Apple OSX

the world lost one of the biggest men.

RIP mr. Apple

The two basic principles of Windows system administration:

For minor problems, reboot
For major problems, reinstall

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1/configuration/guide/swvoip.html

Configure QoS for VOIP Voice Traffic:

By using quality of service (QoS) on Cisco network devices helps provide both bandwidth and priority to certain types of network traffic. The network administrator tells the network devices which traffic requires what bandwidth and priority. It’s important to understand the difference between bandwidth and priority. Priority means network device like Cisco Router or Switch give that traffic priority by sending it before than other traffic and they give the traffic bandwidth by sending more of it than other traffic.

QoS configuration is very complex. There are many different ways of implement QoS on Cisco Routers. Follow the step by step QoS configuration on a Cisco router.

Step 1: Define the VOIP traffic in ACL

You have to define the traffic on Router which traffic you want to give QoS (Priority or dedicated Bandwidth), which you can accomplish either using an access control list (ACL) or using Network Based Application Recognition (NBAR). An ACL is the traditional way to define any traffic for a router. With NBAR, however, the router just recognizes the traffic traveling through the router–it knows that HTTP is HTTP etc. But there’s a limited list of protocols and applications that the router recognizes.

Cisco Router won’t recognize every single application, each IOS upgrade adds more to the list. In below example i created access-list for VOIP traffic.

Router(config)#access-list 105 remark access list for voip traffic for QOS

Router(config)#access-list 105 permit udp any any eq 5060

Router(config)#access-list 105 permit udp any any eq 5061

Router(config)#access-list 105 permit udp any any range 5000 10000

Router(config)#access-list 105 permit udp any any range 10000 20000

Router(config)#access-list 105 permit ip host 127.0.0.1 any

Router(config)#access-list 105 permit ip any host 127.0.0.1

Router(config)#access-list 105 permit ip host VOIP-host-here any

Router(config)#access-list 105 permit ip any host VOIP-host-any

Now you can find , i added VOIP traffic in access list 105 like SIP server traffic (5060, 5061) , RTP traffic, VOIP hosts here to any and any to VOIP hosts here to add match in class-map for QOS.

Step 2: Create a class-map for VOIP traffic:

A class-map defines the traffic into groups. In this example, i created a class-map called voice and put all VoIP protocols under it.

Router(config)#class-map match-all voice

Router(config-cmap)#?

QoS class-map configuration commands:

description Class-Map description

exit Exit from QoS class-map configuration mode

match classification criteria

no Negate or set default values of a command

rename Rename this class-map

Router(config-cmap)#match access-group 105

Step 3: Create a policy-map for VOIP traffic:

A policy-map matches the classes from the class-map with how much bandwidth or priority you want to give this traffic. I created policy-map called voice-policy and defined class-map voice under policy-map voice-policy.

Router(config)#policy-map voice-policy

Router(config-pmap)#?

QoS policy-map configuration commands:

class policy criteria

description Policy-Map description

exit Exit from QoS policy-map configuration mode

no Negate or set default values of a command

rename Rename this policy-map

Router(config-pmap)#class voice

Router(config-pmap-c)#?

QoS policy-map class configuration commands:

bandwidth Bandwidth

compression Activate Compression

drop Drop all packets

exit Exit from QoS class action configuration mode

netflow-sampler NetFlow action

no Negate or set default values of a command

police Police

priority Strict Scheduling Priority for this Class

queue-limit Queue Max Threshold for Tail Drop

random-detect Enable Random Early Detection as drop policy

service-policy Configure Flow Next

set Set QoS values

shape Traffic Shaping

Router(config-pmap-c)#priority 1024

Router(config-pmap)#class class-default

Router(config-pmap-c)#fair-queue

Step 4: Apply the policy-map of VOIP traffic on the Router interface

Like an ACL, you must apply the policy-map to the specific interface then only it will affective. You can apply the policy-map in either output or input mode using below command:

service-policy output|input {name of policy-map}

If you’re using NBAR to recognize the traffic, you must also use the ip nbar protocol-discovery command on the interface. This enables NBAR to begin looking at the traffic.

