NetInfo question?

Similar Messages

• A unix-like security question?

  Something happened on my Mac the other day, that kind of scared me. First, a little bit about my home setup.
  I have a small smtp mailserver running on my desktop Mac for family members - a big whoppin' five accounts. Three of the five of us live at home, two don't and remotely access email via SSL-enabled imap and SSL-enabled smtp. There is a laptop computer at home that accesses the imap and smtp servers on ports 143 and a non-standard smtp port. Traditionally, it has been used at home only, so I don't require SSL because it runs inside a WPA-protected wireless channel. Its mailserver info, set up in Mail.app, uses {computerName}.local as its mailservers. So, no access from outside my local WLAN. I also get my foreign mail, virus-scanned and spam-assassinated, from an MX agent that downloads that traffic to me on that same non-standard smtp port. For what it's worth, outbound smtp from the home mailserver is via port 25.
  On the desktop Mac, I also have ssh running, but on a non-standard port, and in sshd_config, I specify protocol 2 only, root login disabled, no password/no PAM authentication, only DSA public key authentication. In NetInfo Manger, I keep the root account disabled.
  On the Mac, in System Prefs' Sharing firewall, I have the non-standard smtp port, imap, imaps, non-standard port ssh, ard and vnc (so I can run CotVNC from the laptop at home), and afp (also for the laptop at home) open for uinvited traffic. Also ntp (probably don't need that since I'm not running a time server), and dns (for reasons discussed below). On my DSL router, I only have the non-standard smtp and ssh ports, and the imapS ports open. (When outside my home WLAN, on a foreign network, I port-forward VNC and afp over ssh if I want to do one of those things)
  So anyways, for the benefit of the laptop, I enabled DNS on the desktop, so that I could change the laptop's Mail.app's accounts' preferences to point to the same imaps and smtp server using my external WAN host name, whether it was inside or outside my home LAN (inside the home LAN, the laptop couldn't resolve my external domain name, and outside the home LAN, {computerName}.local was not routable). But by enabling DNS, I could reference my external host name to my 192.168.x.x IP address, and the laptop would find the server inside the home LAN, as well as find it outside the home LAN (by virtue of services like DynDNS and NoIP DNSs resolving it to my ISP-assigned dynamic external WAN IP). For what its worth, yes, the laptop's mail preferences enabled SSL for both smtp and imaps, so SSL would be used even inside the WPA-protected channel, just as my users that don't live at home have SSL enabled as they network .
  Now for the scary part: the other day, while at home and with the laptop affiliated to my home wireless (WPA-protected) LAN, I ssh'ed into my desktop computer. Either the ssh connection or the desktop computer was running dirt slow. For some reason, I decided to do a tcpdump, and I saw all kinds of traffic going out to hosts all over the world.
  After the fact, I think it was just my DNS talking to the sixteen or so root servers, although none of the tcpdump entries used names like "a.root-servers.net" -- there was stuff with an army.mil, a nasa.gov, etc. I think I remember seeing something with a "umd.edu" in it, which there is a commented entry in /var/named/named.ca that has that has a "umd.edu" in it, so that's why I am thinking that my DNS was just gabbing with a bunch of root servers. Not sure why it was gabbing with them since I can't think of any reason why it would have been trying to do name resolutions or anything. At the time, seeing all these packets being initiated by my computer and being sent worldwide freaked me out.
  But what really freaked me out is when I control-C'ed the tcpdump and did a "users" to see who or what might be generating them and saw my username and ... root! Repeating the "users" command a few times more, and it still showed "root" as one of the active users. I immediately ran to the computer and pulled the DSL plug out of the wall, and tried to figure out what was going on. I've got HenWen running, and didn't see anything outside of the usual unicast ARP warnings. After thinking that it might be DNS itself, I disabled DNS just to see what sort of traffic I would see in a tcpdump. Just local subnet broadcasts and arp requests. I have not re-enabled DNS yet.
  And the story gets better: a day or two later, I glance at my System Preferences firewall settings, and the firewall was OFF! Fortunately, the DSL modem's firewall was still on, only allowing uninvited inbound imaps, smtp, and ssh traffic. I don't remember ever turning off the desktop's firewall, and no one else uses that computer -- they all hop on the laptop, plus they don't know the admin password anyways. So that was a little freaky, too, but, I'll assume for now that I must have inadvertently turned it off when I was doing something, and never turned it back on.
