Yesterday I did a quick review of the various cloud offerings from Amazon. Previous to that I had done a review of using S3, the Amazon storage service, with Mac OS X, primarily through the lens of using S3 as a destination for Final Cut Server archives. Today I’m going to go ahead and look at using EC2 from Mac OS X. To get started, first download the EC2 tools from Amazon. Next, log into Amazon Web Services. If you don’t yet have a login you will obviously need to create one to proceed. Additionally, if you don’t yet have a private key you’ll need one of those too –…
- Active Directory, Articles and Books, Business, Consulting, Network Infrastructure, SQL, Ubuntu, Unix, VMware, Windows Server
-
Disable SMB Signing
Mac OS X 10.5 supports SMB signing. But if you have some older operating systems you may need to disable SMB signing when using Windows Server 2003 and up to host your files, typically when the 2003 Server is also a Domain Controller (DC). To determine if SMB signing is required use Netmon (Network Monitor). When using Netmon it is best to use a hub rather than a switch. Once you have set the addresses and performed a capture, you’ll then look for the SMB negotiation string. Options here are values of 3, 7 and 15 meaning SMB signing is disabled, enabled/not required and required respectively. If SMB signing is…
-
Address Book.app and Exchange Contacts
Over the years Apple has slowly been adding Exchange functionality to a number of their products, quietly. While Snow Leopard is reported to add even more functionality there are still a number of things you can do with Exchange from the Mac OS X client. For example, Address Book can pull information from your Exchange contacts. This isn’t to say that every single field will work, but the basics do work – and pretty well. To connect to your Exchange server from Address Book, open the program and then open the Preferences menu. From the General tab check the box for Synchronize with Exchange as seen here: Now click…
-
Samba 4: A Poor Mans Active Directory
Today I pulled down the Samba 4 binaries and installed it using the instructions the developers are slowly building on the Samba 4 wiki. Overall it was a fairly painless experience, although I do believe I have a couple of bug reports to file (not surprising considering it is not out yet). Overall I found the process to be far easier than it has been in the past. The Samba team seems to realize that in order for Samba 4 to compete with Active Directory that it needs to integrate really well in the *nix server ecosystem. For example, like Active Directory you can choose to have Samba integrate into…
-
Mac OS X: Directory Services Debug Log
When you’re trying to troubleshoot issues with Directory Services on Mac OS X sometimes the best thing you can do is put the directoryservices daemon into debug mode. To do so you would use the following command: killall -USR1 Directory Service By default errors get trapped into this file: /Library/Logs/DirectoryService/DirectoryService.error.log But when in debug mode using -USR1 you can see more specific errors in the /Library/Logs/DirectoryService/DirectoryService.error.log file. You can then use commands such as tail in conjunction with grep in order to isolate issues to specific strings such as ADPlugin. If you choose to use -USR2 for debugging then the logs will get written into the /var/log/system.log file. To disable verbose…
-
Extend the AD Schema in 2008 Server using ldifde
To import directory objects, at the command prompt, type the following command, and then press ENTER: ldifde–i-ffilename-sservername:port-m-ausername domain password To export directory objects, at the command prompt, type the following command, and then press ENTER: ldifde-e-ffilename-sservername:port-m-ausername domain password
-
Windows Server 2008: Install RIS and WDS
In Windows Server 2008 you can use the Server Manager application to enable RIS (part of Windows Deployment Services, WDS). To do so, open Server Manager and click on Roles in the left column. Then click on Next and read the Introduction to WDS items. It’s worth noting that you can setup your server as a Transport Server in WDS, which is a bit like Multicast clustering (eg – multicast ASR imaging for the Mac). It’s also worth noting that a Deployment Server will use parts of the Transport Server to do its job so you’ll need to install both. Once you’re satisfied with your selection, click Next and then…
-
Mac OS X: Force LDAP Signing using dsconfigad
dsconfigad did not support signing of LDAP packets in 10.4.x. However, this was an upgrade that was introduced in the 10.5 version of the AD Plug-in. Provided that your Active Directory environment uses LDAP signing, a standard policy with DCs, you can mirror your settings on the DC in dsconfigad by using the -packetsigning option followed by either an allow, disable or require variable. To force LDAP signing, just run the following command: dsconfigad -packetsigning required To then disable signing if your environment doesn’t support it use the following command: dsconfigad -packetsigning disable The default variable is allow, which will use LDAP signing when possible.
-
Windows Server 2008: AD Schema
Importing ldf files is one way to extend an Active Directory Schema. In 2003 you could use ldifde to import ldif or ldf files. In 2008 you’ll be happy to know the syntax hasn’t changed. To import directory objects use the following command ldifde–i-ffilename-sservername:port-m-ausername domain password To export directory objects use the following command ldifde-e-ffilename-sservername:port-m-ausername domain password
-
Mac OS X Server 10.5: Customizing Trust Time for the adplugin
You can use the adplugin to customize the amount of time a client is trusted by Active Directory. It can be done by using the following command: dsconfigad -passinterval 30