I don’t believe in upgrading major operating systems for servers in place. There, I said it. If I’m doing an upgrade from Snow Leopard to Lion, I’m about 99.9% of the time going to do so with a clean install. Before I do so, I’m going to export all the data from my old server and when I’m done with the fresh, clean, loving installation, I’m going to import that data back into my server. Actually, before I import the data, I’m going to install all of the point releases, application updates and security patches. That’s my process for production servers. Open Directory isn’t very different. I Archive and Restore…
-
-
Backing Up and Reindexing The Profile Manager Database in Lion Server
A common task when scaling databases is to reindex tables within the database. This process makes lookups faster and databases run butter. Reindexing becomes a pretty easy step before or after backing up the database as a general housekeeping step. To backup the database, you’ll use the pg_dump command, defining the user with -U and then the database with -d. In the case of Profile Manager, the database is device_management. Given that data is distributed across a lot of tables in the device_management database, the below script will backup the device_management database and then reindex each of the tables. If you follow previous articles to enable the Postgres user, you…
-
Removing Apps from Profile Manager Using Postgres
There aren’t any options in Lion Server’s Profile Manager to remove applications. There are a number of environments where this can be annoying. For example, if you are upgrading or maybe just accidentally upload an app that you don’t want people to see for the rest of the existence of the Profile Manager server. To see which applications have been installed and which have each id: psql -U krypted -d device_management -c "select * from public.ios_applications limit 1000 offset 0;" The above command is a standard psql command, as shown in a previous article I worked on in a previous post. But this time I’m injecting the SQL query into…
-
Managing Lion Server's Adaptive Firewall From the Command Line
Previously, I had done an article on using the adaptive firewall in Mac OS x Server. But I hadn’t looked at controlling it from the command line yet. In Lion Server, the firewall automatically blocks incoming connections that it considers to be dangerous. For example, if a client attempts too many incorrect logins then a firewall rule restricts that user from attempting to communicate with the server for 15 minutes. If you’re troubleshooting and you accidentally tripped up one of these rules then it can be a bit frustrating. Which is why Apple gives us afctl, a tool that interacts with the adaptive firewall. The most basic task you can…
-
My OS X Server Book From O'Reilly On Amazon!
I usually don’t like to discuss books (except in person with friends/colleagues) very much until I have an ISBN number. Well, here it is! My next book is going to address what I consider the most important challenge to Apple Server nerds like myself: can a server really be installed off the app store with no technical skills? I also tackle the meaning of life (somewhere on page 42) in this book, but that’s not nearly as interesting a topic… I am about 80 percent done with it and it should be out within the next 5 to 6 weeks. One of the things that really impresses me about O’Reilly…
-
Creating Users in Lion Server
Create OS X Server Users
-
OS X Server: Forcing DNS Propagation
Here I sat, tapping my fingers on the desk, waiting for a DNS change to propagate through a number of secondaries (note to self, I have too many secondary DNS servers at home). While sitting, tapping my fingers I dozed off and dreamt of fishing on the river I grew up on, of the sweet looks my daughter gives me and of retiring into a luddite colony of burning men and women in the desert. When I awoke and wiped the drool from my face, I realized I was wasting my life waiting for DNS to propagate. Then I flushed the cache one more time, just to see if it’s…
-
Managing Mail and Safari RSS Subscriptions from the Command Line
Safari can subscribe to RSS feeds; so can Mail. Podcast Producer is an RSS or XML feed as are the feeds created by blog and wiki services in Mac OS X Server. And then of course, RSS and ATOM come pre-installed with practically every blogging and wiki tool on the market. Those doing mass deployment and scripting work can make use of automatically connecting users to and caching information found in these RSS feeds. If you have 40,000 students, or even 250 employees, it is easier to send a script to those computers than to open the Mail or Safari client on each and subscribe to an RSS feed. Additionally,…
-
Disabling Periodic Scripts
Mac OS X does a little housecleaning in batch processes that run daily, weekly and monthly. These are kicked off by LaunchDaemons that reside in /System/Library/LaunchDaemons and are called com.apple.periodic.daily.plist, com.apple.periodic.weekly.plist and com.apple.periodic.monthly.plist. These need to run and so should not be disabled outright. However, they can disabled temporarily, as when you need a somewhat process intensive script to run for a few days. Therefore, we need a way to disable these and re-enable them. One could just move those files, but there’s actually a more graceful way. Running defaults read against one of the property lists can be done as follows: defaults read /System/Library/LaunchDaemons/com.apple.periodic-daily We could use defaults to…
-
The Qlogic Command Line
For many environments, a Qlogic switch can be as simple as plugging it into the wall to get working. The web interface is a great tool and appropriate for many a configuration, but the interactive shell environment on the switches gives a few more options. Let’s first get logged into the switch. The switch will have an IP address, so telnet into that address (I’ll use the my IP rather than the default IP of 10.0.0.1 that the switches ship with): telnet 192.168.210.87 Once you provide a password you’ll be placed into an Interactive Command Line Interface SHell environment, which Qlogic calls CLISH. Establishing connection… Please wait. ***************************************************** *…