Sunday, December 27, 2009

Santa was here!! YEAHHHH!

Well, I have finally made it into the present in technology...yeah I know, you figure since I work with technology that I would be on top of it.  I have had Verizon FIOS for a couple years now, 2 flatscreen HD TV's (Vizio and Samsung) and have had TIVO since they first came out.  Now the FIOS DVR replaces the TIVO (well it is substituted for the TIVO, it will never replace it) and last Christmas I received a Sony up-scaling DVD player which has worked beautifully.  This Christmas I was upgraded (thank you Santa) to a Blu-Ray player.  I have not jumped on the Blu-Ray HD bandwagon, as far as DVD's go.  I do have to admit, it is beautiful.

The player I received was a Samsung BD-P1590.  It comes with a multi-function remote to control the TV, however it does not fully support the features of the Vizio.  It gives me on/off, volume, mute, channel control but NOT source selection.  With that aside, the player itself has a couple of nifty added features.




It has built in Pandora and NetFlix player capability as well as players for YouTube and Blockbuster.  Pandora is a music playing service that allows you to type in an artist or song and it will automatically select similar music and play it for you like a personalized radio station.  With the Blu-Ray player you get a free subscription to Pandora.  Once you create your account you can then tune into the Pandora website from your computer, or log in from the Blu-Ray player and listen to your music "channels".  Netflix (as you may or may not know) is a DVD mailer service that allows you to queue up DVD titles that are sent to you in the mail with a return mailer.  You can take as long as you need to watch the DVD then mail it back and upon return you will receive the next DVD in your queue.  NetFlix has since added streaming "on demand" services which can stream to either a computer or a dedicate player device.

Once you create your NetFlix account (the cheapest service is 8.99 a month for one DVD at a time service, online content included), you login from the Blu-Ray player and can then see your "instant queue" material and it start playing your selections..  What was the first video I watched you ask?  It was "Buck Rodgers in the 25th Century" TV series of course.




The Samsung BD-P1590 connects to the internet using a Ethernet connection, or a USB wireless adaptor.  I opted for Ethernet since my FIOS router is located in my entertainment system as well.  One of the first things you should do is go into the player settings and make sure everything is set correctly and have it do a firmware check to make sure you have the latest firmware.  Mine had to be updated even though it was a brand new player.

The one other device that I received was a set of Sony rechargeable IR headphones.




I used to have a model about 10 years ago that broke a few years back.  These are much better in that they are much more sturdy headphones.  They recharge when sitting in their base-station and use IR to communicate.  One nice feature is a silencer when you wander out of the IR path (like to the kitchen for a cup of Green Mountain coffee from my Keurig coffe machine 8-)...) so you dont hear static.  I have my TV audio out going to my home stereo, and the Tape recording out going to the headphones.  As long as I have the stereo on, I can turn the TV and Stereo volume all the way down and hear the audio of whatever is on my TV (TV, DVR, Blu-Ray, Wii etc etc) in the headphones.  They also function on a single AAA battery if needed.

There, I am all caught up.

Sunday, December 20, 2009

Pinball Dreams and Pinball Fantasies Live again!!!

For all you former Amiga heads....remember Pinball Dreams...then the sequel Pinball Fantasies?  Remember playing until your hands hurt from clutching the keyboard....remember cranking the awesome soundtrack and enjoying the smooth and quite accurate ball physics?

Well, if you own an iPod Touch, or an iPhone....You get both again...ported over and I would say almost 100% accurate and true to the original....YEAHHHHH....



Here are the reviews for them at toucharcade.com....

Review for Pinball Dreams....

Review for Pinball Fantasies....

Works well and brings back memories....I hope more old Amiga games come over....two of my old favrites....Roller Ball, and Battle Squadron.....

Thursday, December 17, 2009

Video Hard Drive recording

We often look for ways to streamline our video production workflow.  There are some very time consuming parts to digital video production, mainly around getting your source video into the computer.  This usually involves using a VTR connected via FireWire to your computer and "ingesting" the video.  The problem is that if you have 4 hours of video, it takes at least 4 hours to ingest it.

One way to reduce this time, is to record directly to some other media that makes it easy to get your material on the computer.  Newer camcorders now record to SD cards in H.264 (Mpeg 4) files.  You can literally drag and drop those files into your editing program.

A few years ago we started using a device called the nNovia QuickCapture A2D.



This device works just like a VTR with controls to play, record, rewind and fast-forward.  You can connect a camera directly via FireWire, or using the analog "dongle" that provides Composite/S-Video inputs/outputs and audio.  This unit has the added benefit that it transcodes from FireWire to Analog and the other way too.  We would use a Sony Anycast and connect the FireWire output to the QuickCapture to record.

Once you have your material recorded, you can put the unit into FireWire Hard Drive mode, and connect it to your computer.  It can record either Quicktime MOV files or Windows compatible AVI files.  You can simply drag and drop these files onto your computer and start editing.  We love them.

Recently nNovia was purchased by DataVideo and a few new models were introduced, including a removable HD model that allows you to pop out the HD module and connect it directly to your computer via a USB cable.  We plan on using a 1U version of this in our new Video system.  You can also purchase additional "sleds" to put HD's into giving you a great amount of storage.




There are other versions of this type of product, such as the Firestore made by Focus, but after using a few products, the ease of use, reliability and the ability to monitor your recording using standard analog monitors is fantastic.

Mobile Video Production

Every now and then a product comes along that makes people in a certain industry sit up and pay attentions.  Back in the 90's it was NewTek with the Video Toaster for the Commodore Amiga Platform.



Back in the day, I was involved with using the Amiga in video production when it was given to the cable TV studio I worked for as a grant project.  We received it along with a genlock (used to sync the computer video to the same timing of an incoming video signal and overlay graphics on top of that video signal) and some basic titling software.  One of the first titling products that we worked with was called Scala, which is now one of the defacto digital signage products available.  A local PBS station installed an Amiga in their studio and they were having issues integrating it.  They received my name from Commodore and called me to come in and look at it.  With my video editing and engineering background, I ended up staying and working with them editing show packages and eventually getting an FCC broadcast license and operate the transmitter.

This station then received an ALPHA unit of a new product called a Video Toaster.  It was a hardware/software combination that gave you 3-4 video inputs and allowed you to do real-time video switching, with 3D effects and add titling. The cost of this total product was FAR below the cost of any comparable video switching unit at the time.  Along with this product came an extra add-on of a 3D rendering program called Lightwave 3D.  I do believe I was the first person to use a Toaster in on-air broadcast use on the East Coast of the US.

