Hon For Mac Os



We all know we need to make backups. Apparently, 30 procent of all computer users lose all of their files sometime in their life. Not a pretty foresight.

Fortunately, Mac Leopard users have a program called Time Machine that makes things a lot easier. But is Time Machine the perfect backup solution? I don’t think so. There are a couple of things that make Time Machine very unsuitable for me:

Why i can't install Adobe CS6 Master Collection on my mac OS. Why i can't install Adobe CS6 Master Collection on my mac OS honkitt97402294. Why i can't install Adobe CS6 Master Collection on my mac OS. การลง( Hon )Heroes of Newerth บน Mac สำหรับใครที่กำลังหาวิธีลง HON บน Mac ไม่อยากเข้า BOOTCAMP ให้เมื่อย ผมมีวิธีการ วิธีลง ดูในคลิปผมเลยนะครับลงไม่ยากครับ http. The Mac OS Japanese variant for the Hon Mincho and Maru Gothic fonts used in the Japanese localized version of System 7.1. It does not include the standard Apple extensions, and encodes vertical forms at a different location.

  • You need to get a seperate external hard drive that can only be used for Time Machine (and has to be formatted first)
  • That drive has to be formatted in HFS+, hence, without any (commercial) third-party plugins it’s not readable on Windows or Linux systems
  • You have to leave your drive on all the time to make sure Time Machine makes backups
  • You can’t make a list of things you want to have backed up, you can only exclude folders from your complete hard disk
  • Time Machine makes an exact copy of your hard drive

Especially that last ‘feature’ is very irritating to me. I have an external drive with about 300G of files, including lots of music and video files. My MacBook drive is only 80GB big, so i can never have the complete contents of my external drive on my MacBook. Let’s say i have 10GB of MP3 files, which i backup with Time Machine, then i remove about 5GB of files from my MacBook to free some space. What happens when the next backup round is happening? Exactly, the 5GB of files get deleted from the external disk as well. When i want to play a certain MP3 file from my external drive i now have to ‘restore’ and ‘look back in history’ to find it. Not very user-friendly.

Luckily, there is a very good (free) alternative to Time Machine that does exactly what i want with backups: it lets you specify which folders you want to backup, it doesn’t delete things on the backup drive when you delete files from your original drive, and it’s compatible with any external drive and can even backup files over a network. This piece of software is called rsync. Here’s how to use it.

rsync is a command-line utility shipped with every copy of Mac OS X. It originated from the UNIX/Linux world, where it has been part of most Linux distributions for many years. rsync is reliable, fast, and easily configurable. Try running it by opening up the Terminal.app (located in your Applications/Utilities folder) and running the command:

rsync

You’ll get an overview of all possible options. In essence the syntax is very simple:

rsync OPTIONS SOURCE DESTINATION

What you’ll probably want is a one-way transfer of all files in SOURCE to DESTINATION, where only files are copied that are not available on the DESTINATION disk or different. Aside from that you’ll want to include all subdirectories, links, permissions, date/time, groups, owner and devices. To do that simply use this easy-to-remember option list:

rsync -rlptgoD

Ha, just kidding! Fortunately there is another switch that does all of that with one switch, namely the archive switch:

rsync -a

So, let’s say you want to backup the files in your Documents directory to your external harddrive, which you appropriately named ‘backup’, then this would be the command:

rsync -a ~/Documents/ /Volumes/backup/Documents

For those of you who don’t use the Terminal very often: the tilde (~) is a shortcut for your home directory. If, for example, your name would be ‘Alice’ your home directory would probably be

/Users/alice

In essence you could write the statement above also as

rsync -a /Users/alice/Documents/ /Volumes/backup/Documents

The /Volumes/ path always leads to your drives under Mac OS X. This is also true for DMG files and CDs and DVDs you load.

