So I was getting annoyed that I couldn't claim my weblog via Technorati without faking it, as blojsom requires a trailing slash at the end of the URL to go to the correct blog, and Technorati strips the slash from your url when you submit it.

Googling around brought up an entry by andwest talking about using UrlRewriteFilter to solve the problem. He'd set it up for a single case, but I wanted to get a general solution going, as I've got nearly 2000 blogs running on the staff and student blog servers here.

After faffing around a bit in Regular Expressions land with Java Pattern Matching, I ended up with this rule that seems to do the job happily enough.

        <rule>
        <from>^/blog/([a-z]*)([^/])$</from>
        <to type="redirect">/blojsom/blog/$1$2/</to>
        </rule>

This is with UrlRewrite just installed into the blojsom context, not the whole server, so it will rewrite an url like:

http://staff.cofa.unsw.edu.au/blojsom/blog/nigelkersten

to:

http://staff.cofa.unsw.edu.au/blojsom/blog/nigelkersten/

So as part of my eternal quest to never ever have to deploy services that require their own authentication database, I’ve been poking around for a good Wiki for OS X that can authenticate to Open Directory without too much faffing around.

As my main aim for setting up a Wiki was to provide a space where we could have collaborative documentation, I was quite pleased to run across DokuWiki, and even more pleased when I realised that it had a built in ACL framework that supported LDAP authentication.

If you scroll down to the bottom of the auth_ldap documentation, you’ll see I’ve put in the settings needed to get authentication against Open Directory working.

Works like a charm, and the syntax is easy enough that it is making documentation nice and simple.

Props to Andreas Gohr for such a nice software package.

We mustn't have tested this thoroughly enough when we were forced into rapidly deploying 10.4 on our labs of new iMac G5s, but we started having major problems with DropBoxes on our 10.3.9 AFP servers.

Network users logging in on a 10.4.x client were unable to write files to DropBoxes, although when using a 10.3.x client, there were no problems.

After tearing my hair out over it for a little while, I posted to the very useful MacEnterprise.org mailing list, and Greg Neagle came up with a solution for me.

On your AFP server, do:

serveradmin set afp:noNetworkUsers = y

This moves you from mapped permissions (where everything appears to be owned by the user and permissions granted are effective rather than real) to showing the real underlying FS perms, as long as the RecordName and UniqueID of the logged in user match those reported by the client.

Apparently this may not be an optimal solution if you have a mix of network and local users, but as all of our users are either straight up network users, or mobile accounts, this has worked seamlessly for us.