krypted.com

Tiny Deathstars of Foulness

We covered using Time Machine Server previously. Here, we’re going to look at backing up the settings of an OS X Server. To do so, we’re going to install a little app called Bender from the great folks at Robot Cloud. You can download that from http://robotcloud.screenstepslive.com/s/2459/m/5322/l/94467-bender-automated-backup-of-os-x-server-settings.

Screen Shot 2015-09-24 at 10.51.00 PM

Once downloaded, run the package installer.

Screen Shot 2015-09-24 at 10.49.32 PM

At the Welcome to Bender screen, click Continue.

Screen Shot 2015-09-24 at 10.52.03 PM

Agree to the licensing agreement by clicking the Continue button.

Screen Shot 2015-09-24 at 10.52.22 PM

Click Agree again (assuming of course that you agree to the license).

Screen Shot 2015-09-24 at 10.52.57 PM

Choose who you wish to install the software for and click Continue.

Screen Shot 2015-09-24 at 10.53.52 PM

I’d go ahead and install Bender at the default location, so click Install. Once the installer is complete, you can view the installed LaunchDaemon at /Library/LaunchDaemons/net.robotcloud.bender.plist. Note that it calls the /usr/local/robotcloud/bin/bender binary when run at 22:00 every day. If you edit this file, the following settings are available:

host=$(hostname)
macOS=$(sw_vers | awk ‘/ProductVersion/{print substr($2,1,5)}’ | tr -d “.”)
macSN=$(system_profiler SPHardwareDataType | awk ‘/Serial Number/{print $4}’)
date=$(date +%Y-%m-%d-%H%M)
pass=$(system_profiler SPHardwareDataType | awk ‘/Hardware UUID/{print $3}’)
logPath=”/usr/local/robotcloud/logs/bender.log”
pipPath=”/usr/local/robotcloud/bin/scroobiuspip”
pipTitle=”Bender Backup Error on: $macSN”
backupDestination=”/Backups/$date”
keepUntil=”14″
version=”2.3″
versionCheck=”$1″

The most important of these is the backupDestination. You can set this to be the /Backups folder as it is above, or set it to be an external drive. Either should be backed up using your standard backup software.

September 15th, 2016

Posted In: Mac OS X Server

Tags: , , , ,

When I’m working on a little bash script, I’ll often make a backup, each time I save and test. Then I can revert back, if I need to. The syntax I’ll use is to cp and then curly-bracket the output into .bak files (that’s a 90s era file extension I use for such nonsense):

cp filename.sh{,.bak}

So if I’m writing a script called MYSCRIPT.sh:

cp MYSCRIPT.sh{,.bak}

The resultant backup of the script is MYSCRIPT.sh.bak.

March 22nd, 2016

Posted In: Mac OS X, Unix

Tags: , , ,

You can use the SELECT INTO statement finds data and then copies that data between tables or databases. To do so, use the following syntax:

SELECT *
INTO newtablename
FROM tablename;

So to copy that Customers table to a new table called Customers2:

SELECT *
INTO Customers2
FROM Customers;

Or to copy only certain columns into Customers2, we’d use the following:

SELECT ID,Site
INTO Customers2
FROM Customers;

February 16th, 2016

Posted In: SQL

Tags: , , , , ,

One of the more common tasks performed in Apple Configurator is to create a backup of a device and restore that backup to multiple devices. This backs up the icon placement on screens, the settings on the device and anything not stored in the operating system or secure enclave of a device. Once you’ve created a backup, you can assign that backup to a blueprint or deploy the backup to individual devices.

To create a backup, first open Apple Configurator 2 and tether a device to the computer running Apple Configurator.

Screen Shot 2015-11-03 at 8.14.35 AM

Next, right-click on a device and then choose the Back Up option.

Screen Shot 2015-11-03 at 8.14.23 AM

Once you unlock the device (if locked) the backup process will start.

Screen Shot 2015-11-03 at 8.14.58 AM

That’s it. Nice and easy. You can now use the backup to restore devices or assign the backup to a blueprint so it will be used to restore devices that the blueprint is applied to.

November 10th, 2015

Posted In: iPhone

Tags: , , , , , , ,

The Time Machine service in OS X Server 5 hasn’t changed much from the service in previous operating systems. To enable the Time Machine service, open the Server app, click on Time Machine in the SERVICES sidebar. If the service hasn’t been enabled to date, the ON/OFF switch will be in the OFF position and no “Backup destination” will be shown in the Settings pane.

