The Time Machine service in Mountain Lion Server hasn’t changed much from the service in Lion Server. To enable the Time Machine service, open the Server app, click on Time Machine in the SERVICES sidebar. If the service hasn’t been enabled to date, the ON/OFF switch will be in the OFF position and no “Backup destination” will be shown in the Settings pane.
Click on the ON button to see a list of volumes to use as a destination for Time Machine backups. This should be large enough to have space for all of the users that can potentially use the Time Machine service hosted on the server. When you click the ON button, a list of volumes appears.
Here, click on the volume to save your backups to. In this case, it’s the internal hard drive; however, in most cases the Backup destination will be a mass storage device and not the boot volume of the computer. Once selected, click “Use for Backup” and the service will start. Don’t touch anything until the service starts. Once started, change the backup destination at any time using the Edit button.
Time Machine Server works via Bonjour. Open the Time Machine System Preference pane and then click on the Select Backup Disk button from a client to see the server in the list of available targets, much as you would do with an Apple Time Capsule.
Under the hood, a backup share is creating in the file sharing service. To see the attributes of this share, use the serveradmin command followed by the settings option and then the sharing:sharePointList:_array_id:/Shared Items/Backups
sudo serveradmin settings sharing:sharePointList:_array_id:/Shared Items/Backups
The output indicates the options configured for the share, including how locking is handled, guest access disabled, generated identifiers and the protocols the backups share listens as:
sharing:sharePointList:_array_id:/Shared Items/Backups:dsAttrTypeStandard:GeneratedUID = "1B1C7CFB-2B95-4087-B28B-C786E9CD68E2"
sharing:sharePointList:_array_id:/Shared Items/Backups:smbName = "Backups"
sharing:sharePointList:_array_id:/Shared Items/Backups:afpIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Shared Items/Backups:smbDirectoryMask = "0755"
sharing:sharePointList:_array_id:/Shared Items/Backups:afpName = "Backups"
sharing:sharePointList:_array_id:/Shared Items/Backups:smbCreateMask = "0644"
sharing:sharePointList:_array_id:/Shared Items/Backups:nfsExportRecord = _empty_array
sharing:sharePointList:_array_id:/Shared Items/Backups:path = "/Shared Items/Backups"
sharing:sharePointList:_array_id:/Shared Items/Backups:smbUseStrictLocking = yes
sharing:sharePointList:_array_id:/Shared Items/Backups:smbIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Shared Items/Backups:name = "Backups"
sharing:sharePointList:_array_id:/Shared Items/Backups:smbInheritPermissions = yes
sharing:sharePointList:_array_id:/Shared Items/Backups:ftpName = "Backups"
sharing:sharePointList:_array_id:/Shared Items/Backups:smbIsShared = no
sharing:sharePointList:_array_id:/Shared Items/Backups:afpIsShared = yes
sharing:sharePointList:_array_id:/Shared Items/Backups:timeMachineBackupUUID = "29B22ADA-97A3-46B2-9CB3-8EF9AFC9334E"
sharing:sharePointList:_array_id:/Shared Items/Backups:isTimeMachineBackup = yes
sharing:sharePointList:_array_id:/Shared Items/Backups:smbUseOplocks = yes
sharing:sharePointList:_array_id:/Shared Items/Backups:dsAttrTypeNative:sharepoint_group_id = "59161FF9-78E7-4A41-B071-B6E60866694F"
sharing:sharePointList:_array_id:/Shared Items/Backups:isIndexingEnabled = yes
sharing:sharePointList:_array_id:/Shared Items/Backups:mountedOnPath = "/"
Once the service is running, administrators frequently fill up the target volume. To move data to another location, first stop the service and then move the folder (e.g. using mv). Once moved, use the serveradmin command to send settings to the new backup path. For example, to change the target to /Volumes/bighonkindisk, use the following command:
sudo serveradmin settings sharing:sharePointList:_array_id:/Shared Items/Backups:path = "/Volumes/bighonkindisk"
Another way to see the share and attributes of the share is through the sharing command:
Which should show output similar to the following:
List of Share Points
path: /Shared Items/Backups
guest access: 0
inherit perms: 0
guest access: 0
guest access: 0
There’s also a Bonjour service published that announces to other clients on the same subnet that the server can be used as a backup destination (the same technology used in a Time Capsule).
One major difference between the Time Machine service and others is that there’s no specific serveradmin option for tm or tmutil (the Time Machine command line) or timemachine. Instead, most everything piggy-backs off the sharing service. Also, what I consider a major difference is that most other services now have generic names (e.g. Address Book is now called Contacts, iCal is now called Calendar, etc). The only services still using marketing terms as their names are really Profile Manager, Time Machine and Open Directory. I would expect these to eventually be called Profiles, Backup and Directory to keep the naming convention already started with the rest of the services.
