[jorban]

Yes that was helpful, but I’m close to figuring this out, after spending a day and 1/2 futzing around with it.

BTW the Apple documentation is pretty much worthless.

The original wiki was set up with wildcard characters and default settings. Worked great when we only had one site. Adding another site apparently was useless since the original configuration was defaulting everything back to itself.

So I had to set specific hostnames in the Sites section of Server Admin for the existing sites and then remove the wildcard Aliases for the existing sites (regular and SSL) in Server Admin –> Web –> Sites –> Aliases. The original hostname had been left blank.

Setting up an additional Site automatically sets up a virtual host for the new site so I can use the same port #, but the concept is similar to what you were talking about. Multiple sites require specific parameters.

The next thing is to enable FTP (or file sharing) so that kids can publish their sites from iWeb (not sure which to do right now).

Of course DNS needs to have a CNAME alias for the new subdomain pointing to the server.

Whew…seek and ye shall find (I guess).

[jorban]

Thanks for the script!

John

[jorban]

Apple Engineering is looking into this issue. Not sure what the problem is but it appears that if you have a user with an iCal acccount created via the “automatic” method this type of behavior occurs. The fact that it was working until recently makes me wonder if a software update broke something?

What has worked so far is to delete the old iCal account. Create a new one but use “CalDAV” as “Account Type”. Then enter port # 8443 and check the SSL box (we have both SSL and non-SSL access to our calendar). Create the account.

Unfortunately, as soon as you do another error message is thrown stating that the username of password is incorrect. When you go back to account settings, the Password Field is BLANK. Re-entering the password seems to then fix the issue.

I didn’t pick up on the problem because I only have one calendar and don’t move appointments around like my users do. I’ll report what Tech Support finds out.

[jorban]

Oh for heaven’s sake!

In my obsessive-compulsive nature attempting to hide folders from prying eyes, I set “Others” permissions to “No Access” on the sharepoint.

When I changed it to “Read”, access was opened up again.

I would have deleted the prior post, but didn’t see any way to do that.

Sorry.

John

[jorban]

Well, it appears to be a router problem. I came into my office this morning and the router was dead. I’ve got another router and am trying to get it online now. I’ll report back if that does not fix the problem.

Thanks for the speedy reply!
John

[jorban]

It also appears, rather than messing up your own system, you can set up another system and “reach out” to that system’s preference file and propagate it to your group. I’d rather do that than constantly keep changing my own machine which actually bears little resemblance to what my client machines are going to look like.

Just a thought.

[jorban]

I’m almost home…

After numerous discussions w/ AdTran (did I mention how GREAT their tech support is?).

I need a router that will support a “fractional” subnet (if you will). That is, my router will support 255.255.0.0 subnet mask, but NOT 255.255.254.0.

In addition once that subnet mask is changed I need to change the physical IP configuration of my DHCP server to match the new subnet prior to creating it on the DHCP server. Otherwise the server throws an error message about the router not being on the same subnet.

Additionally I’ll have to change ALL my devices that use static IPs to the new subnet mask.

So the steps seem to be:
[code]1. Change physical subnet mask of the server to 255.255.254.0
2. Expand the subnet on the DHCP server to:
Starting IP: 192.168.1.1
Ending IP: 192.168.2.254
Subnet Mask: 255.255.254.0
3. Configure the router to handle the subnet with it’s current IP address but change to new subnet mask.[/code]
It’s taken me two weeks, multiple posts to message boards, some emails to friends and thinking about this for more time that I care to admit. I guess the Internet works ❗

[jorban]

The subnet calculator makes a lot of sense.

I just got off the phone with a tech support guy from AdTran and he explained how I need a “supernet” rather than more “subnets”. I see how to do that now.

Unfortunately, it doesn’t appear that my router (NetGear RP614V4) will support more than a Class C network, so I guess I’m still screwed.

At least I better understand what I have to do.

Thanks for the suggestions.

John

[jorban]

Don’t even get me started on the issue of the iPods. While they are great for lower schoolers, I really did NOT want to put them on the network. But there are some applications that require “calling home” every time the units are started up.

Right now my OSX Server 10.6.2 is running DHCP and handing out IP addresses. I’d like to keep it so that the server can hand them out.

I have two routers – one for our cable modem line and one for the T1 line. The cable modem router CAN hand out IP addresses, but I’m afraid that would segment stuff too much?

But to directly answer your question, YES, I can create IP reservations by mac address. I assume that’s what you mean?

Thanks

[jorban]

Well, I thought I could edit the above post but apparently I can not.

Here are the EXACT steps to bind – at least what worked for me.

Step 1. – REMOVE the three com.apple.kerberos.kdc entries in the System part of Keychain Access. I suspect the terminal command is supposed to do that, but apparently it does not.
Step 2 – Reboot (I’m pretty sure this is necessary as I tried binding both before and after running the commands and binding did Not work)
Step 3 – After reboot, Run the two commands as root
Step 4 – Bind will now succeed.

When binding failed for me in the past the computer WAS added to WGM. I just added the UUID and the ethernet address and it appeared that the computers were now manageable from the XServer. While not bound the clients appeared to be so. I don’t know if this is because the Mac OS is forgiving or not.

I’m assuming the ONLY reason to bind to an XServe is for remote management? Even non bound clients seem to work with the network just fine.

So much to learn…so little time.

[jorban]

Well, in order to use NetRestore you have to be able to create a system image. So far, in about 90% of the times I’ve tried, the System Imaging Utility creates the System.dmg image and then the program crashes. The only reliable image I’ve created is from the OSX install disk (which, of course, is useless with all the updates and such that have come out).

I had a discussion with Tech Support today and they admitted some “issues” with the System Imaging Utility. Have NO IDEA what that means, except that perhaps others are having the same problem.

I have no doubt that NetRestore solves this problem, but until I can create a reliable image, I can’t really use NetRestore.

BTW, I attempted using the posted script:

Last login: Fri Feb 19 14:16:09 on console
SCI-03:~ administrator$ rm -rf /var/db/krb5kdc /usr/libexec/configureLocalKDC
rm: /var/db/krb5kdc: Permission denied
rm: /usr/libexec/configureLocalKDC: Permission denied

But it didn’t work.

OK…I’m an idiot…has to be run as root…and it’s two separate commands…I’m still learning…

Halle-freaking-lujah!

That fixed it…

The commands are:

$: sudo rm -rf /var/db/krb5kdc
Enter administrator password

$: sudo /usr/libexec/configureLocalKDC
May not have to enter the password again

Now I can bind the computer properly

[jorban]

I’ve got EXACTLY the same issue.

When attempting to bind a cloned computer to Open Directory (10.6.2 XServe, 10.6.2 MacBook) I get a message that the record already exists, do I want to overwrite? I say, “Yes”, then the process throws an error that it can’t overwrite the record. I click “OK” to close the window.

When I open Workgroup Manager, lo and behold, the computer IS listed but there is no UUID. If I copy the UUID from the “About this Mac” window to WGM it APPEARS as if the laptop is bound, i.e. I can manage the laptop from the server.

When I used to clone Windows machines I had to run a mini-setup that, in effect, cleared the GUID (which I assume is the same as the UUID) so that the machines would appear unique to Active Directory.

Since I’m an idiot, I can’t seem to figure out how to do the same thing to a cloned Mac. I’ve also got issues with cloning machines but that’s for another thread.

Anyhow, before I get to cloning all my machines this summer I’d like to know what I’m doing wrong.

Thanks,
John

[Author]

Posts