DAG discussion for a small organization

Similar Messages

• Advise about setting up a permissons on Lion server for a small office.

  What is the common wisdom and advise about setting up permissions optimally for a small office using OS X Lion Server as a file server?  I thought I had this solved by setting the ACL permissions so that all users and appropriate groups can read and write all files on the server.  This works great until a new file is created.  Then it appears that the POSIX umask kicks in and takes priority over the ACL permissions.  I need to allow group write permissions on all new files.  My options seem to be:
  Make everyone an admin - not great for obvious security reasons
  Change the umask for the whole machine - also security problems, though perhaps fewer than the everyone-an-admin route above
  Write a folder action applescript to add group write permission on all new files.  This works fine if you have a static number of folders  With new folders it has the problem: How do new folders created by non-admin users get this folder action automatically applied to them - some cronjob to hunt down the new folders; an applesscrpt folder action that adds a folder action to all new folders (sounds recursively complicated)?
  Have a cron job regularly do something like  `chmod -R 664` on all files.  This will break during those between the cracks times between when someone creates a new file and when the cronjob runs - not ideal.
  Seems like this should be easier which makes me think I'm missing something obvious.
  Any help great appreciated.  Thank you in advance!

  Good-heart's advice is certainly your first step, but if you've already done that and still have the problem you've described, you might have the 10.7.3 ACL bug, particularly if your users and groups are in an OD or AD rather than being local accounts on the server. The problem is that ACL's for directory accounts are incorrectly ignored, resulting in POSIX permissions coming into play.
  I've descibed my workaround for this here;
  https://discussions.apple.com/message/18037703
  I haven't yet tried the other trick I've read about, which is to ensure your Share's data directories are at least one level down on the volume - there is a post here on the Communities that mentions this;
  https://discussions.apple.com/message/18028746
  I seem to remember that this helped with an earlier version of AFP, if using external firewire or usb storage.
  Let us know if you find a fix, it seems a number of people have problems with this.
  Regards,
  Ian

• How to set up a basic file sharing server for my small architectural business?

  I have no idea if I have posted in the correct area as this is my first forum post within the apple support community!
  I have been using a 21.5" imac running 10.6.8 for the past 5 years to run my small home based architectural design business. I have been using the internal hard drive & backing up the necessary data to a simple usb external hard drive. I am now looking to firstly purchase a new imac 27" retina and purchase new autocad lt 2015 for mac software. I am looking to have another imac (my old mac) running in conjunction with the new mac. I want both macs to be able to access the same data and am slightly unsure what is the best way to achieve this.....As my old mac is currently only running snow leopard and an old version of autocad for mac 2011 it wont run on any more recent OS. Essentially i believe I have 2 main options with this.... (1) I Accept that I have to purchase 2 no. autocad lt 2015 licences @ a cost of £2300. Or option (2), I only run autocad on the new mac as this will be the primary station and the old mac used for primarily for admin & accounts. I have also recently discovered that it is possible to rent autocad licences for £300p/a which may also be another option (3)!
  I previously had a problem where my hard drive failed on my mac & lost all data on the internal hard drive, luckily I had been backing up all data regularly to my external hard drive and now loss occurred! Obviously with any new system I want to ensure that my data is safe!
  I currently utilise about 250GB of data for business operations but this will obviously grow with time.
  In the future I would like to have the option of potentially being able to access the network data remotely via macbook pro whilst abroad although at this stage this really isnt my primary objective. Although I believe I could achieve this through apple remote desktop.
  I suppose I should provide some information with regard to the required speed of the system...I regularly open 50-100 photos at the same time totalling around 250-500MB. I would like the system to be able to handle this fairly easily.
  I have been trawling through forums and to be honest they are totally confusing me. I have also spent time on the phone to the apple business team and have also discussed my objectives with a member of the apple team in store.
  There have been various options advised to me and I really do not know which is the most appropriate route forward.
  1 - Using a mac mini as the file server and linking the 2 mac devices to this and backing up the mac mini to an external hard drive to ensure no loss of data.
  2 - Using a time capsule as a file server and linking the 2 mac devices to this and backing up the TC to an external hard drive to ensure no loss of data.
  3 - Using the new mac hard drive and linking the 2 macs via thunderbolt (old mac does not have thunderbolt and so I guess I would need another new mac?!) and then backing up the data to a time capsule.
  4 - Using a RAID based server and linking the 2 no. macs.
  Sorry to ramble but any advice really would be greatly received!