  My immediate question is, if you have DNS turned on, would it ever do anything as root, and hence, show up as an active user in response to a "users" command? And not that there were any (/var/cron/tabs) cron jobs scheduled to be active at that particular time, but if there were a /var/cron/tabs/root job actively running, would root then show up as an active user in response to a "users" command?
  Signed,
  Scared!

  Hi J.V.
     First, I have to say that yours is an impressive setup. If you're not a sysadmin, you certainly could be. Also, you have a knowledge of much of this that surpasses mine so I may be of no help. However, I do use the "who" command to see if anyone has broken in and I've never seen the root user listed.
     There are doubtless more processes running as root on a typical system than those running as the user logged into the GUI. However, none of those root processes are the result of a login. I believe that the "users" and "who" commands only report users that are logged in. I don't see the root user with the "who" command even if I create a root shell with sudo. Although I don't know this for a fact, I don't believe that it should be possible to see the root user with the "who" command if the root account is disabled in NetInfo. By the way, I recommend the "who -u" command to the "users" command as it provides quite a bit more information. When I login to my machine via SSH, the domain name of the remote host is included in the output of the "who" command.
     There was a situation on Panther where the root user could be listed in NetInfo Manager as disabled when it was actually enabled. I don't believe that is possible in Tiger but you can check with the command,
  nicl . -read /users/root
  If the password is only a single asterisk or ideally the authentication_authority string contains ";DisabledUser;", the root user should really be disabled.
     I can see that you're quite knowledgeable about networking and comfortable with tools that examine packets. However, there are methods of intrusion detections that aren't directly network related. They may be of use in your situation.
     The simplest is the /var/log/secure.log. Acquisition of root privileges via sudo does show up in this log but there may be enough information about the circumstances to determine which uses of root privileges are normal.
     A more complex method is process accounting. This records every command executed on the system. It provides information similar to the "who" command but doesn't provide the arguments that were used in executing the command nor any process IDs. If you actually do discover unusual activity real time, a full dump of process information with the "ps" command can provide a useful complement to the information recorded by process accounting. You can turn on process account simply by creating a /var/account/acct file and executing:
  sudo accton /private/var/account/acct
  You can read the result with the command:
  sudo lastcomm
  I should warn you that process accounting shouldn't be left on without developing a log rotation mechanism for the above file as it can grow large rather quickly.
     The mechanism for doing for system what Snort does for the network is Security Auditing. This system was developed by Sun and distributed by Apple for OS X in their Common Criteria Tools. To understand the the output of auditing and to customize the configuration requires at least as much study as mastering snort. It can also output a lot of information. However, like Snort, it is the ultimate at what it does.
     There is a minor rootkit for Mac OS X named Opener. Unlike a "real" rootkit it is easy to detect if you know what you're looking for. In reported versions, there is a StartupItem in /Library/StartupItems named "opener". I would check that directory for any unusual StartupItem.
  Gary
  ~~~~
     Adam was but human--this explains it all. He did not want
     the apple for the apple's sake, he wanted it only because
     it was forbidden. The mistake was in not forbidding the
     serpent; then he would have eaten the serpent.
           -- Mark Twain, "Pudd'nhead Wilson's Calendar"

• Follow-up for Michael Conniff (or anyone interested in corrupt NetInfo DBs)

  Michael was EXTREMELY helpful to me with a corrupt NetInfo database problem I had a few months back (that archived thread is here:
  http://discussions.apple.com/thread.jspa?threadID=823282&tstart=0
  I was talking to someone else about this recently, and I realized I never posted a follow-up/conclusion to that thread (& I can't now because that thread is archived).
  I tried some things (that I never posted about) in the solution process that Michael had never tried (& I think it worked), and I also discovered some interesting little facts/tips about trouble-shooting these things, tips that, at the time, Michael did not know (heh, I feel so smart, because he knew SO much!).
  So, Michael, if you're out there, and would like a few more tidbits to add to your voluminous knowledge (though by now you may already have learned what I have to offer), or, if there's anyone else out there with a keen interest in how to recover from a corrupt NetInfo database, let me know, I'll post my little bits of knowledge.
  My tips aren't monumental discoveries (some might even find them obvious), and they will likely be of little interest except to people with an interest in how to recover from a corrupt NetInfo database, but I figured I should try to make my own little contribution here if anyone's interested in the info.

