Posted by Doug Fri, 19 Jan 2007 14:03:54 GMT
I’m selling my 12” Powerbook on eBay. It has a 1GHz G4 w/768MB RAM, 40GB Hard Disk, and a combo drive. It also has built in bluetooth and an airport extreme. I just got the battery replaced through the recall, so it’s brand new with plenty of life. All that’s installed on it is Mac OS X 10.4.8 Tiger and iLife ‘04. Bid early, bid often!
Posted by Doug Sun, 14 Jan 2007 05:28:00 GMT
One of the sucky things that’s happened at work is a corporate migration to MS Exchange. This is the story about how I’ve survived the migration.
Our IT department has decided to only support two mail clients: MS Outlook and MS Entourage. So I’ve been using Entourage. I resisted at first simply because it was MS and it looked a lot more ugly than Apple’s Mail.app. After several months I can truely say I hate it. The user experience is really awful. Search is slow and cumbersme. I’ve got dialogs popping up all over the place. Configuration is a hasstle. The supposed benefit of Entourage is integraton with the rest of the company. Unfortunately, MS treats Entourage like a red-headed step-child (no offense to all you red-headed step-children out there). The integration with Exchange is clunky at best.
The good news is our IT department also supports the Outlook Web Access (OWA). This is really a WebDAV interface with pretty good functionality. I finally found fetchExc. It’s like fetchmail, but downloads from Exchange via OWA and dumps it into a local mbox file. The bad news is fetchExc is a java app. That means it was kind of a hassle to setup. What you’ll see below is me trying to explain how to get this java app able to run. Please forgive the Java ignorances. This is why I took Java off my resume.
The first big step is getting the SSL certificate of your OWA host available to Java.
openssl s_client -connect your.outlook.web.access.host:httpsThis will dump a bunch of text to the screen. The important bits are between and including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----. I copy/pasted this text into an outlook.pem file.
sudo keytool -import -alias your.outlook.web.access.host -keystore keystore -file outlook.pemThis creates a keystore file that java uses for validating certificates it receives. I’m not sure how it’s different than a .pem file, but whatever.
Now I edit the fetchExc.properties file appropriately. I think the important bit is setting MboxFile=/var/mail/dalcorn (where dalcorn is my Mac short-name or unix login). I’ve also set Delete=false and All=false. This means the mail will be left in Exchange and marked as read. Only unread messages will be downloaded.
java -Djavax.net.ssl.trustStore=/Users/dalcorn/devel/fetchExc/keystore -jar /Users/dalcorn/devel/fetchExc/fetchExc.jar -p /Users/dalcorn/devel/fetchExc/fetchExc.properties > /tmp/fetchExc.log 2>&1This is the full command line I use to run the actual fetching of mail. I’m not smart enough to add the .pem file to the global keystore, so I have to specify it explicitly on the command line. Also, I’m explicitly calling out the property file as well. I’ve got this command running in a cron job every 5 minutes.
The next tricky part is getting Apple’s Mail.app to read this mbox file. In the olden days, Mail had an account type of “Unix” that would read from the default system wide mbox file. That’s gone now. My only other option was to use POP.
sudo port install qpopperThis installs a simple POP3 server on my mac. I did zero configuration. Whatever the Portfile said for it to do was fine. I did have to manually start the daemon though.
sudo launchctl load -w /opt/local/Library/LaunchDaemons/org.macports.mail.qpopper.plist-distThat file in the LaunchDaemons directory will make sure qpopper is started at reboot.
After that, I just created a new account in Mail.app of type POP with mail host set to localhost. Easy, peasy, pumkin weasy.
I can’t tell you how much happier I am not having to spend time in Entourage all day. It’s the little things that count. Big thanks to Juhani Rautiainen who wrote fetchExc!
Posted by Doug Mon, 28 Aug 2006 13:24:17 GMT
I’ve got three Macs and one Linux fileserver. Why can’t we all share the same iPhoto library? I think we can. If you google ‘iphoto acl’ there are lots of tutorials on how to share iPhoto libraries on the same computer between different users. There’s not much that talks about doing it across different computers. Here’s what I did.