  Hi sblemings,
  Welcome to the community.
  I think with your scenario you should ask yourself, how complicated do you want the setup to be and how much time would you have to be able to resolve an issue should one occur with this setup.
  All the options that have been advised would work but they come with complexity and therefore time.
  1 - Using a mac mini as the file server and linking the 2 mac devices to this and backing up the mac mini to an external hard drive to ensure no loss of data.
  2 - Using a time capsule as a file server and linking the 2 mac devices to this and backing up the TC to an external hard drive to ensure no loss of data.
  3 - Using the new mac hard drive and linking the 2 macs via thunderbolt (old mac does not have thunderbolt and so I guess I would need another new mac?!) and then backing up the data to a time capsule.
  4 - Using a RAID based server and linking the 2 no. macs.
  Sorry to ramble but any advice really would be greatly received!
  option 1
  Would be a way to achieve what you want, it would centralise your files and you would only need to backup your file server (as long as all the files you wanted backed up were on it). This could be achieved either using the client and sharing various folders or using Server which would give you more options than you would possibly need.
  option 2
  This is exactly like option 1 except that you wouldn't have to administer another mac however you may limit any future growth.
  option 3
  This option I probably wouldn't pick, you could achieve this with firewire and use a firewire to thunderbolt adapter (saves you having to buy a new iMac)
  option 4
  This option would, depending on your RAID level, give you disk redundancy but remember you would still need to back this up, as RAID is NOT a backup solution.
  I would also ask is there a pressing need to keep the old iMac in service and complicating things by having a server / NAS? Could you not just transfer all your information over to this and continue with the one backup? I would say that doing it this was would be the simplest way of achieving what you want from what I can take from your question.
  As for remotely accessing your data, if you have the right hardware the way to achieve this would be to use a VPN and connect back to your data. However a potentially easier way for you ,would be to use a service like logmein or teamviewer to connect back.
  Hope this helps, and by all means any questions please ask.
  Dan
  How to set up a basic file sharing server for my small architectural business?

• New Discussions: for day time use only? (-: A darker blue, please!

  Thanks a lot Mods for your efforts.
  I spend some time on these boards every day, so I can see things are going better and better.
  I like the new Discussions better than the previous, especially everything that comes with this new ability to put much more on one page (like being able to see A LOT (not only five) of "Recent topics in this category", or that the topic's titles can be longuer than before, or being able to read the whole thread without jumping to "the next 15 posts" like before. I set "My Posts" to "50", this too was not possible before. Etc.)
  Now my request:
  At first I thought, like many others, that the "blue dot" and the "blue half-dot" were too small, and that we couldn't see the small grey "New!" because it was not red.
  Now after all this time since Nov14, I finally understood what was wrong, because
  (1) the new kind of eye fatigue I didn't experienced before, and
  (2) a change in my computer's room lighting configuration.
  The real problem is not the blue dot size (altough I'm sure if it was a square it would work better), it is its environment.
  We have a white line after a light blue line, and this is a great feature to differenciate between topics. Works great within a thread too, to differenciate posts.
  But one side effect of this is that the whole page "feels" slightly blue.
  I'm not sure, but a human eye physicist could perhaps explain another kind of (more insidious?) side effect caused by the alternance of lines. Perhaps depending on which color are chosen for them?
  Anyway, there is no problem with a page that "feels" blue, when the text is black.
  The problem starts when the text ALSO is blue. Especially light blue...
  I find the text blue color too light. Even the "visited link" purple is too light.
  Given that the background is blueish, I mean. Otherwise it'd be fine.
  This was not easy to understand, because the [defect/effect] is not obvious: the overall picture is nice.
  But it became obvious to me when I saw that I have no problem IF I set my screen's brightess to "very bright".
  New Discussions: for day time use only?
  ==> Please, would it be a problem (or too difficult to set perhaps?), to try a darker blue text for two or three weeks, see if we like it better? (along with a slightly darker purple for the visited links).
  Thanks again for all the great work!
  Axl

