1010 OS X Mountain Lion Server For Dummies
www.it-ebooks.info
www.it-ebooks.info
OS X
Mountain Lion Server
®
FOR
DUMmIES
‰
www.it-ebooks.info
www.it-ebooks.info
OS X
Mountain Lion Server
®
FOR
DUMmIES
‰
by John Rizzo
www.it-ebooks.info
OS X® Mountain Lion Server For Dummies®
Published by
John Wiley & Sons, Inc.
111 River Street
Hoboken, NJ 07030-5774
www.wiley.com
Copyright © 2012 by John Wiley & Sons, Inc., Hoboken, New Jersey
Published by John Wiley & Sons, Inc., Hoboken, New Jersey
Published simultaneously in Canada
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form
or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as
permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior
written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to
the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 6468600. Requests to the Publisher for permission should be addressed to the Permissions Department, John
Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at
http://www.wiley.com/go/permissions.
Trademarks: Wiley, the Wiley logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!,
The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, Making Everything Easier,
and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its
affiliates in the United States and other countries, and may not be used without written permission. OS X
is a registered trademark of Apple. All other trademarks are the property of their respective owners. John
Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.
LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO
REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS
OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING
WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY
MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND
STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS
SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL,
ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED,
THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE
PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT
THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR
A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE
PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR
RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET
WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS
WORK WAS WRITTEN AND WHEN IT IS READ.
For general information on our other products and services, please contact our Customer Care
Department within the U.S. at 877-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002.
For technical support, please visit www.wiley.com/techsupport.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material
included with standard print versions of this book may not be included in e-books or in print-on-demand.
If this book refers to media such as a CD or DVD that is not included in the version you purchased, you
may download this material at http://booksupport.wiley.com. For more information about Wiley
products, visit www.wiley.com.
Library of Congress Control Number: 2012947904
ISBN 978-1-118-40829-2 (pbk); ISBN 978-1-118-41781-2 (ebk); ISBN 978-1-118-43165-8 (ebk);
ISBN 978-1-118-42202-1 (ebk)
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
www.it-ebooks.info
About the Author
John Rizzo has been writing about computers for 25 years. His work has
appeared in Macworld, Infoworld, CNET, PC Magazine, eWeek, the San
Francisco Chronicle, and other publications.
John is the author of over a dozen books, including Lion Server For Dummies,
Snow Leopard Server For Dummies, Mac Mini Hacks & Mods For Dummies
(all by John Wiley & Sons), Moving to Windows Vista (PeachPit), and Mac
Annoyances (O’Reilly). He’s also written several books on Mac-and-Windows
cross-platform networking and other topics on Mac and Windows hardware
and software.
John publishes the website MacWindows.com, which, since 1997, has been
the web’s largest news and information resource devoted to helping Mac
users get along in a Windows world.
John is also a member of the Board of Trustees at the San Francisco
Community College District, where he promotes the use of technology to
improve student learning.
www.it-ebooks.info
www.it-ebooks.info
Author’s Acknowledgments
The ink was barely dry on my copy of Lion Server For Dummies when Apple
announced Mountain Lion. In Lion Server For Dummies, I said that I would
never write another book. People took me seriously. A reviewer at Amazon
said that my pledge was the best part of Lion Server. I suspect that this is not
the case, but I’m not completely unbiased on this subject.
In the past, the time between Apple revisions of its operating system was
just long enough to make me forget how much work it is to write one of
these books. But Lion Server For Dummies wasn’t even six months old when
Apple announced Mountain Lion. Naturally, I was hesitant to take on the new
project. I pointed out the Amazon review to my publisher. The publisher then
offered to pay me, so I put aside the humiliation of deceiving my readers and
relented.
So I’d like to thank Kyle Looper, who kept my phone number despite all the
trouble I caused him during the last book, and Susan Pink, a great editor
who knows her stuff. Kyle made some great suggestions for this book, which
I used in almost every chapter. Susan read every word of this book and
suggested some better ones in a different order that usually made more
sense. To her credit, she repeatedly asked me what the meaning of “it”
is, which I learned is not the same as Bill Clinton asking in 1998 what the
meaning of “is” is.
Now, I’m through with pledges. With Mountain Lion Server For Dummies
under my belt, I’ve written a proposal for my 15th book, Writing a Dummies
Book For Dummies. The publisher hasn’t yet responded, but I’m hopeful.
www.it-ebooks.info
Publisher’s Acknowledgments
We’re proud of this book; please send us your comments at http://dummies.custhelp.com.
For other comments, please contact our Customer Care Department within the U.S. at 877-762-2974,
outside the U.S. at 317-572-3993, or fax 317-572-4002.
Some of the people who helped bring this book to market include the following:
Acquisitions and Editorial
Composition Services
Project Editor: Susan Pink
Project Coordinator: Katherine Crocker
Senior Acquisitions Editor: Kyle Looper
Layout and Graphics: Joyce Haughey,
Christin Swinford
Copy Editor: Susan Pink
Proofreaders: Melissa Cossell, Jessica Kramer,
Lauren Mandelbaum, Bonnie Mikkelson
Technical Editor: Dennis Cohen
Editorial Manager: Jodi Jensen
Indexer: Estalita Slivoskey
Editorial Assistant: Leslie Saxman
Sr. Editorial Assistant: Cherie Case
Cover Photo: background: © iStockphoto.com/
teekid; screen insets: © iStockphoto.com/
Matt Kaminski
Cartoons: Rich Tennant (www.the5thwave.com)
Publishing and Editorial for Technology Dummies
Richard Swadley, Vice President and Executive Group Publisher
Andy Cummings, Vice President and Publisher
Mary Bednarek, Executive Acquisitions Director
Mary C. Corder, Editorial Director
Publishing for Consumer Dummies
Kathleen Nebenhaus, Vice President and Executive Publisher
Composition Services
Debbie Stailey, Director of Composition Services
www.it-ebooks.info
Contents at a Glance
Introduction ................................................................ 1
Part I: Getting Mountain Lion Server Up and Running .... 7
Chapter 1: Mountain Lion Server: An Overview ............................................................ 9
Chapter 2: Choosing Server Hardware.......................................................................... 23
Chapter 3: The Quick and Easy Installation and Setup ............................................... 47
Chapter 4: Advanced Installation and Setup ................................................................ 61
Part II: Creating and Maintaining User Accounts
and Directories .......................................................... 85
Chapter 5: Controlling Access with Directories and Open Directory ....................... 87
Chapter 6: Integrating Open Directory with Active Directory ................................. 107
Part III: Serving Up Files and Printers ....................... 121
Chapter 7: Setting Up File Sharing ............................................................................... 123
Chapter 8: Controlling Access to Files and Folders .................................................. 139
Chapter 9: Sharing Printers over a Network .............................................................. 153
Part IV: Facilitating User Collaboration ..................... 179
Chapter 10: Sharing Contacts with Contacts Server ................................................. 181
Chapter 11: Serving Up Calendars ............................................................................... 191
Chapter 12: Hosting Websites and Wikis .................................................................... 205
Chapter 13: Running an E-Mail Server ......................................................................... 225
Chapter 14: More Collaboration with Messages ........................................................ 239
Part V: Managing Clients ......................................... 249
Chapter 15: Mass Deployment of OS X........................................................................ 251
Chapter 16: Managing iOS and Mac Accounts ........................................................... 261
Chapter 17: Creating Mobile Accounts for Notebooks ............................................. 301
Chapter 18: Keeping Your Server Healthy and Secure ............................................. 319
Part VI: The Part of Tens .......................................... 343
Chapter 19: Ten Things You Can Add to Mountain Lion Server.............................. 345
Chapter 20: Ten Cool Things That Didn’t Make It into the Rest of the Book ......... 353
Index ...................................................................... 359
www.it-ebooks.info
www.it-ebooks.info
Table of Contents
Introduction ................................................................. 1
About This Book .............................................................................................. 1
Conventions Used in This Book ..................................................................... 2
What You’re Not to Read ................................................................................ 2
Foolish Assumptions ....................................................................................... 3
How This Book Is Organized .......................................................................... 3
Part I: Getting Mountain Lion Server Up and Running ...................... 3
Part II: Creating and Maintaining User Accounts and Directories ... 4
Part III: Serving Up Files and Printers.................................................. 4
Part IV: Facilitating User Collaboration .............................................. 4
Part V: Managing Clients ....................................................................... 4
Part VI: The Part of Tens ....................................................................... 5
Icons Used in This Book ................................................................................. 5
Where to Go from Here ................................................................................... 6
Part I: Getting Mountain Lion Server Up and Running ..... 7
Chapter 1: Mountain Lion Server: An Overview . . . . . . . . . . . . . . . . . . . .9
Why You Need Mountain Lion Server ......................................................... 10
Why you need Mountain Lion Server at home ................................. 10
Why you need Mountain Lion Server in business and education.... 11
The Servers in Mountain Lion Server ......................................................... 12
File server ............................................................................................. 13
Directory services................................................................................ 13
Contacts Server .................................................................................... 13
Calendar Server .................................................................................... 14
