Apple MAC OS X SERVER 10.3 Getting Started
Mac OS X Server
Getting Started
For Version 10.3 or Later
K
Apple Computer, Inc.
© 2003 Apple Computer, Inc. All rights reserved.
The owner or authorized user of a valid copy of
Mac OS X Server software may reproduce this
publication for the purpose of learning to use such
software. No part of this publication may be reproduced
or transmitted for commercial purposes, such as selling
copies of this publication or for providing paid for
support services.
Every effort has been made to ensure that the
information in this manual is accurate. Apple Computer,
Inc., is not responsible for printing or clerical errors.
The Apple logo is a trademark of Apple Computer, Inc.,
registered in the U.S. and other countries. Use of the
“keyboard” Apple logo (Option-Shift-K) for commercial
purposes without the prior written consent of Apple
may constitute trademark infringement and unfair
competition in violation of federal and state laws.
Apple, the Apple logo, AirPort, AppleScript, AppleShare,
AppleTalk, ColorSync, FireWire, iMac, Keychain, Mac,
Macintosh, Power Mac, Power Macintosh, QuickTime,
Sherlock, WebObjects, and Xserve are trademarks of
Apple Computer, Inc., registered in the U.S. and other
countries. eMac, Extensions Manager, Finder, and iPod
are trademarks of Apple Computer, Inc.
Adobe and PostScript are trademarks of Adobe Systems
Incorporated.
Java and all Java-based trademarks and logos are
trademarks or registered trademarks of Sun
Microsystems, Inc. in the U.S. and other countries.
Netscape Navigator is a trademark of Netscape
Communications Corporation.
RealAudio is a trademark of Progressive Networks, Inc.
UNIX is a registered trademark in the United States and
other countries, licensed exclusively through
X/Open Company, Ltd.
034-2412-A/09-20-03
1
Contents
Preface 9 About This Guide
9
What’s New in Version 10.3
9
Superior Performance and Scalability
10
11
12
13
13
13
13
13
14
Improved Setup, Management, and Monitoring
Enhanced Network and Directory Services
Improved Windows Integration
New Workgroup and Desktop Management Features
What’s Included in This Guide
Part I: Introduction to Mac OS X Server
Part II: Installation and Initial Setup
Glossary
Getting Additional Information
Part I Introduction to Mac OS X Server
Chapter 1 19 Mac OS X Server in Action
20
Enterprise Organizations
21
Higher-Education Facilities
22
K-12 Labs and Classrooms
24
Small and Medium Businesses
25
Computational Clustering
26
Creative Businesses
27
Web Service Providers
Chapter 2 29 Inside Mac OS X Server
29
Core System Services
30
Open Directory
30
31
31
31
32
Using Apple Directories
Using Other Directories
Search Policies
Authentication
Single Signon
3
32
32
32
33
33
33
34
34
34
35
35
36
36
36
37
37
38
38
39
40
40
40
41
41
42
42
42
43
43
44
44
44
45
45
Discovery of Network Services
User Management
User Accounts
Group Accounts
Home Directories
Macintosh User Management
Windows User Management
System Image Services
NetBoot
Network Install
File Services
Sharing
Apple File Service
Windows Services
Network File System (NFS) Service
File Transfer Protocol (FTP)
Print Service
Web Service
Mail Service
Network Services
DHCP
DNS
Firewall
NAT
VPN
IP Failover
Media Streaming and Broadcasting
Application Server Support
Apache Tomcat
JBoss
WebObjects
Integrating Into Existing Environments
High Availability
Server Administration
Chapter 3 47 Server Administration
47
Using the Administration Tools
48
Computers You Can Use to Administer a Server
49
49
50
50
50
4
Setting Up an Administrator Computer
Using a Non-Mac OS X Computer for Administration
Installer
Server Assistant
Directory Access
Contents
51
Workgroup Manager
51
52
55
55
55
58
58
59
59
60
60
60
Opening and Authenticating in Workgroup Manager
Using Workgroup Manager
Server Admin
Opening and Authenticating in Server Admin
Using Server Admin
System Image Management
Server Monitor
Media Streaming Management
Apple Remote Desktop
Command-Line Tools
Macintosh Manager
Working With Version 10.2 Servers From Version 10.3 Servers
Part II Installation and Initial Setup
Chapter 4 63 Installation and Setup Overview
63
Planning
64
Installing Server Software
64
65
66