An important thing to remember is that you should always include a trailing slash (/) after the SOURCE directory and no slash after the DESTINATION. If you wouldn’t do that, and you forgot the slash after ~/Documents rsync would create a directory named ‘Documents’ in the /Volumes/backup/Documents directory, so your files would eventually be backed up under

/Volumes/backup/Documents/Documents/

If you want to get a little more feedback on what rsync is actually doing you can add a few more options to let it output a little more to the screen:

rsync -a --progress ~/Documents/ /Volumes/backup/Documents

You might also want to exclude a few sub-directories or files with the backup. A good example of this is the virtual machine files Parallels makes in the /Documents/ directory and which can be quite large and will be backed up every time. If you have a large virtual machine, this could easily take 15 minutes.

rsync -a --exclude Parallels/ ~/Documents/ /Volumes/backup/Documents

Another option that you might need is when you use a FAT-32 formatted drive. FAT-32 is currently the only filesystem that is supported by all major operating systems, until Apple finally adds write support for NTFS under Mac OS X (There is a very good free / open source alternative called NTFS-3G that works beautiful, but isn’t supported officially by Apple yet). FAT-32 has a shortcoming that it can’t handle files over 4GB, which is pretty irritating if you have large DV video files or DVD backups. Another shortcoming is that it doesn’t properly set file update times, so it will copy all files, modified or not, every time you run your backup. Fortunately, there is a switch to fix this:

rsync -a --modify-window=1 ~/Documents/ /Volumes/backup/Documents

So, we have all the ingredients to make a proper backup script with only the directories you want. What i did to make my own backup script is simply copying the rsync command many times with alternate source / destination paths. A Linux guru could probably come up with a better solution, but this solution works fine for me. For some inspiration for your own backup script, here’s a portion of my script:


#!/bin/bash
rsync -a --progress --exclude Parallels/ ~/Documents/ /Volumes/backup/Documents
rsync -a --progress ~/Music/MP3/ /Volumes/backup/Media
rsync -a --progress ~/Pictures/ /Volumes/backup/Media/Pictures
rsync -a --progress ~/Backup/ /Volumes/backup/Data
rsync -a --progress ~/Movies/ /Volumes/backup/Media/Video

Note the first line of the script (‘#!/bin/bash’). This line says that it is a script executed by the shell. To make this script runnable you need to set some permissions. If you named your script ‘backup’ this would be the command

chmod u+x backup

Now simply run the backup script at any time you like and be very happy knowing that your data is safe on your external hard drive!

Just one last word of advice: rsync isn’t as fool-proof as Time Machine. If you would, let’s say, per accident swap the SOURCE and DESTINATION values you would lose data. Be very careful before running your backup script with any valuable data.

So, hopefully this article has given you some advice on how to use rsync to back up your Mac. Feel free to drop any comments in the comment field below.

Vond je dit een leuk artikel? Abonneer je dan op mijn nieuwsbrief: De Circulaire. Elke twee weken in je mailbox!

Add a comment

42 comments

  • Better than Time Machine: backup your Mac with rsync

    […] Game Posts wrote an interesting post today onHere’s a quick excerpt We al know we need to make backups. Apparently, 30 procent of all computer users lose all of their files sometime in their life. Not a pretty foresight. Fortunately, Mac Leopard users have a program called Time Machine that makes things a lot easier. But is Time Machine the perfect backup solution? I don’t think so. There are a couple of things that make Time Machine very unsuitable for me: You need to get a seperate external hard drive that can only be used for Time Machine (and has to be […]

  • rsync backup script

    […] Fortunately, Mac Leopard users have a program called Time Machine that makes things a lot easier.http://www.haykranen.nl/2008/05/05/rsync/An open source, completely automatic on-line backup system for UNIX.This is better than rsync, since […]

  • include date in folder name in unix

    […] […]

  • jon

    “You need to get a seperate external hard drive that can only be used for Time Machine (and has to be formatted first)”

    False.

    The hard drive can be used for other things as well. It doesn’t have to be external either. It doesn’t even have be separate, but you’d be stupid to think that backing up your only hard drive to your hard is any kind of protection.

    Still, it doesn’t seem time machine is a good match for you since you don’t want the kind of backup solution it offers (complete and mindless backups).

  • Tim

    This was just what I was looking for. I have an old HHD from old PC. And just want to backup the Documents folder on my new iMac. And do it whenever I what, whithout having the HDD on all the time. Much, much easier than figuring out how TimeMachine works/doesn’t work. thanks!