Messages Server................................................................................... 14
Network services for Internet connections ...................................... 14
Mail Server ............................................................................................ 15
Web hosting .......................................................................................... 15
Wiki Server ............................................................................................ 16
Profile Manager for iOS and OS X ...................................................... 17
Software Update Server ...................................................................... 17
NetInstall ............................................................................................... 17
NetBoot ................................................................................................. 18
Spotlight searching .............................................................................. 18
Time Machine backup ......................................................................... 18
www.it-ebooks.info
xii
OS X Mountain Lion Server For Dummies
Management Tools in Mountain Lion Server ............................................. 18
Introducing the Server App ................................................................ 19
Configuring services and accounts with the Server app ................ 19
Monitoring your server and making general settings changes ...... 21
Workgroup Manager ............................................................................ 21
Command-Line Administration .................................................................... 22
Chapter 2: Choosing Server Hardware. . . . . . . . . . . . . . . . . . . . . . . . . . .23
Criteria for Selecting Server Hardware ....................................................... 23
Number of users................................................................................... 24
Type of use ........................................................................................... 24
Hardware Requirements for Running Mountain Lion Server................... 26
Selecting Processors for Your Mac Servers ............................................... 27
Putting Enough RAM in Your Server ........................................................... 28
Selecting Hard Drive Storage ....................................................................... 30
Rotational speed .................................................................................. 30
Drive form factor.................................................................................. 31
RAID storage ......................................................................................... 31
NAS and SAN ......................................................................................... 32
Choosing the Right Mac for Your Server .................................................... 33
Mac mini as a server ............................................................................ 33
iMac as a server ................................................................................... 38
Mac Pro as a server ............................................................................. 39
Xserve as a server ................................................................................ 41
Considering Other Network Hardware ....................................................... 42
Power backup for your server ........................................................... 42
Data backup for your server............................................................... 43
Ethernet switches and cables ............................................................ 43
Wireless equipment ............................................................................. 45
Chapter 3: The Quick and Easy Installation and Setup . . . . . . . . . . . . .47
Installing the Software .................................................................................. 47
Upgrading the base OS to Mountain Lion ......................................... 47
The pre-server-install check .............................................................. 49
Downloading and installing server components ............................. 49
Configuring Services and Accounts............................................................. 53
Checking network settings ................................................................. 53
Considering Open Directory............................................................... 55
Creating users and groups.................................................................. 56
Turning on file sharing ........................................................................ 57
Backing up Macs to the server ........................................................... 59
Chapter 4: Advanced Installation and Setup. . . . . . . . . . . . . . . . . . . . . .61
A Road Map to Installation and Setup......................................................... 61
Collecting Info Before You Install ................................................................ 62
Hardware ID numbers ......................................................................... 62
Network ID numbers............................................................................ 63
www.it-ebooks.info
Table of Contents
Planning Installation Scenarios: Clean Install, Update,
and Server Migration ................................................................................. 65
Erasing, Partitioning, and Creating a RAID by Using Disk Utility ............ 66
Erasing or partitioning a drive ........................................................... 67
Creating a software RAID .................................................................... 69
Performing a Clean Install of the Base OS with a Recovery Disk ............ 70
Creating a recovery disk ..................................................................... 70
Performing a clean install of the base OS ......................................... 71
Downloading and installing the server components....................... 73
Upgrading Older Servers .............................................................................. 75
What’s not moved from Snow Leopard Server ................................ 75
Migrating or upgrading mail ............................................................... 76
Recovering Podcast Producer data ................................................... 76
DNS in Mountain Lion Server ....................................................................... 77
Understanding DNS concepts: Zones and records .......................... 78
Using the Server app to configure DNS zones and records............ 79
Keeping Control of Mountain Lion Server Updates .................................. 80
Researching the update ...................................................................... 81
Configuring Software Update properly ............................................. 81
Downloading and testing updates ..................................................... 82
Changing Ethernet Addressing .................................................................... 83
Part II: Creating and Maintaining User Accounts
and Directories ........................................................... 85
Chapter 5: Controlling Access with Directories and Open Directory. . . .87
Defining Directories....................................................................................... 87
Local and shared directories and domains ...................................... 88
Account types in a directory .............................................................. 89
Authenticating with LDAP and Kerberos.................................................... 90
LDAP ...................................................................................................... 90
Kerberos and single sign-on ............................................................... 91
Determining Whether You’re Running a Local or Network Directory .... 93
Planning for an Open Directory Deployment ............................................. 93
Factors to consider for your plan ...................................................... 94
Master, replica, and relay servers ..................................................... 95
Prerequisites .................................................................................................. 97
Checking for proper DNS setup ......................................................... 97
Synchronizing time for Kerberos reliability ..................................... 98
Enabling time server synchronization .............................................. 98
Configuring Open Directory ......................................................................... 99
Creating an Open Directory master or replica with the Server app ...99
Importing directory information with the Server app .................. 102
Binding to an existing directory....................................................... 103
www.it-ebooks.info
xiii
xiv
OS X Mountain Lion Server For Dummies
Binding Clients to the Shared Domain ...................................................... 104
Binding Mac OS X 10.6 and later clients ......................................... 104
Binding Mac OS X 10.5 and earlier clients ...................................... 105
Binding Windows clients................................................................... 106
Chapter 6: Integrating Open Directory with Active Directory . . . . . .107
The Magic Triangle ...................................................................................... 108
Binding Your Server to Active Directory .................................................. 108
Checking DNS configuration ............................................................. 110
Binding the server ............................................................................. 110
Deciding Whether to Muck Around with Advanced Configuration....... 114
Managing User Groups with Workgroup Manager .................................. 116
Configuring Single Sign-On for Mac Clients .............................................. 118
Troubleshooting and Getting Help ............................................................ 119
Part III: Serving Up Files and Printers ....................... 121
Chapter 7: Setting Up File Sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123
Protocol Soup: AFP, SMB, and Other File-Sharing Methods .................. 123
File-sharing protocols 101................................................................. 124
Security in file-sharing protocols ..................................................... 125
Configuring File Sharing .............................................................................. 126
Logging in and turning on file sharing............................................. 126
Creating a share point ....................................................................... 128
Assigning file-sharing protocols to a share point .......................... 129
Assigning groups to access the share point and setting
permissions..................................................................................... 130
Configuring ACL permissions (advanced) ...................................... 133
Propagating permissions to subfolders .......................................... 136
Setting Up and Using FTP File Service ...................................................... 137
Chapter 8: Controlling Access to Files and Folders. . . . . . . . . . . . . . .139
Defining Owner, Group, and Others (and Sometimes Everyone) .......... 140
Owner .................................................................................................. 140
Group ................................................................................................... 140
Others, Everyone, and Guests .......................................................... 141
Standard POSIX Permissions versus ACL Permission Schemes ............ 141
Working with Standard POSIX Permissions ............................................. 142
Standard POSIX permission propagation behavior....................... 144
