Publisher: APPLE
Year: 2002
Language: English
Pages: 622
Mac OS X Server
Administrator’s Guide......Page 1
File Services 48......Page 3
If You’re an Experienced Server Administrator 64......Page 4
Deleting a Shared Open Directory Domain 93......Page 5
Mapping BSD Configuration Files 115......Page 6
Where User Accounts Are Stored 137......Page 7
Working With Managed Users 154......Page 8
Automatically Creating Group Directories 171......Page 9
The Authentication Authority Attribute 192......Page 10
Users Can’t Access Their Home Directories 204......Page 11
Viewing Share Point Settings 217......Page 12
Managing Apple File Service 229......Page 13
File Transfer Protocol (FTP) Service 244......Page 14
Managing NFS Service 258......Page 15
Setting Up User Accounts 270......Page 16
Managing Computer Preferences 286......Page 17
Controlling User Access to an iDisk 299......Page 18
Restricting Access to Printers 313......Page 19
Selecting a Default Print Queue 329......Page 20
Managing Web Service 342......Page 21
WebMail 358......Page 22
How Mail Service Uses DNS 372......Page 23
Using Case-Sensitive IMAP Folder Names 386......Page 24
Forwarding Undeliverable Incoming Mail 402......Page 25
About the Macintosh Manager Share Point 419......Page 26
Allowing Multiple Logins for Users 434......Page 27
Setting a Default Printer 447......Page 28
Choosing How Users Log In 460......Page 29
Shared Workgroup Documents Don’t Appear in a Panels Environment 472......Page 30
Prerequisites 486......Page 31
Using Share Points to Spread the Load 505......Page 32
BIND on Mac OS X Server 520......Page 33
Changing the Any Port (Default) Filter 537......Page 34
Closing an SSH Session 554......Page 35
Configuring IP Failover 569......Page 36
Index 591......Page 37
What’s Included in This Guide......Page 39
Using This Guide......Page 40
Getting Additional Information......Page 41
Ease of Setup and Administration......Page 43
File and Printer Sharing......Page 44
Comprehensive Management of Macintosh Workgroups......Page 45
Highlighting Individual Services......Page 46
Directory Services......Page 47
File Services......Page 48
Print Service......Page 50
Mail Service......Page 51
Macintosh Workgroup Management......Page 52
Network Services......Page 53
QuickTime Streaming Service......Page 55
Highlighting Server Applications......Page 56
Open Directory Assistant......Page 58
Workgroup Manager......Page 59
Server Settings......Page 60
Server Status......Page 61
Server Monitor......Page 62
Streaming Server Admin......Page 63
If You’re an Experienced Server Administrator......Page 64
Directory Services......Page 65
Storage for Data Needed by Mac OS X......Page 66
A Historical Perspective......Page 67
Data Consolidation......Page 68
Data Distribution......Page 69
Uses of Directory Data......Page 70
Inside a Directory Domain......Page 71
Discovery of Network Services......Page 72
Directory Domain Protocols......Page 73
Local Data......Page 74
Shared Data......Page 75
Directory Domain Hierarchies......Page 78
Two-Level Hierarchies......Page 79
More Complex Hierarchies......Page 81
Search Policies for Directory Domain Hierarchies......Page 82
The Automatic Search Policy......Page 83
Custom Search Policies......Page 84
General Planning Guidelines......Page 85
Simplifying Changes to Data in Directory Domains......Page 86
Open Directory Password Server......Page 87
Password Server Database......Page 88
Overview of Directory Services Tools......Page 89
Step 3: Set up access to directory domains on other servers......Page 90
Before You Begin......Page 91
Setting Up an Open Directory Domain and Password Server......Page 92
Configuring Open Directory Service Protocols......Page 93
Setting Up Search Policies......Page 94
Defining a Custom Search Policy......Page 95
Using a Local Directory Search Policy......Page 96
Showing or Hiding Available LDAPv3 Configurations......Page 97
Creating an LDAPv3 Configuration......Page 98
