Possible fix for no video in Skype for Mac

I don’t use Skype very often, but when I went to use it recently, it couldn’t see my FaceTime HD camera.

I’d go into Skype > Preferences and in Audio/Video and although the preferences said it was using the FaceTime HD Camera, the video was black, and my contact at the other end of the call couldn’t see me.

To fix this, I went into Activity Monitor and searched for a process called VDCAssistant. I quit this process (and it respawned straight away) and immediately, Skype could then access my camera.

I’m not sure what caused it to stop working in the first place, but at least the fix was quite easy.

Quick fix for Apple Remote Desktop 3.9 and asking for Keychain Password

After upgrading the Apple Remote Desktop client on a number of machines, and using the new 3.9 version of the Remote Desktop app, some machines have started repeatedly displaying a dialog box (on the client machine, not on the controlling machine) saying ard agent wants to use the “PrivateKeyStore-501” keychain and prompting for a password. As there is no password for this keychain, there is no way to enter the correct password and hit OK. Your only other option is to keep hitting Cancel repeatedly – yet it keeps coming back.

Rebooting the affected machine will fix this, but that’s not so easy when it’s a server.

Dropping into Terminal instead and using kickstart to Restart the ARD Agent and helper seems to fix the issue as well.

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -restart -agent

 

Error with the User Profile Service failing the logon on Windows 7

I recently had an issue where a domain-joined machine with Windows 7 was unable to have new users log in.

Anyone who had an existing account on the machine could still log in, but new users couldn’t and were getting the error message “User Profile Service failed the logon. User profile cannot be loaded.

Nearly all the Google searching I did on the issue returned results that were to do with existing users being unable to log in, and generally for non domain-joined machines.

Luckily I found one Technet Thread that pointed me in the right direction.

The fix was to go into the C:\Users folder, tell Explorer to show hidden files, get the Properties on the Default folder, go to Advanced Security Settings and tick the the checkbox to “Replace all child object permission with inheritable permissions from this object”. Apply these permissions and then try logging in again.

Cumulus Field Formulas

This is pretty obscure stuff – I’m putting it here so I can refer to it later down the track when I’ve completely forgotten what I did.

In Canto Cumulus, you can set the value of a field using a formula. The syntax of the formulas is not my friend.

I wanted to set a String List to be one of three values depending on a value in two different boolean fields.

If boolean value A was checked, then I wanted to use the first string list value. If neither A nor B was checked I wanted to use the second string list value and if only B was checked, I wanted to use the third string list value. There were no records in the database with A & B both checked.

The forumla that ended up working for me was:

(fieldValue("Boolean A") == True ) ? 1 : (fieldValue("Boolean b") == True ) ? 3 : 2

With String Lists, the value of the field is actually 1-based number that references the string list entry.

You can’t match against string list fields with the value in the string. I wasted an hour or so trying this – I also wanted to set another boolean if a string list was set to a value, this ended up doing it:

(fieldValue("String List") == "1") ? True : False

Configure L2TP VPN Server on Ubiquity EdgeRouter Lite

As Apple have removed PPTP VPN support from macOS Sierra (10.12 and iOS 10) I’m changing clients over to L2TP over IPSec VPNs instead. Once the VPN server is configured, there’s not much difference to configuring it at the client end over PPTP, the main difference is that you need two passwords – one for the user and one for the shared secret (or pre-shared key).

Fortunately Ubiquity have a pretty decent writeup on how to configure L2TP VPN on an EdgeMax device, such as the EdgeRouter Lite.

Unfortunately they leave out a few key steps on configuring the IPSec side of things – if you already have a site-to-site IPSec VPN then these settings will already be configured and you don’t need to worry. If you don’t however you’ll also need to enter the following three commands into the router before you commit the changes:

set vpn ipsec ipsec-interfaces interface eth0
set vpn ipsec nat-traversal enable
set vpn ipsec nat-networks allowed-network 0.0.0.0/0

Once you’ve entered them in, you can commit and save and your VPN endpoint should be working.

Get system specs on an HP Server

Correct me if I’m wrong, but Windows doesn’t really have anything quite like the System Information app on macOS.

If you’ve got an HP server however, you can get some fairly detailed information about the configuration of the server as it shipped from HP without needing to inspect it physically.

First, find the serial number of the machine. Open up a CMD window and enter the following:

wmic bios get serialnumber

This will return something like

SerialNumber
CN123456AB

Take this serial number and enter it into the HP PartSurfer website at http://partsurfer.hp.com/search.aspx

From this, you should be able to get at least the model number, CPU type and base RAM specifications.