Inherit permissions from parent ...................................................... 144
Working with Access Control Lists ........................................................... 145
ACL permissions ................................................................................ 146
ACL inheritance.................................................................................. 148
Removing or editing inherited permissions ................................... 150
Using inherited and explicit ACEs together ................................... 151
Troubleshooting with Rules of Precedence ............................................. 151
www.it-ebooks.info
Table of Contents
Chapter 9: Sharing Printers over a Network . . . . . . . . . . . . . . . . . . . . .153
Listing Printer Sharing Features in Mountain Lion Server ..................... 153
Printer Sharing Technology and Terminology ........................................ 154
Communicating with the printer...................................................... 154
Communicating with the client ........................................................ 155
Mountain Lion’s Print Management Software .......................................... 156
Looking at System Preferences for printer sharing ....................... 156
Accessing the CUPS print engine from a browser ......................... 157
Setting Up Shared Printing ........................................................................ 158
Setting up your printers .................................................................... 158
Turning on print sharing ................................................................... 159
Checking the workgroup name for Windows clients .................... 160
Sharing printers by using System Preferences .............................. 160
Sharing printers by using the CUPS interface ................................ 162
Creating a printer pool by using classes ........................................ 164
Restricting access to shared printers ............................................. 165
Managing Printers and Print Jobs ............................................................. 170
Using System Preferences to manage printers and jobs .............. 170
Using the CUPS web interface to manage printers and jobs ........ 171
Don’t Forget Your Clients ........................................................................... 175
PPD files .............................................................................................. 175
Helping Mac clients print .................................................................. 176
Helping Windows clients print ......................................................... 176
Helping Linux and Unix clients print ............................................... 177
Printing from iOS devices ................................................................. 177
Part IV: Facilitating User Collaboration ..................... 179
Chapter 10: Sharing Contacts with Contacts Server . . . . . . . . . . . . . .181
Clients for Contacts Server ........................................................................ 182
Mac, iPhone, iPad, and iPod touch support ................................... 182
Windows clients for contacts service ............................................. 183
Prerequisites ................................................................................................ 183
Optional DNS ...................................................................................... 183
Internet access through a router ..................................................... 185
Setting Up the Contacts Server .................................................................. 185
Disabling user access ........................................................................ 186
Enabling Secure Sockets Layer (SSL) security ............................... 186
Enabling push notification ................................................................ 187
Setting Up Users’ Client Devices................................................................ 188
Setting up a user’s Contacts or client ............................................. 189
Setting up an iPad, iPhone, or iPod touch ...................................... 190
www.it-ebooks.info
xv
xvi
OS X Mountain Lion Server For Dummies
Chapter 11: Serving Up Calendars. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191
Clients for Calendar Server ........................................................................ 192
Prerequisites ................................................................................................ 193
Directory service for Calendar service ........................................... 193
Optional: Setting up DNS for calendar service ............................... 193
Setting Up Calendar Service ....................................................................... 194
Starting calendar service and restricting access ........................... 195
Enabling e-mail invitations ............................................................... 196
Enabling SSL encryption ................................................................... 197
Adding locations and resources ...................................................... 198
Turning on push notification ............................................................ 199
Enabling web calendars .................................................................... 201
Setting Up Mac and iOS Clients for Calendar Service ............................. 201
Adding a Calendar Server account to Mac clients......................... 201
Adding a Calendar Server account to iOS clients .......................... 203
Creating a calendar on the server by using the Calendar client .... 204
Setting a delegate by using the Calendar client ............................. 204
Chapter 12: Hosting Websites and Wikis . . . . . . . . . . . . . . . . . . . . . . .205
Prerequisites ................................................................................................ 205
The Automatically Created Collaboration Website ................................ 206
Turning on and setting up a wiki-based site................................... 207
Navigating the built-in website......................................................... 208
Creating a new wiki and setting access........................................... 209
Creating blogs .................................................................................... 211
Adding content and editing wikis, blogs, and pages ..................... 212
Using comments, tags, and notifications ........................................ 213
Enabling calendars and other settings............................................ 214
Hosting Your Own Websites ...................................................................... 217
Replacing the built-in wiki-based site with your own site ............ 218
Running your own website and the built-in wiki-based
site together .................................................................................... 220
Virtual hosting, aliases, and redirects ............................................ 222
Dynamic generation, CGI scripting, and other advanced settings ....223
Troubleshooting website access problems.................................... 224
Chapter 13: Running an E-Mail Server . . . . . . . . . . . . . . . . . . . . . . . . . .225
Understanding Mail Protocols ................................................................... 225
Mail Service and the Internet: DNS ............................................................ 227
Creating an MX record in OS X Server ............................................ 228
Relay servers ...................................................................................... 231
Setting Up E-Mail Service ............................................................................ 231
Authenticating and Encrypting Mail ......................................................... 232
Securing mail authentication............................................................ 233
Securing e-mail messages with SSL ................................................. 234
www.it-ebooks.info
Table of Contents
Blocking Spam and Other Nasty Bits ........................................................ 235
Creating User E-Mail Addresses................................................................. 237
Setting Up a Mailing List ............................................................................. 238
Chapter 14: More Collaboration with Messages . . . . . . . . . . . . . . . . .239
Instant Messaging, Conferencing, and More ............................................ 239
Clients for Messages Server ....................................................................... 240
Prerequisites ................................................................................................ 241
Open Directory configuration .......................................................... 241
Firewall ports...................................................................................... 241
Internet routers .................................................................................. 241
DNS configuration for some situations ........................................... 242
Configuring Messages Service.................................................................... 243
Assigning screen names for users ................................................... 244
Saving and archiving chat messages ............................................... 245
Enabling server-to-server federation............................................... 245
Advanced configuration .................................................................... 247
Part V: Managing Clients .......................................... 249
Chapter 15: Mass Deployment of OS X . . . . . . . . . . . . . . . . . . . . . . . . . .251
NetBoot, NetInstall, NetRestore................................................................. 251
Creating a System Image............................................................................. 252
Creating a NetBoot set ...................................................................... 253
Creating a Custom NetInstall image ................................................ 254
Setting Up and Starting the NetInstall Service ......................................... 256
Designating a default image .............................................................. 258
NetBoot’s share points...................................................................... 258
Starting a Client Mac from NetBoot or NetInstall .................................... 259
Chapter 16: Managing iOS and Mac Accounts. . . . . . . . . . . . . . . . . . .261
The Server App and Profile Manager versus Workgroup Manager....... 262
Managing Accounts with the Server App ................................................. 263
Setting up and managing user accounts with the Server app ...... 263
Setting up and managing group accounts ...................................... 271
Configuring Clients with Profile Manager ................................................. 273
What you can do with configuration profiles ................................. 274
Configuring Profile Manager on the server..................................... 275
Configuring profiles on clients ......................................................... 279
Managing Accounts with Workgroup Manager ....................................... 282
Connecting to the server and authenticating to the directory ......... 282
Creating user accounts with Workgroup Manager ........................ 284
Changing default account settings .................................................. 284
Disabling and deleting user accounts with Workgroup Manager .....288
www.it-ebooks.info
xvii
xviii
OS X Mountain Lion Server For Dummies
Creating group accounts with Workgroup Manager ..................... 288
Editing and deleting group accounts with Workgroup Manager ......291
Importing and exporting accounts .................................................. 291
Configuring OS X Clients with Managed Preferences ............................. 292
