Backing up and Nuke OSX 10.8 Calendar Server

Backup

There's various bits of documentation around about how to do this on 10.7 Server, but although the principal is correct it doesn't work on 10.8

The reason for this is that in 10.8 there are two instances of the postgres daemon.

One is in user land, for sysadmins to setup their own databases, and is also used by Roundcube Topic Desk. The second is hidden and is used to store the servers data such as calendar events and wikis.

The 10.7 instructions to backup the DB are:
sudo pg_dump -U _postgres caldav -c -f caldav.sql

If you run this on 10.8 server it will fail, saying that it can't find the caldav database.

The only way to access the caldav db is via a unix domain socket located at:
/Library/Server/PostgreSQL\ For\ Server\ Services/Socket/.s.PGSQL.5432

You can verify this by using telnet to connect to it:
telnet -u /Library/Server/PostgreSQL\ For\ Server\ Services/Socket/.s.PGSQL.5432

** Note, a service that uses the postgres db must be running for the socket to exist.

In addition, the pg_dump program located on the standard path, i.e. /usr/bin is the wrong version to access the postgres damon hosting the service databases, there is another version hidden away within the server app at:
/Applications/Server.app/Contents/ServerRoot/usr/bin/

Even if you call this directly, it will fail because it tries to access the standard TCP port for postgres.

So, we need to use the pg_dump in the server app, and pass the socket location to it.

Luckily we can do this with the host flag, from the man page:
-h host, --host=host
           Specifies the host name of the machine on which the server is running. If the value begins with a slash, it is used as the directory for the Unix domain socket.
           The default is taken from the PGHOST environment variable, if set, else a Unix domain socket connection is attempted.

It appends the socket file name, so actually only wants the path.

Putting this all together, we can successfully backup the caldav DB with the following command:

/Applications/Server.app/Contents/ServerRoot/usr/bin/pg_dump -U _postgres -h /Library/Server/PostgreSQL\ For\ Server\ Services/Socket/ caldav -c -f caldav.sql

This will backup the DB that contains all the events, however there is also another program hidden in the server app that we need to run that will backup the sqlite dbs and the server settings.

/Applications/Server.app/Contents/ServerRoot/usr/sbin/calendarserver_backup

To backup, pass the following:
/Applications/Server.app/Contents/ServerRoot/usr/sbin/calendarserver_backup backup file.tgz

To restore
/Applications/Server.app/Contents/ServerRoot/usr/sbin/calendarserver_backup restore file.tgz

If you run it without any options or with -h it will give you basic help info.

Nuke and Rebuild

So now we know how to backup the DB, what if we want to wipe it and start again?

To do this we need to drop the caldav db, and then run calendarserver_bootstrap_database to recreate the DB.

However, the socket only exists when services that use the db are running, and you can't drop the db if it's being used.

To overcome this, luckily the wiki service uses the postgres daemon and creates the socket, but does not lock the caldav db.

Step 1…. get the background postgres daemon working..

In Server App

Stop Calendar

Stop Contacts 

Start Wiki

Step 2.. drop the caldav DB

sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/dropdb -U _postgres -h /Library/Server/PostgreSQL\ For\ Server\ Services/Socket/ caldav

Step 3 … rebuild the caldav DB

sudo calendarserver_bootstrap_database -v

Ubuntu Mount HFS +

HFS Volumes can be mounted on a linux system, here's the instructions for ubuntu (12.04 LTS):

First, make sure that you have hfsprogs installed. Example installation command:

sudo apt-get install hfsprogs 

Next, mount or remount the HFS+ drive; commands need to be as follows:

sudo mount -t hfsplus -o force,rw /dev/sdx# /media/mntpoint 

or

sudo mount -t hfsplus -o remount,force,rw /mount/point 

Finally, if the drive was improperly unmounted or has otherwise become partially corrupted run fsck.hfsplus (provided here by Jayson) as such:

sudo fsck.hfsplus /dev/sdx#

Mounting an OSX SMB Share on Linux

I got bit by this recently, and so sticking it here for when I forget next time ;)

Depending on the version of OSX you might have to specify different security settings:

mount.cifs //server_ip/share_name /mount_point -o username=osx_user,noexec,nounix,sec=ntlm,no perm,rw

This generally works, but you might need to change sec to sec=ntlmssp

example

First create the mount point if it doesn't exist:

sudo mkdir /mnt/Public

Then mount it:

sudo mount.cifs //192.168.1.1/Public /mnt/Public -o username=admin,noexec,nounix,sec=ntlm,no perm,rw

To unmount it:

sudo unmount /mnt/Public

SMTP Authentication with Archiware PresStore

As there are issues with sending reports from PresStore to mail servers  that require smtp authentication, I've created a script based on another script by Heinz Tschabitscher that will do this.

You will need php and pear installed on the server, but obviously this means it will work on Windows, linux and OSX.