  Hi Axl,
  Some one had posted this about color,I do not remember who,sorry.
  I thought it was interesting.Hopeful this color issue can be alter but deepening the colors as you & many have requested.
  http://www.grc.nasa.gov/WWW/usability/colorcss.html
  Good luck, Eme

• Mail for Exchange / Small Business Server

  It appears that Nokia has overlooked a part of the market with its Mail for Exchange application. Apparently, M4E has difficulty communicating with Exchange if it is part of Small Business Server and a self signed certificate is used.
  It would be a good idea if someone at Nokia reads this and cares to put it on a list of 'things we could do - to keep customers happy". Small Business Sever is Microsoft's Server product for up to 75 clients. That is a nice world wide market of small businesses that are known to adept quickly, unlike larger organizations.
  This lack of "sweating the details" has caused me personally probably 20-30 hours, and judging from the the number of entries other people have also wasted lots of time.
  In addition to the time wasted, we are now forced to purchased a commercial server certificate.
  More details on the M4E/SBS issue can be found here: http://blogs.technet.com/sbs/archive/2006/12/07/us​ing-a-nokia-device-to-sync-with-small-business-ser​...

  Has this been corrected in 1.5.0? the realser notes state
  "Support for Microsoft Small Business Server"
  John32

• ADF :Hello world Page and discussion for its deployment with Oracle guys!

  I have written a small article of creating hello world page in ADF with screenshtots,here is the link:
  http://mukx.blogspot.com/2008/03/adf-hello-world-page.html
  This article can help you for a self starter with ADF and some baisc idea of same components in both OAF and ADF.
  Here is the link of recent mail conversation with Oracle guys for ADF project deployment:
  http://mukx.blogspot.com/2008/04/discussion-for-deploying-adf-project-in.html
  --Mukul                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

  Hi Mukul,
  Thanks for the tute, am new to ADF so this was of great help to me. I had a query, if i want to have my own look and feel web pages and Oracle ADF ones, does the custimzation involve too much of manual coding or can be done easily in ADF. Also is there an equivalent tag to div in ADF Faces

• Suggestions for PSE 11 Organizer

  Greetings from a new member. Not sure how to post some usability suggestions for PSE 11 Organizer, but here goes... I realize others have already posted similar comments, which triggered further discussions. However, my intent is just to bring these simple, but to me important, suggestions to the attention of the developers of PSE 11.
  I have used PSE on Windows XP starting with PSE 4, then PSE 7, and very recently PSE 11. Earlier this year, I switched to a Mac OS X system and transferred my photos and PSE 11 catalog to PSE 11 on the Mac. I followed the backup/restore instructions on the PSE support site and am mostly quite happy with the results. However, I’m disappointed that the following usability features of PSE 7 organizer are missing in PSE 11 organizer (on both Windows and OS X). Note that I plan to use PSE on OS X exclusively from now on.
  In PSE 7, when right clicking on one or more selected photos, the popup menu listed “View photos in full screen”, but it no longer does so in PSE 11. Although Full Screen is available on the View menu, having it on the popup would be even more useful.
  In both PSE 7 and PSE 11, that same right-click popup menu lets you REMOVE selected photos from an album. It would be great if the popup menu would also let you ADD selected photos to an existing album.
  In PSE 7, I could display the album list simultaneously with folder hierarchy/tree view (there was no folder list view in PSE 7). In PSE 11, the album list is visible only with folder list view. This makes it impossible to drag photos to an album from folder hierarchy view. Please fix PSE to display the album list simultaneously with folder hierarchy view.
  I suggest that the default folder view be folder hierarchy (not folder list). Or even better, let the user choose the default folder view in Preferences.
  Starting with PSE 4, I organized my thousands of photos in several main folders and hundreds of subfolders. Many subfolders have the same name, and frequently the subfolder name is a date. Because the PSE 11 folder list view doesn’t show the hierarchical context, folder list view is just clutter and completely useless for me. As recommended in other posts, I do intend to start using tags/events/places and other suggested ways to organize my photos. However, this will be in addition to (not instead of) using folders. I like organizing my photos in folders, just as I like organizing my other files (text, spreadsheet, etc.) in folders. Also, categorizing photos via tags, places, events, etc. is not equivalent to, and does not replace, using folders. For me, categorizing in this manner is an additional usability feature to using folders.
  Thanks for listening...