NewTek continues to produce the Toaster now, as well as introducing a new product line called the Tricaster which was basically a video switcher, web streamer, graphics and video editor in a self contained small form factor (ala Shuttle PC) box, running Windows XP.




This box originally had 3 analog composite/S-Video inputs as well as audio line and Mic inputs as well as Composite/S-Video output with line level audio outputs.  It allows you to mix 3 live video sources, pre-recorded video and graphics using 3D video effects as well as having a downstream keyer for lower thirds and other overlay graphics.  The box also has the ability to use a network connected computer as a video source by running a special program on the client, which then shows up as a "VGA" source. Not only does it scale that VGA input for video, but you can then use the DVI output to display a clean unscaled version of the VGA input to a monitor or projector.  This works great for still slides, but not good for anything with moving video.

The interface is controlled with standard keyboard and mouse, however, NewTek offers a a usb attached control surface with a standard "T" bar as well as input buttons ala a standard video switcher interface.



There have been new models of the TriCaster introduced recently which included models with more inputs, Component inputs, SDI input support and a recently introduced HD model.

The latest models also support the newer control surface shown above, as well as an external DDR controller (controls the built in "VCR" features) as well as LiveType which is an external CG program to allow a second person to update and create title graphics on the fly.

One other neat feature of this box is that it supports the "Virtual Set" feature, which allows you to sit in front of a green screen and look like you are sitting in the middle of professional studio, including shadows, reflections and multiple cam angles.




So all in all, this box is literally a TV studio in a box..with video editing features and streaming (Flash and Windows Media) this box is bang for the buck.  We are currently working on purchasing a self contained video production system that contains a Tricaster, wireless microphones, Sony DV tape deck, and a DataVideo video hard drive recorder.  Pictures will follow when the unit is complete and delivered.

Saturday, November 28, 2009

Turning off the Lightspeed LsSaAlerter in OSX

We were having an issue with LsSaAlerter application which is part of the Lightspeed systems Security Agent for OSX.  the LsSaAlter application is responsible for the menu bar icon that shows you the status of the security agent and what it is currently doing.  There is also a shortcut to get to the Lightspeed Preferences Pane by clicking on the menu icon.

There does not appear to be any current way via filtering policies to disable that menu and even if you MANUALLY go into the com.lightspeedsystems.securityagent.plist and set the "Enable Manger" key to false, it resets on next logout/login.

So, to manually force that option we look to Apple's MCX system that we use to manage our laptops via group policy.  Using the Workgroup Manager application, we select the computer group and click on PREFERENCES, then click on the DETAILS tab.  Click the little + symbol at the bottom and find the Lightspeed preference file and load it in making sure you are loading it into the ALWAYS category.  The preference file is found at

/Library/Preferences/com.lightspeedsystems.securityagent.preferences.plist

Once loaded, click on the EDIT symbol (little pencil) next to the + and - buttons, and expand the ALWAYS selection.  Click on each entry and hit DELETE to remove it.  The only entry you wish to remain is "Enable Manager" which should be set to boolean and false.  This allows the other items to still be controlled by the filtering policy.

Now, next time your clients in that computer list refresh their preferences, the menu item will no longer be present.

BTW, this is a good way to force preferences for many third party programs that support PLIST preference files.  Of course, it is good to test, and you may have to use OFTEN or ALWAYS.  Always means that the preference can NOT be changed...OFTEN means it sets the preference on login, and can be changed, but on next login the preferences will be reset to what you want them.

Upgrading from iPhone 2G to 3G.

My wife has an iPhone 2G that we had the Pick Your Plan with unlimited data from AT&T.  She has been wanting to upgrade, but I have not been in love with being locked into a 2 year contract.  She purchased an iPhone 3G from Ebay, and it arrived today.

After reading many MANY conflicting reports on what AT&T supports, workarounds etc etc we did the following...

Fully sync and backup the original iPhone 2G which is fully updated with the latest OS and service provider updates.  We then attached the iPhone 3G to the computer, and when it shows up in iTunes, we right click on the name on the left hand pane of iTunes, and select "Restore from Backup" then choose the backup from your original phone.

Once restored, we did a full sync just to make sure it was all good.  We then shut off the original phone and  removed the SIM card, then turned off the new iPhone 3G and placed the SIM inside.  The phone started right up and worked right away with NO tweaking.  The only thing we needed to do was re-enter any passwords (WI-FI, email passwords etc) and all was well.

So, for the time being.....VIOLA...upgrade from 2G to 3G keeping all SMS messages and configurations.

BTW, this may only have been possible as we had the Pick Your Plan with unlimited data all along with our original iPhone.  It is my understanding that you can no longer purchase the unlimited data for your Pick Your Plan unless on an original iPhone or iPhone 2G.  So, if you can get your hands on an original iPhone and activate it or Pick Your Plan with unlimited Data, you may stand a chance....good luck.  BTW, as I said, there has been many many conflicting reports so you should contact AT&T for the official info.

Next, my daughter has another AT&T phone with Pick Your Plan and Unlimited Data.  We will see about transplanting that SIM into the iPhone 2G and see what happens.

Friday, November 6, 2009

Free Windows Protection Options

It's a known fact that if you are running Windows you should have a working anti-virus and anti-spyware software installed and up to date.  If you purchased your computer 2 years ago, odds are that your anti-virus free subscription to updates is expired.  This means that at some point your anti-virus stopped receiving updates and any virus that is discovered after that point is not known about and therefor you are not protected against.

The other problem is that most of these "catch all" programs eat up processing power from your computer.  So, after trying different solutions, I discovered the following combination that I use. Also, toss in a little common sense.

First, the anti-virus.  AVG makes a great product called AVG Free, now at version 9.0 and available here.  This software is very easy on your system, has daily updates and scanning and best of all...it's FREE.  In addition, another good antivirus choice would be Avast, available here, and now Microsoft has a suite of utilities called Security Essentials available here.

Second, the anti-spyware.  Microsoft not only makes Windows, but they also make a free anti-spyware solution that comes pre-installed on Windows 7, but you can get it here if you have Windows XP or Windows Vista.

If you use these programs, keep them up to date and use some common sense while browsing the internet and installing software, you should be OK.  Just one word of warning, you should choose only one antivirus and anti-spyware program to run at a time.  If you wish to try a different program, uninstall the previous program you have installed.