  The basic resolution wasn't too exciting...backup in FireWire Target Disk Mode, then Archive & Install (& just to be very deliberate I did end up fixing the 10.3 first, then upgrading to 10.4 w/ another A&I). But the interesting stuff is in the details.
  For one thing, at one point we were discussing what was in my NetInfo, and longnames, whether they were find-able, etc. Well, I discovered that while the NetInfo db isn't meant to be human-readable, if you do "more" the various files inside /var/db/netinfo/local.nidb, you can in fact read enough of what comes out to figure-out what users are defined and a few of the details of how they're defined (for instance, the longname, their password hint, etc).
  More interestingly, we had put my system through a new round of setup and had setup the 501 user, but then got stuck. One worry I had was would the A&I now know what users to keep since the NetInfo presumably no longer knew about the users that used to be on the system (& I think I did "more" the local.nidb files and saw there was no apparent entries for the users I cared about).
  Apple had a knowledge base article about restoring your NetInfo from the auto-backup that is sometimes created
  http://docs.info.apple.com/article.html?artnum=107210 We saw that I had an auto-backup in /var/backups/local.nidump, though it was old and we wondered if it had the users that I cared about in it.
  Well, I discovered this file is plain text and fully readable! So, I "more"'d it and saw that everything I cared about was in that backup! You were unsure if that Apple article was the best way to restore a NetInfo, but I tried it (I figured I had nothing to lose before my A&I), and as far as I can tell it worked great. I did Apple's NetInfo restore steps, did an A&I, and when it came up, all the users I cared about were there and defined just like they'd always been. I did not try testing the system after the restore & BEFORE the A&I...I didn't want to take any chances, I just wanted my users back and a clean system and I figured the most reliable way to reach that desired state was to restore the NetInfo and then do the A&I immediately.
  So, 3 good tidbits: You can semi-read some good info out of local.nidb, you can check to see how good your backup is in local.nidump pretty easily (just read it), and Apple's restoration instructions seem to work pretty well.
  Moral (for me): If you run 10.4 or earlier, you do want that 3:15am auto-backup to happen from time to time. It could be useful one day.
  I have a question though, how come when I start a GUI Terminal window there are some commands it won't execute even when I use sudo?
  For instance, I can
  cd /var
  But even if I try
  sudo cd backups
  there's no way to cd to /var/backups.

• Users using server with netinfo database security. Better/Worse than Ldap?

  Hello, I have a small department of Mac users and I am in the process of setting them up to access a new Mac os/x 10.4 server. I created the accounts for the users in the local netinfo database with access rights granted to network shares via groups. Everything works well and the users connect to the server from their clients and mount drives. However I did setup a few users with the ldap portion of the server as a test and once I modify their Macs to connect to the server via ldap this works fine too. My question is will I loose features if I just use the netinfo database for logins? The server is only supplying afp logins and shares plus ftp access. I do plan on using the software update service and also vpn eventually. We have other servers that supply dhcp and dns info for our environment.
  Thank for any info.
  Doug

  It may not be a concern in your environment, but I can't imagine why you wouldn't want to just start out with LDAP. Compared to NetInfo it's designed to provide better interoperability, it performs and scales better in larger installations, and provides better security via access controls. Also, by making your directory network-accessible, you can take advantage of features like automounting share points, preferences management, and mobile user accounts.

• Duplicate portable user entries in NetInfo

  Hello,
  Hopefully someone can help me out here! I'm running a 10.4.11 server with multiple portable accounts, with laptops and desktops running a mix of 10.4.9-11's. I am unable to log into the machines sometimes on some of the portable accounts (who have already been logged into these particular machines -- that is, their home folders/etc should already have been created).
  On further inspection I notice that in the Accounts prefpane on the machine there are duplicates and often triplicates of the same user, and also obviously in the NetInfo manager's /users section I find these same duplications. I have been able to fix the problem by logging into another user account or local admin account and deleting all three entries for the account in question so the next time they attempt to log in it sets up the NetInfo piece locally, but this is sometimes only temporary. Has anyone had any experience with this issue and know if there is something I can be doing wrong? It seems to happen randomly on different accounts and machines, and in two of the sites I manage. I want to think it's not server related, since one of the sites is still running 10.3 server and one is 10.4, but the clients all happen to be 10.4.x.
  Any help or insight would be greatly appreciated, and I apologize for the massive wall of text!
  Thanks!

