For those who don’t yet get a subscription to MacTech Magazine, I’ve been a long time lurker and suggest you do the same. I recently submitted an article to them for the Enterprise Desktop Alliance and it will be in the February issue. There’s also one appearing in the March issue. They’re both fairly long and cover the topic of moving specific services off of Mac OS X Server and onto the Windows platform. I don’t recommend that any organization go out and start ripping out all their Mac OS X Servers because Apple dropped the Xserve. But I am a guy who really likes having a lot of options…
-
-
Managing Active Directory from iPhone
AD HelpDesk is a tool that can be used to manage certain aspects of Active Directory user accounts. Using AD HelpDesk, you can configure an iOS based device to connect to Active Directory using an administrative account (or an account that has been delegated administrative access). Using the tool, you can then find a user. Using the user pane, you can unlock accounts, reset their passwords, force the resetting of the password on the next authentication event and optionally send a user their new password via SMS (a really cool little feature, IMO). There are a lot of useful ways to fit this tool into your service desk or network…
-
Likewise Open 5.3 Supports Snow Leopard
Likewise 5.3 supports Snow Leopard at 32 or 64 bit! Likewise Open 5.3 is open source software that can be used to bind Mac OS X, Linux & Unix to Active Directory. Likewise Enterprise (which is not open source) starts with the Open client but allows leveraging Workgroup Manager or Active Directory Users & Computers to manage policies. If you haven’t already, check it out at www.likewise.com.
-
Bubble Alerts w/ Silent Installs
When you push software to a Windows computer there’s an annoying little alert that pops up to tell the user that new software was installed. In one organization I was recently at this accounted for approximately 20 calls to the help desk every time they pushed out an update (patch Tuesday for them is one week after patch Tuesday for Microsoft). To turn off the bubbles in your image, right-click on the start button and click on properties. Then click on the Customize button. Click Advanced and uncheck the box for Highlight newly installed programs. Not too bad. But don’t want to touch all of the existing machines. Open HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced…
-
From Open Directory to Active Directory
Whether you’re going from Open Directory to Active Directory or from Active Directory to Open Directory, chances are you’ll encounter csvde along the way. Csvde is installed on Windows Server and allows you to interface with Active Directory using csv files. cvsde can import files using the -i switch, followed by the -f switch to indicate the file that you are importing, followed by the path of the file. So if you save a file called toimport.csv to the root of your c drive temporarily you would use the following command to import the objects in the rows of the file: csvde -i -f c:toimport.csv Now, what’s that file need.…
-
Mac OS X Directory Services Plug-ins
In a number of contexts, we hear about directory services plug-ins. A directory services plug-in is a way for a Mac OS X computer to leverage the DirectoryServices daemon to obtain account information (be it authentication or policy information) from a server. This might be an Active Directory server that uses the Active Directory Plug-in or an Open Directory server that uses LDAP. You disable plug-ins that you don’t need and enable plug-ins (ie Active Directory plug-in or third party plug-ins) that you need in order to access directory services of various types. These plug-ins are developed in the form of .dsplug files. The default plug-ins that Apple includes with…
-
Samba 4: A Poor Mans Active Directory
Today I pulled down the Samba 4 binaries and installed it using the instructions the developers are slowly building on the Samba 4 wiki. Overall it was a fairly painless experience, although I do believe I have a couple of bug reports to file (not surprising considering it is not out yet). Overall I found the process to be far easier than it has been in the past. The Samba team seems to realize that in order for Samba 4 to compete with Active Directory that it needs to integrate really well in the *nix server ecosystem. For example, like Active Directory you can choose to have Samba integrate into…
-
Mac OS X: Directory Services Debug Log
When you’re trying to troubleshoot issues with Directory Services on Mac OS X sometimes the best thing you can do is put the directoryservices daemon into debug mode. To do so you would use the following command: killall -USR1 Directory Service By default errors get trapped into this file: /Library/Logs/DirectoryService/DirectoryService.error.log But when in debug mode using -USR1 you can see more specific errors in the /Library/Logs/DirectoryService/DirectoryService.error.log file. You can then use commands such as tail in conjunction with grep in order to isolate issues to specific strings such as ADPlugin. If you choose to use -USR2 for debugging then the logs will get written into the /var/log/system.log file. To disable verbose…
-
Extend the AD Schema in 2008 Server using ldifde
To import directory objects, at the command prompt, type the following command, and then press ENTER: ldifde–i-ffilename-sservername:port-m-ausername domain password To export directory objects, at the command prompt, type the following command, and then press ENTER: ldifde-e-ffilename-sservername:port-m-ausername domain password
-
Windows Server 2008: AD Schema
Importing ldf files is one way to extend an Active Directory Schema. In 2003 you could use ldifde to import ldif or ldf files. In 2008 you’ll be happy to know the syntax hasn’t changed. To import directory objects use the following command ldifde–i-ffilename-sservername:port-m-ausername domain password To export directory objects use the following command ldifde-e-ffilename-sservername:port-m-ausername domain password