One last program I use is MRU Blaster which can be had here.  It isn't known if it works on Windows 7, but  it works for all other versions of Windows.  It's primary function is to keep your "Most Recently Used" lists clean..and if you run and configure the software you will see what I mean.  It runs every 15 minutes to cleanse these lists but has 2 additional plug-ins not enabled by default.  First it can clean cookies.  A cookie is a little piece of code that stores things about websites you visit and for the most part are harmless.  Some cookies store your name/password for websites when you tick that little checkbox that states "remember me".  If the cookie is deleted then you must re-enter your name/password when you next visit the site.  This plug-in gives you the ability to keep selected cookies from being deleted and you can usually tell the ones you want to keep by looking at their full name.  If you see a cookie for "yahoo.com" and you know you visit yahoo.com on a regular basis and do not wish to have to re-type your name/password each time, make sure you add this cookie to the exceptions list so it isn't erased.

The second plug-in is more important.  Your computer keeps a temporary directory where it stores all the lovely things that make up web pages, such as graphics and misc. files.  Viruses also live out of this area.  This plug in will clean that directory every time the program does it's thing and can be configured to also do a secure deletion .


Home filtering for OSX

Well, there are many ways to filter your internet connection.  You could setup your own proxy/filter (like Dan's Guardian) solution at home, but I think many parents will not bother (or just plain don't know how) to do it.  The other thing, if you have an unsecured wireless network around (you know...form those pesky neighbors) then your little one can just jump on that network and avoid it.

Some home routers support firewall/filtering rules, but you have to get into the router to set it up and still, the problem you have is if you have unsecured wireless networks around.

Lastly, you can install filtering software on the computer.  This is an option only if you make sure your child is not an admin on the machine.  A problem especially in the Windows world.  But either way, with the child being an Admin, anything can be installed or uninstalled which is a BIIIG problem since kids have a habit of clicking all over the place whenever any type of advertisement or fake warning (you know the type...."Your computer is not running 100%, click here to make it faster") pops up while web browsing....Not to mention the virus threat of transferring files all over the place using IM.  So...what to do?  Sure there are lots of Windows solutions out there...but what about OSX?  Here is one solution that works for both!

Lightspeed Guide is a product of Lightspeed Systems which make a filtering and anti-virus product for Window/OSX/Linux.  They also have a home filtering option for school districts that opt to send laptops home with kids and require to maintain logging and filtering called the LightSpeed Guide.

They offer a free LightSpeed Guide as well which you can get from here.  You log in to their site and create accounts for your children, then you can go and modify the filtering policy using one or more of their over 100 categories, or just choose a preset policy.



You can also force Safe Search on for Google and Micorosft Bing, but beware that this option is not the moderate safe search (regular searching but not able to disable it) but rather the strict safe search, which may be too strict for useful reports for Middle School aged students and above.  You also have the ability to tell the client to block all surfing if the LightSpeed Guide servers are not available.  This could happen for many reasons, but it is a safety measure incase there are any shenanigans happening at the home router attempting to bypass the security.

The Windows version also has a removal password, so even if you are an admin, you can not remove the software without knowing that password.

Last thing, you can do reports, as well as have reports emailed to you on a regular basis.  BUT PLEASE, do not try and thing that any type of filtering product is 100% foolproof.  The best filtering policy is to be open and talk to your children, and just be a parent.  Stay on top of what your children are doing, don't let them lock themselves in their room with a computer and have honest and open talks with them about the dangers that lurk out there (not just the internet).

Lastly...BE A PARENT.  If you know the internet is being abused take the computer away!  Know the capabilities of your home router and see if you can put time  restricting in place for your child's computing devices (don't forget about the iPhone, iPod Touch, Wii or anything else that can be put on your home network).  And if you know your neighbor has an unsecured network, tell them about it too.  they should know the security risk that they are presenting themselves with before something bad happens.  As a prime example, we initially attempted to recover a stolen laptop that reported back to us it's internet address and DNS name.  The police went to the house and were befuddled to find out the people we knew had the laptop was not the family that lived there...well, we eventually found out that they were the neighboring house and were borrowing the unsecured WI-FI.

Just for a point of reference, if you have Verizon FIOS, their included router has the following parental controls...

The box on the left will be populated with the names of the computers on your home network....








Tuesday, November 3, 2009

Cross Platform Utilities

Just some items that might help OSX people with working with Windows implementations....

CORD  the open source RDP client which works really well.




VNC clients/server.  I have successfully used TIGHTVNC server and client on Windows.  If you are on an OSX 10.5.x or later workstation VNC is built in by using the GO, CONNECT TO SERVER from the finder, enter vnc://mymachine.domain.com or vnc://xxx.xxx.xxx.xxx (put the IP address of the remote machine in place of xxx.xxx.xxx.xxx) and supply your VNC password is needed.  If you are connecting to another OSX machine using this procedure, use the account information you have set-up on the remote client for ARD use (name/password).  Other VNC clients on OSX are Chicken of the VNC, and Jolly's Fast VNC which is part of a more comprehensive OSX utility called ScreenRecycler.

There are some great utilities that deal with cross platform audio/video conversion.  Find my blog entry that talks about these HERE.

If you need to run Windows on OSX you can try virtualization products like VMware, or Parallels or a free product called VirtualBox.  You could also try using Apple's Dual Boot system called BootCamp which allows you to easily use the BootCamp Utility to partition your HD (non destructive) Burn a Driver CD and boot onto Windows Install Media to install Windows just like any other Windows compatible PC...because, well...it IS a Windows compatible PC as far as the hardware under the hood.  Dont forget to put your OSX install CD in after you install Windows, to install the Apple Windows Drivers (just rolls off the mouth don't it)....then use Apple Software update to make sure you have the latest versions.

BTW, do you need to backup your Windows partition, to restore later?  Look no further than WINCLONE.  It allows you to compress, backup and restore the Windows partition to larger HD partitions...you could also use SYSPREP to prepare the Windows partition for installation to other OSX hardware platforms.  It is my understanding, that OSX 10.6 Bootcamp drivers also install a HFS+ driver to allow you to access your OSX HD partition....not sure how I feel about that 8-).  Also, look at rEFIt or BootPicker to assist in the booting process...of course you could always just hold down the OPTION key while booting up your OSX machine to use the built in bootpicker, for simple selection of the partition you wish to boot from (including External HD, CD, DVD, Windows, OSX etc).

