File permissions are something systems administrators deal with every day. Usually when somebody can’t read something on the server, and they need you to figure out why. In multi-user environments, however, what people can’t read is often as important as what they can, and by default the Mac OS X Finder may allow people to read far more than your users expect.

While never technically required (though often politically desirable), hiding local administrative accounts on Leopard workstations and laptops is one of the most popular requests we receive from IT personnel. The most common scenario is removing a pre-existing administrative account from view. This is a typical approach when building a disk image for manual cloning or installation via NetInstall, and in this article we’ll take a look at the steps it requires.

Disk mirroring, where data is written to two disks simultaneously, is a great low cost method to protect against single-disk failure and improve read-intensive performance. Apple’s Disk Utility provides an easy way to set two disks up as a RAID mirror prior to installation. Once the operating system has been installed, though, OS X can’t mirror an existing drive without completely reformatting. Unless, of course, you choose to do some from the command line.

Just because solving a problem is easy doesn’t mean it’s an easy problem. The issue of “corrupted” or out-of-spec font files causing operating system or application crashes is a long-standing thorn in the side of Mac users and administrators. That’s because font files are software that interacts directly with the OS, but that software is often judged (and purchased) on aesthetic, rather than technical, grounds. While the problem of bad font software isn’t likely to go away any time soon, it’s at least possible to solve the problem of locating and removing those files.

If you’ve ever had to troubleshoot a Mac OS X machine, you probably know how invaluable the system logs can be. By simply opening the Console application in the Utilities folder, you can browse the information logged by almost any process on the machine. But how can you compare that data over a large number of systems, or look at the logs for a machine that isn’t right in front of you? It’s simply a matter of properly configuring syslogd.

You’re looking for an email invitation you sent months ago, but the option to search through each “Entire Message” in Mail is grayed out entirely. Instead, you search iCal for the appointment itself, only to find the results are empty. Thinking you have the minutes stored somewhere on your hard drive, you try searching in the Finder but discover that even items displayed in open windows can’t be located. Spotlight indexing has broken on your local machine.

If you aren’t lucky enough to have corporate servers that run AFP, you’ve probably had just about enough of the .DS_Store files that Mac OS X leaves lying around your Windows SMB and Linux NFS shares. While the files are turned off by default in Leopard, there are enough Tiger and Panther servers around to drive underfunded IT departments mad.

Last week in part one of this article, we learned how to configure a single OS X Server to provide DNS. This week, we’ll look at providing redundancy with a secondary DNS server and configure our client machines to receive our new DNS settings.

Providing a consistent user experience across multiple machines is a common way for system administrators to minimize troubleshooting time and facilitate training. A new user begins work with a standardized environment, designed for their organization and familiar to those around them.

For a much-ballyhooed feature when Leopard premiered, iCal Server has had a checkered history, dangerously unstable for its first few minor updates and providing little more than database corruption, frustration, and an excuse to use the word “ballyhooed”. Now that things have calmed down, many companies are experimenting with the service to see if it’s ready for production.