  • Grover

    Thanks for the very straightforward overview of using Rsync. It was exactly what I needed to solve a problem I was having.

    @jon
    Is Time Machine your girlfriend or something? Why are you taking it personally that Mr. Kranen wants to use something else?

  • Xl Organism

    This was exactly what I was looking for. Thanks for posting this. Ciao!

  • Kranki

    1) TimeMachine does not do a complete backup of your harddrive. Do a full restore and you will find (for instance) that you are missed the “/User/Shared/SC Info” directory which is your iTunes authorization data. Apache will be missing a directory.
    2) I have yet to do a full TimeMachine backup and have it be 100% of what I used to have. For instance, recently my harddrive failed and I did have to do a full restore. Well, things like Terminal started having lines through it that just did not exist prior to the backup.
    3) If it were implemented as a full backup such as what you can do with asr or hdiutil, but with history. Then I would be more positive on it. But for now it is back to rsync, hdiutil and asr.

  • Anonymous

    What would be your strategy for creating multiple backups…as in how Time Machine keeps archives of backups along the lines of daily/weekly for up to one month? I like Time Machine, but I don’t like that it requires my network drive to be on all the time. I’d rather make one backup per day (not hourly like Time Machine wants), but also be able to keep archives as far back as one month, like this:

    1. Daily backups for one week (last 7 days worth)
    2. Weekly backups for one month (4 backups)

    Hopefully I’m explaining this clearly. Thanks.

  • Hay

    @09: you could write a cron job that makes a backup every day and another one that archives them weekly. Note that this means that you end up with many duplicates of the same files, that might fill up your backup disk pretty quickly. The beauty of Time Machine is that it takes up less space because it uses symbolic links.

  • dantux

    If anyone is interested, I posted some time ago, my rsync backup script. It does just that: saves hourly, daily, weekly, monthly, yearly backups using the same concept as Time machine does (hard linking). This does not hard link directories, but does for existing files, which saves a lot of space.
    Check it out:
    http://dantux.com/weblog/2009/03/23/using-rsync-as-a-backup-solution/

  • Drew Stephens

    Time Machine actually uses hard links, not symbolic links, allowing the oldest backups to be removed when space runs out on the backup drive.

  • WeaselSpleen

    Yo, Time Machine is MY girlfriend, you best step back son.
    Nobody treats her betta than me.

  • Mr MArk

    Hey Guys,

    Just thought you should know the RSYNC that shops with osx does NOT backup OSX File Metadata efficiently!

    This sucks. Read this for more info..

  • Dov

    FAT32 can handle drive up to 16 TB, the 4GB limit is imposed in Microsofts Format command which artificially limits the ability to create large volumes.

    This seems originally to be a move to force people to upgrade from Win98 to win2000 and NTFS if they want large disk support. Most external hardrives are formatted as FAT32 using the manufacturers own version of a formatting tool with no 4GB limits at all

    There are utilities that will format a FAT32 volume in excess of 4GB that can be found with a simple web search

  • Anonymous

    As a new Apple user – this is another example of an OS not allowing it’s users any flexibility.

    Backup via Time Machine could be useful if it was written in such a way as to allow the user to choose what is backed up and schedule it accordingly.

    I know, Apple people will bleat loudly, but the OS has some significant drawbacks for users that know what the are doing and, don’t want be nannied.

  • Anonymous

    TimeMachineEditor lets you adjust the interval that TimeMachine backs up at. http://timesoftware.free.fr/timemachineeditor/

  • Anonymous

    You need to get a seperate external hard drive that can only be used for Time Machine
    -> Wrong! You can backup to a partition on your internal harddisk if you want. (Would be stupid, but it IS possible) Also, the same goes for EVERY other backup program. Also, the disk is NOT exclusive for Time Machine. It’s just a drive with files and you can add/edit/delete files all you want.

    (and has to be formatted first)
    -> Depends; I ALWAYS buy Western Digital drives in the Studio range; preformatted for mac. My choice. If you choose another; formatting takes about 3 minutes.