Duplicating an LDAPv3 Configuration......Page 99
Changing an LDAPv3 Configuration’s Connection Settings......Page 100
Configuring LDAPv3 Search Bases and Mappings......Page 101
Populating LDAPv3 Domains With Data for Mac�OS�X......Page 103
Creating an Active Directory Server Configuration......Page 104
Populating Active Directory Domains With Data for Mac�OS�X......Page 105
Creating an LDAPv2 Server Configuration......Page 106
Changing LDAPv2 Server Access Settings......Page 107
Editing LDAPv2 Search Bases and Data Mappings......Page 108
Creating a Shared NetInfo Domain......Page 110
Configuring NetInfo Binding......Page 111
Configuring Static Ports for Shared NetInfo Domains......Page 113
Using UNIX Utilities for NetInfo......Page 114
Mapping BSD Configuration Files......Page 115
Configuring Directory Access on a Remote Computer......Page 118
Backing Up and Restoring Directory Services Files......Page 119
Users and Groups......Page 121
Authentication......Page 122
Password Validation......Page 123
Information Access Control......Page 124
Administration Privileges......Page 125
Home Directories......Page 126
Information Access Control......Page 127
Users and Managed Users......Page 128
Guest Users......Page 129
Predefined Accounts......Page 130
Step 2: Set up directory domains in which user and group accounts will reside......Page 132
Step 6: Create users......Page 133
Step 8: Set Up Client Computers......Page 134
Before You Begin......Page 135
Creating User Accounts in Directory Domains on Mac�OS�X Server......Page 137
Changing User Accounts......Page 138
Defining User Names......Page 139
Defining Short Names......Page 140
Avoiding Duplicate Names......Page 141
Avoiding Duplicate Short Names......Page 143
Defining User IDs......Page 144
Assigning Administrator Rights for a Directory Domain......Page 145
Defining Login Settings......Page 146
Working With Group Settings for Users......Page 147
Adding a User to Groups......Page 148
Working With Home Settings for Users......Page 149
Enabling Mail Service Account Options......Page 150
Working With Print Settings for Users......Page 151
Enabling a User’s Access to Print Queues Enforcing Quotas......Page 152
Restarting a User’s Print Quota......Page 153
Deleting a User Account......Page 154
Administering Home Directories......Page 155
Distributing Home Directories Across Multiple Servers......Page 156
Setting Up Home Directories for Users Defined in Existing Directory Servers......Page 157
Setting Up NFS Home Directory Share Points......Page 160
Defining a User’s Home Directory......Page 161
Defining a Home Directory for Local Users......Page 162
Defining an Advanced Home Directory......Page 163
Setting Disk Quotas......Page 164
Creating Group Accounts in a Directory Domain on Mac OS X Server......Page 165
Creating Read-Write LDAPv3 Group Accounts......Page 166
Working With Member Settings for Groups......Page 167
Removing Users From a Group......Page 168
Naming a Group......Page 169
Working With Volume Settings for Groups......Page 170
Automatically Creating Group Directories......Page 171
Customizing Group Directory Settings......Page 172
Finding User and Group Accounts......Page 173
Listing Users and Groups in Available Directory Domains......Page 174
Sorting User and Group Lists......Page 175
Creating a Preset for User Accounts......Page 176
Using Presets to Create New Accounts......Page 177
Importing and Exporting User and Group Information......Page 178
Using Workgroup Manager to Import Users and Groups......Page 179
Using dsimportexport to Import Users and Groups......Page 181
Using dsimportexport to Export Users and Groups......Page 184
Using XML Files Created With AppleShare IP 6.3......Page 186
Using Character-Delimited Files......Page 187
Understanding Password Validation......Page 189
Contrasting Password Validation Options......Page 191
Choosing a Password......Page 192
