Saturday, April 4, 2009

Side track - The Mace

A side track from my ramblings on IT setup. Why is this blog called "The Mace's Musings"? What/Who is "The Mace"?

This goes back to high school in the days where the internet barely existed and computer bulletin board systems (BBS) were the gathering spots of the geeks like me. Basically they were computers with modems attached to phone lines that one person at a time could call from their computer to that BBS and post their comments/download stuff and log off for the next person. Some more advanced ones had multiple lines but that was pretty rare in the early days. Back then they were places to chat with people, but more often than not they were used to distribute "Warez" or software. For the most part, in those days, there wasnt much freeware/shareware and the bulk of software getting downloaded was commercial/stolen. Those were the days of 300 baud apple cat modems (with a later huge upgrade to 1200 baud) and software applications that fit on a floppy. Still downloads took forever and new file transfer protocols like xmodem and zmodem were being pushed to help speed things up and recover from broken connections etc. There was a huge culture around all of this and it was mostly an Apple II/Apple Cat world.

Anyway, I started with my Apple II and a modem and started dialing into the BBS's. Back then everyone used a handle so nobody knew who really was downloading the software etc. The handle was your bulletin board identity and people and groups like the Legion of Doom had them and became well known in the community. 

I was in my basement one day with a good friend and we both were getting started in the community and figured we needed handles. He was into comic books, especially "Thor" and picked Odin, a Nordic god associated with war. We both liked the war and fantasy games like Wizardry. My choice was a weapon, a mace, personified to The Mace. The choice was both due to the weapon(ness) of it as well as an indirect reference to my last name.

From there I used this new handle and visited many BBS's across the country and eventually ran my own, starting with a single one and eventually franchising out to multiple states and I became fairly well known for a while. I dropped off the grid when I turned 17 and decided to follow a more legal path in life. I heavily modified some base BBS software to give my own stuff its own unique feel and draw and this was the beginning of any real programming with a purpose for me.

So thats where The Mace came from. 

As an amusing aside, about 20 years after I picked "The Mace", I was chatting with someone who worked for me at work many states away from where I grew up and we were talking about the early days in computers. We eventually got around to BBS's and he found out I was "The Mace". He had frequented my system and knew who "The Mace" was. Small world.

Those formative years in remote connections, tunneling through AT&T's computers, hacking/crack systems, distributed work, and programming have shown their influence on me for the last 20 years. While i'm not proud of some of it, I wouldn't be who I am without it.

OSX Server Day 1

Now that we were limping along from an IT perspective it was time to get a real server created. I took my OSX Server, 10 Client edition, popped it in my new MacPro (Nehalem) turned it on and got a white screen. Nothing. Odd. I booted off the pre-installed Leopard and it was fine. So from there I decided to just install it from the CD versus booting the CD. It installed fine and I rebooted and had OSX server. Then I was presented with a LOT of system management options and terminology and concepts I didn't know. I thought OSX server was supposed to be easy? Turns out there are 3 modes to OSX server - Standard (simple), Workgroup, and Advanced. When you install the way I had to it treats it as a server upgrade and forces advanced mode. 

Why couldn't I boot the CD? Turns out the OSX server I bought (several months ago) was older than the hardware I had just bought and was missing drivers etc and I could not swap the disk for a newer one without paying $500 to apple again. This was nuts, I got on the phone and after speaking to 5 Apple people (just to get to the correct department), I got told that since my OSX server was purchased a while back, and even though it wasn't used, they shouldn't be supporting me. Nice, so much for planning ahead. But then they said, if you do the install by booting Leopard and then running only a piece of the OSX server install package it may let me avoid advanced mode. I got one blurb from them on how to do this:

"Install OS X client onto unit, creating an admin user with the name & password that you want on the server. 
Update all SW and then insert OS X Server install disc into unit. 
Go to Finder>Go>Volumes.
The name of the metapackage file to be run is "MacOSXServerInstall.mpkg", which is located in /Volumes/Mac OS X Server Install Disc/System/Installation/Packages.
Run this metapackage file to install OS X Server on unit. "

Nevermind the fact that this information was limited and flawed, it gave me just enough to find the package I needed. The best way I found was to do this through the terminal and then "open" the referenced package. After doing this I got OSX server setup in the way it was meant to be. 

It took a great deal of time because each attempt required OSX updates (over my crazy aircard setup) as well as OSX server updates. A few times as they were setting up the rest of my network I had wrong IP addresses/configurations which were difficult to change in OSX server so I had the pleasure of doing this several times.

