569

Appedix A
DHCP Option Numbers
DHCP uses what are referred to as options to extend the functionality. You can learn
more about what the options can do for you in Chapter 6. They’re identified numerically,
and each number corresponds to the services that they provide.
0: Pad
1: Subnet Mask
3: Router
4: Time Server
5: Name Server
6: Domain Name Server
7: Log Server
8: Quotes Server
9: LPR Server
10: Impress Server
11: Resource Location Server
12: Host Name
13: Boot File Size
14: Merit Dump File
15: Domain Name
16: Swap Server
17: Root Path
18: Extensions Path
19: IP Forwarding
20: WAN Source Routing

569
570 APPENDIX A: DHCP Option Numbers

21: Policy Filter

22: Maximum Datagram Reassembly Size
23: Default IP Time-to-Live
24: Path MTU Aging Timeout
25: Path MTU Plateau Table
26: Interface MTU Size
27: All Subnets are Local
28: Broadcast Address
29: Perform Mask Discovery
30: Mask Supplier
31: Perform Router Discovery
32: Router Solicitation Address
33: Static Routing Table
34: Trailer Encapsulation
35: ARP Cache Timeout
36: Ethernet Encapsulation
37: Default TCP TTL
38: TCP Keep-Alive Interval
39: TCP Keep-Alive Garbage
40: Network Information Service Domain
41: Network Information Servers
42: NTP Servers
43: Vendor-Specific Information
44: NetBIOS Over TCP/IP Name Server
45: NetBIOS Over TCP/IP Datagram Distribution Server
46: NetBIOS Over TCP/IP Node Type
47: NetBIOS Over TCP/IP Scope
48: X Window System Font Server
49: X Window System Display Manager
50: Requested IP Address
51: IP Address Lease Time
 APPENDIX A: DHCP Option Numbers 571

52: Option Overload

53: DHCP Message Type
54: Server Identifier
55: Parameter Request List
56: Error Message
57: Maximum DHCP Message Size
58: Renew Time Value
59: Rebinding Time Value
60: Class-Identifier
61: Client-Identifier
62: NetWare Over IP Domain Name
63: NetWare Over IP Information
64: Network Information Service Domain
65: Network Information Service Servers
66: TFTP Server Name
67: Bootfile Name
68: Mobile IP Home Agent
69: Simple Mail Transport Protocol Server
70: Post Office Protocol Server
71: Network News Transport Protocol Server
72: Default World Wide Web Server
73: Default Finger Server
74: Default Internet Relay Chat Server
77: User Class Information
78: SLP Directory Agent
79: SLP Service Scope
80: Rapid Commit
81: Fully Qualified Domain Name
82: Relay Agent Information
83: Internet Storage Name Service
85: NDS Servers
572 APPENDIX A: DHCP Option Numbers

86: NDS Tree Name

87: NDS Context
88: BCMCS Controller Domain Name List
89: BCMCS Controller IPv4 Address List
90: Authentication
91: Client Last Transaction Time
92: Associated IP
93: Client System Architecture Type
94: Client Network Interface Identifier
95: LDAP, Lightweight Directory Access Protocol
97: Client Machine Identifier
98: Open Group User Authentication
100: IEEE 1003.1 TZ String
101 : Reference to the TZ Database
112 : NetInfo Parent Server Address
113 : NetInfo Parent Server Tag
114: URL
116: Autoconfigure
117: Name Service Search
118: Subnet Selection
119: DNS Domain Search List
120: SIP Servers DHCP Option
121: Classless Static Route Option
123: GeoConfiguration
124: Vendor-Identifying Vendor Class
125: Vendor-Identifying Vendor Specific
128: TFPT Server IP Address
129: Call Server IP Address
130: Discrimination String
131: Remote Statistics Server IP Address
132: 802.1P VLAN ID
 APPENDIX A: DHCP Option Numbers 573

133: 802.1Q L2 Priority

134: Diffserv Code Point
135: HTTP Proxy for Phone-Specific Applications
136: PANA Authentication Agent
139: IPv4 MoS
140: IPv4 Fully Qualified Domain Name MoS
150: TFTP Server Address
176: IP Telephone
220: Subnet Allocation
221: Virtual Subnet Selection
252: Proxy Autodiscovery
254: Private Use
255: End
 575

Appendix B
Taking It to the Next Level
We hope that by the time you finish this book you’re a first-class Mac OS X Server
administrator. But it would be naïve of us to think that you won’t need to know anything
else. If you want to take your skills with Mac OS X Server to the next level, you’ll be able
to find a lot of resources that you can look to for assistance. Perhaps the most important
resource is Apple. Apple has posted the documentation for Snow Leopard Server at
http://www.apple.com/server/macosx/resources/documentation.html.