    That drive has to be formatted in HFS+, hence, without any (commercial) third-party plugins it’s not readable on Windows or Linux systems
    -> We’re backing up a Mac, what’s wrong with using a Mac file system? Second; the better linux distros can read HFS+ without any trouble. It’s Windows that sucks big time.

    You have to leave your drive on all the time to make sure Time Machine makes backups
    -> Well, I’d like you to show me ANY ONE backup that can backup to a disk that is not on.

    You can’t make a list of things you want to have backed up, you can only exclude folders from your complete hard disk
    -> Which serves it’s purpose very well; that way you cant forget to include newly created files/folders.

    Time Machine makes an exact copy of your hard drive
    -> As opposed to ….. what, exactly? What is wrong with having a full copy of your drive? I don’t want to spend hours reinstalling my OS, then my Apps and then my files after a crash. I used to have to do that with WIndows and I’m sick and tired of that. With Time Machine, i place a new drive, boot from the OS CD and recover my drive. Easy as that.

    I really like your approach with rSync, but your reasoning is flawed.

    @Anonymous #16; As a new Apple user – this is another example of an OS not allowing it’s users any flexibility.
    -> OSX _IS_ giving it’s users all the flexibility it can give; Use Time Machine for a full backup with revisioning, or use rSync (shipped with it) for the more complex tasks. Compared to windows; no backup software to speak of, no revisioning, no rsync.
    On a Mac, there is NO reason whatsoever to not backing up your harddisk. On Windows there is, well, windows IS the biggest reason but that’s beyond the scope of this topic.

    @Kranki #8
    I do not share your (bad) experience with Time Machine. I’ve restored not many machines but a few and all of them restored without any problem whatsoever (including our mac mini server that lost a drive due to a power outage)

  • Anonymous

    Why do so many say it’s silly to backup a hard disk to another portion of the same hard disk? For me, one HUGE value of backing up (with whatever method, but preferably with some form of history) is to get an earlier version of a file I messed up. In fact, that’s the only reason I’ve ever actually used a backup in practice (I admit: I’ve been lucky). OK, it WOULD be silly to not ALSO backup to an external drive for protection against the drive crash scenario… It does happen, I know. And I will do that too. Just don’t discount the value of a simple historical copy of the work you do as part of everyday workflow.

    For the curious: I use TM to backup up my SSD drive to the internal HD on my iMac. In addition, I use a sym link from my desktop to a “working” directory on the HD (I don’t want my every day files to start filling up the SSD), and hoped that TM would back up that working directory too. Not surprising, but unfortunate: it faithfully backed up the sym link, but that’s it — meaning that the TM backup process doesn’t FOLLOW the sym link and backup the files & directories it finds there. (Of course, I can’t use a hard link since it’s across file systems.) So an rsync solution such as described here is something I’m considering for that “working” directory.

    Similarly, I’ll probably develop an rsync solution to fully backup the HD to an external device, for that rare day when the HD decides to croak. Yes, I could use TM itself, manually switching it from the SSD to work instead with the HD, then switching back after its done (yuck) — or fool with the TM plist to do the switching. Much to do, much to learn….

  • Online Backups Over Google Fiber: Crashplan or Backblaze?

    […] for a flat monthly rate. (Given my backup size, I want to avoid paying a per-gigabyte price.) I use rsync to back up my live files to a 2TB backup drive that I then want to mirror to an online backup. I […]

  • Time Machine sucks, use rsync instead « Brian Windheim

    […] won't go into too much detail on rsync usage (some resources that might help: 1, 2, 3), but here's how I backup an entire external volume using […]

  • James

    Can both Source AND Destination be external, or does one have to be in home directory/interbal? I’ve got an external drive of >1TB and I’d like to sync its backup to it.

    Thanks,

    James

  • lucidsystems

    If you are using rsync for backups on OS X, then you may also find LBackup of interest : http://www.lbackup.org

    LBackup is an rsync wrapper designed for backup of user data.

  • Brian H

    Yes, James, I’m synching two external drives as we speak. Many folks put pictures and movies on external drives to save space on their computers, but fail to back those up.

  • joe

    rsync -a is missing -H

    So, if you want to preserve hardlinks then you need to add that option.
    This will increase the amount of time it takes for the overall rsync to perform.

