Tag Archives: osx

Posted on
by

And so the umptiest product of Apple becomes “idiot-and-retard-proofed”. While removing distinctive features and breaking everything that I liked about iTunes 10.

Soon we Apple users have nothing to say but “Yes Apple, thank you Apple for taking away features, options and functional apps!” Or the better alternative – “I’m buying a PC!”

Whine whine whine!

Give me back my sidebar!

Yea! I liked having a sidebar in iTunes, where I can switch to a different section of iTunes in 1 click and at a glance can see what’s what.
Now? It’s 2 clicks, no oversight and it’s just a stupid interface. For example, by chance I saw there were 5 App updates and 2 podcasts downloaded. Great. With the sidebar I could just see that. Now I have to accidentally stumble over it because I might switch to a different section. If I didn’t I would probably not see that for days.

Playlists are useless now, too!

I have a smart playlist “Never Played”. It worked like magic. New songs, podcasts – They would show up there if there were 0 (zero) ‘plays’ and it wasn’t an audiostream (radio). Great!

Now? There are 60 items in there that aren’t downloaded (but bought and removed) and thus have 0 plays. Suddenly I have to add “location is on this computer” to the playlist rules. Fine. Small change… But after I changed that half my library reverted to 0 plays. Awesome! Why? Because iTunes, without telling me, removed the files from the library and downloaded DRM free files. Another automated convenience that I…Do…Not…Care…About… And only inconveniences me.

And another… I had playlists made that took a bunch of similar genres and put them in a smart playlist. Since the rules for smart playlists are either ALL or ANY for matches. Suddenly I can not have such playlists anymore. Because Apple thinks it’s convenient to list iCloud shit in there too. Music I don’t want anymore, podcasts and Books. And because there are several genres and songs are only in one the rules must be set to “match any”. Thus the label “location is on this computer” is a free pass to have most items in the iTunes library to be listed. Suddenly I was listening to Trance music when I was expecting Massive Attack or SepiaMusic.

Of course I’ve tried a few things and combinations. But due to the amazingly useless iCloud integration half my playlists are now unusable and completely inaccurate.

And where the hell is Coverflow! I like coverflow! Google tells me a lot of people like coverflow! Why the hell is it removed? How do I get it back. It’s just a neat eye candy trick. But I liked it. What good is album art now, since the only usable option is the text listing.

And that’s iTunes 11. Amazingly new refreshed and super stupefied iTunes 11.

It’s a trend!

And I hate it!

Awesome Apple! Thanks! Yet again I must alter my comfort-zone because you want to be groundbreaking things!

Grrr!

Posted on
by

I don’t use the Mail service in OS X Lion Server. But Lion Server thinks it’s cool to run it anyway, sneaky, even though it’s turned off.

So, after a reboot it became a bit active. Spamming the log with:

Jun  1 06:00:06 minecraft dovecot[11880]: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: No such file or directory

Jun  1 06:00:06 minecraft dovecot[11880]: lda: Fatal: Internal error occurred. Refer to server log for more information.

Stupid server! If you know so well what’s wrong, then fix it yourself.
But that doesn’t seem to make sense. A bit of googling later i found out many people have this problem. And what kind of problem? The /var/run/dovecot folder… Doesn’t exit. What? Yes… It’s the dumbest thing of this hour! No sockets, no user management, no configuration. Missing sockets generally means that no connections can be made, ever. It’s like trying to make calls on an iPhone without a simcard and no one told you its missing, or even that you need one.

Solved easily though. Hop into terminal and make sure the /var/run/dovecot folder is indeed missing (or is empty). If it’s not there, make the folder yourself:

sudo mkdir /var/run/dovecot

And make sute the permissions and ownership are as follows:

drwxr-xr-x  22 root        daemon       748 Jun  1 06:57 dovecot

Then run mail:

sudo serveradmin start mail

Let it do it’s thing (10 seconds). Then kill mail:

sudo serveradmin stop mail

Verify there are now a bunch of files in the dovecot folder, there should be about 18-20 items in there now.

Done.

How dumb is it to install a mail daemon that has no sockets. Apple! Fix your shit!

[update: June 4, 2012] If you find that SMTP or any part of Mail keeps restarting when you stop the mail service. Try to disable it from Server.app. if that doesn’t work, try from Server Admin. If that also doesn’t work, stop the Mail service from Server Admin and restart the computer, logging out and back in is not enough. For me this stopped Mail from starting the SMTP services time and time again. Also make sure that in Server Admin – Mail – Mainentance the Mail queues are empty. Just delete anything you find in there.

