HKMacs

Recently I became so sick of the slowness of my system in my MacBook Pro (late 2011 model) which has a 2.4 GHz Intel Core i5 with 16 GB RAM running Mountain Lion 10.8.2 that I decided to buy a 120GB Kingston SVP 200 SSD drive for my boot drive and put my previous 500GB Hitachi HD in place of the DVD drive. This was done for me by the excellent Simon from GreenMacMarkets at

Shop 347, 298 Computer Zone, 298 Hennessy Rd,
Wanchai,
Hong Kong

Tel: +852 9829 3969 Email: watermsshop@gmail.com

Cost including a USB case for the DVD drive HK$1,050 (US$135) which seemed pretty reasonable.

I left my old system in place on the old drive and did a clean install of Mountain Lion 10.8.2 0n the SSD. I then set up my main user account with same name and password as before. In my user account I used a right-click for advanced options and set the location of my user account to be my old user account on the secondary drive now named Data HD. Obviously for all permissions to work correctly you need to keep the new user names and passwords the same as the old ones. That all worked fine and when I rebooted and logged in to my account all my Users are on the Data HD. I then used Migration Assistant to pull over all my Apps to the SSD boot drive.

Encryption of Data HD

Control-click to encrypt To encrypt a disk, instead right- or Control-click on a hard disk’s icon on the Desktop, or in a Finder window sidebar. Choose EncryptDisk Name and enter a password. You’ll have to enter the password a second time, and you won’t be able to go any further unless you also enter a password hint. I tried this method and it didn’t appear to work properly so I used the Terminal approach.

Prepare a disk by converting You encrypt disks with the

diskutil

command, but first, you have to convert them to a format called CoreStorage.

Start by running this command:

diskutil list

This returns a list of all the disks connected to your Mac. For example, on my Mac, I see this:

Vinces-MacBook-Pro:~ vince$ diskutil list

/dev/disk0

#: TYPE NAME SIZE IDENTIFIER

0: GUID_partition_scheme *120.0 GB disk0

1: EFI 209.7 MB disk0s1

2: Apple_HFS Macintosh SSD 119.2 GB disk0s2

3: Apple_Boot Recovery HD 650.0 MB disk0s3

/dev/disk1

#: TYPE NAME SIZE IDENTIFIER

0: GUID_partition_scheme *500.1 GB disk1

1: EFI 209.7 MB disk1s1

2: Apple_HFS Data HD 499.8 GB disk1s2

/dev/disk2

#: TYPE NAME SIZE IDENTIFIER

0: GUID_partition_scheme *500.1 GB disk2

1: EFI 209.7 MB disk2s1

2: Apple_HFS CCC Backup 499.1 GB disk2s2

The disk I want to encrypt is Data HD and to the right of the name you can see the identifier which is

disk1s2

With that information I could convert that disk the CoreStorage format with the following command:

sudo diskutil corestorage convert disk4s1

Terminal will request your administrator’s password, then will begin the conversion process.

Vinces-MacBook-Pro:~ vince$ sudo diskutil corestorage convert disk1s2
Password:
Started CoreStorage operation on disk1s2 Data HD
Resizing disk to fit Core Storage headers
Creating Core Storage Logical Volume Group
Attempting to unmount disk1s2
Switching disk1s2 to Core Storage
Couldn't unmount disk1s2; converted volume won't appear until it's unmounted
Core Storage LVG UUID: 5896188D-5D8C-4A8D-95BB-3D0DC892CBF4
Core Storage PV UUID: 9A70E1FB-5FEE-445B-8E92-04EC42C32D5E
Core Storage LV UUID: EB1BD441-D493-4C2B-B6E4-A646667D79C0
Finished CoreStorage operation on disk1s2 Data HD

Encrypt the disk The important information above is the LV UUID, or logical volume universally unique identifier. Using that information, you can then run the command to encrypt the disk, as follows:

Vinces-MacBook-Pro:~ vince$ sudo diskutil corestorage encryptvolume EB1BD441-D493-4C2B-B6E4-A646667D79C0 -passphrase password
Password:
Started CoreStorage operation on disk2 Data HD
Scheduling encryption of Core Storage Logical Volume
Core Storage LV UUID: EB1BD441-D493-4C2B-B6E4-A646667D79C0
Finished CoreStorage operation on disk2 Data HD

Replace password with your password. The next step will ensure that the Data HD gets mounted during the boot process so that your accounts are available. For this you need the excellent program Unlock https://github.com/jridgewell/unlock by Justin Ridgewell. Full instructions for installation are on his page.
His script runs as follows:

