Tiny Deathstars of Foulness

I originally posted this at

Leopard Server and wiki. It’s cool and it works. But when you’re first looking into it, it might seem a little confusing. So let’s do a simple walkthrough. Here we’re going to enable a wiki in advanced mode for a group called testgroup and we’re going to give a user called testadmin access to edit the wikis and create new ones. To get access to the wiki we’re going to assume a hostname of

First, let’s go into Workgroup Manager and create a new group called testgroup. To do this, open Workgroup Manager, authenticate to Open Directory and click on the New Group icon in the toolbar. Enter a name for the group (testgroup for this example) and check the box for “wiki and blog.” Select the website to publish the wiki to in the Enable the following services for this group on field. Choose who can view and who can write to the wiki and click on the Save button.

Now let’s create a user called testuser. In Workgroup Manager, click on the User list and click on New User. Now enter a name for the user and a password. Then use the Groups tab to put the user into the testgroup group. Now click on Save.

Now that we have a user and group to give access to the wiki let’s go ahead and create a wiki. To do this open Server Admin. If the Web Service has not been enabled yet, click on the server name, click on Settings in the toolbar and then click on the Services tab and place a check in the box for Web. Now click on the web icon and click on the Settings tab. Select a theme for your site and click on Save. Now click on the Sites icon in the toolbar and click on the site you’d like to publish your wiki on. From here click on the Web Services tab and put a checkmark in the Wiki and blog box. Now click on Save. Then Start the web service.

Now you should be able to open up a web browser and go to URL of the server. Remember, do this by host name and not IP. At this point, you’ll see the Groups tab along the top navbar. From here you can click on Groups and then click on the group you want to create the wiki for (testgroup for our test wiki). Now you’ll be asked for a username and password. Enter the testuser you created and the password that you gave to testuser. Now you can click on the + icon to create your first entry into the wiki. Let’s call it testpost.

That’s it. You’ve now created your first wiki article on your new wiki server. Notice that if you enabled calendars and blogs that there will be icons for these in the top nav bar. You can customize everything you see on the screen to give it a more organizational look and feel. For example if you click on the pencil icon you will be able to rename the blog and customize the prebuilt information listed in the Welcome to your Wiki page.

November 26th, 2007

Posted In: Mac OS X Server

Tags: , , , , ,

I originally posted this at

So you need to empty your cache resolver, but you fire up your handylookupd but you’re getting a command not found error. What to do… Try dscacheutil, which let’s you do so very much more than lookupd. For example, using the -cachedump allows you to dump an overview of the cache contents. -cachedump has a slew of flags to get pretty granular with the output such as -entries and -buckets-configurationallows you to access detailed information about your search policy. -statistics allows you to view detailed information on statistics of calls.

Examples of using these commands:
Emtpy the DNS Cache Resolver:
dscacheutil -flushcache

Dump cache with user entries:
dscacheutil -cachedump -entries user

Lookup all the users on a system:
dscacheutil -q user

November 24th, 2007

Posted In: Mac OS X, Mac OS X Server

Tags: , , , , ,

I originally posted this at

So you selected Advanced Setup during the wizard while you were installing Mac OS X Server and now you’re looking at this new Server Admin screen that you’ve never seen before. You see the server name but there are no services in the list. This is because Apple has gone the extra step to make Server Admin less confusing and more user friendly than ever before. When you click on the Settings icon at the top of the Server Admin screen you will see the tab for Services. Here, you can enable or disable any service by checking its box and clicking on the Save button.

Once a service has been enabled then it will appear under the server in the Servers list (notice it no longer says Sites and Services). From here, you’ll notice that the old chicklets from the bottom screen are gone. Now they have been replaced with an icon set in the toolbar that changes as you click between the services. For example, the AFP Service shows Overview, Logs, Graphs, Connections and Settings. Clicking through these icons, you’ll notice that they provide the same experience that the chicklets at the bottom of the screen provided. However, by placing them at the top the user interface makes more sense. One thing that is a bit strange is the decision to move the Start and Stop buttons to the bottom of the screen. When you enable a service it will not start by default so if you want to begin using it look to the bottom of the list and click on the Start button for the service.

When you enable and then click on each service you will notice that many have the same options that they’ve had in the past. There are exceptions (like a more granular logging tab for the FTP service), as there are with every version. But for the most part many of the settings have stayed the same through a few versions of the OS because they just make sense in how they are laid out.

New Services added are Radius, Podcast Producer, MySQL (which actually existed in its own stand-alone application before) and iCal. Each of these has a great purpose and will hopefully be explored in detail as time goes on. You might notice that one service, Applications, is gone from the list. Tomcat has now been moved into the Web Service as a checkbox (Enable Tomcat).

