Apple G0442 User Manual
Mac OS X Server
Version 10.4
Technology Overview
August 2006
Contents
Page 3 Introduction
Page 5 New in Version 10.4
Page 7 Operating System Fundamentals
UNIX-Based Foundation
64-Bit Computing
Advanced BSD Networking Architecture
Robust Security
Directory Integration
High Availability
Technology Overview
Mac OS X Server
2
Page 10 Integrated Management Tools
Server Admin
Workgroup Manager
Page 14 Service Deployment and Administration
Open Directory Server
File and Print Services
Mail Services
Web Hosting
Enterprise Applications
Media Streaming
iChat Server
Software Update Server
NetBoot and NetInstall
Networking and VPN
Distributed Computing
Page 29 Product Details
Page 31 Open Source Projects
Page 35 Additional Resources
The Universal release of Mac OS X Server
runs on both Intel- and PowerPC-based
Mac desktop and Xserve systems.
Technology Overview
Mac OS X Server
Introduction
Mac OS X Server version 10.4 Tiger gives you everything you need to manage
servers in a mixed-platform environment and to con gure, deploy, and manage
powerful network services. Featuring the renowned Mac OS X interface, Mac OS X
Server streamlines your management tasks with applications and utilities that are
robust yet easy to use.
Apple’s award-winning server software brings people and data together in innovative
ways. Whether you want to empower users with instant messaging and blogging, gain
greater control over email, reduce the cost and hassle of updating software, or build
your own distributed supercomputer, Mac OS X Server v10.4 has the tools you need.
The power and simplicity of Mac OS X Server are a re ection of Apple’s operating sys-
tem strategy—one that favors open industry standards over proprietary technologies.
It begins with a UNIX-based foundation built around the Mach microkernel and the
latest advances from the open source BSD community. This foundation provides Mac
OS X Server with a stable, high-performance, 64-bit computing platform for deploying
server-based applications and services.
3
Open source made easy
Tiger Server is the fth major release of Mac OS X Server, providing standards-based
workgroup and Internet services without the complexity of Linux or the cost inherent
in other UNIX-based solutions. Instead of developing proprietary server technologies,
Apple has built on the best open source projects: Samba 3, OpenLDAP, Kerberos,
Post x, Apache, Jabber, SpamAssassin, and more. Mac OS X Server integrates these
robust technologies and enhances them with a uni ed, consistent management
interface. Powerful administrative tools permit novices to con gure and maintain
core network services, while providing the advanced features and functionality
required by experienced IT professionals.
Because it is built on open standards, Mac OS X Server is compatible with existing
network and computing infrastructures. It uses native protocols to deliver directory
services, le and printer sharing, and secure network access to Mac, Windows, and
Linux clients. A standards-based directory services architecture o! ers centralized
management of network resources using any LDAP server—even proprietary servers
such as Microsoft Active Directory. The open source UNIX-based foundation makes it
easy to port and deploy existing tools to Mac OS X Server.
Technology Overview
Mac OS X Server
Best of all, Mac OS X Server ts easily into IT budgets everywhere. A complete suite of
workgroup and Internet services is included in the box, so network administrators can
get started right away. Mac OS X Server is available in 10-client and unlimited-client
editions. The unlimited-client edition does not require additional per-seat fees for
connecting more users, making it an a! ordable solution for organizations of any size.
Mac OS X Server: for supporting Mac and Windows workgroups, deploying powerful
Internet services, and hosting enterprise applications—all with an ease of use that is
uniquely Mac.
4
Xserve and Xserve RAID
Mac OS X Server unleashes the power
of Xserve, Apple’s rack-optimized server
hardware. With phenomenal performance,
massive storage capacity, high-bandwidth
I/O, and integrated remote management
tools, Xserve running Mac OS X Server is an
unparalleled server solution for businesses,
schools, and research centers. For even more
storage, Xserve RAID o! ers a high-availability,
high-performance storage solution in a 3U
enclosure.
