Welcome to my blog
Join me on my journey as I share my insights and experiences on web development, business, and content creation.
Join me on my journey as I share my insights and experiences on web development, business, and content creation.
If your like me your always looking for ways to be notified of things changing in your IT Environment. There are many tools that you can use to help do this. StatusCake is a great free online tool for monitoring website and IP level uptime and downtime with baked in email notifications. Zeonoss and NAGIOS are great tools that can offer the same with SNMP Monitoring baked in as well. But what about DNS monitoring. You heard me, what if you want to monitor or be notified on DNS record...
Binding a Mac to an AD is fairly straight forward. Most Mac Admin’s worth their salt, know how this is done, many know how to do this via the command line. Once your Mac is bound, authentication is easy, local authentication that is. But what if you want to use your secure AD credentials over an SSH or Apple Remote Desktop connection? Well thats when things need a bit more configuration. Having recently deployed a series of servers with this configuration I figured I would share some of the commands...
I recently had to help a client move from one Mac to another, during the process one task proved more challenging than originally anticipated. I wanted to share my info in the event that it helps someone out there. In Outlook 2016 for Mac, Microsoft in its infinite wisdom, has changed the default location of the email profile folder. The new location is not well documented, and I stumbled upon it on an obscure forum post, the location is ~/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile this folder needs to be copied...
A few weeks ago I had an old 10.9 open directory master server crash on me and I was unable to restart, luckily I had a good backup of my server which I created using Carbon Copy Cloner on a schedule. If your not using Carbon Copy Cloner I highly recommend doing so its one of the best backup utilities for OSX Server as it runs in the background and can backup and clone multiple directories and or the entire hard drive. In my case I was using it with...
In my organization we use Microsoft SCCM for managing Windows clients and Munki for managins OS X clients. I have used SCCM for a while now and have to say that I find it very very powerful. The fact that collects plenty of information from the clients, uploads it to a SQL db and keeps a history, plus the ability of create dynamic computer collections based on querys to the SQL and then target those groups with tasks makes it extremely useful in an enterprise environment. Plus the amazing reports...
Beginning with the 0.9.1 builds of the munki tools, Munki can query a webserver to determine if there are available seats for licensed software (or any software you wish to make available via optional_installs, yet control the number of deployed copies). In order to use this wonderful new feature here are the things you need. lient running munkitools 0.9.1.x or later Web service that is tracking available seats and that provides information in a specific format in response to queries. One such server is MunkiWebAdmin as of 16 July 2013....
If you are a network (or systems) administrator, you know how crucial it is to have the right tools for the job. One of the toughest tools to really nail down is a network monitoring tool. Although there are plenty of such tools out there, they range from the over-priced to the under-featured. Where do you look for any sort of middle ground where features don’t lose out to price? Zenoss is an outstanding, enterprise-ready network monitoring tool that includes all of the features you are accustomed to finding in...
It is possible to add, remove and manage printers using Munki. You might be asking: Why add and remove printers using Munki? Why not just use Profile Manager? You can use Profile Manager to manage printer lists but the functionality is limited. One major issue with managing printer lists with Profile Manager is if you add a printer to an Profile Manager client’s printer list, and the driver file for that the printer isn’t installed on the client system, the printer will be added using the Generic Printer Driver. Even...
If your a fan and a user of MUNKI then you know what a great product it is and what community is behind it. Its backed by some of the largest companies around *(Disney, Google, etc..) and has consistently worked with all versions of OSX that have been around since Munki was created. The Munki client and admin tools requires Python 2.5 or higher with Objective-C Python bindings, which is included by default in Mac OS X. Munki is supported on Leopard through Mavericks. Many third party utilities have been...
If your like me then your happy that Apple has made several of their wonderful software titles free recently, specifically iLife and iWork for Mavericks. Apple has a defined workflow for deployment of these systems. Their method is to have companies enroll into their Volume Licensing Program once enrolled you can download apps from the app store and the iOS store and deploy these seamlessly to your devices with Profile Manager for Mavericks. All of this hinges on a few things. First your company has to be willing to enroll...
If your like me then you have an entire organization of users who are itching to get their hands on the latest Mavericks operating system and have been told to wait, we are testing. Truth is that its already been tested. I tested it all through the various developer builds and the issues have for the most part been very minimal which is great for a .0 release. However the issue really has been how are we going to deploy it. One option is to have everyone in my company...
Setting up OS X Server has never been easier. Neither has upgrading OS X Server. In this article, we’ll look at upgrading a Mac from OS X 10.8 running Server 2 to OS X 10.9 (Mavericks) running Server 3. The first thing you should do is clone your system. The second thing you should do is make sure you have a good backup. The third thing you should do is make sure you can swap back to the clone should you need to do so and that your data will...
Many years ago when I was managing a fleet of computer using 10.6 I thought that I a master systems administrator because I had all my computers managed by MCX it took me years to get MCX working properly across all my systems and it saved me countless hours of time and energy managing preferences and remote settings for new and existing systems made my life so much easier. Then 10.7 came out and with it the slow death of MCX and profile manager emerged. I was so excited but...
