FROM v$datafile df, dba_free_space dfs
  WHERE df.file# = dfs.file_id(+)
  GROUP BY dfs.file_id, df.NAME, df.file#, df.bytes,dfs.tablespace_name
  ORDER BY file_name;
  the above query will show how much freespace is left in each datafile.

• Configure DNS on Snow Leopard for private NAT with Open Directory

  I am needing to set up DNS on Snow Leopard server 10.6.4 for use with Snow Leopard clients only. On the server, I have two IPs, one public connections outside the network, and one private within the NAT range. DNS was not originally set up on the server, but Open Directory was (sort of). I've demoted the server from OD master to stand alone, but still can't get this to work.
  This server is only for setting up and using Open Directory + NetInstall services inside the network. In effect, it isn't serving web pages and isn't registered with our upstream DNS. What I am assigned to do is get Open Directory to set up user profiles and network shares and home directories. So, what I need is this -
  a basic DNS config I can do in Server Admin that will set up DNS to resolve to the local server NAT IP for Open Directory purposes;
  and provide DNS for outside the OS X server for the specified Snow Leopard clients.
  DHCP is running (but the clients were configured with static IPs in the NAT range). This serves as the DHCP server for the entire network (Windows + Mac clients that aren't in the static NAT range).

  Thanks for your replies. I realize I'm not making clear the way this network is configured . Also, the only services running on the Snow Leopard server are (at this time):
  dhcpd - in the 10.136.31.x range;
  dns - same as before;
  planned to add are:
  Open Directory (for network logins)
  Software update;
  Web (only on the 10.136.31.x Ethernet);
  mySQL (localhost only - for moodle);
  NAT is not set up on the Snow Leopard server itself. We have an outside router, a Cisco 2811. This router provides routing for both the public IP range, and the NAT range is configured in this router. The forwarding dns is located in LR and Fayetteville. So what I need is dns on Snow Leopard to forward outside queries to the state DNS servers, and resolve the local NAT IP only for Open Directory and a set of Snow Leopard clients.
  Is this going to be possible?

• Required alter script for adding partition and subpartition

  Hi Folks,
  Please help me to write ALTER STATEMENT for adding new partition P1 and SUBPARTITION P1_201001 and P1_201002.
  Thank you
  TABLE
  =======
  CREATE TABLE TEST
       "REPORT_ID"    NUMBER,
      "MONTH_ID"      NUMBER,
      "GROUP_ID"      NUMBER,
      "AGE_GROUP_ID"  NUMBER,
      "GENDER_CD"     CHAR(1 BYTE),
  PCTFREE 0 PCTUSED 0 INITRANS 1 MAXTRANS 255 COMPRESS BASIC NOLOGGING STORAGE
      BUFFER_POOL DEFAULT FLASH_CACHE DEFAULT CELL_FLASH_CACHE DEFAULT
    TABLESPACE "USER_WORK" PARTITION BY RANGE
      "REPORT_ID"
    SUBPARTITION BY LIST
      "MONTH_ID"
    SUBPARTITION TEMPLATE
      SUBPARTITION "M201212" VALUES
        201212
      TABLESPACE "USER_WORK"
  (PARTITION "P3" VALUES LESS THAN (4) PCTFREE 0 PCTUSED 0 INITRANS 1 MAXTRANS 255 STORAGE( BUFFER_POOL DEFAULT FLASH_CACHE DEFAULT CELL_FLASH_CACHE DEFAULT)
  TABLESPACE "USER_WORK" COMPRESS BASIC NOLOGGING ( SUBPARTITION "P3_M201212" VALUES
        201212
      TABLESPACE "USER_WORK" COMPRESS BASIC, SUBPARTITION "P3_M201301" VALUES
        201301
      TABLESPACE "USER_WORK" COMPRESS BASIC )
  );

  First modify the subpartition template
  ALTER TABLE TEST set
    SUBPARTITION TEMPLATE
      SUBPARTITION "M201212" VALUES
        201212
      SUBPARTITION P1_201001 VALUES (201001),
      SUBPARTITION P1_201002 VALUES (201002)
    )Then if the new partition is HIGHER than ALL existing ranges you can just add it
  alter table test add
  PARTITION "P1" VALUES LESS THAN (5) If the new partition is LOWER than one onf the existing ranges you will need to SPLIT the existing partition.
  alter table test SPLIT PARTITION "P3" AT (2)
  INTO (PARTITION P1, PARTITION P3)See the sections in the VLDB and Partitioning Guide
  Modifying a Subpartition Template
  http://docs.oracle.com/cd/E11882_01/server.112/e25523/part_admin002.htm#i1007904
  Splitting a Partition of a Range-Partitioned Table
  http://docs.oracle.com/cd/E11882_01/server.112/e25523/part_admin002.htm#i1008028

• Script for batch delet redundant layer

  I have thousands files in the different folders, each file has same layer named “Job Info”. Can someone help me to write a script for del this layer folder by folder?
  I expected the script tells me that I have to select a folder, then it can automatically open the files, del “job info” layer then save file, rewrite, close file

  Hi Ashram,
  Sorry, I misunderstood your question. Please try the below.
  var folder = Folder.selectDialog ("Select the root folder");
  var myfiles = [];
  var _layers = ["test1", "test2", "test3"];
  getsubfolderfiles(folder);
  for(var i =0;i<myfiles.length;i++)
          var doc = app.open(myfiles[i],false);
          for(var j=0;j<_layers.length;j++)
              try
                  app.activeDocument.layers.add({name:_layers[j]})
              catch(e){}
          doc.save();
          doc.close();
  function getsubfolderfiles(folder)
      var filelist = folder.getFiles();
      for(var i =0;i<filelist.length;i++)
          if(filelist[i] instanceof Folder)
              getsubfolderfiles (filelist[i]);
          else if(filelist[i] instanceof File)
              if(filelist[i].name.indexOf(".indd") > -1){
                  myfiles.push(filelist[i]);
  Hi HarveyLiu,
  Try this,
  var folder = Folder.selectDialog ("Select the root folder");
  var myfiles = [];
  getsubfolderfiles(folder);
  for(var i =0;i<myfiles.length;i++)
          var doc = app.open(myfiles[i],false);
          try{
              var _layer = doc.layers.item("Job Info");
              _layer.remove();
              var link, image, frame,
              links = doc.links, counter = 0;
              for (var i = links.length-1; i >= 0; i--) {
                  if (links[i].status == LinkStatus.LINK_MISSING) {
                      try {
                          link = links[i];
                          image = link.parent;
                          frame = image.parent;
                          frame.remove();
                          counter++;
                      catch (err) {
                          $.writeln(i + " - " + err);
          catch(e){}
          doc.save();
          doc.close();
  function getsubfolderfiles(folder)
      var filelist = folder.getFiles();
      for(var i =0;i<filelist.length;i++)
          if(filelist[i] instanceof Folder)
              getsubfolderfiles (filelist[i]);
          else if(filelist[i] instanceof File)
              if(filelist[i].name.indexOf(".indd") > -1){
                  myfiles.push(filelist[i]);
  Regards,
  Chinna