If you don’t have a HostName set on your computer then Open Directory backups are likely to fail using Time Machine. How did you promote to an Open Directory Master if you don’t have functional backups you may ask? Let’s not worry about that for now. Instead, let’s turn our attention to /var/backups. You see, if you enable Time Machine on an OS X Server, you’ll get a ServerBackup_OpenDirectoryMaster.sparseimage in that folder, which contains your Open Directory backups and gets picked up by our pal Time Machine. You can manually run a backup using the opendirectorybackup script at /Applications/Server.app/Contents/ServerRoot/usr/libexec/server_backup/opendirectorybackup. This could be automated, using expect to send a password, but…
-
-
Setting Up & Troubleshooting An Open Directory Replica In OS X Mountain Lion Server
Yesterday we looked at setting up an Open Directory Master in OS X Mountain Lion Server. An Open Directory Replica keeps a copy of the Open Directory database available for users even when the Master goes offline. But it can also take a part of the load from the Open Directory Master and when using the new Locales feature, balance network traffic. To get started with an Open Directory Replica, first enable SSH, now disabled by default. Next, use the changeip to check the host name. While the Server app is cool, it caches stuff and I’ve seen it let things go threat shouldn’t be let go. Therefore, in order…
-
Man Pages
For those learning OS X or other Unixy based systems, and for those who have been using them for decades, man is one of the most important commands in our arsenal. The man command is short for manual and shows us how to use each command that has a man page, or a page that acts as an instruction manual for the command (or method). Another command, apropos, searches the whatis database for objects that match a string, or entry. For example, if you’d like to see a listing of all man pages that reference the word case, use the following command: apropos case Or use whatis in the place…
-
Starting OpenLDAP on Mac OS X Client
LDAP is included, by default, installed on every copy of Mac OS X. For Mac OS X Servers its easiest to get LDAP up and running, given that you have a nice handy graphical means of manipulating LDAP in the Open Directory features of Server Admin and Workgroup Manager. But what about Mac OS X Client. It may be easier than you think… To setup OpenLDAP in Mac OS X, we’ll do three quick tasks. The first is to set a password and the second is to put the password into the configuration file and the third is to start the daemon. To create that password, we’re going to use…
-
Replica Trees & Tuning Open Directory
You have a fairly large Open Directory environment and you go to add the 33rd replica but you get a funny error that dserr doesn’t have listed. The reason is likely that a single Open Directory Master can only have 32 replicas. However, you can have 32 replicas on each replica (thus having a replica tree), ergo allowing for a total of 1,024 replicas and a master. So rather than bind that 33rd replica to a master, move to a replica tree model, trying to offload replicas in as geographically friendly a fashion as possible (thus reducing slap traffic on your WAN links) by repositioning replicas per site. Similar to…
-
Mac OS X Server: slapd arguments
How do I know what arguments were used when launching slapd? the /var/run/slapd.args file
-
Moving the LDAP Database in Open Directory
Before you start moving anything around, first stop LDAP: launchctl stop org.openldap.slapd To move the LDAP database for Open Directory, just use the following command (assuming you would like to save to /Volumes/target/openldap/data – although you can use another URI if you choose): cp -prnv /var/db/openldap/data /Volumes/target/openldap/data Once moved you can alter the location that Mac OS X Server looks for the data by typing in a new path using the LDAP tab of the Open Directory listing in the SERVERS list of Server Admin. Once you’re all done, fire up LDAP again using the following command and test: launchctl start org.openldap.slapd