Using Encryption with Setup Data Files
Saved setup data can be encrypted for extra security. Before a server sets itself up using encrypted setup data, it must have access to the passphrase used when the data was encrypted.
For interactive setup, the passphrase is entered using Server Assistant during setup.
If you want to store the password for
How a Server Searches for Saved Setup Data Files
A new server sets itself up using saved setup data it finds while using the following search sequence. When the server finds saved setup data that matches the criteria described, it stops searching and uses the data to set itself up.
ÂÂ It looks on all volumes for a folder at the root named “Auto Server Setup,” starting at the start volume and then searching the rest alphabetically.
Mounted share points are also searched, so any automounted or manually mounted share point can contain the auto setup files. For example, you can use automount or mount_afp via the
ÂÂ It searches through “Auto Server Setup” folders, looking for a file with the extension “.plist”. There is no naming convention for the plist.
The plist file must contain the key “VersionNumber” with value “4” or it will be ignored.
ÂÂ It evaluates all profile plists found to evaluate the most specific match.
ÂÂ Hardware serial number ÂÂ MAC address
ÂÂ IP address
ÂÂ DNS name (fully qualified)
ÂÂ Computer name
ÂÂ None of the above
If a saved setup data profile contains multiple network connection services, Server Assistant tries to match hardware (MAC) addresses. Failing that, it tries to match interface (BSD port) names. If a profile has multiple conditions, it applies to a computer that satisfies any of them.
118
Chapter 6 Initial Server Setup