I think that as a free aspect of OS X Server Time Machine Server is well worth the money for small workgroups. However, there are backup solutions from 3rd party vendors worth far more than their purchase price due to reduced disk capacity requirements (e.g. through deduplication), reduced overhead (e.g. by streamlining or accelerating traffic for the backup protocols, or even offloading all the work to the client systems) and allowing for more redundancy to backups (e.g. 2 targets). This additional logic can at first appear to come at a steep cost, but when you look at bandwidth, disk and other expenditures to get Time Machine server integrated it can be a challenge. Also, Time Machine is built to work via Bonjour, meaning that by virtue it’s then limited to smaller subnets. Time Machine Server is a great add-on, but many organizations may quickly outgrow it. Not all though, and so for a SoHo comprehensive server that needs to provide for client-based backups, OS X Server has a great feature in Time Machine.
While I found plenty to ramble on about in this article, nothing has really changed since the Lion iteration of the service. Mass deployment is still the same, as is client side configuration. One change is that the screen for the Time Machine Options on the client no longer has an option for managing Versions, as seen below.
krypted August 1st, 2012
There are a number of ways to troubleshoot network connections on (or using) an iOS device. These can be common troubleshooting steps that you might run from the command line or a third party app on a desktop computer or they could be specific to testing the network environment for an iOS device. Some of these apps are even free.
One of the most common tasks that most administrators routinely do to test both DNS resolution and connectivity is pinging something. Ping Lite comes with a function to show your IP, a ping tool, a tool to ping the subnet, the ability to run trace routes and for good measure a little telnet love as well. Not bad for the fat price of nothing. Developed by MochaSoft, Ping Lite is a must for anyone who does any kind of network troubleshooting, unless you’re paying good money for a more robust tool!
Ping Lite is a great tool for isolating whether you’re having connectivity problems to an IP address. However, if Exchange’s auto discover isn’t working or some other
One of my favorite tools for finding things on the network, Bonjour is a multicast tool and what many of the features meant to be used in a home where zero configuration networking is important
I think that one of the more common tasks in troubleshooting network connections is to determine whether Internet speed is satisfactory. Satisfactory is a relative term. Both relative to the expected performance and relative to the perception of users. For example, the bandwidth that a user is getting on a device may exceed the expected performance based on the speed provided by the DSL, cable modem or other WAN connection provided. However, that speed may be less than what the user’s would like (one can never have enough bandwidth!).
ezShare is a nice little tool that lets administrators log into shares of various types. The cool thing about this little tool is that you can connect via SSH, FTP, WebDAV, S3, Google Docs, Box.net, SMB/CIFS, or NFS. This allows you to test WebDAV from a different tool if you’re having a problem opening WebDAV connections from within Pages, test the speed of downloading a document from a FTP site, check Google Docs or Box.net connectivity and even see if that file server is available when users call in with problems connecting to SMB/CIFS shares on Windows servers.
If you have an Apple AirPort acting as a WAP or the gateway to your office/home then this little app is awesome. Apple has eased the setup process for their Wireless Access Points to the point that you can set the entire thing up, change settings and even troubleshoot the odd connectivity issue without ever touching a desktop computer. AirPort Utility is also a great way to test whether you can connect to shares hosted by devices and update passwords on the fly.
krypted February 13th, 2012
Posted In: iPhone
The process that makes Bonjour work is mDNSResponder, located in /usr/sbin. /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist invokes mDNSResponder on boot. One of the easiest ways to troubleshoot issues you think are related to Bonjour is to temporarily disable the mDNSResponder:
launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
To enable it:
launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
In addition to basic starting and stopping of the mDNSResponder, when troubleshooting any service, one should always look at logs. Log events are logged to the standard syslog facility and so are available via Console. These are locate at /var/log/system.log. Searching for mDNSResponder errors in system.log can also be done from the command line using:
cat /var/log/system.log | grep mDNSResponder
Or interactively so you can watch errors as they appear:
tail -f /var/log/system.log | grep mDNSResponder
To see more information in system.log, send a SIGUSR1 to mDNSResponder using killall:
sudo killall -USR1 mDNSResponder
To then see packet-level information in system.log, send a SIGUSR2 to mDNSResponder:
sudo killall -USR2 mDNSResponder
To dump the state into system.log:
sudo killall -INFO mDNSResponder
mDNSResponder uses Mach port 5123. Each service that is Bonjour-enabled will register itself with mDNSResponder at that port and can be queried. These are similar to DNS records where they have a prefix for the service and a suffix of the TCP/IP type. For example, IPP Printing is _ipp._tcp, Remote Apple Events is _eppc._tcp., Remote Frame Buffer is _rfb._tcp., SSH is _ssh._tcp., SFTP is _sftp-ssh._tcp., Apple’s Home Sharing is called _home-sharing._tcp, iTunes Music Sharing is _afpovertcp._tcp. and AFP is _afpovertcp._tcp. As an example of UDP traffic, ARD is known as _net-assistant._udp.
