The Cat Convention

Is it just me, or do keychains experience issues way too easily in Lion 10.7.3?

Social Links

Those of you who have taken the plunge into 10.7.3 on your server may have discovered (much to your dismay) that the VPN is broken.

There’s a support article on the Apple support site that will bring your VPN service back to life. Basically, you need to flip a bit on the system VPN account.

This applies to any server that was running VPN prior to the 10.7.3 update, which would be a great deal of us. The good news is… PPTP is now supposedly working. I primarily use L2TP, so I didn’t care so much about that one. But when L2TP was also broken after the 10.7.3 update, I was flummoxed.

Social Links

If you have a Lion server behind a NAT router (for example, an Airport Extreme or Time Capsule) that is running a VPN service you may have difficulties connecting to it with Windows 7 using L2TP despite the correct setup.

I won’t go into the deep dive on this now, but just a total quick tip. You need to change the encapsulation parameters on Windows 7. Do that by setting a registry key:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PolicyAgent]

…add a new DWORD value:

“AssumeUDPEncapsulationContextOnSendRule”=dword:00000002

Social Links

There seems to be a great deal of misunderstanding around Apple’s “shared contacts” feature in Lion. If you spend some time searching the Apple Community forums and blogs, lots of folks are claiming that Apple has performed a feat of false advertising over this need.

Indeed, sharing contacts across an organization is a pretty big requirement. Not just do you want to share the contact info of the users in your directory, it would be more than beautiful if you could add shared contacts that everyone could search against.

I’ve published a screencast on how to do this. Here’s a hint: it involves a checkbox in your Lion server setup and some TLC with your Open Directory. Basically, you’ll make your Open Directory searchable by the Address Book Server and use the Directory Utility to put the shared contacts into your OD setup. It works like a charm and there’s no need to share a username and password amongst your users.

Sorry I spoiled the ending for you, but for details on this please watch the screencast. Comment below or contact me if you have any questions, comments or suggestions. I love to hear from folks!

Have any other heavy tips or requirements out of Mac OS X and you just can’t figure it out? Let me know and I’ll see if I can unravel it for you.

If the embed does not work for you, you can see the video here: http://www.youtube.com/embed/_5NctchJ8s

Social Links

After a tremendous ordeal of trying to install OS X Lion on my January 2008 Mac Pro, I finally had a breakthrough. I discovered what appears to be a hardware incompatibility.

To properly tell this story we’ll have to go back in time.

In January of 2008 when this model of Mac Pro was available (version 3.1) it was definitely the cat’s meow. I bought a true boss of a system too. I picked up an 8-core 2.8ghz Mac Pro with 4gb of RAM. Later, I bought some third party RAM from Crucial to stuff it to the brim with 32gb.

I also visited Newegg.com to pick up three more hard drives. That was an easy decision. I picked up 3 more 750gb hard drives, all of them Seagate. When I was a PC guy Seagates or Maxtors were the only drives to buy.

I also picked up a Drobo. If you’ve read this blog for a while, you know what happened with the Drobo. To replace the Drobo I eventually purchased a Promise DS4600 and 4 Seagate ST31000340AS 1 terabyte drives.

The Promise unit had issues. It was finicky and liked to drop drives out of the array for no discernible reason. Oddly enough, the drive that failed out of the array most often was whatever drive was in bay 4. It didn’t have to be the same drive. You could literally swap the drives in and out of bay 4 and eventually it would fail. It was really bizarre. I opened numerous cases with Promise.

Promise finally came back with the information that this particular model of Seagate drives were not certified to work with the DS4600. Okie, I can handle that. No problem. I reviewed the compatibility list provided by Promise and selected a set of Hitachi 2TB drives.

I then moved on to fight the DS4600 again to make it work over eSATA. Only this weekend did that finally get resolved. But that’s another story for another day. If you want to hear it, let me know and I’ll be happy to tell it.

Anyway, back to the Seagate drives. After all of that drama and switching around, I now had a set of Seagate ST31000340AS 1tb drives… four of them to be exact. During this time I was also experiencing regular S.M.A.R.T. failures in the 750gb drives in the chassis of the Mac Pro. Those drives were being sent off and replaced on a fairly regular basis.

