The purpose of this entry is to talk about 10.7 server and show you how to accomplish everything that you could accomplish from the Server Admin application through commands using terminal or edits to system files in the operating system. Everything below requires that you be logged in as the root user on the server in order to avoid permission issues.

How to enable PHP 
Run this command to check if PHP is enabled on 10.7 server.

1

cat /etc/apache2/httpd.conf|grep libphp5.so

If the output is

1

LoadModule php5_module libexec/apache2/libphp5.so

and not

1

#LoadModule php5_module libexec/apache2/libphp5.so

then PHP is enabled. If it is the other way around with a # in the beginning of the line you can just edit the httpd.conf file manually with

1

sudo pico /etc/apache2/httpd.conf

and remove the bracket manually and then restart the web server with

1

sudo apachectl restart

Alternatively you can also enable this via a checkbox in the terrible server.app in 10.7.

How to change the default file type 
By default the landing page on all new sites is index.html if you would like to change this or the order in which a webpage searches for the index page then you need to change the default file type.

To do this edit the configuration file appropriate to your site name. Meaning you have to have already configured a site in the 10.7 server.app program once you have a site then you need to edit the site configuration file. If your site was called apple.com then your site configuration would be in /etc/apache2/sites/apple.com.conf or something like that.

You need to edit that file

1

pico /etc/apache2/sites/nameofyoursite.conf

look for the following in the file

1
2
3

<IfModule mod_dir.c>
    DirectoryIndex index.html
</IfModule>

If you want to change the main page to index.php instead of index.html then replace index.html with index.php. If you want to add it as a secondary load page then you can change it to this.

1
2
3

<IfModule mod_dir.c>
    DirectoryIndex index.html index.php
</IfModule>

once done save and restart apache.

1

sudo apachectl restart

How to enable .htaccess 
If you are going to be using mod_rewwrite at all for redirects or pretty permalinks (which is very common now) then you need to have this enabled. Again as stated before you have to have a site setup on the server through the server.app program. Once done locate your configuration file as outlined above and make the following changes.

1

pico /etc/apache2/sites/nameofyoursite.conf

Once your in the file look for something that looks similar to the following.

1
2
3
4
5
6

<Directory "/Users/yourname/Sites/">
     Options Indexes +MultiViews
     AllowOverride All
     Order allow,deny
     Allow from All
</Directory>

It won’t look exactly the same but what you want to do is replace it with what you see above that will enable the .htaccess or mod_rewrite the line of code that actually does this is the “AllowOverride All” command.

How to enable WebDav
To configure WebDAV Sharing for such users, follow these instructions before enabling any WebDAV share points.

Note: The instructions in this article include editing configuration files. You must have root access to edit these files. You should make a backup copy of each file prior to editing it.

This step is optional but highly recommended: Acquire and install a trusted SSL certificate, and use Server App to configure Web Service to use the certificate. You can use the server’s default, self-signed certificate for WebDAV Sharing, but iWork and other applications may warn that the certificate is “invalid”.

You need to edit the following configuration file

1

pico /etc/apache2/httpd_webdavsharing.conf

Find the line “AuthType Digest” change Digest to Basic. This makes WebDAV Sharing use Basic authentication, which is required for Active Directory users.

Now edit this configuration file

1

pico /etc/apache2/webapps/com.apple.webapp.webdavsharing.plist

find these lines

1
2

<key>sslPolicy</key>
<integer>0</integer>

Change the 0 to 1. This makes WebDAV Sharing require SSL, which is the only secure way to use Basic authentication. Advise users to configure the iWork clients on their iOS devices with an “https” WebDAV URL, like: https://example.com/webdav

How to enable the directory listing 
Again as stated before you have to have a site setup on the server through the server.app program. Once done locate your configuration file as outlined above and make the following changes.