Creating computer and computer group accounts ....................... 293
Configuring managed preferences ................................................... 294
Inheriting, combining, and overriding preferences ....................... 297
Enforcing managed preferences ...................................................... 298
Using Software Update Server to Control Updates from the Server ..... 299
Chapter 17: Creating Mobile Accounts for Notebooks . . . . . . . . . . . .301
Connecting Workgroup Manager to a Shared Domain ........................... 302
The Nightmare of Networked Notebooks ................................................. 303
Planning and Deploying Mobile Accounts................................................ 305
Simplifying mobile management with computer and
group accounts ............................................................................... 305
Configuring mobility settings ........................................................... 306
Creating Server-Based Home Folders and Deploying Mobile
Home Folders ........................................................................................... 310
Creating server-based home folders ............................................... 311
Configuring the mobile home folder................................................ 312
Putting sync to work on the client................................................... 316
Chapter 18: Keeping Your Server Healthy and Secure . . . . . . . . . . . .319
Configuring a Firewall ................................................................................. 320
Setting up a firewall in Mountain Lion Server ................................ 320
Port numbers used by Mountain Lion Server services ................. 323
Firewalls, network routers, and NAT............................................... 325
Using an AirPort Extreme or Time Capsule firewall ...................... 325
Working with Secure SSL Certificates ....................................................... 327
Using SSL certificates ........................................................................ 327
Becoming a certificate authority ..................................................... 331
Using Virtual Private Networks.................................................................. 332
VPN protocols: L2TP/IPSec and PPTP............................................. 333
The shared secret .............................................................................. 333
Client addresses: IP address range.................................................. 334
Network considerations for VPN ..................................................... 334
Configuring VPN clients .................................................................... 335
Attention: The Alerts Pane ......................................................................... 336
Responding to alerts ......................................................................... 336
Getting alerts delivered to you ........................................................ 338
Seeing the Long View with the Stats Pane ................................................ 340
Troubleshooting by Using the Logs Pane................................................. 340
Monitoring Activity ..................................................................................... 342
www.it-ebooks.info
Table of Contents
Part VI: The Part of Tens ........................................... 343
Chapter 19: Ten Things You Can Add to Mountain Lion Server . . . . .345
Antivirus for Your Server ........................................................................... 345
Kerio Connect .............................................................................................. 346
Network Backup of Clients ......................................................................... 347
Media Asset Management and Workflow ................................................. 347
Database Servers for Home or Office ........................................................ 348
Apple Remote Desktop to Manage Macs .................................................. 348
InterMapper, a Network Monitor............................................................... 349
TechTool Pro ............................................................................................... 350
iOS Apps to Manage Servers ...................................................................... 350
Nagios for Network Monitoring ................................................................. 351
Chapter 20: Ten Cool Things That Didn’t Make It into the Rest
of the Book. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .353
Big, Fast External Storage ........................................................................... 353
Xsan ............................................................................................................... 354
Running Mountain Lion from the Command Line ................................... 354
Speeding Up Networks with VLANS .......................................................... 354
Researching Ruby on Rails ......................................................................... 355
Setting the Server to Autorestart .............................................................. 356
Finding Help at Apple.com ......................................................................... 356
Server in a Virtual Machine ........................................................................ 357
PostgreSQL Database .................................................................................. 357
Ethernet Link Aggregation .......................................................................... 358
Index ....................................................................... 359
www.it-ebooks.info
xix
xx
OS X Mountain Lion Server For Dummies
www.it-ebooks.info
Introduction
Y
ou’re about to become a magician. Soon you’ll be providing your users
with the illusion that they have direct access to the world of communication and information. The reality is that servers — ubiquitous, imperceptible, and indefatigable — provide every connection, communication, and bit
of information that the computer user sees.
But only if you make it so. You’re going to set up Apple’s Mountain Lion
Server for your users, configure the wonderful services it offers, and keep it
running. This book will help you do it.
About This Book
OS X Mountain Lion Server For Dummies takes you through the steps required
to get your users doing amazing and productive things. I provide step-by-step
procedures to accomplish specific tasks, such as configuring an e-mail server
and setting up user accounts. In some instances, I also describe how to set
up your users’ Macs or Windows PCs to work with the server.
This book introduces you to the tools that Apple provides with the server
and the best ways to use them. I take you through many of the options and
network configurations available in Mountain Lion Server and describe the
best practices you should adopt.
I also describe the new features in Mountain Lion Server that you’ll want to
know about (trust me on this). And I’ve peppered the chapters with plenty of
tips and tricks that will help you become proficient.
I’m a fan of the English language, so I favor it over the technobabble found in
much of computing. Where the acronyms are unavoidable, I provide explanations. You will not, however, find the word empower in this book. A writer
can be pushed only so far.
www.it-ebooks.info
2
OS X Mountain Lion Server For Dummies
Conventions Used in This Book
Flip through this book, and you’ll find different uses of type to point out different things. Here’s what I do:
✓ In the step-by-step directions, the actions you perform are in bold type,
like this. The description of what happens after the action is in normal
type.
✓ To point out a web address, the book uses a monofont that looks like
this: www.apple.com. You see the same font in the rare instances when
I show you something that you need to type in a command line (in the
Mac’s Terminal application), such as fsck –fy, and for text that a command line returns to you in response. The book uses monofont to indicate
folders. For example, to indicate the Utilities folder, which is inside the
Applications folder, the path is used, /Applications/Utilities.
✓ In rare cases when you need to use a menu at the top of the screen, this
book uses a convention that looks like this: File➪Get Info, which means
you need to choose Get Info from the File menu. I don’t use this convention for menus that aren’t at the top of the screen, such as pop-up menus.
What You’re Not to Read
If you’re going to read this book, you don’t need to read the entire thing or
to read it in any particular order. The book is organized in a logical manner
from beginning to end, but it’s not a narrative. Rather, it’s modular. You need
to read only the portion that applies to a specific project or technique.
If you already have Mountain Lion Server installed, you can skip Part I. And
you don’t have to read Part VI to accomplish any server project. Consider it
the chocolate center of a Good Humor bar.
A lot of the chapters are arranged from general to specific. For example,
Chapter 7 gets you up and running with file sharing. If you want to get into
the nitty-gritty of advanced tweaking of user permissions, read Chapter 8. If
you’re a Windows administrator with experience with Active Directory, you
can skip Chapter 5 on network directories and go right to Chapter 6, which
deals specifically with Macs and Microsoft networks.
I think you’ll enjoy the text next to the Technical Stuff icons, but you can skip
them if you want I won’t be insulted (well, not much).
www.it-ebooks.info
Introduction
Foolish Assumptions
Unlike some other computer books, you won’t find a lot of filler here — no
dissertations that have no bearing on the task at hand. I assume that you
bought this book to accomplish specific tasks, using Mountain Lion Server.
You also won’t find lectures on what’s in the Print dialog box or how to search
for a file because I assume that you’re already a computer user. But I don’t
assume that you’re an Apple-Certified System Administrator. I explain the
alphabet soup of acronyms that you find in some of the Server’s technospeak.
Don’t worry if you’re new to the Mac. I explain any Apple-specific knowledge
that you need. Experienced Mac users can skip bits of Mac-specific material.
Similarly, you don’t need any experience with Windows if you want to support
Windows clients with your Mac server. I show you what you need to know.
I don’t make any assumptions about what hardware you’re running. I provide
some guidance as to what Mac is right for you in Chapter 2.
How This Book Is Organized
OS X Mountain Lion Server For Dummies is organized in six parts, each with
several related chapters. The parts are arranged in the order in which you
might go about using the server. But you don’t have to read the book sequentially, as each part can stand alone as a sort of minibook on a topic. You don’t
even have to read all the sections in any particular chapter. You can use the
table of contents and the index to find the information you need and quickly
get your answer.
I do recommend taking a glance, at least, at Part I. You find some information
about installing Mountain Lion Server that you won’t find in Apple’s
documentation.
Part I: Getting Mountain Lion
Server Up and Running
I start Part I with a description of Mountain Lion Server — what it comes
with, what you can do with it, and what you need to get it running. If you
need advice on which Mac model to use as your server and what should be in
it, look in this part. I also describe some hardware needs in the server and on
the network. If you haven’t already installed Mountain Lion Server, read the
step-by-step directions in Part I.
www.it-ebooks.info
3
4
OS X Mountain Lion Server For Dummies
Part II: Creating and Maintaining
User Accounts and Directories
For netw
www.it-ebooks.info
OS X
Mountain Lion Server
®
FOR
DUMmIES
‰
www.it-ebooks.info
www.it-ebooks.info
OS X
Mountain Lion Server
®
FOR
DUMmIES
‰
by John Rizzo
www.it-ebooks.info
OS X® Mountain Lion Server For Dummies®
Published by
John Wiley & Sons, Inc.