Enabling Basic Password Validation for a User......Page 193
The Problem With Readable Passwords......Page 194
Using a Password Server......Page 195
Enabling the Use of a Password Server for a User......Page 196
Using Kerberos......Page 197
Understanding Kerberos......Page 198
Integrating Mac OS X With a Kerberos Server......Page 199
Enabling Kerberos Authentication for Login Window......Page 200
Backing Up a Password Server......Page 201
You Can’t Modify an Account Using Workgroup Manager......Page 202
Users Can’t Log In or Authenticate......Page 203
Kerberos Users Can’t Authenticate......Page 204
Privileges......Page 205
Network Globe Contents......Page 207
Setup Overview......Page 208
Before You Begin......Page 209
Security Issues......Page 210
Creating Share Points and Setting Privileges......Page 211
Configuring Server Message Block (SMB) Share Points......Page 212
Sharing (Exporting) Items Using Network File System (NFS)......Page 213
Automounting Share Points......Page 214
Managing Sharing......Page 215
Viewing Share Points......Page 216
Changing Share Point Owner and Privilege Settings......Page 217
Creating a Drop Box......Page 218
Solving Problems......Page 219
Before You Begin......Page 221
Security Issues......Page 222
Step 5: Check client configurations......Page 223
Apple File Service......Page 224
Setting Up Apple File Service......Page 225
Managing Apple File Service......Page 229
Windows Services......Page 235
Before You Set Up Windows Services......Page 236
Setting Up Windows Services......Page 237
Managing Windows Services......Page 240
Secure FTP Environment......Page 244
Before You Set Up FTP Service......Page 248
Step 5: Configure FTP Advanced settings......Page 249
Setting Up File Transfer Protocol (FTP) Service......Page 250
Managing File Transfer Protocol (FTP) Service......Page 252
Setup Overview......Page 256
Setting Up NFS Service......Page 257
Managing NFS Service......Page 258
Supporting Mac OS X Clients......Page 259
Supporting Mac OS 8 and Mac OS 9 Clients......Page 260
Supporting Windows Clients......Page 261
Supporting NFS Clients......Page 262
Solving Problems With Windows Services......Page 263
Solving Problems With File Transfer Protocol (FTP)......Page 264
Where to Find More Information About File Services......Page 265
Client Management: Mac OS X......Page 267
The User Experience......Page 268
Step 2: Create a shared domain to store account information......Page 269
Setting Up User Accounts......Page 270
Setting Up Computer Accounts......Page 271
Creating a Computer Account......Page 272
Using a Computer Accounts Preset......Page 273
Editing Information About a Computer......Page 274
Deleting Computers From a Computer List......Page 275
Searching for Computer Accounts......Page 276
Managing Guest Computers......Page 277
Restricting Access to Computers......Page 278
Using Local User Accounts......Page 279
Managing Portable Computers......Page 280
How Workgroup Manager Works With System Preferences......Page 281
Managing Preferences......Page 282
Updating Cached Preferences Manually......Page 283
Preference Management Options......Page 284
Managing User Preferences......Page 285
Managing Computer Preferences......Page 286
Disabling Management for Specific Preferences......Page 287
Creating a List of Approved Applications......Page 288
Managing Application Access to Helper Applications......Page 289
Managing Access to System Preferences......Page 290
Choosing a Classic System Folder......Page 291
Keeping Control Panels Secure......Page 292
Making Apple Menu Items Available in Classic......Page 293
Controlling the User’s Dock......Page 294
Adding Items to a User’s Dock......Page 295
Keeping Disks and Servers From Appearing on the User’s Desktop......Page 296
Controlling the Behavior of Finder Windows......Page 297
Hiding the Alert Message When a User Empties the Trash......Page 298
Controlling User Access to Remote Servers......Page 299
