Lion Server Wiki and IE9

I have to admit I was quite disappointed to learn about some of our Wiki users experiencing issues connecting to the latest version of Apple’s Wiki Server while using Internet Explorer 9. Through some digging, I was able to determine that a default option in IE9 was the culprit.

If you are using IE 9 and you are met with this error:

Unsupported Browser
Your browser is not supported.The latest version of Safari, Chrome, Firefox or Internet Explorer is required to use Wiki Server on Mac OS X Lion Server. Alternatively, visit this page from an iPod Touch, iPhone or iPad.

1. In IE, open the Tools menu and select “Compatibility View settings”:

1. Make sure the “Display intranet sites…” option is unchecked: 

CouchDB Top Tip: Bulk Insertions

If you are using OS X and cURL to interact with CouchDB, I highly recommend you use the –data-binary switch to bulk insert.  I struggled with this for days.  In other words, to post a JSON file named “helpdeskimport1.json” to database “helpdesk”, I would use the following command:

curl –data-binary @helpdeskimport1.json -H “Content-Type:application/json” -X POST http://localhost:5984/helpdesk/_bulk_docs -v

This should accommodate this version of curl:

curl 7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8l zlib/1.2.3

Run the the following command to check your version:

curl –version

 

Resetting and Re-assigning Permissions for Home Directories and Folder Redirection in Windows 2008 R2

I just wanted to post this quickly since I just got finished with testing it.  After moving a ton of user directories from Novell to a Microsoft share, I needed to reset permissions.

This quick and dirty method will look at the name of the user’s folder and attempt to apply ownership and modify permissions to the folder and everything below it for the constructed username %your_domain%\%folder_name%.

I say that it’s dirty because if the folder is not named the same as the user’s username, ownership and permissions simply won’t be applied.  It’s a quick way to get started though!

It’s useful to reset permissions for everything in the “home” directory (the one containing all of the user’s home folders) first by running

icacls %home_parent_dir% /reset /t

The script:

' Script to change file permissions on homedrive folders
' Author: Adapted from Ric Charlton's code by Chadwik
' ------------------------------------------------------

Set FSO = CreateObject("Scripting.FileSystemObject")
Set ObjShell = Wscript.CreateObject("Wscript.Shell")

ShowSubfolders FSO.GetFolder("D:\home")

Sub ShowSubFolders(Folder)
    For Each Subfolder in Folder.SubFolders
        WScript.Echo "Folder = " & Subfolder
	'This assumes that the username and subfolder are equal
	userName = SubFolder.Name

	'First set ownership of the path and all subfolders
	CMDLine0 = "icacls """ & Subfolder & """ /setowner %domain%\" & userName & " /t"
	WScript.Echo "Setting the owner of " & Subfolder
	ObjShell.Run CMDLine0

	'Now set the permissions on the directory so that all subfolders and files inherit ownership rights from the parent folder.  Then grant the user Modify access
	CMDLine1 = "icacls """ & Subfolder & """ /grant %domain%\" & username & ":(OI)(CI)M"
	WScript.Echo "Setting object and folder inheritance on the directory and applying modify permissions for the owner"
	ObjShell.Run CMDLine1

    Next
End Sub

Simply modify this script by changing the directory to run it against and adding your domain name.

Windows Server 2008 R2 and Samba

The last step before promoting a Windows 2003 domain to Windows 2008 is to remove the last Windows 2003 domain controller.  Upon doing so, I was met with a week-long period of talking with engineers from Microsoft, Netgear, and BakBone in order to determine what Group Policy settings were necessary in order to allow their devices to work.