  I have this problem chronically in one lab of g5 towers. Here is a script I have hammered out so far. All this has to be run by root so I am thinking I may set it up as a system cronjob. I wish I knew why these of all the 1200 machines I manage get this account duplication bologna.
  everything below this
  #!/bin/bash
  duplicate=`nicl . -list /users | sort +2 | uniq -d -s 12 |awk 'NR < 2' | awk '{print $2}'`
  while [ $duplicate ]; do ### Here we test to see if we have a duplicate and then enter the looop if we do
  echo deleting $duplicate
  nicl . -delete `nicl . -list /users | sort +2 | uniq -s 12 -d |awk 'NR < 2' | awk '{print $1}'` ### here we delete the duplicate
  echo $duplicate deleted
  duplicate=`nicl . -list /users | sort +2 | uniq -d -s 12 |awk 'NR < 1' | awk '{print $2}'` ### here we feed the variable if there is multiple duplicates
  done
  echo done
  ##everything above this
  Message was edited by: Benjamin Nasse
  Message was edited by: Benjamin Nasse

• Help Desk question ...

  Hi... Am planning on taking the "mac os x help desk essentials" exam in a few weeks and would like some help in answering this question.
  Q. 'You work as a support technician at ITworld.com. A IT world user complains that her Mac is exhibiting system problems. You tell the user to reboot her Mac in Firewire Target Disk Mode. You now want to troubleshoot the users Mac from your own Macintosh. Which of the following tasks will you be able to perform from your own Macintosh? (choose two):
  a. Run repair disk from disk utility
  b. Run repair disk permissions from disk utility
  c. Partition drive (non-destructive) from disk utility
  d. Run secure erase from disk utility to defragment the drive
  e. Enable system administrator (root) login in Netinfo Manager
  I know it's not "B" since Repair permissions can only be executed on the startup volume. The Repair permissions is dependant upon the Bill of Material (BOM) receipt file located in \Library\Receipts.
  looking forward to some response. thanks

  a. Run repair disk from disk utility
  I think this would be my first answer. You should be able to run disk repair if it's not mounted as a system disk.
  b. Run repair disk permissions from disk utility
  Apparently you can run repair permissions from a boot CD on 10.4. So why not from target mode?
  c. Partition drive (non-destructive) from disk
  utility
  This is tricky. In the past, partitioning the drive WAS a destructive operation. But doesn't Bootcamp now allow non-destructive partitioning? I don't see how this would solve ther user's problem though. But should be doable from Disk Utility.
  d. Run secure erase from disk utility to defragment
  the drive
  Well, technically, I suppose secure erase would effectively defragment a disk. Might not be working at ITworld.com for much longer, though.
  e. Enable system administrator (root) login in
  Netinfo Manager
  Uh, no.
  Mac Pro 2.66Ghz - 3GBs RAM - X1900XT   Mac OS X (10.4.8)  

• Netinfo Manager OOPS

  I need some help, I have accidently changed something that I didn't want to, I have changed in the Netinfo Manager, under groups and then admin, under users I changed my user name and now it won't let me change it back, since my name no longer says that I am an authenticated user to make administrative changes. Please someone help. I am trying to change this back and then find where to change when you open the System Profiler and up in the corner it says who's computer it is, I want to change that name.
  Thank you!!! I need help!!!

  ct75,
  The fix is pretty easy, and you can change all of the things you want to change while performing it. Follow these instructions:
  * Perform steps 1, 2, 4, and 5 in section III of this kbase article, making sure that you follow the instructions at the top of the article for correctly mounting your startup disk as read/write in single-user mode (step #1). Perform only the steps I have listed.
  * When you perform step #5, you will restart into the "Setup Assistant." Use the Setup Assistant to create a new "initial" admin account using the exact same username and user short name as the original "initial" admin account. You may be required to enter complete contact information for registration with Apple, but you may skip "Connecting to the Internet," "Sending Registration to Apple," etc. Skipping these steps will leave an alias for registering in your HOME folder, but this alias can be safely deleted once you are logged in (you are, after all, already registered with Apple).
  * Once logged into your admin account, use System Preferences>Accounts to recreate any "secondary" accounts, again using the exact same username and user short name as the original accounts. Recreate these accounts in the exact order that they were created originally. In each case, you will be told that there is an existing HOME folder with the same short name, and that this HOME folder will be used for this new account. This is what you want.
  If you have furhter questions, just ask.