Preventing Users From Ejecting Disks......Page 300
Removing Restart and Shut Down Commands From the Apple Menu......Page 301
Adjusting the Appearance and Arrangement of Desktop Items......Page 302
Adjusting the Appearance of Finder Window Contents......Page 303
Setting Web Browser Preferences......Page 304
Deciding How a User Logs In......Page 305
Preventing Restarting or Shutting Down the Computer at Login......Page 306
Opening Applications Automatically After a User Logs In......Page 307
Controlling Access to CDs and DVDs......Page 308
Controlling Access to Hard Drives and Disks......Page 309
Ejecting Items Automatically When a User Logs Out......Page 310
Making Printers Available to Users......Page 311
Restricting Access to Printers Connected to a Computer......Page 312
Restricting Access to Printers......Page 313
Print Service......Page 315
Step 1: Read “Before You Begin”......Page 317
Step 6: Set up printing on client computers......Page 318
Starting Up and Configuring Print Service......Page 319
Configuring Print Queues......Page 320
Adding Print Queues to Shared Open Directory Domains......Page 321
Enforcing Quotas for a Print Queue......Page 322
Mac OS X Clients......Page 323
Mac OS 8 and Mac OS 9 Clients......Page 324
Monitoring Print Service......Page 325
Monitoring a Print Queue......Page 326
Changing a Print Queue’s Configuration......Page 327
Renaming a Print Queue......Page 328
Monitoring a Print Job......Page 329
Restarting a Print Job......Page 330
Changing a Print Job’s Priority......Page 331
Managing Print Logs......Page 332
Archiving Print Logs......Page 333
Solving Problems......Page 334
Web Service......Page 337
Setting Up Web Sites......Page 338
Understanding WebDAV......Page 339
Understanding Multipurpose Internet Mail Extension (MIME)......Page 340
Step 2: Create a default page......Page 341
Managing Web Service......Page 342
Modifying MIME Mappings......Page 343
Limiting Simultaneous Connections for Web Service......Page 344
Blocking Web Sites From Your Web Server Cache......Page 345
Setting Up WebDAV for a Web Server......Page 346
Starting Tomcat......Page 347
Setting Up Multiple IP Addresses for a Port......Page 348
Changing the Default Web Folder for a Site......Page 349
Enabling a Web Site on a Server......Page 350
Improving Performance of Static Web Sites......Page 351
Setting Up Directory Listing for a Web Site......Page 352
Enabling WebDAV......Page 353
Enabling a Common Gateway Interface (CGI) script......Page 354
Enabling Server Side Includes (SSI)......Page 355
Setting Server Responses to MIME Types......Page 356
Enabling PHP......Page 357
WebMail......Page 358
Enabling WebMail......Page 359
Configuring WebMail......Page 360
Generating a Certificate Signing Request (CSR) for Your Server......Page 361
Obtaining a Web Site Certificate......Page 362
Enabling SSL for the Site......Page 363
A CGI Will Not Run......Page 364
Macintosh-Specific Modules......Page 365
Open-Source Modules......Page 366
Where to Find More Information......Page 367
Mail Service......Page 369
Post Office Protocol (POP)......Page 370
SMTP Alternatives: Sendmail and Postfix......Page 371
How Mail Service Uses DNS......Page 372
What Mail Service Can Do About Junk Mail......Page 373
Restricted SMTP Relay......Page 374
Blacklisted Servers......Page 375
Overview of Mail Service Tools......Page 376
Step 2: Set up MX records......Page 377
Step 6: Configure additional settings for mail service......Page 378
Before You Begin......Page 379
Starting Mail Service Automatically......Page 380
Adding or Removing Local Names for the Mail Server......Page 381
Working With Settings for Incoming Mail......Page 382
Notifying Users Who Have New Mail......Page 383
Changing the POP Response Name......Page 384
Requiring Secure IMAP Authentication......Page 385
Controlling IMAP Connections Per User......Page 386
Working With Settings for Outgoing Mail......Page 387
Suspending Outgoing Mail Service......Page 388
