Posts Tagged ‘Mac OS X Server’

Inconsistent Upgrade Behavior on Software-Mirrored RAID Volumes

Thursday, August 8th, 2013

It came up again recently, so this post is to warn folks treading the same path in the near future. First a little ‘brass tacks’ background: As you probably know, as of 10.7 Lion’s Mac App Store-only distribution, you can choose the option to extract the InstallESD.dmg from the Install Mac OS X (insert big cat name here) application, and avoid duplicitous downloads and manual Apple ID logins. One could even automate the process on a network that supports NetInstall with a redundantly named NetInstall set to essentially ‘virtualize’ or serve up the installer app on the network.

We’ve found recently that more than a few environments are just getting around to upgrading after taking a ‘wait and see’ approach to Lion, and jumping straight to 10.8 Mountain Lion. Getting to the meat after all this preamble… it was also, at one time, considered best practice to use RAID to mirror the boot disk, even without a hardware card to remove the CPU overhead. (It hadn’t been considered a factor then, but even modern storage virtualization *cough*Drobo*cough* can perform… poorly. I personally recommend what I call a ‘lazy mirror’, having CCC clone the volume and putting less writes on the disk over time, and getting the redundancy of CCC reporting SMART status of the source and destination.)

When upgrading a software-mirror’d boot drives OS, you get a message about features been unavailable, namely FileVault2 and the Recovery Partition it relies upon. If it detects the machine being upgraded is running (a relic of a bygone era, a separate OS called quaintly) ‘Mac OS X Server,’ it additionally warns that the server functionality will be suspended until 2.x can be installed via… the Mac App Store. We’ve found it can do an upgrade of those paused services(at least those that are still provided by the 2.2.1 version of the Server application) and pick up where it left off without incident after being installed and launched.

If, however, you use a Mac App Store-downloaded application to perform the process, we’ve seen higher success rates of a stable upgrade. If instead you tried to save time with either the InstallESD.dmg or NetInstall set methods mentioned earlier, a failure symptom occurred that, post-update, the disk would never complete its first boot(verbose boot was not conclusive as to reasons, either.) Moving the application bundle to another machine(volume license codes have, of course, been applied to the appropriate AppleID on the machines designated for upgrades,) hasn’t been as successful, although the recommended repackaging of the Install app, as Apple has referred to in certain documentation, wasn’t attempted this particular time. In some cases even breaking the software mirror didn’t allow the disk to complete an upgrade successfully. Another symptom before we could tell it was going to fail is the drop-down sheet warning of the loss of server functionality would immediately cause the entire window to lose focus while about to initiate the update. A radar has not been filed due to the fact that a supported(albeit semi time-intensive) method exists and as been more consistently successful.

BCC Mail In OS X Server

Thursday, April 4th, 2013

OS X Server has the ability to bcc mail that flows through it. This can be a good way to keep a copy of mail for the purposes of things like legal requirements. To enable this feature, once upon a time you could use the GUI in OS X Server. These days, the feature is still there but is now accessed through the command line as the always_bcc_enabled option within serveradmin’s mail settings. To enable this option, use the following command:

sudo serveradmin settings mail:postfix:always_bcc_enabled = yes

Once enabled, you will also need to supply an actual address to bcc mail to, which is done using always_bcc as follows:

sudo serveradmin settings mail:postfix:always_bcc = "

Next, you’ll want to

sudo serveradmin stop mail
sudo serveradmin start mail

Finally, if there are any issues, putting the postfix logging facility into debug mode can help you triangulate, done using the following command (and restarting the mail service again):

sudo serveradmin settings mail:postfix:log_level = "debug"

Setting Up Time Machine Server in Lion Server

Sunday, May 20th, 2012

Setting Up The Podcast Service In Lion Server Video

Friday, May 18th, 2012

Patch Management Made Easy: StarDeploy

Wednesday, December 22nd, 2010

There is a new donateware tool available for Mac OS X called StarDeploy. StarDeploy is a straightforward patch management solution that allows you to place items in Applications, Libraries or User Folders on a centralized server and have those items sync to client systems. StarDeploy also allows you to push out packages using the centralized file share as well.

The combination of StarDeploy and DeployStudio allows you to image and then patch manage systems in simplistic environments fairly quickly, easily and to do so in a cost effective manner. However, StarDeploy isn’t as object oriented as JAMF’s Casper Suite, FileWave, Symantec’s Altiris or other solutions you may currently be using or reviewing. The solution manages somewhat flat structures. You can create multiple file shares if you have multiple groups, but compared to how Casper or other comparable tools operate, this could get somewhat tedious to manage in complex environments. However, the cost is a donation that you can make and so it is inexpensive.

In our use, StarDeploy has been able to easily push out packages to a large number of systems very quickly. The packages that you build for StarDeploy can then be moved into other solutions if you outgrow StarDeploy. This makes for a nice modular approach where you can grow into a more complex solution or even have StarDeploy work in conjunction with other solutions; for example: allowing StarDeploy to manage lab environments and using a more robust solution for more robust environments.

Overall, StarDeploy makes an excellent addition to the toolkit of anyone with a keen eye on managing large numbers of Mac OS X systems. If you would like to discuss using StarDeploy, JAMF’s Casper Suite, FileWave or other products for patch management, contact your 318 Professional Services Manager or today!

