Welcome to my blog
Join me on my journey as I share my insights and experiences on all things Apple, Business and Entrepreneurship!
Join me on my journey as I share my insights and experiences on all things Apple, Business and Entrepreneurship!
But what about DNS monitoring. You heard me, what if you want to monitor or be notified on DNS record change. I know what your thinking likely DNS changes are cleared by tons of red tape, requiring access to the domain registrar in most cases and when a change is made its typically planned, right? Not always. If your part of a large web team perhaps you want the added peace of mind knowing that you have a monitoring system to notify you if a DNS record changes.
The way to accomplish ARD AD authentication is by nesting an AD group inside a local group. You can create any group you want but for the sake of this article we will use ARD_ADMIN. I need to credit this article. The UNT Apple Managers group is a valuable and often looked over internet resource. I highly recommend checking out their group articles and tutorials.
~/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile this folder needs to be copied from Mac to Mac when migrating data. Migration assistant choked on this folder twice, leaving me unable to move it via a thunderbolt to thunderbolt connection. I then mounted the drive of the old Mac onto the new Mac via the cable and copied it over manually. This method worked and worked well. For the sake of completeness, I will do a quick writeup of the other methods of migration that were recommended by Microsoft directly in the event...
In my case I was using it with Safety Net enabled and was able to restore the entire drive which took under an hour. Once restored I realized the best option for me was to move from 10.10 server from 10.9. In my environment I had 1 open directory master and 2 replicas. All running on 10.9 server, however close to 90% of my user base is running on 10.10 so I decided that it would be beneficial for those users to authenticate against Yosemite’s server.
I have used SCCM for a while now and have to say that I find it very very powerful. The fact that collects plenty of information from the clients, uploads it to a SQL db and keeps a history, plus the ability of create dynamic computer collections based on querys to the SQL and then target those groups with tasks makes it extremely useful in an enterprise environment. Plus the amazing reports you can get if you have an SQL guru around!
lient running munkitools 0.9.1.x or later Web service that is tracking available seats and that provides information in a specific format in response to queries. One such server is MunkiWebAdmin as of 16 July 2013. If you have a running instance of MunkiWebAdmin, make sure you’ve updated to the latest code. See this post for instructions on how to update MunkiWebAdmin.
Zenoss is an outstanding, enterprise-ready network monitoring tool that includes all of the features you are accustomed to finding in a much costlier solution. Many a network administrator would do well to deploy such a tool.
You might be asking: Why add and remove printers using Munki? Why not just use Profile Manager?
Many third party utilities have been created to work along side Munki to augment the ability to manage inventory and other aspects of Munki such as software reporting, software licensing escrow, and machine tracking. One of the best utilities has been Munki Web Admin. A great walkthrough can be found on setting up Munki Web Admin on an OSX Server here https://code.google.com/p/munki/wiki/MunkiWebAdminOSXSetup but very little documentation exists on how to update your current installation to run effectively on Mavericks.
All of this hinges on a few things. First your company has to be willing to enroll in Apples Volume Purchasing Program many companies are not interested because many companies are simply looking for a method to deploy FREE software on the App Store not paid software. The second reason why their program is a turn off to many businesses is that you have to provide a DUNS number many companies do not have one, and are not at the point where they are looking to get one.
One option is to have everyone in my company sign up with an Apple account and download it from iTunes. This can be slow and tedious and its not very efficient. Enabling Caching server on OSX Server could make it more tolerable but still its not an overall enterprise solution that is easy to manage. So many things can go wrong if people are not willing to wait through the somewhat lengthy install process.
The first thing you should do is clone your system. The second thing you should do is make sure you have a good backup. The third thing you should do is make sure you can swap back to the clone should you need to do so and that your data will remain functional on the backup.
Then 10.7 came out and with it the slow death of MCX and profile manager emerged. I was so excited but also a little disappointed many of the MCX preferences either did not work properly an required the use of both MCX and Profiles in order to fully manage computer systems MCX for 10.6 Profiles for 10.7 and then 10.8 came out!