You need to edit that file

1

pico /etc/apache2/sites/nameofyoursite.conf

find the words “AllowOverride” in that block where these words are you need to add this line. This line may already be in your file but it may be different simply update it to reflect these changes

1

Options -Indexes FollowSymLinks

How to enable SSI
If you need to use Server Side Includes in your scripts or website files then do the following to enable it.

1

sudo pico /etc/httpd/httpd.conf

look for these lines

1
2

# AddType text/html .shtml
# AddHandler server-parsed .shtml

Uncomment those 2 lines (remove the # in front of each of them). Now look in the same file for the following

1

Options FollowSymLinks

Add “Includes” to the 2nd line so it looks like

1

Options FollowSymLinks Includes

save the file and restart apache

1

sudo apachectl restart

How to enable VHOSTS
VHOSTS or Virtual Hosts enable you to have multiple domain names mapped to the same site or IP address. To enable this edit the httpd.conf file

1

sudo pico /etc/apache2/httpd.conf

find this line

1

#Include /private/etc/apache2/extra/httpd-vhosts.conf

change it to

1

Include /private/etc/apache2/extra/httpd-vhosts.conf

this will effectively enable VHOSTS. Now you should restart apache.

1

sudo apachectl restart

How to enable CGI
Again as stated before you have to have a site setup on the server through the server.app program. Once done locate your configuration file as outlined above and make the following changes.

1

pico /etc/apache2/sites/nameofyoursite.conf

Once your in the file look for something that looks similar to the following.

1

     Options Indexes +MultiViews

It won’t look exactly the same but what need to do is add “-ExecCGI” after “+MultiViews” it should look something like this.

1

     Options Indexes +MultiViews -ExecCGI

This will enable CGI and allow you to run CGI scripts in Apache. Now you should restart apache.

1

sudo apachectl restart

How to enable Logging
This one boggled my mind, by default website logging is not enabled and again there is no way to enable it in the GUI. You will want to have this enabled to catch errors and fix faulty code. To enable this again we are assuming you already have a site configured with the server.app program. Once done locate your configuration file as outlined above and make the following changes.

1

pico /etc/apache2/sites/nameofyoursite.conf

find the line “DocumentRoot”, Under that line paste the following

1
2

CustomLog "/var/log/apache2/access_log" combinedvhost
ErrorLog "/var/log/apache2/error_log"

it should now look like this

1
2
3

DocumentRoot "/path/to/your/website/"
CustomLog "/var/log/apache2/access_log" combinedvhost
ErrorLog "/var/log/apache2/error_log"

Now you should restart apache.

1

sudo apachectl restart

How to add a domain alias
This is a common thing that most web admins do to map domains to a single site. This again has been removed from the functionality of the server.app on 10.7 server but is a pretty easy to add. To enable this again we are assuming you already have a site configured with the server.app program. Once done locate your configuration file as outlined above and make the following changes.

1

pico /etc/apache2/sites/nameofyoursite.conf

in the site definition file, look for a line that says

1
2

ServerName example.com
ServerAlias www.example.com

where example.com is the domain of your site. You can have more than one alias, just separate them by a spaces on the same line like so.

1
2

ServerName example.com
ServerAlias www.example.com alias2.example.com alias3.example.com

Now you should restart apache.

1

sudo apachectl restart

How to restore factory settings to 10.7 Web Service
This one is important. As stated above you should be backing up these config files before you edit them and then making your changes. In the event that something went wrong you can always reset them back to the original settings.

Run this command

1

sudo serveradmin command web:command=restoreFactorySettings

I got this command by calling Apple directly they also suggested restarting the machine after the restore command, once the computer is back up turn off and then turn on web service to ensure it is working propperly.

Conclusion
All of these commands allow you to leverage Apache and accomplish the tasks that were once easy to accomplish with the Server Admin tool in 10.6 server. There are two options here, learn to love the command line or do not upgrade to 10.7 Lion. Apple is streamlining their GUI interfaces for their tools however there is still power under the hood. Do not be afraid to re-configure these systems Apache, PHP and MYSQL can be installed, modified and improved all from the command line and in some cases they work better after you do. Its not time to quit in my opinion its time to roll up our sleeves and start learning the core of what makes an OSX server truly great and that starts with understanding the open source software that comes bundled with them.