67
67
69
72
72
Local Installation From the Server Install Discs
Remote Installation From the Server Install Discs
Automating Server Installation With a Disk Image
Initial Server Setup
Setting Up Servers Interactively
Automating Server Setup
Setting Up Services
Keeping Current
Chapter 5 73 Before You Begin
73
Set Up a Planning Team
74
Identify the Servers You’ll Need to Set Up
74
Determine Services to Host on Each Server
75
Define a Migration Strategy
76
Define an Integration Strategy
76
Define Physical Infrastructure Requirements
77
Define Server Setup Infrastructure Requirements
78
Make Sure Required Server Hardware Is Available
78
Determine the Installation and Setup Strategy to Use
78
Collect and Organize Information
Chapter 6 79 Installing Server Software
79
Understanding System Requirements for Installing Mac OS X Server
Contents
5
80
Information You Need
80
81
82
Upgrading From Version 10.1 or 10.2
Preparing Disks for Installing Mac OS X Server
Hardware-Specific Instructions for Installing Mac OS X Server
82 Identifying Remote Servers When Installing Mac OS X Server
82 Installing Server Software Interactively From the Install Discs
82 Using Installer to Install Locally From the Install Discs
83 Using Server Assistant to Install Remotely From the Install Discs
85 Installing Server Software on a Computer With Mac OS X Version 10.3 Preinstalled
85 Automating Server Software Installation With a Disk Image
85 Using the installer Command-Line Tool to Install Server Software
88 Installing Optional Server Software
Chapter 7 89 Initial Server Setup
90 Information You Need
90 Saving Setup Data
93 Specifying Initial Open Directory Usage
96 Using Interactive Server Setup
96 Setting Up a Local Server Interactively
97 Postponing Local Server Setups Following Installation
97 Setting Up a Remote Server Interactively
98 Setting Up Multiple Remote Servers Interactively in a Batch
99 Setting Up Multiple Remote Servers Interactively One at a Time
10 0 Using Automatic Server Setup
101 Setting Up Servers Automatically Using Data Saved in a File
10 3 Setting Up Servers Automatically Using Data Saved in a Directory
10 6 Determining the Status of Setups
10 6 Setting Up Services
10 6 Setting Up Open Directory
10 7 Setting Up User Management
10 7 Setting Up File Services
10 8 Setting Up Print Service
10 8 Setting Up Web Service
10 9 Setting Up Mail Service
10 9 Setting Up Network Services
10 9 Setting Up System Image Services
10 9 Setting Up Media Streaming and Broadcasting
11 0 Setting Up an Application Server
Appendix A 111 Mac OS X Server Worksheet
Appendix B 119 Setup Example
11 9 Mac OS X Server in a Small Business
6
Contents
12 0 How to Set Up the Server
Glossary 12 7
Index 13 7
Contents 7
About This Guide
This guide provides an orientation to the features and
initial setup of Mac OS X Server version 10.3.
The guide will help you prepare your server to start serving your users and your
business needs.
What’s New in Version 10.3
Mac OS X Server version 10.3 builds on the award-winning capabilities of version 10.2
with major enhancements in the following key areas:
• Performance and scalability
• Setup, management, and monitoring
• Network and directory services
• Windows integration
• Workgroup and desktop management
Preface
Superior Performance and Scalability
Performance and scalability enhancements in Mac OS X Server version 10.3 deliver
improved performance for key network services. Specific enhancements include:
• Darwin 7. Mac OS X Server version 10.3 features Darwin 7, the latest version of
Apple’s open-source UNIX- based core operating system. Darwin continues to utilize
and build on the latest enhancements from the open-source community. Based
largely on the highly stable FreeBSD 4.4, Darwin 7 also includes some of the latest
enhancements from FreeBSD 5.
• Enhanced performance. For improved networking and file system performance,
Mac OS X Server version 10.3 now supports asynchronous I/O, up to 16 TB file
systems, and Jumbo Frames for large Ethernet packets. HFS+ with journaling is now
the default file system, and a new case-sensitive option for HFS+ makes it easier to
support legacy UNIX applications on Mac OS X Server.
