Skip to content

Error While Updating Enterprise-packaged Adobe Creative Suite

If you’re trying to install updates or upgrades to Adobe Creative Suite, you may run across a refusal of the updater to run. The error will resemble:

Update failed, updates have been suppressed by the Administrator

Funny thing is, you actually are the likely cause of this error. Remember back when you were packaging Creative Suite using Adobe Application Manager Enterprise Edition (AAMEE)? Near the end of the series of dialog boxes you went through, you clicked “Prevent Updates”.

And there we are. Adobe remembered this and is continuing to suppress updates. It doesn’t care if you’re the admin; updates are suppressed!

The fix is easy even if the path to it is long. What you need to do is edit or delete this file:

/Library/Application Support/Adobe/AAMUpdaterInventory/1.0/AdobeUpdaterAdminPrefs.dat

Removing it is draconian but quick & easy. All you need gone / changed is the line within it that reads:


Make the “1” a “0” or just delete that line.

This is all documented by Adobe here, but Googling or Binging the subject is often fruitless. So I’m reposting here to make it easier for all to find.

Keeping 10.x Updates

Update April 2015: I was able to retain a copy of the Yosemite 10.10.3 Beta update via this same method. The trick is the updates do get erased if you let App Store install and reboot. You generally have 60 seconds after the download completes and before Finder shuts down to locate the update file and copy or duplicate it.

Back before all Apple updates came to be distributed through the App Store, it was easy to retain software updates. You just told Software Update app to Keep Updates through its menu system.

There are distinct advantages to retaining updates instead of redownloading them every time. Bandwidth, which Apple seems to think we all have in abundance, is a large one, especially considering many updates are measured in gigabytes these days. But perhaps you also want to keep an update for use in AutoDMG, InstaDMG, Munki, or Casper Suite.

With the advent of App Store, these updates are notably harder to retain. But if you’re quick, you can still keep them. Follow these steps:

1) Initiate the download of the update using App Store.

2) Once the download is complete, look in /Library/Updates/[random #]

OK, the number probably isn’t random, but you’re unlikely to find out Apple’s numbering system, so just look at the most recently updated numerical folder inside /Library/Updates. Your .pkg will be there waiting for you.


10.7_vanilla.catalog w/iTunes 10.6.1, Java Update, & Safari 5.1.5 [UPDATED]

In case any InstaDMG users are looking for a cut & pasteable 10.7_vanilla.catalog that’s set up for using a 10.7.3 InstallESD.dmg, iTunes 10.6.1, Java Update 2012-002, and Safari 5.1.5, here it is:

OS Updates:
 AirPort Utility 6.0 sha1:4e58a9e1af3ddefce843e49ef4b3f36c9c79793a
 iTunes 10.6.1 sha1:e9067bd7b8add8ef6bba0799df1e5a245c6c8187
 Safari 5.1.5 sha1:c253c54faf399ef961a962425930e410cf3fe47e
 JavaForOSX sha1:f3a37aaeace6731c427c76b277c8741d9d6e0220

(Important note: Tabs don’t translate well to WordPress. Be sure after copying to replace the spaces before the URL’s and sha1’s with tabs!)

Sure you can make one yourself in 10 minutes but I thought this might save someone some trouble.

Binding Lion To Active Directory

Active Directory binding can be a black art. Nuances abound, and they can be pitfalls for getting that first bind to actually take place. Take the following command for example:

dsconfigad -force -add "" -c MyMac -u myusername -p mypassword -ou "OU=macs,OU=computers"

No DC’s are specified, but you’d think that’s OK. After all, you told the AD plugin what the DC’s were with the -add flag. It should be able to figure them out from the “”, right?

Wrong. While third-party solutions like ADmitMac and Centrify can figure out DC’s from the supplied domain, Apple’s AD plugin cannot.

Worse, if you omit the explicit DC specification, the AD plugin won’t tell you. It will try for a while to bind, and eventually you’ll get an error, but it will be a “(10001) failure”, not something useful like “DC not specified”. And it will be at the end of a very long log of bind attempts (assuming you turned on debug logging).

So basically you must specify the domain twice, thusly:

dsconfigad -force -add "" -c MyMac -u myusername -p my password -ou "OU=macs,OU=computers" -domain "DC=ad,DC=mycompany,DC=com"

or (shorter):

dsconfigad -force -add "" -c MyMac -u myusername -p my password -ou "OU=macs,OU=computers,DC=ad,DC=mycompany,DC=com"

Specify your DC’s. Everyone will be happier.

Programatically Getting IP Address on the MacBook Air

(It’s tougher than you think.)

Obtaining the IP address on a desktop Mac with built-in ethernet ports is relatively straightforward. You can rely on en0 existing and the connection being stable. On desktops, TCP connections are maintained, even in a “CLOSE_WAIT” state:

(IP addresses changed to protect the guilty)
# netstat -p tcp
 Active Internet connections
 Proto Recv-Q Send-Q Local Address Foreign Address (state)
 tcp4 0 0 a192-17-157-46.zz.https SYN_SENT
 tcp4 0 0 my.server..micro ESTABLISHED
 tcp4 0 0 CLOSE_WAIT
 tcp4 0 0 CLOSE_WAIT

However, the MacBook Air has no built-in ethernet. To hardwire one to a network, a USB<->Ethernet transceiver must be added on. And in an effort to save power, the Air drops any unused connections after 5 seconds. Witness:

# netstat -p tcp
 Active Internet connections
 Proto Recv-Q Send-Q Local Address Foreign Address (state)

After a few seconds the very same command yields zilch:

# netstat -p tcp

So any scripts you write to grab the IP address that use netstat (the preferred method you’ll find recommended by almost all sites if you Google the topic) will yield a blank result.

You could activate the TCP connection by launching Safari or issuing a curl command and quickly reading netstat’s output within 5 seconds, but that’s a kludge.

The better answer? Good old ifconfig, which will yield the persistent IP state of the Mac no matter how long the network connections have been idle. On the same Air as above where netstat was reporting no info, you get this:

# ifconfig | grep "broadcast"
 inet netmask 0xffffff00 broadcast

Ding! (note that we limited the search to lines containing “broadcast” to prevent finding the loopback and other ports irrelevant to our current need.)

To complete the search for a usable IP, we just:

#ip=`ifconfig | grep "broadcast" | cut -d " " -f2`
#echo $ip

Now you have $ip waiting for you to act on. Examples:

if [ "$ip" = "" ]; then
   echo "No ethernet cable appears to be plugged in."


if [ "${ip:0:7}" = "169.254" ]; then
   echo "No DHCP server was found."

Have fun!

Get Control of Your Macintosh HD Back

(This is my first post, so we’re going to keep things simple. Later posts will get into more gory under-the-hood Mac hacks & scripts.)

Once you upgrade to Lion, you’ll find you can no longer save files to the root of your “Macintosh HD.” This is an attempt by Apple to keep your filesystem clean and force you to save your files in your Documents, Pictures, Music, Movies, or other appropriate locations.

But if you’re a control freak as I am, you want to save files where you like; it’s your computer, darn it! Besides, many of us upgraders will have legacy files saved at the root of our HD’s that we suddenly won’t be able to save changes to after installing Apple’s latest cat.

So here’s the easy trick to regain control of your Macintosh HD. In Terminal, enter:

 sudo chmod 777 "/Volumes/Macintosh HD"

If you ever want to put it back the way Apple had it, enter:

 sudo chmod 755 "/Volumes/Macintosh HD"

There you have it. Save away!