Mac OS X Lion (10.7) on my (upgraded) Late 2006 Mac Mini

After yesterday’s upgrade of my Late 2006 Mac Mini (MacMini1.1) it was time today to see if I could get OS X 10.7 (Lion) working on it. As per  discussions on Apple’s discussion forms this should be possible (as the hardware supports after the upgrade I did). However, the standard OS X Lion installation did not want to install on this hardware yet. As per the discussion on MacRumors.com I had to remove the file

/System/Library/CoreServices/PlatformSupport.plist

before the installation wanted to start. Once I did that, I could do a clean install on the new SSD Harddisk withougt any issues or additional hacks needed. Also transferring the users, apps and settings from the old system still on the external USB harddisk went fine and actually totally surprised me (I never used it before) as it turned the clean install in a totall usable system including the configuration of the OpenDirectory server.

After the installation it is important to enable Trim support on OS X to extend the lifetime of my SSD harddisk with the excellent tool Chameleon.

Right now I am very happy with the end result: a Late 2006 Mac Mini running OS X Lion (10.7):
Late 2006 Mac Mini after upgrade

Obviously only 3 Gb of memory is available as that is the max. the hardware supports, but still this is a very good solution to have a 2nd Mac Mini system for my children.

Upgrading a late 2006 model Mac Mini

One of the Macs in our house is a late 2006 model Mac Mini (MacMini1.1 model MA206LL/A). The machine itself still works hapily with Mac OS X Leopard (10.6), but it only has 2Gb of memory and since its harddisk broke a while ago, it is working from an USB harddisk. All in all technically still OK, but terrible user experience as it is just slow.
Today I did some investigation on the Internet to see to what extend this old machine can still be upgraded and bumped into an interesting overview on xlr8yourmac.com. It turns out that the basics are quite good and with a few changes it can still be used for some time:

  • CPU – currently a Core Duo that could be replaced with a Core 2 Duo
    The Core Duo processor is a 32-bit one that does not support 64-bit OS X. Fortunately the processor is on a socket (and not soldered to the main board) and its pin layout is identical to Core 2 Duo models. This is also being discussed on Apple’s discussion forum (still exists so Apple is not stopping it) and according to posts on MacRumors.com others have done this successfully, so this is definitely something I will try. Guess what, there is even a step-by-step guide on iFixIT on how to do it!
  • Memory – currently limited to 2GB but potentially could support 3Gb (of 2x 2Gb)
    Memory is limited to 2Gb (2x 1Gb) with the Core Duo processor, but the Core 2 Duo can support up to 4Gb (2x 2Gb) of memory. Unfortunately the MacMini1.1 model firmware does not support it but it turns out to be possible to flash the firmware of a MacMini2.1 as the folks on the NetKas forum explain. The links to the firmware no longer worked, but I found them on a French Mac Forum thanks to this post. After this upgrade 3Gb can be used, which is still 50% more than the machine had.
    There is a separate step-by-step guide on iFixIT for replacing the memory, but I don’t think I will need it as I will do it when I replace the CPU.
  • Harddisk – currently broken 5400rpm 80Gb disk, replacing this with a 60Gb SSD harddisk is a no-brainer
    Replacing a broken harddisk for an SSD disk is nothing fancy, though it is important to enable Trim support on OS X after replacing it when you use a non-Apple disk. For this I found the excellent tool Chameleon some time ago for my Macbook Pro.
    Also for this step there is a step-by-step guide on iFixIT, that I won’t need either as I will install the new harddisk when I replace the CPU.
  • Software – currently OS X Leopard (10.6) is the maximum
    Replacing the Core Duo CPU for a Core 2 Duo would turn the MacMini1.1 effectively into a Macmini2.1, which is capable of running OS X Lion (10.7) according to discussions on Apple’s discussion forms. There is apparently only one hack needed (removal of a file on the installation media) to be able to perform a clean install according to a discussion on MacRumors.com.