Munki has a few things going for it. It has a small footprint. Its open source. Its well supported. Its free. Its not a complete solution but if you want a way to manage your systems and deploy software to your fleet of Macintosh computers with little to no budget its a good alternative to Casper. Many companies use Munki and Casper together (Google) while other smaller companies use only Munki. Munki requires any web server or Mac OSX Server running Apache, and a fairly stable network.
The Adaptive Firewall The most basic task you can do with the firewall is to disable all of the existing rules. To do so, simply run afctl (all afctl options require sudo) with a -d option:
I needed a way for my server to notify me by email every time there was a potential problem which results in high CPU usage so that I could mitigate that issue quickly. The server monitor and server admin apps do not allow you to monitor CPU usage and Activity monitor is great as long as you are willing to stand in front of your terminal screen all day. I decided to write a script that would alert me when specific processes started running wild.
The purpose of this entry is to talk about 10.7 server and show you how to accomplish everything that you could accomplish from the Server Admin application through commands using terminal or edits to system files in the operating system. Everything below requires that you be logged in as the root user on the server in order to avoid permission issues.
“I just setup a new server and within days we were on a corporate email blacklist, I contacted the company in question and asked why are we on your blacklist, why won’t you deliver our email. They shared with me an email log of thousands of emails being sent from my mail server through several legitimate email accounts. I ensured that my server was not an open relay so I asked these users, if they had indeed sent this many emails in one shot without any kind of unsubscribe link...
One such service is the topic today, Dovecot. Dovecot is integrated with Server Admin, Apples GUI Server Administration tool. You can set two different kind of notifications to trigger here, a quota notification that will send an email out when someone is over a certain percentage of email quota and an email warning them when they have gone over quota. In my experience it takes more than a couple emails to make a user clean up their inbox.
sudo launchctl unload /System/Library/LaunchDaemons/com.apple.hwmond.plist which initially threw an odd error, looked at the list of loaded items by running launchctl list on the server and noticed that it was gone. I restarted my XServe and sure enough it had loaded itself. Figuring that there must be something in the OS automatically loading this on each reboot I started searching ways to modify or disable hwmond on my server. In my case I needed to stop the high CPU usage so badly that I was willing to make the tradeoff, of...
Alright first thing you have to understand put aside any notion of running mobile access server on any other server you may already have. Mobile access server is meant to run on a gateway server. A gateway server is a server that routes traffic to multiple destinations. Meaning its a stand alone server whose primary function is to keep your private data private.It translates public requests and serves up private content. You must run mobile access server on a separate server from the servers which contain your private data.
Crontab is one of the longest lasting scheduling daemons around, its part of any linux / unix system and uses a file that will trigger a script at a specific time at specific intervals. Cron can be pretty amazing but pretty daunting too if you are unsure about how to use cron, I recommend starting out easy and using this GUI for Mac OSX called Cronnix.
#!/bin/bash echo Sync started `date` >> /Volumes/Logs/Sync_log.txt echo "Now starting rsync" At this point we are ready for the sync to start, we will start by syncing the files from the primary server to the secondary server. This is a one way sync, whatever we add to the primary server will be copied over to the secondary server. Whatever is deleted from the primary server will also be deleted from the secondary server we accomplish this via the use of rsync.
First, you must have DNS that can process a failover, you must have a script that will sync your files and your databases and most importantly of all you must have an open SSH tunnel between the two servers so that the sync can perform in a secure way without risk of any hacking happening. In this article I am going to outline the process of creating an ssh key for your second server, using terminal, and CPANEL. The failover hosting company we chose uses CPANEL and before we started...
To start with you must enable Sieve on your server to do this, start Server Admin, Mail > Settings > Advanced: Tick “PLAIN” on IMAP/POP and save it. Mail > Settings > Filters: Tick “Enable Server Side mail rules”, save it and restart the mail service. once your done here you will be able to use the built in web based interface for handling server side rules. However you can also install your own!
setup the 10.6.2 Snow Leopard server clean before I did anything I setup DNS on the server and manually retyped and rechecked all of the DNS records from the 10.5 server to the 10.6.2 server. Once I verified that the DNS records were set. I checked the server’s DNS by running sudo changeip -checkhostname and it came back clean. Great good to go, or so I thought.