Books
The Apress enterprise Mac bookshelf begins with this book, but it also includes the
following books:

Enterprise Mac Administrators Guide

Foundations of Mac OS X Snow Leopard Security

iPhone for Work: Increasing Productivity for Busy Professionals

Courses
Apple courses are a more costly option than reading books, but many prefer instructor-
led training to the self-paced style of learning of books. The official Apple courseware is
designed for, and specific to, Mac OS X Server and Mac OS X–based technologies. You
can find out more about Apple training options at http://training.apple.com.
These courses are developed in partnership with Peachpit Press. For those who do not
have the resources to attend the courses, there are the Apple Authorized training guides:

Apple Training Series: Mac OS X Support Essentials v10.6: A Guide to
Supporting and Troubleshooting Mac OS X v10.6 Snow Leopard

Apple Training Series: Mac OS X Server Essentials v10.6: A Guide to
Using and Supporting Mac OS X Server v10.6

575
576 APPENDIX B: Taking It to the Next Level

Apple Training Series: Mac OS X Directory Services v10.6: A Guide to

Configuring Directory Services on Mac OS X and Mac OS X Server
v10.6

Apple Training Series: Mac OS X Security and Mobility v10.6

Apple Training Series: Mac OS X Deployment v10.6: A Guide to
Deploying and Maintaining Mac OS X and Mac OS X Software

Mailing Lists
Mailing lists are another way of finding answers to technical questions that you
encounter in your journey to becoming part of the Mac OS X Server elite. These include
the following:

MacEnterprise, found at http://macenterprise.org

Apple lists, found at http://lists.apple.com

Web Sites
Finally, a number of web sites are dedicated to Mac OS X Server and Mac-centric
networking issues. These include the following:

http://afp548.com

http://macenterprise.org

http://krypted.com

http://bynkii.com

http://318.com/techjournal
 577

Index
■ Numerics access.log file
Address Book service, 274
250 message, connectivity of mail services, finding iCal log files, 300
334–335 account attributes, Workgroup Manager,
354 message, connectivity of mail services, 140
334 Account creation options, Workgroup
Manager, 139

■A
Account Creation tab, Mobility managed
preferences, 137–139
A record, DNS, 189 Account Expiry tab, Mobility managed
AAAA record, DNS, 189 preferences, 140
ABSPlugin.vcf file, 260 Account Information screen, connecting to
Accept Incoming Broadcasts option, Address Book server, 267–268
QuickTime Streaming, 459 Account Name field, iChat, 313
access control Account window, System Preferences, 143
firewall controlling access to server, accounting port, specifying UDP port for
162–171 RADIUS, 224
Guest Access, AFP settings, 60 accounts
limiting access to VPN and RADIUS, Add an Account screen, 290, 291
225 creating account, Server
Mobile Access service, 348, 349 Preferences, 117, 118
QuickTime Streaming Server, 464 creating administrator account, 20–
securing Open Directory, 109, 113 22
service access controls, Server creating mail accounts, 330
Preferences, 120 creating users and groups, Server
wikis, 386, 387 Preferences, 116
access control entity. See ACE directory administrator account, 33
access control lists. See ACL disabling inactive accounts, 112
Access icon, Server Admin, 271 logging into iCal via web portal, 295
access logs, configuring site-specific Manage Account Access screen,
options, 374 adding iCal delegates, 294, 295
access settings, AFP (Apple Filing Protocol), tiered administration of, 113
59–61 Accounts System Preference Pane, trusted
Access tab binding, 143
AFP (Apple Filing Protocol) settings, Accounts window
59–61, 475 connecting to Address Book server,
Server Admin: Server window, 53–55 266, 267
Settings pane creating iCal accounts, 289, 290, 292
QuickTime Streaming, 457, 458, 460 delegation, 293, 294
Server Admin: SMB window, 481 Push Notification services, 292
SMB settings, 87

