Monthly Archives: February 2016

SSH Into Windows Server

Last year, Microsoft announced they would embrace the OpenSSH project and bring support for Powershell and SSH to/from Windows Server!

In October, they released their first 32bit version of the product, and are now up to release number four as of the first of February 2016.

I had a few minutes to take a look at this today and let me tell you it will be such a great tool in my arsenal!

The install/setup is fairly straight-forward. I’ll spare you the details, as instructions can be found on their GitHub Wiki.

Once installed and configured as a service, I was able to ssh into my domain-bound Windows Server from my Mac with ease:

From there, I was able to launch into PowerShell, import any needed modules and get back to work!

I had some issues with backspace/formatting but over-all the functionality is there. I will dig around and see if I can make the experience a bit smoother but for a Friday afternoon, I think that it’s time to call it a success.


Adding a printer using lpadmin

I <3 printers!

I really wanted to start this one out on a positive note, but unfortunately my editor (me) wouldn’t allow our integrity to be sacrificed by printing a lie in bold at the beginning of a post.

Our district was at the end of our current copier lease and after a temporary extension, we ended up renewing most locations with the same hardware vendor, Riso (Ree-So).

After a few conversations with their folks, we were provided with a three page document on how to set certain options and save them as a template on Mac OS X. That really wasn’t my idea of a seamless deployment method for our fleet, so I set out to dig through their driver options to see if we could find a way to deploy our desired configuration consistently.


CUPS (Common Unix Printing System) was developed by Apple to act as a built in Print Server. The tools we will be working with are used to control this back-end service and configure the available options.


The lpoptions command is what we can use to view or set printer options and defaults for the CUPS print system

We can use this to set both user and system level options. Since we want the settings to be consistent from user-to-user, we will want to run lpoptions as root or using sudo.


The first step I need to take is to manually add the printer using the standard Printers & Scanners dialog. Try to give the device a simple name (no spaces, dashes, or special characters) as it will make your job easier in the following steps.

Once added, I want to grab all of the options presented by the printer driver. This list can be quite extensive at times, so I like to dump it to a text file for easy reference and searching later one.

This command will output all the printer’s PPD options to a file on the current users desktop called PrinterOpts.txt. The command should run fairly quickly, so once you’re returned to a terminal command line, take a look at the file on your desktop.

The file continues, but you get the point. Each line is an individual option available via the print driver. Lets take a look at just a single line and break it down

Screenshot 2016-02-17 21.33.38

We will use the option name (text before the forward slash) in the command to setup our printer.

The friendly name can help can help us decipher the sometimes cryptic option name. These generally match up with what is shown in the GUI of the printer settings.

Finally, the options show the available settings we can configure. In this case we have 5 available settings. Note the asterisk (*) next to the default setting.

Using this information, we can install a printer and change those defaults with the lpadmin command:

Lpadmin Flags:

  • -p printer: This is the name you want to give your printer
  • -v device-uri: I’m adding the printer via the HP Socket via Hostname. So in this case I use “socket://HostName”. There are a few other common options:
    • “ipp://HostName” for Internet Printing Protocol
    • “lpr://HostName” for Line Printer Daemon.
    • Need more? Run lpinfo -v to show supported options for your OS.
  • -P ppd-file: Use this to specify a printer driver PPD file for the printer.
  • -L location: Enter useful location information for the printer’s location.
  • -o options: Here we can enter in any option(s) that we want to configure as default.
    • Note, these can be chained together with multiple -o flags for each option needed.

What’s the semi-colon for?

Ok, so I cheated a little bit. The line above is a small one-line script that configures, enables and allows printing for the printer we just setup. The semi-colon is treated as the end-of-command signal for the shell to run each command as its own line.

(If you want, you can replace the semi-colons with two ampersands “&&” and it will only process the following commands IF the previous one succeeds.)


Using this one-line script, I can encourage the use of our preferred settings to the end user without requiring any additional setup steps for them to get started printing. Not all applications will respect these settings, so be aware that your mileage may vary between two applications on the same machine. The user is also free to make changes to these default options but depending on what you configure, they may never go to the extra effort.

Printer Destroyer JSS Script

As part of a recent project, I have been tasked with removing old printers that were setup manually over a 5 year lease period by many different people. The only thing consistent with these installs were their inconsistency (and that they were configured via IP address using an HP Socket).