Every possible GPO setting was scrutinized, altered, and synchronized across the domain with absolutely no different in how these devices operate.  I modified the default domain controllers policy and the default domain policy a number of times.  I even connected a hub and a laptop running Microsoft NetMon to provide traces to the Microsoft, Netgear, and BakBone engineers.  The most significant portion of the trace shows the following (Note: This is as seen from the client):

SMB:R Session Setup Andx – NT Status: System – Error, Code = (176) STATUS_PIPE_DISCONNECTED

On the workstation that was actually attempting to access the share, the following message was displayed:

As seen from Windows Vista Business x64

The problem devices were a ReadyNAS 1100 and an Asempra (now referred to as BakBone FastRecover as they acquired Asempra) server.

An upgrade to the latest version of FastRecover allowed the device to run a newer, more compatible version of Samba and thus resolved any errors with Windows Server 2008 directory.  NetGear, on the other hand, has been slow to provide any upgrades or enhancements to their SPARC line of ReadyNAS devices (such as the ReadyNAS 1100), and so we are now stuck with using manually managed permissions instead of directory permissions.

Exchange 2007 Error: “An Exchange 2007 server on which an address list service is active cannot be found”

In preparation for transitioning from a Windows 2003 domain to Windows 2008, I reached a panic moment recently: I tried to create a new mailbox and met the following error message:

An Exchange 2007 server on which an address list service is active cannot be found.

Agony ensued.

I checked the event log and didn’t see anything that seemed to be related to this error message.  I was unable to modify properties of accounts as well.

A few quick searches led me to run netstat and check all of the connections to see if Exchange was still attempting to access the Global Catalog through a GC server that was no longer active.  After running netstat, I noticed a server from which I had just removed the DC role.  Now that I had a pretty good idea of what was happening, I searched more to try and determine what I needed to do to remove that connection.  This was during normal business hours, so restarting the store and interrupting mail flow was not really an option.

After some additional searching, I discovered references to restarting the Microsoft Exchange System Attendant service.  What was difficult for me to locate was a reference to disruption of email delivery after restarting the service.  Finally, I located a credible blog post that assured me I wouldn’t interrupt mailflow and make anything any worse (a constant fear of mine, as a systems administrator):

If you are impacted by this, all that you have to do is restart the Microsoft Exchange System Attendant service after the midnight UTC, March 1, 2008. Restart of the System Attendant will not disrupt your Information Store service.

The article is about a Leap Year bug but knowing that the System Attendant service doesn’t affect mail flow was exactly what I needed.  Thank you, Exchange Team Blog!

A Long-Awaited Update

It’s been too long since I’ve updated and they will now be much more frequent.

Since my last update from September, basically everything has taken a back seat to a Microsoft Dynamics CRM project (much to my dismay) and to the final transition from Novell NetWare to Microsoft Windows 2008 file servers (also to my dismay).

I’ll have some updates soon about the process I’ve used to transfers files from NetWare to Windows 2008 because it wasn’t exactly easy or intuitive.

When I haven’t been completely brain dead from work, I’ve been studying a bit of Cisco (though I’m not sure pursuing a CCNA is at all advantageous at this point), learning CSS and HTML, and following along with Stanford’s iPhone development course available through iTunesU.  I wish I had the mandate to spend time working on all of these while at work, but so far this hasn’t happened.

Plans for Fall

There is never a dull moment!  Cost-cutting was the big trend in IT this year, and as I result I’ve pushed hard to solidify our stance on VMWare and how it will be used within the company.  While VMWare was high on my least of to-dos before the end of the year, my major projects right now include

• A comparison of vSphere VCB with Veeam Backup and NetVault BakBone software
• A continuation of preparations for leaving Novell NetWare as our file system of choice; it has been put on hold until Dec. 1
• Investigating SproutCore technology to replace .NET development for in-house projects
• Investigating iPhone development for database-driven applications
• Preparing for the Cisco CCNA exam

A busy schedule for sure.  More to come as I attempt to actually complete these projects in a reasonable amount of time!