Thinking Outside the Box: CrashPlan Pro

Monday, November 8th, 2010

There are a lot of organizations who are rethinking some basic concepts in Information Technology. One of these concepts is that you need to own, duplicate and even replicate user data between each of your sites so that you can have roaming profiles in Windows and mobile home directories in Mac OS X. For organizations with a large number of labs and users who roam between them, these challenges, which have dominated the infrastructure side of IT have been cumbersome for the past 15 to 20 years. But let’s rethink the “why.”

If you have labs, common in K12 and Higher Education but not so common in the corporate world, you need network home folders on the Mac OS X side, or its sister, portable home directories. On the Windows side, you need folder redirection. But a growing number of education environments are practicing the art of the one-to-one deployment, which strongly resembles what can be seen in the corporate world.

Between the big iron, massive SANs attached to the core switches licensing for DFS heads and the like, it can all get cost prohibitive. But we still do it because we think we need our data replicated. And some of us do. But one thing that we often say is that this data is not a backup. So if it isn’t a backup then how do we back these systems up. And if we do need to back these systems up then why are we also performing a layer of redundant synchronization? Does all of this result in 3 or 4 copies of the data, all in a from that cannot be reduplicated?

The end of the Xserve is nigh, and now for something completely different?

Awhile back, someone told me that you could back an unlimited amount of data up to the cloud for a price that was so cheap that I was stunned. There were a couple of products that I reviewed: CrashPlan and Backblaze. Both are pretty darn awesome. But the bandwidth to back 3,000 users up to someone else’s cloud can become pretty darn cost prohibitive. Enter CrashPlan Pro: you can host that cloud in your own location, or in multiple locations if you have the need to do so, and all on relatively inexpensive hardware, either leveraging the hardware that you already own or even the CrashPlan Pro appliances, rack mountable goodness that scales to store up to 72TB of data per unit, to store data that gets deduplicated before it gets copied to the device over the wire, providing substantial storage savings, not to mention reduced congestion on your wire (or wireless).

And to top it all off, CrashPlan Pro offers extensibility in the form of a REST-based API that allows building that which you may need but which the developers have not yet though (or more likely had time) to build. The API actually makes CrashPlan Pro a possible destination for Final Cut, amongst other things.

Oh, and did we mention the client can run on Mac OS X, Windows, Linux and Solaris?!?!

318 partners with a number of vendors to help you rethink your IT conundrum, leveraging the best advances of today and tomorrow. We are pleased to add CrashPlan as our latest, in a long list of valued partners. Contact your 318 Professional Services Manager, or now for more information.

Mail Archival

Saturday, November 7th, 2009

There are a number of messaging solutions that allow for automated message archiving. Message archiving can save space, while freeing up valuable resources and can also help to maintain Sarbanes-Oxley compliance (as well as achieve a number of other objectives). But not all messaging solutions allow for automated archival. Enter Mail Archiva into the picture.

Mail Archiva is an open source project aimed at bringing messaging archival to Microsoft Exchange, Zimbra, Mac OS X Server, Postfix, SendMail, IpSwitch, Axigen and a number of other messaging servers.

If you are in need of mail archival then feel free to reach out to us for more information on Mail Archiva today!

New Mac mini w/ Mac OS X Server for $999

Tuesday, October 20th, 2009

Apple has released a new Mac mini that retails for $999. You might be thinking that $999 is just a little bit high for a Mac mini – and you would be right, that is, if it didn’t come with Mac OS X Server. The combination of the price point, the hardware and the software make the new Mac mini with Mac OS X Server a perfect purchase for small businesses and servers geared for use as specific utility servers!

The new Mac mini server comes with no optical drive, which is great because instead you get a pair of internal drives that can be setup in a RAID to protect your data! The server also comes with 802.11n, Ethernet and bluetooth – allowing a variety of uses.

Call 318 today for more information on this great new product from Apple!

Greylisting and Snow Leopard Server

Thursday, October 8th, 2009

10.6 has introduced the use of Greylisting as a spam prevention mechanism. In short, it denies the first attempt for an MTA to deliver a message, once the server tries a second time (after an acceptable amount of delay, proving it’s not an overeager spammer), it can be added to a temporary approval list so future emails are delivered without a delay.

The problem with this is many popular mail systems, including gmail, don’t exactly behave as expected, so the messages may take hours before they are delivered. To get around this, the people championing greylisting suggest maintaining a whitelist of these popular, but ‘non standard’ mail servers, allowing them to bypass the greylist process entirely and accepting the messages the first time around. The other problem is for companies that send mail through mxlogic and other similar services, the mail is sent from the first available server, potentially causing delayed because they were being sent by a different mxlogic box each time.

The problem with this under 10.6 is there is no gui or interface to inform you that greylisting is enabled (it gets turned on when you enable spam filtering), and so it just takes forever for messages to hit your inbox. You can start managing the whitelist / greylist system, or you can just turn it off:

cp /etc/postfix/ /etc/postfix/

vi /etc/postfix/

change line 667 from:

smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_policy_service unix:private/policy permit

To the following (removing check_policy_service unix:private/policy):

smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination permit

You can then run postfix with the reload verb to reload the config files, as follows:

postfix reload

Mac OS X Server 10.6 Announced

Monday, June 8th, 2009

You can read the press release at Apple. Highlights include:

  • Half the cost: $499 for Unlimited Clients
  • NetRestore is now bundled with Mac OS X Server
  • Wiki2 includes iPhone and QuickLook-type image display
  • Address Book Server now included
  • iCal Server works with iPhone
  • Push Email Support
  • New iPhone Configuration Utility
  • Supa-fast (OK, that last part is not official)