[deemery]

A simple check: do you have the IP of your server listed as the -first- DNS server in that machine’s System Preferences -> Network settings?

dave

[deemery]

Are both client and server running X.5.3, the most recent update? This cured some significant mobile account problems I had (although I have no idea why it did so.)

dave

[deemery]

Well, I’m very pleased to report that installing X.5.3 on my MB Pro and X.5.3 Server on my G5 -fixed- the problem I had with mobile account synching not working. No action (other than installing the server updates) was required on my part, but the two copies of my home directory took a couple of days to get fully back into synch. The synch check also seems to be faster under X.5.3/X.5.3 Server.

Now if only this had been fixed a couple of weeks ago, -before- my laptop’s hard drive failed….

dave

[deemery]

For what it’s worth, the POSIX standard is very clear that the ‘/’ character is not legal in any filename, and therefore not a legal directory (or by extension sharepoint) name as a standalone character, either. The ‘/’ character is explicitly reserved for use as the pathname separator. The POSIX standard has 3 classes of characters in this respect:
those that are legal in filenames, a-zA-Z0-9 ‘-‘ ‘_’ (I think, I’m doing this from memory)
those that are illegal in filenames, ‘/’
those whose usage in filenames is not defined by the standard, ‘*’, ”’, ‘”‘, ‘#’, ‘?’
I forget which class ‘,’ is, I think it’s in the not-defined category.

Sometimes you can beat idiots over the head with standards conformance. But usually IT managers don’t care about standards, as standards only get in their way…

Good Luck!

dave

[deemery]

Although I’ve not “measured” this, I recently had the opportunity to recreate my mobile account (because of a hard drive failure…)

This seemed to both fix the slow login problem, and also the mobile account synch problem I reported in another post. I haven’t had enough time to verify that everything is working correctly.

Like so many other things in OS X Server, Mobile Accounts, when they work correctly, are -super useful-. When they have problems, it’s very difficult to figure out what’s actually happening/not happening…

dave

[deemery]

Just be prepared for rebuilding to take a loooooong time… I think it took my G5 (not Xserve) about 4 hours to rebuild a 500gb RAID Mirrored partition that was about 60% full…

dave

[deemery]

I have a more general question: The guy who originally configured Server for me strongly recommended a separate firewall router (Linksys) with VPN. That box also hands out DHCP addresses on my network for ‘casual use’, but most of the addresses for my (very small) network are hardwired. He got the VPN stuff to work, and then I lost the configuration and I’ve not been able to work out the reconfiguration since. A big part of my problem is that it’s difficult to debug a VPN from -inside- the network.

What’s the collective experience and advantages/disadvantages of a separate firewall router, vs having Server do this? It seems to me that a division of responsibility and some defense-in-depth is A Good Thing.

dave

[deemery]

Well, if your server machine is PowerPC, pretty much your only alternative is YellowDog Linux (which ain’t cheap).

If you’re running on an Intel machine, you can use BootCamp and load pretty much any flavor of Linux. Probably the best choice for server is CentOS, which is a clone of RedHat.

But before I took that plunge, I’d suggest making very sure you don’t have hardware problems. Something like a bad memory chip (been there 😥 ) can cause a lot of nasty unpredictable behaviors, no matter what OS you’re running.

dave

[deemery]

For what it’s worth, Apple (at least OS X software) RAID volumes take order -hours- to rebuild RAID sets.

dave

[deemery]

For what it’s worth: I have a -tiny- X Server installation (just me and my wife, 4 machines total.) On her new iMac, I originally had a network-hosted home directory, but I noticed performance wasn’t what I wanted. So I converted her machine to a Mobile account (even though it never moves), and so far everything’s working fine with a substantial increase in performance.

dave

[deemery]

I was able to work past this yesterday, but as usual it was rough.

The previous setup was an OD Master. But it was not using DNS. Under Tiger server it worked fine based on .local only. (Now -why- I need to set up DNS and establish a “real” domain name when all I’m providing is OD within a NAT-enabled tiny network is beyond me…)

I did all this using the Server Admin tool (I’m running Leopard Server on a G5 desktop)

After I got a DNS configuration established and running (MUCH easier than last time…), I was able to create the OD Master.