I hope that you all found this article and walkthrough educational, as always please feel free to interact with me by posting questions and comments and I will answer them as best as I can. If you feel like any of this is wrong or could be improved upon also please leave a comment below, thanks!

Installation & Configuration

1. Download and install the 64-bit 10.6+ version of MYSQL installer package together with the startup files here.

http://dev.mysql.com/downloads/mysql/

2. Mount the Disk Image (I mean open/double-click the DMG file) and install MySQL server by double-clicking the PKG file (in my case mysql-5.5.14-osx10.6-x86_64.pkg) and follow onscreen instructions. ( It will ask for Master password, as it installs MySQL server in /usr/local )

Current latest version is 5.5.14 which I’ll be using to install on my server.

Open the DMG and you will see that the first item is the MySQL software, the 2nd item allows MySQL to start when the Mac is booted and the third is a System Preference that allows start/stop operation and a preference to enable it to start on boot. Run all of these.

Once the installs are done you can start the mysql server right from the System Preferences which has a new preference in the “Other” category called “MySQL” click start and now it is running.

To find the MySQL version from the terminal, type at the prompt

1

/usr/local/mysql/bin/mysql -v

If you got the error: ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/tmp/mysql.sock’

then mysql was not started, go back to the System Preference and start the database.

3. Run the following commands

1
2
3

cd /usr/local/mysql
cp /usr/local/mysql/support-files/my-small.cnf /private/etc/my.cnf
open -e /private/etc/my.cnf

replace “/tmp/mysql.sock” with “/var/mysql/mysql.sock” at two places near the top.
Create a folder called “mysql” (if you don’t already have one) in the /var directory with the right permissions:

1
2
3
4

cd /var
mkdir mysql
sudo chown -R mysql mysql 
sudo chmod 775 mysql

This command will circumvent the dreaded mysql 2002 socket error.

1
2

sudo mkdir /var/mysql
sudo ln -s /tmp/mysql.sock /var/mysql/mysql.sock

4. Create your alias, this is important so that you can run MYSQL queries through the terminal.

1
2

alias mysql /usr/local/mysql/bin/mysql
alias mysqladmin /usr/local/mysql/bin/mysqladmin

optionally you can edit the ~/.profile file to make your aliases (This should be done as root)

1

pico ~/.profile

then add this line below

1

export PATH=/usr/local/mysql/bin:$PATH

*Please note /usr/local/mysql is only symlink to /usr/local/mysql-5.5.14-osx10.6-x86_64 which means when you upgrade to new version symlink will be changed to point to new version but won’t be deleting the older version. However you need to copy your data directory to new location to make sure your existing databases are intact post upgrade.

5. Set the master MYSQL password, there are 2 ways to do this one is a regular way and the other provides additional security and disables all other access

Regular Way

1

mysqladmin -u root password 'yourpasswordhere'

** use the single quotes. Then when login to mysql to test your password

1

mysql -u root -pyourpasswordhere

Secure Way

1
2
3
4
5
6
7
8
9

sudo mysql_secure_installation
 
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):

Go ahead and just hit enter if this is a new installation and no password currently exists, follow the prompts to set up a new root password – this is a root password just for mysql separate from the root password of OS X you should set this.

You also get asked about:

• Removing anonymous users?
• Disallow root login remotely?
• Remove test database and access to it?
• Reload privilege tables now?
• If this is a new installation you can just answer yes to the questions.