If you only need the occasional program, you can try CrossOver, which is the commercial version of the WINE project which allows you to install and run some Windows programs in Linux (and now OSX) without the need to actually install Windows.  It works well for the programs it supports.  I have personally run the Office Suite under CrossOver...and yes...it works.  Here is a shot of IE7 (with flash support (yes YOUTUBE works just fine)) running in CrossOver Professional 8 on my MacBook Pro.




If you need to WRITE to a NTFS formatted HD, you can try MacFuse and its NTFS 3G module.  Of course, OSX has the ability to READ NTFS just fine without any additional software.

I am sure there are MANY more tidbits but these are the items that help me the most in doing my job.

   -Mike

Tuesday, October 27, 2009

Mac Mini and Home entertainment

Mac mini.....for 549...home entertainment at it's best, and toss in one of these...



converts mini displayport and toslink audio to HDMI...can you say...HOME THEATER...8-)


iMac or Monitor?

The new 27" iMac...a thing of beauty...if you can get to an Apple Store or Best Buy, you MUST take a look at these.....but here is the thing.....it doubles as a MONITOR!!.  Using the mini display port you can use it as a monitor for another computer (or anything that using mini display port)....



There is even talk of adaptors to convert HDMI and other formats to use this...who hooo


Server, we don't need no stinkin' server...

OK....Mac Mini Server ...WHOO HOOOO finally a cheap SUPPORTED server that I can use for testing....lets see...educational price of 2,004.00 which includes a 4 x 1TB external FW800 Promise Raid, and 2x 500GB internal drives.  Unlimited server (which is 1,000 alone).  EXCELLENT.

Read more about it here....


Wednesday, October 21, 2009

New Macs

Once again, a refresh of the Mac lines with a new Macbook, Mac Mini (with supported server config...yeahhhh) and new iMac.....one issue....Macbook is for education, it is the lowest priced laptop option...they removed firewire all together....THATS BAD....here is why...

We have lots of Firewire based camcorders in our K-12 buildings...kids and faculty do a lot of projects using Firewire to connect those pieces of equipment to the laptops....DOH!...Also, FIrewire Target Mode is priceless for recovering files off of messed up HD's....but wait...no firewire, no Target Mode hence you need to take the laptop apart....C'MON APPLE...if you are going to do that to us, at LEAST give use Target Mode via USB.....and btw...thank you for shooting us in the foot with the Firewire thing....at LEAST they could have made it a 4 pin Firewire connector to save space...and guess what...k-12...we aint buying Pro's just to get Firewire.....

   sigh...

Monday, October 19, 2009

Loggen and Support Documentation

The folks at University of Michigan have changed their site, so all links that I have come to to try and get the documentation for LOGGEN have gone bye bye.  I have downloaded and am making available the LOGGEN 2.2 DMG, as well as the LOGGEN Documentation.  Loggen 2.2 is from January '09 so it has been recently updated.

For those that do not know...this is a little utility that produces snapshots and diff files of your operating system.. Then there are utilites that can take these diff files and create root package directories for you to repackage the changes into an OSX Installer pkg file.  On our image, we always finish with a loggen initial scan, which we can then go back to and look at what has changed if need be.  If you google loggen you will see a few links on how to use it for the above purpose, but I just use it as a command line diff maker for trouble shooting.

Thursday, October 15, 2009

Wirecast - True Software Video Production and Streaming

Every now and then you come across a piece of software that is really incredible.  I was originally blown away when I first used a Video Toaster on an Amiga 2000 (OK, I know, that was hardware and software....but c'mon, it literally was the start of the desktop video revolution we all take for granted now) .  I also played around with the then free add-on tool called Lightwave.

Since my roots have always been in video production, I always am fascinated in how far software has come.  Enter Wirecast a little gem that is truly an incredible piece of software for those on the spot video production needs without having a huge video rig.

Wirecast allows you to connect multiple cameras via Firewire, mix in pictures and movies, apply lower third graphic overlays, manipulate sound and use some PIP effects and move seamlessly from one to another.  You can apply video effects and green screen.

The product is available for Windows and OSX and not only allows you to record locally as you live switch between all your composed "shots" but also STREAM the event live in Windows Media format (Windows Only), Flash and Quicktime.  You can do push or pull streaming and also stream to relay servers or outside services like Eastbay Media.

They also have a product for OSX called Video Cue, which basically allows you to create a running script (teleprompter style) then line up video shots (same type you can create in Wirecast) so as the script runs, you can read and record yourself and have the shots appear at designated times during the script.   I have used Wirecast on many occasions as a front end to video conferences and quickly apply lower thirds etc etc.

Eastbay Media

Kudos to Eastbay Media for an excellent streaming service and one of the most friendly services I have ever dealt with!

For those looking for a top notch media/streaming service you must take a look at Eastbay Media.  We use their service for Quicktime Streaming, Flash Streaming, Flash movies storage and serving for our website, and Windows Media Streaming.  They are a very fair and knowledgeable service with excellent support and great tolerance for working with our K-12 organization.  I highly recommend them for anyone that requires a reliable distributed streaming service.

And that CEO guy seems pretty cool too...Thank you Brad.


Tuesday, October 13, 2009

Video Furnace Channels and Workflow

So we have been lucky enough that Comcast has been really good with working with us.  We used to have a hardline (off the pole from outside) which is a much thicker/rigid coax cable that also carries high voltage to power amplifiers and such.  This hardline was tapped to run a standard coax cable to our eqiupment rack and then using a few splitters was split 22 ways.  We now have fiber and established a node directly in our facility.  We have 20 1u Dell Servers each with 2 encoder cards (VFLive).  The coax terminates at each card, and I can control and tune each card to the appropriate channel we wish to use.  I then setup the channel information inside Video Furnace software.  We also have 1 video on demand server (VFNow) and a license manager server.  We also have 5 in-house scheduled channels which run our Scala message board.  Channel 1 goes out to the community via Comcast and Verizon FIOS by feeding the associated equipment and encoders from the output of a set-top box.  We can then schedule any asset (recorded or live) to play on that channel for the community to view.  This is how we do things like school board meetings, and live graduation.

Video Furnace is now merged with Haivision who makes hardware encoders.  Previously (and in our current setup) Video Furnace only had the server based encoders, and portable encoders which were really just small form factor PC's with an encoder card inside.  They work, however often the unit needs to be opened and have the daughter card/PCI cards reseated from being jostled around.  HaiVision brings to the table a hardware encoder platform as well as a chassis based encoder farm instead of servers, which both are a welcomed addition.