    And, this is not necessary if you are backing up directories that you know do not include hardlinks. However, if you are backing up system directories, you may want to be sure and include that option.

  • New Year’s Resolutions | Monkeyologist

    […] like to roll my own Time Machine replacement using the Unix utility rsync, mainly because you can’t exclude folders from Time Machine. I often eject it in frustration […]

  • Terry Flannery

    Many thanks for the excellent doc.

  • flow in

    thanks hon, works well. to share to a windows box, i mounted the windows share onto the mac (adding the share mount into the login items) then rsync’d to the mac’s mounted volume – rsync wouldn’t work direct to the shared folder.

  • Madhu

    Useful article and the solution I was looking for. I just have the need to keep copying the changed and new files to external hard drive. I may periodicaly delete the files from my Mac, but still need them to be available in the external disk. So looks like rsync is the solution rather than Time Machine

  • Malcolm

    Thanks Hay, your info is clear and easy to understand. I will be using it.

  • Dave

    Backaroo from Bonhard Computing is a wrapper for rsync and rsyncd. It lets you schedule rsync via a simple user interface. It’s made for exactly this sort of thing. (Disclosure: I am the developer.)

  • Stove99pipe

    Excellent first approximation of how to use rsync and how to automate it. Thanks from a beginning Terminal user. 10 stars :-)

  • Sandman619

    • It’s safe to partition a hard drive to include the backup. Since it is a sep partition directory failure will not affect the backup files.
    • If a disk is not mounted & misses a scheduled backup, Time Machine immediately initiates a backup when the backup drive returns
    • Time Machine completes an initial full backup with future backups only containing changed or new files, its incremental.
    • Time Machine respects other non-Time Machine files on the backup drive, but the more files on the backup drive the less available space for Time Machine backups
    • Time Machine keeps recent backups, a weekly backup & a monthly backup.

  • Dave - developer at Bonhard Computing

    I’ve also just finished developing “Folder Snapshot Utility” which represents a way of doing this but with a clicky-clicky GUI instead of using the command line.
    I’ll try to leave a link to it, here:
    http://bonhardcomputing.com/folder-snapshot-utility/
    Or maybe this will work…
    Folder Snapshot Utility

  • Andy

    Hi Hay, Thank you for sharing a great comprehensive article on rsync. I have been trying all possible operators in my rsync command but I have failed to sync my MBA with External Hard Drive exFat. The file Created Date changes to the date I run the script. Weirdly, the files Modified Date and Last Open Date don’t change.

    Script Editor command below:

    tell application “Terminal”
    activate
    do script “rsync -a –update -raz –progress /Users/me/Documents/ /Volumes/TT1/documents” in front window
    end tell

    Is this to do with rsync not handling permissions on exfat?
    Thank you in advance.

    Cheers, A.

  • JACK REACHER

    Vagrant glosses over these issues, although the variety of shared folder implementations hints at the problem.

    Native
    The native shared folders feature in VirtualBox is notoriously bad. VMware is better, but not ideal.
    NFS
    Linux/Max only.
    Need NFS installed on host and client.
    Alters host NFS configuration.
    Effects networking setup on VirtualBox
    Can not alter user/group on client.
    Rsync
    Need Rsync installed on host and client.
    One way — changes on the client by default are overwritten.
    SMB
    Windows only.
    Can not alter user/group on client.
    Must manually clean up.

  • Baretto James

    Better than time-machine. Lol. Catchy title though. Dude I was searching for an alternative to rsync on windows, too many came up. Tried them, useless they were. My friend told me to use GS Richcopy 360. Man, that one suggestion solved everything. This Richcopy 360 is pretty dope!

  • TimeMachine cool and i tell you why

    What you are comparing here is a filebased backup via rsync with a full system backup with TimeMachine. But that’s a unfair comparison for both programms.

    TimeMachine not only produces a (what you didn’t mention your article) a bootable drive, with a recovery system, but it saves your data incrementally, like rsync does.

    I have a 1TB drive (internal) as a backup drive and a system drive 1TB (500GB used). 10 backups on my backup drive could only mean, that TimeMachine don’t simply makes an 1:1 image of your drive. Thats cool, and theres place for 10 more…

    1.) TimeMachine backups every day, every hour, if i want that, even when i forgot to make a backup, TimeMachine does it. Cool!

    2.) You can restore your complete system with your TimeMachine backup and even can choose, which backup do you want to restore. Cool!

    3.) It backups while you are working with your Mac, transparently and nearly unnoticable. Cool!

    4.) As you see now, you can use a internal drive also, no problem with that, it’s much faster that way. Cool!

    I really don’t understand the arguments, that your are writing in you article. Your way of backup doesn’t produce a bootable, full backup, so it is absolutely not usable, when your hard disk crashes and you want to reproduce the working system again.

    Your arguments, my answers:

    * You need to get a seperate external hard drive that can only be used for Time Machine: Wrong, you can use it like any other drive, i copy my mp3 on my backup drive and TimeMachine does’t have a problem with it

    * That drive has to be formatted in HFS+, hence, without any (commercial) third-party plugins it’s not readable on Windows or Linux systems: Of couse you have to… This is the same under Windows with NTFS. By the way, Linux can read and write HFS+ out of the box

    * You have to leave your drive on all the time to make sure Time Machine makes backups: Of couse… Can you make a rsync backup without a drive? But with TimeMachine you can also just start a backup whenever you want and disconnect your drive after that, and connect it for the next.

    * You can’t make a list of things you want to have backed up, you can only exclude folders from your complete hard disk.Time Machine makes an exact copy of your hard drive: Yes, that’s the reason, why so many of use TimeMachine, to have a working copy of the hole system, that you can restore completely, if your harddisk fails.

    What you suggest here is a simple file backup, not a system backup. And that’s obvisiously not the same.

    rsync is cool, i use it too. But TimeMachine has a clear purpose in Mac OsX, and is cool too. Just use both, for both and different use cases.

  • natxo garai

    just awesome !!! Thank you very much

  • Siegfried Leonard

    I found your article quite helpful on how to use rsync on OS X. However, I disagree with you about Time Machine. First, when you delete files from the MacBook the files aren’t actually “deleted” on the Time Machine disk, but merely hardcopies of them. And although you can much around in there, that’s not how the way you use time machine.

    You use the “back in time” interface. I know it sucks a bit and it’s slow, but it has improved a little over the years. It’s differently the thing that they need to improve the most on or change it altogether. Although for users like my mom and dad it works wonderfully (?).

    The problem with rsync is that is that it’s really easy to make a mistake. Manage large files you need deleting with. And with no snapshot support you’ll basically have to run rsync yourself. And that violates ones of the rules of backup, you want an automated system that backups on its own, and still have files you deleted X days/weeks ago.

    I use ZFS myself on FreeNAS for all my file needs. Built a cheap little $300 machine that can fit more hard drives and run more plugins than any other $600 NAS units. I run Time Machine on it, as it has space for all machines. So no more external drives. I think I saved money overall. :)

  • shrirang

    Super Helpful and nice explanation ! Thanks a lot for awesome post.

  • Anonymous

    the guidance is pretty good

NOTE:

Between mid October 2019 and mid February 2020 everyone in the Army was migrated to use their PIV Authentication certificate for Email access. You no longer use the Email certificate for Enterprise Email or any CAC enabled websites

Mac users who choose to upgrade (or already have upgraded) to Mac OS Catalina (10.15.x) will need to uninstall all 3rd Party CAC enablers per https://militarycac.com/macuninstall.htm AND reenable the built in smart card ability (very bottom of macuninstall link above)

If you purchased your Mac with OS Catalina (10.15.x) already installed, you can skip the uninstall part above and follow the instructions below.

6 'high level' steps needed, follow down the page to make this a painless systematic process

1.Is your CAC reader 'Mac friendly'?
2.Can your Mac 'see' the reader?
3.Verify which version of Mac OS you have
4.Figure out which CAC (ID card) you have
5.Install the DoD certificates
5a.Additional DoD certificate installation instructions for Firefox users
6.Decide which CAC enabler you want to use (except for 10.12-.15)

Step 1: Is your CAC reader Mac friendly?