111 River Street
Hoboken, NJ 07030-5774
www.wiley.com
Copyright © 2012 by John Wiley & Sons, Inc., Hoboken, New Jersey
Published by John Wiley & Sons, Inc., Hoboken, New Jersey
Published simultaneously in Canada
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form
or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as
permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior
written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to
the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 6468600. Requests to the Publisher for permission should be addressed to the Permissions Department, John
Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at
http://www.wiley.com/go/permissions.
Trademarks: Wiley, the Wiley logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!,
The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, Making Everything Easier,
and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its
affiliates in the United States and other countries, and may not be used without written permission. OS X
is a registered trademark of Apple. All other trademarks are the property of their respective owners. John
Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.
LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO
REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS
OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING
WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY
MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND
STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS
SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL,
ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED,
THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE
PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT
THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR
A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE
PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR
RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET
WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS
WORK WAS WRITTEN AND WHEN IT IS READ.
For general information on our other products and services, please contact our Customer Care
Department within the U.S. at 877-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002.
For technical support, please visit www.wiley.com/techsupport.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material
included with standard print versions of this book may not be included in e-books or in print-on-demand.
If this book refers to media such as a CD or DVD that is not included in the version you purchased, you
may download this material at http://booksupport.wiley.com. For more information about Wiley
products, visit www.wiley.com.
Library of Congress Control Number: 2012947904
ISBN 978-1-118-40829-2 (pbk); ISBN 978-1-118-41781-2 (ebk); ISBN 978-1-118-43165-8 (ebk);
ISBN 978-1-118-42202-1 (ebk)
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
www.it-ebooks.info
About the Author
John Rizzo has been writing about computers for 25 years. His work has
appeared in Macworld, Infoworld, CNET, PC Magazine, eWeek, the San
Francisco Chronicle, and other publications.
John is the author of over a dozen books, including Lion Server For Dummies,
Snow Leopard Server For Dummies, Mac Mini Hacks & Mods For Dummies
(all by John Wiley & Sons), Moving to Windows Vista (PeachPit), and Mac
Annoyances (O’Reilly). He’s also written several books on Mac-and-Windows
cross-platform networking and other topics on Mac and Windows hardware
and software.
John publishes the website MacWindows.com, which, since 1997, has been
the web’s largest news and information resource devoted to helping Mac
users get along in a Windows world.
John is also a member of the Board of Trustees at the San Francisco
Community College District, where he promotes the use of technology to
improve student learning.
www.it-ebooks.info
www.it-ebooks.info
Author’s Acknowledgments
The ink was barely dry on my copy of Lion Server For Dummies when Apple
announced Mountain Lion. In Lion Server For Dummies, I said that I would
never write another book. People took me seriously. A reviewer at Amazon
said that my pledge was the best part of Lion Server. I suspect that this is not
the case, but I’m not completely unbiased on this subject.
In the past, the time between Apple revisions of its operating system was
just long enough to make me forget how much work it is to write one of
these books. But Lion Server For Dummies wasn’t even six months old when
Apple announced Mountain Lion. Naturally, I was hesitant to take on the new
project. I pointed out the Amazon review to my publisher. The publisher then
offered to pay me, so I put aside the humiliation of deceiving my readers and
relented.
So I’d like to thank Kyle Looper, who kept my phone number despite all the
trouble I caused him during the last book, and Susan Pink, a great editor
who knows her stuff. Kyle made some great suggestions for this book, which
I used in almost every chapter. Susan read every word of this book and
suggested some better ones in a different order that usually made more
sense. To her credit, she repeatedly asked me what the meaning of “it”
is, which I learned is not the same as Bill Clinton asking in 1998 what the
meaning of “is” is.
Now, I’m through with pledges. With Mountain Lion Server For Dummies
under my belt, I’ve written a proposal for my 15th book, Writing a Dummies
Book For Dummies. The publisher hasn’t yet responded, but I’m hopeful.
www.it-ebooks.info
Publisher’s Acknowledgments
We’re proud of this book; please send us your comments at http://dummies.custhelp.com.
For other comments, please contact our Customer Care Department within the U.S. at 877-762-2974,
outside the U.S. at 317-572-3993, or fax 317-572-4002.
Some of the people who helped bring this book to market include the following:
Acquisitions and Editorial
Composition Services
Project Editor: Susan Pink
Project Coordinator: Katherine Crocker
Senior Acquisitions Editor: Kyle Looper
Layout and Graphics: Joyce Haughey,
Christin Swinford
Copy Editor: Susan Pink
Proofreaders: Melissa Cossell, Jessica Kramer,
Lauren Mandelbaum, Bonnie Mikkelson
Technical Editor: Dennis Cohen
Editorial Manager: Jodi Jensen
Indexer: Estalita Slivoskey
Editorial Assistant: Leslie Saxman
Sr. Editorial Assistant: Cherie Case
Cover Photo: background: © iStockphoto.com/
teekid; screen insets: © iStockphoto.com/
Matt Kaminski
Cartoons: Rich Tennant (www.the5thwave.com)
Publishing and Editorial for Technology Dummies
Richard Swadley, Vice President and Executive Group Publisher
Andy Cummings, Vice President and Publisher
Mary Bednarek, Executive Acquisitions Director
Mary C. Corder, Editorial Director
Publishing for Consumer Dummies
Kathleen Nebenhaus, Vice President and Executive Publisher
Composition Services
Debbie Stailey, Director of Composition Services
www.it-ebooks.info
Contents at a Glance
Introduction ................................................................ 1
Part I: Getting Mountain Lion Server Up and Running .... 7
Chapter 1: Mountain Lion Server: An Overview ............................................................ 9
Chapter 2: Choosing Server Hardware.......................................................................... 23
Chapter 3: The Quick and Easy Installation and Setup ............................................... 47
Chapter 4: Advanced Installation and Setup ................................................................ 61
Part II: Creating and Maintaining User Accounts
and Directories .......................................................... 85
Chapter 5: Controlling Access with Directories and Open Directory ....................... 87
Chapter 6: Integrating Open Directory with Active Directory ................................. 107
Part III: Serving Up Files and Printers ....................... 121
Chapter 7: Setting Up File Sharing ............................................................................... 123
Chapter 8: Controlling Access to Files and Folders .................................................. 139
Chapter 9: Sharing Printers over a Network .............................................................. 153
Part IV: Facilitating User Collaboration ..................... 179
Chapter 10: Sharing Contacts with Contacts Server ................................................. 181
Chapter 11: Serving Up Calendars ............................................................................... 191
Chapter 12: Hosting Websites and Wikis .................................................................... 205
Chapter 13: Running an E-Mail Server ......................................................................... 225
Chapter 14: More Collaboration with Messages ........................................................ 239
Part V: Managing Clients ......................................... 249
Chapter 15: Mass Deployment of OS X........................................................................ 251
Chapter 16: Managing iOS and Mac Accounts ........................................................... 261
Chapter 17: Creating Mobile Accounts for Notebooks ............................................. 301
Chapter 18: Keeping Your Server Healthy and Secure ............................................. 319
Part VI: The Part of Tens .......................................... 343
Chapter 19: Ten Things You Can Add to Mountain Lion Server.............................. 345
Chapter 20: Ten Cool Things That Didn’t Make It into the Rest of the Book ......... 353
Index ...................................................................... 359
www.it-ebooks.info
www.it-ebooks.info
Table of Contents
Introduction ................................................................. 1
About This Book .............................................................................................. 1
Conventions Used in This Book ..................................................................... 2
What You’re Not to Read ................................................................................ 2
Foolish Assumptions ....................................................................................... 3
How This Book Is Organized .......................................................................... 3
Part I: Getting Mountain Lion Server Up and Running ...................... 3
Part II: Creating and Maintaining User Accounts and Directories ... 4
Part III: Serving Up Files and Printers.................................................. 4
Part IV: Facilitating User Collaboration .............................................. 4
Part V: Managing Clients ....................................................................... 4
Part VI: The Part of Tens ....................................................................... 5
Icons Used in This Book ................................................................................. 5
Where to Go from Here ................................................................................... 6
Part I: Getting Mountain Lion Server Up and Running ..... 7
Chapter 1: Mountain Lion Server: An Overview . . . . . . . . . . . . . . . . . . . .9
Why You Need Mountain Lion Server ......................................................... 10
Why you need Mountain Lion Server at home ................................. 10
Why you need Mountain Lion Server in business and education.... 11
The Servers in Mountain Lion Server ......................................................... 12
File server ............................................................................................. 13
Directory services................................................................................ 13
Contacts Server .................................................................................... 13
Calendar Server .................................................................................... 14
Messages Server................................................................................... 14
Network services for Internet connections ...................................... 14