To see which services are registered (and register services if you build a network service that needs one), use the mDNS command. The -B option for mDNS can be used to query a given namespace. For example, the _afpovertcp._tcp namespace can be queried using the following command:
mDNS -B _afpovertcp._tcp
This would result in the following output, showing all live instances that the system sees:
Timestamp A/R Flags Domain Service Type Instance Name
18:29:40.771 Add 0 local. _afpovertcp._tcp. Krypted MacBook Air
To register services with Bonjour, use the -R operator and to lookup information about a given service instance, use the -L operator. The -L operator allows you to get a lot of information about a given object. Once you have found the object using the -B option you’ll have the Domain and Instance Name. These can be supplied to mDNS to get IPv4, IPv6, port number, and TXT records, which provide a bevy of options, such as information about printers and other services or objects. For example, Mac OS X automatically generates information about printers based on built-in OS information about those printers, such as staple support (Staple=F), collate support (Collate=T) and CUPS admin url’s (adminurl:http://<computer name>:631/printers/<printername>. Other services such as Home Sharing might make heavy use of Machine Name’s or iTunes Database IDs.
To use mDNS to obtain this extended output, use the mDNS command, along with the -L option, followed by the Instance Name (the instance name is defined by the service registering the instance and can be a printer name, a computer name, a GUID or whatever the vendor chooses to use. After the Instance Name, provide the address space (Service Type) and then the domain from the -B output. For example, to look at an HP 8565 shared from Krypted MacBook Air called “HP 8565 Krypted MacBook Air”, I would use:
mDNS -L "HP 8565 Krypted MacBook Air" _ipp._tcp local.
Other operators not in the man page, but available, include -E for finding recommended registration domains, -F for finding information about browsing domains, -A to test updates to records, -U to test updates to TXT records, -N to test updates to NULL records, -T to test adding big records, -M for multiple records and -I for immediately updating records rather than running through cache. Also available for querying is dns-sd, using identical syntax as mDNS and with the same output. Data regarding systems doesn’t always change dynamically. To reload information following changes, use the -flushcache option of dscacheutil:
When I have a chance I’ll try and look at multiple domain name spaces and registering text records as a part 2 of this article, but for now there’s a 2 year old who just woke up and is wanting a little attention (and deservedly so).
krypted March 27th, 2011
Based on a few messages I got after the article on building netatalk to host afp on Linux, it looks like building netatalk to host your shares just isn’t enough. I guess people still like Bonjour or something… In that case, let’s make this netatalk thingie announce itself to the world (er, your local network)!
Avahi is much simpler than netatalk, given that there’s none of this dhx nonsense preventing us from using aptitude (again, this whole thing is for Debian/Ubuntu and you’re gonna’ need to escalate those privileges):
aptitude install avahi-daemon
Then we’re gonna’ need to teach it about the whole afpd service we built, which is done in the manner that makes the least sense for Debian, xml. Create a new file called /etc/avahi/services/afpd.service:
Then paste the XML in there (assuming you’re running afp on port 548:
<?xml version=”1.0″ standalone=’no’?><!–*-nxml-*–>
<!DOCTYPE service-group SYSTEM “avahi-service.dtd”>
And now let’s kick that avahi daemon:
Not nearly as painful as netatalk, avahi makes for a very nice way to let Mac OS X clients know that your server is out there. OH, don’t forget to check that avahi is set in /etc/default/avahi-daemon (the AVAHI_DAEMON_START variable in there should be set to a 1).
krypted November 13th, 2010
Flow is a nice little FTP client. But it also supports WebDAV and SFTP as well as Amazon’s S3 and mounting an iDisk from a Mobile Me account. Unlike JungleDisk it doesn’t seem to mount S3 as an actual disk in Mac OS X, but it can be used to take files from iDisk to S3, which is fairly interesting. Flow also supports discovering all of the local services over Bonjour, which can be pretty helpful. Overall, it’s a nice little application that’s pretty sleek and I look forward to seeing where they go with it.
krypted August 26th, 2009