9
• Optimized for the G5. Mac OS X Server version 10.3 features support for Apple’s G5
systems. In addition to benefiting from the increased performance and faster clock
speed of the ultrafast 64-bit processor, Mac OS X Server enables users to leverage the
advanced capabilities of the G5-based architecture, such as native double-precision
(64-bit) arithmetic and support for more than 4 GB of physical memory.
Improved Setup, Management, and Monitoring
Ease of use and simplicity continue to make Mac OS X Server the easiest way to deploy
and maintain open-source server solutions. Enhancements to version 10.3 include:
• Automatic setup. Automatic setup lets you configure entire racks of servers as easily
as you can set up a single server. This powerful new feature lets you set up
networking and default services from configuration settings stored in a directory
server, on an external FireWire or USB storage device, or even on an iPod. When
starting up for the first time, Mac OS X Server systems automatically check available
hard drives and the directory server for this configuration information. Within
seconds, the server locates the saved setup data and configures itself—automatically.
• New Server Admin application. The remote server administration tools in Mac OS X
Server have been consolidated and enhanced in version 10.3. Server Admin provides
integrated administration of services, now with support for OpenLDAP, DNS, NAT,
VPN, QuickTime Streaming Server, NTP, and SNMP. The new Server Admin
application provides a single-window interface for managing and monitoring all your
network services:
• You can start and stop services with a single button, modify settings, view real-
time logs and activity graphs, monitor disk space, and even check networking and
CPU activity.
• It’s easy to manage multiple servers from a single Server Admin window, and you
can even drag settings from one server to another to replicate service
configurations.
• Improved Network Image Utility. The new Network Image Utility makes it easier to
create, modify and add packages to disk images for NetBoot and Network Install
services. Network Image Utility also provides more administrative options, including
easier system cloning and faster software install using Apple Software Restore.
• New directory Inspector. A new directory Inspector, available from Workgroup
Manager, lets you view and edit raw LDAP data for fine-grained control of directory
records.
• New command-line tools. New command-line tools allow enhanced server
configuration and management from the terminal.
10 Preface About This Guide
Enhanced Network and Directory Services
Network and directory services in Mac OS X Server version 10.3 have been greatly
enhanced to provide more scalability, performance, and enterprise-strength
capabilities:
• Open Directory 2—robust LDAP solution with Kerberos authentication. Mac OS X
Server version 10.3 features Open Directory 2, the latest version of Apple’s standardsbased directory and authentication services architecture. Open Directory enables
Mac OS X Server to provide network-wide directory and authentication services
using LDAP, SASL, and Kerberos. Open Directory 2 brings scalability, availability, and
advanced features to Mac OS X Server version 10.3.
• Single signon. Open Directory 2 now includes MIT’s Kerberos Key Distribution
Center (KDC) service for secure network-based authentication and single signon.
This feature allows users to authenticate once—using a single password—and have
access to all Kerberos-enabled services on the network. Single signon simplifies the
user experience and provides the security of strong authentication.
• New high-performance mail server. Mac OS X Server version 10.3 features an all-
new mail server based on the open-source Postfix SMTP and Cyrus IMAP and POP
servers. Capable of supporting tens of thousands of users, the new mail server
features:
• Support for standard Internet mail protocols, including SMTP, IMAP, and POP
• A high-performance database for indexing of mail stored on the server
• Secure Sockets Layer (SSL) encryption of SMTP, IMAP, and POP for secure,
confidential transport of mail messages between the server and mail clients
• Open architecture for integration with third-party server-side spam and virus
filtering solutions
• Mailman for managing mailing lists.
• High-performance Java application server. Mac OS X Server is now the easiest way
to develop and deploy applications based on Sun's J2EE (Java 2 Enterprise Edition)
standard. It features a built-in JBoss application server for running J2EE applications,
including Enterprise Java Bean (EJB) components. Mac OS X Server version 10.3 also
features new application deployment tools with a graphical user interface, making it
easier to configure existing J2EE applications for hosting on Mac OS X Server.