Replacing a Corrupt or Missing VMWare Tools ISO

I ran into this today and thought I would document it somewhere.  In trying to save space on an ESX host, I wiped out (almost) everything in the tools-isoimages directory.  I didn’t realize what I had done until I tried to install VMWare Tools on a few new machines I created.  It wouldn’t be such a big deal if I had only deleted the iso on one of the two ESX hosts I maintain, but I managed to wipe both — yay!  In order to replace the ISO file, it’s necessary to extract the file(s) from the RPM directory on the ESX installation media. 

1. Mount the ESX ISO file (or insert the CD) into a machine that has file system access to the ESX host.  (I use Veeam Backup and FastSCP for transferring files)
2. Navigate to the the VMWare/RPMS directory
3. Transfer the VMWare-esx-tools-%version%.rpm file to the ESX host
4. SSH into the host and navigate to the RPM location.  I stuck mine in the tools-isoimages directory just to make it easier on myself
5. Replace the tools package by running the command rpm -i %file.rpm% –replacepkgs where %file.rpm% is the name of the RPM file.
6. If everything works, you will be put back at the command prompt and a few new .iso files will be present in your tools-isoimages directory
7. Attempt to install VMWare Tools on your host and all should be well
8. If you were as adept as me, copy the Windows.iso and Windows.iso.sig to the other host you hosed!

I hope this helps someone out there!

Adding a Table of Contents in Apple Wiki Server

Following up on my question to the wiki-dev list, I received a response with some unattributed code for generating a table of contents for a wiki page:

// set aside the old prepare method

if (window.prepare) window.beforeTOCPrepare = window.prepare;

// now add our own, which calls the old one

window.prepare = function(inAlwaysRun) {

if (window.beforeTOCPrepare) beforeTOCPrepare(inAlwaysRun);

if ($(‘editable_content’)) gTOCGenerator = new TOCGenerator();

// also fix up the WLTEditor class so that it redraws the TOC when saving

if (window.gEditor) {

gEditor.beforeTOCEditorCleanElementForEditing = gEditor.cleanElementForEditing;

gEditor.cleanElementForEditing = function(inElement) {

gEditor.beforeTOCEditorCleanElementForEditing(inElement);

gTOCGenerator.remove();

}

gEditor.beforeTOCCleanElementAfterEditing = gEditor.cleanElementAfterEditing;

gEditor.cleanElementAfterEditing = function(inElement, inResponseDict) {

gEditor.beforeTOCCleanElementAfterEditing(inElement, inResponseDict);

gTOCGenerator.draw();

}

}

}

Simply copy and paste this code into a .js (JavaScript) file and save it to your theme’s folder structure: /Library/Application Support/Apple/WikiServer/Themes/[your_theme_name]/

I sincerely apologize for the formatting but I’m sick of fighting with WordPress to get it right!  I’m no JavaScript expert so I do not know how the code works, but this can server as a starting point for future ToC development.  For now, when the title of an article with multiple headings is clicked, a menu of the headings appears:

Apple Wiki Table of Contents using JavaScript

With more time and a little Headfirst: JavaScript, I might just have a solution that makes a dynamic, permanent Table of Contents at the top of each article.

The code has not been attributed to any one person but I will gladly cite the author if someone claims to be he or she.

Apple’s Wiki Server

I’ve been a faithful Wiki Server use since it launched with Leopard Server.  I’ve converted my company’s two major MediaWiki installations with a reasonable amount of success and we now have 11 wikis spanning 9 departments.

Discovering the limitations of the software has been extremely disheartening.  I’ve posted a few times on the support forums with little interaction with the wiki dev team.  I even attended WWDC ’08 in hopes of learning how I could improve our wiki implementation.  In more words, I was told to learn JavaScript and/or XSL to modify the wiki.  While this is great for someone who’s job is to maintain the wiki and nothing more, this is not advice for a network administrator.  Maintaining the wiki occupies such a small portion of my responsibilities that it is simply not economical for me to learn a new language just to make the tool more user-friendly and more applicable to the other departments in the company.

What we, Apple Wiki devs/users, need is an API.  Apple: give us an API.