  Scott

• Booting in Darwin/bsd question

  Hello, I have a macbook that starts up to the darwin/bsd login: screen. I followed the first two steps from Micheal Conniff's posts to a similar question, but this is where i get stuck.
  I get to where the log says:
  loginwindow[64]: Login Window Started Security Agent
  loginwindow[64]: Terminate WaitinForLoginWindow (51)
  loginwindow[64]: AuthorisationRef doesn't have a username (<LoginAuthRefMgr: 0x338bc0>).\n
  launchd: onoption repeating too quickly on port /dev/console, sleeping
  If anyone has any advice or experience with the same problem, I would really appreciate the help. Thanks alot.
  John

  In all likelihood, securityagent is crashing because of a problem with the NetInfo database.
  Oh, ok, if the NetInfo database is potentially the root cause and probably has to get fixed anyway, I'll work on that. Any idea why the NetInfo database would just suddenly start causing a problem, and how to prevent this from occurring again?
  So I'm to rename local.nidb, delete .AppleSetupDone, then reboot? Is there a typo in your instructions, does the "/" after ".nidb" belong there?
  This sounds similar to Apple's "Mac OS X, Mac OS X Server: How to Replace the NetInfo Database" instructions (except Apple doesn't seem to care about matching UIDs & shortnames!), in there they also mention the possibility of restoring from a potentially extant automated backup of your NetInfo database, is this a procedure I should be considering, would it be easier or better than restoring it via Setup Assistant?
  If you still think going ahead via Setup Assistant is a better route, I have to figure-out if I think I can guide her through it over the phone. Do you have a rough idea of what info I need to be able to supply besides the UIDs & shortnames? If this works as you expect it to, what's the end state we're left in, is the system likely to be perfectly back to normal and function again as though none of this happened or is there expected to be additional recovery steps to do after this? How risky/disruptive would this be for me to intentionally do this (rename local.nidb) to my own machine (like hers, PB G4 17", except I'm OS 10.4.2) so that I know how it will look when she runs Setup Assistant, would that be a good idea?
  bear in mind the time difference and the fact CSI is on tonight
  I know there's lots of CSI fans out there but personally once I'd watched all the "Battlestar: Galactica", "24", & "Robot Chicken" sitting on my DVR I'd go watch re-runs of "Stargate" (many I've never seen). But enjoy!

• HELP:   Deleted the group "admin" through NetInfo Manager. HELP

  I deleted (by accident) the group "admin" through NetInfo Manager and don't know what do to now.
  I probably have the files necessary to restore but don't know which files!
  Or is there another way to recreate the group "admin" and then assign the users (only two out of 6) back into it?
  HELP HELP

  Dick,
  There are certainly methods of recreating the admin group in your current Netinfo Database, but I am of the opinion that it is usually simpler to just delete the Netinfo Database and re-create whatever accounts you currently have.
  Provided you know the exact order in which your existing accounts were created, this is easy to do. Follow these instructions:
  * Perform steps 1, 2, 4, and 5 in section III of this kbase article, making sure that you follow the instructions at the top of the article for correctly mounting your startup disk as read/write in single-user mode (step #1). Perform only the steps I have listed.
  * When you perform step #5, you will restart into the "Setup Assistant." Use the Setup Assistant to create a new "initial" admin account using the exact same username and user short name as the original "initial" admin account. You might be required to enter complete contact information for registration with Apple, but you may skip "Connecting to the Internet," "Sending Registration to Apple," etc. Skipping these steps will leave an alias for registering in your HOME folder, but this alias can be safely deleted once you are logged in (you are, after all, already registered with Apple). You may also use your current Apple ID to have all of this information filled in for you, but this requires that your machine be able to connect to the internet.
  * Once logged into your admin account, use System Preferences>Accounts to recreate any "secondary" accounts, again using the exact same username and user short name as the original accounts. Recreate these accounts in the exact order that they were created originally. In each case, you will be told that there is an existing HOME folder with the same short name, and that this HOME folder will be used for this new account. This is what you want.
  If you have questions about using this method for recovering from your current dilemma, just ask.
  Scott

• Many questions revolving around selling my Mac

  Hello, I have owned my Mac years, since the time it was first shipped out (The Intel Core Two Duo version at least) and I was just wondering if I could have a couple questions answered.