Mail Server ............................................................................................ 15
Web hosting .......................................................................................... 15
Wiki Server ............................................................................................ 16
Profile Manager for iOS and OS X ...................................................... 17
Software Update Server ...................................................................... 17
NetInstall ............................................................................................... 17
NetBoot ................................................................................................. 18
Spotlight searching .............................................................................. 18
Time Machine backup ......................................................................... 18
www.it-ebooks.info
xii
OS X Mountain Lion Server For Dummies
Management Tools in Mountain Lion Server ............................................. 18
Introducing the Server App ................................................................ 19
Configuring services and accounts with the Server app ................ 19
Monitoring your server and making general settings changes ...... 21
Workgroup Manager ............................................................................ 21
Command-Line Administration .................................................................... 22
Chapter 2: Choosing Server Hardware. . . . . . . . . . . . . . . . . . . . . . . . . . .23
Criteria for Selecting Server Hardware ....................................................... 23
Number of users................................................................................... 24
Type of use ........................................................................................... 24
Hardware Requirements for Running Mountain Lion Server................... 26
Selecting Processors for Your Mac Servers ............................................... 27
Putting Enough RAM in Your Server ........................................................... 28
Selecting Hard Drive Storage ....................................................................... 30
Rotational speed .................................................................................. 30
Drive form factor.................................................................................. 31
RAID storage ......................................................................................... 31
NAS and SAN ......................................................................................... 32
Choosing the Right Mac for Your Server .................................................... 33
Mac mini as a server ............................................................................ 33
iMac as a server ................................................................................... 38
Mac Pro as a server ............................................................................. 39
Xserve as a server ................................................................................ 41
Considering Other Network Hardware ....................................................... 42
Power backup for your server ........................................................... 42
Data backup for your server............................................................... 43
Ethernet switches and cables ............................................................ 43
Wireless equipment ............................................................................. 45
Chapter 3: The Quick and Easy Installation and Setup . . . . . . . . . . . . .47
Installing the Software .................................................................................. 47
Upgrading the base OS to Mountain Lion ......................................... 47
The pre-server-install check .............................................................. 49
Downloading and installing server components ............................. 49
Configuring Services and Accounts............................................................. 53
Checking network settings ................................................................. 53
Considering Open Directory............................................................... 55
Creating users and groups.................................................................. 56
Turning on file sharing ........................................................................ 57
Backing up Macs to the server ........................................................... 59
Chapter 4: Advanced Installation and Setup. . . . . . . . . . . . . . . . . . . . . .61
A Road Map to Installation and Setup......................................................... 61
Collecting Info Before You Install ................................................................ 62
Hardware ID numbers ......................................................................... 62
Network ID numbers............................................................................ 63
www.it-ebooks.info
Table of Contents
Planning Installation Scenarios: Clean Install, Update,
and Server Migration ................................................................................. 65
Erasing, Partitioning, and Creating a RAID by Using Disk Utility ............ 66
Erasing or partitioning a drive ........................................................... 67
Creating a software RAID .................................................................... 69
Performing a Clean Install of the Base OS with a Recovery Disk ............ 70
Creating a recovery disk ..................................................................... 70
Performing a clean install of the base OS ......................................... 71
Downloading and installing the server components....................... 73
Upgrading Older Servers .............................................................................. 75
What’s not moved from Snow Leopard Server ................................ 75
Migrating or upgrading mail ............................................................... 76
Recovering Podcast Producer data ................................................... 76
DNS in Mountain Lion Server ....................................................................... 77
Understanding DNS concepts: Zones and records .......................... 78
Using the Server app to configure DNS zones and records............ 79
Keeping Control of Mountain Lion Server Updates .................................. 80
Researching the update ...................................................................... 81
Configuring Software Update properly ............................................. 81
Downloading and testing updates ..................................................... 82
Changing Ethernet Addressing .................................................................... 83
Part II: Creating and Maintaining User Accounts
and Directories ........................................................... 85
Chapter 5: Controlling Access with Directories and Open Directory. . . .87
Defining Directories....................................................................................... 87
Local and shared directories and domains ...................................... 88
Account types in a directory .............................................................. 89
Authenticating with LDAP and Kerberos.................................................... 90
LDAP ...................................................................................................... 90
Kerberos and single sign-on ............................................................... 91
Determining Whether You’re Running a Local or Network Directory .... 93
Planning for an Open Directory Deployment ............................................. 93
Factors to consider for your plan ...................................................... 94
Master, replica, and relay servers ..................................................... 95
Prerequisites .................................................................................................. 97
Checking for proper DNS setup ......................................................... 97
Synchronizing time for Kerberos reliability ..................................... 98
Enabling time server synchronization .............................................. 98
Configuring Open Directory ......................................................................... 99
Creating an Open Directory master or replica with the Server app ...99
Importing directory information with the Server app .................. 102
Binding to an existing directory....................................................... 103
www.it-ebooks.info
xiii
xiv
OS X Mountain Lion Server For Dummies
Binding Clients to the Shared Domain ...................................................... 104
Binding Mac OS X 10.6 and later clients ......................................... 104
Binding Mac OS X 10.5 and earlier clients ...................................... 105
Binding Windows clients................................................................... 106
Chapter 6: Integrating Open Directory with Active Directory . . . . . .107
The Magic Triangle ...................................................................................... 108
Binding Your Server to Active Directory .................................................. 108
Checking DNS configuration ............................................................. 110
Binding the server ............................................................................. 110
Deciding Whether to Muck Around with Advanced Configuration....... 114
Managing User Groups with Workgroup Manager .................................. 116
Configuring Single Sign-On for Mac Clients .............................................. 118
Troubleshooting and Getting Help ............................................................ 119
Part III: Serving Up Files and Printers ....................... 121
Chapter 7: Setting Up File Sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123
Protocol Soup: AFP, SMB, and Other File-Sharing Methods .................. 123
File-sharing protocols 101................................................................. 124
Security in file-sharing protocols ..................................................... 125
Configuring File Sharing .............................................................................. 126
Logging in and turning on file sharing............................................. 126
Creating a share point ....................................................................... 128
Assigning file-sharing protocols to a share point .......................... 129
Assigning groups to access the share point and setting
permissions..................................................................................... 130
Configuring ACL permissions (advanced) ...................................... 133
Propagating permissions to subfolders .......................................... 136
Setting Up and Using FTP File Service ...................................................... 137
Chapter 8: Controlling Access to Files and Folders. . . . . . . . . . . . . . .139
Defining Owner, Group, and Others (and Sometimes Everyone) .......... 140
Owner .................................................................................................. 140
Group ................................................................................................... 140
Others, Everyone, and Guests .......................................................... 141
Standard POSIX Permissions versus ACL Permission Schemes ............ 141
Working with Standard POSIX Permissions ............................................. 142
Standard POSIX permission propagation behavior....................... 144