• QuickTime Streaming Server 5. Mac OS X Server version 10.3 features QuickTime
Streaming Server 5, the next generation of Apple’s industrial-strength, standardsbased streaming server. QTSS setup and monitoring are now integrated into Server
Admin for easier management. Additional new features and enhancements in QTSS 5
include:
• QTSS Publisher—This new tool for managing QuickTime media makes it easy to
upload and download content to the server, create and schedule playlists, hint
movies, and generate reference movies.
• Real-time playlist updates—You can make changes on the fly without disrupting
your viewers.
Preface About This Guide 11
• Support from home directories—Support for streaming movies from users’
network home directories.
• Apache web server deployment and configuration enhancements. Mac OS X
Server version 10.3 features an enhanced user interface for configuring Apache—the
world’s most widely used web server. Part of Server Admin, the new web server
interface makes it easier to set up and manage multiple websites and deploy
advanced configuration options, such as URL redirects, website aliases, and realm
support settings.
• VPN server for secure remote network access. Mac OS X Server version 10.3
includes a new Virtual Private Network (VPN) server for providing individual
computers with secure remote access to your Local Area Network (LAN). VPN
technology enables IP traffic to travel securely over a public TCP/IP network by using
“tunneling” to encrypt all data between the client system and the host network.
Apple’s VPN server offers support for hundreds of VPN clients per server, making it
ideal for small and medium-sized businesses.
Improved Windows Integration
Mac OS X Server is designed to be a comprehensive server solution for heterogeneous
network environments, and version 10.3 expands on this solution with improved
support for Windows clients and Windows proprietary directory server.
• Samba 3. Mac OS X Server version 10.3 now ships with Samba 3. This latest version
of the popular open-source project delivers high-performance, reliable file and print
services to Windows clients using the native SMB/CIFS file sharing protocol. It
supports Unicode for multilingual file and user names with 16-bit characters.
Samba 3 also enables support for Primary Domain Controller (PDC) services, a feature
integrated into Open Directory 2 to provide login and authentication for Windows
users right from the PC’s login window.
• Network home directories for Windows clients. Open Directory 2 provides support
for roaming profiles, the Windows equivalent of network home directories. Mac OS X
Server version 10.3 can now host home and group directories that can be accessed
from both Mac and Windows clients.
• VPN services for Windows. The built-in VPN server in Mac OS X Server version 10.3
supports Windows clients using PPTP or L2TP/IPSec.
• Simpler integration with Active Directory. Mac OS X Server version 10.3 can now
access user, group, and computer records stored in Microsoft’s proprietary directory
server without requiring modifications to the Active Directory schema. It also
supports Microsoft’s Kerberos implementation for accessing authenticated services
hosted on Mac OS X Server.
12 Preface About This Guide
New Workgroup and Desktop Management Features
Mac OS X Server version 10.3 improves your ability to manage Macintosh client
desktops:
• Enhanced image management. You can create a NetBoot or Network Install image
that mimics an existing system. The source of the image can be a volume or a
partition. Other image management enhancements include improved client filtering
and diskless NetBoot for Mac OS X clients.
• Mobile accounts. Workgroup Manager lets you set up mobile accounts. Mobile
accounts let the user of a Mac OS X version 10.3 or later computer work offline, but
continue to log in using the network name and password and experience the same
managed preference settings.
• Enhanced preference management. Workgroup Manager also features new system
controls for lab environments, including Energy Saver settings and management of
automatic logout.
What’s Included in This Guide
This guide is organized into two parts and a glossary.
Part I: Introduction to Mac OS X Server
Read the chapters in this part to familiarize yourself with Mac OS X Server usage
scenarios, services, and administration.
Part II: Installation and Initial Setup
The chapters in this part tell you how to install server software and set up a server for
the first time. Part II includes two appendixes.
Appendix A: Mac OS X Server Worksheet
Use this worksheet to record information you’ll need when you install and set up
Mac OS X Server.
Appendix B: Setup Example
This example illustrates how you might install Mac OS X Server and perform initial
server setup in a small business scenario.
Glossary
Refer to the glossary when you want a brief definition of the terms used in this guide.
Preface About This Guide 13
Getting Additional Information
Mac OS X Server comes with a suite of guides that explain the services and provide
instructions for configuring, managing, and troubleshooting them. Most of these
documents come on the Mac OS X Server Administration Tools disc. All of them are
available in PDF format from www.apple.com/server/documentation/.
