[trondah]

The only reason you would want a cylinder of destiny setup is if you host services (that require extended attributes) on an OSX server for AD users and you don’t want to extend the AD schema.

If you don’t need augmented records then I don’t see any reason to do it, it only adds complexity. You’ll need to bind all clients to both AD and OD.

[trondah]

I’ve had success backing up OSX server with rsync and then creating an ASR compatible image with hdiutil. This image can then be deployed to a blank disk either through DeployStudio or just boot up from a DVD/NetBoot and use ASR manually. Works great for disaster recovery.

I would recommend stopping any databases like Open Directory or MySQL while doing the rsync. Check out Bombich’s rsync tips for the correct options to get a 1:1 copy.

[trondah]

I successfully setup Redhat (Fedora) to authenticate to OD with Kerberos it was very straight forward as I recall.

[trondah]

Seems like a problem with the Volume License Key version. I can’t get it to work either. Had no problems with the first release of Office 2008 with all updates on top.

[trondah]

Read further down.

“Restoring from NetRestore.
Snow Leopard Server adds a new feature called NetRestore. It lets administrators build a disk image based on a drive that includes all their customizations — or based on a stock Mac OS X installation DVD. Then, using NetRestore, you can restore a Mac over the network using either the custom volume or the stock DVD.”

[trondah]

I used the stock InstaDMG.

If InstaDMG doesn’t work out, you can always do the actual install of OSX server on an external drive, and then image the drive before it’s booted. That way you can tailor the install process and know that the image is 100%.

[trondah]

It works fine, all my servers are deployed with InstaDMG built images.

[trondah]

How do you skip certain modules of the setup assistant? Is it possible to skip just the user add?

[trondah]

I noticed that too. Something is messed up with the update, I managed to make it work by booting the system, choose download only to fetch the new iLife update, then put that one in the build.

Recently I’ve tired of maintaining all these updates, I’m now creating images from golden masters and scripting my changes through Deploystudio and found it to be a much better approach.
InstaDMG is good for creating a base image for the golden master.

[trondah]

Having the same problem, annoying not being able to package iWork….

[trondah]

https://www.afp548.com/article.php?story=using-mcx-in-the-dslocal-domain

[trondah]

As far as I know, home folder creation takes place only when using augmented users with dsAttrTypeStandard:HomeDirectory and dsAttrTypeStandard:NFSHomeDirectory attributes set.

Are you using UNC path to derive network home?

[trondah]

http://www.zenoss.com (I like this one best)
http://www.nagios.org
http://www.dartware.com

[trondah]

I saw your post actually, Apple fixed their docs now 🙂

Anyways, I got it working after reading up a bit on dns-sd.org.

Enabling wide area bonjour in server admin only adds the lb._dns-sd._udp resource record, which only sets the legacy browsing domain.
Manually adding in b._dns-sd._udp sets the default browsing domain which i.e. Finder uses.

So, add that to your /var/named/db.example.com. like this:

;THE FOLLOWING INCLUDE WAS ADDED BY SERVER ADMIN. PLEASE DO NOT REMOVE.
$INCLUDE /var/named/zones/db.example.com.zone.apple
b._dns-sd._udp IN PTR example.com.

Do an ‘rndc -p 54 reload’, and the next time a client adds your DNS server it will see your wide area bonjour services 🙂
Having a shared secret and/or using authentication is only useful if you want clients to register themselves. I find it easier to
use static service records.

[trondah]

Did not find a solution for this. Seems like something had gotten messed up in Kerberos/LDAP, so I ended up rebuilding both the OD and replica from scratch.

OSX sucks some times. 🙂

[Author]

Posts