So, for live events we feed directly into a portable encoder, and schedule that to be live at the times needed on either an in-house channel or the community channel.  Otherwise, we record our events using nNovia video hard drives and edit in Final Cut Pro.  We then use utilities like FFmpegX to convert to MPEG2 video and MPEG2 audio then ingest that into the system and schedule it to play  using some rather interesting free utilities listed here. I can also convert and ingest video directly from DVD's as well as other digital sources and video furnace also has a workstation with an encoder card that allows me to ingest directly from VHS or other analog video sources (you could, of course, just use a VCR and a portable encoder as well).

Just some points to consider....

1. live video switching with a product like the Sony Anycast is great because they offer both recording directly to a hard drive in AVI format and Firewire output to a device like a DV deck or nNovia HD recorder.  However, the Anycast only does basic switching and the AVI files are recorded onto a hard drive which is formated in a Linux (ext2) format which requires special software to access on both Windows and OSX. The OSX software is listed here which appears to not install on 10.6 at the moment.  Also, if using a product like Newtek Tricaster, make sure you record locally in a format like MPEG2.  If you use AVI, Newtek uses a custom video codec which is only available on Windows.  Only newer Tricaster units have this option.

2. Ripping from DVD requires program to Decrypt the CSS copy protection on the DVD.  Although this practice is considered illegal by many, it is sometimes your only choice other than actually playing the video and ingesting it in real time via an encoder (which sometimes a system called Macrovision will cause strobing or very dark video).  Please make sure you have the publishers permission to take the material and use it in this manner, as often it requires the purchasing of additional network rights.  I will not link to such utilites here, but you can find them on the internet if needed.

Monday, October 12, 2009

Video Furnace/HaiVision

When I was first hired at Lower Merion School District, one of my duties was to install a Video Distribution system.  At that time, multiple VCR's with cable multiplexers etc were to be the solution.  Each building would need it's own system/cable plant.  At that point, we were starting a Capital Improvement project of renovating all our schools.  Part of the renovation was to install coax cable to all rooms.  Our 2 high schools were networked but no coax was installed to the existing facilities.  So I was then tasked with trying to find a video system that could use CAT5 cable/Coax.  We started with IP Telephony at that same time.  I was not happy with any solutions we saw, mostly because they were not cross-platform compatible.  One vendor used Windows ME for their Set-Top-Box platform....are you serious???

Finally, I got the name "Video Furnace" through a sales rep. from another company we do business with.  The Video Furnace CEO and CTO came on-site and did a demo.  They had a switch, a smaller form factor encoder and a portable DVD player.  They showed us how the system was ENTIRELY IP and performed equally for both viewing and management on both OSX and Windows (as well as Linux).  ZERO footprint client (delivered from the web portal upon connection) with identical form and function.  I then connected my own laptop to their demo network and with the click of the mouse on a web portal page, had the system running on my laptop.  SOLD!

So we have 20 live channels that we now multicast through our facility as well as 5 scheduled channels (Community Cable Station, and 4 in house stations).  We purcahsed the system, the servers were drop shipped to Video Furnace site, they were configured and shipped to us.  Plug and Play!  The system was up and running immediately upon being plugged into the network.

Next up...the digital workflow.....getting live channels connected, and how we add our own content...

Email and VPN in OSX 10.6

I took a bold step and updated my work laptop (MacBook Pro) to 10.6 the other night.  Of course, mostly everything still worked but there were a few things...

1. Cisco VPN broke.....but hey...no big deal since it it possible to configure Cisco compatible VPN in the OS itself.  Open up the Network Preferance Pane and click the + at the bottom of the interface list, choose VPN then make sure it is set for Cisco (IPSec).  Then enter your username/password (or leave password blank to be prompted) and either your security cert info, or your group name and shared secret password.  Also at the bottom is a checkbox to put the VPN status in the menu bar.  DONE!  Works like a charm

2. Parallels 3.x does not function....well, this was known and well advertised on their site.  I decided to give VirtualBox a try.  WOW...not bad for free.  I only had to get my Parallels drive container over.  VirtualBox does not handle Parallels containers by default, but it DOES work with VMware containers.  Download and install a trial of VMware Fusion for OSX, then use the Importer application to convert the Parallels HD container to VMware.  Right click on VMware container and use the SHOW CONTENTS menu item and remove the .vmdk file and place it wherever you wish.  Make sure you de-select the "create 2 gig files" option in the importer before starting the conversion.  In VirtualBox, just point to this new .vmdk file and you are good to go.  Don't forget to install the VirtualBox host utilities after your initial boot.

3.  Exchange 2007 support.  You need at least Exchange SP 1 rollup 4 to use the ActiveSync capability of 10.6.

4. OSX Server Utilities.  Download and install the 10.6 Server Tools from Apple's support site, even if using 10.5.x servers.

That should be about it...the only other thing I noticed is that a login hook I had set was not working, so I created a launchd item using a program called Lingon.  Which allows you to either create user agents, or system daemons.  Since most loginhook's want to run as root, you need to use a Daemon...not a user agent, unless there is something that needs to run as the user, in which case a user agent would work nicely.

    -Mike

Sunday, October 4, 2009

FINALLY someone gets it...

The whole Palm Pre thing, with iTunes is just stupid and Palm refuses to do the right thing and just create their own music syncing app that uses Apples open and published XML file to give access to play lists and the music itself.  Why Palm can't do the same thing as many vendors over the years (even RIM has a media  sync app for Blackberry) is absolutely crazy.  They rely on underhanded (some may say illegal) means to spoof (aka HACK) their USB identity so that iTunes THINKS it is talking to an official Apple iPod.  Why don't they do the same thing for the Zune Marketplace....ohhh wait....

tsk tsk tsk Palm....

For a more in-depth explanation, check out this blog.

FINALLY, someone gets it.

    -Mike

Thursday, September 24, 2009

Install files into user directories

The new LANrev Install Ease application has the ability to create packages that automatically adds files to all current users on your system.

Lets look at doing it the ol' fashioned way....

Using Iceberg makes this easy.  Either install files somewhere on your HD (like the user template located at /System/Library/User Template/English.lproj and inside there is the template of what gets copied to all new users. Lets say you want to install prefs for an application you are pushing out.  Install the pref file at /System/Library/User Template/English.lproj/Library/Preferences then create a text file script that will copy that to all your users.  Lets say the pref file is myapp.plist.

