Changing the DNS name of the directory server requires that all bound machines be rebound to the new directory name and address.

If you have set up a Kerberos environment, the Kerberos realm does not change when the hostname is changed.

Firewall

Changing the IP address of the Firewall can significantly alter the effectiveness of the service. In Mac OS X Server v10.6, IP firewall rules are stored and referenced as address groups. A change to the IP address of the firewall server might prevent traffic to the address groups from being routed, and therefore none of the specific firewall rules would be applied.

Check all firewall rules when changing the IP address of the firewall server.

Mobile Access (Proxy Services)

Most proxy services should remain relatively unaffected by a change to IP address or domain name. If you have edited the com.apple.securityproxy_mail.plist manually to have the proxy server connect to itself for some service by some other address than the link-local address (127.0.0.1 or localhost), you must change it manually again.

However, proxy services are affected if the IP address or DNS name of the destination servers changes. If you change a proxied services’ name or address, you must reconfigure Proxy Service.

If you configured an HTTP Secure Proxy virtual host, you must delete and re-create the proxy mappings of any proxied servers.

NAT

NAT should not be affected by a change to the server’s IP address or DNS name.

All clients behind the NAT server still have contact with the NAT router by the internal IP address. If you made manual modifications to the NAT service configuration files, make sure those changes are compatible with the new IP address or DNS name.

NetBoot

NetBoot does not require reconfiguration after changing the IP address or DNS name. However, all clients that use it must reselect the server after the changes.

RADIUS

If you change the RADIUS server IP address, you might need to check or reconfigure the IP addresses of the associated base stations. Additionally, if you’re using SSL certificates, you must regenerate or repurchase the certificates. You must use Server Admin to import the new certificates, and then configure the service’s new certificate.

Chapter 7    Ongoing System Management

135

Page 134 Page 136
Page 135
Image 135
Apple 10.6 manual Firewall, Mobile Access Proxy Services, NetBoot
Page 134 Page 136
Top Page Image Contents