In the end I think the steps are something like this (none of which I could find with google searches):

1) Boot Leopard install CD (even if your new MacPro has Leopard pre-installed)
2) Go into disk utility and set up your disks the way you want (OSX server install would have had this step but you can't boot that). Your options may be more limited than OSX server but I had 4 1TB drives and created 2 mirrored 1TB volumes. One I called "OS" and one I called "Data". I'm so creative.
3) Now install Leopard and do all the updates. If you're doing this with an Aircard bring a good book.
4) Now, while logged into leopard after all the updates/reboots are done, put in the OSX server CD and run the package above. You'll walk through OSX server install. Oddly it doesnt force a reboot. 
5) Next, don't do any updates (if you do, start over at #1 - found that the hard way), eject CD and reboot.
6) Now you get the OSX server install screen asking you about standard (stand alone) vs workgroup vs advanced. I originally chose standard but later found out I should have chosen workgroup so I started over again.
7) Now once it comes up you can do the OSX server update (another 200MB+ over the aircard). Note that if you plan on making mistakes like I did its helpful to download these update packages and squirrel them away (I put them on the data drive that I wasn't wiping on each attempt).
8) Now you have an installed OSX server. Time to figure out what it can and cant do. Thats for another episode.

The alternative is to buy/get an OSX server CD that works with your hardware. My first experience with OSX server has not been pleasant.

IT early pains

With our new office we rented space and I hired a group (Rockport Technology Group) to come in and do the wiring, phones and basic network setup. They're a great bunch of guys that i've used before and they always do a first class job. What I was left with was a CISCO ASA5505 firewall, 2 Cisco 521 WAPs, a 48 port GigE switch, a Nortel BCM 50 phone system and a Keyscan card reader system for physical security. 

With that gear I have a wired and wireless network as well as phones and card access for my office which can sit about 40 people. Note that I haven't mentioned an internet connection. Thats because we don't have one yet (!). I ordered dual T1 lines from Verizon, but T1s take time (4-6 weeks). The fallback was Comcast since they were supposedly in the building already and had a 2-3 day install time. Even though they pre-certified the site/install when the guys turned up they found no Comcast in the building. They said they need to run cable to the building and they need to wait for the ground to thaw first (yes, though its April our ground is frozen after you get down a few inches -- welcome to New England). So I cancelled that order. I had had 5 phone lines installed by Verizon for the normal phone system so we asked them to convert one to DSL. You'd think that would be fast, but it takes Verizon 7-10 days to do that too. The DSL should be live next Tuesday. The T1's follow 3-4 weeks later.

So I have an office full of people that need internet access, what do I do? My crazy fallback idea from the beginning was to use my Verizon Aircard. I bought it a while back and used it to be on the net at all times, in the car, in airports, etc. Its a decent card and fast. So in the beginning I had it in my MacBookPro and was just doing internet sharing from it to the Airport. Apple makes this dead easy and it works well. The problem is the office space is 7K+ sq ft so there's no hope of covering much range that way. I could try to extend it with other network gear like Apple's airport express but i'd be buying them to use them for a week or two. I could try to bridge it to our new Cisco wifi but that was still coming online and having its own challenges. The other issue was that I needed to use my MacBookPro for stuff and so the network connection would come and go based on what I was doing which didn't help the others.

What I didn't have were any servers set up yet. I had bought 2 of the new Nehalem MacPros to be used for "IT stuff" and decided to use one of them to bridge to the net. I used one with the base Leopard install, installed the aircard and Verizon software and turned on internet sharing bridging the aircard to the wired ethernet port. Since the Cisco WAPs (wireless points) were also connected to the same network, all of a sudden everyone had internet access whether they were on Wifi or wired. The Verizon software (VZ Access Manager) just pain stinks. I have a conspiracy theory on these cell companies and the aircards -- its that when you use too much bandwidth they drop the connection just to see if they can stop the traffic, if nothing else its a brutal throttle. VZAccess doesn't automatically reconnect. But if you look in your network settings when connected with VZaccess, they have a new network location setup with the Verizon modem. In that new location I added in the ethernet port I wanted to share. I also set that location to be my location whether I was connected or not. I then when into the advanced settings of the modem through the OSX network preferences pane and set it up to auto-reconnect, never disconnect etc. With that done the network drops at times but reconnects without my involvement and we've had a productive few days downloading tools, updates, email etc. Its no speed daemon but its something you can live with.

I used that same MacPro to create the VMWare environment for the management apps for the Nortel and Keyscan pieces that I spoke about in my previous post. I also created a basic file shares so we could move things around internally.

Now I needed a real server with permissions for the different elements of the business, that was stable, could be backed up etc. More on that to come.

OSX Office Environment

I've had the fortunate experience (kidding) to become a part time IT guy for my new company. The plan is Mac's all around to limit the IT noise and then virtual machines for those that have some need of Linux/Windows. The basic setup is OSX + MS Office for the Mac + VMWare. Note that despite recent benchmarks of Parallels vs VMWare Fusion I went with VMWare, I did this because like MS Office, they're the leading VM environment and I can download more pre-configured machines etc for that environment than any other. 

The developers need Linux to do their thing and I expected that. What I didn't expect was that some basic applications like the ones to run the Keyscan card key access to the office doors and the Nortel phone system are windows only apps. For those I spent the whopping $300 on Vista Business, installed it in a Windows VM and then installed the apps in there. Generally these infrastructure apps don't need to be running all the time so that makes it even easier. Still, not having web based management or cross-platform apps in this age just shows you how far Apple has to go.

Over the next few posts i'll be talking about my experience in setting up an OSX based office environment and in the process you'll see how little I know about basic IT concepts :)