Screen Shot 2015-09-22 at 10.55.26 PM

Click on the ON button to see the New Destination screen, used to configure a list of volumes as a destinations for Time Machine backups. The selection volume should be large enough to have space for all of the users that can potentially use the Time Machine service hosted on the server. When you click the Choose button, a list of volumes appears in a standard Finder selection screen.

Screen Shot 2015-09-22 at 10.56.28 PM

Here, click on the volume to save your backups to in the sidebar. In most cases the Backup destination will be a mass storage device and not the boot volume of the computer. Once selected, click Choose and then if desired, limit the amount of storage on the volume to be used for backups. Click Create and a share called Backups is created and the service will start. Don’t touch anything until the service starts. Once started, add a backup destination at any time using the plus sign button (“+”) and defining another destination.

Screen Shot 2015-09-22 at 11.03.43 PM

Time Machine Server works via Bonjour. Open the Time Machine System Preference pane and then click on the Select Backup Disk button from a client to see the server in the list of available targets, much as you would do with an Apple Time Capsule.

Screen Shot 2015-09-22 at 10.59.23 PM

Under the hood, a backup share is creating in the file sharing service. To see the attributes of this share, use the serveradmin command followed by the settings option and then the sharing:sharePointList:_array_id:, so for a path of /Volumes/New Volume 1/Shared Items/Backups use:

sudo serveradmin settings sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups

The output indicates the options configured for the share, including how locking is handled, guest access disabled, generated identifiers and the protocols the backups share listens as:

sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:name = "Backups"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbName = "Backups"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:nfsExportRecord = _empty_array
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:afpIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:isTimeMachineBackup = yes
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:dsAttrTypeNative\:sharepoint_group_id = "F4610C2C-70CD-47CF-A75B-3BAFB26D9EF3"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:isIndexingEnabled = yes
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:mountedOnPath = "/Volumes/New Volume 1"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:dsAttrTypeStandard\:GeneratedUID = "FAB13586-2A2A-4DB2-97C7-FDD2D747A0CD"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:path = "/Volumes/New Volume 1/Shared Items/Backups"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbIsShared = no
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:afpName = "Backups"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbDirectoryMask = "755"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:afpIsShared = yes
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbCreateMask = "644"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:ftpName = "Backups"
sharing:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:timeMachineBackupUUID = "844A1C43-61C9-4F99-91DE-C105EA95BD45"

Once the service is running, administrators frequently fill up the target volume. To move data to another location, first stop the service and then move the folder (e.g. using mv). Once moved, use the serveradmin command to send settings to the new backup path. For example, to change the target to /Volumes/bighonkindisk, use the following command:

sudo serveradmin settings sharing:sharePointList:_array_id:/Shared Items/Backups:path = "/Volumes/bighonkindisk"

Another way to see the share and attributes of the share is through the sharing command:

sharing -l

Which should show output similar to the following:

List of Share Points
name: Backups
path: /Shared Items/Backups
afp: {
name: Backups
shared: 1
guest access: 0
inherit perms: 0
}
ftp: {
name: Backups
shared: 0
guest access: 0
}
smb: {
name: Backups
shared: 0
guest access: 0
}

There’s also a Bonjour service published that announces to other clients on the same subnet that the server can be used as a backup destination (the same technology used in a Time Capsule). One major update from back in Mavericks Server is the addition of the timemachine service in the severadmin command line interface. To see the command line settings for Time Machine:

sudo serveradmin settings timemachine

The output shows that share info is displayed as with the sharing service, but you can also see the GUID assigned to each share that is a part of the backup pool of storage:

timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:dsAttrTypeStandard\:GeneratedUID = "FAB13586-2A2A-4DB2-97C7-FDD2D747A0CD"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbName = "Backups"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:afpIsGuestAccessEnabled = no
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbDirectoryMask = "755"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:afpName = "Backups"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbCreateMask = "644"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:nfsExportRecord = _empty_array
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:path = "/Volumes/New Volume 1/Shared Items/Backups"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbIsGuestAccessEnabled = no
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:name = "Backups"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:ftpName = "Backups"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:smbIsShared = no
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:afpIsShared = yes
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:timeMachineBackupUUID = "844A1C43-61C9-4F99-91DE-C105EA95BD45"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:isTimeMachineBackup = yes
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:backupQuota = 0
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:dsAttrTypeNative\:sharepoint_group_id = "F4610C2C-70CD-47CF-A75B-3BAFB26D9EF3"
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:isIndexingEnabled = yes
timemachine:sharePointList:_array_id:/Volumes/New Volume 1/Shared Items/Backups:mountedOnPath = "/Volumes/New Volume 1"
Additionally you can also query for the service to verify it’s running using full status:
sudo serveradmin fullstatus timemachine
Which outputs something similar to the following:
timemachine:command = "getState"
timemachine:state = "RUNNING"

While I found plenty to ramble on about in this article, Mass deployment is still the same, as is client side configuration.

September 23rd, 2015

Posted In: Mac OS X Server, Time Machine

Tags: , , , , , , , , ,

One of the things that is awesome and sometimes frustrating about Apple Configurator is that when you do certain tasks, you end up updating the OS on devices. The reason this is awesome is that it allows you to centralize operations. The reason this can be frustrating is that if you’re on a limited bandwidth connection, you may find that you can’t do very basic tasks before downloading a large OS update. And if you’ve got a bunch of Apple Configurator workstations, and you are running a training session, this can get infinitely more annoying.

In these types of lab environments, you’re in luck. If you have an ipsw (the iOS OS update file), you can copy the file from ~/Library/Containers/com.apple.configurator/Data/Library/Caches/com.apple.configurator/Firmware/ onto another machine. To copy them onto a USB drive called bananarama for example, use the following command:

cp -R ~/Library/Containers/com.apple.configurator/Data/Library/Caches/com.apple.configurator/Firmware/ /Volumes/bananarama/ipsws/

And once you’ve moved that drive, to then copy them back:

cp -R /Volumes/bananarama/ipsws/ ~/Library/Containers/com.apple.configurator/Data/Library/Caches/com.apple.configurator/Firmware/

August 22nd, 2015

Posted In: Apple Configurator

Tags: , , , , , , , ,

You can easily create a backup of an iOS device using Apple Configurator. Once you’ve created a backup, it can be restored onto a number of devices. This contains iOS data and data outside of the secure enclave. These backups allow you to restore an iOS device, add apps (not using the backup), set backgrounds, set app locations on the home screen, etc.

To do so, open Apple Configurator and then click on the Prepare icon.

Screen Shot 2015-08-15 at 12.02.27 AM

At the Prepare screen, click into the Restore field and then click on the Create Backup button.

Screen Shot 2015-08-15 at 12.02.31 AM

At the pop-up menu, select the device you’re backing up (usually there’s only one) and then click on the Create Backup button.

Screen Shot 2015-08-15 at 12.02.41 AM

Then choose the location you’d like to place the backup file.

Screen Shot 2015-08-15 at 12.04.14 AM

Click Save and the backup starts.

Screen Shot 2015-08-15 at 12.04.30 AM

Once the backup is complete, you will have an iosdevicebackup file in the location you saved the file to. This is stored on the iOS device and can then be restored to other devices.

August 15th, 2015

Posted In: Apple Configurator, iPhone

Tags: , , , , ,

Database won’t start? InnoDB errors are a pain. Where was krypted for a month? Did everything finally get to me and I gave up blogging? No, the site ended up having some problems with corruption in some rows of the InnoDB tables. But, I was able to get the site back up by putting the database into recovery mode. How did I do this? It’s pretty straight forward. Open my.cnf and paste these lines in there:

innodb_force_recovery=3
innodb_purge_threads=0

Once the corruption is resolved, bring up empty databases and import your mysqldump into the new databases and link your site back up. But, the InnoDB force recovery puts the database into recovery mode, which is read only. So I wasn’t actually able to use the site, just look at it. At least the content was available, right? When MySQL isn’t writeable, you can’t log in as an admin, etc. The rest is one of the bigger pains I’ve encountered that didn’t result in an all nighter at a customer. I’ll write that up when I have time some day. In the meantime, next time someone changes my root password and breaks my backup scripts so I can’t just bring in a mysqldump, I’m breaking their arms. You’ve been warned.