Check to see if you have pear installed

$ pear version

If you don’t have it installed, you will need to install pear,

OSX 10.9 ( might work for other versions as well )

cd /usr/lib/php
sudo php ./install-pear-nozlib.phar
edit /etc/php.ini and add /usr/lib/php/pear to the include paths

Others

see here for info:

http://pear.php.net/manual/en/installation.getting.php

Check to see if the Mail Class is Installed

pear list-files Mail

If you don’t get anything then install it !

sudo pear install mail

You will also need Net_SMTP

sudo pear install Net_SMTP

Install the Scripts

Download the scripts and install them on the server, i normally create a folder called /scripts on the root of the drive and put them in there, just remember where you put them as you will need the path later!

Configure the Scripts

Edit the smtp_conf.php file and configure the relevant info:

$host = "mail.example.com";

$username = "user";

$password = "password";

$default_from="server@example.com";

$host = smtp server

$username = account to auth with

$password = account password

$default_from = from account to use if none is specified by the call ( ie presstore !)

Configure PresStore

Edit the client settings in PresStore and specify the external script as the mail sender:

Edit the user settings and specify the email address to send to:

Test It

Click apply and the click the Send Test email button, if all is well you will get an email!

If not, check the php error log. This will either be the log file set in php.ini, the apache error log, or the system log depending on your configuration!

ps_smtpauth.php

smtp_conf.php

Resourcespace Plugins

After lots of testing, the ldapauth and view_in_finder plugins have now been incorporated into release 4.6 of the main Resourcespace code.

View In Finder Plugin - New Version

I've updated the view in finder plugin to give the option to respect the access permissions.

If you tick the new check box and set the restrict permissions in group management in team centre, the plugin will now check to see if the user has download access to the resource, and will only display the plugin if they are allowed to download.

You can get the new version here:

View In Finder 2

OSX 10.6.8 Weird Network Problem

OK, so I've had this problem for some time on two Mac Book Pro's.
When I put them to sleep by closing the lid, and then wake them up by opening the lid, all GUI networking stops working and doesn't work until the machine is restarted.

So tonight this annoyed me too much and I decided to investigate.
This is the diagnosis I've done so far.. it points to mDNS, surprise surprise! They are both running 10.6.8 and have had all firmware updates etc applied. Although they were manufactured about a year apart, they both have Broadcom 57765-B0 network cards.

The logs show this:

Mar 14 23:12:43  com.apple.SystemStarter[36]: 2012-03-14 23:12:43,366  INFO [RuntimeAnalysisMonitor] [] - Memory Analysis (runtime)>> Allocated: 29256 kb >> Free: 9270 kb >> Max: 126912 kb
Mar 14 23:12:43  mDNSResponder[43]: *** process 43 exceeded 500 log message per second limit  -  remaining messages this second discarded ***
Mar 14 23:12:47: --- last message repeated 2 times ---
Mar 14 23:12:46  mDNSResponder[43]: ERROR: mDNSPlatformReadTCP - recv 74 got CLOSED 435000 times
Mar 14 23:12:46 com.apple.SystemStarter[36]: 2012-03-14 23:12:46,885  INFO [RuntimeAnalysisMonitor] [] - Memory Analysis (runtime)>> Allocated: 63424 kb >> Free: 40257 kb >> Max: 63424 kb
Mar 14 23:12:46  com.apple.SystemStarter[36]: 2012-03-14 23:12:46,978  INFO [Live Status Collector thread] [] - Cleaning all expired Live Status messages
Mar 14 23:12:47 mDNSResponder[43]: *** process 43 exceeded 500 log message per second limit  -  remaining messages this second discarded ***
Mar 14 23:12:54: --- last message repeated 6 times ---
Mar 14 23:12:54  iChatAgent[349]: [Warning] IMDServiceSession <AIMServiceSession: 0x100123700>: Want to connect to slogin.oscar.aol.com, but it is NOT up
Mar 14 23:12:54  mDNSResponder[43]: *** process 43 exceeded 500 log message per second limit  -  remaining messages this second discarded ***

But the following tests work:

nslookup www.bbc.co.uk
Server: 192.168.3.19
Address: 192.168.3.19#53

Non-authoritative answer:
www.bbc.co.uk canonical name = www.bbc.net.uk.
Name: www.bbc.net.uk
Address: 212.58.244.71

telnet 212.58.244.71 80
Trying 212.58.244.71...
Connected to 212.58.244.71.
Escape character is '^]'.
quit
HTTP/1.0 400 Bad request
Content-Type: text/html

<h2>Client sent a bad request.</h2>
Connection closed by foreign host.


Now.. this shows that networking is up, and we can connect to port 80 on a webserver, ie we can surf the web.... 
But everything in the GUI fails to connect to networking.. ARD, afp, web, mail, ical etc.

The solution is to force quit the mDNSResponder either from the command line with:

sudo killall mDNSResponder

or to select the mDNSResponder process in Activity Monitor and force quit it.

Because it's managed by launchd it will automatically relaunch, and when it does networking is instantly restored.

I haven't yet worked out why it goes wrong, but at least I know where the problem is...

Next step is to diagnose the wake up process!