This project will be repeated at more-than 80 locations and I didn’t really want to add 100+ old printers to our JSS just to try to remove them. This led me down the path of trying to script it and use one of the script parameters in the JSS to customize each policy. This gives me a few benefits.

  1. I don’t have to add those 100+ removed printers to the JSS
  2. It could be added as a step to the new printer install policy saving the end user a step.
  3. It is reliable and repeatable for each location with minimal effort.

I’ve posted the script I devised on my GitHub page here:

We’ll talk about a few portions of the script and setup.

JSS Settings

Create a new script int the JSS by  going to https://your.jss.url:8443/scripts.html and clicking on the + (plus) icon next to new.

On the General tab, fill in the Display name, Category, Information and Notes fields similar to the image below.

Scripts General Tab

Then, click on the Script tab, and paste the script from GitHub into the Scripts Contents box.

Script Contents

Now, in the Options tab set your priority and add a parameter label:

Script Options Tab

When all looks correct, click Save.

You can now add this as a script in any policy (like your new printer setup policy!) and add in the IP address of any printer you want gone.

Script Added to Policy

Script Logic

We use a few commands in the script to delete the correct printer.

  • lpstat – This command shows printer status information. the -s flag shows us a summary of all installed printers.
  • lpadmin – This command adds/removes/configures printers.

To help with logging/troubleshooting in the JSS logs, the scripts print out the parameter value and present textual feedback along each step of the way.

One thing to note, this script doesn’t handle multiple printers with the same IP address Mac OS X warns you if you try to add multiple printers using the same IP/Hostname. Hopefully these will just be edge cases. If we experience issues, I may look at a more elegant way to handle this in the future.

Happy Printing!

K12TechSystems now 100% HTTPS


Thanks to the Lets Encrypt project’s enticing SSL certificate price ($0.00!), I’ve been able to switch over to all HTTPS, all the time!

As a side benefit, Chrome will soon begin marking non-HTTPS sites with the red “X” untrusted logo. Providers have had plenty of time to make adjustments as they first hinted of the change back in 2014. It still doesn’t appear that they have announced a date for this change yet, but it’s always better to be on the front side of a transition like this.

If you’re looking for a project to try out LetsEncrypt on, there are tons of great articles/help available for your various projects!


WIDA AMS Multi TSM Server Install (AKA Learning installer4j)

What is WIDA?

Our state has implemented a new system for measuring our ELL (English Language Learner) student’s progress. This system is called ACCESS for ELL and was designed by WIDA and delivered through a service managed by Data Recognition Corp.

There are quite a few moving parts to administering this exam, but my primary concern was deploying close to 100 content and response caching servers provided only with their admin portal and an .EXE installer.

First Steps

My first steps were to learn a little more about what I was installing and what/how it functioned. This usually means a trip to one of my virtual machines to fire up the installer and see what I can learn and if there are any baked in install switches I can make use of.

I navigated to the installer from inside a command window and tried the handy “/?” switch which seemed to just fire up the traditional install sequence, but then I was greeted with a wonderful sight:

TSM Command Line Options

Success! From this window I learned that 1) I could do some type of silent install and that 2) I would need to provide a response file using the -varfile option. However, that presented a new challenge… what in the heck goes in said response file?

Digging Deeper

Luckily the splash screen that popped up before seeing the setup options included a handy bit that it was an “installer4j” installer. Thanks to the power of the Google, I was able to find their command line help for general installers.

They (ej-technologies) were even kind enough to have a detailed help page surrounding their response files which had this wonderful nugget of information:

A response file is generated automatically after an installation is finished. The generated response file is found in the .install4j directory inside the installation directory and is named response.varfile.

This meant that I could simply complete the manual install, once, and I would be provided with a response file that contained all of my choices from the install which I could then re-use on the subsequent 99 machines.

Grabbing said file when I was done, I was pleased with all of the options contained within the file except for one: It contained the VM’s hostname. Simply removing that line from the .varfile seemed to take care of this issue nicely.

Of course I wasn’t going to hand install 100 Servers, so I passed this task along to SCCM. I’ve had great success deploying .exe’s using a method similar to the one mentioned here:

Note, for WIDA here are the install options I have set in SCCM as well as a manual option if you’re so inclined: