In my last post I mentioned that Microsoft was in something of a panic and gave me an inordinately short period of time to ‘fix’ my end of my AD-to-Azure connection at work… Well, I figured out why:
In short, Microsoft got caught with their pants down, China basically has the keys to the O365 kingdom, and that means Microsoft has to redo pretty much everything related to Azure…
This apparently includes renaming the thing to “Entra ID” a few weeks back – probably marketing’s attempt to get ahead of the debacle and tainted image of Azure.
All of the parts I ordered came in this afternoon, so I took the XPS apart again and upgraded pretty much everything in it…
It’s now got the fans out of an Alienware Aurora r-series computer in it, which required a PWM fan splitter, because there’s only one fan header on the motherboard for Dell reasons. I got a nice Silverstone splitter at Microcenter for $7 and set up the top fan to report the tach. The front fan doesn’t report its tach and just gets the PWM signal the motherboard is sending to the top fan… But it works.
I installed the i9-9900kf and the CPU cooler out of a Precision workstation, which is a snug fit but I got it in there.
Then there’s the new modular 850 watt Corsair PSU which has three cables plugged into it; motherboard, supplemental CPU power, and PCIe for the video card… I stripped out the various SATA cabling and the 3.5″ drive cages just to unclutter things a bit in there.
I also got the Aorus Wifi / Bluetooth card working and am using my Apple AirPods Max as I type…
This all took about two hours, including the round trip to Microcenter. And just as I got the machine up and running I got a bunch of emails from Microsoft regarding the AD-to-Azure (Entra ID) system I use to bridge internal and cloud credentials – and how everything was going to stop working on the 1st if I didn’t upgrade my AD server to at least Server 2019…
Yep, four days notice… Thanks Microsoft.
So the remainder of my evening was figuring out how to divorce my local AD from Azure… The way I look at it, having to manage two sets of credentials is less of an ask than a quarter million bucks to update my entire infrastructure.
Anyway, my AD is still 2008r2 because it still works and I haven’t found a reason to spend a small fortune on M$ licensing fees – again. But this added a lot of complexity to the divorce proceedings because Microsoft moves the goalposts every 5 minutes… So I had to engineer a way to get 2008r2 PowerShell to talk to today’s version of Microsoft’s repositories so that I could install the modules needed to talk to today’s version of Azure and both turn off sync and enable web-management of the O365 accounts.
It looked like this:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
(This enables PowerShell 5.1 on 2008r2 to speak TLS 1.2...)
Install-Module -Name PowerShellGet -Force
(Install the thing that lets you install things...)
Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -force
(Basically update everything...)
Install-Module MSOnline
(The piece I actually needed...)
Install_module AzureAD
(The piece I needed to make the piece I needed work...)
Import-Module AzureAD
(Import AzureConnect's configuration so we know what instances to talk to at Microsoft)
Connect-MsolService
(Everything is 2FA now, so this brings up the MS 2FA login page to acquire a token)
Set-MsolDirSyncEnabled -EnableDirSync $false
(And finally we get to the divorce proceedings...)
And with that taken care of I’ll get a whole hour to play some Baldur’s Gate 3 before I need to hit the rack so I can get up and do it all again tomorrow…
I spent the last couple of weeks fiddling around with OpenCore, and overall I’m pretty pleased.
This all started because I found this old, disused Dell XPS PC at work and then decided to see if I could get MacOS to load on it… Because why not?
It took a few days to figure out the ins and outs of OpenCore; it’s kind of complicated being as it can add / remove / modify / fake everything from the CPU and chipset to every peripheral on the motherboard in order to fool an operating system into thinking it’s running on some other kind of hardware.
But, once I had it figured out is was a pretty simple matter of building custom SSDTs (Secondary System Description Tables) from the DSDT (Differentiated System Description Table) residing in the motherboards ACPI (Advanced Configuration and Power Interface)… Which is about as complex as it sounds. But luckily I’ve been dinking with computer hardware since, well, the personal computer came to be – and nothing has really changed since the 80’s save that it’s all smaller and faster.