As these drives were replaced and rolled around, I decided that maybe I should move the 1tb drives into the Mac Pro and get 250gb of extra space. That’s kind of a no-brainer decision, right? I ended up with the original 750gb drive that shipped from Apple and three ST31000340AS drives in the other bays. I had the bright idea of creating a RAID-0 and installing Lion on it. I just knew it was going to scream.

…except that Lion wouldn’t install.

The install would always start off just fine. It would write files and then reboot. Then, somewhere in the next storage of the install it would just die. An error message popped up claiming that there was a problem and Lion couldn’t be installed.

how can this be? thought I. There’s no way Apple would release an operating system that has an incompatibility of this nature with a 2008 Mac Pro. this is insane.

I lost many countless hours of sleep to install attempts. I would try to install. I would watch it fail. I would research a little more. I’ve spent weeks trying to get through this. Nothing… and I mean NOTHING would get through with the install…

…until one time, it did.

Immediately, my trust level of the whole installation was suspect of course. Why would it fail to install so many times and then just out of the blue… it would work? It didn’t make sense. I had tried reseating hardware. I had tried pulling out the BlackMagic Intensity Card. I had tried pulling out the eSATA cards. I tried putting the stock RAM back in place. I tried everything. Nothing worked… until this time it did. Weird. It didn’t make sense.

I ran with Lion on the RAID-0 for a few days and happily thought I would go about the installation of Carbon Copy Cloner so I could set up clone tasks for the operating system disk.

cue music. It started to happen. Everything segfaulted. I could literally open the Console application and watch the crash reports roll in like a riot was going on in the Grid and reporters were on the air. No program was safe. Every one of them blew up. Sync your iPhone? Bam. iTunes died. Sync your iPod? SLAM. VTPCDecoder (or something) explodes. yeah, this OS is suspect.

I decided to whack the RAID-0 and try the install again on a single ST31000340AS drive. Guess what? The install failed… again and again.

I booked a Genius Bar appointment. Obviously, my logic board was bad.

I’m not sure what made me think to try it, but I did. One of the 1tb drives had died at some point and I received a replacement that was a completely different model. Also I ran across information on the net that a lot of people were having problems with ST31000340AS drives and certain versions of firmware. Those versions were SD1A and SD15. I looked over the drives I had. All of them had one of those two firmware revisions.

interesting.

I took one of the drives Seagate sent back that was a different model number. For the record, the drive was model ST31000528AS. I slapped it in the chassis and formatted it with HFS+. I fired up the Lion installer and hit go. I asked it to give me a full, fresh install of Lion on this disk. It worked the first time.

Not only did it work, it has been rock solid. Nothing is crashing like it was before on the other drives. Lion has become a joy to use the past two days. I stored away the Snow Leopard volume and kept it for emergencies.

I cancelled the Genius Bar appointment.

By now I think you can figure out what my conclusion. There’s something wrong with ST31000340AS Seagate drives. Don’t try to use them with Lion. Something about the kernel in Lion disagrees strongly with that model of drive. If you read around on the net you will find many, many horror stories with those drives.

Beware.

Social Links

Wait.

Social Links

Just a quick note. Tonight I was reading up on the migration document for OS X Lion Server and discovered this little tidbit:

Quicktime Streaming Server is not supported on OS X Lion Server.

There are some changes to wikis and mailing list support as well. Here’s a paste from page 17/18 of the guide:

Understanding what can be reused

When you upgrade from Mac OS X Server v10.6 or later, virtually all existing data and settings remain available for use, but note the following:

• NetBoot images created using Mac OS X Server v10.5 or later can be reused. NetBoot images created using earlier versions cannot be used.
• When upgrading to Lion Server, the launch daemons (/System/Library/ LaunchDaemons) are replaced by the Lion Server version of these daemons.
• Open Directory on Lion Server cannot be configured as a primary domain controller (PDC) or a backup domain controller (BDC) using the SMB service.
• Lion Server does not support Print service, MySQL, Mobile Access, Tomcat, Axis, or QuickTime Streaming Server (QTSS).
• Wiki-based mailing list and archives are not available in Lion Server.
• If you are using Mail service with Mac OS X Server v10.6 and are performing the upgrade to Lion Server, make sure your mail data partitions and the mail database are accessible during the upgrade process. This automates the mail migration process and requires you to have no interaction.