Once the root user and password is set, you have to interact with mysql with the username and password, so access via command line is (note that there is no space between -p and the password)

1

mysql -u root -p[password]

Now that you have MYSQL running you need to start an instance or a main profile for MYSQL to run. I have found the easiest way to do this is to install PHPMYADMIN and since most people in my opinion (Again novice to intermediate MYSQL user here) use this great tool to navigate around MYSQL on a daily basis. Here is a brief walkthrough on how to install and configure PHPMYADMIN on 10.7 Lion Server

Installation & Configuration

1. Change the socket location in your PHP configuration by editing the php.ini file. You need to do a search and replace here. Search and replace all instances of

/var/mysql/mysql.sock

with

/tmp/mysql.sock

Once done you should be able to run the following command and it should reflect the new updated values you just applied.

1

grep .default_socket /etc/php.ini

while editing the php.ini file you need to comment out or enable the following extensions.

extension=php_mysql.dll
extension=php_mysqli.dll

To check your work again you can run this command to ensure they are enabled.

1

grep mysql /etc/php.ini|grep ext

Once done restart Apache

1

sudo apachectl restart

2. Download PHPMYADMIN to the default web directory in Lion

http://www.phpmyadmin.net/home_page/index.php

The full path is

/Library/Server/Web/Data/Sites/Default

I put my PHPMYADMIN in a folder called PHP so

/Library/Server/Web/Data/Sites/Default/PHP

and I could then browse to it by going to

http://server.domain.name/PHP/

this is assuming that you have already configured or turned on web services which I will not go into here since it is a very basic step. I will write a more in depth article and how to on the complexities of running an 10.7 web server in the future however.

Run this command on the PHP Config folder

1

chmod o+w /Library/Server/Web/Data/Sites/Default/PHP/config

3. Now we are ready to run the set up by going to

http://localhost/PHP/setup

The new server to be configured is the localhost, click new server and then the only other configurations are the local mysql user and the password.

Add in the username, by default “root” is assumed, add in the password, click on save and you are returned to the previous screen.

Make sure you click on save, then a config.inc.php is now in the /config directory, move this file to the root level of /phpmyadmin and then remove the empty /config directory.

Now going to http://localhost/PHP/ will now allow you to interact with your mysql databases.

I hope that you all found this article and walkthrough educational, as always please feel free to interact with me by posting questions and comments and I will answer them as best as I can. If you feel like any of this is wrong or could be improved upon also please leave a comment below, thanks!

Again, since I do not have any looming restrictions in my workplace I have found a piece of software that would never be allowed in larger Government facilities but works nicely for what I need. The problem, from time to time I need to re-image or re-core a massive amount of computers, sometimes hundreds of computers. I have a team of two, me and a Helpdesk Technician. This is a daunting task and since I do not like to work weekends, I find that Deploy Studio Server helps me keep my sanity in such situations.

This freeware tool can be used to create deployment files using Netboot, external USB or FireWire drives, or any AFP, SMB, or NFS sharepoint on the network. DeployStudio works with Mac OS X 10.4.11 to 10.6.8 at this point, and is updated regularly to include new OS versions. The package consists of DeployStudio Server, DeployStudio Assistant, DeployStudio Admin, and diffPackageMaker.

DeployStudio Server creates a network based deployment server containing the images. Assistant is used to configure the server and to create the NetInstall sets, while Admin is used to monitor deployments, manage disk images and scripts, enter configurations, and more. diffPackageMaker can look at the difference between two file system snapshots and create installation packages based on what has been changed or added.

I highly recommend using this fine product if you are in the fortunate position as myself and you are not under any pressure or regulations. This requires the use of an in-house server and it installs itself as a service on it. You configure the service to deploy images that you create, and the best part is that it can perform common tasks that will save you time after the re-imaging process is completed. Tasks like setting the computer name, setting up local accounts, binding the computer to a directory server and much more. I describe it as Apple Netboot + Apple Automater = Deploy Studio Server. This is a useful tool that I highly recommend. Check out this instructional video that goes over how to set it up and use it.

