Troubleshooting radius is a crappy task. But crappy articles don’t help: http://support.apple.com/kb/HT3929 To be more specific, the debug mode flag is -X (not sure why that was so hard). In that case it’s doing single server mode and the process cannot fork. You can also do the lowercase, -x (which is part of -X), or -xx for further granularity. In order to set the launchd item to debug mode you would therefore find the /System/Library/LaunchDaemons/org.freeradius.radiusd.plist file (only created once you’ve fired up RADIUS btw). From here, locate the array for invoking the command: <string>/usr/sbin/radiusd</string> <string>-sf</string> Change the -sf to either a -X or add an x or two in there…
-
-
Using OpenSSL to Test Connectivity
Almost wrote this up again and then realized I already did once (sure it was a few years ago but luckily not much changes with some of the command line stuff). Check it out here: https://krypted.com//mac-os-x/using-openssl-to-test-connectivity If you want to see more on openssl check this one out too: https://krypted.com//unix/openssl-and-signatures
-
Adding DHCP Options in Mac OS X Server
Mac OS X Server comes with a number of DHCP options available; most notably the options available in the GUI. But what about options that aren’t available in the GUI, such as NTP. Well, using /etc/bootpd.plist, the same file we used to define servers allowed to relay, you can also define other options. These begin with the following keys that can be added into your property list: dhcp_time_offset (option 2) dhcp_router (option 3) dhcp_domain_name_server (option 6) dhcp_domain_name (option 15) dhcp_network_time_protocol_servers (option 42) dhcp_nb_over_tcpip_name_server (option 44) dhcp_nb__over_tcpip_dgram_dist_server (option 45) dhcp_nb_over_tcpip_node_type (option 46) dhcp_nb_over_tcpip_scope (option 47) dhcp_smtp_server (option 69) dhcp_pop3_server (option 70) dhcp_nntp_server (option 71) dhcp_ldap_url (option 95) dhcp_netinfo_server_address (option 112) dhcp_netinfo_server_tag…
-
Adding Recursion in named.conf
In DNS, recursion references the process where a name server will make DNS queries to other name servers on behalf of client systems. Most name servers are simply DNS clients that cache information for a specified amount of time. Recursion is disabled by default on most name servers. In Mac OS X recursion is enabled for subnets local to the server only. In environments where you wish to provide recursive queries you can enable recursion by opening Server Admin, clicking on the disclosure triangle for the server you will be configuring and then clicking on the DNS service. From here, click on the Settings icon in the Server Admin toolbar…
-
Snow Leopard Server & Adaptive Firewalls
The term Adaptive Firewall can mean a lot of things to a lot of people. In Mac OS X Server it means that if you attempt to logon with an inappropriate password 10 times that a dynamic rule will be created blocking access for the computer that access was attempted from for 15 minutes. After 15 minutes the dynamic rule will be removed from the server. To see the number of Dynamic Rules running on a server, look at the Firewall services Overview tab, or Active Rules. There’s not a timer but it’s pretty easy to see which IPs are blocked. I’ve found it doesn’t always clear out after 15…
-
All 3 Snow Leopard Titles Now on Amazon
All 3 of the Snow Leopard titles I’m working on, editing or in one case done with for Apress are now posted to Amazon and can be purchased.
-
Invoke ScreenSaver in Mac OS X with a Script
While troubleshooting some issues with a Screen Saver that just wouldn’t fire up. Even when you told the ScreenSaver to open (timed or via Expose) it wouldn’t work. Given the security implications for the given environment having a Screen Saver invoked automatically and manually are both requirements. So I found how to open it from the shell. From the /System/Library/Frameworks/ScreenSaver.framework/Versions/A/Resources/ScreenSaverEngine.app/Contents/MacOS working directory simply do: ./ScreenSaverEngine The Screen Saver opened from the shell so I figured I would try it from an AppleScript, so isolated the application id to com.apple.ScreenSaver.Engine and launched it manually: osascript -e ‘tell application id “com.apple.ScreenSaver.Engine” to launch’ This didn’t work. Replaced the ScreenSaver.Framework (located in /System/Library/Frameworks) with…
-
@bynkii Let the Cat Out Of the Bag – Next Book
No, not another Snow Leopard post. Well, I suppose it kindof is actually. It’s a pseudo-official announcement that John Welch, Chris Barker and I will be teaming up to write a book on Snow Leopard Server. The book has been posted to Amazon.com and will hopefully be out by Valentines Day. That’s not to say that we will be responsible in any way shape or form for the results if you give your significant other this book for Valentines Day…
-
Snow Leopard Documentation Available
Apple has posted the documentation for Snow Leopard Server: http://www.apple.com/server/macosx/resources/documentation.html You may now learn how to do all kinds of fun things… Like play with Podcast Composer, one of the nicest updates of them all (so much so, it got its own PDF).
-
"Simple" OS X Server
When you install Mac OS X Server you have the option to use Standard, Workgroup or Advanced. I have installed Standard for writing articles/books/etc about it, but from the first day I saw it I knew it wasn’t for me. Workgroup has some augmented record reasons you might use it, but is otherwise similar. Advanced is pretty much, make my server look like it did in 10.4 Server. Here you have Server Admin, Workgroup Manager and the other tools that comprise a Mac OS X systems administrators toolkit. But Standard is synonymous with “Simple” in this case and should rarely be used. If you are fairly non-technical then it can…