Inherit permissions from parent ...................................................... 144
Working with Access Control Lists ........................................................... 145
ACL permissions ................................................................................ 146
ACL inheritance.................................................................................. 148
Removing or editing inherited permissions ................................... 150
Using inherited and explicit ACEs together ................................... 151
Troubleshooting with Rules of Precedence ............................................. 151
www.it-ebooks.info
Table of Contents
Chapter 9: Sharing Printers over a Network . . . . . . . . . . . . . . . . . . . . .153
Listing Printer Sharing Features in Mountain Lion Server ..................... 153
Printer Sharing Technology and Terminology ........................................ 154
Communicating with the printer...................................................... 154
Communicating with the client ........................................................ 155
Mountain Lion’s Print Management Software .......................................... 156
Looking at System Preferences for printer sharing ....................... 156
Accessing the CUPS print engine from a browser ......................... 157
Setting Up Shared Printing ........................................................................ 158
Setting up your printers .................................................................... 158
Turning on print sharing ................................................................... 159
Checking the workgroup name for Windows clients .................... 160
Sharing printers by using System Preferences .............................. 160
Sharing printers by using the CUPS interface ................................ 162
Creating a printer pool by using classes ........................................ 164
Restricting access to shared printers ............................................. 165
Managing Printers and Print Jobs ............................................................. 170
Using System Preferences to manage printers and jobs .............. 170
Using the CUPS web interface to manage printers and jobs ........ 171
Don’t Forget Your Clients ........................................................................... 175
PPD files .............................................................................................. 175
Helping Mac clients print .................................................................. 176
Helping Windows clients print ......................................................... 176
Helping Linux and Unix clients print ............................................... 177
Printing from iOS devices ................................................................. 177
Part IV: Facilitating User Collaboration ..................... 179
Chapter 10: Sharing Contacts with Contacts Server . . . . . . . . . . . . . .181
Clients for Contacts Server ........................................................................ 182
Mac, iPhone, iPad, and iPod touch support ................................... 182
Windows clients for contacts service ............................................. 183
Prerequisites ................................................................................................ 183
Optional DNS ...................................................................................... 183
Internet access through a router ..................................................... 185
Setting Up the Contacts Server .................................................................. 185
Disabling user access ........................................................................ 186
Enabling Secure Sockets Layer (SSL) security ............................... 186
Enabling push notification ................................................................ 187
Setting Up Users’ Client Devices................................................................ 188
Setting up a user’s Contacts or client ............................................. 189
Setting up an iPad, iPhone, or iPod touch ...................................... 190
www.it-ebooks.info
xv
xvi
OS X Mountain Lion Server For Dummies
Chapter 11: Serving Up Calendars. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191
Clients for Calendar Server ........................................................................ 192
Prerequisites ................................................................................................ 193
Directory service for Calendar service ........................................... 193
Optional: Setting up DNS for calendar service ............................... 193
Setting Up Calendar Service ....................................................................... 194
Starting calendar service and restricting access ........................... 195
Enabling e-mail invitations ............................................................... 196
Enabling SSL encryption ................................................................... 197
Adding locations and resources ...................................................... 198
Turning on push notification ............................................................ 199
Enabling web calendars .................................................................... 201
Setting Up Mac and iOS Clients for Calendar Service ............................. 201
Adding a Calendar Server account to Mac clients......................... 201
Adding a Calendar Server account to iOS clients .......................... 203
Creating a calendar on the server by using the Calendar client .... 204
Setting a delegate by using the Calendar client ............................. 204
Chapter 12: Hosting Websites and Wikis . . . . . . . . . . . . . . . . . . . . . . .205
Prerequisites ................................................................................................ 205
The Automatically Created Collaboration Website ................................ 206
Turning on and setting up a wiki-based site................................... 207
Navigating the built-in website......................................................... 208
Creating a new wiki and setting access........................................... 209
Creating blogs .................................................................................... 211
Adding content and editing wikis, blogs, and pages ..................... 212
Using comments, tags, and notifications ........................................ 213
Enabling calendars and other settings............................................ 214
Hosting Your Own Websites ...................................................................... 217
Replacing the built-in wiki-based site with your own site ............ 218
Running your own website and the built-in wiki-based
site together .................................................................................... 220
Virtual hosting, aliases, and redirects ............................................ 222
Dynamic generation, CGI scripting, and other advanced settings ....223
Troubleshooting website access problems.................................... 224
Chapter 13: Running an E-Mail Server . . . . . . . . . . . . . . . . . . . . . . . . . .225
Understanding Mail Protocols ................................................................... 225
Mail Service and the Internet: DNS ............................................................ 227
Creating an MX record in OS X Server ............................................ 228
Relay servers ...................................................................................... 231
Setting Up E-Mail Service ............................................................................ 231
Authenticating and Encrypting Mail ......................................................... 232
Securing mail authentication............................................................ 233
Securing e-mail messages with SSL ................................................. 234
www.it-ebooks.info
Table of Contents
Blocking Spam and Other Nasty Bits ........................................................ 235
Creating User E-Mail Addresses................................................................. 237
Setting Up a Mailing List ............................................................................. 238
Chapter 14: More Collaboration with Messages . . . . . . . . . . . . . . . . .239
Instant Messaging, Conferencing, and More ............................................ 239
Clients for Messages Server ....................................................................... 240
Prerequisites ................................................................................................ 241
Open Directory configuration .......................................................... 241
Firewall ports...................................................................................... 241
Internet routers .................................................................................. 241
DNS configuration for some situations ........................................... 242
Configuring Messages Service.................................................................... 243
Assigning screen names for users ................................................... 244
Saving and archiving chat messages ............................................... 245
Enabling server-to-server federation............................................... 245
Advanced configuration .................................................................... 247
Part V: Managing Clients .......................................... 249
Chapter 15: Mass Deployment of OS X . . . . . . . . . . . . . . . . . . . . . . . . . .251
NetBoot, NetInstall, NetRestore................................................................. 251
Creating a System Image............................................................................. 252
Creating a NetBoot set ...................................................................... 253
Creating a Custom NetInstall image ................................................ 254
Setting Up and Starting the NetInstall Service ......................................... 256
Designating a default image .............................................................. 258
NetBoot’s share points...................................................................... 258
Starting a Client Mac from NetBoot or NetInstall .................................... 259
Chapter 16: Managing iOS and Mac Accounts. . . . . . . . . . . . . . . . . . .261
The Server App and Profile Manager versus Workgroup Manager....... 262
Managing Accounts with the Server App ................................................. 263
Setting up and managing user accounts with the Server app ...... 263
Setting up and managing group accounts ...................................... 271
Configuring Clients with Profile Manager ................................................. 273
What you can do with configuration profiles ................................. 274
Configuring Profile Manager on the server..................................... 275
Configuring profiles on clients ......................................................... 279
Managing Accounts with Workgroup Manager ....................................... 282
Connecting to the server and authenticating to the directory ......... 282
Creating user accounts with Workgroup Manager ........................ 284
Changing default account settings .................................................. 284
Disabling and deleting user accounts with Workgroup Manager .....288
www.it-ebooks.info
xvii
xviii
OS X Mountain Lion Server For Dummies
Creating group accounts with Workgroup Manager ..................... 288
Editing and deleting group accounts with Workgroup Manager ......291
Importing and exporting accounts .................................................. 291
