Over the years, I’ve setup dozens of Synology Network Appliances for customers and friends. But I never thought of doing much writing in the NAS space, be it for ReadyNAS, Thecus, Buffalo, etc. The interfaces seemed to change too fast and my focus was always on the management and connectivity of Apple devices. Slowly, over the years, small business servers have gone from being something you could make a decent living to something that should probably be hosted in the cloud.
Unless you have a design requirement that just can’t work in the cloud. And for that, there are a ton of options. Today we’ll cover the basic setup of a Synology to fill one of those options. Synology has a number of models. There are those that have multiple drive bays that allow you to run a RAID 50 and there are those with just two drive bays, that allow you to run RAID 1, or 0. But most have a similar, and sleek setup process. Start by putting all the drives in the bays and then powering up your device.
When the device comes online, plug in your Ethernet cable (preferably to a gig or 10gig interface) and then open your web browser and go to http://find.synology.com
. You’ll see a pretty basic screen with details about the device. Click Connect.
When prompted, click Set Up.
When prompted, install the latest security updates (note: you want to do this before you start sending sensitive credentials over the wire. It’s fast. )
This is important. Those drives you put in that Synology were empty, right? ‘Cause if you proceed here, they better be. Or they will be after. If they are empty, check the box and click OK.
At the “Create your administrator account” screen enter the hostname you want to be given to your server, a username, password, password a second time to make sure, and blood type. Wait, blood type goes on the next screen, so click Next.
Sike! No blood type required. At the superfluous Congratulations screen, click next again!
At the maintenance window, select a time that the device can install updates and reboot. Also, it’s a good idea to check both of the boxes at the bottom – S.M.A.R.T. tests don’t always save you from catastrophic data loss, but it does save you way more than if you don’t use it. And bad sector warnings aren’t good either. Click Next.
A QuickConnect account allows you to access your server remotely. That’s a great thing to have. If you have one, provide it here; otherwise, give Synology an email address and password and they’ll make it simple to manage your device remotely (which includes grabbing files off it when you’re at work, etc).
Copy that link (although it’s kinda’ easy to remember as it’s QuickConnect.to/<DEVICENAME>).
I’m ok skipping the recommended packages, as I like to have more control of what’s installed on my devices, but if you’re just going to use a Synology as a basic file or Time Machine server and want as few steps as possible here, click Install.
That’s it, click OK to be donezo.
When you finally get into the main screen, notice that it’s kinda’ like a stripped down KDE interface. The main two things to know are Control Panel and Package Center. If you skipped installing some of the packages in the previous step, you’ll do that in Package Center. But first, let’s check out the global device settings by clicking on Control Panel.
At the Control Panel, the main things most users will want to do first are manage accounts and addresses (if you’re going to connect client computers to a file server, for example, you’re gonna’ want a static IP). So let’s click Network to configure a network interface.
The General tab is for configuring your default gateway, upstream name servers, etc. Click Network Interface so we can enter a static address for a LAN interface. But before you do, take note that the Traffic Control tab provides the ability to do some basic traffic shaping if this box is going to run multiple services.
Let’s click on the LAN interface.
Here, you can enter the IP, subnet mask, gateway, and name server. Make sure the IP doesn’t overlap with an existing device or with a DHCP pool. I won’t go into configuring a Synology for VLAN tagging or to be a first class citizen on an 802.1x network, but note that both of those options are available here. Click OK to save your changes.
You didn’t pay good money for this thing for no reason. So next, let’s close these screens and go back to the main screen. Open Package Center.
As you can see, there are a ton more services here than, for example, the built-in services on a macOS Server. And it’s as easy as clicking on the Install button to get started with each.
krypted March 15th, 2018
Posted In: Network Infrastructure
configuration, nas, setup, static ip, Synology
Apple Configurator 2 is a great new evolution in iOS initial and configuration management. And there are lots of great options. And to help you wrap your head around all this new fun stuff, I’ve written up a quick and dirty guide for using Apple Configurator 2
It’s not completely done, but it will be shortly. Hope this help someone. Enjoy!