[update: June 5, 2012] Also make sure that no other services are allowed to receive mail, iCal mail invitations for example should be unchecked in server.app.

Posted on
by

Earlier this week i upgraded my server. And bumped into the thing that i couldn’t add users in server.app but COULD do so in Workgroup Manager (the old way). Another silly thing i noticed was that my OD Replica DOES allow user management from server.app but wrote that off as “old data” from before the replica setup.

Turns out, while the OD Master seems to work fine it is bugged anyway. I’m not sure how, though. But if you create users in Workgroup Manager the Kerberos HASH is set wrong for every user. This is not a glaring issue as most things work fine but it’s a problem nonetheless. Servers mustn’t have issues like that.

I found out about this in the logs, looking for something else.
This message was being spammed every 10 seconds into the log for each user for the past 5 days:

2012-05-13 07:33:17.133 CEST – Module: SystemCache – Misconfiguration detected in hash ‘GlobalGUID’:
User ‘arnan’ (/LDAPv3/127.0.0.1) – ID 1025 – UUID 60AE8831-FEE8-4977-B705-D703C98619D6 – SID S-1-5-21-3113767512-2292254219-2485520413-3050

Changing the HASH manually for every user is the only solution here. And guess what? After you do so, i can suddenly add and manage users from the server.app too!!
I’m guessing because this showed up in the log:

2012-05-18 15:21:59.827 CEST – Loaded bundle at path ‘/System/Library/OpenDirectory/Modules/ActiveDirectory.bundle’
2012-05-18 15:22:15.816 CEST – Loaded bundle at path ‘/System/Library/OpenDirectory/Modules/nis.bundle’

This, silly enough, suggests that after 5 days of trying, the server *finally* finished loading modules.
<sarcasm>So nice of Apple to make a notification of sorts telling me that things aren’t 100% </sarcasm>

So what does actually happen?
When you make users with Workgroup Manager *every* user gets the default HASH of Untitled_1@HOST.DOMAIN.TLD (where host.domain.tld is your own domainname).
Changing Untitled_1 for every user into that users shortname/loginname it works instantly and allows LDAP to finish loading modules.

How to fix this:
This explanation only applies to Lion Server as far as i know. The solution should work on most OS X Server versions, but Directory Utility looks different on every system and menus’s and such might be different. Use at your own risk!

First determine if the problem exists at all. Don’t just rely on greyed out controls in server.app. Go to the log!
1. Open The Console app from Utilities and look for the “opendirectoryd.log” in /var/log/.
2. Check if you see messages similar to the above quotes.
3. Open Server.app, go to Directory Utility via the Tools menu.
4. Navigate to the Directory Editor and in the little drop down and select the /LDAPv3/127.0.0.1 database.
5. Select “Users” – Authenticate as your diradmin if you didn’t do it already.
On the left you’ll see all users and some extra items. Ignore anything that is not an actual person and select one user.
6. Find the “AltSecurityIdentities” variable and look at the Value. This should look like “Kerberos:Untitled_1@HOST.DOMAIN.TLD”.
7. Change “Untitled_1″ into the shortname/loginname of that user. Check spelling and press save.
Repeat steps 6 and 7 for every user!
8. Once done, check the logs and you should see it finish loading modules.

So what do we learn from this? Don’t trust Apple with server… After 12 years they still can’t get it right.
And; check the logs more often for errors, especially when you think it works.

Posted on
by

That’s right! Last night i’ve finally upgraded my Mac OS 10.6.8 server to 10.7.4.
With some recent changes in our use in services and such and new discoveries i’ve made. And about a billion bug fixes and improvements from Apple i felt confident enough to upgrade the thing.

BEHOLD! DNS and DHCP now actually work!
It worked so well it was beyond comprehension. Until…

The quest begins:
To start with, i absolutely hate the OS upgrade via the App Store. For server it makes no sense at all. And it took me about an hour to get it working not including the 3 times i had to re-download the 4.2GB Lion image before it picked up the automated download of server.
Yea. You can’t just say “Install Lion Server” you have to download Lion first. Which then triggers the server part. Except the trigger didn’t work a 100 times before i “re-bought” Lion and Lion server. Luckily it was smart enough to know i had already bought it. But that triggered the Server download, finally.