May 15th, 2015

Posted In: Mac OS X, Ubuntu, Unix, WordPress

Tags: , , , , , , ,

ChronoSync is one of those tools that’s been in the Mac community for a long time (rightfully so). It’s been a little while since I got the chance to really tinker around with ChronoSync so I thought I’d do a little article on what I got to find during my tinkerations. To get started with ChronoSync, go to their website at http://www.econtechnologies.com/chronosync/overview.html. Next, we’re going to walk through the most basic of setups (and you can get all kinds of complicated from there if you’d like!).

Once you’ve downloaded, ChronoSync, run the installer from the disk image that was downloaded.

Screen Shot 2015-01-31 at 11.50.13 AM

Then walk through the installer, basically following the defaults (unless you’d like to install to a volume other than your boot volume).

Screen Shot 2015-01-31 at 11.50.15 AM

Once the installer is finished, open the app and register the product.

Screen Shot 2015-01-31 at 11.53.16 AM

Once registered, you’ll see a nice screen giving you a few options. We’re going to create a single plan (synchronizer document) to backup a single source to a single target. To do so, click on the option to “Create a new synchronizer document”.

Screen Shot 2015-01-31 at 11.53.55 AM

At the Setup screen, you have a right and left column. When I used to do a lot of manual migrations, I would always always  always line up my source on the left and my target on the right (or invariably you risk data loss by copying in the wrong direction), so the workflow in ChronoSync has always made sense to me. Because a lot of the data I use needs root access, I’m going to select “Local Volumes (Admin access)” in the “Connect to” field and then use the Choose button to select my actual source. Repeat that process in the Right Target section of the screen.

Screen Shot 2015-01-31 at 11.54.10 AM

The default action that will be performed is to backup from the left to the right targets (the term target referring to the folder, not that it’s a source or target in the backup operation). Click into the Operation field to bring up a list of the options that can be performed between your left and right targets.

Screen Shot 2015-01-31 at 12.10.07 PM

The option I’m selecting is “Synchronize Bidirectional” as this is an article about syncing data. The other options are pretty well defined in the manual, but it’s worth mentioning that the Bootable Mirror options are especially useful. Once you’ve set the type of sync, you can also use the Options menu to define some pretty granular settings for your sync. For the purposes of this sync, which brings over server shares, I’m going to leave Conflict resolution set to Ask User and use the custom option under the Special File/Folder Handling section to enable the “Verify copied data” option and “Preserve Comments” option. Note that if you’re doing this on servers and would like to stop a service (such as postgres) before a sync and start it after, you can use the scripts section of this screen. You can also configure notifications, sending emails when syncs have errors, or every time there’s a sync.

Screen Shot 2015-01-31 at 12.17.43 PM

Click Rules to build inclusion/exclusion rules (for example, I don’t often sync things like operating system and software installers since I can just go download them again, pretty easily). Click Archive in the sidebar if you’d like to remove files based on a trigger (e.g. if it’s been removed from the source, archive it, etc).

Next, you can simply click Synchronize to run an immediate sync of the files and folders you’ve defined in your Sync Document. Or, you can click Add to Schedule to define when you’d like to run your Synchronization Documents.

There, less than 5 minutes and we’ve got a pretty advanced sync going. Use the Log button to see how everything went. And remember, always verify that the archives and backups are running on a good schedule. For example, I like to have at least a weekly cadence to make sure that media one each side of a sync can still open. It helps me sleep better.

January 31st, 2015

Posted In: Kerio, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , , , ,

In Apple Configurator 1.4.3, which just dropped, you can reduce the setup time for iOS devices. This is pretty helpful in Configuration Centers and when warehousing/performing thin setups of devices. To access this new feature, open Configurator and go to the Prepare screen. From there, you will have the Setup tab. Click on Setup and then in the resultant screen, you will see each of the initial screens in iOS that you can now skip.

Screen Shot 2013-12-18 at 2.46.56 PMSo put this in perspective, if you check the Location Services box and then prepare a device, even if not restoring a backup, you then won’t be prompted for whether or not you want to enable Location Services. Instead, the device will accept the default option. Nice, small new feature, that will save a lot of people a lot of time, even if not using Apple Configurator to Supervise devices.

December 18th, 2013

Posted In: iPhone, Mac OS X Server, Mass Deployment

Tags: , , , , , , ,

Next Page »