Force an account to logout after a specified period

To force an account to logout after a specified period regardless of activity:

Warning: this is an evil script as is and will for a user logout every 300 count. When set correctly, this script can be very handy if you are working on a server remotely and lose connection to the server leaving it vulnerable to local inhabitants.
---------

while [i]; do
cd system/library/coreservices/menu extras/user.menu/contents/resources
./cgsession - suspend
sleep 300

---------

Script courtesy of Schoun Regan during the Apple East Coast Education Conference.

Restoring a .dmg image from the command line

If you have pulled your hair out because the diskutility refuses to allow you to drag the target disk you want to the target field in the restore window, do the following:

Quit Disk Utility
Open Terminal (available under the Utilities menu - top of screen)
At the prompt type

asr -source your.dmg.file -target your.drive.to.image -erase

Generally if you are using an external firewire (or similar) drive the syntax may look like:

asr -source tiger-06-06-08.dmg -target /volumes/Macintosh HD -erase

Setting the time on multiple computers at once

usage: date [-nu] [-r seconds] [+format]
date [-u] mmddhhmm[[cc]yy]

-u Display or set the date in UTC (universal) time.

cc The first two digits of the year (the century).
yy The second two digits of the year. If ``yy'' is specified,
but ``cc'' is not, a value for ``yy'' between 69 and 99
results in a ``cc'' value of 19. Otherwise, a ``cc'' value
of 20 is used.
mm The month of the year, from 1 to 12.
dd The day of the month, from 1 to 31.
hh The hour of the day, from 0 to 23.

In ARD run the unix command as root.

>date 011512022008

Will set the date and time to Jan 15 , 2008 12:02 p.m.

Mac OS X Server ChangeIP script

I am not a great fan of this script (or method). I have never been able to get this script to work consistently and without subsequent problems to the server that I ultimately had to rebuild it anyway.

- Caveat Emptor [sic]. You may end up rebuilding it all AND losing your ldap directory information that you meticulously backed up beforehand.

This information is linked from:

http://developer.apple.com/documentation/Darwin/Reference/ManPages/man8/changeip.8.html
------------------------------------------------------------------------------------------------------------

changeip(8)               BSD System Manager's Manual              changeip(8)

NAME
changeip -- Change service configuration files with hard-coded IP addresses

SYNOPSIS
changeip [-v] [-d path] directory-node old-ip new-ip [old-hostname new-hostname]

changeip -checkhostname

changeip -h

DESCRIPTION
changeip is used to update configuration records when a server's IP address or hostname changes.

In typical usage, this command is used by an administrator to correct affected services when a server's
network information changes. Preferably, changeip should be invoked before the change is applied. In
this invocation, the arguments consist of a target directory, the server's current and pending IP
addresses, and optionally the existing and new host name. Their usage and valid values include

    directory-node  For machines hosting an LDAP directory, this should be /LDAPv3/127.0.0.1.

                    For servers connecting to an external directory, the Open Directory path to the
                    directory node must be used, e.g.  /LDAPv3/192.12.0.43.

                    To manipulate only the local directory, use a dash (-).

                    Depending on the directory, the tool may prompt for administrator credentials to
                    the target directory node.

    old-ip          If the IP address has not yet been changed, this is the existing IP address of
                    the server. If the IP has already been changed, this is the previous address.
                    (This is the value that will be replaced in the server's directory service and
                    relevant configuration files.)

    new-ip          If the IP address has not yet been changed, this is the IP address that will be
                    assigned to the server. If the IP has already been changed, this is the existing
                    IP address. This value will replace old-ip in the machine's configuration.

    old-hostname    As with old-ip, the existing or previous fully qualified domain name ("FQDN" or
                    sometimes "DNS name") for this server. If only the IP address was affected, this
                    argument and the next may be omitted.

    new-hostname    If old-hostname was provided, this argument must also be provided. The machine's
                    fully qualified domain name and related service configuration will be set to this
                    value.

Once the tool has successfully completed, the administrator must change the machine's network settings
in the Network Control Panel to match new-ip and immediately reboot the server.

The second invocation, -checkhostname, provides a diagnostic tool that compares the current IP address
and hostname to the information returned by DNS.

The final invocation prints usage information.

changeip must be run as root.

OPTIONS
The following options are available:
-d path      Iterate over the executables in path instead of the default /usr/libexec/changeip.

-h           Print usage summary and exit.

-v           Run verbosely, that is with additional diagnostic output.

FILES & FOLDERS
/usr/sbin/changeip
    -   daemon
/usr/libexec/changeip/
    -   directory containing service-specific tools

EXAMPLES
Standard examples can be extrapolated from the above description. One common invocation is to change
the IP and name of an Open Directory master:
    changeip /LDAPv3/127.0.0.1 192.0.0.12 192.0.1.10 old.example.com new.example.com
This prepares for changing the address and DNS names of a machine hosting an LDAP master. Note that it
may still be necessary to change the configuration of machines binding to this master.

For standalone machines, the above example only needs to replace the directory node:
    changeip - 192.0.0.12 192.0.1.10 old.example.com new.example.com

As noted above, for machines connecting to another OD master, the master's node path must be used:
    changeip /LDAPv3/192.12.0.43 192.0.0.12 192.0.1.10 old.example.com new.example.com
Authentication to the directory master will almost certainly be requested.

It is also possible to leave the host name intact and only change the IP address:
    changeip - 192.0.0.12 192.0.1.10
Its complement could be used to change only the host names, perhaps because the DNS tables have been
changed:
    changeip - 192.0.0.12 192.0.0.12 old.example.com new.example.com
Note how the IP addresses are required, but that they are identical.

DIAGNOSTICS
The changeip utility exits 0 on success, and >0 if an error occurs.

changeip must be run as root.  Because changeip modifies system-wide resources, it must be executed by
the root user.

Invalid IP Address:  One of the IP address arguments was invalid.

SEE ALSO
dscl(1), DirectoryServiceAttributes(7), DirectoryService(8), scutil(8)

KNOWN ISSUES
The script does not perform the actual change of IP address; this is by design.

HISTORY
A version of changeip has been present in Mac OS X Server since at least version 10.3 (Panther).

Mac OS X Server 10.5           December 12, 2006          Mac OS X Server 10.5

A unix script to unbind and bind a Macintosh Computer to a Server

*******************************
Must be run as root when using Apple Remote Desktop or sudo when using ssh
*******************************

To unbind a computer:

dsconfigldap -v -r oldserver.somewhere.lan
dscl /Search -delete / CSPSearchPath /LDAPv3/oldserver.somewhere.lan

To bind a compter:

dsconfigldap -v -a newserver.somewhere.lan
dscl /Search -create / SearchPolicy CSPSearchPath
dscl /Search -append / CSPSearchPath /LDAPv3/newserver.somewhere.lan