krypted November 14th, 2015
Posted In: Apple Configurator, iPhone, Mass Deployment
blueprints, change wallpaper, configuration, Enrollment, guide, how to use apple configurator 2, ios, iPad, iPhone, MAC, mdm, profiles, setup
The options for Open Directory continue to get more refined, aligning with opendirectoryd. The odutil command is becoming more and more useful with each version of OS X. Let’s inspect the directory service cache, using odutil with the show verb and the cache option:
odutil show cache
You can also view statistics for opendirectoryd using that show verb but with the statistics option:
odutil show statistics
And to see everything, use odutil with the show verb and the all option to get plenty of data to grep through:
odutil show all
The final show option we’ll look at is configuration. Here, you will also need to feed a directory nodename into the command:
odutil show configuration /Search
Now, /Search is a node but there are a lot. You can use show with nodes to see a listing of all the nodes:
odutil show nodes
You can then see which pids have references to opendirectoryd as well as the nodenames, reference IDs, and session IDs.
All of this can be very helpful when troubleshooting Open Directory issues. One thing I find I do pretty frequently is resetting statistics then repeating a process that is causing a problem so I can view only the updated statistics. To do so:
odutil reset statistics
You can also disable statistics (I’ve seen them create performance concerns:
odutil set statistics off
Or to turn them back on:
odutil set statistics on
Once upon a time you could killall DirectoryService with a -usr level to set various logging levels. With opendirectoryd, we can still do that, but it’s less cludgy with odutil. Here, we’ll set the logging level as detailed as we can get:
odutil set log debug
Other levels, in ascending order of verbosity, include alert, critical, error, warning, notice, and info.
krypted July 10th, 2015
Posted In: Active Directory, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment
bash, configuration, directory domains, directory nodes, nodes, odutil, opendirectoryd, statistics
Mountain Lion Server comes with a few new alerting options previously unavailable in versions of OS X. The alerts are sent to administrators via servermgrd and configured in the Server app. To configure alerts in Mountain Lion Server, open the Server app and then click on Alerts in the Server app sidebar. Next, click on the Delivery tab.
At the Delivery screen, click on the Edit button for Email Addresses and enter every email address that should receive alerts sent from the server. Then click on the Edit button for Push Notifications. Here, check the box for each administrator of the server. The email address on file for the user then receives push notifications of events from the server.
Click on OK when you’ve configured all of the appropriate administrators for alerting. Then, check the boxes for Email and Push for each of the alerts you want to receive (you don’t have to check both for each entry). Options include:
- Certificate expiration: One of the certificates installed on the system (including Push) will expire soon and needs to be updated.
- Disk unreachable: A disk that was mounted on the server is no longer available (you will get these when you rotate offsite backup hard drives if using spinning or solid state disks)
- S.M.A.R.T. status: A disk has an error with its S.M.A.R.T. What this really means usually is that it would be very smart to replace the disk that’s likely to fail soon
- Disk space: The server is running out of hard drive space
- Mail storage quota: A violation to the mail quota is exceeded
- Virus detected: A virus was detected on the server
- Network configuration change: The port state of the server changed, an IP address changed, etc.
- Software updates: There are software updates available to be installed on the server computer
Some of these settings can be configured a little more granularly. For example, by default the disk space alert is sent when there is only 5% of the free space available on the server. To increase this to 10, edit the serveradmin settings to swap info:notifications:diskFull:freeSpaceThreshold with 10 rather than 5:
sudo serveradmin settings info:notifications:diskFull:freeSpaceThreshold = 10
To see a list of all notifications options run:
sudo serveradmin settings info:notifications
Which provides the following:
info:notifications:certificateExpiration:active = no
info:notifications:certificateExpiration:who = _empty_array
info:notifications:suAvailable:active = no
info:notifications:suAvailable:who = _empty_array
info:notifications:diskFull:active = no
info:notifications:diskFull:who = _empty_array
info:notifications:diskFull:freeSpaceThreshold = 5
Finally, as with previous versions of OS X Server, Mountain Lion Server has snmp built in. The configuration file for which is located in the /private/etc/snmp/snmpd.conf and the built-in LaunchDaemon is org.net-snmp.snmpd, where the actual binary being called is /usr/sbin/snmpd (and by default it’s called with a -f option). Once started, the default community name should be COMMUNITY (easily changed in the conf file) and to test, use the following command from a client (the client is 192.168.210.99 in the following example):
snmpwalk -On -v 1 -c COMMUNITY 192.168.210.99
krypted August 4th, 2012
Posted In: Mac OS X, Mac OS X Server, Mac Security
alerts, configuration, Email, full, monitoring mac os x, mountain lion, notification, push, smart, testing