Manuals
/
Apple
/
Computer Equipment
/
Server
Apple
10.6
manual
Contents
Models:
10.6
1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
197
Download
197 pages
50.37 Kb
5
6
7
8
9
10
11
12
13
14
Install
Password
Ports Open By Default
Login
Administration Tools
ÂÂ Configure Manually
Initial Server Setup
Command-Line Tools
Understanding Backup Types
Setting Sacl Permissions
Page 10
Image 10
10
Contents
Page 9
Page 11
Page 10
Image 10
Page 9
Page 11
Contents
Mac OS X Server
019-1410/2009-08-15
Contents
Administration Tools
Enhancing Security
Installation and Deployment
Initial Server Setup
Ongoing System Management
Monitoring Your System
Push Notification Server
Index
Contents
About This Guide
What’s in This Guide
Using Onscreen Help
To see the most recent server help topics
Document Road Map
Getting Started
Preface About This Guide
Getting Documentation Updates
Getting Additional Information
System Requirements for Installing Mac OS X Server
Standards
What’s New in Mac OS X Server
ÂÂ iCal Server
What’s New in Server Admin
Understanding Server Configuration Methods
Snmp NFS
Supported Standards
Radius
System Overview and Supported Standards
System Overview and Supported Standards
Mac OS X Server’s Unix Heritage
Planning Server Usage
Determining Your Server Needs
Determining Whether to Upgrade or Migrate
Setting Up a Planning Team
Identifying Servers to Set Up
Determining Services to Host on Each Server
Planning Server Usage
Migrating from Windows
Defining a Migration Strategy
Defining an Integration Strategy
Defining Server Setup Infrastructure Requirements
Defining Physical Infrastructure Requirements
Setting up basic server infrastructure
Defining Backup and Restore Policies
Minimizing the Need to Relocate Servers After Setup
Making Sure Required Server Hardware Is Available
Understanding Backup and Restore Policies
Understanding Backup Types
Understanding Backup Scheduling
Understanding Restores
Other Backup Policy Considerations
Defining a Backup Verification Mechanism
Command-Line Backup and Restoration Tools
Understanding Time Machine as a Server Backup Tool
ÂÂ Remote Access Settings ÂÂ Software Update
ÂÂ Wiki ÂÂ Xgrid
Server Admin
Opening and Authenticating in Server Admin
Server Admin Interface
M N
Customizing the Server Admin Environment
Server Assistant
Server Assistant is used for
Server Preferences
Workgroup Manager
Workgroup Manager Interface
Server Monitor
Customizing the Workgroup Manager Environment
For additional information, see Server Monitor Help
ICal Service Utility
ICal Service Utility Interface
System Image Management
Media Streaming Management
RAID Admin
Command-Line Tools
Server Status Widget
Xgrid Admin
Podcast Capture, Composer, and Producer
Apple Remote Desktop
Enhancing Security
About Physical Security
Firewalls and Packet Filters
About Network Security
Network DMZ
VLANs
MAC Filtering
Transport Encryption
Payload Encryption
File and Folder Permissions
About File Security
About File Encryption
About Authentication and Authorization
Secure Delete
You have several options for authenticating users
ÂÂ Secure Shell SSH
Single Sign-On
About Certificates, SSL, and Public Key Infrastructure
Public and Private Keys
Certificates
About Certificate Authorities CAs
About Self-Signed Certificates
About Identities
About Intermediate Trust
To configure clients to trust a certificate
Certificate Manager in Server Admin
From the command line
Enhancing Security
Readying Certificates
To create a self-signed certificate
Creating a Self-Signed Certificate
Requesting a Certificate from a Certificate Authority
To request a signed certificate
Creating a Certificate Authority
To create a CA
Enhancing Security
To create a certificate for someone else
Using a CA to Create a Certificate for Someone Else
Importing a Certificate Identity
To import an existing OpenSSL style certificate
Managing Certificates
Editing a Certificate
To distribute your certificate to your clients
Distributing a CA Public Certificate to Clients
Deleting a Certificate
To delete a certificate
Replacing an Existing Certificate
Using Certificates
Renewing an Expiring Certificate
To renew an expiring certificate
SSH and SSH Keys
Key-Based SSH Login
To do this, run the following commands in Terminal
Generating a Key Pair for SSH
Key-Based SSH with Scripting Sample
Administration Level Security
