Roadblocks Overcome – Samba, LDAP, iTunes and Authentication

17 09 2009

It’s time for one of those long chatty posts about goings on at Chez Geek, where obstacles are overcome (and reestablished), perfectly working solutions are broken, and equipment is flung about.
Today’s challenges – getting yawl to play with the other machines nicely.

I’ve had my Macbook Pro almost a month and a half now, and things are going swimmingly. Each day I find my mind further being dragged into SteveTopia. It’s a nice warm fuzzy place. They have cookies!
Alas, one cannot live in a void, and I realized I needed access to all the media I had stored on my media server (imagine that). So I rolled up my sleeves (tricky with short sleeved shirts, ow), and got to work.
## First, clean up the LDAP mess.
Almost a year ago, I started working on setting up a central authentication mechanism for all the machines at Chez Geek. Using a Zeroshell host, I was able to get PAM to consider the zeroshell host an authentication server, and set up Kerberos tickets and some level of LDAP. Unfortunately, that machine has gone away, I’ve moved, everything has reshuffled, and now yawl has no LDAP server to talk to. The end effect of this was VERY slow logins to yawl (which is now running headless on my server shelf). I could ssh in, but there was a long pause while an LDAP lookup was attempted, and eventually ‘fell back’ to the local credentials. Had to change that.
The fix was to modify /etc/pam.d files to strip out the LDAP calls. The critical ones were:
account required
auth required nullok_secure
As far as the ‘login’ file is concerned, I apparently had twiddled it at some point, so I restored it back to the default, and that seemed to do the trick.
Hooray! I could log in sanely!
### Samba goofiness
So the challenge at hand was “How can I get my media volumes exported in a way that my mac could mount them and import music into iTunes?” – Initially I looked at ssh clients (fail), then I considered using NFS (more fail, but this more on the yawl side), then I hit upon “Wait. These can just be Samba shares. OSX supports them without a problem.”
So off I went to try and get Samba to export the volumes. Alas, tons of LDAP related fail here, I had apparently hax0red the smb.conf file beyond all hope of rescue. A restore of the system default smb.conf, plus adding a media block thusly did the trick:
comment = Media drives
path = /media
guest ok = no
browseable = yes
create mask = 0600
directory mask = 0700
read only = yes
Once I did that, restarted samba, and gave the Mac the address “smb://”, I was presented with a happily browseable media directory. Booyah!
### iTunes 9 and Importing
So, yes, I’m rapidly closing in on the Apple fanboy wagon. I can see it just over the hill. I think their UI design is magnificent.
Maybe it’s just because everything else ‘just works’ – but when something doesn’t work, it’s INSANELY frustrating.
Today’s annoyance. If you ask iTunes to import in media from somewhere, and it’s below a certain ‘count’ (maybe time, maybe filesize, whatever), iTunes gives NO indication it’s actually doing anything. I imported the same media directory 3 times before I realized that it had already imported the album. If you happen to have your music list in the position where the new tracks will show up, you’ll see them appear, greyed, until the import is done. But if you don’t, iTunes is dead silent about the fact that it’s busy importing and converting files for you.
Dear Apple. A small “Working…” icon would do wonders in iTunes. Luv, me.
### Conclusions
So, lets run down the checklist:
* Logins fixed on yawl. Check.
* Samba volumes exported. Check.
* Macbook can easily mount the volumes and browse them quickly. Check.
* iTunes import copies in music and loads it. Check, with a small growl.
I’m ecstatic to have access to my media again (about 400gig of most of my CD collection), and doubly so that I have it in a way that lets me easily import into iTunes and then sync with my iPhone. Makes me iHappy.




One response

23 09 2009
Brad Choate

(Testing by request.)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: