Today we ran into a feature of the Machine Authentication Restrictions (MAR) option in the Cisco Secure ACS Radius server. It seems that when you're using the ACS for 802.1x authentication, you have the option of demanding that the authenticating users can only be authenticated when the computer is already authenticated. This way, you make sure that no user can access the network without a legitimate PC.
Posts filed under Tips'n Tricks
Geotagging Nikon P7000 RAW files (NRW)
PhotoLinkerI tend to geotag most of my photos. This way I have location information with the photo for future reference. It's also a neat feature that you might exploit when creating photo albums with e.g. iPhoto. The GPS coordinates in the images creates the option to create maps in iPhoto albums.
I use geotagging in two different ways. I use the jf Geocoding plugin in Lightroom and the PhotoLinker application. Both have their (dis)advantages. Something I won't go into in this post.
OSX CardDAV Server
After the challenges with the iCalDAV server in OSX, I gave up on getting the Addressbook server up-and-running. Somehow, the clients couldn't wouldn't connect. No matter what configuration parameters I tried.
This week I tried to get it up-and-running again. Mainly because I can't concentrate for longer than two hours for my Cisco exams next week. Sometimes you need to clear your head.
For some reason I found the solution within the hour. No idea what the original problem was exactly.
Microsoft Office 2008:Mac - Office did not install correctly
Come on.... it isn't even Monday. It's Friday for crying out loud.
What happened you ask? Well.....
I got an e-mail with a XLS file attached (I know.. shit happens). So I tried to open it, but I got a reminder that I hadn't (re)installed Office 2008 on my new iMac. But not to worry. I have the official Microsoft Office 2008 DMG (with matching serial number) on my Drobo, so the installation was done in a matter of minutes.
This is when it happened. Starting office resulted in this error: "Office did not install correctly". It even had a link to a Microsoft article explaining I needed an update. But the update wouldn't install since it was for OSX 10.4 (or something). Installing the latest update didn't solve it either.
Well, remove Office and reinstall it then... That didn't work either. Still the same error.
Searching the Interwebs resulted in a suggestion to remove everything Microsoft from the Mac.... And so I did. Especially the locations like:
/Library/Preferences/
~/Library/Preferences/
should be free of everything Microsoft. After trashing the Trash I reinstalled Office 2008. This time I was asked to enter my name and serial number. Something that didn't happen the first times. Then it occurred to me; I had copied my preferences (and other settings) when I migrated from my old to my new iMac. I guess that Microsoft doesn't support that.
It would have been nice if they had an option in the Removal Tool (which they generously supply) to remove EVERYTHING. I think that they didn't forget it. I think that this is by design. Just to screw with us Mac user.
iMac with Multiple Monitors
One can not have enough screen "real-estate" when working with photos, or while exploring your web-development skillz. So, a single display is simply not an option in my case......
Next to my 27" iMac stands a Dell 24" TFT Display. This Dell display is being abused for two things;
- extended display for my iMac, and
- as a main monitor for my (Windows) work laptop
using the input selector on the TFT display.
Since I'm a guy and I rock at multitasking (*cough*), I have both my Windows (work) laptop and my iMac powered on. In this scenario I have only one active display on my iMac. The second display should therefor not be used, and this is where Apple fails miserably.
iPhone 3GS, iOS4 and MMS not working
I ran into a problem with MMS after I upgraded to iOS4 on my iPhone 3GS. Somehow, it was impossible to send MMS messages on the KPN cellular network. Searching the Internet revealed that I wasn't the only one.
The general consensus to solve this issue was a restore of the iPhone and not to restore old settings, but start from scratch.
After doing this, MMS still couldn't be sent from the iPhone, so time to do some more research. It turned out that KPN must have change the MMS settings, since my old MMS settings weren't correct anymore. So try these settings BEFORE you restore your iPhone. It might save you a lot of work and time.
Note: the following settings are for the Dutch KPN Network, and probably won't work on other networks / carriers.