This guide Tells you how to
Mac OS X Server Migration To
Version 10.3 or Later
Mac OS X Server User
Management For Version 10.3 or
Later
Mac OS X Server File Services
Administration For Version 10.3
or Later
Mac OS X Server Print Service
Administration For Version 10.3
or Later
Mac OS X Server System Image
Administration For Version 10.3
or Later
Mac OS X Server Mail Service
Administration For Version 10.3
or Later
Mac OS X Server Web
Technologies Administration For
Version 10.3 or Later
Mac OS X Server Network
Services Administration For
Version 10.3 or Later
Mac OS X Server Open Directory
Administration For Version 10.3
or Later
Mac OS X Server QuickTime
Streaming Server Administration
For Version 10.3 or Later
Mac OS X Server Windows
Services Administration For
Version 10.3 or Later
Mac OS X Server Java
Application Server
Administration
Mac OS X Server Command-Line
Administration For Version 10.3
or Later
Reuse data and service settings on Mac OS X Server version 10.3
that are currently being used on earlier versions of the server.
Create and manage user, group, and computer accounts. Set up
managed preferences for Mac OS 9 and Mac OS X clients.
Share selected server volumes or folders among server clients
using these protocols: AFP, NFS, FTP, and SMB.
Host shared printers and manage their associated queues and print
jobs.
Create disk images and set up the server so that other Macintosh
computers can start up from those images over the network. This
guide covers NetBoot and Network Install.
Set up, configure, and administer mail services on the server.
Set up and manage a web server, including WebDAV, WebMail, and
web modules.
Set up, configure, and administer DHCP, DNS, VPN, NTP, IP firewall,
and NAT services on the server.
Manage directory and authentication services.
Set up and manage QuickTime streaming services.
Set up Mac OS X Server to provide services for Windows computer
users.
How to configure and administer a JBoss application server on
Mac OS X Server.
Use commands and configuration files to perform server
administration tasks in a UNIX command shell. Using IP failover is
documented in this guide.
14 Preface About This Guide
For more information, consult these resources:
• Read Me documents contain important updates and special information. Look for
them on the server discs.
• Online help, available from the Help menu in all the server applications, provides
onscreen instructions for administration tasks as well as late breaking news and web
updates.
• Apple support web pages and Knowledge Base provide answers to common
questions and the latest information updates. These are available at
www.info.apple.com/.
Preface About This Guide 15
Part I: Introduction to
Mac OS X Server
The chapters in this part of the guide introduce you to
Mac OS X Server and the applications and tools available
for administering its services.
Chapter 1 Mac OS X Server in Action
Chapter 2 Inside Mac OS X Server
Chapter 3 Server Administration
I
1 Mac OS X Server in Action
1
Mac OS X Server addresses the needs of many
environments.
This chapter offers a brief graphical tour that highlights services and configurations of
special interest in some popular scenarios:
• Enterprise organizations
• Higher-education facilities
• K-12 labs and classrooms
• Small and medium businesses
• Computational clustering
• Creative businesses
• Web service providers
19
Enterprise Organizations
In large organizations, Mac OS X Server helps you support the special needs of
departments and workgroups, but centralize corporate-level services.
The Internet
Active Directory
Web and
QuickTime
streaming
service
Mac OS X
Server
Mac OS X
Server
Mac OS X Server
Windows PDC for
Windows home
directories
Workgroup servers
Back-office servers
Mail
service
Mac OS X Server
Mac OS X
Servers
Open Directory
JBoss
Mac OS X
Server
VPN, DNS, and
DHCP services
Mac OS X Server
Open Directory LDAP
directory replicas
Local print, web,
and file services
AFP home directories
• Open Directory lets you manage directory data centrally, but distribute it
geographically using replication.
• Other enterprise-level services might include Domain Name System (DNS), Dynamic
Host Configuration Protocol (DHCP), Virtual Private Network (VPN), mail, web,
streaming, and JBoss.
