When doing system administration it is often more convenient to connect to a server through some sort of remote connection setup rather than having to sit at a console in a datacenter. The comfort of one’s office (or living-room) is often far superior in terms of noise and temperature than the environs of the datacenter itself.
When setting up the RHEL5 server this week here at VSU, I was forced to use the Sun iLOM connection to do the initial install of the server. While I generally use command-line only tools, the ease of use one gains from the GUI tools can often make some tasks much simpler. Towards this end I decided to setup the server and my client to allow XDMCP sessions so that I could have full access to the GUI when necessary.
On the server there are a couple of things that you need to configure in order to make this workFirew:
- Firewall ports
- GDM configuration options
On the client you will need to configure the OS X firewall, as well as use the correct Xephyr connection syntax.
Continue reading
One of the standard methods of configuring Mac OS X in the enterprise has become known as the magic triangle or golden triangle. This is generally described as a setup involving Active Directory (AD) for authentication of the clients and services and Open Directory (OD) for managing the client preferences. The triangle comes from the fact that you have the Mac clients talking to AD, the clients also talking to OD, and the Mac server talking to AD. (Apple officially calls this the magic triangle setup in the Snow Leopard Server Open Directory Administration documentation.)
One of the issues I ran into was granting a non-admin in AD the ability to perform administrative functions on the clients bound to AD. The way this is handled with the Windows clients is for the particular AD user to be a member of a group that grants local administrator privileges.
Unfortunately there is no simple equivalent on the OD side of the equation to allow this for the technicians working on the Mac OS X clients. If you add an AD user to the system level group Open Directory Administrators using Workgroup Manager (WGM) this has no effect on whether a user is granted local administrator privileges to a connected client machine.
The solution to this involves:
- creating a group in OD to hold the members of AD that should have local administrative privileges,
- adding this OD group to the requisite local workstation groups to mimic the standard administrative privileges, and
- adding the OD group to the sudoers file
Continue reading
While re-loading the OS and apps on my iMac at work, I ran into major issues whilst updating MS Office 2008. When running the first update, Office 2008 SP1 (12.1.0) I had no problems, however none of the other updates would run. I kept getting the error “You cannot install Office 2008 Updates on this volume. A version of the software required to install this update was not found on this volume.”
At first I thought that this might be due to some permissions shenanigans revolving around my AD/OD setup, since the logged in user was not a local admin, but had been granted administrator privileges through a nested group trick.
After more searching I ran across a post on the forums MacRumors.com pointing out problems when running updates on an Office 2008 install that had been altered by using Monolingual or XSlimmer.
Both of these programs were developed to slim down the sizes of binary applications on OS X. Monolingual strips the “additional languages” from OS X programs and operating system files, while XSlimmer is designed to remove both the extra language information and the unused binary code in a fat binary. I have never used either of these programs, since I was not concerned about the amount of disk space they utilize.
After more searching, I ran across a post in the Entourage Help Pages discussing troubleshooting Office 2008 installations. While this page also mentioned issues with installations being altered by Monolingual and XSlimmer, it also pointed out an issue with a workaround created to handle a bug in how Safari deals with the docx file extension. While the automator workflow mentioned does not appear to actually affect anything other than the names of files, it did jog my memory about something else Safari related that occured when installing Adobe CS 4 earlier the same day.
While installing CS 4 and the available updates, I was prompted to not only quit Safari, but also to quit XMarks for Safari. For those that don’t know, XMarks is a great service for synchronizing your browser bookmarks between multiple machines, platforms, and browsers.
On a hunch I quit XMarks for Safari, as well as the browser itself. No dice, I still got the error. Knowing how easy it would be to reinstall the helper application, I uninstalled XMarks. Eureka! The Office updaters now ran without a hitch. So, if you are having this problem, try deactivating or removing anything plugins that effect the default nature of Safari.
Lately I have noticed that when browsing the web my external hard drive would spin up when there seemed no need. I had just given into the mysterious and not concerned myself with this until yesterday.
After a few searches, I turned up a post on Apple’s discussion boards entitled Safari pauses & spins up ext HDs with ATS Autoactivation errors. While I have not found the errors in my logs refered to by the OP, I have noticed the exact same symptoms.
Using the symptoms and discoveries by W. Raideer and strangebirds as a guideline, I found a solution to the issue. While this may in fact be a bug, it turns out that if you disable Spotlight on the external drive this activity ceases, at least in my case.
To quote the Help documentation for Font Book on the Automatic Activation feature:
Note that if you turn off Spotlight searching for any folder or disk connected to your computer, Font Book can’t find and enable fonts in those locations.
After listing my external drive in the Spotlight preference pane section labeled Privacy, I have ceased to have this particular issue. While this may not be advisable or desirable, depending on the content of the external drive, I have noticed no detrimental effect by disabling Spotlight on the drive.