Router(config)#interface FastEthernet0/0

Router(config-if)service-policy output voice-policy

Router(config)#interface Serial0/2/1

Router(config-if)service-policy output voice-policy

1.. They are hiding under the stairs
2. They are on holiday for the first time in 5 years
3. They are in the cellars conducting the rituals to keep the machines running
4. They are in hospital suffering from an overdose of caffeine
5. Taken away by the police after killing the last user who asked a stupid question
6. You *have* a system administrator ?
7. You walked past the table they were gibbering under
8. The Sysadmin has built a maze with the door to their office at the center
9. You *are* the system administrator
10. You missed seeing the system administrator asleep under their desk
11. The admin is chained to their desk in a dungeon only the CEO has the key for
12. The admin’s off explaining to the management why they need an assistant.
13. The admin is suffering so bad from sleep deprivation that they may as well not be there for all the sense you can make of the words they are saying.
14. You are afraid that the admin will use you as a punch bag so you are searching for them, but desperately pray that you don’t find them.
15. The admin came to work disguised as a tea boy to avoid talking to users
16. The admin electrocuted themselves whilst installing some cabling near the main power cable. Since the admin’s body is the only thing keeping the power flowing, the management boarded up the body and pretended they still had a system administrator
17. The admin is stuck in a lift shaft pulling network cable to another floor
18. The admin is getting Jolt out of their under-floor cache
19. The admin is hiding on the roof
20. The admin is looking up the BOFH excuse of the day.
21. The admin is out buying some caffeine.
22. The admin is busy installing xfishtank on the main file server.
23. The admin is out buying refills for the Nerf(TM) crossbow.
24. The admin is locked in the computer room playing Deathmatch.
25. The admin is booted to DOS and is playing doom across the network.
26. The admin went to Stop&Go to get ANOTHER case of insert favorite caffeinated beverage here
27. The admin went to the room with padded walls that nobody dares open when the door’s closed
28. The admin managed to find time to sleep for an hour or two
29. The admin just found out he had a two-month-old child, and is getting re-acquainted with his SO (and the new child)
30. The admin is playing netrek
31. The admin is in the hospital after being severely injured by a falling soda can mountain
32. The admin is closeted with boss trying to explain why (s)he uploaded a user to seven.rings.of.hell.com
33. The admin is at the hospital having his/her fingers splinted after typing 100 times “NO, you cannot use your old address after our domain name changes. Please go read the announcements that we have been posting for the last three months.”
34. The admin is catching twenty winks under the floorboards, tread gingerly
35. The admin is watching the building electrician trip a circuit breaker that will reduce the company ‘frame to rainbow-colored slag
36. The admin is out by the turnpike waiting for a case of Jolt to bounce out of the truck after it hits the speed bump
37. The admin is out back beating a luser into corn mash who asked “When will the system be back up” one time too many
38. The admin finished a double shift and is out back wondering what that big burning ball in the sky is
39. The admin is busy packing up to go to a site that has contemporary hardware
40. The admin is engaged in a staring contest with a pack of evil dogs
41. The admin is on the phone trying to talk his wife out of buying a house without ISDN
42. The admin is sitting under the desk, hysterical at what the (l)user just asked
43. The admin is at the pub, it’s all *too* much
44. The admin is standing behind you, holding an axe
45. The admin resigned in disgust five minutes ago
46. The admin is in a meeting with the boss to discuss poor user response times
47. Just look up at the ceiling (Think ‘Aliens’)
48. The admin can’t be reached via phone or e-mail because (s)he is too busy on Usenet telling everybody how busy (s)he is or thinking up 101 reasons why (s)he can’t be found
49. The admin is hiding under a table so that (s)he will not be the one sitting for hours watching Ultrix reinstall from a single-speed CDROM because the users who inexplicably have root access have destroyed the file system again during a misguided attempt to “improve” /etc/rc by repartitioning the disk at boot time “so that it doesn’t forget”.
50. We have a ‘secure room’ here – bloody great lock on it. I hide in there
51. The Grey Wall(tm) has fallen on them and no one has noticed their absence. [clunk....clunk...help!....anyone?]
52. They’ve gone to find some more coffee. Sysadmin has left the building!
53. They’ve snapped, started muttering about “this damned post office”, and left for the nearest gun store
54. They’re out on an interview
55. They’re seeing a therapist who doesn’t have any computers in their office, a non-threatening place
56. They’ve gone to a computer museum to beg for parts for the PDP-10s running the place (ala Compuserve)
57. They’re out looking for an ad in any media where DEC mentions OpenVMS
58. They’re planning where to be on 01/01/2000, when all of the MVS systems, and some older minis in mission-critical applications like process control turn to crap. They may be shopping for a bomb shelter if SAC’s launch control systems only have a two-digit year.
59. They’re at a travel agent’s, booking a vacation to friendlier place, like Iraq
60. They’re out fomenting rumors that the Windows 95 cd-roms have the Church of Scientology’s copyrighted teachings hidden on the disk
61. They’re meeting with Guido, to put out a contract on the parties that started the open systems myth
62. They’ve gone to Oklahoma City, to enroll in the FAA’s Air Traffic Controller training program, to start a less-stressful career
63. They’re seeing a commodities broker, to arrange direct deposit of their paychecks into buying coffee bean futures.
64. /pub/lunch
65. Look better. He/She is probably in the basement somewhere behind the modem racks
66. The admin finally took a day off
67. It’s 9 AM. He/she is not working that late.
68. Vendor demonstration
69. Convenience store across the street opened
70. Pizza delivery is at the front door
71. The admin is sleeping under the floor tiles
72. The admin is on some floor, in some wiring closet, trying to fix things
73. The admin is in the dumpster behind the building trying to get rid of some frustration by using a sledgehammer on the Macs
74. The trauma induced by repeated attempts to install Solaris 2.5 pre-beta on an Intel system has forced him to seek psychotherapy
75. The admin is still trying to come down from inhaling too much tape head cleaner
76. The admin is out chasing the rodents off of the twisted pair/power lines
77. The admin has gone home to sleep (1st time in x days)
78. The admin has been convicted of computer crimes
79. What was your username?
80. The admin is emptying the bit buckets
81. They finally caught him/her for that big site-massacre (s)he thought (s)he’d gotten away with
82. ObReason n+x: Your system administrator is walking in circles outside saying “TUESDAY? They want it by TUESDAY? TUESDAY?”
83. rcp $FAV_RESTAURANT:$FAV_FOOD /dev/stomach
84. The admin is hiding in wiring closet
85. The admin is outside having a smoke because it’s illegal in the building
86. The admin is on the roof of the building, contemplating jumping
87. The admin is on the roof of the building, contemplating which users to throw off
88. The admin is on the roof of the building, contemplating traffic
89. The admin is on the roof of the building, contemplating
90. The admin is in his/her manager’s office, trying to explain why the manager gets lots of calls from lusers who can’t find the Sysadmin
91. The admin is in his/her manager’s office, trying to explain why the “real” (programming) work doesn’t get done. Manager doesn’t understand — when he gave you this job, he said it would only take a couple of hours a week….
92. The admin is in luser’s office, trying to explain why “export VAR=xxx” from one xterm window doesn’t have any effect on the other windows. “But they’re all on the same Xstation — what’s the problem?”
93. The admin is down in the administrative offices fixing one of their DOS boxes
94. The admin is out getting a caffeine fix
95. There’s more caffeine than blood in his veins, and he was last seen hopping down the hall pretending he was a pogo stick
96. The admin is too busy playing with the Web
97. …reading news
98. …sleeping
99. …reading other peoples email (not that I do this…)
100. …installing the latest Xgame on the main fileserver (this is real cool)

