OS X Server w/NAT, IPFW, DNS, and Squid – Updated

Set up your server as a NAT router to do transparent web proxy caching.

Update: New URL. Find the new Squid/NAT/IPFW/DNS document here.

Read more

Poor Man\’s Video Substitute

If you ordered an X-Server without a video card, but need one here’s a down-n-dirty tip:

If you have an old B&W PowerMac lying around, swipe the video card from it and use it in the upper slot. It works fine, won’t void your warranty and gives you the basic functionality you need to manage the beastie!

Ed. Note: I think most Apple PCI video cards, note not AGP, should work in the Xserve, but nice to know of a specific example. Having said that….running it headless isn’t hard to do, either.

Read more

Access keychains from the CLI

Use the security command to access keychains.

Read the man page, but usage is pretty easy. It’s especially handy when you need to find out your IPSec shared key and you only have an ssh connection.

Do note that if you use the interactive mode that there isn’t any way of getting out besides using control-c.

Read more

BDB Utilities

The Berkeley DB tools that should have come with the OS

Michael Bartosh has a pkg installer for the Berkeley DB utilities that are necessary to roll your Cyrus and OpenLDAP transaction logs in addition to performing other housekeeping chores for any bdb database.

Check out the rest of his site for other OS X Server news and downloads.

Read more

Setting Screen Effects Defaults for Mass-Imaging

Not quite OS X Server, but since most of us do some kind of imaging…

Check out this command:

sudo pico /System/Library/Frameworks/ScreenSaver.framework/Versions/A/Resources/EngineDefaults.plist

This command is on one line, remember.

Does anyone know of other defaults this concept hold true for? (This determines what settings are used for "ByHost" plists, which are used by OS X to reset certain preferences after imaging).

Read more

Using OS X Open Directory to authenticate Squid Proxy Server

How to get Squid on another machine to authenticate to an Open Directory LDAP server.

While this example shows how to do this with a Red Hat box, the process is pretty much the same for any Unix/Linux.

Read more

Single Sign On for AFP using AD

How to kerberize your OS X Server when using AD for authentication.

I was going to write up my own, but Michael has done a great job of documenting all this and there’s nothing I can add. For what it’s worth I prefer the Unix-centric method halfway down the page.

Read more

Apple Releases Security Update 2004-09-07

Get your update from Software Update or from Apple’s Update page.

A gargantuan boatload of fixes including Safari and Kerberos, so read the link to find out exactly what. This update is for 10.3.4-5 and 10.2.8.

Read more

***WIP*** cyradm Shared Folders syntax

I’ll incorporate this into the other article.

I had a deal of trouble with cyradm after installing it – things simply would not work as I wished (though the install was easy).

I wanted shared folders for employees at my client’s office, but couldn’t seem to hack out a shared folder in Other\ Users/ – then, while digging through the advanced config for Mozilla Thunderbird, I got it…

cyradm -u [usernam] [fqdn]
– here i entered my password as prompted-
localhost>cm Shared\ Folders/Spam
localhost>sam Shared\ Folders/Spam lrswip

(the order of the acl flags seems to matter)

(also, the master "Shared" Folder must be named "Shared\ Folder" – the \ escapes out the space in the name…)

bcirvin/

Read more
AFP548 Site News Comments are Disabled

Mail Server Shootout – Call for Entries Now Closed

I’ve got a solid list of 10 mail servers, so give me a bit to put together the review…

I’m hoping to put together a fairly lengthy review of mail servers available for OS X Server and I want to make sure I don’t miss any. Read on for what I’m going to compare.

Read more