• SQL

    User And Permissions Management In MySQL

    By default, MySQL comes with a root user configured. You can also create additional users, change passwords for users, and assign what databases and tables they have access to. From MySQL, you can can create a basic user using the CREATE USER statement, providing a user, a location, and then using IDENTIFIED BY followed by a password. In production, this would look similar to the following, using krypted as the user and mysecretpassword as the password: CREATE USER 'krypted'@'localhost' IDENTIFIED BY 'mysecretpassword'; Once you’ve created a user, you’ll want to assign what the user can access. Here, the * wildcard is pretty handy. In the following command, we’ll use the…

  • Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Troubleshoot Spotlight Indexing Issues Using mddiagnose

    Spotlight just kinda’ works. Except when it doesn’t. Which is luckily pretty rare, for the use cases that Spotlight was designed for. But when it doesn’t work, you have a few tools that I’ve highlighted over the years to help you out, including articles on shared volumes, manually indexing, disabling Spotlight, and a few others. But what if you need to go in more depth to isolate an issue? For this, Apple has provided us with a tool called mddiagnose, in /usr/bin. In the following command, we’ll run an mddiagnose to dump a bunch of system statistics that we can then look at. Here, we’ll do that to a folder…

  • Mac OS X Server

    Setting Up Wikis In OS X Server 5

    A wiki is a repository of dynamically created and managed content, or content created or edited by multiple users collaboratively. This article is about using the wiki service in OS X Server (the Apple Server app running on 10.10 and 10.11). I reference file services with WebDAV because it is a very nice integration piece that I think a lot of people will find pretty beneficial. To get started with the Wiki service, first turn it on. This one isn’t heavily dependent on host names (other than being able to access the server from a browser) or directory services (other than being able to authenticate users, but local accounts are perfectly…

  • Windows Server

    Configure File Shares In Windows Server 2012

    As I mentioned in an earlier article, the File and Storage Role is installed by default in Windows Server 2012. This means you can create a file share with a very minimal amount of work on a brand new server. To get started, as with many things regarding Server 2012, open Server Manager. From Server Manager, click on File and Storage Services in the Server Manager sidebar. Then click on Shares. From the Shares screen, click on the Shares drop-down list and then click on New Share. This will open the New Share Wizard. From here, select a type of share. For the purposes of this article, we’ll create a very…

  • Active Directory,  Mac OS X,  Mac OS X Server

    Automatically assign admin rights in OS X based on Active Directory group membership

    Thanks to Tedd Kidd for the following article, on automatically managing administrative privileges based on Active Directory groups! This is a quick and easy way to assign any user to the local admin group in OS X based on their group membership in your Active Directory. This should also work with Open Directory or eDirectory groups if your workstations are bound to those directory services. You’ll need to include this code in the workstation login script so that it runs as root but uses the $@ variable to determine the user that is logging in. #!/bin/bash # Set group name to check against groupname=”domain admins” if [ “`/usr/bin/dsmemberutil checkmembership -U…

  • Kerio

    Kerio: Permissions

    Sometimes when you’re setting up permissions for certain folders using Microsoft Entourage, the process will fail.  If it does you can still set permissions using the web portal.  To do so, log into your webmail.  Then control-click the folder in question and click on the Access Rights… button.  Here, you will be able to define who can read, write or delete items.  Make sure that if you’re giving someone access to a folder that you don’t forget to give access to the parent folder (eg – the parent folder to INBOX is the root of your email hierarchy).  This is one of the more common mistakes we see there.