  1. How can I safely transfer all of the data to an external HDD, then delete it from the main internal HDD?
  ---I've heard that I should reinstall Mac OSX and Zero out all the data, is this solution correct?
  2. Can I install a new copy of Mac OSX (Tiger, then Leopard, then S.Leo) on a blank HDD that I buy from the store if choose to? If so can someone walk me through the process?
  3. This could be the easiest to answer. How much should I sell my computer for? These are my computer's specs.
  HardWare
  Processor Name: Intel Core 2 Duo
  Processor Speed: 2.16 GHz
  L2 Cache: 4 MB
  Memory: 1 GB (2x 512MB DDR2 SDRAM)
  Bus Speed: 667 MHz
  SATA: 250GB 1.5Gigabit
  Disc Burn: CD/DVD
  Graphics
  Chipset Model: ATY,RadeonX1600
  Type: GPU
  Bus: PCIe
  PCIe Lane Width: x16
  VRAM (Total): 128 MB
  Resolution: 1680 x 1050
  Pixel Depth: 32-Bit Color (ARGB8888)
  Screen Width: 20"

  Follow these instructions step by step to prepare a Mac for sale:
  First, back up the data:
  1. Shut down all Virtual PCs. They cannot be in their "fast saved" state. They must be shut down from inside Windows.
  2. Clone to an external drive using using Restore option of Disk Utility.
  Next, prepare the machine for the new buyer:
  3. Deauthorize the computer in iTunes! Deauthorize both iTunes and Audible accounts.
  4. Remove Open Firmware passwords
  5. Turn the brightness full up and volume nearly so.
  Install a fresh OS:
  6. Insert the OS X install CD/DVD.
  7. Restart the computer while holding down the C key to boot from the CD/DVD.
  8. Run Disk Utility from the file menu and erase the internal hard drive (optionally zero all data).
  9. Install OS X.
  10. Reboot the computer.
  11. From the welcome screen, you can skip the registration step by typing command-Q.
  12. When prompted, create an account (it will be an admin account).
  13. From your new admin account, configure networking.
  14. Then use Software Update to bring your system and all of it's applications up to date.
  15. From Disk Utility, repair permissions on the new volume.
  Now delete the account you just created:
  16. Boot from a different volume (e.g. a firewire drive, if available)
  17. Clean up the image using the following terminal commands:
  prompt> rm /Volumes/<imagevol>/var/db/BootCache.playlist
  prompt> rm /Volumes/<imagevol>/var/db/volinfo.database
  prompt> rm -r /Volumes/<imagevol>/var/vm/swap*
  18. Now you can get rid of the admin account you used to set up the machine Use the terminal:
  prompt> nicl -raw /Volumes/<imagevol>/var/db/netinfo/local.nidb -delete /users/<admin>
  prompt> rm -r /Volumes/<imagevol>/Users/<admin>
  prompt> rm /Volumes/<imagevol>/var/db/.AppleSetupDone
  19. Shut down and ship it to your buyer. When they get it, it will boot to the Welcome screen just like a factory Mac, except that it's better because it's completely up to date.

• Questions Re: Virtual Hosts & MAMP

  I hired a computer science student to install and configure MySQL, phpMyAdmin and virtual hosts on my MacBook Pro, but he screwed it up. So I tried to figure it all out myself once again. I finally downloaded a preconfigured package called MAMP. I now apparently have PHP, MySQL and phpMyAdmin up and running on my machine. But that still leaves virtual hosts.
  I checked out the MAMP Pro version ($50) at
  http://www.living-e.com/products/MAMP-PRO/index.php and read "You can set up many virtual hosts."
  That doesn't make sense to me; shouldn't you be able to set up many virtual hosts even with the free version of MAMP? Or does MAMP somehow make it EASIER to create virtual hosts, and the Pro version simply allows you to make many of these simplified virtual hosts?
  Unfortunately, MAMP's support forums seem pretty lame, so I decided to ask some questions here. If MAMP Pro does indeed make it easy to create virtual hosts, then I'll purchase it immediately.
  If it doesn't, then can anyone point me to a tutorial that explains the entire process, as clearly as possible? I've modified my httpd.conf, hosts and NetInfo files till I'm blue in the face and have asked questions on three different forums. I was able to create virtual hosts even on my PC; surely it can't be that much harder on a Mac.
  Thanks!

  Yeah, in another post he decided he does not like the Netinfo solution as he is a new Mac user and wants to keep it simple. I believe Netinfo is for DNSing the localnet anyway.