____ 8< snip ________

#!/bin/sh

# get listing of /Users Directory
# and set template locaton

dirs=`ls /Users`
template="/System/Library/User Template/English.lprog"

# now do something for each entry

for dir in $dirs
do
     # exclude /Users/Shared
     if [ "$dirs" != "Shared" ]; then
     cp "$template/Library/Preferences/myapp.plist" "/Users/$dir/Library/Preferences"
     chown $dir:$dir "/Users/$dir/Library/Preferences/myapp.plist"
     chmod 700 "/Users/$dir/Library/Preferences/myapp.plist"
     fi
done

______ 8< snip _______

Take this script and make it a postflight script.  Iceberg will take care of naming it correctly and such for you.

Now, if you simply want to make a quick package to copy stuff you can do this....Make a new dummy package and put the item  you want to copy in the "Resources" section of Iceberg (Iceberg will add it to the Resources folder of your package for you).  Then do a postflight script  which is something like above...


____ 8< snip ________

#!/bin/sh

# get listing of /Users Directory

dirs=`ls /Users`

# now do something for each entry

for dir in $dirs
do
     # exclude /Users/Shared
     if [ "$dirs" != "Shared" ]; then
     cp "$1/Contents/Resources/myapp.plist" "/Users/$dir/Library/Preferences"
     chown $dir:$dir "/Users/$dir/Library/Preferences/myapp.plist"
     chmod 700 "/Users/$dir/Library/Preferences/myapp.plist"
     fi
done
______ 8< snip _______


the $1 indicates the path to the script and then follow the path to the Resources folder.

The chown and chmod commands make sure the file has the correct owner and permissions.

   -Mike

Monday, September 14, 2009

-36 Errors with EZIP and 10.5.7 and 10.5.8

We were experiencing issues with clicking on files in a users home directory mounted via the AD plugin with EZIP 5.x running on Windows 2003 File Servers.  Upgrading EZIP to 6.x seems to take care of it (as noted in a KB Article on their support website.)  If you are seeing these errors, try to upgrade EZIP to the most recent version.

Sunday, September 13, 2009

DIY Centralized Printer Management

We currently use Windows servers as our backend.  With 10.4 we basically used MCX settings to push out printer management.  This was broken with 10.5.4 so we had to come up with a home brew solution.  We already use a PHP/SQL solution that controls our imaging solution, so adding printers to that was not that difficult.  In addition, we use GroupLogic ExtremeZ-IP software to dish out our file and printer shares.
No matter where you get your printer list from, you can use the following code to pull printer info, and process the changes.  We will be using the Widget from GroupLogic, they call it a "Zidget".  Contained in the Zidget is an application called "zidgethelper" which can process the URL's of the printer share and install it on the local computer.  If you copy this application, and put it in your /Applications directory, then you can use it to also process URL's from a webpage (this means you can have a web page with a map, and click on locations to install a printer from there...really cool). EZIP also downloads PPD files if needed from the server.
This script is a login script and does the following...
  1. Pulls down a printer list from a web server
  2. Pulls down default printer from a web server
  3. Looks for existing printer list, if none, make a blank
  4. Compare New printer list to Old printer list
  5. Remove any printers that need to be removed
  6. Add any printers that need to be added
  7. set the default for the logged in user
The beauty in this is that is will only add/remove printers that you specify, leaving user added printers alone.  If there are any problems, delete all printers and delete the com.company.printers file.  Once the script runs again, all printers will be re-added.  FYI, we pass several items to the login script.  Some of those items are the logged in user name, Platform UUID (for ByHost settings) and more.  You will see a reference to those variable at the end of the script.
__________ 8< snip ____________
oldprinters="/Library/Preferences/com.company.printers"
newprinters="/tmp/.newprinters"
printers_url="http://www.company.com/printerlist.txt"
default_url="http://www.company.com/default.txt"
# Check for exising printers.txt file, if none, make one
echo "Checking for org.lmsd.printers"
if [ ! -e $oldprinters ];then
echo "Creating com.company.printers"
touch $oldprinters
chown root:wheel $oldprinters
chmod 700 $oldprinters
fi
# cleaning up and creating blank newprinters and defaultprinter files
rm -f /tmp/.newprinters
touch /tmp/.newprinters
rm -f /tmp/.newprinters
touch /tmp/.defaultprinter
# Now we have an existing existing printers.txt, check for server
echo "checking for server"
curl -s --fail -o /tmp/.newprinters $printers_url
RESULT=$?
if [ $RESULT -eq 6 ] ; then
echo "Server not availble or Network Interfaces off"
else
if [ $RESULT -eq 22 ] ; then
echo "Server there, no printers file"
else
if [ $RESULT -eq 0 ] ; then
echo "Found Server and File moving forward"
# We found server, continue with pulling printers and remove existing
# LPD printers and install new ones using ZidgetHelper
echo "Checking for changed printers"
        touch /tmp/.newprinters
diff -q $oldprinters $newprinters >/dev/null
RESULT=$?
if [ $RESULT -ne 0 ]; then
echo "Assigned printers have changed, setting up new printers"
echo "removing printers no longer assigned"
remove=`diff -w $oldprinters $newprinters | awk '/
for printer in $remove
do
lpadmin -x $printer
done
echo "adding newly assigned printers"
add=`diff -w $oldprinters $newprinters | awk '/>/ {print $2}'`
for printer in $add
do
/Library/Widgets/Zidget.wdgt/ShellScripts/ZidgetHelper.app/Contents/MacOS/ZidgetHelper $printer
done
mv -f $newprinters $oldprinters
chown root:wheel $oldprinters
chmod 700 $oldprinters
rm -f /tmp/.defaultprinter
else echo "Assigned printers are the same"
fi
echo "Setting default printer if needed"
curl -s --fail -o /tmp/.defaultprinter $default_url
if [ -e /tmp/.defaultprinter ];then
echo "Setting default printer to `cat /tmp/.defaultprinter` for ${1}"
su ${1} -l -c "touch /Users/${1}/Library/Preferences/ByHost/com.apple.print.PrintingPrefs.$PLATFORM_UUID.plist"
su ${1} -l -c "defaults -currentHost write com.apple.print.PrintingPrefs UseLastPrinterAsCurrentPrinter -bool False"
su ${1} -l -c "lpoptions -d `cat /tmp/.defaultprinter` >/dev/null"
rm -f /tmp/.defaultprinter
fi
fi
fi
fi
exit 0

Lightspeed and OpenBook software

Lightspeed TTC+ has a feature to block any traffic that resembles proxied traffic.  For some reason, this applies to the OpenBook software and the connection it needs back to the OpenBook network.  Since it is blocked at the TTC+ level, you receive NO block messages.  You can manually browse the URLS's in a browser, but the application will still not function.  You need to add the IP address of the OpenBook network in your bypass sections of the TTC+ configuration.  This is the only way at the moment to make this work.

