HELP! I’ve forgotten my administrator password – 10.7

If you have forgotten the passwords to any of your accounts on a mac then you can reset them by following these instructions

Reboot your Mac and hold down ALT

When it shows all available drives, choose the Recovery HD, if you have set a firmware password, then you will need to enter that before getting to the available drives

When booted into the Recovery HD, click on Utilities and then choose Terminal

When the Terminal window opens, type the following


A new window will open, click on your System Drive and you will then be able to select any available account on that drive and reset the password for it

Please be aware that you will not gain access to the keychain for that account, so if you are after information saved in that keychain then you won’t be able to get it. 

Cloned Image Clean Up

If you have created an image of a Mac to deploy onto other Macs then you will need to clean the machine of certain user & machine specific files

To do this, you will need to mount the image on another machine and in Terminal enter the following

sudo rm /Volumes/MacHD/Users/username/Send Registration
 sudo rm -rf /Volumes/MacHD/Users/username/Desktop/*
 sudo rm -rf /Volumes/MacHD/Users/username/Downloads/*
 sudo rm -rf /Volumes/MacHD/Users/username/Library/Caches/*

Replace username with the name of any and all of the user accounts on the image

sudo rm -rf /Volumes/MacHD/Documentation/old_*
 sudo rm -rf /Volumes/MacHD/Library/Caches/*
 sudo rm -rf /Volumes/MacHD/System/Library/Caches/*
 sudo rm -rf /Volumes/MacHD/Library/Managed Preferences/*
 sudo rm -rf /Volumes/MacHD/Users/Shared/*
 sudo rm -rf /Volumes/MacHD/private/etc/ssh_host*
 sudo rm -rf /Volumes/MacHD/private/var/db/volinfo.database
 sudo rm -rf /Volumes/MacHD/private/var/vm/swap*
 sudo rm -rf /Volumes/MacHD/private/var/vm/sleepimage

In these examples, my image Volume is named MacHD, always make sure your image Volume is not named the same as your currently booted system volume, otherwise you could end up deleting these files from the wrong volume

Firmware Password Utility

As every good System Administrator should, I set firmware passwords on all my macs.

But one of the frustrations caused by this security precaution is when you are trying to boot a mac into Target Disk Mode, you need to first boot from an installation disk and then run the Firmware Password Utility

To get around this, I create a copy of the Firmware Password Utility on all macs (you could put one on a USB if you wish)

This is done by by following these steps

1. Insert a Mac OS X Installation DVD into your Mac

2. Open Terminal and type the following

cp - R "/Volumes/Mac OS X Install DVD/Applications/Utilities/Firmware Password" ~/Desktop

3. Now you can run the utility from your desktop

Also, if you are setting up multiple macs and you wish to have them all use the same firmware password, you can do the following to push it to all machines

1. Set it manually on 1 machine using the utility mentioned above

2. Open Terminal and type the following

sudo nvram security password

you will get an output similar to this

security-password %cd%f8f%bd%98%87%c5%

This is your encoded firmware password, you can now deploy this via Apple Remote Desktop, SSH, or a script.

Please note, this will only work on Intel Macs

To deploy it to other Macs, enter the following into Terminal either locally, via SSH, ARD or other deployment solutions

sudo nvram security-password %cd%f8f%bd%98%87%c5%
 sudo nvram security-mode=command

Apple Software Update Server – Client configuration

To switch a Mac client from collecting its updates from Apple to your Software Update Server then you will need to apply the following to the client machines

Open Terminal and paste the following text into it

For 10.7

sudo defaults write /Library/Preferences/ CatalogURL http://YOURSERVERNAMEHERE:8088/index-lion-snowleopard-leopard.merged-1.sucatalog

if running from Apple Remote Desktop then you can send the following UNIX command as root user

defaults write /Library/Preferences/ CatalogURL http://YOURSERVERNAMEHERE:8088/index-lion-snowleopard-leopard.merged-1.sucatalog

For 10.6

sudo defaults write /Library/Preferences/ CatalogURL http://YOURSERVERNAMEHERE:8088/index-leopard-snowleopard.merged-1.sucatalog

or if running from ARD then you can send the following as root user

defaults write /Library/Preferences/ CatalogURL http://YOURSERVERNAMEHERE:8088/index-leopard-snowleopard.merged-1.sucatalog

For 10.5

sudo defaults write /Library/Preferences/ CatalogURL http://YOURSERVERNAMEHERE:8088/

again if running from ARD then you can send the following as root user

defaults write /Library/Preferences/ CatalogURL http://YOURSERVERNAMEHERE:8088/

To confirm that this has worked, run Software Update on the client and it should add your servers name to the window during the check for updates.

To remove a machine from a local ASUS and collect updates from Apple again then type the following into the Terminal

sudo defaults delete /Library/Preferences/ CatalogURL

or if running from ARD then do the following as root user

defaults delete /Library/Preferences/ CatalogURL

Create a bootable Lion USB key

To make a bootable Lion USB key, you will need the following

1. A USB Key, minimum 8GB, I use these
2. The Install Mac OS X Lion App

Ok, so first, you need to start up your Mac

Now plug the USB key into your Mac

Next you will need to open Disk Utility, this is located in /Applications/Utilities

Format the USB Key so that it is Mac OS X Journaled and make sure you choose the ‘GUID Partition Table’ option, otherwise you will not be able to boot a Mac from it.

Then you need to locate ‘Install Mac OS X’ which should be in /Applications

If you have deleted it since installing then you can redownload it by opening the App Store, then hold down ALT and click on Purchases, this will enable you to redownload it by clicking Install

Click on the ‘Install Mac OS X’ to run it, click on ‘Continue’ then Agree to the license and you will be shown your main hard disk, under that there is an option to ‘Show All Disks’ click on that and choose your USB key, click on ‘Install’ and the process will begin, you will then have to restart the machine so the installation can complete, this usually takes around 40 minutes

After this has finished you will be able to boot from your USB key into a full Mac OS Environment, and providing you keep this OS fully updated then you should be able to use it to boot up any Mac.

Once it is fully patched, you can install any additional tools that you use for troubleshooting machines.