• JBoss is an application server that implements the Enterprise Edition (J2EE)
technologies; JBoss runs on Java 1.4.1. The Mac OS X Server implementation includes
easy-to-use administration tools to help you configure and monitor the application
servers. Because of its clustering capabilities, JBoss might be run on several Xserves.
20 Chapter 1 Mac OS X Server in Action
• Mac OS X Server integrates well with existing corporate services, from directory
systems to Simple Network Management Protocol (SNMP) implementations.
• In addition to hosting replicated Open Directory domains for local authentication,
departmental servers can be tailored to support workgroup needs.
If a department uses a lot of Windows computers, you can set up the department’s
Mac OS X Server as a Primary Domain Controller (PDC) so you can host Windows
home directories. You can also provide VPN support, file and printer sharing, and
Active Directory integration for Windows users.
Higher-Education Facilities
Colleges and universities have heterogeneous computer environments, since the
students and the computer systems they use are highly diverse. Mac OS X Server fits
well into such an environment because of its capacity to integrate with a wide variety
of existing services, protocols, and directory infrastructures.
Mac OS X
Server
The Internet
UNIX NFS file server
Web and
mail services
Macintosh clients UNIX clientsWindows clients
Mac OS X Server
Windows NT server
Mac OS X Server
KDC
LDAP server
File, print,
directory,
and network
services
Chapter 1 Mac OS X Server in Action 21
• The wide range of client computers—Macintosh, Windows, UNIX, Linux—demands
flexible file access support. The highly scalable IP-based file services in Mac OS X
Server support file access from anywhere on the network via Apple Filing Protocol
(AFP), Network File System (NFS), File Transfer Protocol (FTP), and Server Message
Block (SMB).
• Mac OS X Server can host home directories for users of all these client computers.
• User and network resource information can be retrieved by Mac OS X Server from
existing directory systems, such as Lightweight Directory Access Protocol (LDAP),
Active Directory, and Network Information Service (NIS) servers.
• Authentication of Mac OS X Server users can also be done using an existing LDAP
system or Kerberos Key Distribution Center (KDC).
• Network Install makes it easy to change software configurations—over the
network—on hundreds of Macintosh client computers as often as you need to. It
automates the setup of lab and faculty computers, facilitates software upgrades, and
quickly refreshes computers to an original, preconfigured state.
• Mac OS X Server offers PostScript-compatible print spooling and job accounting for
print jobs submitted using the Line Printer Remote (LPR) protocol, the industrystandard Transmission Control Protocol (TCP) protocol, and the Windows SMB
protocol.
• Because higher education networks are complex, network services are critically
important. DNS and DHCP can be set up on Mac OS X Server to help client
computers and services find resources on a network. IP filtering can be used to
provide a security firewall around sensitive data.
K-12 Labs and Classrooms
In K-12 educational scenarios, students need access to their own files and need to be
able to turn in assignments electronically or in print. Students also need access to
applications (such as iLife) that facilitate learning but prevented from using noninstructional applications (such as iChat).
22 Chapter 1 Mac OS X Server in Action
Teachers need file services support so they can make lesson plans and teaching
materials available to students online. Teachers also need a way to retrieve and perhaps
update student records and other administrative information that is centralized on a
remote server.
Mac OS X Server
File
service
Print service
Mac OS X clients
• Mac OS X Server’s client management service provides a way to control student
Client management services
Directory server
Mac OS 9 clients
Macintosh computer work environments.
For example, you can control which applications students can access. You can also
define application preferences, desktop patterns, and other desktop settings so that
students experience the same environment on different computers.
• Many school districts have an LDAP or Active Directory server set up as a master
directory server for all schools in the district. Mac OS X Server can use these existing
centralized repositories for accessing student and teacher information, but host other
services, such as file and printer sharing, on the server in a lab or classroom.
• For students who use portable Macintosh computers such as iBooks, mobile
accounts let students work on assignments at home in an environment that mimics
the look and feel and file access of the classroom environment. Preferences are
cached on the portable computer, so they are available for offline use.
• Mac OS X Server’s print service lets teachers manage student usage of classroom
printers, including non-PostScript (inkjet) printers.
Chapter 1 Mac OS X Server in Action 23
Small and Medium Businesses
Small businesses (fewer than 100 employees) and medium businesses (about 100 to
500 employees) benefit from cross-platform file and printer sharing, network services,
mail, web, and database applications.
