[Anonymous]

Thanks for the reply.

I don’t know of another way to interface with sanitizing and virus software.

We are looking at Tenon’s post office (a POP/IMAP replacement), have any comments/recommendations (we want the GSSAPI authentication for single signon)? However, that doesn’t have anything to do with the anti-virus stuff. In the mean time I’m using what ever version comes with 10.3.3. I wonder if this and the other problem I’m having are related (corrupt db)? These particular users definately do not have large mailboxes as they have not yet been able to receive any mail due to this error.

Is there an article for reconstructing the DB? I think I tried that once before and could never get cyradmin (or whatever it was) to run.

[Anonymous]

to get mail to stop complaining about the self signed certs i did two things, firstly was remade the cert with the Common Name the dns name of my mail server
secondly i imported the cer file into keychain X509 (i think it was) and it’s all good now.

just need to figure out ssl for virtual hosts.

[Anonymous]

nm, got it figured 🙂

should have thought for a sec before opening my mouth.

works well, now just need to get mail.app to stop complaining about the self signed certs.

cheers

rand

[Anonymous]

my question (after i got all this working via another method) is how do i secure sending mail? checking is all well and good, but is sending secure as well?

[Anonymous]

I am also in need of such assistance. My e-mail address is twalls at tampabay dot rr dot com. Thanks so much for your help!

[Anonymous]

[quote:25b41c270a=”Monty”]On our Panther server (10.3.4) with mixed OS9 and OSX clients, folders do not stay closed when closed by the admin, user or owner of the folder.

I remember in ASIP, the admin could go on the server and close a folder and that is how the clients would see the folders when they mounted the server and opened a window. I have gone in as admin, user and owner to no avail.
[/quote:25b41c270a]

yep, same thing here… the sad thing is that you need to track down who set them that way. it’s most likely an admin… i don’t think that a user can do it even if they own the folder, but i don’t know. we have the same problem here but with only six admins it doesn’t take me long to find the culprit… once that particular admin user logged in to the box and collapsed the folders it was fine.

[Anonymous]

benjk —

The password being asked for is your OS X admin password, VaporSec is a configuration utility which needs to use files which are owned by ‘ROOT’, and cannot configure things until it conforms you are a sysadmin.

[Anonymous]

That would work it I had a spreadsheet (or any list) with cleartext passwords. I don’t. I was looking for something that would translate /etc/passwd (or /etc/shadow).

click

[Anonymous]

I am attempting to connect to a sonicwall device. I entered in my best guess as to the configuration information VaporSec wants. When I click on the Vaporize button, I get the following error:

racoon: failed to parse configuration file (1)

Is this something wrong with the configuration information I entered?

MacOS X 10.3.4

[Anonymous]

Yes, I fixed the edu.mit.Kerberos file and I’m back to being able to do logins at the console thru kerberos. The keytab file had been created on another unix box, as I just don’t see how to create one using sso_util (or anything else for that matter) that connects to a KDC on a different system. I’m thinking that, after inspecting the keytab created when I built the new open dir master, that my problem is that my services aren’t registered in it.

Do you know how to create that keytab? For the host principal, the KDC admin gave me the password, kvno and encryption type for that host principal. I then used the ktutil command on an OpenBSD box to create the keytab. This command is totally different that the ktutil on OSX.

[Anonymous]

Our kerberos database is a Unix KerberosV system and all my accounts are stored in a local ldap server on the xserve. I have registered the xserve as a host principal and had received a keytab file that works fine for console logins. But when I created the ldap server, it built a new keytab file, which broke my logins. So I replaced the keytab with one from backup to get the logins working again, but I can’t see any way to add the services to it. I tried the sso_util command, but it just gave a bunch of errors, although it did make edits to the Mail and AFP plists, but the keytab was unchanged.

There must be a way to make this work with an existing kerberos database…I just don’t get it.

[Anonymous]

This is tough to achieve, but do-able, with the help of perl/shell scripts.

Some background, first.

We have several NFS volumes in our studio. sometimes we upgrade to the latest technology, and the volume name, computer name, and even the platform OS changes. Because of this, we wanted to find a way to abstract out volume/machine names from our file paths, and have one common mount point that is always “good”. (Incidently, this is an NFS only solution..)

So, what we did, was to have a small harddrive exported called “shows”. It shows up in finder, as a drive. We mount this using an /etc/fstab entry. Next we use automounter, and mount the other volumes. This gives you the effect of having only “shows” appear on the finder Desktop, even though all of your volumes are mounted. We then wrote a perl script that creates a map of the entire file structure on each of our big volumes, and creates a symbolic link/empty folder version on the “shows” volume.

What this does, is make a representation of all of our folders and files on the small drive, which the user traverses. Once you get to the end of the path, (the very last folder) , the user is then magically transported to the real volume with the file actually lives. (makes sense? The sym link points to the automounted volume.)

This is pretty maintanence intensive, however. We have cron scripts that do a lot of behind the scenes work. However, it does work.

bob..

[Anonymous]

I hadn’t thought of it as a bug. I figured I was missing something. We have premium support for our servers but I wonder if Apple will support this since its on a client.

All are running 10.3.3 and the home directories are remote.

Single sign on is the goal.

[Anonymous]

The password is changed via the logon screen when the password expires.

[Anonymous]

Yes, AFAIK, your VPN server has to have a registered IP address. The VPN client can be located on a private network, but the VPN server cannot.

[Author]

Posts