As I am not that uncomfortable with opening my old Mac Mini (did it before when I added memory) and the other steps appear doable, I will give this a shot. I just ordered the components and plan to perform the upgrade next weekend (assuming all parts will be in).

Restoring OpenDirectory on Mac OS X Mountain Lion Server

After some more checking on the contents of the /Recovered Items folder left over after my failed upgrade of OS X from Lion to Mountain Lion I decided to proceed with re-installation of the components to see if I could get things back as they were again.

The first step was to install the Server component again (which has gone missing after the upgrade). This only took a simple purchase of the Server.app component in the App Store. After that I had a Mac Server again and could start my reinstallation.

The first component to reconfigure was the Open Directory component. It was extremely important for me not to lose that one as it contained all my users, their passwords and group membership as well as all the e-mail addresses each user had (I am hosting a few different domains, re-creating that would mean a lot of work).

When I enabled the Open directory server component, I had to specify how I wanted to configure that. This screen included an option to import a backup. As I still had the whole data structure from my previous installation, I tried that first but that did’t work. Then I noticed that the directory /Recovered Items/private/var/backups/ contained a file called ServerBackup_OpenDirectoryMaster.sparseimage that was less than a day old. I selected that file as backup, which was accepted to restore from and it looks like that did the trick. My users were restored and I could also login with my regular userID again.

Based on this initial success I decided to rebuild the rest of my server as I knew the other components (PostgreSQL, Postfix, Dovecot, etc) pretty well from when I hosted everything still on Linux… I will continue to document the steps I took as well as my custom setup as it may be useful for others.

Upgrade to Mountain Lion Server Failed…

Today I decided to (finally) upgrade my Mac Mini Server running OS X Lion Server to Mountain Lion Server. The upgrade was way overdue and Mountain Lion appeared to be pretty stable by now, so I decided to make the switch this weekend. Based on other’s good experiences, I had made a last Time Machine backup, disabled incoming mail on my firewall, purchased the update to Mountain Lion in the App Store and started the process.

Unfortunately after about 1 hour of processing i got a message like "Upgrade Failed, system will now restart". After this restart it turned out I was left with a vanilla install of Mac OS  X on my Mac Mini Server. It even started to ask all the 1st time questions again including whether I wanted to register my server wit Apple again. Once I logged in it turned out that indeed I had a vanilla installation of the bare OS X Mountain Lion system on my Mac Mini Server, still without the Server components (which was expected). Fortunately all user data was still were it should be (in /Users) but apart from that all system settings and other data (opendirectory, databases, mail, calendars, contacts, etc.) turned out to have moved to a folder called /Recovered Items. Apple… WTF?

A quick scan indicated that no data appears to be lost (pfew…) but I need to do some investigation on how to recover from this and decide whether I want to restore my backups (which eventually won’t resove anything as the next upgrade would probably fail again). The good thing is that although my Mac Mini Server itself is vital for my infrastructure (it runs a few Linux VMs), but it’s own functions are limited to Nameserver, Mail/Calendar/Contact Server and Fileserver for my other Mac. This may be a good moment to start from scratch and document my customizations while recovering…

Enable regular VNC access to an OS X Server remotely

Mac OS X Server has pretty decent screen sharing and remote desktop features out of the box to manage you headles OS X Server remotely. This works great when you have a Mac OS X desktop or laptop, but I found out today requires some additional setup when you’re using a Microsoft windows client.

The tehcnology used by Apple is VNC, which is a very mature and generally available protocol for which multiple mature clients exists on different platforms. However, Apple has decided to use its own authentication model between the client and the server out of the box (for probably good reasons, not sure though which but they probably wanted to use GSSAPI again). However, the default VNC authentication is not enables out of the box and requires some additional setup to enable access from standard VNC clients.

