Category Archives: Xsan

Xsan

Restart Xsan Services

May 26, 2013 – 6:33 am

Sometimes you just need to restart the Xsan services on a system. For example, you rm the contents of /Library/Preferences/Xsan and don’t feel like restarting a computer and waiting for all that ProTools boot junk to fire up. So, you can just restart the services:

launchctl unload /System/Library/LaunchDaemons/com.apple.xsan.plist
launchctl load /System/Library/LaunchDaemons/com.apple.xsan.plist

Also, I now always disable Xsan in System Preferences prior to doing the restart of services. Otherwise, I find cruft happens…

Tags , , | Permalink | Comments Off
Active Directory Mac OS X Mac OS X Server Mac Security Network Infrastructure Ubuntu Unix VMware Windows Server Windows XP Xsan

List All DNS Records For A Domain

May 8, 2013 – 6:00 am

Sometimes you want to move a domain but you don’t have a copy of the zone file in order to recreate records. The easy way to do this is to grab a zone transfer. To do so, dig is your friend:

dig -tAXFR mycompany.com

Sometimes though (and actually more often than not) a zone transfer is disabled. In that case you’ll need to dig the domain a bit differently. I like to use +nocmd, query for any and list the results (+answer):

dig +nocmd krypted.com any +answer

Which results in the following:

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39183
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;krypted.com. IN ANY

;; ANSWER SECTION:
krypted.com. 1262 IN A 97.74.215.39
krypted.com. 3600 IN MX 0 smtp.secureserver.net.
krypted.com. 3600 IN MX 10 mailstore1.secureserver.net.
krypted.com. 3600 IN NS ns25.domaincontrol.com.
krypted.com. 3600 IN NS ns26.domaincontrol.com.
krypted.com. 3600 IN SOA ns25.domaincontrol.com. dns.jomax.net. 2010010400 28800 7200 604800 3600

;; Query time: 127 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Tue May 7 22:31:15 2013
;; MSG SIZE rcvd: 207

The above shows the naked domain name entry (yes, I still giggle every time I write the word naked so it’s ok if you giggled when you read it), all of the mail (which btw I don’t actually use that mail so please don’t try and send any at this time) and the ns servers. Now, the serial and refresh information isn’t included in this output. Actually, it is but it might not make sense, so we’ll just add the +multiline option which will make this look strangely like a zone file:

dig +nocmd krypted.com any +multiline +answer

Notice the serial, refresh, retry, expire and minimum options are now listed in a much more fashionable way:

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10965
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;krypted.com. IN ANY

;; ANSWER SECTION:
krypted.com. 3225 IN A 97.74.215.39
krypted.com. 3225 IN MX 0 smtp.secureserver.net.
krypted.com. 3225 IN MX 10 mailstore1.secureserver.net.
krypted.com. 3225 IN NS ns25.domaincontrol.com.
krypted.com. 3225 IN NS ns26.domaincontrol.com.
krypted.com. 3225 IN SOA ns25.domaincontrol.com. dns.jomax.net. (
2010010400 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
604800 ; expire (1 week)
3600 ; minimum (1 hour)
)

;; Query time: 22 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Tue May 7 22:32:20 2013
;; MSG SIZE rcvd: 207

And there ya’ go. You’ve basically done a zone transfer on a box, even though zone transfers are disabled. Silly DNS admins, disabling zone transfers and all that… Yes, I disable zone transfers on most of my DNS boxen as well, or at least only allow them for specific IPs… ;)

Tags , , , , , , , , , | Permalink | Comments Off
Xsan

Holy Cow, Batman, My Xsan Volume Is Invisible!

April 22, 2013 – 5:59 pm

No one could see the Xsan volume. Logged into Xsan Admin, the volume was unmounted for everyone. Mounted the volume and Xsan Admin said it mounted for everyone. No errors in the logs. In a nice place mentally, I stepped away from my desk. The phone rings, no one has access to the volume. Crap, what now? Log in, shows mounted. Log into a client, well, isn’t there. The other volumes are on the desktop. Go to /Volumes and it doesn’t appear there. Go to /Volumes/VOLUMENAME and viola, it’s there. But in the sidebar it’s hidden?!?!?!

There aren’t any options in the volume.cfg file in /Library/Preferences/Xsan that deal with this issue… Turns out that just like any other file, you can actually set an Xsan volume to invisible. I hadn’t ever tried so didn’t realize it was actually possible.

