krypted.com

Tiny Deathstars of Foulness

If you don’t have a HostName set on your computer then Open Directory backups are likely to fail using Time Machine. How did you promote to an Open Directory Master if you don’t have functional backups you may ask? Let’s not worry about that for now. Instead, let’s turn our attention to /var/backups. You see, if you enable Time Machine on an OS X Server, you’ll get a ServerBackup_OpenDirectoryMaster.sparseimage in that folder, which contains your Open Directory backups and gets picked up by our pal Time Machine.

You can manually run a backup using the opendirectorybackup script at /Applications/Server.app/Contents/ServerRoot/usr/libexec/server_backup/opendirectorybackup. This could be automated, using expect to send a password, but for now, we’ll run it manually and get this error while running:

2013-09-27 19:13:23 +0000 Error in backing up computer password -25300
2013-09-27 19:13:23 +0000 Error: Unable to create archive image as keychain could not be read
2013-09-27 19:13:23 +0000 Removed directory at path /tmp/slapconfig_backup_stage86725oncD7u.
2013-09-27 19:13:23 +0000 Removed file at path /var/run/slapconfig.lock.

The error doesn’t exactly tell us why the backup isn’t completing, but the actual problem is that our hostname is broken. Run hostname and it doesn’t appear that way, though:

hostname

But if you run scutil to get the hostname it is empty:

scutil --get HostName

To set it properly, let’s run scutil with the –set option and configure the hostname as phil.mynetwork.lan:

scutil --set HostName phil.mynetwork.lan

This also causes replication to fail in many cases. You might also have to delete the My com.apple.opendirectory entry in your keychain in order for automated tasks to get working again.

October 1st, 2013

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , , , ,

Setting up iSCSI to work with ESX is usually a pretty straight forward affair. But like with many things, change can be hard. But sometimes things get moved to different subnets or storage gets replaced. To configure a vSphere client to connect, select a virtual machine and then click on it and click on the Configuration tab. From there, click on Storage Adapters using the Hardware panel.

From the Hardware Panel, click on an initiator and then click on Properties and then click on Configure. Then provide the new name or IP. Make sure that the name is unique and then if needed provide an iSCSI alias. Then change the IP settings if needed and click on save. New iSCSI sessions can be used immediately whereas old sessions will require you to logout and then log back in.

June 13th, 2012

Posted In: Network Infrastructure, VMware

Tags: , , , , , , , ,

On Sunday, I mentioned making your forward and reverse DNS entries match up. But I didn’t really discuss what to do if they don’t. For those readers moving into Ubuntu from Mac OS X Server, you’ll note that at installation time, if the hostname doesn’t match the A record and PTR for your server then it will install DNS and make them match up. The reason for this is that host names are a critical aspect in how many of the network services that modern services run. If you don’t have DNS or if you want to fire up DNS in the same manner that Mac OS X Server does it then let’s look at doing so here.

First up, let’s get the packages that we’ll need installed using apt-get, which includes bind9 and dnsutils:

apt-get install bind9 dnsutils

Once those are installed, let’s define our zone and reverse zone in /etc/bind/named.conf.local:

zone “krypted.com” {
type master;
file “/etc/bind/zones/krypted.com.db”;
};
zone “210.168.192.in-addr.arpa” {
type master;
file “/etc/bind/zones/rev.210.168.192.in-addr.arpa”;
};

Note: If you’re cut/copy/pasting here, the double-quotes are going to need to get replaced with unformatted ones.

If you have other forward or reverse zones then you will need to add them using the same format as above. Once you’re done, save the file.

Next, let’s tell the server where to look when attempting to resolve names that it does not host. This information is stored in the options array in /etc/bind/named.conf.options. This is currently commented out (commented lines start with //) so let’s uncomment the forwarders section (by removing the // in front of the lines) and change the IP of that forwarder from 0.0.0.0 to the IP address of your server. It should look similar to the following when complete:

forwarders {
4.2.2.2
};

Next, we’re going to create our

mkdir /etc/bind/zones
touch /etc/bind/zones/krypted.com.db
touch /etc/bind/zones/rev.210.168.192.in-addr.arpa

Now that we’ve created our files, let’s edit them. First, open /etc/bind/zones/krypted.com.db and look for all instances of krypted.com, replacing them with the domain name that you would like to use. Also, look for all of the records and make sure that they match with the name and IP that you would like to use, creating new lines for each new record:

krypted.com. IN SOA ns1.krypted.com. admin.krypted.com. (
2007031001
28800
3600
604800
38400
)
krypted.com. IN NS ubuntu08.krypted.com.
krypted.com. IN MX 10 mail.krypted.com.
www IN A 192.168.210.2
home IN A 192.168.210.2
mta IN A 192.168.210.2
ubuntu08 IN A 192.168.210.254