Vinces-MacBook-Pro:~ vince$ curl https://raw.github.com/jridgewell/Unlock/master/install.sh | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2853  100  2853    0     0   1277      0  0:00:02  0:00:02 --:--:--  1971
Attempting to re-run as root...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2853  100  2853    0     0   1486      0  0:00:01  0:00:01 --:--:--  1864
Password:
--------------------------

Downloading...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   509  100   509    0     0    314      0  0:00:01  0:00:01 --:--:--   385
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   139  100   139    0     0     80      0  0:00:01  0:00:01 --:--:--    99
100 27900  100 27900    0     0   7686      0  0:00:03  0:00:03 --:--:-- 76438
--------------------------

Installing...
Do you want to unlock Data HD at boot? (y/N)
y
What is the passphrase used to encrypt Data?
*Enter passphrase for Data HD*

Following conversations with Justin it is probably worth checking that you have an entry for Unlock: Data HD in the System Keychain. Also the script will be installed at /Library/LaunchDaemons/name.ridgewell.unlock. He also advised setting up another Admin account on the SSD in case one ever needed to do an decrypt the Data HD in case anything goes wrong. The command for that is:

diskutil cs decryptvolume EB1BD441-D493-4C2B-B6E4-A646667D79C0 -passphrase password

using the example of my Data HD above.

Obviously a bit of clean up is necessary. For instance all the Application icons in the Dock will be referencing the Applications on the original hard drive so you need to delete each one and replace by dragging the Applications to the Dock that were moved to the new SSD.  Finally I used  Carbon Copy Cloner to copy the user folder from Data HD to another drive, re-formatted the Data HD to remove all the Applications and System files and then cloned the User folder back to the Data HD. Then of course I tested all my Applications to make sure everything was working. So far so good and the performance increase is well worth the effort. Boot time is down to 10 seconds and all Applications open instantly!

I’ve heard about this previously but never put it into practice before so this is what I did.

I purchased a Skype Online Number (cost about HK$50 per month for 3 month minimum). I put HK$100 into Skype credit. Before I left Hong Kong I forwarded my cellphone to my Skype Online Number, not through the iPhone forwarding but by dialling **21*Skype Online No#send. When I reached my destination (Philippines) I bought a local rechargeable SIM card from SMART cost 150 pesos and added 200 pesos value. Then I went online to the Skype website and forwarded all my calls to the Philippines SMART number. Now all my Hong Kong cellphone calls come through to my local no at about HK$2 per minute.

I did however make a few mistakes on the way. You must do the forwarding on Skype through their website. If you do it through the Skype application on your computer it doesn’t appear to synchronise with the website and consequently you need to keep Skype open on the computer and not let it sleep! Big mistake.

Secondly get a decent cellphone provider at your destination! I first tried Globe and it was a hopelessly unreliable service. At that point I’d almost given up but Skype does have Voicemail which again is a little odd as you need to set it up on their website but record your own outgoing message through the Skype app on your computer. This again can be set on the website to alert you with an SMS or email if someone’s left a message.

Anyway in the end I’m pleased with this solution although it wasn’t as straightforward as I’d thought.

I finally decided to bite the bullet and get the Apple TV 3 because I really wanted it for AirPlay mirroring as I’m getting tired of my extra-long HDMI cable which is now for sale. I’ve installed Mountain Lion GM on my MacBook Pro (I’m an Apple Developer so this is perfectly legal) and I can report that AirPlay Mirroring works flawlessly even using VLC to open files located elsewhere in my network. I then use Mobile Mouse on my iPhone to control it. On my iMac running Lion Server I can use AirParrot for AirPlay mirroring which works though not quite as seamlessly as AirPlay on Mountain Lion.

AirPlay mirroring is displaying the contents of your Mac screen on your TV. I use it mainly for playing back movies and TV through VLC.

Apart from the AirPlay mirroring now that we have iTunes Store in Hong Kong I can do all the usual things on the Apple TV 3. I’m enjoying the radio while working. I was holding off until the Apple TV 3 had been hacked but that seems unlikely and quite frankly with AirPlay mirroring I can’t really see the need to hack it.

I have just acquired the new PayPal Here reader which means I can now accept all major credit cards as well as PayPal. However I reserve the right to charge a small percentage to cover my PayPal charges.

I received a very nasty but obvious spam today from iCloud <022100@westnet.com.au> as follows:

The link leads you to http://ipad-pen.net/mobileme.php which has a form:

Needless to say – DON’T FILL THIS IN! It’s a quite obvious fake!

 

My previous update for Lion Server 10.7.3 was so disastrous I had to completely re-install from scratch as the Open Directory database was completely hosed. This time updating to 10.7.4 I adopted a very careful procedure:

1) Backup Open Directory database using the Archive function in Server Admin.

