How To “Unmanage” An Apple Desktop

Dear Lazyweb,
After this past summer’s “desktop replacement” cycle, I acquired one of our older/retired iMac computers. When it was wiped for public use, it had the “campus desktop image” installed on it. The problem is that the desktop image is a “managed” image — e.g., it somehow phones home every time you log in and grabs some managed preferences from the “mother ship”, including telling it to use the campus update server.
Obviously, this is “my” computer now (well, rather, my wife’s), and not the college’s, so I’d like to know how to “untether” it from the update server. Some pages had suggested holding down “option” while logging in as her, however it says that account “D” is not part of any workgroups… and then proceeds to set up a bunch of managed-preferences anyway.
I’m sure this is freakin’ trivial to do, but nobody on the Apple Support discussion forums has answered this question after like a month, so I’m turning to you, the great wide lazyweb. Help me lazyweb, you’re my only hope!

Active Directory Is Friggin’ Clueless

We have been fighting for a couple weeks now with a strange issue where some people randomly wouldn’t be found in Active Directory when our password change utility would try to change their AD password (along with their other passwords). We finally found a good “test-case” user and started really trying to hack out “why they couldn’t reset their password”. After figuring out that AD has the username stored in two places (cn, which is case-sensitive for searches, and name which isn’t), we thought we had it licked.
But, it turns out we were still bombing on trying to fix this user’s password-sync issue. What could it be? So we craft the LDAP query manually against the AD server and find, lo and behold, two records for her in Active Directory. How can that possibly be? I mean, we do the check for (objectClass=person) to ensure that we’re only looking at people, and you can’t have the same username assigned twice in the tree, so what the heck is going on?
Oh…. the annoyance… from one of the entries…

objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user

Yup, that looks about right, from the other, though….

objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: computer

WTF?!!? How the hell is it both “a computer” and “a person”?? I was pleased to learn that the code I’d written had Done The Right Thing to sanity-check the number of results was exactly “1”, because this was friggin crazy.
So now, I’ve had to add another clause to the LDAP search criteria specifically excluding persons who are also computers. If positronic lifeforms ever start working or attending Vassar, I’m going to be a little screwed, but somehow I think that’s a safe bet for now.
I hate Microsoft. I hope they’re the first against the wall when the revolution comes.


You may have noticed some wonkiness on the site. I tried to upgrade to MT4 and while it worked fine in my test-install on the privateblog, there’s something hinky going on with the main site. You’ll notice that the permalinks which are listed on the main page go nowhere. It seems to be that the “the format the index page is using” for permalinks doesn’t seem to match “the format which the entries themselves are using”.
For now, you can simply slice off the “.php” from the end, and replace it with a “/” and it’ll work, but if anyone knows why this is the case, I would be greatly appreciative. 🙂
UPDATE: Fixed. Damned bugs. 🙂

Google Moon X-Prize Thoughts

So Google is going to award $30M to the first private robotic Moon rover. As I read this I had a really cool idea.

Add to the list of tasks the rover must do to succeed: “Carry a small case approximately 6in. x 4in. x 1.5in in size, weighing a pound or so.”

And then have another X-Prize … with the prize going to a different private organization, who shall retrieve the case by whatever means they see fit, which contains a check for another $20M.

Simply put… go up there with some means capable of fetching the case from the device that’s there, and returning that to yourself on Earth safely. If you can accomplish it, you can cash the check you bring back.

Time Machine To The Rescue

Backing up your system can always be a pain in the butt. We’ve all known it, at some point in time, the hard way. I have to say, though, that the new backup stuff built into Leopard is pretty sweet.
Yesterday, at work, it appears that the plist file containing my Apple Mail preferences got horribly borked. When I got home (and had access to the firewire drive my laptop’s backup data is stored on), fixing the problem was simple… I went and found the plist file, clicked on Time Machine, and restored my plist file from a week ago. Lo and behold, Apple Mail was fixed.
No muss, no fuss, …. it just worked.

Love Ya Jerry, But I’m Gonna Have To Call “Bullshit”

Terry Semel is finally out as Yahoo’s CEO. I can only imagine the dancing in the aisles over at Big Y. The list of people who have engendered “less love” than Terry is amazingly short. I think Stalin may be on it, but that was a given.
But in Jerry Yang’s blog posting about the change in leadership he writes:

Since coming on board in 2001, Terry has given Yahoo! six of its best years.