Technology Overview
Mac OS X Server
New in Version 10.4
Mac OS X Server v10.4 continues the Mac OS X tradition by delivering a world-class
UNIX-based server solution that’s easy to deploy and easy to manage. This latest
release incorporates more than 100 open source projects and o! ers more than 200
new features. The key new features include:
64-bit applications. Mac OS X Server v10.4 brings the power of 64-bit computing
to mainstream servers. Its 64-bit addressing o! ers access to massive amounts of
memory, and its 64-bit optimized math libraries provide high-performance, extremely
accurate mathematical calculations. These capabilities make Mac OS X Server the ideal
platform for the most demanding databases and scienti c, technical, and creative
computing tasks.
Access control lists. To provide greater le sharing exibility in mixed-platform work-
ows, Apple has added support for access control lists (ACLs). With le system ACLs,
any le object can be assigned multiple users and groups, including groups within
groups. Each le object can also be assigned both allow and deny permissions, as
well as a granular set of permissions for administrative control, read, write, and delete
operations. For added security, Mac OS X Server v10.4 supports a le permission
inheritance model, ensuring that user permissions are inherited when les are moved
to the server and rewritten when les are copied to the server.
5
Software Update Server. Now you can decide whether the users in your organization
are noti ed of new Apple software updates. This gives administrators control over
which updates and patches users install. By hosting your own Apple software update
proxy/cache server, you will also save on network costs. Instead of each client computer having to download an update from Apple, all your clients can obtain updates
from a single copy cached on your software update server.
iChat Server. Mac OS X Server v10.4 includes a new iChat Server for secure instant
messaging—designed for organizations that need to keep internal communication
private. Your organization can de ne its own namespace and use SSL encryption to
ensure privacy. iChat Server works with Apple’s popular iChat conferencing in Mac
OS X client software, and it is compatible with open source Jabber clients available
for Windows and Linux systems and popular PDAs.
Weblog Server. With the emergence of weblogs, organizations now have a quick
and easy way to share information. Weblog Server, included in Mac OS X Server v10.4,
makes it simple to publish and syndicate these online journals. The prede ned blog
themes and calendar navigation provide an intuitive interface for managing blogs.
Individual users and groups can publish and access weblogs using only their normal
browsers; no additional tools or technical expertise is required. That simplicity makes
Weblog Server the perfect collaboration tool.
Technology Overview
Mac OS X Server
Xgrid. Mac OS X Server v10.4 includes Xgrid, the rst distributed computing architec-
ture to be built into a desktop or server operating system. Xgrid makes it easy to
turn an ad hoc group of Mac systems into a low-cost supercomputer by streamlining
the process of assembling nodes, submitting jobs, and retrieving results. Scientists,
animators, and digital content creators now have the opportunity to easily run a
single job across multiple computers at once, dramatically improving performance
and responsiveness.
Ethernet link aggregation and network interface failover. Also known as IEEE
802.3ad, link aggregation allows you to con gure multiple network interfaces to
appear as a single interface, which can increase throughput and availability. First, link
aggregation multiplies the potential I/O performance by the number of interfaces.
For example, two 1-gigabit interfaces bonded together can provide up to 2 gigabits
of aggregate network bandwidth, and four 1-gigabit interfaces can provide up to
4 gigabits. Second, link aggregation eliminates a potential single point of failure. If
one interface fails, the remaining interface maintains the network connection.
Gateway Setup Assistant. The new Gateway Setup Assistant helps you quickly and
easily set up Mac OS X Server v10.4 to share a single Internet connection across a
local network. The assistant eliminates the complexity of setting up network services
by automating the process. All you have to do is make a few con guration choices
when prompted.
6
Adaptive junk mail ltering and virus detection. To protect your organization from
unwanted mail and destructive viruses, Mac OS X Server v10.4 integrates two popular
open source projects: SpamAssassin for adaptive junk mail ltering, and ClamAV for
virus detection and quarantine.
Technology Overview
Mac OS X Server
Operating System
Fundamentals
Mac OS X Server has an open source, UNIX-based foundation that provides a stable,
high-performance platform for deploying business-critical enterprise applications,
services, and technologies. The core operating system at the heart of Mac OS X Server
is known as Darwin.