After that, the server went on installing, rebooting, installing some more, rebooting (i think). I do everything on remote desktop and with the installation process that’s not available, so i just let it run blindly. Hearing the boot sound occasionally. This took a good hour and a half.
Then nothing. No churning disks or reboots for a while. But also no remote desktop coming back. Hmmm… Assuming a confirm or “I’m finished, have fun” dialog was waiting for me i hit enter. And after a few minutes of churning disks i was presented with the Lion boot screen.

Hoping things did go well, but fully expecting my Open Directory, DNS and DHCP to be broken. MySQL missing and all file shares corrupt. I barged straight in. Set the “natural” scrolling to how it should be and noticed my Minecraft server wasn’t going nuts over it’s share. It had logged in… And indeed Open Directory was working! A miracle!

When i moved the web folders into their new location i noticed something else… MySQL worked too… And that’s not even part of the core modules anymore. Last time i tried, the installer kindly removed everything non-default. Including MySQL. Now it was actually in the way with my plan. But no fear. So Terminal hackery later, MySQL was good and dead and in the trash! Ready for MySQL 5.5 to be installed with it’s handy Prefpane.

So far so good. File shares worked, users were kept, i actually had to break my database to replace it. And well, overall it just went fine. New printer drivers and a load of settings later i had this brilliant idea.

Let’s learn a trick or two:
And it was truly brilliant…

Let’s make a Open Directory Replica on the Minecraft server!!! Let’s learn something new!!!

So i re-setup Open Directory from Stand-alone to Open Directory Master. Which allows for sharing user accounts between compatible servers.
It migrated my stuff to the new database. Twitched, retched and died.
Kerberos active, Password Server and LDAP dead. Ohnoes! This allows everyone unlimited access to most things network since the passwords cannot be verified. So anything goes at that point. Bummer!

So i kill LDAP:
sudo launchctl unload /System/Library/LaunchDaemons/org.openldap.slapd.plist

And Repair LDAP:
sudo /usr/bin/db_recover -c -h /var/db/openldap/openldap-data
Note the -c for severe corruption recovery!!

And then start LDAP:
sudo launchctl load /System/Library/LaunchDaemons/org.openldap.slapd.plist

Green telltale, yay! victory…
2 seconds later, grey telltale. False victory! :(
The log claims the database cannot be opened and closed LDAP until a valid database is found. It would try to start the server from time to time though. Epic Fail!

Some Googling later; “It’s your best bet to demote the server to Stand-alone, hope it keeps the data and if not, restore your backup!”
Ah yes, the non-existant backup. But, my data is here and worked. So demoting it should not destroy the database just revert the latest changes.
And 3 minutes later I’m presented a pristine empty, neat new database.
The log tells me the data was corrupt and i should restore my database from my archive. *sigh*

Mmhm… That’s for 10.6.8. Too old. Moving on!

Upgrade the empty database to Open Directory Master. Add a user via “server.app” only to find that everything is greyed out… Huh?!?
Broken again? Or… I open Workgroup Manager, That works. So yet again if you use Open directory and ANYTHING that’s not within Apple’s beaten path you have to rely on the older tools because the new stuff fails. Great. So much for simplicity!

So i add my users, set the access rights, passwords, paths. File Sharing does find the users. And all seems well.

Meanwhile… On the minecraft server:
I convert it to Open Directory Replica. Assign the Master server to it. And it works. Aparently. But the timezone is ignored. So the logs are 2 hours off… Silly.
It seems to work though. Yay! Single accounts all over the network! And it only crashed once and didn’t require multiple re-installs. Huzzah!

Afterthoughts:
- Upgrade is now possible but a clean install still is better i think. As in – Wipe disk, install Leopard client, upgrade to Lion client. Install Lion Server.
- Apples upgrade process is flawed from the start (the failing trigger if you already own the software and thus don’t have the buy event first)
- Apples server management tools are not very user friendly. In fact, the whole way things work for me now is clumsy. Lion Server aims to be managed by Server.app. A glorified Server Preferences (Snow Leopard). But, some things are done in good old Server Admin. User management doesn’t work in Server.app when you use Open Directory which is done in the even older (it still lists Classic OS!!) Workgroup manager. So 3 apps instead of 2. And all 3 are horribly slow.
- MySQL (5.5.24) needs some tweaking with the socket and my.cnf or it won’t work.
- Access control Lists (ACLs) tend to conflict with each other if you use both file sharing and the web server due to their oversimplified approach. This forces you to compromise security in some ways.
- Using server.app for remote management is not very friendly and keeps trying to install server components on your client machine.
- Open Directory is still as fragile as ever yet is one of the most important services the server has to offer.