Setting Administration Level Privileges
Setting Sacl Permissions
Service Level Security
To set Sacl permissions for a service
Security Best Practices
Password Guidelines
Creating Complex Passwords
Confirm you meet the requirements
Installation Overview
Gather your information
Start the installer
Set up the environment
Start up the computer from an installation disk
Prepare the target disk
Set Up Services
Gathering the Information You Need
Connecting to the Directory During Installation
Setting Up Network Services
About the Server Install Disc
SSH During Installation
Mac OS X Server Install Disc
Preparing an Administrator Computer
Administration Tools CD
To install Mac OS X Server v10.6 administration tools
About Starting Up for Installation
Before Starting Up
To start up the computer with the installation disc
Starting Up from the Install DVD
Starting Up from an Alternate Partition
To create an image of the Install DVD
Create a restorable image of the Install DVD
Restore the image to the alternate partition
Prepare the disks and partitions on the target computer
To restore the image to a free volume
Remotely Accessing the Install DVD
To access the computer with Server Assistant
To access the computer using Screen Sharing
To access the computer with VNC
To access the computer with SSH
Identifying Remote Servers When Installing Mac OS X Server
Identify the target server
Starting Up from a NetBoot Environment
Start up the computer from the NetBoot server
Preparing Disks for Installing Mac OS X Server
Create a NetInstall image from the Install DVD
To create a NetInstall image from the Install DVD
Choosing a File System
ÂÂ Mac OS Extended Journaled, Case-Sensitive aka Hfsx
About Hard Disk Partitioning
To partition a disk using Disk Utility
Partitioning a Disk
So the command is
About Creating a RAID Set
To create a RAID set using Disk Utility
You cannot create a RAID set from the startup disk
Diskutil createRAID mirror setName format device device
Installing Server Software Interactively
For example
Installing Locally from the Installation Disc
To install server software locally
Installing Remotely with Server Assistant
To install on a remote server by using Server Assistant
Installing Remotely with Screen Sharing and VNC
Changing a Remote Computer’s Startup Disk
To change a remote computer’s startup disk
To use installer to install server software
105
Most Efficient Methods of Installation
Installing Multiple Servers
More Interactive Methods of Installation
How to Keep Current
Upgrading a Computer from Mac OS X to Mac OS X Server
To postpone setting up Mac OS X Server
Postponing Server Setup Following Installation
Information You Need
Configuring Servers with Multiple Ethernet Ports
Connecting to the Network During Initial Server Setup
About Settings Established During Initial Server Setup
Specifying Initial Open Directory Usage
ÂÂ Create Users and Groups
ÂÂ Configure Manually
Not Changing Directory Usage When Upgrading
ÂÂ Import Users and Groups
Setting Up a Server as a Standalone Server
Binding a Server to Multiple Directory Servers
Setting up Servers Interactively
To interactively connect to an additional directory server
To set up servers interactively
Select the target servers from the configuration list
Using Automatic Server Setup
Creating and Saving Setup Data
To create a setup data file
Using Encryption with Setup Data Files
How a Server Searches for Saved Setup Data Files
Setting Up Servers Automatically Using Data Saved in a File
Restart the remote server
To use setup data from a file remotely
Create the saved setup folder on the remote server
To set the server serial number
Handling Setup Errors
To change services to administer
Setting Up Services
Adding Services to the Server View
From the command-line
Setting Up All Other Services
Setting Up Open Directory
Setting Up User Management
To set up a user account
Computers You Can Use to Administer a Server
Setting Up an Administrator Computer
Using a Non-Mac OS X Computer for Administration
Insert the Mac OS X Server Admin Tools CD
Using the Administration Tools
Working with Pre-v10.6 Computers from v10.6 Servers
Ports Used for Administration
Ports Open By Default
Server Admin Basics
Adding and Removing Servers in Server Admin
Grouping Servers Manually
Grouping Servers Using Smart Groups