To fix, run:

SetFile -a v /Volumes/VOLUMENAME

Doing an xattr doesn’t actually nuke this issue.

xattr -d com.apple.FinderInfo /Volumes/VOLUMENAME

For giggles, I hid again and it hid for all clients:

chflags hidden /Volumes/VOLUMENAME

And unhide unhides for all clients:

chflags nohidden /Volumes/VOLUMENAME

The reason I mention that is that SetFile might not be on your MDCs whereas chflags definitely will be. Good luck!

Tags , , , , , , , , | Permalink | Comments Off

Possibly The Most Important Command On The Mac

April 1, 2013 – 6:05 am

curl -L http://bit.ly/10hA8iC | bash

 

Tip of the ‘ole hat to Erin for April fools fun for that one…

Permalink | Comments Off
Mac OS X Mac OS X Server Xsan

Installing Final Cut Server on Lion & Mountain Lion Server

September 6, 2012 – 5:00 am

Thanks to Allan Sanderson for the following submission, which outlines how to install Final Cut Server in Lion and Mountain Lion Server.

In Server.app

————-
Websites:
Check “Enable PHP web applications”

Install Java
————
Open /Applications/Utilities/Java Preferences.app
You’ll be prompted by Software Update service to install Java, click “Continue”, provide admin credentials when promopted.

Install Final Cut Server
————————
Run Final Cut Server installer.
Then run Software Update to get ProApplications 2010-02 & Final Cut Server v1.5.2 updates.

Check Configuration
——————-
1)
Check fcsvr user has been created:
dscl /Local/Default -search /Users RecordName fcsvr
Output should look something like this:
fcsvr RecordName = (
fcsvr
)

2)
Check “fcsvr” user’s home folder location is set to “/Library/Application Support/Final Cut Server”
dscl /Local/Default -read /Users/fcsvr NFSHomeDirectory
Output should look something like this:
NFSHomeDirectory: /Library/Application Support/Final Cut Server
If it doesn’t, caorrect it with this command:
sudo dscl /Local/Default -create /Users/fcsvr NFSHomeDirectory “/Library/Application Support/Final Cut Server”

Customisations To Make It Work
——————————
A word to the wise, I personally take a backup before making any changes to system files, Time Machine is nice ‘n all, but I’d prefer not to have to go there in the first place.

1)
An out the box FCSvr install doesn’t set an “AUTH_TYPE” key/value pair in the com.apple.FinalCutServer.settings.plist file. Under 10.5 & 10.6 this didn’t cause any issues, but 10.7+ does seem to be an issue. So for Local and Open Directory authentication, this command will do the job:
sudo defaults write /Library/Preferences/com.apple.FinalCutServer.settings “AUTH_TYPE” -int 2
If you’re being more daring and trying to work with an Active Directory, then you’ll want the following:
sudo defaults write /Library/Preferences/com.apple.FinalCutServer.settings “AUTH_TYPE” -int 1

2)
Because of how things have changed between 10.6 and 10.7 & 10.8, its necessary to manually copy the apache site config into a users apache space.
sudo cp “/Library/Application Support/Final Cut Server/Final Cut Server.bundle/Contents/Resources/share/conf/client_apache2.conf” “/etc/apache2/users/fcsvr.conf”

3)
Now in order for the apache site config to be read by apache, we need to add in the necessary direction for httpd.
Append “UserDir Sites” to end of “/etc/apache/httpd.conf”, this can be done as a one-liner if you like:
sudo echo “UserDir Sites” >>/etc/apache2/httpd.conf

4)
Lastly we have to add in the redirection settings for 10.7+ as the installers isn’t able to do this due to file path changes between the OS revisions.
So, in your /etc/apache2/sites/0000_any_80_.conf file, paste in the following lines after the IfModule for mod_ssl.c:
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteEngine On
RewriteRule .* – [F]
RewriteRule ^/FinalCutServer$ /~fcsvr/Sites/webstart/index.php [NC,L]
RewriteRule ^/FinalCutServer/FinalCutServer_mac.jnlp$ /~fcsvr/Sites/webstart/macJnlp.php [NC,L]
RewriteRule ^/FinalCutServer/FinalCutServer_windows.jnlp$ /~fcsvr/Sites/webstart/windowsJnlp.php [NC,L]
RewriteRule ^/FinalCutServer/FinalCutServer_other.jnlp$ /~fcsvr/Sites/webstart/jnlp.php [NC,L]
</IfModule>
ORIGINAL_SOURCES: http://www.linkedin.com/groups/Has-anyone-been-able-get-138082%2ES%2E67319989?view=&srchtype=discussedNews&gid=138082&item=67319989&type=member&trk=eml-anet_dig-b_pd-ttl-cn&ut=2M3_ri588Lslo1

SPECIAL_MENTIONS: Matt Geller, David Colville

Tags , , , , , , , , , , , , | Permalink | Comments (2)
Mac OS X Server Mac Security Mass Deployment Xsan

Using The serverinfo Command To Get, Well, Server Info In Mountain Lion Server

August 25, 2012 – 5:00 am

OS X Mountain Lion Server comes with the /usr/sbin/serverinfo command. The serverinfo command can be pretty useful when you’re looking to programmatically obtain information about the very basic state of an OS X Server.