I use Deploy Studio Server in my workplace and can field any questions you may have regarding its functionality, setup and configuration and ease of use. Write me a comment below and I will be happy to help!

What I struggled with for a while as a System Administrator with little experience in the SSL realm was that no matter how many ways I tried to install the certificate for use on my server users would still get warnings saying that the certificate was not trusted. Through some trial and error and luck I figured out the proper steps to making sure that all of your services and your users can use SSL without the heartache of untrusted warning messages. The steps to follow are simple:

1. Create your Self Signed certificate in Server Admin.
2. Generate a CSR request.
3. Import the CSR into the SSL Certificate authority.
4. Import the returned signed certificate into your server.
5. Import the returned intermediary certificate into your server.
6. Configure Apache to work with your certificate.
7. Restart and re-assign certificates to your services.

Step 1:
Launch Server Admin and select the hostname of the server that you are configuring. Chose the Certificate icon to display the “Default” self-signed certificate. You’ll need to edit this to something appropriate for your server. It’s important that you set the “Common Name” field to the fully qualified domain A-name of your server. Once you’ve edited your self-signed Default certificate, you next need to generate the CSR.

Step 2:

In the same pane in Server Admin is the little sprocket pull-down with the option to “Generate a Certificate Signing Request (CSR)…”. A window will pull down with a field to enter an email address. Don’t bother with this. Just drag the certificate icon to your desktop. Sitting on on your desktop is a text clipping that looks like this:

-----BEGIN CERTIFICATE REQUEST-----
MIIBnTCCAQYCAQAwXTELMAkGA1UEBhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRvMRIw
EAYDVQQDEwlsb2NhbGhvc3QxJzAlBgkqhkiG9w0BCQEWGGFkbWluQHNlcnZlci5l
eGFtcGxlLmRvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr1nYY1Qrll1r
uB/FqlCRrr5nvupdIN+3wF7q915tvEQoc74bnu6b8IbbGRMhzdzmvQ4SzFfVEAuM
MuTHeybPq5th7YDrTNizKKxOBnqE2KYuX9X22A1Kh49soJJFg6kPb9MUgiZBiMlv
tb7K3CHfgw5WagWnLl8Lb+ccvKZZl+8CAwEAAaAAMA0GCSqGSIb3DQEBBAUAA4GB
AHpoRp5YS55CZpy+wdigQEwjL/wSluvo+WjtpvP0YoBMJu4VMKeZi405R7o8oEwi
PdlrrliKNknFmHKIaCKTLRcU59ScA6ADEIWUzqmUzP5Cs6jrSRo3NKfg1bd09D1K
9rsQkRc9Urv9mRBIsredGnYECNeRaK5R1yzpOowninXC
-----END CERTIFICATE REQUEST-----

Step 3:
Here is where you will actually purchase the certificate. Head over to GoDaddy or any other vendor that sells SSL certificates and enter your information. When it asks you for your CSR enter the text in your text clipping. Be sure to include the “—BEGIN CERTIFICATE REQUEST…—” and “—END…—” lines! Once your certificate request has been verified you will be ready to proceed to the next step.

Step 4:
Usually within a couple hours, you should get an email with your new SSL certificate. The email will come with instructions, but if you have a stock Snow Leopard Server, it might be better to do it “the Mac way” instead of using their generic Apache instructions.

Back in Server Admin, select that self-signed certificate you edited earlier in Step 1, go to that little sprocket thing again, and this time choose “Add Signed or Renewed Certificate from Certificate Authority…”. You’ll have a window drop down–drag and drop all of the .crt files you got from your SSL provider here. That’s your signed certificate. Server Admin will put all the parts where they belong.

Step 5:
Here is where most inexperienced Server Admins stop, this is not the last step. The certificate is valid in Server Admin however, it relies on the Keychain in the OSX Server to validate requests. Open Keychain Access, you’ll see that it says (in red letters) “This certificate was signed by an unknown authority.” You need add the intermediary certificate to your server. To do so double click on the gd_intermediate.crt file and it should automatically update that certificate to a nice green color and render it as valid.