Dual Boot Backup and Restore

One of the first (and my opinion still the best) tools for backing up and restoring a Windows partition on a dual boot Mac (mostly referred to as Boot Camp) is a utility called Winclone.

With this utility you boot into your OSX partition, launch the utility use the SHRINK VOLUME menu tool to make the Windows partition as small as possible then back up the partition your OSX volume or external HD.  You can then reformat, or remove the Boot Camp partition and create a new one of different size.  You can then restore using the utility as well.  One nice feature, is the ability to restore the Windows partition without needing the Winclone software.  This is called the "self extract" feature and is great if you wish to distribute the Windows backup to other computers.  Copy the backup file to the remote computer.  Create the Windows partition, either by remote control and using the Boot Camp Utility or issuing the correct command line commands, then run the following...

/path/to/backup.winclone/winclone.perl -self-extract

There is an excellent PDF at the Winclone site that expands upon this.

Modifying Print Queue Behavior

Somewhere after 10.5.4 Apple modified the way in which print queues can be controlled.  It requires you to either put users/groups into the lpadmin group, or you need to edit the /etc/cups/cupsd.conf file.  One of the things we need to do is allow a valid user to operate a print queue (pause, resume, cancel jobs) but not modify or add/delete print queues.  You can edit a section of of the cupsd.conf file to achieve this..


1. Make a backup of your existing cupsd.conf file


sudo cp /etc/cups/cupsd.conf /etc/cups/cupsd.bak


2. Edit the follow section of the original using your favorite text editor of choice.


Edit the lines below that entry from:
   AuthType Default
   Require user @AUTHKEY(system.print.admin) @admin @lpadmin
   Order deny,allow


 To:
   #AuthType Default
   #Require user @AUTHKEY(system.print.admin) @admin @lpadmin
   Require valid-user
   Order deny,allow



3. Stop and restart the cups service (or reboot).


killall -HUP cupsd


Thats it.  You can then distribute that modified cupsd.conf file as you would any other file.  Make sure you use a postflight script to stop/restart the cups service, or your changes wont take affect until a restart.

Compare secure values in a script

I am always leery of putting a password into a script in case someone gets into the script and can see the text.  One thing you can do is read a value and encrypt it with openssl (included with OSX).  This allows you to encrypt the results of a command and then you can compare that encrypted result with a known good encrypted result.

echo "123456abc" | openssl dgst -sha1

this results in the following

6dd9b0fde6acb54d86ffe02dad8c587646f6ba87

Now, if you run the above command ahead of time on a known good value, you can put this all in a script like the following..
_______ 8< snip ____________
#!/bin/sh
test=`echo "123456abc" | openssl dgst -sha1`
good="6dd9b0fde6acb54d86ffe02dad8c587646f6ba87"
if [ "$test" = "$good" ]; then
echo "they match"
else
echo "they don't match"
fi

Some image based things

Some things you might want to consider doing for your image....run these as sudo


# Hide account from login Window
defaults write /Library/Preferences/com.apple.loginwindow  HiddenUsersList  -array-add accountsname

# Locking down SSH to a given username
echo "AllowUsers username" > /etc/sshd_config
echo "PermitRootLogin no" >> /etc/sshd_config
echo "PermitEmptyPasswords no" >> /etc/sshd_config

# Enabling Shortname in Connect to Server dialog
defaults write /Library/Preferences/com.apple.NetworkAuthorization UseDefaultName -bool NO
defaults write /Library/Preferences/com.apple.NetworkAuthorization UseShortName -bool YES


# Disabling Computer-Computer network creation without admin rights
/usr/libexec/airportd en1 -ibss_admin 1

# Enabling DVD Set Region First Time - Anyone
/usr/bin/security authorizationdb write system.device.dvd.setregion.initial allow

# Disable iWeb upsale dialog
defaults write /Users/username/Library/Preferences/com.apple.iWeb dismissDotMacUpsellWindow -bool True

# Remove sidebar settings and keychain from template account

rm /Users/username/Library/Preferences/com.apple.sidebarlists.plist
rm /Users/username/Library/Keychains/login.keychain

Converting DV video for Tricaster on OSX

You can use use Mpeg Streamclip to convert DV video files for use on NewTek Tricaster.  Newtek is very annoying in that they do NOT recognize Quicktime format files so you have to convert to AVI format.  Quicktime movies and AVI movies are just containers.  The important part is the format of the audio and video inside those containers.

Using Mpeg Streamclip you can install the included "Save as AVI" Quicktime component and make sure the video is in DV format and the Audio is in MP3 format.  You can then put the resulting AVI file on a thumb drive or external hard drive, quit the Tricaster interface and copy the file to the media clips folder.  Once you re-launch the Tricaster interface you can then load up the video in the "VCR" (or I will assume a DDR in the Video Toaster product) for playback.

Converting from Tricaster naitive format is pretty much impossible.  You need to obtain the video CODEC from the NewTek website and install it on your Windows workstation.  You can then open the file in Windows Media Player to view it...but you will have to find utilities to then convert it to a format you can play elsewhere.  NewTek does NOT make a Quicktime component to support their format, which in my opinion is a mistake on their part.  The prevents you from sourcing a video file on a Tricaster or Video Toaster and using it in Final Cut Pro on OSX.  Very short sighted on NewTeks behalf if you ask me.  I believe you now can use MPEG2 as a format, but in my opinion...too little...too late.

Audio/Video conversion tools for OSX

Some wonderful OSX tools to manipulate and convert audio/video.

Audacity - Open Source audio editor
Gimp - Open Source graphic editor
FFmpegX - GUI front end to OSX version of ffmpeg (Video Conversion)
Mpeg Streamclip - Converter (supports many formats)
VLC - Media player that can also transcode and convert in many formats
Perian - Quicktime component that allows Quicktime to play many formats
Handbrake - Rip DVD's to MP4, directly into iPod/iPhone formats as well as others.

