The MacEnterprise.org group will be presenting a Webcast on Centrify’s DirectControl Active Directory integration product TODAY, Tuesday, October 25 at 1:00 pm EDT. David McNeely, a Director of Product Management at Centrify, will be presenting.

In this webcast, Centrify will show you how to quickly and easily integrate Mac workstations into your Active Directory infrastructure without giving up administration privileges. Centrify’s unique solution eliminates implementation roadblocks because it does not require changing Active Directory or installing additional software on domain controllers.

For more information on how to watch this Webcast, please visit the MacEnterprise.org website:

http://macenterprise.org/webcasts

The broadcast ID needed to view the webcast is ‘macenterprise‘. QuickTime 7 will be necessary to watch the live webcast. To download this and the most up-to-date version of the cast:stream software, please go to:
http://webcast.training.apple.com/instructions

Hi all,

A tip for all who need to configure link aggregation on Mac OS X Tiger 10.4.2, Xserve G5 and 3Com Gigabit Switches (SuperStak III 4924 – 3C17701).

Install latest firmware from 3Com.

Enable LACP on the two ports connected to the Xserve G5 and don’t waste time to manually add the ports to link aggregation set.

This is an updated to my article/instructions for making "Check Spelling" work in SquirrelMail.

Sherlock is back!

If you remember back in the day when Apple was touting Sherlock indexing for webpages, this is for you. You can now do this with Spotlight, which should yield a more consistent experience.

I had a powerbook that was upgraded to tiger. The problem was that after the upgrade it was unable to do proxy authentication with our squid proxy, which is bouncing against Active Directory for access to the web.

I tried a few things to fix this, but ended up with NTLMAPS.

After upgrading my home system to Tiger, I noticed that my RsyncX backups to an external FireWire drive were no longer working. Much consternation and hair-pulling later, I realized that the Spotlight indexing was causing problems with RsyncX. I used mdutil to disable indexing on that drive, and the problem was solved.

Ed. Note: keep in mind that Spotlight indexing can make any type of file transfer take longer due to the overhead of indexing every file. This is especially true when you’re moving large amounts of small files.

When dealing with funky network issues it’s handy to be able to tweak configd a bit to see what’s going on. We have an older article on configd that explains more of what it does, but here are some quick thoughts on getting more debugging and other options out of configd on 10.4.

Since upgrading my OD master and replicas from 10.3.9 to 10.4.2, the Password Service pegs both processors on the OD master for 8-10 minutes whenever a password is changed. Doesn’t matter whether the password is changed from WGM, terminal, or managed client. No crashes occur, nothing written to System log, all else seems normal. The following consistent System log entries are also new since the upgrade.

Thursby’s ADmitMac is a full-featured SMB/CIFS client that contains a lot of great features to hook Mac OS X into an Active Directory infrastructure. Be aware, though, that there is a downside involved. Thursby chose to implement a different method of handling resource forks on non-AFP filesystems than Apple uses in its samba-based SMB client. Basically, Thursby’s method takes advantage of multi-fork-savvy filesystems (like NTFS) whereas Apple’s doesn’t.

The upshot of this is that if you have two Mac clients, one using ADmitMac and the other using the "stock" SMB client, both accessing an SMB share, neither will be able to see resource forks saved by the other system. This is no big deal for some files (notably those with a known DOS-style 3-letter filename extension like ".doc" or ".xls"), but it can make other files completely unusable. For example, Eudora files rely on the type/creator codes in the resource fork; without the resource fork, Eudora doesn’t know what to do with the various files.

I quizzed a Thursby engineer on this incompatibility, and he pointed out that their DAVE product, which was the first SMB client for Macintosh, used this method because it adhered to Microsoft’s Services for Macintosh standard. They are simply carrying on the tradition of doing it the Microsoft-recommended way.

This incompatibility is a huge issue that Thursby seems reluctant to address. Thursby’s implementation may be superior to Apple’s on technical grounds; nonetheless, they need to either convince Apple to do it their way, or change ADmitMac (or at least offer an administrative option) to do it the Apple way. As it stands now, unless sysadmins go with an "all or none" approach to ADmitMac in their organization–now and into the foreseeable future–they’re asking for trouble. That’s an expensive prospect.

This past weekend, I had my first request to set up a catch-all address for a domain in Tiger server. It’s fairly simple, and it requires some command line interaction.