577
578 Index

Refresh calendars drop-down list, Address field, Server Preferences, 118

292 address groups, defining firewall controlling
server settings, 292, 293 access to server, 163–165
Delegation tab, creating iCal addresses, loopback, 74
accounts, 293, 294 Administration capabilities field, Workgroup
Server Settings tab, creating iCal Manager, 124, 125
accounts, 292, 293 administration resources, Mac OS X Server,
ACE (access control entity), 66 575, 576
Full Control ACE, 501 Administration tab, managing printing with
predefined ACE options, 501 CUPS, 529, 530
Read/Write options, 501 administrator account, creating, 20–22
setting, 501 Administrator Email setting, configuring site-
ACLs (access control lists), 53, 501– specific options, 372
503 administrator, Mailman, 331
adding ACL entry, 68 administrators
creating Open Directory replica, 108 creating limited administrator user,
custom ACL sheet, 502 125, 126
Effective Permissions Inspector, 70, tiered administration, 113
502, 503 Advanced tab
file permissions, 500 Settings pane
Propagate Permissions option, 70 FTP (File Transfer Protocol), 96
Share Point permissions and ACLs, 65– Server Admin: SMB window, 481
71 SMB (Server Message Block), 89
Active Directory, 101, 480 Workgroup Manager, creating users,
Add an Account screen, creating iCal 125, 126
accounts, 290, 291 AFP (Apple Filing Protocol), 55–84,
Add Database option, Sequel Pro, 405 474–479. See also Server Admin:
Add Printer dialog box AFP window
deploying printers, 523, 527 access settings, 59–61
IPP configuration, 509, 510 accessing Share Points, 493
JetDirect configuration, 511, 512 Authentication drop-down, 59
LPD configuration, 510, 511 automount and Spotlight enabled, 64
USB/Bonjour printing, 508 building fileserver, 29
Add Xyz actions, Automator, 256 choosing protocol to access
Address Book, 259–276 automounts, 136
alternatives to Address Book server, configuring AFP, 475–478
275, 276 connecting to AFP from Mac OS X,
backing up, 272, 273 478–479
configuring Address Book proxy, Connections tab, 56
343, 344 Directory drop-down, 74
configuring Address Book service, enabling, 473
260–266 file sharing, 473
with command line, 273–275 general settings, 58, 59
with Server Admin, 262–266 Graphs button, 56, 57
with Server Preferences, 260–262 idle users settings, 62, 63
connecting to server, 266–269 logging, 56, 60, 61
controlling access, 271, 272 Logs button, 56
enabling proxy for, 342 Overview button, 56
service setup and configuration, 260 Protocol drop-down, 74
storing address books, 259 protocol settings, Share Points tab, 75
using client, 269–271 service, SACL for, 54
 Index 579

Settings button, 58 Allow user to modify printer list option,

share points settings, 63, 64 Workgroup Manager, 525
Share Points window, 75 Analyze Table option, 412
shutting down AFP via Stop button, annotate verb, pcastaction command, 450
58 Announced UDP option, QuickTime
using AFP or NFS, 74 Streaming, 461
Airport anonymous access, FTP, 93–95
setting up Apple AirPort, 222 anonymous connections, untrusted binding
TCP/IP settings for network interface, with Directory Utility, 143
184 anonymous FTP access, security with, 485
wide-area Bonjour browsing, DNS, 197 anonymous users, FTP, 97
Alert log level, setting up print service, 514 Any Method authentication, FTP, 93
aliases Any security level, NFS, 83
collaboration alias, 378 Apache web server, 357–395
creating, 378 clustering, 358
creating alias for account, 329 global configuration options, 365–
creating mail accounts, 330 371
description, 378 initial considerations, 357
managing aliases, 379 managing Apache modules, 366, 367
providing access to directories memory requirement, 357
outside web sites, 378, 379 MIME types, 367, 368
security, 378 pre-configuration, 358
Aliases tab, Sites pane, 378, 379 proxy services, 368–371
aliasIP key, 160 setting up web services with Server
aliasPortRange key, 160 Admin, 363–365
All to Nobody option, privilege mapping, 82 setting up with Server Preferences, 360–
Allow All Overrides setting, configuring site- 363
specific options, 374 Apple AirPort. See AirPort
Allow all users and groups option, Apple Authorized training guides, 575
controlling access to Address Apple courses, learning resources, 575
Book, 272 Apple Filing Protocol. See AFP
Allow federation with all domains option, Apple mailing lists, learning resources, 576
iChat, 308 Apple Remote Desktop (ARD)
Allow federation with the following domains configuring Software Update for
option, iChat, 308, 311 clients, 561
Allow Guest Access, 87 NetBooting client systems, 257
Allow Guest Access, SMB, 87 preparing master system for imaging,
Allow guest viewer option, QuickTime 238
Streaming, 459 Apple Software Restore. See asr
Allow network connections option, setting approval verb, pcastaction command, 451
up MySQL, 399 Archive icon, Server Admin toolbar, 114
Allow only clients listed below option, archive verb, pcastaction command, 451
configuring NetBoot service, 245 archives
Allow only users and groups below option, Install Open Directory Auto Archive
controlling access to Address window, 115
Book, 272 managing information life cycle, 537
Allow printers that connect directly to offline storage, 534
userCCCs computer option, asr (Apple Software Restore)
Workgroup Manager, 525 authenticating for starting asr stream,
Allow user to administer this server option, 252
Server Preferences, 117
580 Index