Step 6:
Now that you have Server Admin configured and the Keychain is happy, you need to add the gd_bundle.crt file and configure Apache. This is less daunting then you might think. You should get a gd_bundle.crt file when you purchase your certificate. If you have a .crt file that has the word “Bundle” somewhere in it then this is the file you need to use. Copy this file to the /etc/apache2/ folder on your server. You will need to copy it as root! If your file is named gd_bundle.crt then copy and replace the one that exists on your server. Once done your finished with this step.

If your file is not named this way then copy the file into your /etc/apache2/ folder and modify the http.conf file located there and update this path, see below:

<IfModule mod_ssl.c>
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    SSLPassPhraseDialog exec:/etc/apache2/getsslpassphrase
    SSLSessionCache shmcb:/var/run/ssl_scache(512000)
    SSLSessionCacheTimeout 300
    SSLMutex file:/var/log/apache2/ssl_mutex
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
    AddType application/x-x509-ca-cert crt
    AddType application/x-pkcs7-crl crl
    SSLCertificateChainFile /etc/apache2/the_name_of_your_ssl_bundle_file.crt
</IfModule>

After saving httpd.conf, test out your Apache 2.2 configuration file by invoking this command.

bash-3.2# apachectl -t
Syntax OK

Step 7:
This last step is the one that had me banging my head against a wall for the longest time. You must restart your server once done, you must go through all of the services running on your server and un-assign, save and then re-assign and save the SSL certificates you need. This is the only way that I was able to get my Mail service and Web services (web sites) working with SSL consistently. Once done another restart does not hurt. Test and verify that everything is working.

I really hope that you find this walkthrough useful. If you did please leave a comment below, post a question or suggest a better, easier or different way to manage and install SSL certificates on an OSX Server.

sudo launchctl unload /System/Library/LaunchDaemons/com.apple.hwmond.plist

which initially threw an odd error, looked at the list of loaded items by running launchctl list on the server and noticed that it was gone. I restarted my XServe and sure enough it had loaded itself. Figuring that there must be something in the OS automatically loading this on each reboot I started searching ways to modify or disable hwmond on my server. In my case I needed to stop the high CPU usage so badly that I was willing to make the tradeoff, of not having hardware monitoring enabled on my system for a modicum of stability for my users, and since this was an email server it seemed like a fair tradeoff. Especially since it looked like the hwmond process could be the process that would cause the most damage to my system if it was allowed to continue and then would be the thing to notify me that the hardware had failed due to extremely high CPU usage over a long period of time. I ran across a post made by Apple http://support.apple.com/kb/TS2066 and decided to take a read, basically the issue that this resolves is hwmond not working and having a tag in the plist file that disables hwmond. Since this was my goal I did the opposite of what the knowledge base suggested, instead of removing the said code from the plist, I put the code into the plist and then rebooted my XServe.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
          <key>Label</key>
          <string>com.apple.hwmond</string>
          <key>OnDemand</key>
          <false/>
          <key>Program</key>
          <string>/usr/sbin/hwmond</string>
          <key>ProgramArguments</key>
          <array>
                    <string>hwmond</string>
                    <string>-s255</string>
          </array>
          <key>ServiceIPC</key>
          <false/>
          <key>Disabled</key>
          <true/>
</dict>
</plist>

Once the server rebooted I was back in business. My server’s CPU usage was back to normal and life was grand. Three days later, I restarted my server for an update to Virusbarrier the software I use to help block unwanted attacks on my server, and the high CPU issue returned. I looked at the hwmond.plist file and sure enough it had been re-enabled. I applied the fix above and restarted and it seemed to take. Well this is by no means a permanent fix but then I found this forum post https://discussions.apple.com/thread/3138473?start=0&tstart=0 It seems as though Apple has been informed of the issue and they are working on a fix. But as an update sceptic I find myself chuckling inside, the 10.6.9 update will claim to fix the hwomond cpu issue but what new issues will lie lurking in the wings to terrorize my system? Only Apple knows or maybe they just don’t have a clue. Hopefully they will come up with a fix, until then I have learned my lesson, I will not update my system so cavalierly in the future. I welcome your feedback and let me know what you have done to combat this issue.