  It turns out it is incredibly simple to configure Virtual Hosts. In fact, it is even simpler in Apache 2 than Apache 1.3 because there is a separate component for configuring the Virtual Domains. Here's hoping OSX 10.5 includes Apache 1.2.
  What you do is you first edit your hosts file:
  sudo nano /private/etc/hosts
  Add these lines to point to your local machine domains:
  127.0.0.1 host2.example.com
  127.0.0.1 Test
  Here we are using
  http://host2.example.com/
  and
  http://Test/
  as our domains. When you are set up click these links and the pages should open in your browser.
  Edit the file at
  sudo nano /private/etc/httpd/httpd.conf
  to include these Virtual Domain blocks somewhere in the file:
  <VirtualHost *:80>
  ServerAdmin [email protected]
  DocumentRoot /Library/WebServer/Documents/Test/
  ServerName Test
  ServerAlias Test
  ErrorLog /Library/WebServer/Documents/logs/Test-error_log
  CustomLog /Library/WebServer/Documents/logs/Test-access_log common
  </VirtualHost>
  <VirtualHost *:80>
  ServerAdmin [email protected]
  DocumentRoot /Library/WebServer/Documents/host2/
  ServerName host2.example.com
  ErrorLog /Library/WebServer/Documents/logs/host2.example.com-error_log
  CustomLog /Library/WebServer/Documents/logs/host2.example.com-access_log common
  </VirtualHost>
  Note that the file does not even contain sample blocks in the config file as Virtual Hosts has been a recent invention. Apache 2, however, integrates VHosts seamlessly.
  In this example, I transcribed paths from the default OSX 10.4 Apache installation, so you may need to adjust the paths a bit since it is untested. Please report back so we can adjust the documentation accordingly.
  When finished, put some default docs in the target folders and restart Apache:
  sudo apachectl restart
  You should be up and running. You may need to reboot for the hosts file to activate, unless you know how to dump the cache like a Unix geek.
  Oh, and thanks for the patience on this one, I have been figuring it out too.

• Router-LAN-DNS Question

  Hi to all,
  My home setup is as follows:
  DSL Modem <-> Router with 4-Port Switch <-> Mac / OS X 10.4.3
  Everything works perfectly, yet in monitoring my network traffic I see regular queries for the LAN-DHCP-assigned private address of the Mac (i.e. 192.168.x.x) being sent to the external DNS server of my ISP with the standard query response: "No such name".
  I would imagine that it's possible and rather desirable to have these private address space queries resolved without resorting to the external DNS server. The only question is how?
  I would greatly appreciate a pointer in the right direction.

  Hi Tim,
  Many thanks for your post.
  Having searched far and wide on this, I've been surprised to find so little information that exactly fits the question:
  i.e.
  Why are queries for my private (non-routable) LAN address being sent to the external DNS servers?
  Of course there's no shortage of material surrounding the issue, but I've managed to narrow it down to two possible solutions.
  The first and simplest is, as you've described, adding relevant entries to the /etc/hosts file.
  The alternative, though, involves adding a directory "/locations/lookupd/" to the NetInfo database and there adding the necessary entries for hosts. Also, the default LookupOrder of lookupd would need to be adjusted.... all much too hairy for my liking.
  Anyhow, thanks again for responding and confirming the solution.
  Cheers
  -Andre
  iMac G4   Mac OS X (10.4.3)  

• Restore and Permissions Questions

  I'm wondering what my restore options are going alllow me to do. Let me elaborate on my situation and it might reveal why I am posting a new topic.
  I bought my macbook pro used, and it came with ilife and mac office installed. I used time machine to back up this OSX partition. The macbook pro is working perfectly, but small ghosts from the previous owner are bothering me.
  When I received the macbook pro, I changed the user name and password. I logged out and came back in as my newly created identity to find that my home folder in finder was still the previous user account. It had created a new home folder for the user I created, but the "default" home folder was still set to the previous user. Looking in User Accounts, that previous user name isnt listed, yet I noticed in Activity Monitor that all the applications are being launched as that previous user account.
  Its these ghosts that make me want to reformat for my piece of mind. My question is can I use Time Machine to preserve the software like ilife and mac office onto my new installation? Furthermore, will time machine handle reassigning the permissions from the old file system to the new? Or am I stuck with this previous owner's info?

