mac OSX: Opening JNLP Files?

KB ID 0001767

Problem

I needed to get onto a HPE server’s iLO at work today. I was using Firefox and the .Net extensions no longer work, so I was forced to use Java web start. Annoyingly that opened my Windows 10 VM (that runs in VMware Fusion), then it fell over!

So the problem is, I need to be able to ‘RUN‘ jnlp file on my MacBook, but there’s no Java application in the applications folder.

Opening JNLP Files (mac OSX)

Try to execute the jnlp file again, but under ‘Open with” Select Other.

Select your hard drive, then System > Library > CoreServices > JavaLauncher.app > (Tick Do this automatically for files like this from now on.) > Open.

Now the file will get blocked by security (if you’ve done anything technical on a Mac you should know how to get round that) Click the Apple Icon (at the top of your screen) > Preferences > Security and Privacy > General Tab > Open Anyway.

You might get some further Java warnings but you should now be able to run the application.

Related Articles, References, Credits, or External Links

NA

macOS: Microsoft Outlook Search Broken

KB ID 0001754

Problem

I’ve had to contend with Outlook Search Broken on Windows clients many times, but not being able to search my ‘sent‘ and ‘deleted‘ items has a detrimental effect on my productivity. 

Outlook Search Broken Fix

This can happen if the folder/drive that your Outlook profile is in is Blocked/Prevented access by ‘Spotlight’ but in my case that wasn’t the problem.

Close Outlook > Open ‘Finder’ > Go > Go to folder > Paste in the following;

~/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/Data

 

Locate the file called Outlook.sqlite and MOVE it somewhere safe (like your desktop).

Open Outlook and you should see this > Click ‘Repair’.

This can take a while (mine took about an hour, be patient). Eventually Outlook will open and your folders should all ‘resend’ then you can search again.

Alternative Outlook Search Broken Fix

You may also need to ‘bounce‘ the spotlight service, issue the following commands’

[box]

sudo mdutil -a -i off
sudo mdutil -a -i on

[/box]

Related Articles, References, Credits, or External Links

Microsoft Outlook ‘Search’ Not Working

Microsoft Edge (macOS) Migrate Bookmarks from Safari

KB ID 0001641

Problem

So now theres a version of Microsoft Edge for macOS! Normally I would not bother, but I spend a lot of time in SharePoint and Azure so I thought, rather than my usual approach of playing ‘Browser Roulette’ I’d try Microsoft Edge and see what it was like.

My usual browser of choice is Safari, but the install wizard defaults to wanting to import bookmarks / favourites* from Chrome. (I do also have Chrome, but I don’t use it often!)

*Note: Wow! Microsoft have spelled Favourites correctly for once!

So how to get my Safari Bookmarks?

Solution

Firstly Edge needs full disk access to get the bookmarks > Apple Logo > System Preferences > Security & Privacy > Privacy > Full Disk Access > ‘UNLOCK’ > Tick Microsoft edge.

Launch Edge > {ellipses} > Settings > Import Browser Data > Select ‘Safari’ > Import.

So now they are there, but they look like a ‘bag of spanners’ all my neat folders have been moved into another folder called ‘Imported from Safari”.

From ‘Manage Favourites’, you can drag everything to where you want it.

Related Articles, References, Credits, or External Links

NA

macOS: Find your DHCP Server Address

KB ID 0001587

Problem

In Windows this is easy to find, ‘ipconfig /all‘ will tell you 🙂 On macOS it’s not so simple.

Solution

First you need to know which network card we are talking about! Your wireless network card is nearly always en0 (that’s a zero), if you are on a wired connection simply run ifconfig and find the right network card.

to double check you can run;

[box]

ipconfig getifaddr en0

[/box]

Then to see your DHCP server address, issue the following command;

[box]

ipconfig getpacket en0

[/box]

Look for the value of server_identifier this is the DHCP servers address.

Related Articles, References, Credits, or External Links

NA

iLO: Java Error “Unable to Load Resource”

KB ID 0001567

Problem

When attempting to connect to an iLO 3 remote console on an HP Server;

General Exception
Name: com.hp.ilo2.intgapp.intgapp
ExitException: Unable to load resource
https://{Server}/html/intgapp3_231.jar

Solution

Having added the URL to the iLO to the trusted sites in the the Java Preferences, I thought this all I had to do. Turns out I was wrong. Navigate to Administration > Security > Encryption > Encryption Enforcement Settings > Enforce AES/DES Encryption > Change to ‘Enabled‘ > Apply > Wait for the iLO to reset, and try again.

Related Articles, References, Credits, or External Links

NA

Remote Connect to macOS

KB ID 0001539

Problem

Remotely connecting to Windows is easy we’ve had RDP since Windows NT4, (yes I’m that old). But what if you want to remote connect to a mac? Well that has ‘Screen Sharing’ built in, (which it pretty much the same, but it uses VNC). 

If you’re unfamiliar with VNC, (Virtual Network Computing,) you can install it on both Windows and Linux. Normally you need a client, (to connect with) and a server, (to connect to). VNC server is built into your Mac, so you just need to switch it on. 

Note: To access though a firewall you will need to have TCP port 5900 open/forwarded to the mac.

