Apple’s new MacBook Pro – cheaper in Australia than the USA?

We’ve hit an unusual point with pricing on Apple’s latest equipment that was announced at WWDC on 5th June (6th June Australian time).

Looking at the price on the top-spec MacBook Pro 15″ as an example, it is significantly cheaper to purchase this laptop in Australia than in the USA.

In the USA, the laptop is $2,799 USD without tax. Including NYC’s 8.875% tax this bumps it up to $3,047 USD.

In Australian spondoolas the same laptop us $4,099 AUD including GST.
Taking off the GST gives us approximately $3,725 AUD.
Converted to USD (via Westpac’s FX rates this morning) gives us $2,655 USD.

Disk-Arbitrator – Mount disks read-only on macOS

Disk Arbitrator is a Mac OS X forensic utility designed to help the user ensure correct forensic procedures are followed during imaging of a disk device. Disk Arbitrator is essentially a user interface to the Disk Arbitration framework, which enables a program to participate in the management of block storage devices, including the automatic mounting of file systems. When enabled, Disk Arbitrator will block the mounting of file systems to avoid mounting as read-write and violating the integrity of the evidence.

It is important to note that Disk Arbitrator is not a software write blocker—it does not change the state of currently attached devices nor does it affect newly attached devices to force a device to be read-only. The user still must be careful to not accidentally write to a disk with a command such as “dd”. Owing to this fact, a hardware or software write-blocker may still be desirable for the most sound procedure. Disk Arbitrator compliments a write-blocker with additional useful features and eliminates the typical forensic recommendation to “disable disk arbitration.”

Possible fix for no video in Skype for Mac

I don’t use Skype very often, but when I went to use it recently, it couldn’t see my FaceTime HD camera.

I’d go into Skype > Preferences and in Audio/Video and although the preferences said it was using the FaceTime HD Camera, the video was black, and my contact at the other end of the call couldn’t see me.

To fix this, I went into Activity Monitor and searched for a process called VDCAssistant. I quit this process (and it respawned straight away) and immediately, Skype could then access my camera.

I’m not sure what caused it to stop working in the first place, but at least the fix was quite easy.

Quick fix for Apple Remote Desktop 3.9 and asking for Keychain Password

After upgrading the Apple Remote Desktop client on a number of machines, and using the new 3.9 version of the Remote Desktop app, some machines have started repeatedly displaying a dialog box (on the client machine, not on the controlling machine) saying ard agent wants to use the “PrivateKeyStore-501” keychain and prompting for a password. As there is no password for this keychain, there is no way to enter the correct password and hit OK. Your only other option is to keep hitting Cancel repeatedly – yet it keeps coming back.

Rebooting the affected machine will fix this, but that’s not so easy when it’s a server.

Dropping into Terminal instead and using kickstart to Restart the ARD Agent and helper seems to fix the issue as well.

sudo /System/Library/CoreServices/RemoteManagement/ -restart -agent


Error with the User Profile Service failing the logon on Windows 7

I recently had an issue where a domain-joined machine with Windows 7 was unable to have new users log in.

Anyone who had an existing account on the machine could still log in, but new users couldn’t and were getting the error message “User Profile Service failed the logon. User profile cannot be loaded.

Nearly all the Google searching I did on the issue returned results that were to do with existing users being unable to log in, and generally for non domain-joined machines.

Luckily I found one Technet Thread that pointed me in the right direction.

The fix was to go into the C:\Users folder, tell Explorer to show hidden files, get the Properties on the Default folder, go to Advanced Security Settings and tick the the checkbox to “Replace all child object permission with inheritable permissions from this object”. Apply these permissions and then try logging in again.

Cumulus Field Formulas

This is pretty obscure stuff – I’m putting it here so I can refer to it later down the track when I’ve completely forgotten what I did.

In Canto Cumulus, you can set the value of a field using a formula. The syntax of the formulas is not my friend.

I wanted to set a String List to be one of three values depending on a value in two different boolean fields.

If boolean value A was checked, then I wanted to use the first string list value. If neither A nor B was checked I wanted to use the second string list value and if only B was checked, I wanted to use the third string list value. There were no records in the database with A & B both checked.

