Category Archives: Server Administration

Summarize how often databases are opened in FileMaker Server

We needed to quickly know how often various databases were being opened on a client’s server.

If you have Access logging enabled and are using a Mac OS based system, this shell snippet will give you a nice summary of how often each database has been opened:

awk -F" '{ if($3 == " opening database ") print $4;}' '/Library/FileMaker Server/Logs/Access.log' | sort | uniq -c

Unfortunately, it won’t show you a count for databases that were never opened within the scope of the current access log.

Simon.

Fail2Ban with FileMaker Server

I needed to configure a FileMaker Server (FMS) that would be an isolated system and accessible via the Internet.

Besides other precautions, like locking it down on the firewall as much as possible, changing the default SSH port, etc., I wanted to give the system some ability to defend itself against malicious access. FMS will prevent this to some extent, largely due to how the FMS Admin Console and the FileMaker client are designed.

Continue reading Fail2Ban with FileMaker Server

Debugging Apache with OSXS 10.8 Server 2.2

Besides being a bit of a mouthful, debugging Apache configuration issues has gotten slightly more complicated after Apple released the Server 2.2 update for Mac OS X Server.

Formerly, you could do a basic configuration check this way:

# apachectl -t

Continue reading Debugging Apache with OSXS 10.8 Server 2.2

List cron entries for all users on Mac OS X

I needed to investigate why a script was being run, and I was pretty sure cron was launching it. The problem was, little useful information was being logged, and no one was sure how it had been set up or what user it was under. Although launchd is now the preferred mechanism on Mac OS for these kinds of things, you’ll still see many systems where cron is being used.

First, you want to become the root user. The following Terminal command is one way to accomplish this:

sudo -s

Continue reading List cron entries for all users on Mac OS X

Port forward for a Cisco ASA using ASDM

I wanted to quickly create a firewall port forward (AKA NAT rule) for the Terminal Services port on a Cisco ASA 5505. Since it had initially been setup using ASDM, it seemed natural to also create the port forward this way.

Unfortunately, my first few attempts didn’t work. Some searching only turned up examples using an older method that no longer works with newer software. In the end, I think the mistake I was making was in the very first step — the originating interface should be inside, not the outside interface. Here’s the exact steps I took to create this.

Continue reading Port forward for a Cisco ASA using ASDM

Using hostname for wiki with OSX Server

We have a wiki server running Mac OS X Server 10.6, and rather than have users type something like this:

http://bbox.beezwax.net/groups/bbox

which would be the standard URL, we instead wanted to use the much simpler:

http://bbox.beezwax.net/

Continue reading Using hostname for wiki with OSX Server

Setting permissions for FileMaker Server’s Database folder

The Problem

Most FileMaker Server setups on OSX that I have seen are using the default permissions as set by the FilerMaker Server (FMS) installer. When viewed in the Terminal, they look like this:

These permissions say that the fmserver user and the fmsadmin group both have read, write, and execute permissions to the folder and it’s contents. So far, so good. But who’s getting those read and execute permissions? Why, EVERYONE does! Although there can easily be exceptions depending on a server’s configuration, it’s likely this means that any user with shell/SSH, SFTP, ARD (Apple Remote Desktop), or VNC access will have read access to all your live database files and their backups. If you are storing data in in the FMS Documents or scripts in your Scripts folder (especially those that might contain passwords) you may have additional security issues.

Continue reading Setting permissions for FileMaker Server’s Database folder