There are a bunch of annoying bugs to do with Office versions earlier than 2004 if you have network home directories.

Actually, the bugs will hit you even if you have your home directory on a different local partition to the one that Office is running from.

This simple script gives you a workaround.

cd /Volumes/Homes/staff
for user in $(ls /Volumes/Homes/staff | grep -e "^[a-z]")
do
 /usr/bin/chflags nouchg $user/Library/Preferences/Microsoft/Office\ Registration\ Cache\ X
 /bin/rm -f $user/Library/Preferences/Microsoft/Office\ Registration\ Cache\ X
 /bin/mkdir -p $user/Library/Preferences/Microsoft
 /usr/bin/touch $user/Library/Preferences/Microsoft/Office\ Registration\ Cache\ X
 /usr/sbin/chown -R $user $user/Library/Preferences/Microsoft
 /usr/bin/chflags uchg $user/Library/Preferences/Microsoft/Office\ Registration\ Cache\ X
done

Basically you just need to trash the file “Office Registration Cache X”, touch it to create an empty file, make sure the user is the owner of it, and then lock it.

The reason I have my loop look like:

for user in $(ls /Volumes/Homes/staff | grep -e "^[a-z]")

is because all my staff home directories start with a lowercase letter, and various group sharepoints exist at the same level, but I start them with either an uppercase letter or an underscore.

The grep command just makes sure that only folders starting with a lowercase letter are looped, which also gets rid of those annoying .DS_Store etc files.

So another thing people seemed keen on is my system for setting up appropriate WebDAV realms for iCal publishing automatically for personal web pages on Mac OS X Server. This kind of follows on from the previous entry, but you could easily put the two scripts together.

It assumes:

• ~/Sites for personal web pages.
• The actual file server for home directories is also running Apache for personal web pages. If you instead have personal web pages on another server, you'll have to use the mount in /Network/Servers rather than the local path. If anyone needs to do this instead, post a comment and I'll modify the script for you.
• ~/Sites/calendars already exists, and is where iCal publishes to. See the previous entry on setting up WebDAV areas for how to automatically do this. You could roll both scripts together, but I like to set the ~/Sites permissions more freuently than I set up new WebDAV realms.
• Each user is the only person who can publish to this location.

Again, you'll notice that I'm doing this by looping over the contents of the network home directory sharepoint, rather than collecting users from Directory Services. You might also notice that the actual path that Apache serves out is the mount in /Network/Servers, not the local filesystem path. I like having my staff webpages being served from the same server as my staff home directories, but this isn't a requirement.

To start with, I set up a comment line in the relevant apache config file that will mark off where the WebDAV realms start. You'll find this file in /etc/httpd/sites/, and I use a comment like this:

# Start automatic realms for staff calendars

Then I have this script run, which basically just looks for the comment line, trashes everything below it, and generates the right syntax for WebDAV realms to be appended.

Then I run apachectl configtest, and check the exit status to make sure that Apache is happy with the config. If it isn't happy (which hasn't happened yet, but better safe than sorry), it copies the original config file back, and emails me to let me know that something has gone wrong. If it is happy, it restarts apache with the new config file.

In this example, /Volumes/Homes/staff is the sharepoint, and this is mounted at /Network/Servers/server.domain/Volumes/Homes/staff, so change those to match your setup.

#!/bin/bash

CONFFILE="/etc/httpd/sites/0000_any_443_your.server.apache.config.file.conf"

STARTNUM=$(cat $CONFFILE  |grep -n "# Start automatic realms for staff calendars" | sed 's|:.*||g')
STARTNUM=$(expr $STARTNUM - 1 )

rm -f /tmp/site.conf
head -n $STARTNUM $CONFFILE > /tmp/site.conf
echo "# Start automatic realms for staff calendars" >> /tmp/site.conf

cd /Volumes/Homes/staff
for user in $(ls | grep -e "^[a-z]")
do
        echo "<Directory \"/Network/Servers/server.domain/Volumes/Homes/staff/$user/Sites/calendars/\">" >> /tmp/site.conf
        echo "<IfModule mod_dav.c>" >> /tmp/site.conf
        echo "DAV On" >> /tmp/site.conf
        echo "</IfModule>" >> /tmp/site.conf
        echo "  AuthName \"$user\"" >> /tmp/site.conf
        echo "  <Limit PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>" >> /tmp/site.conf
        echo "          Require user $user" >> /tmp/site.conf
        echo "  </Limit>" >> /tmp/site.conf
        echo "  AuthType Digest" >> /tmp/site.conf
        echo "</Directory>" >> /tmp/site.conf
done

echo "# End automatic staff realms" >> /tmp/site.conf
echo "</VirtualHost>" >> /tmp/site.conf

mkdir -p /etc/httpd/backup
cp $CONFFILE /etc/httpd/backup
cp /tmp/site.conf $CONFFILE

/usr/sbin/apachectl configtest

if [ $? -ne 0 ]
then
        mv /etc/httpd/backup/*.conf /etc/httpd/sites
        echo "Something went wrong with the auto realm script" | mail -s "ERROR: auto realm" your.email@your.domain
else
        /usr/sbin/apachectl graceful
fi      

So as always, buyer beware, backup your stuff before you try it, and make sure you get the paths right, as that's where Apache serves personal web pages from.

More requests from X-World…

We use ~/Sites for personal web pages. I don't really like the way that by default other users can browse this folder via AFP, and you can't fix this by modifying the User Template folder, so I run this script every night on all network home directories.

This same script also makes sure that each user has a folder ~/Sites/calendars that has the correct permissions such that they can use iCal to publish to this location.

You'll notice that I'm doing this by looping over the contents of a network home directory share point. I do this because my users are treated differently based upon where their home directories are, and not all sharepoints contain users that will automatically get a ~/Sites/calendars folder.

You could modify this to instead loop over all users from Directory Services, but that's unnecessary overhead in my case. Post a comment if you'd like to see what that script would look like.

#!/bin/bash
#
cd /Volumes/path/to/staff/homes
for user in $(ls | grep -e "^[a-z]")
do
        chown -R $user:www $user/Sites
        chmod -R 750 $user/Sites
        mkdir -p $user/Sites/calendars
        chown -R www:www $user/Sites/calendars
        chmod -R 770 $user/Sites/calendars
done

NB: The next entry I'll have up tomorrow or maybe tonight will describe how I'm automatically creating Apache WebDAV realms for the ~/Sites/calendars location, as that's the bit people seem to be mailing me about…

A few people at X-World seemed interested in this simple one-liner, which will recursively unlock files from the command line.


find /Volumes/Transit -flags +uchg -print0 | xargs -0 chflags nouchg


The command above would look at the path /Volumes/Transit, recursively find any locked files, and unlock them. The '-print0' and '-0' bits will deal with any files or folders that have spaces in them.

NB: It seems like the 'rm' command has changed in Tiger such that if you use 'rm -Rf' with elevated privileges, it will automatically unlock the files. This isn't the case in Panther, which is why I initially needed to do this on a temporary sharepoint that gets wiped nightly.