Let me preface this article by saying that Munki is an open source tool that allows system administrators trying to take hold of their Macintosh environment with little to no budget. Munki is a tool that was developed by a systems administrator over at Disney Animation Studio’s. It is now used by small companies and large alike (Disney & Google). Now its also true that both of these giant’s also use Casper a top shelf product by JAMF software. Munki has a few things going for it. It has a...
Over the years I have stored a file that has many of the day to day commands that I use to administer the computers at my workplace. After 4 years of saving these commands I am giving back and creating the ultimate post to aid all new sys admins out there. The Adaptive Firewall The most basic task you can do with the firewall is to disable all of the existing rules. To do so, simply run afctl (all afctl options require sudo) with a -d option: afctl -d When...
For the last two years, I have noticed a trend. From time to time Apple will release updates to its OSX Server environment, sometimes these updates go smoothly however the bulk of the time it causes several nasty side affects one of them being high CPU usage among rogue processes. One such was covered here the HWMOD bug which caused extremely high CPU usage. Sometimes these are easy to fix while other times these cause your system to crash and burn due to high CPU usage. On the flip side...
I just started using 10.7 Lion Server at my organization and I have to admit it is nice in some ways and infuriating in others. Apple has certainly fixed and introduced quite a few new features such as Profile Manager but have removed features like Mobile Access. The hardest hit service in my opinion when it comes to 10.7 server administration is the Web service. Apple has stripped this service completely out of the Server Admin app and has added a dumbed down version of the service to the Server...
I have heard this story it seems over and over again, I also have been the topic of many email horror stories. They usually go like this “I just setup a new server and within days we were on a corporate email blacklist, I contacted the company in question and asked why are we on your blacklist, why won’t you deliver our email. They shared with me an email log of thousands of emails being sent from my mail server through several legitimate email accounts. I ensured that my server...
It is a fact that Apple has migrated itself away from MYSQL. It is also a fact that most people who continue to buy Apple Servers have been using MYSQL for some time and have websites or other content that sill relies on this technology. Just because it is not endorsed or pre-configured by Apple however does not mean that it can not be used. On the contrary installing and configuring MYSQL to run on an OSX Lion server is moderately easy and gives greater insight as to how MYSQL...
OSX Server comes pre-packaged with Dovecot one of the best IMAP services out there and one of the most extensible and flexible in my opinion. That is its flexible and extensible as long as you know how to configure Dovecot which most OSX Server Administrators are not. I had a conversation with a co-worker not too long ago about being an OSX Server Administrator and I joked that Apple made great hardware and a great OS but most if not all of the services under the hood for Web, Mail,...
It seems no matter how careful Apple is each OS update (especially server updates) reveals its own challenges for the user, that leaves them wishing that they had not left their stable platform for the bug fixes that made that update so desirable. the 10.6.8 server update was no different it claimed to fix such long time bugs as Server Side Rules which has been a thorn in the side of OSX Server Administrators everywhere who use OSX Servers as their primary email server. So many of us including myself,...
Well if you were like me you were thrilled about the idea of Apples new Snow Leopard Server feature Mobile Access server. So great what is it, what does it do? Well it keeps your private web, ical and mail data secure without the use of a VPN and its really easy to setup. Great I was sold, and I started down the path of figuring out the Mobile Access Server. The more I got down into the nitty gritty of the setup the more I realized just what a...
So now we have our backup script, we have our secure SSH tunnel between the two servers and we have successfully synced our two databases and our files. Now we just have to schedule this task so that we do not have to manually run this each time we need to synchronize our systems. On Mac OSX Servers you have two options you can use Crontab and run a Cronjob, or you can use Launchd. If your running a Linux server then your pretty limited to just a Cronjob. We...
In this article we are picking up where we left off, we now have the ability to connect from our primary server to our secondary server without the need to enter a password with the help of a secret key. If you are lost at this point please refer to the last article Syncing a failover website : Creating an SSH key. At this point all we need to do is setup the bash script. We will create the script to log all of its activity so that we know...
Recently at our organization we were charged with the task of creating an auto failover solution for our websites. Basically the idea here is that we have our web server sitting in a data center but if for some reason the server were to ever go down then the website would fail over to a second server where a duplicate of the website is waiting to be accessed in the event that the primary ever had an issue. This is doable but it requires that you have all your ducks...
Snow Leopard 10.6 comes with built in Server Side rules (Sieve) that helps you to organize mail, if your like me and am supremely disappointed at the lack of functionality then you will be happy to know that there are alternatives out there. Snow Leopard still ships with a copy of Squirrel mail for OSX it also ships with many cool plugins for squirrel mail already installed. Lets look at the alternative to the built in Sieve scripts that ship with 10.6 Snow Leopard server. To start with you must...
Recently I have undergone a massive change, we have decided at our organization to go with Snow Leopard server in place of our Leopard Servers. Knowing that this could be problematic to use Apples built in GUI for migrating data I decided to start with a 100% clean configured Snow Leopard server and slowly start to migrate items over to the new server. Our current Leopard Server was running an DNS, Open Directory Master, Mail, and Wiki Server services. I have decided to share my experience in migrating our mail...
Join me on my journey as I set out to help aspiring entrepreneurs take that critical first step.