All the above utilities are free.  You can download them and use them to perform many tasks.  Mpeg Streamclip also includes a "Save as AVI" quicktime component.  I use all these utilities on a regular basis when I need to convert video into different formats for our video needs.  The only other utility we use is Sorenson Squeeze to convert video to FLASH format for the website.  It isn't pretty or quick, but it does the job.

Creating packages and installing

There are many great ways to easily create packages.  The 2 that I mainly use are InstallEase and Iceberg.

InstallEase is a snapshot package creator that allows you to snapshot your machine.  You can then install, run, modify and configure your application.  Once finished you run InstallEase again and take a second snapshot of your machine.  You are then presented with what has changed.

You can now make changes or add/remove items from this list and proceed to make a package.  You can also have InstallEase create a DMG with all the files in their folder heiarchy, create an uninstaller and create a project folder and file for Iceberg.  It also copies all the source files to source folder for the Iceberg project.

The uninstaller simply is a dummy package with a script that uninstalls the items installed with your package.

InstallEase can also create an "uninstaller" for any package you feed it.  This uninstaller will only delete files installed, and not undo changed made to your system by script or other installer plug-ins.

In Iceberg, you can now make more changes and do things like add/modify license agreements and add different scripts (prefight, postflight etc etc).

Package making is an art form in that you need to understand what goes where, what you need, and what you don't need.  You also need to dig a little deeper into the guts of what makes OSX do what it does.  Simple applications are easy, but repackaging applications like Adobe CS3 take many attempts and testing.

Always have a test machine with your current image on it to install.  This allows you to install and test your applications in the same environment you will be deploying to.

Also a little tip.  We keep our packages on a network volume and you can NOT install packages from the GUI installer if they are located on a network volume without dragging it down to your local HD first, or putting everything on a disk image.  The way around this is to mount your network volume, then open the terminal and type

sudo installer -package /path/to/package -target /

This will run the installer with admin priv's and install on the root of the HD.  It works directly off of a network volume and is quicker (in my opinion) than the GUI installer.

Repackage Xcode for distribution

The Xcode distribution from Apple consists of an installer metapackage and all the sub-packages are stored in a directory called "packages" located at the same level as the installer metapackage.

No existing tools (Iceberg etc..) will allow you to use this metapackage, so in order to distribute as an installer (to be installed by end users or pushed out via utilities like ARD or LANrev) you need to create a dummy package with a postflight script that runs the terminal installer program and include the Xcode installer metapackage and package folder in the package resources.  Iceberg is a great utility to create packages and this can be done easily.  Here is the postflight script.

installer -package "$1/Contents/Resources/XcodeTools.mpkg" -target /

Notice the "$1/Contents/Resources" refers to the path to the packages Resources folder.   This is a great trick for any utility commands that you wish to install with a package and run as part of a script.

Removing First run warnings from downloaded applications

Apple has metadata that trigger the OS when you are running applications that were downloaded from the internet.  To remove this warning use the following terminal command

xattr -d com.apple.quarantine /path/to/application

Using Terminal to turn Airport off

Here is a little code snippet to use terminal to turn the Airport on and off

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/networksetup -setnetworkserviceenabled "AirPort" off

Running an Application that requires a mounted Network Share

Here is an example of how to script the mounting of a network share, and launching an application.  You can then use a utility like Platypus to create an application.  In this case, the actual KIDPIX application folder is copied inside the application bundle created by Platypus.  This script mounts the share in the background and it does not appear in the finder.  It then waits for the program KIDPIX to quit and then unmounts the share.  Notice the $1/Contents/Resources which references the KIDPIX files located inside the application bundle.

_______ 8< snip ________


#!/bin/sh

echo "KIDPIX: Creating mount point"
mkdir /Volumes/KIDPIX4

echo "KIDPIX: mounting AFP server"
mount_afp -o nobrowse afp://username:password@server/KIDPIX4 /Volumes/KIDPIX4

echo "KIDPIX: Launching Application"
open "$1/Contents/Resources/Kid Pix 4 Network/Kid Pix Deluxe 4"

echo "Sleeping so Program can Launch"
sleep 10

echo "KIDPIX: Waiting for program exit"
while ps wwax | grep "[K]id Pix Deluxe 4" >/dev/null; do
sleep 5
done

echo "KIDPIX: umount volume"
umount /Volumes/KIDPIX4

echo "KIDPIX: Remove mount point"
rm -d /Volumes/KIDPIX4

echo "KIDPIX: Always exit 0"
exit 0

Testing for Machine Architecture

I little script to run if on PPC or Intel then do something....

_______ 8< snip ______________


#!/bin/sh

# check for hardware arch
type=`arch`
echo "Hardware Type is $type"

#Install appropriate package
# If result is Intel
if [ $type = "i386" ]; then
     # Put what you want to do here
     echo "You are running on Intel
else
# If PPC
     if [ $type = "ppc" ]; then
          # Put what you want to do here
          echo "You are runnin on PPC"
     fi
fi

# Always exit cleanly
exit 0

Enable and Disable the built in iSight.

This can be accomplished by changing the permissions of 2 files.  It can be done by removing rwx for all users (ie chmod a-rwk) on the following

/System/Library/QuickTime/QuickTimeUSBVDCDigitizer.component/Contents/MacOS/QuickTimeUSBVDCDigitizer

/System/Library/PrivateFrameworks/CoreMediaIOServicesPrivate.framework/Versions/A/Resources/VDC.plugin/Contents/MacOS/VDC

This has been tested on OSX 10.5.7 (MacBook) and OSX 10.5.8 (MacBook Pro)

A DMG with the completed script and application can be found here.

The script should go somewhere in your path (/usr/sbin or such) and have the appropriate permissions and owner.  You can then run it from a utility such as ARD or LANrev, or from a SSH login by issueing the command with the appropriate option use -h or -help for info.

The Application has a copy of the isighter script contained in it's bundle.  The actual Applescript is an example of how to run a terminal command with admin privileges and can be found here.

ENJOY!

Hey there!

Welcome to my blog.  I will attempt to blog on snippets of code and other utilities that I use day in and day out to do my job.  I don't claim to be an expert but I do believe that you should share information that has helped you so that others may find it if they need help.  Everything contained in here are snippets of code that I have seen or found on the internet, as well as from the fantastic individuals on the MacEnterprise forum.  If you are supporting OSX in any larger scale network, you should check out this fine resource at www.macenterprise.org