Sending SMTP Mail via Another Server......Page 389
Changing the SMTP Response Names......Page 390
Enabling an Alternate Mail Transfer Agent......Page 391
Starting Sendmail......Page 392
Converting the Mail Database From an Earlier Version......Page 393
Allowing Administrator Access to the Mail Database and Files......Page 394
Cleaning Up the Mail Files......Page 395
Specifying DNS Lookup for Mail Service......Page 396
Changing Mail Service Timeouts......Page 397
Restricting SMTP Relay......Page 398
Checking for Mismatched SMTP Server Name and IP Address......Page 399
Filtering SMTP Connections......Page 401
Limiting Delivery Attempts in Mail Service......Page 402
Monitoring Mail Status......Page 403
Reviewing Mail Service Logs......Page 404
Configuring Mail Settings for User Accounts......Page 405
Configuring Email Client Software......Page 406
Performance Tuning......Page 407
Books......Page 408
Internet......Page 409
Client Management: Mac OS 9 and OS 8......Page 411
The User Experience......Page 412
Step 1: Make sure computers meet minimum requirements......Page 414
Step 2: Install Macintosh Manager administrator software......Page 415
Step 3: Set up client computers......Page 416
Choosing a Language for Macintosh Manager Servers and Clients......Page 417
Macintosh Manager Security......Page 418
The Multi-User Items Folder......Page 419
How Macintosh Manager Works With Directory Services......Page 420
How Macintosh Manager Works With Preferences......Page 422
Using NetBoot With Macintosh Manager......Page 423
Step 5: Designate workgroup administrators......Page 424
Logging In to Macintosh Manager as an Administrator......Page 425
Applying User Settings With a Template......Page 426
Importing One or More Users......Page 427
Importing a List of Users From a Text File......Page 428
Providing Quick Access to Unimported Users......Page 429
Providing Access to Unimported Mac OS X Server Users......Page 430
Designating Administrators......Page 431
Creating a Workgroup Administrator......Page 432
Changing Basic User Settings......Page 433
Changing Advanced Settings......Page 434
Updating User Information From Mac OS X Server......Page 435
Creating a Workgroup......Page 436
Creating Workgroups From an Existing Workgroup......Page 437
Setting Up Shortcuts to Items for Finder Workgroups......Page 438
Making Items Available to Panels or Restricted Finder Workgroups......Page 439
Protecting the User’s Desktop......Page 440
Allowing Users to Play Audio CDs......Page 441
Setting Access Privileges for Removable Media......Page 442
Sharing Information in Macintosh Manager......Page 443
Setting Up a Shared Workgroup Folder......Page 444
Connecting to AFP Servers......Page 445
Providing Access to Server Volumes......Page 446
Setting a Default Printer......Page 447
Allowing Users to Exceed Print Quotas......Page 448
Using Options Settings......Page 449
Making Items Open at Startup......Page 450
Creating Computer Lists......Page 451
Duplicating a Computer List......Page 452
Disabling Login for Computers......Page 453
Disconnecting Computers Automatically to Minimize Network Traffic......Page 454
Creating Email Addresses for Managed Users......Page 455
Keeping Computers Secure If a User Forgets to Log Out......Page 456
Choosing Computer Security Settings for Applications......Page 457
Allowing Users to Work Offline......Page 458
Allowing Users to Disable Extensions......Page 459
Customizing Panel Names......Page 460
Portable Computers With Local Users......Page 461
Using Global Security Settings......Page 462
Keeping the Administration Program Secure......Page 463
Copying Preferences for Mac OS 8 Computers......Page 464
Using Global CD-ROM Settings......Page 465
Using Initial Preferences......Page 466
Using Forced Preferences......Page 467
Preserved Preferences......Page 468
Generic Icons Appear in the Items Pane......Page 470
A Client Computer Can’t Connect to the Server......Page 471
