Tiger includes a nicely-integrated Jabber server, but for those of us who have not yet upgraded, here’s the trick to getting jabberd running on Panther.

I want to send an email to users letting them know that their password is about to expire (we have them set to expire after 30 days, so this happens frequently). Tinkering with our Tiger server, it seems that mkpassdb doesn’t provide any useful data. Neither does pwpolicy. Using:

pwpolicy -a adminusr -p adminpwd -u sbrown -getpolicy

always returns (no matter what user or expiration)

expirationDateGMT=12/31/69

as its result. Is there any easy way to get this information that works with Tiger? Am I not using pwpolicy correctly?

BTW, I saw a post here where someone mentions that with AD, UAM, and ActiveX it may be possible to get this info, but we aren’t using AD.

Read on for one possible answer…

Some of you may be familiar with CMS solutions like Mambo and Joomla. Very cool, very easy to set up etc. Until you get to Tiger.

Well go to do that on a Tiger Server and am running into an issue between PHP and MySQL. I can login into MySQL, create a database, assign privs etc. When I got to link the db to Joomla, the PHP says the username and password are wrong.

This is using MySQL 4.1 and the default install of PHP on 10.4.3. I came across some postings about the socket location changing from /tmp to /etc, but nothing real concrete. One suggestion was to move to PHP5.

Any thoughts?

Read on for thoughts on a solution…

Apple has put up a nice bit of documentation on their developer site on some the more advanced topics that systems administrator may be interested in.

Topics covered include Kerberizing the Mac OS X VPN Server, Creating Mail Account Bundles, Setting Up a Network Library, Setting Up Key-Based SSH Login and Incorporating User Images in Open Directory.

All of this material is available for reading directly on their site, or you can download the PDF for on the road/plane reading material.

It’s been a few weeks since RAID Admin (hereon known as RA) and firmware 1.5 was released. Now seems like a good time to go through the options, both old and new, explain a bit about them, and then discuss the best way to update your firmware, along with *why* you might need to. This article does not address Xserve RAIDs in an Xsan environment.

How to get greylisting working with the included Postfix SMTP server on OS X Server 10.4

Greylisting, if you’ve not encountered it before, is the process of temporarily rejecting e-mail from an unknown host/sender/recipient combination. Spammers will tend not to bother trying to resend the e-mail later while legitimate servers will.

Read on for more information on how to add this to your arsenal against spam and viruses.

We’ve all seen the NAT tab on Server Admin, and been very impressed that we can do IP forwarding, or IP forwarding and NAT – but where to after that? Enter The NATural, an all new GUI tool that allows you to manage those NAT settings.

Most beautifully, this tool allows administration of NAT settings without modifying or replacing any of the default Apple software, and it also has a “demo” mode where it will recognize if you’ve installed to software on an OS X Client machine which will let you take a look at all the settings without modifying anything on your local machine.

So, thanks to Jamie Griffin of GDog Software for getting frustrated with natd, and sharing The NATural with the rest of us.

Xsan Admin 1.2 has been released, and is available for download here. There are some very important instructions to follow on this upgrade – like, don’t upgrade from version 1.0 to version 1.2 directly. The full instructions for the update are available on Apple’s knowledge base. For more information about the upgrade, also refer to this article, and note the big red letters here about reading the instructions before upgrading. Of course, with any upgrade, we always recommend having an up-to-date back-up, and if you have the opportunity, to perform the upgrade on a test system before applying it to any production environment.

As with any upgrade, there are some substantial fixes in this, most notably, the invalid serial number issue has been resolved. As we mentioned in the 10.4.3 upgrade piece, there’s some improvement in AFP performance also. We are however still limited by the no greater than 2TB LUN support, this means that the new 7TB Xserve RAIDs still have to be sliced for use with Xsan to take advantage of all your new storage space.

The official list of improvements are available here.

I believe this is new to SIU as of 10.4.3.

You can now, when choosing the source for a Network Install, after clicking the ‘Customize’ button, select install options the way you would during a local CD install.

For the enterprise this is pretty nice – for example, at the newspaper where I work we have roughly 10 ‘remote’ offices connected to our core network by T1 lines. Removing the enormous number of unneeded printer drivers in the base install is quite useful in this scenario.

The MacEnterprise.org group will be presenting a Webcast on the LANDesk Management Suite on Tuesday, November 15 at 1:00 pm EST. Kent Prows and Bill Smith from LANDesk will be presenting.