  I'm not sure what's going on, but if there's no "macpro" in the NetInfo database, then you've already changed something around when you tried renaming the accounts. Not being able to "see" what's there makes it difficult for me to know how to proceed. I'm not confident that what I may suggest will be correct without looking into these accounts which I can't really do under the circumstances.
  The only sure thing I can recommend is erasing the drive and starting over from scratch, but I don't know if that's feasible for you to do. If not, then you could reinstall OS X doing an Archive and Install which doesn't require erasing the drive:
  How to Perform an Archive and Install
  1. Be sure to use Disk Utility first to repair the disk before performing the Archive and Install.
  Repairing the Hard Drive and Permissions
  Boot from your OS X Installer disc. After the installer loads select your language and click on the Continue button. When the menu bar appears select Disk Utility from the Installer menu (Utilities menu for Tiger.) After DU loads select your hard drive entry (mfgr.'s ID and drive size) from the the left side list. In the DU status area you will see an entry for the S.M.A.R.T. status of the hard drive. If it does not say "Verified" then the hard drive is failing or failed. (SMART status is not reported on external Firewire or USB drives.) If the drive is "Verified" then select your OS X volume from the list on the left (sub-entry below the drive entry,) click on the First Aid tab, then click on the Repair Disk button. If DU reports any errors that have been fixed, then re-run Repair Disk until no errors are reported. If no errors are reported, then quit DU and return to the installer.
  If DU reports errors it cannot fix, then you will need Disk Warrior (4.0 for Tiger) and/or TechTool Pro (4.5.2 for Tiger) to repair the drive. If you don't have either of them or if neither of them can fix the drive, then you will need to reformat the drive and reinstall OS X.
  2. Do not proceed with an Archive and Install if DU reports errors it cannot fix. In that case use Disk Warrior and/or TechTool Pro to repair the hard drive. If neither can repair the drive, then you will have to erase the drive and reinstall from scratch.
  3. Boot from your OS X Installer disc. After the installer loads select your language and click on the Continue button. When you reach the screen to select a destination drive click once on the destination drive then click on the Option button. Select the Archive and Install option. You have an option to preserve users and network preferences. Only select this option if you are sure you have no corrupted files in your user accounts. Otherwise leave this option unchecked. Click on the OK button and continue with the OS X Installation.
  4. Upon completion of the Archive and Install you will have a Previous System Folder in the root directory. You should retain the PSF until you are sure you do not need to manually transfer any items from the PSF to your newly installed system.
  5. After moving any items you want to keep from the PSF you should delete it. You can back it up if you prefer, but you must delete it from the hard drive.
  6. You can now download a Combo Updater directly from Apple's download site to update your new system to the desired version as well as install any security or other updates. You can also do this using Software Update.

• Netinfo manager help

  can someone do me a favor and somehow get netinfo manager to me? when my business issued me my computer they deleted it for some reason. they also did away with a bunch of the preference panes, but i got them back via email. if getting me netinfo manager is not possible, please give me a solution to get it back...im trying to enable root. thanks. email at ryuzaki818(at)aim(dot)com

  for anyone kind enough to read this: thanks for your concern. about five minutes after i posted my question i answered it myself. thanks.

• 20 existing Local NETINFO - Migrate to OD

  Hello,
  I have a functioning Kerberos/OD environment running OSX/Tiger.
  The Companny has about 20 users running local Netinfo user account per computer. Each username has been migrated to OD, but obviously is logging in locally and unable to take advantage fully of OD (network home dirs, single-signon, etc.).
  My question: How to move the files and folders of Netinfo accopunts to their *new" OD account?
  I have deleted users, created a DMG of their files and the re-opened it under another user and copied it to the network home dir, but it was challenging and 20 users is a lot to do by hand.
  Is there a resource or documention regarding best practices on how I should manage this process?
  Thanks!

  I believe you should start by binding the workstation to the directory server. please experiment with a spare workstation, but my memory tells me that login first tries to authenticate to the local netinfo no matter what. so if there is a local account jdoe and a server account jdoe, the user will be logging in as the local account. my advise - create the accounts on the server than start going over each workstation, backup the user data, zapp the local jdoes and replace them with a generic 'Administrator' account useful for trouble shooting. log into said account, bind the machine to the OD server, logout, log back in with jdoe (this time it is the server account) and populate newly created local home folder with user data from backup. sounds simple but it is a lot of work for 40 workstations. hope this helps.