The directory and network services in the following picture reside on one Mac OS X
Server, while a second server hosts mail, web, and other employee productivity
services. In small businesses, all services might reside on a single server.
Authoritative
DNS server
VPN
Mac OS X
client
Open Directory,
VPN, NAT, and IP
firewall services
Mail, web,
file, print, and
application services
Windows clients Mac OS X clients
DNS, DHCP,
Mac OS X server
Mac OS X Server
Firewall
DSL/cable
The Internet
• The firewall between Mac OS X Server and the Internet protects the company
intranet from access by unauthorized users.
• An authoritative DNS server hosted by another company provides domain name
(example.com) resolution, while DNS services on Mac OS X Server provide names for
the intranet devices (such as printers and client computers) that have static IP
addresses.
• DHCP services provide dynamic IP addresses to some of the Macintosh and Windows
clients.
• VPN service lets employees access the intranet to use mail, file, and other services
when they are away from the office. Like all the other services shown, VPN supports
both Macintosh and Windows clients.
24 Chapter 1 Mac OS X Server in Action
• Network Address Translation (NAT) service lets employees share a single Internet
connection. NAT converts all client IP addresses to one IP address for Internet
communications.
Computational Clustering
Clusters of Xserves offer a high-performance, cost-effective approach to the
computationally intensive processing needed for genetic research, video production,
or other high-bandwidth computing.
Server
administration
Applications
Application databases
and computational engines
NetBoot, Network Install,
directory and file services,
firewall service
• One Xserve in a rack is usually set up as a master computer, called the head node. The
head node runs NetBoot and Network Install and hosts directory services and other
shared facilities for other computers in the rack, which are used for data processing
and numerical computations.
• The head node is also likely to be set up as an AFP and NFS file server and
implement an IP firewall that protects access to the cluster by unauthorized users.
• Scientists, videographers, and other application users work at Mac OS X computers to
remotely configure and monitor applications and databases residing on the Xserves.
• Mac OS X Server offers scientists and researchers familiar UNIX utilities, shells,
scripting languages, and compilers for building specialized software. A full suite of
developer tools comes with Mac OS X Server, including the gcc command-line
compiler and a development tool called Project Builder.
Chapter 1 Mac OS X Server in Action 25
You can write, compile, and debug using C, C++, Objective-C, or Java. Project Builder
can be used to port command-line applications to Mac OS X and Mac OS X Server or
to enhance them with a Mac OS X user interface.
• An administrator computer, such as an iBook running Mac OS X Server administrative
applications, can be used to manage the entire network.
Creative Businesses
Mac OS X Server supports the workflow needs of creative professionals who design and
produce video and audio projects.
Mac OS X Server
Web and
QuickTime
File
services
Print service
WebDAV
services
streaming
services
The Internet
Windows clients Mac OS X clients
• The popular open-source Apache HTTP web server is built into Mac OS X Server.
• Web-based Distributed Authoring and Versioning (or WebDAV) technology,
integrated into Mac OS X Server’s web service, lets you use a web server as an
Internet file server. Users can author and access documents over the web from
Mac OS X computers. You can use WebDAV for collaborative editing and file
management even while a website is running.
• QuickTime streaming service lets you broadcast streaming video to client computers
in real time using an industry-standard streaming protocol.
• AFP lets you transfer large files among workgroup members. On an Xserve, you can
increase the bandwidth of your file-transfer infrastructure by using jumbo frame
Ethernet packets or utilizing both built-in Ethernet interfaces.
26 Chapter 1 Mac OS X Server in Action
Web Service Providers
Mac OS X Server provides the full range of services you need if you host ecommerce
websites or provide other Internet services that require high availability and scalability.
Web, FTP,
and QuickTime
Dedicated mail
and web services
Mac OS X
Servers
The Internet
streaming
services
WebDAV
service
Mac OS X Servers
Mac OS X Server “farm”
JBoss
QuickTime
Broadcaster
Mail
service
Xserve RAID
Mac OS X Server
Mac OS X computer for
server “farm” administration
Mac OS X Server
You can configure Mac OS X Server computers for shared access by multiple users
and companies. The term server farm is sometimes used to describe a collection of
networked web servers that each has access to content on the same site and that
together provide services for a particular group of users; if one server fails, another can
act as its backup. Or you can dedicate servers for exclusive use by companies that don’t
want to host their own services.
