Acknowledgements: Hat tip to Eric Hemmeter on the MacAdmins Slack for this command.
If you want to see what the current Startup Disk is on your macOS installation, you can certainly go to System Preferences > Startup Disk.
But if you want to use the terminal instead of the GUI, this command will return the current Startup Disk:
Can't interpet EFI boot device
We recently wanted to change the primary server for our CrashPlan clients from an IP-based one to a DNS-based one. Unfortunately, CrashPlan doesn't have a .plist file you can just run a defaults write command on.
So apart from going into every machine and manually changing it from the menu bar, there is a way to script it. Thanks to ahbeng's GitHub port change script for inspiration on this, but we also got confirmation directly from Code42 that this would work.
Basically, you just want to stop the CrashPlan engine, tweak the text file, and then restart the engine. This works on CrashPlan PROe 4.2. You may have to look for a slightly different file if you're running a different version of CrashPlan PROe.
# Unload CrashPlan's engine, substitute the new string in, and then load the engine back again
sudo launchctl unload /Library/LaunchDaemons/com.crashplan.engine.plist && sudo sed -i '' -e "s/IPADDRESS/SUBDOMAINANDDOMAINNAME/g" /Library/Application\ Support/CrashPlan/conf/my.service.xml && sudo launchctl load /Library/LaunchDaemons/com.crashplan.engine.plist && open /Applications/CrashPlan.app/Contents/Helpers/CrashPlan\ menu\ bar.app
Nota bene: If you have deployed your CrashPlan with a custom.properties file, you may have to modify that file as well. Just throw in a
Munki-Enroll is a great little script combo that automatically changes the ClientIdentifier for Munki clients and then automatically creates a corresponding manifest on the Munki server that includes the old manifest.
I wanted to tweak it quite a bit to fit some of the quirks of how our organization does Munki client manifests, so I wrote up a tweaked version of the enroll shell script.
One of the things I wanted to get via the script is a particular user's full name, and I had trouble tracking down a tutorial on exactly how to get that. I also found that even when I used the usual instructions, on one computer, it didn't work—there was an extra carriage return before the full name... but that wasn't the case on other computers (and it wasn't a Yosemite vs. El Capitan thing either).
So this command actually gets the user's full name even if there's a random extra newline in the output. This works on both Yosemite and El Capitan (and probably earlier versions, but I haven't tested on Mavericks and before):
Basically, this read's the user's information, specifically the RealName. Then it strips out the RealName: part, then strips out any newline indicators, then finally strips out any preceding or trailing spaces.
Not sure if anyone else out there is looking for how to get the full name of a user using the terminal on a Mac, but that's how you do it.
If you want to script enabling or disabling the root account in Mac OS X (instead of having to go to Directory Utility to do it), you'll want to use the dsenableroot command.
Enable the root user
Disable the root user
Just keep in mind that you have to use the syntax as given. You cannot bypass giving an actual username and password of an admin account by being logged into that admin account and prefixing the command with sudo.
Any commands you put into the terminal on a computer, by default, will go into that user's .bash_history file stored as plain text. So if it's one-off on a local computer, be sure to edit that file later and delete that line. If you're using some other remote way to deploy the command, make sure it's being sent over a secure (and protected) connection of some sort.
If you want to enable SSH for only one user using the command line on a Mac, run these three commands:
Make sure the group exists
Add user username to the group
Turn remote login on
Cheating a bit here by just linking to someone else's blog post, but it's very well written, with screenshots and different colors. Why reinvent the wheel?
Here it is:
Submit Google Forms By Curl Command
There's a setting on Mac OS X for allowing apps to be installed from anywhere or only from signed developers. If you want to automate changing this setting via terminal command, this is how you do it.
The spctl command is even more versatile than that. More details at Gatekeeper Fundamentals, Part 2.
This is handy to know in case you're managing updates a different way (e.g., Munki) and don't want your users pestered with update messages directly from Apple.
If you want to enable duplex printing via a terminal command (e.g., trying to fix a bunch of already-installed printers with duplex disabled, and you want to fix that with a script), first you have to figure out what parameter to change.
On one Mac with the printer installed, find the printer via System Preferences > Printers & Scanners and then go to Options & Supplies and then Options to see if duplex printing is on. If it's not on, turn it on via point and click.
Then, in the terminal, put in this command, substituting in the name of your printer for printername:
In my case, I was trying to script duplexing for an HP printer, so the latter showed up this way:
Once you figure out the option you want, the command to enable duplex printing as an option should look something like this:
Acknowledgements: This is based on a helpful post from Mac Rumors from the thread enable "Duplex Printing Unit" in command prompt?