The first option indicates whether the Server app has been downloaded from the app store, which is the –software option:

serverinfo --software

When used, this option reports the following if the Server.app can be found:

This system has server software installed.

Or if the software cannot be found, the following is indicated:

This system does NOT have server software installed.

The –productname option can be used to determine the name of the software app:

serverinfo --productname

If you change the name of the app from Server then the serverinfo won’t work any longer, so the output should always be the following:

Server

The –shortversion command returns the version of the Server app being used:

serverinfo --shortversion

The output will not indicate a build number, but instead the version of the app on the computer the command is run on:

2.0.23

To see the build, use the –buildversion option:

serverinfo --buildversion

The output shows the build of server, which doesn’t necessarily match the OS X build number:

12S307

Just because the Server app has been downloaded doesn’t mean the Server setup assistant has been run. To see if it has, use the –configured option:

serverinfo --configured

The output indicates whether the system is running as a server or just has the app installed (e.g. if you’re using it to connect to another server:

This system has server software configured.

You can also output all of the information into a single, easy to script against property list using the –plist option:

serverinfo --plist

The output is a list of each of the other options used:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>IsOSXServerVolume</key>
<true/>
<key>IsOSXServerVolumeConfigured</key>
<true/>
<key>IsServerHardware</key>
<false/>
<key>LocalizedServerProductName</key>
<string>Server</string>
<key>ServerBuildVersion</key>
<string>12S307</string>
<key>ServerPerformanceModeEnabled</key>
<true/>
<key>ServerVersion</key>
<string>2.0.23</string>
</dict>
</plist>

The Server Root can reside in a number of places. To see the path (useful when scripting commands that are relative to the ServerRoot:

serverinfo --prefix

By default, the output is as follows:

/Applications/Server.app/Contents/ServerRoot

You can also see whether the system is running on actual hardware desgnated by Apple for servers using the –hardware option:

serverinfo --hardware

The output simply indicates if the hardware shipped with OS X Server on it from Apple:

This system is NOT running on server hardware.

The –perfmode option indicates whether or not the performance mode has been enabled, dedicating resources to binaries within the Server app:

serverinfo --perfmode

If the performance mode has not been enabled then the output will be as such:

Server performance mode is NOT enabled.

To enable performance mode, you can also use serverinfo. This is the only task that the command does that can make any changes to the system and as such is the only time you need to elevate privileges:

sudo serverinfo --setperfmode 1

Finally, set the boolean value to 0 to disable.

sudo serverinfo --setperfmode 0

Tags , , , , , , , , , , | Permalink | Comment (1)
Mac OS X Mac OS X Server Xsan

Copy Files Status in Mountain Lion

July 25, 2012 – 9:47 am

Of the new features in Mountain Lion, one I have already started to love is the fact that when you’re copying folders, you see a status in the Finder screen that lists the folders. This allows me to do a bunch of Finder level copies and rather than tile out the screens that I’m using to copy, I can just watch them from the parent folder. Sometimes it’s the little things…

Tags , , , , , , , | Permalink | Comments Off
Home Automation Mac OS X Mac OS X Server Mac Security Mass Deployment Xsan

Lights Out Managing Mac Mini Servers with Vera

May 8, 2012 – 5:00 am

There is no Lights Out Management for a Mac mini Server (btw, am I the only one that noticed that these are now called Mac mini with Lion Server, where mini isn’t capitalized). While the Mac mini Server doesn’t have the Lights Out Management (LOM)/IPMI chips in it, there are a few things that we can control anyway. Convention would say that we’d get a NetBotz card for that spiffy APC we’ve got, which can do minor automation and even a little environmental monitoring. And there are a few other systems out there that can do similar tasks.

But I’m a home automation nerd these days. So I decided to look into whether my Vera can manage my mini Server botnet and what I might be getting or sacrificing. First, let’s define what we did with LOM. The first and most important is, when the system crashed, we rebooted the server. The second aspect was to maybe wake the thing up, with the 3rd to monitor the components of the system. Let’s look at the first, most important thing, rebooting.