configuring asr for multicast imaging, authentication service (AS), Kerberos

250–253 authentication, 103
creating image for asr, 248–250 Authentication setting, QuickTime
imaging client over asr, 253, 254 Streaming, 459
using, 247 authentication settings, enabling iCal with
asr command Server Admin, 282
configuring asr for multicast imaging, authentication, SMB settings, 87
250 Authentication tab
imaging client over asr, 253 Settings pane
asr-based restores, 8 Server Admin: Address Book
ASRSetup tool, configuring asr for multicast window, 264, 265
imaging, 250 Server Admin: iCal window, 282
Attachment Size option, enabling iCal with AuthGroupFile, password protecting
Server Admin, 281 QuickTime Streaming Server, 464
Attachment Size setting, configuring wikis, authorization
381 authentication compared, 60
attachments, iCal, 298 Kerberos, 103
Atto Xtend SAN, 554 AuthUserFile, password protecting
attributes QuickTime Streaming Server, 464
inspecting records, Workgroup AutoBuddy options, iChat, 310
Manager, 140 automated installation, Automator action
LDAP, 102 enabling, 256
audio, configuring camera and audio Automatic Private IP Addressing (APIPA)
settings, 442, 443 address, 174
authenticated binding, securing Open Automatically Configure My Mac button, 121
Directory, 110 Automatically enable copied updates
authenticated users, FTP, 97 setting, configuring Software
authentication Update service, 558
adding server to Server Admin, 47 automations, 254–257, 450
AFP settings, 59 Automator actions, 256, 257
authenticating through the Web, 446 Automator Library pane, System Image
authorization compared, 60 Utility, 255
automounts, 73 Automator tool, 228
camera sharing, 445 automounts, 73–75
configuring AFP, 475 automating client connections with,
digest authentication, 459 134–140
FTP settings, 93–95 automount settings sheet, 73
IPSec authentication, 208, 209 choosing kind of automount, 74
Kerberos, 103 choosing protocol to access, 136
L2TP servers, 209 configuring, 135
NFS share point options, 498 creating, 136
Podcast Producer, 451 description, 135
PPP authentication, PPTP servers, Enable Automount check box, 72
206 Enable Automount option, Share
VPN settings, 214 Points, 493–496
wiki site, 383, 384 leveraging automount as home
Wikis service, 354 folder, 137
Authentication drop-down, AFP settings, 59 publishing into directory domain, 135
Authentication option, iChat, 307 telling clients to use, 136
Authentication Scheme setting, QuickTime availability, Information life cycle
Streaming, 459 management (ILM ), 533
 Index 581