The first step is to download all of the needed files, download the most recent version of Solr, and the Solr for WordPress plugin. The first part of the documentation here will be on how to install and get Solr running and then the second portion will focus on configuring the Solr for WordPress plugin. For this walkthrough I will be using the example application that comes with Solr. ** Before we proceed you need to open the port 8983 in your servers firewall and or hardware firewall appliance for public access.

1. Expand the Solr archive into a folder in the Applications folder called Solr (/Applications/Solr)

2. For testing and development we can use the example application coming with Solr. This application is found at /Applications/Solr/example.

3. Move the schema.xml that comes with the Solr for WordPress in the folder* /Applications/Solr/example/solr/conf/* (add “.backup” to the original file).

Now start the solr application by opening the Terminal and executing the command:

cd /Applications/Solr/example/
java -jar start.jar

Test that your solr server is now available by visiting http://localhost:8983/solr/admin/

now that you have Solr running on your osx server, you need to make sure that it will run in the background even when you logout of the computer. At the moment it is running through Java and when you logout it will stop running. In order to accomplish this you need to create a LaunchD item, this item needs to be placed in the /Library/LaunchDaemons/ folder.

1. Create a new text file name it org.apache.solr.plist

2. Enter the following information into the file

    Label
    org.apache.solr
 
    WorkingDirectory
	/Applications/Solr/example
 
	ProgramArguments
 
	/usr/bin/java
	-Dezfind
	-jar
	/Applications/Solr/example/start.jar
 
    RunAtLoad

Once done, place this file in the /Library/LaunchDaemons/ folder and then run this command in terminal

sudo launchctl load /Library/LaunchDaemons/org.apache.solr.plist

this will load the Launch Daemon when the computer restarts, the next step is to restart your server and then make sure that Solr is running by going to the Solr admin URL http://localhost:8983/solr/admin/ or http://server.domain.name:8983/solr/admin/

Now that you have Solr running on the server, and the schema file loaded then you need to make sure that the Solr for WordPress plugin is installed. Note: Solr, does not need to run on the same server as your wordpress install, we have a dedicated Mac Mini server running Solr and it works great. To install Solr for WordPress follow these steps.

1. Upload the solr-for-wordpress folder to the /wp-content/plugins/ directory

2. Activate the plugin through the ‘Plugins’ menu in WordPress

3. Configure the plugin with the hostname, port, and URI path to your Solr installation.

4. Load all your posts and/or pages via the “Load All Posts” button in the settings page

Note that this plugin requires you to have an instance of Solr using a schema with the following fields: id, permalink, title, content, numcomments, categories, categoriessrch, tags, tagssrch, author, type, and text. The facet fields (categories, tags, author, and type) should be string fields. You can make tagssrch and categoriessrch of any type you want as they are used for general searching. The plugin is distributed with a Solr schema you can use at solr-for-wordpress/schema.xml.

Now that the plugin is installed and active, login to the administrative area of your WordPress website and go to the “Settings –> Solr Options” area. Once here enter the IP address or Fully Qualified Domain that is running solar. Enter the Port, which in this document is 8983 and enter /solr for the path. Once done, press “Save Changes” it will test the connection to the server and will let you know if it can connect or not.

Once you have gotten the plugin to connect you can “Load All Pages” and “Load All Posts” to build your initial Solr database. Your almost complete now you need to integrate the search results that you get from the Solr server into your WordPress website.

Custom Theme Integration

1. Create a new theme file called “s4w_search.php”.

2. Insert your markup, use template methods s4w_search_form() and s4w_search_results() to insert the search box and results respectively.