Solution

Apple Symbol > System Prefernces > Sharing.

Tick: ‘Screen Sharing‘ > Computer Settings > Tick VNC viewers may control screen with password > Enter a password > OK.

On a remote machine download a VNC client (there are a lot to choose from!) > Point it to the IP address of your mac > Enter the password you set, (above).

And you are connected.

Related Articles, References, Credits, or External Links

NA

VMware Fusion on macOS Mojave: No Mouse or Keyboard

KB ID 0001523

Problem

While building my new MacBook, I installed VMWare Fusion, (I always run a Windows VM, in case I have to do something on Windows). But no matter what version I tried to install, I could not interface with the VMs, (no mouse or keyboard).

I ran Fusion 11 on my old MacBook, (running Mojave). So I was a bit confused. 

Solution

Click the ‘Apple’ (top left) > System Preferences > Security and Privacy > Privacy > VMWare Fusion should already be in the list, (if not you will need to add it) > Unlock > Tick the box next to VMware Fusion > Lock.

Now you should be able to interact with your VMs.

Related Articles, References, Credits, or External Links

NA

Citrix: mac OSX ‘You have chosen not to trust…’

KB ID 0001520

Problem

After a colleague deployed Citrix for a customer the other day, they complained that they had a mac user that was getting certificate errors. They had a publicly signed wildcard certificate, but this user was still having problems.

After I  heard a few “tell him to stop using a mac” comments, I said, “I’m using a MacBook here, would you like me to test it?” The URL opened fine in Safari, and the certificate looked good (all green), I was prompted to install the Citrix receiver, and was presented with a session to open, when I did so, I got this;

You have chosen not to trust {Certificate-Name} the issuer of the servers security certificate.

Solution

Head over to https://www.sslchecker.com and put your Citrix URL in and check it, I found this. So I downloaded the two certificates it said I was missing.

Note: For someone who works with certificates, this makes no sense, (as I got to the portal without an error). I had to trust the root CA, and its intermediate CA, (what’s being called a Chain Cert below). But I thought I’d play along to see what happened.

‘Double Click’ each downloaded certificate, then choose ‘Add’, (repeat for each certificate in the chain).

Close any open Citrix receiver sessions, restart you browser, and try again.

Related Articles, References, Credits, or External Links

NA

Mac OSX: ‘Cannot Send F11 Keystroke’

KB ID 0001441

Problem

I was building some HP blade servers today via iLO, and while trying to install ESX, I reached this stage;

Pressing F11 on a mac just increases the volume, and with the other function keys (F1 to F10) you simply press ‘fn’ and the appropriate F key, and it works properly. But not on a mac, ‘Fn+F11’ just shows you your desktop.

Even changing function keys in the keyboard settings has no effect!

Solution

System Preferences > Mission Control.

Change ‘Show Desktop’ to another key (in this case F13).

Problem solved!

Related Articles, References, Credits, or External Links

 

AnyConnect – “Connection attempt has failed due to server communication errors’

KB ID 0001279 

Problem

We had a firewall fail at work this week, as part of the rebuild the latest OS was put on it, version 9.7(1). I thought no more about it until I tried to VPN in and got this;

I used my Windows 10 VM and that connected fine, only my MacBook could not connect, this VPN tunnel is a big deal I need it to get onto client’s networks. I tried my other VPN connections and every one was fine, only the recently rebuilt one didn’t work? Ive seen OSX throw a wobbly with AnyConnect in the past so I did a complete uninstall,  deleted the opt/cisco folder and put on the latest version (4.4.00243 at time of writing) no change.

VPN

Connection attempt has failed due to server communication errors. Please retry the connection

A look in the client message history showed me this..

Connection attempt has failed.

No valid certificates available for authentication.

I checked my certificates, and the certificate on the firewall both they, (and the certificate chain,) were fine.

Debugging AnyConnect gave NO OUTPUT at all, but debugging SSL showed me this;

[box]

Petes-ASA#dedug ssl 255
debug ssl enabled at level 255.
Petes-ASA# error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832

[/box]

Try Googling that and getting a result! In fact that’s probably what brought you here.

Solution

If you change a Cisco OS and things like this stop working normally it’s because they’ve dropped support for something that’s got a security hole in it. In the wake of the Poodle Exploit I assumed it was an SSL/TLS problem, but that wasn’t it.

I was in the right ball park though, and a bit of lateral thinking and SSL cipher problems I’ve had with ASDM, made me think, what if it’s SHA that’s been dropped because everyone is dropping SHA1 cause it’s the hashing algorithm of Satan?

Well as soon as I added a SHA1 ciphers back in, everything started working again!

[box]

Petes-ASA(config)# ssl encryption aes256-sha1 aes128-sha1
WARNING: This command has been deprecated; use 'ssl cipher' instead.
INFO: Converting to: ssl cipher default custom "AES256-SHA:AES128-SHA"
INFO: Converting to: ssl cipher tlsv1 custom "AES256-SHA:AES128-SHA"
INFO: Converting to: ssl cipher dtlsv1 custom "AES256-SHA:AES128-SHA"

[/box]

 

Disclaimer: SHA1 is bad, where practical all cert ciphers should be at least SHA256

Related Articles, References, Credits, or External Links

NA