to speed up osx lion, just turn the dashboard off.

here how to :
To turn Dashboard off:

Open terminal then type :

defaults write com.apple.dashboard mcx-disabled -boolean YES
killall Dock

To turn Dashboard on:

Open terminal then type :

defaults write com.apple.dashboard mcx-disabled -boolean NO
killall Dock

even an administrator needs a beer! – so – cheers – ill take one

Here’s how to “reset” an installed Mac OS X and virtually return to a “virgin” state with a welcome screen prompting the user to setup and customize his Mac OS X installation:

1. Press Command-S during startup to get into single user mode
2. Check the filesystem:
# /sbin/fsck -fy
3. Mount the root partition as writable:
# /sbin/mount -uw /
4. Remove the hidden .AppleSetupDone file:
# rm /var/db/.AppleSetupDone
5. a) For Mac OS X 10.5 ‘Leopard’ and newer, do:
# launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
Repeat for every user previously defined on the machine (replace {username} with the real user name):
# dscl . -delete /Users/{username}
# dscl . -delete /Groups/admin GroupMembership {username}
5. b) For older versions of Mac OS X, do:
# rm -rf /var/db/netinfo/local.nidb
6. Remove the home directories of users. For every user do (replace {username} with the real user name):
# rm -rf /Users/{username}
7. If applicable, remove already created files in root’s home directory, e.g.
# rm /root/.bash_history
8. Reboot:
# reboot

That’s it!

