krypted.com

Tiny Deathstars of Foulness

Apple Configurator 2 is a great new evolution in iOS initial and configuration management. And there are lots of great options. And to help you wrap your head around all this new fun stuff, I’ve written up a quick and dirty guide for using Apple Configurator 2. Screen Shot 2015-11-04 at 10.02.03 PM It’s not completely done, but it will be shortly. Hope this help someone. Enjoy!

November 14th, 2015

Posted In: Apple Configurator, iPhone, Mass Deployment

Tags: , , , , , , , , , , , ,

The options for Open Directory continue to get more refined, aligning with opendirectoryd. The odutil command is becoming more and more useful with each version of OS X. Let’s inspect the directory service cache, using odutil with the show verb and the cache option: odutil show cache You can also view statistics for opendirectoryd using that show verb but with the statistics option: odutil show statistics And to see everything, use odutil with the show verb and the all option to get plenty of data to grep through: odutil show all The final show option we’ll look at is configuration. Here, you will also need to feed a directory nodename into the command: odutil show configuration /Search Now, /Search is a node but there are a lot. You can use show with nodes to see a listing of all the nodes: odutil show nodes You can then see which pids have references to opendirectoryd as well as the nodenames, reference IDs, and session IDs. All of this can be very helpful when troubleshooting Open Directory issues. One thing I find I do pretty frequently is resetting statistics then repeating a process that is causing a problem so I can view only the updated statistics. To do so: odutil reset statistics You can also disable statistics (I’ve seen them create performance concerns: odutil set statistics off Or to turn them back on: odutil set statistics on Once upon a time you could killall DirectoryService with a -usr level to set various logging levels. With opendirectoryd, we can still do that, but it’s less cludgy with odutil. Here, we’ll set the logging level as detailed as we can get: odutil set log debug Other levels, in ascending order of verbosity, include alert, critical, error, warning, notice, and info.

July 10th, 2015

Posted In: Active Directory, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , , , ,

Mountain Lion Server comes with a few new alerting options previously unavailable in versions of OS X. The alerts are sent to administrators via servermgrd and configured in the Server app. To configure alerts in Mountain Lion Server, open the Server app and then click on Alerts in the Server app sidebar. Next, click on the Delivery tab. At the Delivery screen, click on the Edit button for Email Addresses and enter every email address that should receive alerts sent from the server. Then click on the Edit button for Push Notifications. Here, check the box for each administrator of the server. The email address on file for the user then receives push notifications of events from the server. Click on OK when you’ve configured all of the appropriate administrators for alerting. Then, check the boxes for Email and Push for each of the alerts you want to receive (you don’t have to check both for each entry). Options include:
  • Certificate expiration: One of the certificates installed on the system (including Push) will expire soon and needs to be updated.
  • Disk unreachable: A disk that was mounted on the server is no longer available (you will get these when you rotate offsite backup hard drives if using spinning or solid state disks)
  • S.M.A.R.T. status: A disk has an error with its S.M.A.R.T. What this really means usually is that it would be very smart to replace the disk that’s likely to fail soon
  • Disk space: The server is running out of hard drive space
  • Mail storage quota: A violation to the mail quota is exceeded
  • Virus detected: A virus was detected on the server
  • Network configuration change: The port state of the server changed, an IP address changed, etc.
  • Software updates: There are software updates available to be installed on the server computer
Some of these settings can be configured a little more granularly. For example, by default the disk space alert is sent when there is only 5% of the free space available on the server. To increase this to 10, edit the serveradmin settings to swap info:notifications:diskFull:freeSpaceThreshold with 10 rather than 5: sudo serveradmin settings info:notifications:diskFull:freeSpaceThreshold = 10 To see a list of all notifications options run: sudo serveradmin settings info:notifications Which provides the following: info:notifications:certificateExpiration:active = no info:notifications:certificateExpiration:who = _empty_array info:notifications:suAvailable:active = no info:notifications:suAvailable:who = _empty_array info:notifications:diskFull:active = no info:notifications:diskFull:who = _empty_array info:notifications:diskFull:freeSpaceThreshold = 5 Finally, as with previous versions of OS X Server, Mountain Lion Server has snmp built in. The configuration file for which is located in the /private/etc/snmp/snmpd.conf and the built-in LaunchDaemon is org.net-snmp.snmpd, where the actual binary being called is /usr/sbin/snmpd (and by default it’s called with a -f option). Once started, the default community name should be COMMUNITY (easily changed in the conf file) and to test, use the following command from a client (the client is 192.168.210.99 in the following example): snmpwalk -On -v 1 -c COMMUNITY 192.168.210.99

August 4th, 2012

Posted In: Mac OS X, Mac OS X Server, Mac Security

Tags: , , , , , , , , ,