UNIX-Based Foundation
7
Darwin provides Mac OS X Server with the stability, performance, and compatibility
associated with UNIX. It’s built around the Mach 3.0 microkernel, which is based on
the OSF/mk project from the Open Software Foundation. The Mach kernel in Darwin
provides services for memory management, thread control, hardware abstraction,
and interprocess communication. It also brings advanced features critical to the
operation of a server, including ne-grained multithreading, symmetric multiprocess-
ing (SMP), protected memory, a uni ed bu! er cache, 64-bit kernel services, and
system noti cations.
Darwin also includes the latest technological advances from the open source BSD
community. Originally developed at the University of California, Berkeley, BSD is the
foundation of most UNIX implementations today. Darwin is based in large part on
FreeBSD and includes the latest innovations from that development community.
64-Bit Computing
64-bit computing is the next big step in providing greater computing power to solve
even the most challenging tasks. It gives scientists, engineers, and other power users
the tools to address problems that are billions of times larger than the ones that can
be solved with 32-bit systems.
Mac OS X Server v10.4 brings the power of 64-bit computing to mainstream servers.
Its 64-bit addressing o! ers access to massive amounts of memory, transcending the
4GB memory limitation of 32-bit systems. And its 64-bit optimized math libraries
provide high-performance, extremely accurate mathematical calculations. These capabilities make Mac OS X Server the ideal platform for the most demanding databases
and scienti c, technical, and creative computing tasks.
Technology Overview
Mac OS X Server
Advanced BSD Networking Architecture
Mac OS X Server incorporates industry-standard protocols and the latest in security
standards to increase the performance and security of server deployments. Using
the time-tested BSD sockets and TCP/IP stack, this advanced networking architecture
ensures compatibility and integration with IP-based networks.
The networking architecture in Mac OS X Server v10.4 includes advanced features
critical to high-performance server operation and deployments. These include:
• Multilink multihoming for hosting multiple IP addresses on one or more network
interfaces
• IPv6 to support the next generation of Internet addressing
• IPSec for general-purpose protection of IP communications
• IP over FireWire for ad hoc network deployments and system administration
• Ethernet link aggregation and network interface failover (IEEE 802.3ad) for higher
aggregated throughput and increased server availability
• Virtual local area network (VLAN) tags that let you treat speci ed systems on di! erent
physical LANs as though they were all on the same LAN
8
Integration with directory services
Workgroup Manager works with Open
Directory or any other LDAP solution to
access and store user, group, and computer
information. Based on open standards,
Apple’s Open Directory architecture features
built-in directory access modules that simplify
integration with third-party directory services,
including IBM Directory Server, Microsoft
Active Directory, Novell eDirectory, OpenLDAP,
Sun ONE, NIS, and NetInfo.
• 802.1X network authentication for improved access security
• Ethernet jumbo frames to increase network e" ciency and throughput
Robust Security
Mac OS X Server is built on a robust UNIX foundation that contains many security
features in its core architecture. State-of-the-art, standards-based technologies protect
your server, network, and data. These technologies include a built-in rewall with
stateful packet analysis, strong encryption and authentication services, data security
architectures, and support for access control lists (ACLs). Simple interfaces and con g-
uration tools allow you to con gure systems easily and securely. In fact, when you take
an Apple server out of the box, it’s already con gured with secure settings—no security
expertise is required.
Directory Integration
By using open standards and publishing the schema extensions speci c to the Mac,
Apple has made it easy to integrate Mac OS X and Mac OS X Server systems into
virtually any directory-based network, including ones that use Open Directory,
Microsoft’s Active Directory, or open standard LDAP-based solutions.
Open Directory, Apple’s standards-based directory and network authentication services
architecture, is a robust, scalable directory server that’s perfect for organizations that
haven’t yet deployed centralized directory services—as well as for businesses and
institutions migrating from expensive proprietary solutions. Based on the LDAPv3
standard, the Open Directory architecture allows Mac OS X systems to use any LDAP
directory, leveraging the directory services in existing network infrastructures.
1
The Open Directory architecture comes with directory access modules for various
popular directory services solutions. It adheres to the RFC 2307 schema and also allows
for customized schema mappings. So attributes in an LDAP-based directory can be
mapped to settings on the Mac, eliminating the need to con gure each client system.