2) Repair Permissions on start-up disk

3) Restarted from the USB Lion Server Installer I made earlier Creating a bootable Mac OS X Lion Server USB Installer Disk which has DiskWarrior on it.

4) Ran DiskWarrior:

Incorrect values in Volume Information Block were repaired.

5) Installed Lion Server 10.7.4 while booted from USB Lion Server Installer

6) Repaired permissions again (lots of permissions were fixed)

7) Ran DiskWarrior again (clean)

Rebooted from Macintosh HD start-up disk and checked everything was running correctly (it was).

There’s been a lot of publicity given to the new Mac “virus” that’s infected millions of Macs. Personally I haven’t come across it, but if you are worried that you might be infected there is an Applescript that that can check your system:

Quick Applescript to check your Mac for the Flashback infection

To use it copy and paste into Applescript Editor (found in Applications/Utilities) or you can download the script here:

Flashback_checker.scpt_1.zip

Today I had a lot of problems with internet access, mainly due to PCCW’s appalling broadband service on this wretched little island so I decided to shut all my computers down together with the Airport Extreme and broadband router, then restart everything to hopefully get a new IP address. When I restarted the server I noticed at the login screen that network accounts were no longer available but nevertheless was able to login. I then checked the MacBook Pro and found that I wasn’t connected to a Network Account Server in Login Options and couldn’t see any network server. Then I checked on the server and found that Workgroup Manager couldn’t login to the LDAP server. Then checking Server Admin I found that Open Directory wasn’t running and would not start. Needless to say I had never backed up the OD in Server Admin. I repaired permissions, restarted and nothing had changed. Then I restarted from my Carbon Copy Cloner backup from yesterday and found everything was sweet. So from Server Admin I made a backup of the OD database and then restarted from my regular Server HD and restored this backup of OD which then worked fine. My Network Account Server was available again and I had no problems creating new users in Server and Workgroup Manager. I’m assuming that Open Directory is fixed. However as a precaution I repaired permissions again and this was the result:

Repairing permissions for “Macintosh HD”

Permissions differ on “private/etc/apache2/httpd.conf”; should be -r–r–r– ; they are -rw-r–r– .

Repaired “private/etc/apache2/httpd.conf”

ACL found but not expected on “Users”

Repaired “Users”

Permissions differ on “private/var/db/openldap/openldap-data”; should be drwxr-xr-x ; they are drwx—— .

Repaired “private/var/db/openldap/openldap-data”

Permissions repair complete

 

It seems that the restored backup of OD had some problems but were fixed. Thanks to the ability of Server Admin to make a decent backup of Open Directory.

My question is now how will I make a backup of Open Directory under Mountain Lion server as there is no Server Admin?

Working on hints I gleaned from this article, I’ve created my own Lion Server USB Installer. Here’s how:

For most people installing Lion Server is a case of downloading Server.app from the Apple Store and installing on top of an existing OS X Lion setup. This is unsatisfactory for a number of reasons primarily because you don’t get to use the Server set up application. If you have an existing Lion Server that you have set up this way it’s very useful to keep a Lion Server Installer USB drive handy in case you need for some reason to re-install. You cannot use Recovery Disk for this as Recovery Disk will only give you a plain vanilla Lion client install. So presuming you have Lion Server installed now put a copy of “Install Mac OS X Lion” into your Applications folder. Make sure you also have a copy of the latest Server.app there as well. At time of writing the latest download of “Install Mac OS X Lion” from the App Store is at version 1.0.16 and is 4.07 GB. The latest Server.app is at version 1.3.1. These together will install Lion Server 10.7.3. If you launch “Install Mac OS X Lion” using a blank USB or Mac partition as your target  you will see the following:

 

 

 

Clicking on Customize will give you the option to install Server Software:

 

Now when you start this installation the Server components will be downloaded to the target drive. This can take a very long time (in my case about 50 minutes), so to save myself time for future installations I shut down my computer before the reboot for the install process. If you do that you will see two folders on the target drive, one called Applications which contains the latest version of Server.app and another called  Mac OS X Install Data which contains 3 files – “indexes.product”, “MacOS_10_7_IncompatibleAppList.pkg” and “Server.Essentials.pkg”. Keep these two folders as they can be copied to future install media to save the downloading time. If these folders are on the install media the install of Sever components will only take 3 minutes.

Then at this stage you can resume the installation and when the new drive reboots you will get the Server Assistant which will guide you through either setting up a new server or importing from an existing server. To make a USB disk for future installs you only need a very basic setup with no configuration for Server services. It’s handy to keep the two folders Applications and Mac OS X Install Data on the Desktop for copying to new drives that need to have Server installed.

 

This is a HACK and not officially sanctioned by Apple. If you use this method you do so at your own risk!!