Visit the USB Readers page to verify the CAC reader you have is Mac friendly.

Visit the USB-C Readers page to verify the CAC reader you have is Mac friendly.

'Some, not all' CAC readers may need to have a driver installed to make it work.

NOTE: Readers such as: SCR-331 & SCR-3500A may need a firmware update (NO OTHER Readers need firmware updates).

Information about these specific readers are in Step 2

Step 2: Can your Mac 'see' the reader?

Plug the CAC reader into an open USB port before proceeding, give it a few moments to install

Hon For Mac Os High Sierra

Step 2a: Click the Apple Icon in the upper left corner of the desktop, select 'About This Mac'

Step 2b: Click 'System Report...' (button)

Step 2c: Verify the CAC reader shows in Hardware, USB, under USB Device Tree. Different readers will show differently, most readers have no problem in this step. See Step 2c1 for specific reader issues.

Step 2c1: Verify firmware version on your SCR-331 or GSR-202, 202V, 203 CAC, or SCR-3500a reader. If you have a reader other than these 5, Proceed directly to step 3

Step 2c1a-SCR-331 reader

If your reader does not look like this, go to the next step.

In the 'Hardware' drop down, click 'USB.' On the right side of the screen under 'USB Device Tree' the window will display all hardware plugged into the USB ports on your Mac. Look for “SCRx31 USB Smart Card Reader.” If the Smart Card reader is present, look at 'Version' in the lower right corner of this box: If you have a number below 5.25, you need to update your firmware to 5.25. If you are already at 5.25, your reader is installed on your system, and no further hardware changes are required. You can now Quit System Profiler and continue to Step 3.

Step 2c1b-SCR-3500A reader

If you have the SCR3500A P/N:905430-1 CAC reader,you may need to install this driver, as the one that installs automatically will not work on most Macs. Hold the control key [on your keyboard] when clicking the .pkg file [with your mouse], select [the word] Open

Step 3: Verify which version of MacOS do you have?

(You need to know this information for step 6)

Step 3a: Click the Apple Icon in the upper left corner of your desktop and select 'About This Mac'

Step 3b: Look below Mac OS X for: Example: Version 10.X.X.

Step 4: Figure out which CAC (ID Card) you have

(You need to know this information for step 6)

Look at the top back of your ID card for these card types. If you have any version other than the six shown below, you need to visit an ID card office and have it replaced. All CACs [other than these six] were supposed to be replaced prior to 1 October 2012.

Find out how to flip card over video

Step 5: Install the DoD certificates (for Safari and Chrome Users)

Go to Keychain Access

Hon For Mac Os 10.12

Hon

Click: Go (top of screen), Utilities, double click Keychain Access.app

(You can also type: keychain access using Spotlight (this is my preferred method))

Select login (under Keychains),and All Items (under Category).

Download the 5 files via links below (you may need to <ctrl> click, select Download Linked File As... on each link) Save to your downloads folder

Please know... IF You have any DoD certificates already located in your keychain access, you will need to delete them prior to running the AllCerts.p7b file below.

https://militarycac.com/maccerts/AllCerts.p7b,

https://militarycac.com/maccerts/RootCert2.cer,

https://militarycac.com/maccerts/RootCert3.cer,

https://militarycac.com/maccerts/RootCert4.cer, and

Double click each of the files to install certificates into the login section of keychain

Select the Kind column, verify the arrow is pointing up, scroll down to certificate, look for all of the following certificates:

DOD EMAIL CA-33 through DOD EMAIL CA-34,

DOD EMAIL CA-39 through DOD EMAIL CA-44,

DOD EMAIL CA-49 through DOD EMAIL CA-52,

DOD EMAIL CA-59,

DOD ID CA-33 through DOD ID CA-34,

DOD ID CA-39 through DOD ID CA-44,

DOD ID CA-49 through DOD ID CA-52,

DOD ID CA-59

DOD ID SW CA-35 through DOD ID SW CA-38,

DOD ID SW CA-45 through DOD ID SW CA-48,

DoD Root CA 2 through DoD Root CA 5,

DOD SW CA-53 through DOD SW CA-58, and

DOD SW CA-60 through DOD SW CA-61

NOTE: If you are missing any of the above certificates, you have 2 choices,

1. Delete all of them, and re-run the 5 files above, or

2. Download the allcerts.zip file and install each of the certificates you are missing individually.

Errors:

Error 100001 Solution

Error 100013 Solution

You may notice some of the certificates will have a red circle with a white X . This means your computer does not trust those certificates

You need to manually trust the DoD Root CA 2, 3, 4, & 5 certificates

Double click each of the DoD Root CA certificates, select the triangle next to Trust, in the When using this certificate: select Always Trust, repeat until all 4 do not have the red circle with a white X.