Oh, and they keep inventing new words for old things, so there’s always the day or two of syntax update I need to do to figure out what the new lingo is…
Following the manufacture of custom hardware descriptors it was a rather simple task to acquire linux kernel extensions and drivers for a few components from GitHub, and then modifying those sources to suit my macOS / Mach kernel needs so I could inject them into the OS at runtime…
It looks easy on paper, but my desk is covered in uEFI tables, IO translation information, address space assumptions, and reams of notes on the thousands of parameters that that glue it all together at boot.
But I should probably skip all of the boring deep-nerd stuff because this is more of a journal than an technical blog…
I got macOS to boot on the XPS Wednesday morning on an older version of OpenCore and macOS Mojave – because Mojave was the last “easy” OS to modify and runs both 32bit and 64 bit code. Everything after Mojave is “hard mode” due to various bits of Apple security, obfuscation, and proprietary hardware – but by Thursday afternoon I had finished my fully customized boot-loader for macOS Monterey on the 0.9.5 build of OpenCore.
Core i7-8700 on a Z370 motherboard and using my old RX 580 videocard.
I figure my boot loader will also run Ventura (macOS 13) being as there isn’t a lot of change under the hood; it’s mostly application space and UI – but I kinda dislike Ventura. Apple is slowly turning everyone’s desktop/laptop into an iPhone, and that irks me.
Anyway, with this mischief managed I decided to keep the XPS and take it home with me just to see what it could do in the longer term. And upon getting the XPS home I swapped the RX580 with the RX6600XT I had in the MacPro 5,1 – which quickly sent me back to the old days of computing…
See, back in the 80’s computers came with IO diagrams, pinout descriptions, and often complete schematics – because if you wanted to add something to the computer you were expected to figure it out. There were no standards really because we were still inventing everything everyone takes for granted these days.
And then the 90’s rolled around and while we finally standardized on a peripheral bus, PCI, you were still more often than not left on your own to configure the card for your system via IRQ jumpers and then compile (or write from whole cloth) your own drivers.
Back in the present day, when I swapped out the video card nothing worked – because while the 6600 is a PCIe card from AMD, just like the 580, it’s a different chipset with different frame-buffer needs which means different configuration requirements and a different driver…
Apple natively supports the 6600, but not on this hardware – so I needed a couple of hours to get the two talking to each other…
The above “About This Mac” claims the machine is a 2019 iMac because I’m faking the SMBIOS information from an iMac19,1. This is because the 2019 iMac used the same Intel “coffee lake” CPU and Intel 300-series north/south chipset as the XPS, so any macOS version that supports that iMac includes the drivers for this hardware.
The reason for this is pretty basic: Apple is a hardware company that also makes an OS, so the OS only contains drivers and config data for their hardware and makes it possible for Apple to support just that hardware really well, so things “just work”… This is the opposite of Microsoft, who is a software company and wants to support as much hardware as possible – so Windows tends to support anything that computes in some basic, generalized fashion. Which is why you really need to install manufacturer’s drivers instead of the generic Windows drivers whenever possible.
Anyway, faking this SMBIOS information also meant I needed to forge a system serial number, which involves forging a matching board serial and SmUUID. Luckily someone wrote a tool that can generate this data pretty easily, so it was a pretty simple issue in the scope of things.
And with that I have a working “hackintosh”.
There are a few more things I need to update in the XPS for daily use… The first was the SSD.
The XPS had a 500 gig Western Digital “blue” m.2 SSD stuck into it from the previous IT guy, and I used that for all of my testing and configuration… The problem is the WD Blue is an old 6gig SATA interface on an m.2 bus, and is therefore cheap and slow.
So slow that when macOS’ “Spotlight” kicked off to index the drive (and all of my email), the system basically became unresponsive.
I initially thought the SMC faking I was doing was preventing macOS from controlling the Dell system fans, and due to this everything was throttling – and I went down that rabbit hole for a few hours before figuring out that the culprit was that $20 SSD.
One quick trip to Microcenter later to get a 2tb WD “black” NVME drive (on sale for $150!) and a couple of hours of building a new installer with my EFI changes so that I could swap the drive and get to a restore partition to restore from TimeMachine. The machine is back up and running well on the new drive.
The WD “black” was kinda essential because Apple only natively supports like two third-party SSD controllers, and one of them happens to be Western Digital’s 750-series. So while I could put a Samsung SSD in the machine, I’d be modifying yet more drivers to make it work correctly…
The next update for the XPS will be an i9-9900KF CPU (K for unlocked, F meaning it has no iGPU) – the fastest thing that the 300-series chipset will run. One of these was a mere $250 from Amazon and will be here in a week.