Next I created my sharepoint structure in Server Admin. Then I went over to the Workgroup Manager tool, and tried to (re)create my accounts. These did not come over/survive the upgrade (which was a surprise.)

I -still- have problems understanding how to set up home directories. Eventually, through both trial-and-error and various restarts of the Workgroup Manager tool, the sharepoint I wanted for home directories came up, I was able to create the homes on this mount point, and with some additional terminal-level messing around I was good-to-go. It’s -very frustrating- to try to create a home directory in the Workgroup Manager tool, and have it fail silently (you enter what you think is the right sharepoint info, you press “make home now” then “save”. Nothing happens. No error message, no new directory created where you expect. This is terribly frustrating.)

A related problem I had was that the share structure from the previous server/previous machine came over. Because that machine wasn’t running, I was unable to -delete- the old shares on it using the Server Admin tool. It wouldn’t let me highlight a share to delete because it couldn’t find the share. That’s dumb! But I was able to do that from the command line.

Anyway, I now have things running in the local network, including networked & mobile home directories. After getting the Server stable, I went to my laptop and upgraded it to Leopard. I did so by backing everything up from the laptop FIRST (a very wise move!), -removing- the FileVault directory, logging into the laptop and saying ‘yes’ when it asked me to create the mobile directory. Then I restored my files from the laptop’s backup. I’ve seen comments from others about problems migrating from Tiger Mobile directories to Leopard, so I wasn’t surprised by this.

The last steps will be to move this new server onto the ‘net as a replacement for the existing server, so I can take advantage of the new web features (which is actually why I bought Leopard Server…)

My setup is trivially small, 2 household users and maybe a half-dozen occasional users that update info on websites. I sure hope people with production-scale facilities have an easier time than I’ve had.

Is anyone going to do a Leopard Server how-to book?

dave

[deemery]

I upgraded my Tiger Server to Leopard, that went OK (well not really, but I was able to work around the problems…)

On Leopard, Share points are managed from the Server manager. So I went over to the Server manager, and tried to create a new share. It asked me for the Open Directory password. I used -the same User ID/Password- that works just fine in Workgroup Manager, but it didn’t like that.

So I though, OK, let me go back through the Open Directory documentation. I thought, let me recreate the OpenDir account, by first setting this to a standalone server, and then promoting it.

When I do that, I get a screen asking to create a directory administrator account. I’ve tried various account names and ID numbers, and in all cases I get the same (damn!) result: “This server has not been configured as an Open Directory master. Error has Occurred! Error value = 68”

That’s about as much help as I’d expect from Windows!

Anyone have any idea what is happening here, and more importantly how I can work around this?

Thanks much in advance! What I thought would have been an easy over-Christmas project has turned into a major pain-in-the-posterior. (At least my currently working Tiger Server machine is not compromised…)

thanks in advance, as always

dave ([email protected] or [email protected])

[deemery]

The other thing to check is load average. I really like the iStat Pro widget for this kind of ‘what’s happening right now’ kind of monitoring (if your server has a ‘head’ on it.)

For what it’s worth, I’ve noticed the load average on my G4/933 running Tiger Server, now serving a new Intel iMac, has jumped. What I did to help manage this was run -no active windows- on the server. (When iTunes, which runs 24×7 on my G4, has its window open, that added 10% of the load average to keep the iTunes window up-to-date. The Finder did similar things for directories.)

dave

[deemery]

Server accounts are tied to username.

dave

[deemery]

I’m basically doing what you want to do, only without Windows.

My wife has a normal X Server hosted account, she can log into any Mac and her files/home directory lives on the server.

For my laptop I have a Mobile account. Basically this replicates what’s on the server to the laptop and synchs it appropriately.

For both kinds of accounts, it’s not a good idea to have more than 1 machine logged in.

The magic that makes this happen is Open Directory. It’s a bit tricky to set up, at least in Tiger.

One strangeness I’ve noticed has to do with mount points for home directories. If I have User X on Mount Point A (i.e. X’s home directory is on /volumes/A), and I try to do a fast user switch to User B whose home directory is also mounted on A, I get an error. I’m not quite sure of all the details, etc, I just stumbled around until I got things to work without error, and then stopped messing with it.

I still think Apple should produce a “Server Lite” kind of product for these sorts of situations.

dave

[Author]

Posts