You may be prompted to enter computer password when you close the window

Once you select Always Trust, your icon will have a light blue circle with a white + on it.

The 'bad certs' that have caused problems for Windows users may show up in the keychain access section on some Macs. These need to be deleted / moved to trash.

The DoD Root CA 2 & 3 you are removing has a light blue frame, leave the yellow frame version. The icons may or may not have a red circle with the white x

or DoD Interoperability Root CA 1 or CA 2 certificate
DoD Root CA 2 or 3 (light blue frame ONLY) certificate
or Federal Bridge CA 2016 or 2013 certificate
or Federal Common Policy CAcertificate
or or SHA-1 Federal Root CA G2 certificate
or US DoD CCEB Interoperability Root CA 1 certificate

If you have tried accessing CAC enabled sites prior to following these instructions, please go through this page before proceeding

Clearing the keychain (opens a new page)

Please come back to this page to continue installation instructions.

Step 5a: DoD certificate installation instructions for Firefox users

NOTE: Firefox will not work on Catalina (10.15.x), or last 4 versions of Mac OS if using the native Apple smartcard ability

Download AllCerts.zip, [remember where you save it].

double click the allcerts.zip file (it'll automatically extract into a new folder)

Option 1 to install the certificates (semi automated):

From inside the AllCerts extracted folder, select all of the certificates

<control> click (or Right click) the selected certificates, select Open With, Other...

In the Enable (selection box), change to All Applications

Select Firefox, then Open

You will see several dozen browser tabs open up, let it open as many as it wants..

You will eventually start seeing either of the 2 messages shown next

If the certificate is not already in Firefox, a window will pop up stating 'You have been asked to trust a new Certificate Authority (CA).'

Check all three boxes to allow the certificate to: identify websites, identify email users, and identify software developers

or

'Alert This certificate is already installed as a certificate authority.' Click OK

Once you've added all of the certificates...
• Click Firefox (word) (upper left of your screen)
• Preferences
• Advanced (tab)
• Press Network under the Advanced Tab
• In the Cached Web Content section, click Clear Now (button).
• Quit Firefox and restart it

Option 2 to install the certificates (very tedious manual):

Click Firefox (word) (upper left of your screen)

Preferences

Hon For Mac Os 10.13

Advanced (tab on left side of screen)

Certificates (tab)

View Certificates (button)

Authorities (tab)

Import (button)

Browse to the DoD certificates (AllCerts) extracted folder you downloaded and extracted above.

Note: You have to do this step for every single certificate

Note2: If the certificate is already in Firefox, a window will pop up stating: 'Alert This certificate is already installed as a certificate authority (CA).' Click OK

Note3: If the certificate is not already in Firefox, a window will pop up stating 'You have been asked to trust a new Certificate Authority (CA).'

Check all three boxes to allow the certificate to: identify websites, identify email users, and identify software developers

Once you've added all of the certificates...
• Click Firefox (word) (upper left of your screen)
• Preferences
• Advanced (tab)
• Press Network under the Advanced Tab
• In the Cached Web Content section, click Clear Now (button).
• Quit Firefox and restart it

Step 6: Decide which CAC enabler you can / want to use

Only for Mac El Capitan (10.11.x or older)

After installing the CAC enabler, restart the computer and go to a CAC enabled website

NOTE: Mac OS Sierra (10.12.x), High Sierra (10.13.x), Mojave (10.14.x) or Catalina (10.15.x) computers no longer need a CAC Enabler.

Try to access the CAC enabled site you need to access now

Mac support provided by: Michael Danberry