And because I’m moving the XPS to a newer, faster – and hotter – CPU, a heatsink upgrade was in order… The problem is the XPS is a really nice looking machine from the outside, but it’s a mess inside. The power supply sits over the processor on this swing-out arm (see first picture), so the heatsink options are really limited as they need to be low-profile to fit under the PSU. And the case has has one fan; a 92mm in the top that sits over the CPU and tries valiantly to exhaust all of the heat – and mostly works okay until you really push the machine.
The fix for this came by way of figuring out the XPS is the same chassis as the Alienware Aurora r-series or the Precision 3600-series workstation wrapped in different plastic. So I can swap out the basic aluminum puck CPU cooler with the Precision’s blower style rig that works much better:
Precision 3600-series CPU cooling
And I can also add the 120mm top and front fans out of the Alienware to the XPS.
Aurora r-series case fans
So $100 later and I have all three fans coming in Wednesday.
The last update is the aforementioned power supply. The XPS, being a ‘business desktop’ has a paltry 460watt PSU in it. This is enough to run the 65watt CPU and the 6600 video card, but just barely. The i9 is a 95watt unit, and I want some PSU overhead, so I bought a Corsair RM850x for $150.
There’s one more thing I’ll be doing, and that’s adding this old Gigabyte Aorus wifi/bluetooth card to the system.
The onboard wifi/bluetooth the XPS came with is totally incompatible with macOS, so I removed the tiny card that was in there in order to replace it with something better… That something better is the Aorus card, which is based on an Intel AX210 chipset and something I can get working via some massaged linux drivers.
The problem is most PCIe wifi/bluetooth cards require a USB connection to make the bluetooth work, and the XPS has no internal USB headers for Dell reasons… So one more trip to Amazon for a USB-A to male USB Dupont header to fix this oversight…
Said cable will also be here Wednesday, and I’ll get the wifi and bluetooth working as well.
And that’s what I’ve been up to over the last week or two in my spare time…
The hackintosh is working well enough that I’m typing this entry on it right now, and later I’ll attempt to get Baldur’s Gate III to run on it. 🙂
I bought the car on August 10th, 2022 – 404 days ago – so I’m up to about 10 miles a day on average.
The up-tick in miles is probably due to the trips to Castlerock every other weekend to have breakfast with a friend and then hit up Sam’s Club for supplies. I was also going into the office five days a week for the last couple of months, which is 40 miles a week.
I’m back to every other day again as of last week, mostly because gas is pushing $5 a gallon again and that’s a lot of money just to physically watch lights blink that I can watch blink on a screen at home.
Listening to "Neo-Tokyo (Dance With The Dead Remix)" by Scandroid
Occasionally I’ll be doing something here in the bright and shiny future, and suddenly realize everything is incredibly overcomplicated in the name of technology…
For example, this morning I was pulling my laundry out of the washer and tossing it into the dryer, and then navigating the bazillion settings the dryer has to get to “Speed Dry” where I set the dryer for medium heat and 40 minutes.
Back in ’88 I bought my first washer and dryer set, which was basically the same thing my mom had from the 70’s but in white instead of ‘avocado’. The washer was a tub that filled with water and then beat the crap out of your clothing for however long you set the mechanical timer for. And it had three settings; gentle, wash, and heavy duty – which all corresponded to various gears in the belt-drive transmission located under the tub.
About 99.99% of the time you would set the machine for “wash” and about 40 minutes on the timer.
The dryer was similar; three settings which enabled various numbers of cal-rods for heat and a mechanical timer. And like the washer, it was “medium” heat (because “high” would light things on fire) and about 40 minutes on the timer.
The washer / dryer set I have now is a pretty fancy LG set with touch screens and computers and like a hundred various settings you can chose which result in various songs it plays when starting and stopping… But after three years of using them I’ve settled on “wash” for about 40 minutes, and “medium” for about 40 minutes.
The difference is how much effort it takes to get to those basic settings now, because there are a couple hundred ‘features’ that I never use to get through before I can just ‘wash’ or ‘dry’… I’m guessing nobody uses most of the settings, but they look good on the sales poster at Best Buy. 🙂
