A while a go a friend asked me if I would help him set up his office with an Open Directory system, and integrate everything through his Xserve. It sounded like a simple enough task, as I have done this numerous times in the classroom and for our lab at work. Boy was I wrong.
The setup took several hours longer than I would have expected. He already had the infrastructure, so it should have been simple to set up the server and bind all the clients to the new Directory and establish Kerberos authentication. The problem ended up being the need to run virtual machines, each of which tried to run remotely on the server instead of locally on the machine (because they were saved in the network home folder). So, I moved all the virtual machines to the local machines, which fixed that issue.
Next, preferences within the home folders would get lost all the time. That it turned out was because the network home folders were taking up too much space, so I moved everyone's iTunes libraries to the local machine to free up space. I also had trouble with some internal networking running really slow on occasion (I suspect it's a problem with the switch, but he can't replace it), so in order to deal with the flaky network and network home folders, I created mobile accounts on every machine. If the network goes down, they can authenticate locally and still get what work can be done in an unplugged world.
Finally, the mail issue. His office was using Zimbra mail, which was a neat setup, but his version couldn't be Kerberized. That, and he wanted to migrate to Apple's Mail and Calendar server. So, I set up the mail server, and set up a script utilizing imapsync to transfer the mail from one server to another. Why? Because I couldn't find any documentation on how to move one Postfix database to another while making sure the content was safe and secure. Anyway, after many attempts (I don't mind pointing out at this point that imapsync is perhaps one of the most poorly documented open source project I've seen), success was made. Now all I needed to do was redirect the DNS from the router to the new server, and everything should be hunky-dory, right?
The router was using an OpenBSD OS that was extremely limiting. It took for ever to get the blasted thing to migrate to the right IP's, and then it didn't support alias addressing in the DNS. There's probably a way to hack the DNS file manually, but I ran into another problem that was really bugging me: Starting the Mail service in Server Admin didn't actually start Postfix. That's right, it was running all the features of mail without the actual SMTP client to manage it.
This blew my mind. A quick search and help from a friend that was Linux savvy indicated that this is a rare bug that happens, and all you have to do is run Postfix manually. Seems simple enough, but then you need to set it up to start when the system starts. Again, not too difficult, and easy to set up by adding it to the rc.local file (you can also write a launchd .plist file to handle it, but that's more complicated than the rc.local step, and I wanted to get this done as soon as possible).
So now Postfix was working, but no one could send or receive mail. Huge problem, since that's the point of the mail service. So, again with the help of my friend, we managed to edit both the main.cf and the master.cf to the right specifications, all of which managed to get Mail working.
Now, I would like to point out that never in my time as an Instructor have I seen these services fail this badly and completely. Part of the problem was the strain on his internal network and some bad ports in his router. Part of the problem was random issues that should never have existed, and yet do because life is never perfect. And finally, because I have been touting Apple as such as simple solution for a UNIX-based network, it just had to be a problem.
Has anyone else out there had a similar problem where they have gone into a job with the knowledge that your solution would work, regardless of the platform, and seen it go horribly wrong? I'm just grateful my friend who asked this of me was so understanding and patient.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment