Macs
Views:
Contents |
Gorgon
OS = OSX 10.4.11 Server
Running the following;
Open Directory Master - authentication for mac users
Home directories
Netboot/restore
Radmind
Sibelius License Server
Software Update Server
Gorgon has 3 x 76GB disks set up as 2 Volumes,
'Mac OSX Server' to which the OS is installed, radmind loadsets and netboot/restore images also reside here.
'DATA' which is a mirrored raid set of 2 disks, it hosts Mac user home directories. It is backed up nightly by backup exec via the RAMS 12 agent.
Gorgon is set up as an Open Directory master server with Kerberos enabled. It hosts an OpenLDAP database for users - at the moment these need to be added manually either by using a CSV or literally by hand, it's a bit of a pain but Workgroup manager and OD are pretty limited as far as decent directory server functionality goes.
Management
There are a number of ways to manage Gorgon and the mac environment.
=== VNC === - get hold of 'Chicken of the VNC' for mac or ultra vnc for windows - connection password is '*?*****'
====Screen Sharing==== - This is a new feature implemented in Leopard (OSX 10.5)- currently the only Leopard mac in the college is the support iMac. Machines are advertised using bonjour and appear in the left hand finder pane under 'shared'- click on any mac /gorgon and hit the 'Share Screen' button - authenticate with the administrator account to get a decent VNC style remote desktop- it probably is just vnc but it's handy none the less.
=== Server tools === (10.4) - now Apple saw fit to get rid of the 10.4 tools download from their site, and considering the new 10.5 tools (still) don't really work I can't help but wonder why. Copy the Server folder from Gorgon's applications folder to a mac. Server tools includes a few utilities, but the important ones are 'Workgroup Manager' often referred to as 'WGM' and 'Server Admin'.
==== Workgroup Manager ==== - use this to administer the Open Directory database, user accounts, network shares, computer accounts and any management (like a cut down crap group policy - I like macs, I'm just being honest).
=== Server Admin === - use this to start, stop and configure various services.
Both of the above will work remotely, although they'll take an ice age or two to authenticate, vnc or screen share to the server to use them at a decent speed- give them the administrator account details above to log in.
SSH
This is the best way to fiddle with gorgon for quite a few things provided you know your way around the BASH command line shell (or your shell of choice, OSX is just a modified BSD)- a prime requisite of any mac admin in my opinion.
Logic
We have 4 different License codes.
MAC-01 to Mac-05 - Logic 7 Express -
MAC-06 to Mac-14 - Logic 7 Express -
MAC-15 - Logic 8 Express -
Admin-194 - Logic 7 Pro -
Radmind is used to push out a pre-registered copy of Logic to the relevant Mac/s.
Sibelius 4
Sibelius is pushed out to Mac clients using Radmind.
License Server = Gorgon.main.varndean.ac.uk - 10.10.0.13 Sibelius seems to be really crap when connecting to the license server- even though DNS is working fine and the machines can look up gorgon, sometimes, for some machines, putting in the FQDN as the license server won't work- put the IP in and everything is fine - no idea why, nor do Sibelius.
Radmind
Radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. For Mac OS X, there's also a graphical interface.
At its core, radmind operates as a tripwire. It is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
Each managed machine may have its own loadset composed of multiple, layered overloads. This allows, for example, the operating system to be described separately from applications.
Loadsets are stored on a remote server. By updating a loadset on the server, changes can be pushed to managed machines.
http://rsug.itd.umich.edu/software/radmind/
We currently use radmind in conjunction with Netrestore as an automated imaging and application delivery system to push out both base operating system and customised application sets targeted on a per machine basis.
Both systems have been set up with zenworks imaging and applications / snappshot very much in mind. Everything therefore functions in much the same way- with netrestore taking care of imaging and radmind, apps.
Please use the following link to the official Radmind documentation- it's really quite an intuitive system and the info here describes the whole process far more clearly than I can.
http://www.gal.co.uk/software/radmind/radmind-manual.pdf
Netrestore / Netboot
The imaging system- To network boot a mac, hold 'n' as the machine boots or change the startup volume in system preferences > startup disk to the network location (imac base etc) and click reboot.
This will boot a hacked up os x install environment from gorgon which is used to simply run any utilities (ie, disc utility) and more importantly 'Netrestore'.
Netrestore can then be used to yank down the full os 10.4 base image from an AFP sharepoint on gorgon. You can set any additional parameters such as pre and post applied scripts, hostname, startup volume, tcp/ip settings etc etc.
Check out the documentation below for far more comprehensive instructions- again, once set up it's all pretty simple.
Netrestore/Netboot/ASR - see http://www.bombich.com/software/docs/netrestore/English/index.html and http://www.bombich.com
Creating a new image is pretty simple- it involves running the netrestore client on a fresh machine before uploading it to the AFP share on gorgon. It turns it into an ASR compatible image and is therefore fully compatible with the native imaging tools shipped with OSX server