Old Settings
APN: portalmmm.nl
Username:
Password:
MMSC: http://mp.mobiel.kpn/mmsc
MMS Proxy: 10.10.100.50:5080
MMS Max Message Size: 300000
New Settings
APN: portalmmm.nl
Username: kpn
Password: kpn
MMSC: http://mp.mobiel.kpn/mmsc
MMS Proxy: 10.10.100.20:5080
MMS Max Message Size: <leave empty>
Notice the differences? Anyway, with these new settings, MMS worked again.
KPN does have a page dedicated to the iPhone (in Dutch), regarding the Internet, and MMS settings. Just check those pages for the lastest settings.
I've updated the original page on my blog with the new settings.
Vanishing HD Space on Popcorn Hour
Sometimes you think you're mind is playing tricks on you. I have that sometimes. E.g. I have a Popcorn Hour (Networked Media Tank) which holds movies and series I watch. Bits and Bytes come and go on that machine. Thing you've seen are deleted, and replaced by new content. But over the 'years' it seemed to hold less and less content. Oke, movies have increased in size (10-20GB per movie is nothing nowadays). So I didn't really think much of it....
Until I started transporting the content with Transmit instead of FileZilla. Transmit was configured to show even the hidden files, and hidden files it showed. I found 4 hidden temporary pureftp-upload files of almost 32GB each. The timestamps on those files differed from late last year to a couple of months back
.pureftpd-upload-<some random string>
The problem was that I couldn't remove them from the Popcorn, but I really wanted my 120GD of free space back. Turned out that the FTP daemon on the Popcorn was locking these files. Reboot of the popcorn didn't help.
The way to remove them was to stop the FTP daemon on the Popcorn in the menu, and access the device through SMB (or another protocol you can use), and make sure that you can see hidden files.
Select the files and press delete, and they should be gone. After that you can re-enable the FTP service if you like.
Getting Around a Wide-Angle Lens
Going on holiday is fun, but it's also a time of concessions on several levels. Especially if you can't bring every lens you own or (in theory) might need. Since the awesome Nikon 5-500mm f/1.8G VR ED N (small, <€1000, <1kg) isn't widely available. This means deciding what to bring in your camera bag.
In my case, I wanted to experiment with primes during my holiday. this also means that you have to use the foot-zoom, and on several occasions that won't work because of certain limitation (walls, buildings, ravines, etc.). In those cases you have 3 options;
- Don't make the photo
- Make a photo, but know immediately that it will end in /dev/null when you get home (a just-for-the-record photo).
- Improvise
So as you might have guessed, I ran into such a situation in Toledo, Spain. They have this great cathedral in the middle of an old town with narrow streets. You need a ultra-wide angle lens for almost anything there.
Splunk> Making Sense of Logfiles
My area of expertise in the professional world is Network Security. This includes protecting network from intrusions, but also delivering reports about the network status. For the latter we use SIEM(like) environments like the Cisco CS-MARS and the Juniper STRM.
The 'problem' with these devices is that they are great in reporting incidents and creating awesome reports about everything, but they lack the functionality to do some serious investigating.
I have several customers with a SIEM, and most of them still use (Linux) commandline tools like awk, grep, etc. these tools work, but you need to scrape everything together yourself, and building queries can be quite challenging. This is where Splunk> comes in.
Slow Open Directory on OS X Server
Ever since I've been playing with my Mac mini with OS X server 10.6.4 I have had on-and-off problems in the authentication/Open Directory area.
- Some accounts authenticate really quick, while others take minutes to authenticate.
- Accessing the Open Directory through the Workgroup Manager is as slow as a slow boat to China. Changing users (just by selecting them) takes another boat along the Pacific.
So it was time to start digging into the phenomenon called 'Open Directory'.
The manual from Apple isn't much help in troubleshooting a slow Open Directory, so it was time to search the interwebs and start experimenting. If it didn't work, I can always reinstall the entire server from scratch.