• You can host many websites on a single server. You can host each site with its own IP
address (multihoming) or you can configure multiple sites with a single IP address
(virtual hosting).
• Mac OS X Server’s web service lets you set up Secure Sockets Layer (SSL) protection
for secure Internet connections.
• Mac OS X Server has built-in support for Perl, Java Servlets, JavaServer Pages, and
PHP Hypertext Preprocessor (PHP).
Chapter 1 Mac OS X Server in Action 27
• QuickTime Streaming Server lets you broadcast multimedia in real time, including
live QuickTime Broadcaster streams.
• Xserve RAID provides extended storage.
• High availability support includes automatic restart following a service or power
failure and IP failover. IP failover can be configured using IP over FireWire, which lets
you interconnect redundant servers without using up gigabit Ethernet ports.
28 Chapter 1 Mac OS X Server in Action
2 Inside Mac OS X Server
2
Mac OS X Server blends a mature, stable UNIX foundation
with open standards support and Macintosh ease of use.
This chapter introduces the services that Mac OS X Server offers and tells you where to
find more information about them.
Core System Services
Mac OS X Server is built on top of Darwin—the core Mac OS X operating system.
Darwin integrates Mach 3.0 operating-system services based on 4.4 BSD (Berkeley
Software Distribution), high-performance networking facilities, and support for
multiple integrated file systems.
A key factor in the stability of the system is Darwin’s advanced memory protection and
management system. Darwin ensures reliability by providing applications and
processes their own unique address space. The Mach kernel augments standard virtual
memory semantics with the abstraction of memory objects, providing support for
separate simultaneous application environments while presenting users with a
seamless experience.
Ease of use and simplicity are hallmarks of Mac OS X. Mac OS X is visually powerful,
using graphics technologies based on OpenGL, Quartz, and QuickTime. Mac OS X
Server takes advantage of these capabilities by providing administrators with server
management applications that are easy to use, but powerful and secure. Yet
administrators who prefer to work in a command-line environment can do so. A
complete shell environment, including popular UNIX utilities, offers a full palette of
command-line administration techniques.
Read on to learn about the services that Mac OS X Server provides to extend its
Mac OS X core in order to support Macintosh, Windows, UNIX, and Linux clients over a
network. To learn more about server administration tools, see Chapter 3, “Server
Administration,” on page 47.
29
Open Directory
Open Directory is Mac OS X Server’s directory services framework.
Directory services are the means by which a server and its clients (users and services)
locate and retrieve information needed for authentication, network resource discovery,
and other crucial system activities. User and group information is needed to
authenticate users when they log in and to authorize their access to services and files.
Information about network resources is used to make printers and other devices visible
for browsing.
Directory services retrieve this information from directories—repositories of
information about users and computing resources.
Open Directory lets your server retrieve information from:
• Directories on Mac OS X Server computers
• Directories on non-Apple servers
• Configuration files on Mac OS X Server or other servers
Open Directory also supports several protocols for discovering network resources:
• Rendezvous
• Server Message Block (SMB)
• AppleTalk
• Service Location Protocol (SLP)
The Open Directory administration guide provides complete details about how to set
up and use Open Directory. Some highlights of the many features that Open Directory
offers follow.
Using Apple Directories
Mac OS X Server can host LDAP directories and legacy NetInfo domains:
• NetInfo is the legacy Mac OS X directory system. Every Mac OS X computer has a
local NetInfo directory, which stores information visible only to the computer on
which it resides.
While version 10.3 of Mac OS X Server can be configured to support existing NetInfo
directories, Open Directory LDAP, based on OpenLDAP, is the primary way to store
directory information that you want to share with other computers.
• Open Directory LDAP directories are LDAPv3 directories that host shared directory
data—data you want to be used by other computers. Open Directory LDAP
directories are easy to manage, can be replicated for performance and backup, and
support a much higher volume of information than NetInfo directories.
Apple directories offer you read-write control over directory data.
30 Chapter 2 Inside Mac OS X Server
Loading...