Tag: Server

Giving up on Profile Manager

The promise of Lion’s Profile Manager seemed good: a nearly free way of managing all the macs and iPads on your network, pushing setting etc over air using Apple’s Push Notifications.

Except I can’t get it to work. The issue is that when you try and enrol an iOS device, it complains that the certificate is invalid. I’ve searched hi and low on the Interweb for solutions, and even tried out a few. However, the result has been even more of a mess, as far as I can tell!

45 iPads arrived at school today, just waiting for me to set them up ready for September. I was hoping to use Profile Manager as part of the setup process, but I think now I’ll just have to make do with Apple Configurator and iTunes. Hey ho.

Maybe more joy will be to had with Mountain Lion Server?

These guys at Amsys seem to have gotten it going, if anyone’s interested.

Ricoh Printer Driver Fix pt.II, Or How It Might Not Have Been Such A Great Idea To Upgrade The Server When Teachers Are Writing And Printing Reports

One of the wonderful technicians from Toucan came and upgraded our Mac Mini server to OSX 10.7 Lion on Monday. It went pretty well, with only a bit of a glitch with the Snow Leopard machines needing to be rebound.  We tried setting up a script to this automatically, but this only worked on about half the machines so I still had to go around and make sure people could log on properly.

However, I also discovered that this had pretty much broken the previous fix for the Ricoh printer/copier, resulting in the copier spewing out reams and reams of gibberish.  This was compounded by the fact that it is report-writing season, which requires much printing at the best of times. Not good.

The problem boiled down to printer driver issues, more specifically that not all the Macs had the same Gutenprint drivers installed and so defaulted to the generic driver instead of the correct one.  Fun.

The solution was as follows:

  • Make sure all the macs had the latest Gutenprint installed, as this is the driver Workgroup Manager was instructing Macs to use.  Apple Remote Desktop made this easy.
  • Log onto each Mac remotely and do a test print, checking if the correct driver was being used.
  • If the wrong driver was being used, I then had to log in as an administrator and reset the print system, forcing the Mac to use the driver instructed by MCX.  To do this, you open ‘Print & Scan’ in System Preferences, right click on the list of printers and then select ‘Reset printing system…’.
  • Log in again as a managed network account and check it works.

I’m sure if I was a scripting kinda guy, there could be an easier way to do this.  But it did work, albeit rather long-windedly.

The moral of the story?  Make sure your Ricoh printer come with a Postscript driver card installed!

Munki and automatic updates

Apple’s approach to software updates betrays their consumer-centric view of computing: on a Windows PC, updates can be set to automatically install and in fact your system administrator can take that power off you and install updates whether you like it or not; on the Mac, it’s up to the user to install updates when they want to, and there are no official ways to fully automate this process.

This is all very well, but is a bit of a pain when managing a school-full of Macs, especially when all the remaining PCs happily pull updates off the Windows Software Update Service without anyone lifting a finger.  In a bid to keep everything reasonably up to date, I would use Apple Remote Desktop (ARD) to send a UNIX command to run software update every now and again.  This worked reasonably well, but required each machine to be unoccupied and for me to keep an eye to check everything was working ok.  I also tried setting machines to wake up in the night and then scheduled ARD to send the update command at that time, but this would never quite work properly with machines losing their connection or going to sleep etc.

I then stumbled upon a program called Munki, which describes itself as ‘Managed software installation for OSX’. It’s a pretty powerful bit of software, but with quite a steep learning curve and no friendly GUI to get things going.  However, after a bit of reading of the help files I realised that it could quite easily be set up to automatically install software updates whenever the Mac was idle at the login screen.  Here’s how (using a Mac OSX Server to manage preferences):

  1. Install the Munki package on a Mac.
  2. Open Workgroup Manager and then add a managed preference, using the ‘Managed Software Update’ application to provide an MCX .plist manifest.
  3. Add the following keys:
  • AppleSoftwareUpdatesOnly = true
  • InstallAppleSoftwareUpdates = true
  • SoftwareUpdateServerURL = your own Apple Software Update Server or just leave blank to use Apple’s
  • SuppressUserNotification = true

Tada, it should work!

Unfortunately for me it didn’t, not straightaway.  It turned out that I was having problems with our Software Update on our Mac server because the DNS wasn’t sorted correctly.  A useful tool in terminal is ‘changeip’ for that…

But it all seems to be working now.  Hurrah.