  My own answer will be about :
  ARJNA wrote:
  Starting with PSE 4, I organized my thousands of photos in several main folders and hundreds of subfolders. Many subfolders have the same name, and frequently the subfolder name is a date. Because the PSE 11 folder list view doesn’t show the hierarchical context, folder list view is just clutter and completely useless for me. As recommended in other posts, I do intend to start using tags/events/places and other suggested ways to organize my photos. However, this will be in addition to (not instead of) using folders. I like organizing my photos in folders, just as I like organizing my other files (text, spreadsheet, etc.) in folders. Also, categorizing photos via tags, places, events, etc. is not equivalent to, and does not replace, using folders. For me, categorizing in this manner is an additional usability feature to using folders.
  The fact is that the Organizer has been built historically on a database to manage keywords and categories with some additional tools to enable folder browsing and managing. Note that for other types of applications like word processors or spreadsheets, you have the same choice with using keywords or folder structures.
  So, where are we in version 12 ? From what I am reading today, I'll risk a few guesses.
  - I am convinced that most people relying like you on folder organization don't use the Organizer or have given up using it.
  - A great part of the critiques about the Organizer come about people not understanding the idea of catalogs and categories/keywords (I know that is not your case)
  - Anoter great part of the critiques is that the implementation of folder organizing in Elements has aliways been lame and buggy.
  What's new in PSE12 is that the folder view has been completely rebuilt. And the result is perceived differently depending on your camp : database or folders...
  - For Folder tenants, the result is two-sided. They are happy to have the folder view with all trees back - They don't see the point of the folder list - They are not happy with the new interface based on new categories (people, events...) - They miss the link between albums and folders as you have mentionned
  - For database tenants, the main advantage is that a lot of bugs have been corrected and that they can use the folders view and folder list as a secondary tool for organizing. The folder list (a feature I had requested) is a great tool for those wanting to migrate from a folder organization to a database one. Usually, the folder names are significant and enable very fast keywording and constitute a powerful search tool.
  - For both camps, the common grudge is the loss of alphanumerical sort order in folder view. I don't care personnally, but I think it's necessary for people working on scans.
  So, my wish is that the next version of the Organizer can satisfy people like you,so that much more people use and are happy with the Organizer

• Users and permissions for a small home server

  Hello community,
  I have been using Linux on the desktop for many years now, but unfortunately my knowledge about servers is very limited, almost non-existent. Therefore my question is most probably equally well fitting here and into the newbie corner.
  I'm trying to set up a little home server which should be in charge of following tasks:
  - CUPS print server in the local network
  - access to shared files through NFS in the local network
  - backup (again over NFS)
  - an Owncloud server
  - maybe a mail server in the long run (NSA, paranoia, etc. )
  For now I have set up the print server, the NFS server and was working on the Owncloud installation, when Owncloud gave me some errors with users and permissions. So I was led to the idea of rethinking the users and permissions on server. So far there is only the root user who may do everything. This seems like a quite unsafe configuration. I'd like to make it safer. First, the printer, the backup and the locally shared files should be accessible from the local network only. SSH access should also be accessible locally only. The Owncloud file folder should be accessible from the internet, but of course only for the Owncloud users registered to the Owncloud server.
  What is the best way to set up users and permissions for such a set up?
  Thanks for any hints,
  PhotonX