Applications Don’t Work Properly or Don’t Open......Page 472
Where to Find More Information......Page 473
Before You Set Up DHCP Service......Page 475
Locating the DHCP Server......Page 476
Step 1: Create subnets......Page 477
Starting and Stopping DHCP Service......Page 478
Setting the LDAP Server for DHCP Clients......Page 479
Changing Lease Times for Subnet Address Ranges......Page 480
Changing Subnet Settings in DHCP Service......Page 481
Setting NetInfo Options for a Subnet......Page 482
Viewing DHCP Log Entries......Page 483
Where to Find More Information......Page 484
NetBoot......Page 485
Prerequisites......Page 486
Capacity Planning......Page 488
NetBoot Implementation......Page 489
Step 1: Evaluate and update your network, servers, and client computers as necessary......Page 493
Step 2: Create disk images for client computers......Page 494
Step 7: Set up all client computers to use NetBoot......Page 495
Creating a Mac OS X Disk Image......Page 496
Installing the Mac OS 9 Disk Image......Page 497
Modifying the Mac OS 9 Disk Image......Page 498
Setting Up Multiple Disk Images......Page 500
Starting NetBoot on Your Server......Page 501
Disabling Disk Images......Page 502
Filtering NetBoot Client Connections......Page 503
Enabling Server Selection......Page 504
Updating the Startup Disk Control Panel......Page 505
Selecting a NetBoot Startup Image (from Mac OS 9)......Page 506
Solving Problems......Page 507
Understanding Packages......Page 509
Step 1: Read the NetBoot chapter and enable NetBoot on your server......Page 510
Creating a Network Install Disk Image......Page 511
Including Packages in an Installer Disk Image......Page 512
Enabling Installer Disk Images......Page 513
DNS Service......Page 515
Using DNS With Mail Service......Page 516
Step 1: Register your domain name......Page 517
Starting and Stopping DNS Service......Page 518
Viewing DNS Usage Statistics......Page 519
BIND on Mac OS X Server......Page 520
Practical Example......Page 521
Setting Up a Private TCP/IP Network......Page 523
Where to Find More Information......Page 524
Firewall Service......Page 525
What Is a Filter?......Page 527
Using Address Ranges......Page 528
Practical Examples......Page 529
Step 1: Configure Firewall service......Page 530
Setting Firewall Service to Start Automatically......Page 531
Creating an IP Filter......Page 532
Configuring Firewall Service......Page 533
Setting Up Logs for Firewall Service......Page 534
Filtering UDP Ports in Firewall Service......Page 535
Allowing NetInfo Access to Certain IP Addresses......Page 536
Preventing Denial-of-Service Attacks......Page 537
Creating IP Filter Rules Using ipfw......Page 538
Port Reference......Page 540
Where to Find More Information......Page 543
Before You Begin......Page 545
Step 4: Create scopes for your network......Page 546
Viewing Scopes and Registered Services in SLP......Page 547
Registering a Service With SLP DA......Page 548
Viewing SLP DA Log Entries......Page 549
Where to Find More Information......Page 550
Tools for Advanced Users......Page 551
Using the Terminal Application......Page 552
Opening an SSH Session......Page 553
Understanding Key Fingerprints......Page 554
Log Rolling Scripts......Page 555
diskspacemonitor......Page 556
diskutil......Page 557
Using installer......Page 558
Full Operating System Installation......Page 559
Working With Server Identity and Startup......Page 561
networksetup......Page 562
Retrieving Your Server’s Network Configuration......Page 563
Managing Network Services......Page 564
MySQL Manager......Page 565
diskKeyFinder......Page 566
Failover Operation......Page 567
Configuring IP Failover......Page 569
User Data That Mac OS X Server Uses......Page 573
Standard Data Types in User Records......Page 574
Format of the MailAttribute Data Type......Page 577
Standard Data Types in Group Records......Page 580
Glossary......Page 581
Index......Page 591