I setup a volume on my Linux box with the permissions such that all the files are group read/write and the directories have the group sticky bit set. With all the users that need access to the photos in the same group, this setup allows anyone to both read and create photos on the shared partition. Here’s a couple commands I use to set this up:
$ find /photos -type d -exec chmod 2775 {} \;
$ find /photos -type f -exec chmod 664 {} \;
So now the question of how to share the files. There are three options: NFS, Samba/smb, and Netatalk/AFP. As to the later, note that AFP is not necessarily Appletalk. AFP is a file sharing protocol; Appletalk is a communication protocol. Netatalk easily allows AFP over TCP/IP.
I’ve managed NFS before. Supposedly it’s the most mature and efficient of the three file sharing protocols. My main beef with NFS is managing user ids and group ids across all the NFS clients and server. I know you can use NIS, but that seems like more systems administration than I want to deal with.
So really it comes down to AFP and SMB. Which one is better? I’m not a very good judge of that, so what I did was setup both and measure the performance difference. I have a directory tree that’s several layers deep and has about 450 images; both Adobe DNG raw and processed JPEGs. The average DNG is about 5MB and the average JPEG is about 2 – 3 MB. I used rsync -av to copy the folder from my Macbook Pro (with a 7200rpm drive) across a 100Mb/s wired network to the server using both an AFP mount and a SMB mount.
With SMB using Samba 3.0.14a-3sarge1:
sent 2532341005 bytes received 8800 bytes 8657606.17 bytes/sec
With AFP using Netatalk 2.0.3-2.0.jones.2:
sent 2527694620 bytes received 8760 bytes 6591143.10 bytes/sec
It would appear SMB is faster. I’m not sure if this is a proper test or not. I don’t know if doing large file transfers like that is how iPhoto typically does it’s I/O. It seems convincing to me. Also, is AFP a better “experience” on my Mac because it’s Apple’s protocol? Honestly, I don’t know why it would be. The only difference I can perceive is typing ‘smb://tigermp/photos’ versus ‘afp://tigermp/Photos’.
Speaking of which, this brings up an interesting aside. I had setup netatalk quite a while back and had it working fine when both my Macs were running Panther. I upgraded my wife to Tiger first and her AFP mount wouldn’t work. I struggled and couldn’t figure it out, so I switched to Samba. This weekend it was recommended I switch back to AFP and I quickly ran into the same issue.
I would try to mount the volume and my Mac would tersely say “Couldn’t mount the volume, ‘photos’”. My Linux server’s logs were of no help. They simply showed a login and an immediate logout. So, I tried connecting via the command line:
$ sudo mkdir /Volumes/photos
$ sudo mount -t afp afp://dalcorn:_my password_@tigermp/photos /Volumes/photos
mount_afp: the mount flags are 0000 the altflags are 0020
mount_afp: AFPMountURL returned error -5019, errno is 32
I couldn’t find what error -5019 meant anywhere. Eventually I noticed that in my AppleVolumes.default I had specified:
/photos "Photos" veto:/lost+found/
So, when I tried to mount the AFP volume using “Photos” instead of “photos” it worked like a champ. Apparently, error -5019 means “no such volume”. Also, since this used to work on Panther, but broke on Tiger I’m assuming that means Tiger somehow became case sensitive on AFP URIs when Panther wasn’t.
One last thing. Since this post was originally about sharing iPhoto libraries I should mention that if you hold option down while launching iPhoto it will prompt you for which Library to open. Simply choose one on the shared volume and you’re good to go.
My name is Doug Alcorn. I'm a 30-something husband, dad, Christian, and hacker living in Cincinnati, OH. When I'm not on my computer or being a dad, I'm usually shooting photos or out in the woods.
Copyright 2001 - 2005 by Lathi.net and Doug Alcorn