3. Add result styling to your theme css file, see solr-for-wordpress/template/search.css for an example.

4. You can use the search widget in your sidebar for search, or use a custom search box that submits the query in the parameter “s”.

For more information about integrating Solr into your WordPress website you can go to http://wordpress.org/extend/plugins/solr-for-wordpress/

I certainly welcome your feedback so if you have an questions or comments feel free to post them below.

When 10.5 server came out not only were there personal calendars but group calendars. The difference was that the personal calendars allowed the user to fully manage their calendar both on the web and in iCal however Apple still maintained that group calendars would be only subscribe-able in iCal. The difference here was that many users found workarounds that allowed the fully managed solution of group calendars in iCal by using the following methods.

Method A: Creating a user account and changing the server path with the “groups” variable. (Solution)

Method B: Creating a user account and changing the server path with the “wikis” variable. (Solution)

This worked but much needed security updates broke both of these solutions causing unnecessary stress on the Apple user and the Apple systems administrator. The most recant update to 10.6.4 caused the group calendars in iCal to stop working entirely and cause an almost never-ending string

of login failed errors on the users computer. This made it very frustrating for Administrators who are trying to sell the idea of a wiki server as being a great web based and iCal based interface for users. In Apples defense they never officially claimed to support group calendaring in iCal.

One of the reasons for this was probably because of the volatile nature of the group account. In 10.5 server group calendars were maintained and created using workgroup manager in 10.6 server they were separated entirely and now the administration of group wikis is all done through their web interface. Due to the separation groups that once had a unique UID, username and password were demoted to the basic functionality of a web folder and directory for the purpose of internet data organization.

With this in mind I was very pleased when Apple released its 10.6.4 Wiki Server update. The thing that really made me happy was the fact that now they have officially come out and are supporting group calendars in iCal. This is awesome finally what we have been waiting for. The best thing is that in true Apple fashion their update offers an elegant and much faster solution.

So how do you setup group calendars in 10.6.4? The answer is not really surprising as it takes some of the steps used in previous solutions.

Oddly enough this solution was and should be credited to a user on this post who had originally tried to get group calendars in iCal working in 2009! Looks like Apple took some much needed advice in this arena and I am very happy that they have officially started supporting this much needed feature.

If you poke around the bind config files on your OS X Server, you’ll be able to see how apple has set them up so that you can edit them directly without confusing the GUI. /var/named contains zone files that you may edit, and they include corresponding files in /var/named/zones which you should not edit. They’ve done something similar for /etc/named.conf and the files in /etc/dns/.

Having said that, I recommend not doing both internal and external resolving for split-horizon DNS on your server, mainly because:

1. It’s kind of complicated, and you lose any convenience you had when you were able to use the GUI exclusively
2. You have NAT, which makes it even more complicated
3. There are solutions available from third parties that are better-performing, cheap/free, and more robust

In my organization, we use DNS in Mac OS X Server extensively for the internal part of a split-horizon setup. We use the “Advanced DNS” part of a network solutions account for the external part. It comes free with the domains we’ve purchased, and has redundancy and speed far greater than what I could justify for hosting a handful or externally-resolving names myself.

You need to reconfigure BIND to use “views” with two different versions of your zone file, such that access from inside your network gives the 192.168.1/24 (internal) addresses, but requests forwarded from outside (via your 2-Wire router) give out your static public IP.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

acl internal {
    127.0.0.0/8;
    192.168.1.0/24;
};
 
view "internal" {
    match-clients { internal; };
    zone "mydomain.com" {
        type master;
        file "/etc/bind/internal/db.mydomain.com";
     };
};
 
view "external" {
    match-clients { any; };
    zone "mydomain.com" {
        type master;
        file "/etc/bind/external/db.mydomain.com";
    };
};

For more information check this out it is a How To with more detailed instructions for Split Horizon DNS configuration.