So that’s the quick and dirty tour of the new Server Admin application. It’s sleeker and has a (in our opinion) much improved interface over the old Server Admin.

November 16th, 2007

Posted In: Mac OS X Server

Tags: , , , , , ,

I originally posted this at

So Ruby on Rails… What does this mean for me and what exactly is Ruby on Rails from a systems administration standpoint? Ruby on Rails was created by David Heinemeier Hansson from his work on Basecamp, a web-based project-management tool, by the company 37signals. Ruby on Rails was first released to the public in July 2004. Ruby on Rails is a web application framework designed to support the development of dynamic websites. To see some sites built using Ruby on Rails check out

Ruby is an object-oriented program language that Rails is built on.  To access rails, you can use the rails command.

The Ruby on Rails framework is built into Leopard Server and can be started up using the mongrel_rails start command. It can be stopped using the mongrel_rails command. Mongrel is a fast HTTP library and server for Ruby. Mongrel_rails is a command line tool that can be used to control the Mongrel webserver.

Some options to the mongrel_rails command include the following:
-d daemonize
-p assign a custom port
-a assign an address for the HTTP listener
-l assign a log file to use
-t customize the timeout variable
-m use additional MIME types
-r change the document root
-B enable debugging
-C use a configuration file
-S define an additional config script
-h access the help libraries
-G generate a config file
–user define who the server will run as
–version get the version information for Mongrel

But that’s not all you can do with mongrel_rails. The actual file is not compiled so you can read it in clear text and learn more about what it is doing behind the scenes. Just cd into the /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.0.1/bin/ folder to find it. One item of note is the inclusion ofmongrel_rails_persist, a wrapper for mongrel_rails that allows admins to register the Mongrel Server with Bonjour and create a launchd plist to run Mongrel (/Library/LaunchAgents/

So let’s say that you have a Ruby application that lives at the following location /Library/WebServer/MyRubyApp. You can run the following command to launch it over port 8001 in a persistent manner:
mongrel_rails_persist start -p 8001 -c /Library/WebServer/MyRubyApp

To access it from a web browser you would enter the address

From here you’ll be able to daemonize Mongrel and provide the Rails development framework to developers in your environment. There are already a lot of projects for using Ruby with FileMaker and other database systems, so keep an eye out for more information about this piece of Leopard Server!

November 12th, 2007

Posted In: Mac OS X Server

Tags: , , , , , ,

I originally posted this at

So you installed your new server and you’re having a few problems. Let’s look at the common issues and a few simple fixes for them.

iCal will not start, with log entries that it is unable to create a virtual host:
Check your host name. iCal is going to need the host name to be correct in order to start. Use scutil --get HostName and then make sure that the host name listed in the iCal Server settings is identical to this value.

You setup a user, check the box in Workgroup Manager for Enable Calendaring and then save your settings but you get the following error in your logs:
Oct 12 15:51:26 cedge Workgroup Manager[2282]: +[WPUser userWithGUID::] returned nil!

This is likely caused by the fact that you are enabling a calendar for a local user. Try using an OD based user and see if you get the same error.

You got everything started and the account was created for the user but when you add an account in iCal it fails to connect. Make sure that the port that iCal server is using is located at the tail end of the host name for the iCal Server. One issue that we see here is that unless you are using managed accounts then iCal Server is not likely going to append the port number for you iCal Server. Also verify that you can connect to the remote server, and remember that you can always open the URL of the server followed by a : and then the port number and get a login prompt. If you can authenticate to this as the user whose calendar that you are trying to setup then you can use the information in this screen to determine ACL information and other security settings that could be keeping calendars from working. Also keep in mind that while your default port might be 8008 your default port if you are using SSL is actually 8443.

Once you get this far, you should be able to create an event and see data listed in the Overview tab for iCal. If so then you should be able to about anything you want in the iCal server.

If you prefer to use the serveradmin CLI to control your services, you can also use the serveradmin settings calendar:ServerHostName = "SomeHostName" variable to change your host name. You can also use the calendar:HTTPPort to change the port number you are using for connectivity.

Happy Calendaring!!!

November 10th, 2007

Posted In: Mac OS X Server

Tags: , , , ,

I originally posted this at

Mailbfr, spamtrainer and amavis-stats are great packages that fit into Mac OS X Server. The guys from topicdesk have been kind enough to post an overview on how their products work under Leopard and how the changes in Leopard impact their utilization. Check it out at:

November 5th, 2007

Posted In: Mac OS X Server

Tags: , , ,