In Mac OS X Server 10.7.x and 10.8.x, there’s been an issue that Mac admins have run into more than once:
Profile Manager in 10.7.x and 10.8.x also has an known issue where it crashes when set up in a VM. The root cause is the same: Profile Manager needs to have Open Directory running and Open Directory won’t turn on.
The fix for this issue in 10.7.x Server and 10.8.x Server is simple – give your VM more than one processor. Once you give the VM multiple processors (two is fine), Open Directory should begin working. This will also fix the Profile Manager crashing issue, as Open Directory should now enable properly.
In Mavericks, it appears Apple has addressed this issue. In my testing, Open Directory no longer requires multiple processors.
Now that Open Directory can run with one processor, Profile Manager also now runs properly on a one-processor VM.
In my travels, an issue I’ve occasionally dealt with has been moving Macs between directory services. In some cases, this meant between AD domains. In others, moving a Mac from an AD domain to an OpenLDAP server. In each case, as part of the process, the UID of the user’s account changed from the UID associated with the old directory service to the UID associated with the new directory service.
File and folder ownership on OS X is associated with UIDs, so files and folders that were created and saved by the old account may now be either inaccessible or read-only. You can update the ownership by using the Unix find command to locate files and folders owned by the old account’s UID and change the permissions so that the file or folder is now owned by the new account. For details, see below the jump.
Apple has released Xcode 5.0.2 through the Mac App Store for all Macs running 10.8.4 and higher. While the command line tools for Mavericks are now included with Xcode, the command line tools for Mountain Lion can be installed separately through the Xcode preferences, in the Downloads section.
For my users who are developers, Xcode is part of their their new machine builds. I wanted to include Xcode 5.0.2 and also, where appropriate, install the command line tools automatically without needing to enter an Apple ID. With a little help from the Mac App Store, I was able to do this using Packages. See below the jump for the details.
Thanks to Allister, I ran across this NetSUS-related feature request at JAMF Nation. While the feature request makes sense in the context of the requester’s shop, it is possible to resize the NetSUS appliance to give it additional space.
The steps should be reasonably similar for each virtualization solution, but see below the jump for how to do this with VMware Fusion 6.x.
Something I’ve always tried to include with Xcode installations are the Xcode command line tools. Starting in Xcode 4.3, Apple stopped bundling these tools by default and instead made them an optional install.
Since having these tools is useful, I re-packaged various versions of Xcode so that I could include these tools as part of the install. One of the ways I could tell that they were installed was by going into Xcode’s Downloads preferences panel and see if the Command Line Tools showed up with a checkbox entry.
Starting in Mavericks though, the Command Line Tools entry disappeared from Downloads.
Meanwhile, the Xcode command line tools themselves moved. In Mountain Lion, the Xcode 5.0.x command line tools are installed into /usr/bin and other system software directories.
In Mavericks, they are installed into /Library/Developer.
Why was this happening? After some digging and some collaborative work in the ##osx-server IRC room, an answer was found. See below the jump for details.
“Understand FileVault 2 and Manage Disk Encryption with the Casper Suite” session video from JNUC 2013 now available
For those interested, the JNUC session videos are available on YouTube. For convenience. I’ve linked my FileVault 2 session here:
With the release of 10.9, a number of Mac admins began seeing an Updating Managed Settings message appear at the login window.
Starting with 10.9, MCX will attempt to contact an AD/OD/MDM server during login, before the Finder is launched to ensure that all managed settings are applied before any user session applications run.
The dialog you are seeing comes up if this process takes more than a couple seconds.
The dialog does not add any time to the login process.
It’s just telling you why the login is taking extra time.
If your AD/OD/MDM server is responding slowly, then this is “normal” as the client just has to wait for the operations to complete.
In my own shop, this was going to be an issue. Our Casper server does not communicate with its clients over the Internet, so my users would see this message whenever they logged in while off of the office network. After working with Apple support, I now have a solution that works while a better one is hopefully being developed. See below the jump for the details.