Configuring OS X Clients with Managed Preferences ............................. 292
Creating computer and computer group accounts ....................... 293
Configuring managed preferences ................................................... 294
Inheriting, combining, and overriding preferences ....................... 297
Enforcing managed preferences ...................................................... 298
Using Software Update Server to Control Updates from the Server ..... 299
Chapter 17: Creating Mobile Accounts for Notebooks . . . . . . . . . . . .301
Connecting Workgroup Manager to a Shared Domain ........................... 302
The Nightmare of Networked Notebooks ................................................. 303
Planning and Deploying Mobile Accounts................................................ 305
Simplifying mobile management with computer and
group accounts ............................................................................... 305
Configuring mobility settings ........................................................... 306
Creating Server-Based Home Folders and Deploying Mobile
Home Folders ........................................................................................... 310
Creating server-based home folders ............................................... 311
Configuring the mobile home folder................................................ 312
Putting sync to work on the client................................................... 316
Chapter 18: Keeping Your Server Healthy and Secure . . . . . . . . . . . .319
Configuring a Firewall ................................................................................. 320
Setting up a firewall in Mountain Lion Server ................................ 320
Port numbers used by Mountain Lion Server services ................. 323
Firewalls, network routers, and NAT............................................... 325
Using an AirPort Extreme or Time Capsule firewall ...................... 325
Working with Secure SSL Certificates ....................................................... 327
Using SSL certificates ........................................................................ 327
Becoming a certificate authority ..................................................... 331
Using Virtual Private Networks.................................................................. 332
VPN protocols: L2TP/IPSec and PPTP............................................. 333
The shared secret .............................................................................. 333
Client addresses: IP address range.................................................. 334
Network considerations for VPN ..................................................... 334
Configuring VPN clients .................................................................... 335
Attention: The Alerts Pane ......................................................................... 336
Responding to alerts ......................................................................... 336
Getting alerts delivered to you ........................................................ 338
Seeing the Long View with the Stats Pane ................................................ 340
Troubleshooting by Using the Logs Pane................................................. 340
Monitoring Activity ..................................................................................... 342
www.it-ebooks.info
Table of Contents
Part VI: The Part of Tens ........................................... 343
Chapter 19: Ten Things You Can Add to Mountain Lion Server . . . . .345
Antivirus for Your Server ........................................................................... 345
Kerio Connect .............................................................................................. 346
Network Backup of Clients ......................................................................... 347
Media Asset Management and Workflow ................................................. 347
Database Servers for Home or Office ........................................................ 348
Apple Remote Desktop to Manage Macs .................................................. 348
InterMapper, a Network Monitor............................................................... 349
TechTool Pro ............................................................................................... 350
iOS Apps to Manage Servers ...................................................................... 350
Nagios for Network Monitoring ................................................................. 351
Chapter 20: Ten Cool Things That Didn’t Make It into the Rest
of the Book. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .353
Big, Fast External Storage ........................................................................... 353
Xsan ............................................................................................................... 354
Running Mountain Lion from the Command Line ................................... 354
Speeding Up Networks with VLANS .......................................................... 354
Researching Ruby on Rails ......................................................................... 355
Setting the Server to Autorestart .............................................................. 356
Finding Help at Apple.com ......................................................................... 356
Server in a Virtual Machine ........................................................................ 357
PostgreSQL Database .................................................................................. 357
Ethernet Link Aggregation .......................................................................... 358
Index ....................................................................... 359
www.it-ebooks.info
xix
xx
OS X Mountain Lion Server For Dummies
www.it-ebooks.info
Introduction
Y
ou’re about to become a magician. Soon you’ll be providing your users
with the illusion that they have direct access to the world of communication and information. The reality is that servers — ubiquitous, imperceptible, and indefatigable — provide every connection, communication, and bit
of information that the computer user sees.
But only if you make it so. You’re going to set up Apple’s Mountain Lion
Server for your users, configure the wonderful services it offers, and keep it
running. This book will help you do it.
About This Book
OS X Mountain Lion Server For Dummies takes you through the steps required
to get your users doing amazing and productive things. I provide step-by-step
procedures to accomplish specific tasks, such as configuring an e-mail server
and setting up user accounts. In some instances, I also describe how to set
up your users’ Macs or Windows PCs to work with the server.
This book introduces you to the tools that Apple provides with the server
and the best ways to use them. I take you through many of the options and
network configurations available in Mountain Lion Server and describe the
best practices you should adopt.
I also describe the new features in Mountain Lion Server that you’ll want to
know about (trust me on this). And I’ve peppered the chapters with plenty of
tips and tricks that will help you become proficient.
I’m a fan of the English language, so I favor it over the technobabble found in
much of computing. Where the acronyms are unavoidable, I provide explanations. You will not, however, find the word empower in this book. A writer
can be pushed only so far.
www.it-ebooks.info
2
OS X Mountain Lion Server For Dummies
Conventions Used in This Book
Flip through this book, and you’ll find different uses of type to point out different things. Here’s what I do:
✓ In the step-by-step directions, the actions you perform are in bold type,
like this. The description of what happens after the action is in normal
type.
✓ To point out a web address, the book uses a monofont that looks like
this: www.apple.com. You see the same font in the rare instances when
I show you something that you need to type in a command line (in the
Mac’s Terminal application), such as fsck –fy, and for text that a command line returns to you in response. The book uses monofont to indicate
folders. For example, to indicate the Utilities folder, which is inside the
Applications folder, the path is used, /Applications/Utilities.
✓ In rare cases when you need to use a menu at the top of the screen, this
book uses a convention that looks like this: File➪Get Info, which means
you need to choose Get Info from the File menu. I don’t use this convention for menus that aren’t at the top of the screen, such as pop-up menus.
What You’re Not to Read
If you’re going to read this book, you don’t need to read the entire thing or
to read it in any particular order. The book is organized in a logical manner
from beginning to end, but it’s not a narrative. Rather, it’s modular. You need
to read only the portion that applies to a specific project or technique.
If you already have Mountain Lion Server installed, you can skip Part I. And
you don’t have to read Part VI to accomplish any server project. Consider it
the chocolate center of a Good Humor bar.
A lot of the chapters are arranged from general to specific. For example,
Chapter 7 gets you up and running with file sharing. If you want to get into
the nitty-gritty of advanced tweaking of user permissions, read Chapter 8. If
you’re a Windows administrator with experience with Active Directory, you
can skip Chapter 5 on network directories and go right to Chapter 6, which
deals specifically with Macs and Microsoft networks.
I think you’ll enjoy the text next to the Technical Stuff icons, but you can skip
them if you want I won’t be insulted (well, not much).
www.it-ebooks.info
Introduction
Foolish Assumptions
Unlike some other computer books, you won’t find a lot of filler here — no
dissertations that have no bearing on the task at hand. I assume that you
bought this book to accomplish specific tasks, using Mountain Lion Server.
You also won’t find lectures on what’s in the Print dialog box or how to search
for a file because I assume that you’re already a computer user. But I don’t
assume that you’re an Apple-Certified System Administrator. I explain the
alphabet soup of acronyms that you find in some of the Server’s technospeak.
Don’t worry if you’re new to the Mac. I explain any Apple-specific knowledge
that you need. Experienced Mac users can skip bits of Mac-specific material.
Similarly, you don’t need any experience with Windows if you want to support
Windows clients with your Mac server. I show you what you need to know.
I don’t make any assumptions about what hardware you’re running. I provide
some guidance as to what Mac is right for you in Chapter 2.
How This Book Is Organized
OS X Mountain Lion Server For Dummies is organized in six parts, each with
several related chapters. The parts are arranged in the order in which you
might go about using the server. But you don’t have to read the book sequentially, as each part can stand alone as a sort of minibook on a topic. You don’t
even have to read all the sections in any particular chapter. You can use the
table of contents and the index to find the information you need and quickly
get your answer.
I do recommend taking a glance, at least, at Part I. You find some information
about installing Mountain Lion Server that you won’t find in Apple’s
documentation.
Part I: Getting Mountain Lion
Server Up and Running
I start Part I with a description of Mountain Lion Server — what it comes
with, what you can do with it, and what you need to get it running. If you
need advice on which Mac model to use as your server and what should be in
it, look in this part. I also describe some hardware needs in the server and on
the network. If you haven’t already installed Mountain Lion Server, read the
step-by-step directions in Part I.
www.it-ebooks.info
3
4
OS X Mountain Lion Server For Dummies
Part II: Creating and Maintaining
User Accounts and Directories
For netw