Next, we’ll populate the reverse zone file. You’ll need to replace my instances with your own as in the previous section. Open /etc/bind/zones/rev.0.168.192.in-addr.arpa in your favorite text editor and edit away:

@ IN SOA ubuntu08.krypted.com. admin.krypted.com. (
2007031001;
28800;
604800;
604800;
86400
)
IN NS ubuntu08.krypted.com.
1 IN PTR krypted.com

Next, we’ll restart the DNS services to accept these massive changes we’ve made:

/etc/init.d/bind9 restart

Next, edit the /etc/resolv.conf file to set the DNS server and (optional) search domain. Then change it to look something like the following:

search krypted.com
nameserver 192.168.210.254

Finally, you can use dig and nslookup to test the lookups and make sure they work. For example:

nslookup ubuntu08.krypted.com

November 22nd, 2010

Posted In: Ubuntu, Unix

Tags: , , , , , , , , , ,

I’ve done a number of articles on using Ubuntu 10 as a server recently, but haven’t actually looked at doing the base installation of an Ubuntu 10 host. In this example, I’ll look at using Ubuntu 10.04 Desktop. In many of the previous examples I’ve been looking at Ubuntu 10.10 Server; the reason I’m using 10.04 Desktop here is because I believe there is a smaller learning curve and that inherently Mac OS X Systems Administrators who might be following this thread actually like a GUI. There are a number of aspects of this type of setup that are simply not GUI oriented; however, the base OS can easily be, so here goes.

First up, download the installer of Ubuntu from http://www.ubuntu.com/desktop/get-ubuntu/download. Then, install Fusion. Once installed you’ll be prompted with the welcome screen.

Next, use Command-N to create a new virtual machine, orclick on the File menu and then select the New menu item (first in the list).

The New Virtual Machine Assistant will then open. Click on the button to Continue without disc.

The Installation Media screen of the New Virtual Machine Assistant will be next. Here, click on the radio button for Use operating system installation disk image file.

You will then be prompted to select an iso. Browse to the file that you downloaded from Ubuntu before you got started and then click on the Choose button in the lower right hand corner of the screen.

The Operating System and version should be filled in by default. Provided they are correct, click on the Continue button to proceed.

You will then be prompted for credentials that the virtual machine will give the guest operating system when it is installed. Here, type the administrative user name and password that you want to use. You can also choose whether or not you want to make the home folder you use in Mac OS X available to the virtual machine as well as what type of access the virtual machine has to that directory. When you’re satisfied with your settings, click on the Continue button.

At the Finish screen of the New Virtual Machine Assistant, you will be able to review the settings that have been provided to the virtual machine. You can change these later if you see fit. For now, let’s click on the Finish button.

Finally, choose where you want to install the virtual machine at. By default, the virtual machine will be placed in the Virtual Machines folder of your home directory. I usually like to move it to a Virtual Machines directory on the root of the volume that houses my Virtual Machines, but you can place yours wherever you like. When you’ve selected the folder that best fits your needs, click on the Save button.

The virtual machine will then install. This process can take some time, so it’s probably a good chance to grab a bite. When it’s done, you’ll be at the login screen for Ubuntu. Enter the username and password that you provided earlier in the process and then click on the Log In button.

Once you have logged in, let’s get the networking straight. In the menu at the top of the screen, click on Settings in the VMware toolbar and then click on Network.

By default, the virtual machine will be sharing the network connection of the Mac. Click on the second radio button (Connect directly to the physical network) and then the indicator light for the interface will go red. Wait for the light to go green, indicating that it’s picked up the correct interface and then close the Settings.

The IP will then need to be set for the guest OS. From Ubuntu, click on the System menu at the top of the screen and then click on Preferences and then Network Connections. Here, click on the Auth eth0 interface and then click on the Edit button.

You should now see the Editing Auth eth0 screen. Here, click on the IPv4 Settings tab and then provide the Address, Subnet mask (Netmask) and Gateway for your environment. You should also take this opportunity to provide a DNS server.