OS X 10.5 Server comes with a Radius server, but at the surface, it seems that Apple only ships with support for wireless access stations. However, the foundation is a fully working FreeRadius server.

When trying to get the Radius server to work together with our Checkpoint firewall for VPN authentication, I found that the Radius server tries to authenticate the users against the /etc/passwd file. However, for authorization, it correctly queries the OpenDirectory. I opened a support call with Apple, and I eventually received the following instructions to change the behavior.

Read on to see the response I received from Apple…

Here’s what Apple told me…(robg adds: I have trimmed the email from Apple, and edited it a bit for easier reading, but I didn’t modify any of the actual instructions):

Apple included RADIUS services in Leopard server to Apply support for our own Access points, (Airport Express and Extreme), Apple may continue work to implement further functions and support, but at this stage, RADIUS in Leopard Services configures AirPort Base Stations. But as you pointed out under the hood, Leopards RADIUS Service is really ‘freeRADIUS.’

Regarding this error:

Tue Nov 20 15:02:19 2007 : Auth: rlm_opendirectory: User <****> is authorized.
Tue Nov 20 15:02:19 2007 : Auth: rlm_unix: [****]: invalid password

By default, the RADIUS process doesn’t know how to deal with the request when it comes in, so the request falls through to the default authentication type of a Unix password file (System). In other words, it doesn’t know to look in OpenDirectory for the MAC Address. To correct this, you need to change one line in /etc/raddb/users. At about line 153, you’ll see this:

DEFAULT Auth-Type = System
Fall-Through = 1

Change this to:

DEFAULT Auth-Type = opendirectory
Fall-Through = 1

After making this change, you’ll have to restart the RADIUS process, this should solve your issue. Furthermore, the logging pane may not show all information that is needed to troubleshoot RADIUS issues. But as the service is based on freeRADIUS, there are more logs that can be started (and stopped). Specifically, the RADIUS process can log all authentication requests, along with a valid password or invalid password. To do this, type the following in terminal from the server:

$ sudo radiusconfig -setconfig log_auth yes
$ sudo radiusconfig -setconfig log_auth_goodpass yes
$ sudo radiusconfig -setconfig log_auth_badpass yes

multitouch gestures
you’ll be able to swipe through photos, slides nad web pages

fullscreen applications
With Lion, Apple has built in a standard method for developers to build fullscreen apps. With fullscreen apps running, a simple swipe gesture will let you switch between the apps, your desktop, etc.
Safari, Mail, iCal, Preview, Photo Booth, et al. will all be full screen

Mission control
With Mission control, one unified simple gesture will show you a birds eye view of everything going on. At the top of Mission Control, you’ll be able to see all of your Spaces. Gestures will include the ability to flick the page around, just like iPhone. “smart zoom” lets you double tap with two fingers on the trackpad, just like iOS!

Launchpad
one simple gesture, pinch method, shows you your apps, when you download and install apps, they’ll be added right into launch pad

Resume: brings you back to where you were when you quit.
Doesn’t just work with apps, works system wide. Next time you shut down and restart your mac unexpectedly, no worries, it’ll bring you back

Auto-save
Now Lion automatically saves your docs in the bgrnd without you having to do anything, If you never want to auto save over a document, you can lock the document.

Versions
You can browse all versions of the documents and it brings up an interface that looks like Time Machine.

AirDrop
You can have your computer, your friends have their computers, and when you’re trying to share docs between them. With AIRDROP menu option, when you select it, you’ll see yourself in the center and the people around who are sharing things at the same time. drag a doc on top of your friend’s picture to share with them. on their end, it’ll ask if they want to receive it and then it auto downloads it into their downloads folder.

Mail
Message snippets from iOS now built into Mail and new search feature. if you start typing what you’re looking for, it looks for whether it’s a person or a subject and asks you if you want that.
Lion also has a new conversation view, Looks a lot like the iOS version of Mai