MacOS Server Replacement #3 – Move OpenDirectory (LDAP) and DNS to FreeIPA on Fedora

As part of the migration of my MacOS Server to Linux the most tricky service to migrate is Apple’s OpenDirectory service. Although it is based on the open-source OpenLDAP project, Apple did customize things a lot, making it very tricky to move and block a real migration due to these closed-source customizations.  Instead of spending a lot of time on trying to figure out how to migrate OpenDirectory, I decided to start with a clean FreeIPA installation and migrate the users to that. Since I have been using MacOS Server’s OpenDirectory handled my  authentication for quite some time and ran in to issues before I learned that starting from scratch (and only migrating user information) isn’t that hard and in often the best approach.

As it is already quite long, this post focuses on how to configure FreeIPA on Fedora Core and migrating DNS and users. Integrating MacOS is covered on the FreeIPA WiKi and will be covered in a subsequent post including the integration with Apple’s Profile Server (the main component Apple seems to intend to support in the future). To aid with the configuration / setup I wrote a couple of scripts that are available from my Gitlab instance.

Continue reading “MacOS Server Replacement #3 – Move OpenDirectory (LDAP) and DNS to FreeIPA on Fedora”

Ditching TeamViewer for AnyDesk

I have been using TeamViewer for many years to support my relatives abroad when they had issues with their PC. I really like the product, despite getting huge (100Mb on MacOS) and bloated with many new features I don’t need, as it did the job well and worked cross-platform. For this reason, I have also always endorsed it for professional use with employers / customers (with the right paid license of course). However, as TeamViewer seems to have changed their strategy and seems to now aggressively push free users into a subscription they forced me to consider other options and switch to AnyDesk.

Continue reading “Ditching TeamViewer for AnyDesk”

Installation of VMWare Tools (version 10.3.0) on vSphere Hypervisor

After my upgrade to vSphere Hypervisor 6.7 I (again) had to manually install the VMWare Tools for MacOS (and Solaris). VMware only includes the tools ISO images for Windows and Linux in the vSphere Hypervisor installer and during the installation process, any existing ISO image is removed.

As VMWare published version 10.3.0 of the VMWare Tools a few weeks ago, I will document in this (brief) post both the steps to upgrade VMWare tools on vSphere Hypervisor and the steps install the one for MacOS for future use.

Continue reading “Installation of VMWare Tools (version 10.3.0) on vSphere Hypervisor”

VMWare vSphere Hypervisor 6.7 supports MacOS 12.13 (and 12.14!)

I am running  VMWare’s free vSphere Hypervisor (formerly known as ESXi) on my Mid-2011 Mac Mini Server (Macmini5,3) for many years . Earlier this year VMWare introduced vSphere Hypervisor 6.7 but as it was not really clear what it would add and I had a stable environment I decided not to upgrade (yet) when it came out.

However, ever since Apple introduced the APFS filesystem with MacOS High Sierra, special care was required to install (or upgrade) a MacOS VM on vSphere Hypervisor as the built-in EFI boot did not support this. Since I had to create a new MacOS Server today, I decided to give this update a try to see if it would support MacOS High Sierra. Documentation was not very clear on this, but it turned out that with this version of vSphere Hypervisor, MacOS 12.13 (as well as 12.14!) is supported, as this is how the dropdown when creating a new VM now looks like for MacOS:

This post contains the steps to perform an upgrade from vSphere Hypervisor 6.5u1 to 6.7 on my Mid-2011 Mac Mini Server, including the installation of the (not included) VMWare Tools image for MacOS.

Continue reading “VMWare vSphere Hypervisor 6.7 supports MacOS 12.13 (and 12.14!)”

Raspberry Pi power saving (disable HDMI port and others) – the SystemD way

For a few year I have been playing with Raspberry Pi’s. I started off with a 1B, then moved to a a 2B and for some time am heavily using a model 3B as my monitoring (nagios) server while the 2B is being setup for other use (as well as a few Pi Zero’s being used for other things).

Since the switch to the 3B I started to have more and more issues with the SD card getting corrupt. Actually, it wasn’t the card itself but critical files tended to get corrupted, making the system unusable after a while – one of the reasons  I scripted the setup of my monitoring server using Ansible). Recently I found this discussion on stackexchange which hinted me on the root cause of my problems – the Raspberry Pi 3B really needs a 2.5A power supply to function correctly.

Continue reading “Raspberry Pi power saving (disable HDMI port and others) – the SystemD way”

MacOS Server Replacement #2 – Migrating PostgreSQL

As part of the migration of my MacOS Server to Linux the next service to migrate is my PostgreSQL engine. Although PostgreSQL had already been hidden in MacOS Server for some time, it still was included (as internal services like ProfileManager and Calendar and Addressbook Server depend on it.  Despite it being hidden, I had still enabled it (manually) and hosted my PostgreSQL databases on my MacOS Server for ages. Despite migrations sometimes being a pain (i.e. not automatic) this worked well so far, including integrating it with the MacOS Server way of using transaction logs for offline backups. (so I will also have to look for a new way to do this). Continue reading “MacOS Server Replacement #2 – Migrating PostgreSQL”

VMWare ESXi 6.5 Spectre patch available

Today I noticed that VMWare has released a partial solution for the Spectre security issue ( CVE-2017-5715), according to VMWare:

This ESXi patch provides part of the hypervisor-assisted guest mitigation of CVE-2017-5715 for guest operating systems. For important details on this mitigation, see VMware Security Advisory VMSA-2018-0004.3.

It can be downloaded from their site and is also available for the free ESXi 6.5 version, the file to download is ESXi650-201803001.zip, see also VMWare Knowledge Base article 52456. Installation is quite straightforward. Continue reading “VMWare ESXi 6.5 Spectre patch available”

MacOS Server Replacement #1 – Migrating MySQL to MariaDB

As part of the migration of my MacOS Server to Linux the first service to migrate is my MySQL 5.7 engine. Although MySQL is not part of MacOS Server anymore for a long time (and I had installed it separately), I will cover the migration here as 1) I still had it running on my MacOS Server and 2) the migration wasn’t smooth so decided to share my learnings here. Continue reading “MacOS Server Replacement #1 – Migrating MySQL to MariaDB”