Dude, what planet are you on that you say that, other than “PR World”? When the long history of Yahoo is written, Semel’s reign will be compared to Scully or Amelio at Apple — that long dark tea-time of the soul as it were.
But let’s look at the numbers (derived from these)… Terry has been there since 2001…
Was 2001 one of the best years? I dunno, a massive drop in stock price leads me to think, “not so much.”
Was 2002 one of the best years? Not quite so massive a decline but still at the end of the year, the stock was down off its 1/1/2002 price.
Was 2003 one of the best years? 2003 actually saw some growth. 12/30/2003 closed at 250% the price of 1/1/2003… but come on 1998 saw the rise to 400% of its Jan 1 value… 1999 it rose to another 400% increase…. so yeah, maybe 2003 was “one of the best”, but let’s continue on.
Was 2004 one of the best years? Dec. 2004 was about 150% of Jan, so maybe “slight growth”.
Was 2005 one of the best years? The stock rose at years end by like 4%. Not quite “stellar”.
Was 2006 one of the best years? With a 45% drop in price? Hardly.
Was 2007 one of the best years? Well, it’s only half-way over, but the six-month chart really hasn’t moved all that much over the course of the last six months … unless of course you count today as all the traders were celebrating Terry’s removal from power.

  • 4 declining years
  • 1 neutral years
  • 1 decent year
  • 1 good year

As a Yahoo shareholder, I say this: If you continue to say that Terry’s years were “six of the best”, then you’re delusional and shouldn’t be in control either. If you want to spin his departure, that’s one thing, but outright lying and handing containers of Kool-Aid to shareholders isn’t the way to go. Cut him loose completely and get back to the roots of what made Yahoo work in the first place.

Yahoo Strives To Be Number Three!

One of the things that was a common joke when I worked at Yahoo was a derisive “We’re number three in that market! Woot!”, mocking our corporate inability to set our sights on “#1” in anything. It was true of Auctions (so much so that finally Yahoo just recently gave up the ghost on that and put it out of its misery… all four of its users are distraught), and is true of so much of the rest of Yahoo.
They’re content with #3 and #4 market positions, and it’s kind of sad.
Which makes this story that they’re chasing after the “#3 social networking site” for acquisition that much funnier.

Quicken Bill Pay Cautionary Tale

Like many folks, I have my e-mail protected by various anti-spam features. However, there’s also companies I deal with that I want to always receive their mail, and I don’t want it tagged or blocked as spam. So for those companies, I create custom addresses, and set them up in my mail server so that they are never ever spam-protected.
I came home from Easter dinner last night to find that I had 50 or so spam messages in my inbox. This was highly unusual, one or two is about average. Turns out, the super-secret e-mail address which has only ever been given to Intuit/Quicken … is the recipient address.
In other words, Intuit’s quicken billpay contact list has been compromised, near as I can tell. I won’t claim that it has, but short of random attacks on my mail server to find a working e-mail address that isn’t exactly “common” (no evidence of which, by the way, is in my mail server logs), I’m hard-pressed to offer up any alternative hypothesis. Their No-Sharing Practice page seems to indicate there’s no significant reason this leakage should have occurred.
I’ve looked over my transactions online and see no evidence of wrong-doing, so it doesn’t appear as if they compromised my financial data (but then again, who knows?). I’ve filed a ticket with Intuit and asked them to call me today to discuss the matter.
So, if you use Quicken Bill Pay service, you may want to take a hard look at your transactions and make sure that nothing crazy is going on.

The Dark Side of Yahoo

I hope this woman gets every penny Yahoo has and then some.
I can remember all too well a conversation I had, sitting in a cubicle with Filo and Zod, wherein I told them what a horrible thing it was to be doing business in China, and how we needed to intentionally stay out to encourage them to change their ways if they wanted to join the rest of the world…. let them create their own little fiefdom if they wanted to, but if they wanted to continue to treat their citizens like shit, then we didn’t have to be a part of it — and oh how I predicted that “we” (now they, thankfully) would be a part of it. Heck, it almost sounds like the story they tell is the hypothetical I proposed in that cubicle meeting.
That meeting, as I look back on it, was really one of the defining moments for me in my Yahoo career, wherein I realized I didn’t want to be there any longer. I came to the point where I felt… dirty, for lack of a better word… every day when I came home from the office.
My impassioned speech about considering the potential consequences, and the position Yahoo would be in when they were served with the Chinese equivalent of a subpoena, so that the government could identify and abscond with one of its own dissidents who wanted nothing more than the rights we hold near and dear to be his own as well… that speech was disregarded with a comment from Zod that just made we recoil: “How can we turn away from that many eyeballs?”
The answer: By maintaining your dignity. Something Yahoo hasn’t had in a while.