Forum Replies Created

Viewing 15 posts - 16 through 30 (of 41 total)
1 2 3
  • Author
    Posts
  • January 17, 2007 at 7:41 pm in reply to: Software Update Service to 10.3.9 #368028
    Flash
    Participant

    [QUOTE][u]Quote by: Themr2[/u][p]
    I have contacted Apple premium support and they had no idea.
    [/p][/QUOTE]
    Typical. Didn’t you hear? They only support iPods these days.

    [QUOTE][u]Quote by: Themr2[/u][p]
    Is there a way I can get my 10.3.9 machines to point to my local update server?[/p][/QUOTE]

    Nope, I tried just about everything and talked to several fellow engineers about it. Consensus seems to be that it’s not possible in 10.3.9.

    January 17, 2007 at 7:33 pm in reply to: Windows Path %username% ??? #368027
    Flash
    Participant

    OK, so it does work. When you select multiple users, fields in the Windows tab will self-propagate the username. Duh, you just have to remember to include the trailing back slash. Like so:

    User Profile Path: C:\Documents and Settings\
    Path: \\server\users\class\

    After you hit Apply, individual records look like:

    User Profile Path: C:\Documents and Settings\username
    Path: \\server\users\class\username

    January 14, 2007 at 6:23 pm in reply to: Slow XP logoff! #367995
    Flash
    Participant

    You’re not alone, I had that problem, fixed it the same way. Apple’s implementation of NT Server seemingly has “roaming profiles” enabled by default.

    January 3, 2007 at 11:51 pm in reply to: NHR issue #367937
    Flash
    Participant

    This appears to have fixed the problem. Thanks to Jeff, NHR’s co-developer:

    [url]http://www.macosxhints.com/article.php?story=20051122213207398[/url]

    January 3, 2007 at 6:35 pm in reply to: NHR issue #367930
    Flash
    Participant

    Same problem here. Same Word error when saving modified files whether I use nhrbasic or nhr. Anyone ever find a fix for this?

    December 14, 2006 at 3:56 am in reply to: Best way to move Home Directories #367828
    Flash
    Participant

    Used this method many times, no ill-effects to speak of.

    https://www.afp548.com/forum/viewtopic.php?forum=25&showtopic=8199

    November 13, 2006 at 5:55 pm in reply to: Software Update Server #367571
    Flash
    Participant

    Trash the following file. Software Update will create a fresh one with Apple’s update server when next launched.

    /Library/Preferences/com.apple.SoftwareUpdate

    October 20, 2006 at 12:52 pm in reply to: Where is MCX Cache? #367350
    Flash
    Participant

    Doh! An ID10T error for sure. I just looked through my disallowed apps list in the Group Prefs and noticed that com.apple.PhotoBooth was still in there. I had removed the app, but not the pref. I don’t know how the pref got in there!

    August 5, 2006 at 8:47 pm in reply to: mcx not applied #366761
    Flash
    Participant

    I found a workaround, at least in my case. I can only guess as to why this fixed my problem, but it did. When you configure the LDAP plugin in Directory Access, don’t “bind” the client. Merely create a new node, type in your server address, then hit Continue without providing diradmin credentials. Now, no more of the above startup errors and machine list prefs are working perfectly. This may be somewhat less secure. Note, computer records won’t automatically appear in WGM, but you can easily browse to them so they can be added to machine lists. Further, this method does not create a machine record in the server’s kadmin.local database (kerberos Db). I would assume that Kerberos authentication would not work because of this.

    August 5, 2006 at 6:37 pm in reply to: mcx not applied #366760
    Flash
    Participant

    Yes, I am having the same problem. None of the prefs I’ve set for machine lists are being applied to the clients. I am seeing the exact same errors in the client logs. Prefs assigned by user or group work fine, but no prefs assigned by machine list are working. Machine list prefs worked fine earlier this summer. The only thing I’ve done to my server since then was the 10.4.7 update.

    Aug 5 14:20:03 US-Science-1 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSGetLocallyHostedNodeNames(): dsFindDirNode() == -14008
    Aug 5 14:20:03 US-Science-1 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSGetSearchPath(): DSGetLocallyHostedNodeNames() == -14956
    Aug 5 14:20:03 US-Science-1 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSGetCurrentConfigInfo(): DSGetSearchPath() == -14956
    Aug 5 14:20:03 US-Science-1 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSGetCacheInfo(): DSGetCurrentConfigInfo() == -14956
    Aug 5 14:20:03 US-Science-1 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: *** MCXD.getComputerInfo: Couldn’t get cache info -14956

    June 27, 2006 at 11:57 am in reply to: iPrism lookups to Open Directory #366511
    Flash
    Participant

    Just thought you might want to know this in case you decide to do OD integration. iPrism is the best product we tested, but St. Bernard support was disappointing – it would seem they have far less experience and expertise implementing in Mac environments than they will admit. We figured out all of this completely on our own:

    1. iPrism, at present, only supports LDAPv2. It’s not very secure as cleartext passwords are now flying around my network, but you can force Open Directory to honor LDAPv2 requests by including this line in your slapd.conf file:
    allow bind_v2
    In theory, if and when iPrism embraces LDAPv3, single sign-on using Kerberos would be possible.
    2. iPrism filtering policies then have to be mapped to some LDAP attribute. Logically you would use each user’s Group Membership to determine filtering. However, Open LDAP has no “MemberOf” User attribute as Active Directory and eDirectory do. So, you can add a new attribute to your schema, if you’re brave enough, or use some other existing attribute to map to your iPrism policies. We chose to use “dsAttrType:apple-keyword”. When a user authenticates, the iPrism looks to OD to find out what Keywords are assigned to that user. The Keyword corresponds to an iPrism filtering policy of the same name. Keywords are fairly easy to maintain from the Advanced tab of WGM or using an LDAP import tool like Passenger.
    Rather than filtering only by IP address, this solution allows filtering and reporting by user.

    June 23, 2006 at 7:32 pm in reply to: iPrism lookups to Open Directory #366494
    Flash
    Participant

    Sure enough, St Bernard’s iPrism uses LDAPv2 only. 10.4 Server will allow LDAPv2 requests, but you have to add the following line in slapd.conf.

    allow bind_v2

    March 23, 2006 at 1:31 pm in reply to: SW Update Server #365778
    Flash
    Participant

    Excellent, thank you.

    Just for clarification, the above method only works with 10.4 clients.

    March 1, 2006 at 3:55 pm in reply to: Guest Access required for automounting? #365492
    Flash
    Participant

    So, you’re verifying that Guest Access must be enabled if using “Standard” afp authentication (so that automounts work correctly)?

    Kerberos scares even the most seasoned Sys-Admins.

    January 31, 2006 at 2:15 pm in reply to: Tiger Server – Samba horribly flaky #365042
    Flash
    Participant

    Yes, I experienced the same random crashing of the netbios daemon (nmbd) after moving to 10.4.x server. An SE friend of mine at Apple recommended the following and it hasn’t crashed in months.

    1. Make sure that DNS is running on your server. Make sure that the server has a dns entry for itself.

    Server Admin/Windows/Settings/Advanced:
    2. Ideally “Workgroup Master Browser” and “Domain Master Browser” should both be enabled. An aside, this did not interfere with my seperate AD domain on the same network.
    3. Enable WINS on your server.
    4. Configure WINS on Windows clients to point to server.

  • Author
    Posts
Viewing 15 posts - 16 through 30 (of 41 total)
1 2 3
Copyright © 2025 AFP548. All Rights Reserved.