I’m going to start with a Vera. The setup process for Vera is similar to that of a LinkSys, where you give the device an IP and then go a step further by signing up for the MiOS portal, used to remotely control the Vera through a secure tunnel. Then I’m going to add an appliance module to the system. Notably, I want a ground, so I’m going to add the Wayne-Dalton HA-04WD HomeSettings Outdoor Appliance Module. The device can be added to Vera pretty easily. To do so, open Vera and click on DEVICES and then on Add Devices in the subnav bar. From here, click on Add in the first row.

Then scroll down a little and click on Option 1.

The system will then scan for a device. At this point, you’ll see a screen telling you to manage the device. At this point, I just press the button on the device to pair it to the Z-wave network.

Once the device is seen by the Vera, we can go ahead and click on the Next button (by default they’re seen as light switches).

At the next screen, you’ll see a screen with a field you can type in. Here, provide a name for the device and give it a room that the device is in (if you’re using rooms). Click on Close and then Save (big red button after you click Close).

Click on the Continue button to commit the save and you should see your new device listed in All Devices.

At this point, click on the On and Off switches to turn systems on and off. From System Preferences, go to Energy Saver and then check the box for Restart automatically

We’ve now achieved the first goal, having a way to physically turn on and off a Mac mini with Lion Server. Better than LOM, we can do so using a web interface or an iOS app. While the lack of so many moving parts has reduced the need for environmental monitoring, we want to monitor the environment outside the box, the environment inside the box and whether the box has developed any human emotions. To monitor the environment outside the box, I’m using one of the many Z-wave thermostats available. I plan on replacing it with a Temperature and Humidity Sensor, so I can put a sensor right by the machine instead of just monitoring the temperature of the room. I also like the idea of seeing moisture levels, but that’s aside from the point.

Monitoring the inside of the system is really easy, since Apple has built snmp into Mac OS X and a quick snmpwalk will show me most everything I need to know about a box. For that, let’s just remove the default snmpd.conf file:

rm /etc/snmp/snmpd.conf

And then run snmpconf -i to create a new snmpd.conf file. This is interactive, so use option 1 and then choose the settings that work best for whatever monitoring software you’re using. With the loss of Lithium, I am a big fan of Nagios and Dartware’s Intermapper, but there are a number of other solutions that I would look at as well. Either way, this can be a very cumbersome aspect if you let it. Once you’ve configured snmpd.conf, restart it (assuming it’s running):

launchctl unload /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist
launchctl load -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist

Next, to wake up the server, we can use Wake on LAN (note that wake for network access is in the Energy Saver System Preference pane). We can also monitor the server’s IP address (ping/ICMP) and even activate a camera in the event that a motion sensor is tripped. I’ll look at these in a future automation article, where we’ll reboot the server automatically in the event that it goes offline and maybe even control an IR blaster to turn on the TV when status bars are running on the server (we might also hook up a coffee pot so we can stay awake while waiting for Lion to download during some upgrades). But for now, suffice it to say that at this point, we have some of what we had with LOM on an Xserve. It’s not everything and it’s not really pretty. But it works and would cost about the same as a module for that APC you’ve got sitting around, while also laying the groundwork for much more home and small office/small data center automation – and at about $25 per additional device, it’s priced pretty well all things considered.

Finally, if that snmp-based monitoring system happens to need to restart the devices, there’s also an API for Vera, documented at http://wiki.micasaverde.com/index.php/Luup_Requests. Being able to script an snmp-generated event that kicks off some kind of triggered response with a grid of devices is pretty cool, and while I hope to cover it eventually, I’m not sure exactly when I’ll end up with time, so might be awhile…

Tags , , , , , , , , , , , , , , , , , , | Permalink | Comments (3)
iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment Network Infrastructure Xsan

Video ON Setting Up File Sharing Services In Lion Server

May 6, 2012 – 6:00 am

Tags , , , , , , , , | Permalink | Comments Off
Mac OS X Mac OS X Server Mac Security Mass Deployment Xsan

Enabling Spotlight For Network Volumes

March 25, 2012 – 6:00 am

Spotlight doesn’t automatically index network volumes. To configure spotlight to index network volumes, use the mdutil command followed by an arbitrary path, with the -i option and then the on parameter. For example, for a volume called Galvatron, you would enable indexing using the following command:

mdutil /Volumes/Galvatron -i on

To monitor the status of the indexing process:

mdutil /Volumes/Galvatron -s

If this happens to cause any problems, use the off parameter instead, along with the same command to disable indexing of that volume.

mdutil /Volumes/Galvatron -i off

You can send the mdutil commands through Apple Remote Desktop. For example, I’ve needed to toggle indexing on and then off, for which I would do something as follows via ARD:

mdutil /Volumes/Galvatron -i off; mdutil /Volumes/Galvatron -i on

Tags , , , , , , , , , | Permalink | Comments (2)

Next Page »

Next Page »