Click on Apply to commit your changes and then reboot the virtual machine so the new network settings are enforced. When Ubuntu comes back online, you should then be able to ping your router or some other device on your network. If you decided to use Ubuntu Server then you will need to go to /etc/network/interfaces and add some lines to bring up the interface using nano or vi, then set the IP to static and then provide your settings. They would appear as follows:

auto lo
iface lo inet loopback
iface eth0 inet static
address 192.168.210.254
netmask 255.255.255.0
gateway 192.168.210.1

Note: Check out ‘man interfaces’ for more information on building out your interfaces file.

You would also need to provide DNS information in your /etc/resolv.conf file:

nameserver 192.168.210.2
nameserver 192.168.55.41
nameserver 4.2.2.2

Note: Check out man resolv.conf for more information on the correct syntax and options if you need more that what we have provided here.

As you can see, doing so in the GUI vs. the command line is almost identical in terms of the amount of time it takes. Next, check the hostname. For this, let’s use the terminal emulator (not as spiffy as the one in Mac OS X, but nice nonetheless). Click on the Applications menu, Accessories and then Terminal. As with Mac OS X Server the forward and reverse names should match. Provided they do, you’re ready to get some services installed; otherwise you will need to set the hostname to be the same as the DNS name. Assuming the DNS name is ubuntu08.krypted.com:

hostname ubuntu08.krypted.com

To then make it persistent across a restart, check /etc/hostname and replace the hostname with whatever you see there. Once set, you should see the hostname at the login window. Finally, I ran into an instance a few years back where Debian (not Ubuntu but close enough) wouldn’t change the hostname even after I tweaked the /etc/hosts and /etc/hostname files. Very annoying. The only thing that would work was to do it using sysctl (continuing on with the same example):

sysctl kernel.hostname=ubuntu08.krypted.com

Assuming that your Ubuntu box isn’t also acting as your DNS server, you will also need to check the DNS to make sure it’s correctly set. You can use nslookup for this:

nslookup ubuntu08.krypted.com

November 21st, 2010

Posted In: Mac OS X, Ubuntu, Unix, VMware

Tags: , , , , , , , , , , , , ,

DeployStudio has the ability to rename volumes as part of a standard workflow. These are typically set to something like “Macintosh HD” (the default) or “Computer Lab” or something like that. But what if you wanted to name the volume something unique to a given computer, which makes it easier to keep track with what you are doing across a number of servers? You could create a workflow for each computer and change the hard drive name for each to something unique; but that would be tedious and pollute your list of workflows, likely resulting in accidentally running the wrong workflow at times. Instead, you could look at a really simple script in most cases (according to how complicated your logic for assigning names would be).

To rename a volume, you can use the diskutil command along with the rename option. You would then list the existing name followed by the new name that you’d like that volume to have. In the case of DeployStudio the initial name of your boot volume might be “Macintosh HD” and to change the name to something like “Computer Lab” you would then use a command like:

diskutil rename Macintosh HD Computer Lab

It might then be logical to use a host name to rename a computer. Therefore, we could replace Computer Lab with the hostname command like so:

diskutil rename Macintosh HD `hostname`

However, this ends up showing the fully qualified name. Therefore, we could replace hostname with an scutil query for the ComputerName:

diskutil rename Macintosh HD `scutil –get ComputerName`

This would result in the name without all the .local, etc. But if you ran this as part of a DeployStudio workflow, you would end up calling the hard drive for all of your machines localhost. This is because the hostname or ComputerName will be queried from the DeployStudio set that you are booted to for running the DeployStudio Runtime. Luckily, DeployStudio has a number of variables that it can use in scripts. One of them is DS_HOSTNAME, which pulls the ComputerName being applied to the system at imaging. This means that if we were to rename the hard drive of the computer from Macintosh HD to the DS_HOSTNAME, you could use the following script:

diskutil rename /Volumes/Macintosh HD $DS_HOSTNAME

Now, one might think to oneself, couldn’t I just put $DS_HOSTNAME in the field for renaming the hard drive (part of a workflow). I tried it a number of different ways and couldn’t get it to work (in parenthesis, quoted out different kinds of ways, in different types of brackets and combinations of the above). If anyone knows of a way to use a variable in a GUI field within DeployStudio, let me know (I am guessing it can be done).

June 12th, 2010

Posted In: Mac OS X, Mac OS X Server, Mass Deployment

Tags: , , , , , , , , , ,

OK, so this one is pretty easy.  You can use the hostname command to return back the name of your computer.  There’s also a nifty little s flag to remove any domain naming from the return string.

May 12th, 2008

Posted In: Mac OS X, Mac OS X Server, Ubuntu, Unix

Tags: , , , ,