The forumla that ended up working for me was:

(fieldValue("Boolean A") == True ) ? 1 : (fieldValue("Boolean b") == True ) ? 3 : 2

With String Lists, the value of the field is actually 1-based number that references the string list entry.

You can’t match against string list fields with the value in the string. I wasted an hour or so trying this – I also wanted to set another boolean if a string list was set to a value, this ended up doing it:

(fieldValue("String List") == "1") ? True : False

Configure L2TP VPN Server on Ubiquity EdgeRouter Lite

As Apple have removed PPTP VPN support from macOS Sierra (10.12 and iOS 10) I’m changing clients over to L2TP over IPSec VPNs instead. Once the VPN server is configured, there’s not much difference to configuring it at the client end over PPTP, the main difference is that you need two passwords – one for the user and one for the shared secret (or pre-shared key).

Fortunately Ubiquity have a pretty decent writeup on how to configure L2TP VPN on an EdgeMax device, such as the EdgeRouter Lite.

Unfortunately they leave out a few key steps on configuring the IPSec side of things – if you already have a site-to-site IPSec VPN then these settings will already be configured and you don’t need to worry. If you don’t however you’ll also need to enter the following three commands into the router before you commit the changes:

set vpn ipsec ipsec-interfaces interface eth0
set vpn ipsec nat-traversal enable
set vpn ipsec nat-networks allowed-network

Once you’ve entered them in, you can commit and save and your VPN endpoint should be working.

Get system specs on an HP Server

Correct me if I’m wrong, but Windows doesn’t really have anything quite like the System Information app on macOS.

If you’ve got an HP server however, you can get some fairly detailed information about the configuration of the server as it shipped from HP without needing to inspect it physically.

First, find the serial number of the machine. Open up a CMD window and enter the following:

wmic bios get serialnumber

This will return something like


Take this serial number and enter it into the HP PartSurfer website at

From this, you should be able to get at least the model number, CPU type and base RAM specifications.

Find (and delete) duplicate files

I’ve had issues in the past where a Kerio Connect mail server talking to Apple Mail can somehow end up duplicating hundreds or even thousands of emails in mailboxes. I never got to the bottom of what was causing it, but the symptoms were that people would see their mailbox sizes grow to crazy sizes and there would be many, many duplicates of many emails in these folders.

When the issue was occurring more frequently, I was using some command-line tools to clean them up, but having not encountered it in the wild again now for more than a year, I’ve totally forgotten which tools I used and how I invoked them.

In migrating a client’s email to Office 365 recently, one user had a massive mailbox, with one folder alone having over 35 GB of email in it. In searching for the tools I previously used to clean it up, I came across dupeGuru – an OS X GUI application that finds identical files and can trash them.

I haven’t been able to run it head-to-head against whatever I used to use (I think it was fslint but it may have been dupes, or it may have been something else altogether) but whatever, I only need to clean a couple of folders as a one-off task.

Anyway, dupeGuru seems to do the task and runs in a reasonable amount of time, so if you’re looking for an easy to use utility to find and nuke identical files, give it a spin.

Easily create and install Launch Daemons on macOS or OS X

I recently needed to have a script execute on a daily basis – previously this would have been a task for cron however it’s been deprecated (yet still all there) in macOS since something like 10.4.

The accepted way to do it now is via a Launch Daemon. Simple in theory, but easier said than done. It’s far easier to edit a single line in a crontab entry (even if you have to look up the unique syntax of the crontab) than it is to create a Launch Daemon xml .plist file.

Fortunately, Nathan Witmer has created Launched – a web-based tool to create launchd plist files.

From here it was easy – I created my script as per normal and put it in /usr/local/bin

I made up a name for my daemon, set the command to /usr/local/bin/ and configured it to run every day at 8pm (ironically, using the cron syntax to schedule it).

After hitting the Create .plist button, I was given my entire plist to copy and paste, as well as a couple of snippets to install the plist via using curl to get it from Launched, copying it to /Library/LaunchDaemons and using launchctl to load it.