Apple has published these extensions as part of a comprehensive open source project
that includes all interoperability components.
Technology Overview
Mac OS X Server
High Availability
Computer problems such as unplanned shutdowns can severely impair an
organization’s operations. High availability of your computing resources is essential
to guarantee service levels, comply with industry regulations, and provide access to
business-critical information. Apple has built into Mac OS X Server powerful highavailability features that maximize server uptime and reduce the risks of shutdowns.
These features include:
• Watchdog processes that continuously monitor activity and recover services in the
event of an application, system, or power failure
• IP failover to further increase service availability in the event of a failure on one server
• File system journaling to dramatically expedite le system repairs on system restarts
• Software RAID with disk mirroring to eliminate drive failures bringing down a server
• Disk space monitoring to access available drive space and, if necessary, proactively free
up space by deleting or backing up noncritical logs and utilities
9
Technology Overview
Mac OS X Server
Integrated Management
Tools
Mac OS X Server comes with industry-leading management tools that simplify the
con guration and deployment of network services for Mac, Windows, and Linux
clients. Everything required to deliver powerful network solutions within a department, across an enterprise, or over the Internet is built in and ready to use. With the
unlimited-client edition of Mac OS X Server, your organization can add clients as
your needs grow—without draining the IT budget.
10
Server Admin displays service activity in
real time, as well as graphs of network tra" c,
throughput, and performance history.
Managing Services with Server Admin
1
2
2
Server Admin
Server Admin provides a graphical user interface that makes it easy to set up,
manage, and monitor services from any Internet-connected Mac OS X system.
Mac OS X Server also supports SSH for secure remote administration from the
command line, as well as the open standard SNMPv3 protocol for integration
with third-party monitoring and management software.
1
Encrypted, authenticated access.
3
5
4
Use Server Admin to securely access
servers from any Internet-connected
Mac OS X system. Manage and
monitor multiple servers from a
single interface.
List of services. Select a service to
2
manage settings and monitor activity.
Indicator lights display at-a-glance
information about the status of
individual services.
Activation button. Turn services on
3
or o! with a single click.
Admin tools. Choose from a selection
4
of logs and graphs to view real-time
and historical information. Or choose
Settings for detailed con guration
and management options.
Functions. Con gure services and
5
change settings using contextsensitive functions.
2
Use Workgroup Manager to:
• De ne accounts for users, groups, and
computers
• Control access to hardware, software,
and network resources
• Set up network-based group folders
and printers
• Create customized settings for individual
users and groups
Technology Overview
Mac OS X Server
Workgroup Manager
Mac OS X Server features the innovative Workgroup Manager application for de ning
and managing directory information. This powerful tool makes it easy for administrators to set up user accounts, de ne group relationships, and manage computing
resources in a directory-based network environment. Workgroup Manager scales from
managing local accounts on a single server to managing an entire organization using
an enterprise directory server.
By taking full advantage of the robust manageability features built into the Mac OS X
client operating system, Workgroup Manager provides greater control over organizational resources. At the same time, it optimizes the user’s computing experience
with consistent settings, network-based home directories, and easy access to network
resources, such as printers and group folders.
De ning users, groups, and computers
Workgroup Manager features an intuitive interface for directory-based management
of user, group, and computer account information. Administrators can control
passwords, print quotas, email quotas, and group membership, as well as set up
share points, for Mac, Windows, and Linux clients—all from a single interface. The
information de ned in Workgroup Manager can be stored on the local server or
in a central LDAP directory server.
11
Managing Users, Groups, and Computers with Workgroup Manager
1 2
4
5
3
1
Share points. Designate folders
or volumes to share among Mac,
Windows, and Linux clients on
6
the network.
2
Account settings. Set up user and
group accounts and lists of computers
in the directory.
Preferences. Set preferences and
3
policies for Mac OS X systems on
the network.
Users, groups, and computers.
4
Choose to de ne settings on a
per-user, per-group, or per-computer
basis. Depending on the selection,
Workgroup Manager displays a list
of users, groups, or computers
currently de ned in the directory.
5
List of users. Select a name to set
up accounts or change settings.
Network resources. Manage
6
network resources and settings
for individual users.
Loading...