I’m a little surprised that Mobile Access is also gone. They were pretty proud of that feature in Snow Leopard Server.

Be aware before you jump, folks!

Social Links

Speculation: Apple website hints at iWork update for Lion | TUAW – The Unofficial Apple Weblog

I completely agree with this speculation. I think the iWork ’11 update has a lot of dependencies on Lion features, specifically auto-save, iCloud and full screen views. This makes complete sense.

Tomorrow could turn out to be the start of a very busy 2nd half of the summer for Mac lovers.

Social Links

I did not use this site to live blog the WWDC keynote because frankly, other people did a fine job of it. I prefer to watch the keynote and let it simmer on my brain. I sprinkle it with a bit of flavor from the other blogs and information on the net.

Then I grab the products and I test it to death.

There’s a lot to like in today’s WWDC keynote. A lot. I wasn’t disappointed in the slightest. Apple has laid down the gauntlet on where they want to go. They’re going to the cloud and they’re creating the “post-PC” era groundwork.

I’ve seen many blogs call today’s announcements a “bloodbath.” In many respects, that’s accurate. If you work at RIM today you have to be thinking that your company’s lifespan just shortened a bit more. Apple is clearly listening to the consumers and learning from the jailbreak market, the Android devices and RIM. They are doing things the “Apple way” and that’s good.

This is, however, a blog about Apple in the Enterprise. I’m going to drop a few tidbits that I think are quite relevant.

• Lion client is $29.99 and available from the Mac App Store only. I would assume there is a way to make an installer disk so you don’t have to download this over and over again. I would also assume there is a way to make this available to your Enterprise on a volume licensing-type of arrangement. I’ll be looking into this more.
• Lion Server will cost an extra $49 on top of the $29 charge for Lion client. This is huge and will likely increase the install base of the server product.
• iOS 5.0′s notification system, iMessage and other features are really huge.
• What REALLY matters to the enterprises that I work for: S/MIME support in Mail. I’m so glad to see this. I’m cautiously optimistic that this will work well, but frankly, many folks have screwed PKI up so badly it may not matter.
• iCloud is big, but it looks like some elements of iCloud are included in Lion Server so you can make your own private iCloud. I’ll also be looking into this more as time moves on.

MobileMe’s death sentence is interesting. It’s a rare admittance by Apple that something didn’t work. I’m glad to see they’re not afraid to stand up to the product’s failings (and victories) and learn from it. I’ve been looking for ways to migrate off of MobileMe for a while. I’ve only maintained a membership for the syncing of contacts and bookmarks and… well, to make sure I have it to test against in case customers need to know something about it.

Overall, it was a great keynote. Apple is doing fantastic things and I really look forward to delving into it even more. I’m sad that I’m not attending WWDC this year. It’s easily the biggest keynote since the introduction of the iPhone. Whenever there is a huge WWDC keynote like this I usually walk away from it exasperated. I stop and wonder, where in the hell can they take this now? this is already too good.

I know those folks are having a blast and loving life tonight… as am I. This is really quite exciting.

Social Links

Damn.

Damn damn.

Damn damn DAMN damn DAMN DAMN DAMN.

I couldn’t get a ticket to WWDC this year. There was absolutely no way I could cough up that kind of cash in 10 hours flat. I tried, but it just didn’t happen.

This morning comes the press release. iCloud is no longer a rumor. It’s really here. iOS 5.0 and OS X Lion are the focal points of WWDC ’11. This just makes me sad. Oh well, I suppose I will see the videos after the conference.

You can read the press release for yourself right here. All of you who will be standing in line next Monday… have a great time! I’m there with you in spirit.

Social Links