Today  I found myself needing to do some administrative tasks I knew I could do easily through a remote desktop connection, but since I was a few thousand kilometers away and only had my (Windows 7) work laptop with me, could not do. It turned out I had to enable some settings to allow "classic" (actually standard) VNC clients to connect and authenticate with the Mac OS X remote desktop (VNC) server. Furtunately it turned out to be possible not only through the graphical interface but, as many times with OS X, there was also a command line way to make the necessary adjustments. Running the following command:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart  -configure -clientopts  -setvnclegacy -vnclegacy yes -setvncpw -vncpw PASSWORD

where PASSWORD is the password to be provided to authorize a standard VNC connection.

With the above command executed through an SSH connection over VPN I was able to enable standard VNC support on my Mac OS X Server and logged in (again though the VPN connection) on my server’s desktop remotely using a standard VNC client.

Just to be complete, the option to use a standard VNC client can be disabled using:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart  -configure -clientopts  -setvnclegacy -vnclegacy no

Automatically lock your Mac when you step out

Of course, being a mac user at home, after yesterday’s post on locking a windows machine I have been looking for a similar solution to automatically lock my mac when I step out. A similar setup as with btprox for Windows can be established easily by combining the power of an open-source tool called Proximity with a little AppleScript.

Proximity is a more generic solution that allows one to run an AppleScript when a Bluetooth device gets in or out of range. The generic solution was already described on Lifehacker and Macworld Hints. However, they both have a too generic solution where just getting in range with the paired device would unlock the computer, which is not exactly what I wanted. I use the following AppleScript instead, which only switches off iTunes if it is running (and does not start it when it is not) and locks the screen:

    if application id "com.apple.iTunes" is running then
        tell application id "com.apple.iTunes" to pauze
    end if

    activate application id "com.apple.ScreenSaver.Engine"

My Default settings for the screen saver to always require a password after 1 minute suffice for me and render the setup I need on my Mac OS X Lion machines.

Enabling TFTP on Mac OS X Lion

While migrating my linux-based server to Mac OS X Lion Server, I noticed it did not have a TFTP server enabled by default. A little googling pointed me to a blog post of The Weezey Geek, who outlined that everything is there, it’s just disabled.

 I enabled the TFTP server as follows (which is slightly different from the post referred to below):

  1. edit /System/Library/LaunchDaemons/tftp.plist as root (sudo vi /System/Library/LaunchDaemons/tftp.plist)
  2. Change
    <dict>
            <key>Disabled</key>
            <true/>

    into

    <dict>
            <key>Disabled</key>
            <false/>
  3.  Next load the configuration with sudo launchctl load /System/Library/LaunchDaemons/tftp.plist

 Which makes the change permanent and starts the TFTP daemon.

by default TFTPD uses /private/tftpboot as it’s root directory. To change this, modify the following fragment in /System/Library/LaunchDaemons/tftp.plist:

        <array>
                <string>/usr/libexec/tftpd</string>
                <string>-s</string>
                <string>/private/tftpboot</string>
        </array>

To allow TFTP uploads, make sure that the directory to be uploaded to (be wise and make this a subdirectory of your TFTP root directory) is writable to all users.

Migrating to Mac OS X Server

Just before Christmas I bought myself a Mac Mini Server with OS X Lion Server. The idea behind this machine is to replace my current server (a almost 7 year old Dell PowerEdge 2850). From the specs this machine is way faster, has more diskspace (although no RAID5, but I have a NAS for storage anyway) and it uses way less energy than the current setup. Based on a quick calculation, the mac mini server would use less than 15% compared to the Dell, which means that this investment would earn itself back in about 2 – 3 years.

I have been playing around with the Mac OS X Lion Server for a while to make up my mind how I want to migrate my current setup. Since Mac OS X is based on BSD, it does provide a very good platform to replace my linux-based setup, but I am not quite convinced yet the way Apple has structured would work for me. Besides, I do like to keep some things separate, so I am still looking for a good way to do this. So far the only (and most efficient / easiest) way to achieve these appears to be running some services in a VM.

In the coming weeks I will be migrating different services from my Linux-based setup to either something running on Mac OS  X Lion Server natively, or inside a VM running on Linux on the Mac Mini Server. Each of these migrations will be described here to help others.