To create a server group
Working with Settings for a Specific Server
To create a server smart group
Toolbar button Shows
132
ÂÂ NetBoot
ÂÂ Directory Service ÂÂ Firewall ÂÂ Mobile Access
Understanding Mac OS X Server Names
Directory Service and Kerberos
Dhcp
NetBoot
Mobile Access Proxy Services
Firewall
ÂÂ MySQL
Web
MySQL
Certificates for Web and Wiki Services
Wiki
138
Imap and POP
Certificates for Mail Services
ÂÂ Certificates for collaboration services
Mailing List
ICal Service
Address Book Service
IChat Service
Certificates for Collaboration Services
To change the IP address of the Podcast Producer computer
To change the DNS name of the Podcast Producer computer
Push Notification
Software Update Server
Print
Xgrid
Changing the Server’s Computer Name and the Local Hostname
Changing the Server’s DNS Name After Setup
Changing the IP Address of a Server
To change the DNS name
From the command line
Administering Services
To change computer name and local hostname
To add or remove a service in Server Admin
Adding and Removing Services in Server Admin
Importing and Exporting Service Settings
To export service settings
Controlling Access to Services
To configure service access SACLs
Using SSL for Remote Server Administration
Managing Sharing
Tiered Administration Permissions
Workgroup Manager Basics
Defining Administrative Permissions
To assign permissions
Opening and Authenticating in Workgroup Manager
Administering Accounts
Working with Users and Groups
152
Defining Managed Preferences
Working with Directory Data
To display the inspector
Assistants are available for the following services
Service Configuration Assistants
Critical Configuration and Data Files
General
IChat Server
Firewall Service
Mail Service
Mail-POP/IMAP Server Dovecot
MySQL Service
NAT Service
QuickTime Streaming Server
OpenDirectory Service
Notifications
Tomcat App Server
Eliminating Single Points of Failure
Improving Service Availability
Web Service
Wiki and Blog Server
Using Xserve for High Availability
Using UPS with Xserve
Setting Up Your Server for Automatic Restart
Using Backup Power
Following is the Energy Saver panel of System Preferences
Providing Open Directory Replication
To enable automatic restart
Ensuring Proper Operational Conditions
Automatic restart options are
Link Aggregation
About the Link Aggregation Control Protocol Lacp
Link Aggregation Scenarios
Computer to Switch
Setting Up Link Aggregation in Mac OS X Server
To create a link aggregate
Monitoring Link Aggregation Status
To monitor the status of a link aggregate
Load Balancing
Daemon Overview
Using launchd for Daemon Control
ÂÂ mDNSresponder local network service discovery process
Viewing Running Daemons
170
Planning a Monitoring Policy
Planning Monitoring Response
Using Server Monitor
Using with Server Status Widget
To configure the Server Status widget
Using Console for Server Monitoring
Using RAID Admin for Server Monitoring
Using Disk Monitoring Tools
Using Network Monitoring Tools
To set a notification
Using Server Status Notification in Server Admin
Monitoring Server Status Overviews Using Server Admin
To see a status overview for one server
Using Remote Kernel Core Dumps
Following shows a sample Overview pane for a single server
177
Setting Up a Core Dump Server
Setting up a core dump server
Setting up a core dump client
Setting Up a Core Dump Client
Restart the computer for the settings to take effect
Configuring Common Core Dump Options
About Simple Network Management Protocol Snmp
To enable Snmp
Configuring snmpd
Enabling Snmp reporting
Customize data
To enable and configure Snmp
Restart snmpd to take changes
Additional Information about Snmp
About Notification and Event Monitoring Daemons
Tools to Use with Snmp
There are two main notification daemons syslogd and emond
Logging
Syslog
Open Directory Logging
Directory Service Debug Logging
Syslog Configuration File
To start debugging at startup
AFP Logging
To enable client-side logging
Additional Monitoring Aids
To run slapd in debugging mode
Push Notification Server
About Push Notification Server
To enable Push Notification
Starting and Stopping Push Notification
Click Save, then restart the service
Changing a Service’s Push Notification Server
To change the existing push notification server
Index
192
193
194
195
196
197
Top
Page
Image
Contents