Aside

One of my household IT projects this weekend was to build and deploy a samba4 Domain Controller. I know marginally more than zero about Active Directory, but I am not even exaggerating a little when I say I understand the behind the scenes glue a thousand times better than I did on Friday. 

I can’t tell you how to do anything in the GUI, but I can sure as shit manage a GPO with zsh and vim. 

(To be fair I have used various LDAPs, was using Heimdal when it was introduced to OpenBSD-CURRENT, but still, I’m rusty on all of it and wasn’t ever an expert. #humblebrag)

My Distinguished Name

Aside

I had to manuver about 800GB of research databases (I use DEVONthink Pro Office) from one zfs filesystem to another because at some point after OS X Server got ahold of my Research volume the permissions and filesystem ACLs went bananas and DEVONthink was completely baffled by it.

Solution was to use Apple’s ignorant-of-xattrs-and-ACLs

to move it to another filesystem where everything is fine. So sometimes it’s good to have a broken

available. Still can’t be certain it won’t happen again and I’d like a more elegant way to recover.

And no, smart-asses,

did f-all to fix anything. Oh, it ran alright. But

still listed long ACLs on everything after supposedly removing it. I suspect it’s something to do with posixacls, and ACL inheritance in OpenZFS’s options, or the mimic HFS+ code is involved somewhere.

Either way, I was sweating recovering those databases with long restore times from Google Nearline until I tested one and it was fine again. Going to alter my backup destinations for different databases anyway to rely on S3 for my Personal and Household stuff at least. Oof.

What a pain.

 

Filesystem ACLs on OS X are Tedious