A while back, when 10.5 first shipped, my boss and I were intrigued by iCal Server. And after getting it going, we found that for some reason, we couldn’t set a calendar server for our users. We’d set the calendar in Workgroup Manager (WGM hereafter), hit save, and right after that, WGM would uncheck the box, and set it back to none. Something was weird with our accounts. My boss deleted his account and recreated it, and that fixed it. So, the problem was obviously something with the “old” accounts on the system (e.g. the accounts that had been migrated from 10.1 -> 10.2 -> 10.3 -> 10.4 -> 10.5. Some attribute didn’t get added.
At first glance, the obvious missing one was there was only one authAuthority entry in our user accounts. Just the ApplePasswordServer entry, no Kerberosv5 entry. And deleting and recreating his account remedied that. So, I put it on the back burner because we figured out that iCal Server was kinda buggy, and later found out that the iPhone couldn’t write to it, just read (no good). When 10.6 was announced, and we heard that iCal Server 2 supported read/write from the iPhone (with version 3.x+ of the iPhone software), I started thinking about it again. So, I looked at the attribute, and figured out that a single “sed” would create the attribute I needed. So, I coded up this. And figured, problem solved.
Alas, it was not. While testing a migration of 10.4 email (cyrus) to a 10.6 server (dovecot) using the migrate_mail_data.pl script, I noticed at the end, the script renames the imap spool folders after the user’s UUID. It failed to rename them for several users (like me) because we didn’t have a UUID. Then it hit me, iCal Server’s URLs contain the UUID for the user. No UUID, no iCal Server calendar. DOH! So, I took the Kerberos script, changed it a bit (using uuidgen), and batch added UUIDs for all the users that didn’t have them (Script here. Re-ran the migrate_mail_data.pl script, and viola, all the spools got renamed. Now, I’m not sure if this really fixes the iCal Server 1 problem, since I don’t have an iCal Server set up, but iCal Server 2 works (though, it works differently, so this issue doesn’t occur). I also got word from a bug I filed about the initial issue, that Apple thinks 10.6 fixed it, so I’d imagine when you upgrade your OD server to 10.6, it adds missing attributes.
More later, work related. Thought I should keep topics distinct.