  Hi, i think it depends who are you serving for, if you are just serving for a small office or home server or a big organization. The following quick thinking just came to me:
  I think cups set automatically a system  user of its own, and runs as it, so no trouble there. Cups also has the option to set users and it uses the system users as default, i think it depends in in how many printers/users your have in your server.Users that can manage cups are in the lp group. 
  For nfs every user should have their home, samba is also a good option if you have  windows computer in your network and it integrates better with graphical file  managers like nautilus in the clients side, but it is a hassle to configure.
  You should run the web server (owncloud ) as it own user, maybe you can manage to set something up for owncloud in the filesystem, but owncloud uses a database, and the users for owncloud are stored in there, and they are not system users.
  You can configure ssh for local use only enabling the corresponding subnets in your /etc/sshd.conf and optionally but recommended you can set a firewall and permissions. You can use iptables but i prefer ufw for simple setup.
  I think you should read the wiki:
  https://wiki.archlinux.org/index.php/users_and_groups
  and the other respective topics in the wiki.
  Also as an advice i know that arch linux is a great distribution, but you have to do more work to mantain a stable server. I would recommend debian or another more conservative distro, but of course it is your choice.
  Last edited by hydrosIII (2014-11-06 06:26:45)

• What is the best free email provider for a small business? E.g gmail or iCloud etc

  What is the best free email provider for a small business? E.g gmail or iCloud etc

  svdmmanta wrote:
  Is there a free anti-virus download for Macs? Do they do the job or do I have to spend money on something better?
  In General 3rd Party AV Software and Cleaning Utilities tend to cause More Issues than they claim to fix...
  They Not Required...
  Mac OS X tends to look after itself.
  See  >  Mac OS X Built in Security  >  http://www.apple.com/osx/what-is/security.html
  More Info Here  >   https://discussions.apple.com/thread/4545776?tstart=0
  And Here  >  Antivirus Discussion
  The Safe Mac  >  http://www.thesafemac.com/mmg/

• Standalone APs vs. Lightweight APs for very small sites

  Hello,
  I am proposing a solution for a small site with 3 APs.
  My question is whether is worth to have Lighweight solution for such small sites or should I go for standalone APs. ...WLC significalntly increase the price....
  Gorazd

  I agree with the IOS setup.
  You can configure Wireless Domain Infrastructure to make all APs aware of each others and also to improve roaming times.
  Please check this Discussion for examples:
  https://supportforums.cisco.com/thread/2047441?tstart=0.
  HTH,
  Tiago
  If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

• Error while creating Discussions for a document inside a room

  Hi,
  I am getting an error when i am trying to start a discussion for a document. When i go back to the details screen and try to add a discussion it shows that the discussion is actually created inspite of the error being displayed.
  Thanks
  Regards
  Prakash

  if the problem is caching try setting the useChasses to false
  uc.setUseCaches(false);

• Advice on moving from workgroup to domain for very small network

  Hello all,
  I work for a small company and inherited the part time IT/Operations position and I want to understand the impact of changing from workgroup to domain.  I understand the process and I have set up small test domains before but I want to be certain I
  understand this so I figured I better ask the pros.
  The setup:
  1 Desktop class system, recent i5 quad, 16GB RAM, 1TB HD with Server 2008 R2.  Current roles are File Sharing and WSUS. 
  3 Desktops running Win 7 Home
  1 Desktop with win 7 Pro
  1 Laptop with Vista Home
  1 Laptop with Win 7
  1 Laptop with Win 8 Pro
  I have configured all devices to uses the WSUS for updates as they wanted these managed and this seems to be the easiest way.
  Right now all users have an account on the server that is used to map to their shares.  I know that the home versions cannot join to a domain and with this small of a network I don't want to join any device to a domain as we have only one server and
  it would not be reasonable to add more servers.
  The thing is they want to setup local sharing of calendars and contacts, etc.  I have 2010 exchange server and it is required to be on a domain.
  The Questions:
  Can the domain still "act" as a workgroup and users still connect to the shares and exchange without being joined to the domain?  What is the impact on performance for this server?  Will the home version users still be able to connect to
  the shares (I assume yes) and to the exchange through outlook?  Is there a better way to achieve the workgroup features of exchange without using exchange and not subscribing to Office 365?  We do not have an internet domain name for this business.
  Does this matter for setting up a domain?
  Anything you can think of that I should consider please feel free.
  Thank you all for your advice.

  Hi Paul,
  You are very welcome, I am very glad that my suggestions helped.
  For your first question, in a domain, the Domain Controller clearly has much more tasks to perform than a work group server, while it also has more management options for an administrator to better control his/her client machines.
  In addition, domain acts as a central management solution will reduce the work of the administrator. For an example, under workgroup mode, if we have multiple servers which have shared resources, we need to create the same user
  accounts on each of them, while in a domain, we only need to create accounts once on the DC, then all the accounts can be recognized across the whole domain, no matter how many servers and client machines are within it.
  For the second question, yes, single lable domain name is not recommended, but it is allowed. Single lable domains are supported in
  Exchange Server 2007 Service Pack 1 (SP1) and Exchange 2010, while single label DNS name resolution is also possible.
  However, there are other Microsoft and third-party products which don’t support
  single lable domains. My suggestion is don’t use it while it will cause you trouble.
  More information for you:
  Single-Labeled Domain Names and Exchange 2007 SP1
  http://technet.microsoft.com/en-us/library/cc788134(v=EXCHG.80).aspx
  Microsoft Exchange compatibility with Single Label Domains, Disjointed Namespaces, and Discontiguous Namespaces
  http://support.microsoft.com/kb/2269838
  Help and support for namespaces in Microsoft products including Single Label Domains (SLDs), Disjoint Namespaces, and Discontiguous Namespaces.
  http://support.microsoft.com/gp/gp_namespace_master#tab3
  Providing Single-Label DNS Name Resolution
  http://technet.microsoft.com/en-us/library/cc816610(v=WS.10).aspx
  Regards,
  Amy

• Creation of Material for multiple sales organizations

  Hello,
  is there a way to create a material for one sales organization and that this material can easily be copied
  to other sales organisations? Now it takes a lot of time to create the materials for different sales organizations with
  transaction MM01. Thanks in advance,
  Ivo

  is 5 seconds a lot of time?
  make use of copy from fields in MM01 initial screen, enter as copy from material the material number you want enhance with a new sales org view.
  At the organisation pop-up make sure you enter the copy from sales org and plant on the right.
  next step is just to go into the material and click save button.

• How I restrict Scheduling agreement type for specific Purchase organization.

  Hello Experts,
  I have created Scheduling agreement type (ZLT). I want to restrict this agreement type for specific purchasing organization.
  I have search many threads but I didn't get solution.
  Is it possible through Configuration or user exit.
  Kindly give me solution in details.
  Thanks,
  Ranjit Kumar.

  hi,
  I don't think that there is standard configuration to restrict Purchasing document type for purchasing group. you can restrict this trough user authorization or you can make user exit development.
  Regards,
  mukesh

• User attributes are not available for not root organizations

  Hello,
  my scenario: I have following organizations in IDM: Top; Top:Economy; etc...
  I created Admin role "Economy director" with this settings:
  Controlled Organizations - "Top:Economy"
  Capabilities - "Account Administrator" and "Waveset administrator"
  Now I assign this role to user A. This user A is in organization "Top:Economy" and he tried to edit user B in "Top:Economy". When I log in as user A I see in admin interface "Accounts->List Accounts" only Economy organization. In this organization I click on user B and select tab "Attributes". But here is no global attributes to change.
  When I change "Economy director" role - Controlled Organizations to "Top" then user A can change global attributes of user B. But now user A can change everybody attributes in whole organization tree.
  It's correct? I need to set user A to change attributes only for users in organization "Top:Economy".
  Thanks for advice.
  Petr

  This sounds like a question for forum: Sun Java System Identity Manager
  But anyways... the "Attributes" tab is a collection of all the unreferenced attributes of all the resources assigned, it has some special behaviors.
  You should have been able to change fname, lname, email of User B as User A (UserA is assigned AdminRole with Org & Capabilities assigned as described, without Top assigned). If not, something basic is not wired between User A and the AdminRole. Possibly it's the version in use?? But, if attempted against Oracle Waveset 8.1.1, this should be functionally straightforward to get working...
  The Attributes Tab would only have attributes listed if there were roles or resources assigned with attributes the admin was able to see "in-scope". A resource with attributes (e.g. LDAP resource with a groups attribute) must be scoped for the administrators in the AdminRole to see/manage them per assigned capabilities.
  In the example, a resource with attribute "country" scoped into Top:Economy would allow UserA to edit UserB, update the "Attributes" Tab "country" attribute.
  Edited by: gregoatwaveset on Oct 13, 2010 8:09 PM