Find (and delete) duplicate files

I’ve had issues in the past where a Kerio Connect mail server talking to Apple Mail can somehow end up duplicating hundreds or even thousands of emails in mailboxes. I never got to the bottom of what was causing it, but the symptoms were that people would see their mailbox sizes grow to crazy sizes and there would be many, many duplicates of many emails in these folders.

When the issue was occurring more frequently, I was using some command-line tools to clean them up, but having not encountered it in the wild again now for more than a year, I’ve totally forgotten which tools I used and how I invoked them.

In migrating a client’s email to Office 365 recently, one user had a massive mailbox, with one folder alone having over 35 GB of email in it. In searching for the tools I previously used to clean it up, I came across dupeGuru – an OS X GUI application that finds identical files and can trash them.

I haven’t been able to run it head-to-head against whatever I used to use (I think it was fslint but it may have been dupes, or it may have been something else altogether) but whatever, I only need to clean a couple of folders as a one-off task.

Anyway, dupeGuru seems to do the task and runs in a reasonable amount of time, so if you’re looking for an easy to use utility to find and nuke identical files, give it a spin.

Easily create and install Launch Daemons on macOS or OS X

I recently needed to have a script execute on a daily basis – previously this would have been a task for cron however it’s been deprecated (yet still all there) in macOS since something like 10.4.

The accepted way to do it now is via a Launch Daemon. Simple in theory, but easier said than done. It’s far easier to edit a single line in a crontab entry (even if you have to look up the unique syntax of the crontab) than it is to create a Launch Daemon xml .plist file.

Fortunately, Nathan Witmer has created Launched – a web-based tool to create launchd plist files.

From here it was easy – I created my script as per normal and put it in /usr/local/bin

I made up a name for my daemon, set the command to /usr/local/bin/my_amazing_script.sh and configured it to run every day at 8pm (ironically, using the cron syntax to schedule it).

After hitting the Create .plist button, I was given my entire plist to copy and paste, as well as a couple of snippets to install the plist via using curl to get it from Launched, copying it to /Library/LaunchDaemons and using launchctl to load it.

Find Large Items in Office 365 Mailboxes

$UserCredential = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/\
-Credential $UserCredential -Authentication Basic -AllowRedirection

Import-PSSession $Session

Get-MailboxFolderStatistics -Identity [email protected] -IncludeAnalysis -FolderScope All\ | Select-Object Name,FolderPath,ItemsInFolder,FolderSize,TopSubject,TopSubjectSize,TopSubjectCount,TopSubjectPath | Out-file C:\Users\%username%\Desktop\UserMailboxResults.txt

 

Recursively Propagate Permissions on a Synology NAS with synoacltool

Synology DSM lets you do some pretty complex things with permissions on files and folders, however occasionally things can get a bit mixed up and it’s difficult to see what’s happening and even more difficult to recover from it.

Whilst you can go into the DSM web interface and check the permissions at the top level of each share point in Control Panel > Shared Folder, it’s difficult to see what’s going on below this.

To dig deeper we need to get into the command-line, so you first have to enable ssh access. Go into Control Panel > Terminal & SNMP and Enable SSH service

You can now ssh into the Synology as an admin user (provided your firewall rules on the NAS allow it)

I found that if you modify the permissions on a file or folder with chmod then this seems to wipe out the ACL information. Never mind, there’s another utility called synoacltool that lets you modify ACLs. Unfortunately however synoacltool doesn’t have a switch to operate recursively.

Unix find to the rescue!

What I was able to do however was use find to run it on each and every file and folder in a given folder – this likely isn’t the most efficient way to do it, but you (hopefully) don’t need to do this too often anyway…

First, wipe out the ACLs and set the unix permissions with chmod

chmod -R a+rwX /volume1/Share\ Point

Set the permissions on your share point in DSM and check it in the terminal

ls -ale /volume1/Share\ Point

I got this far, however when I checked the permissions on the files and folders inside Share Point they still had plain ol’ unix permissions and no acls

cd /volume1/Share\ Point

ls -ale

no ACLs. Let’s get them happening.

find . -execdir synoacltool -copy /volume1/Share\ Point {} \;

What this does is find each file and folder and then run the exec command on the given file or folder – so it copies the ACL from our top-level folder onto every single file and folder in the Share Point folder.

There’s quite a lot of overhead in doing it this way, but hopefully you only need to do this once and then the permissions will work…