Available Printers list, Workgroup Manager, binding with Directory Utility, 143–
525 147
Available Servers, adding server to Server implementing trusted binding
Admin, 47, 48 Accounts System Preference Pane,
143
Directory Utility, 145–147
■B implementing untrusted binding,
Directory Utility, 143–145
backup applications, 538–554
Retrospect, 538, 544–554 using Kerberos realm, 147
Time Machine, 538, 539–544 binding policies, securing Open Directory,
Backup Assistant, Retrospect 110
Schedule button/tab, 550, 551 binding with Directory Utility, 143–
Select Media Sets screen, 549 147
Select Sources screen, 546, 547 trusted binding, 145–147
Summary screen, 550 untrusted binding, 143–145
Backup Domain Controller (BDC) setting, 86 blacklisting
Backup Domain Controller (BDC) setting, command line configuration, 354
SMB, 86, 480 real-time blacklist server, 325
Backup Domain Controller setting, 86, 480 recovering from, mail services, 335,
backup planning worksheet, 539 336
backups setting up mail services, 320
Address Book, 272, 273 Blog field, Server Preferences, 118
backing up Open Directory, 114, 115 blogs
configuring backups with Retrospect, accessing blog page, 393
546–551 accessing content, 393–395
Copy backups option, Retrospect, configuring web services, 361
553 creating, 390, 391
grooming policy, Retrospect, 551– creating entries for, 391
553 description, 379
managing information life cycle, 537 editting entries, 392
MySQL, 413, 414 enabling, 380
offline storage, 534 Spotlight, 395
Time Machine, 24 using, 389–393
bak file Bonjour
configuring secondary zones, 198 naming records, 197
description, 315 setting up wide-area Bonjour, DNS,
bandwidth considerations 194–197
Limit user bandwidth for updates to wide-area Bonjour browsing, 194
setting Bonjour button/screen, Server Admin: DNS
configuring Software Update service, window, 194, 195
559 Bonjour printing, 508
streaming codec speeds, 455 book, how this book is organized, 3–6
streaming video, 454–456 books, Mac OS X resources, 575
banner message, FTP, 94 boot volume
Basic tab, Workgroup Manager partitioning, 15
creating computer groups, 130, 131 separation of data storage and, 12
creating groups, 129 booting
creating users, 123, 124 booting from system image, 231
bind option, podcast command, 448 creating bootable disk image from
binding clients into Open Directory, CD/DVD, 228
142–147 NetBoot service, 228
582 Index

bootpd.plist file configuring SSL certificate for web

DHCP options, 186, 187 sites, 376
enabling DHCP relay, 187 Keychain Access tool, 355
broadcasting, QuickTime Broadcaster setting up RADIUS service, 220
application, 468, 469 SSL certificate option, iChat, 307
browsing CGI Execution setting, configuring site-
accessing video through browser, specific options, 374
467, 468 changeip command
wide-area Bonjour browsing, 194 DNS configuration, 27, 277
buddy lists, iChat, 310 setting up Open Directory master, 107
bundle, description, 435 character set, SMB, 90
characteristic method, data classification,
536
■C chat. See iChat
Check Now button, Software Update pane,
CalDAV
clustering CalDAV, iCal server, 284, 563
285 Check Table option, 412
creating iCal accounts, 293 checkhostname option, changeip command,
description, 277 107, 277
setting up iCal clients for Windows, 296 Checksum Table option, 413
calendar file, backing up calendars, 284 chmod command, 300
Calendar store, 284 Choose Databases option, Sequel Pro, 405
calendars. See iCal chronological method, data classification,
cameras 535
authenticating for camera sharing, ChronoSync, 538
445 CIFS for Windows file sharing, 49, 473
configuring camera and audio Cisco, connecting to, 223, 224
settings, 442, 443 client connections, automating with, 134–
remote camera sharing dialog, 444 140
shared cameras in Server Admin, 445 Client Information tab, Server Admin: VPN
sharing camera to Server Admin, 443– window, 207, 208
445 client systems. See also desktop
cancel option, podcast command, 448 administration
CardDAV, Address Book service, 259, 260 booting from system image, 232
carddavd.plist, Address Book service, 274 centralizing management of network
cascading downloaded updates, Software settings on, 173
Update clients, 567 NetBooting client systems, 257
casting video stream, QuickTime not receiving leases, 174
Broadcaster, 468, 469 clients
Catalog files, configuring backups with binding client computer to user, 121
Retrospect, 547 binding into Open Directory, 142–147
catalog, Software Update working with configuring iCal clients, 289–295
repository, 565 configuring Mac OS X client, iChat,
centralization, managing network systems 312–314
on client systems, 173 configuring mail client, 327, 328
certificates. See also SSL certificates connecting, Mobile Access, 350
calling from within proxy settings, connecting to Address Book server,
355 266–269
configuring Address Book, 265 enabling proxy on client, 370
configuring certificates for web sites, iCal clients, 296
376 imaging client over asr, 253, 254
 Index 583

managed client, 132 editing configuration files, DNS, 198,

Samba clients, 483, 484 199
Software Update iCal server, 278–283
cascading downloaded updates, 567 QuickTime Streaming Server, 457–
configuring updates for, 560–562 464
using Address Book client, 269–271 setconfig option, podcast command,
using forward proxy, 369 449
VPN clients, 210–218 Software Update service, 558, 559
cloud-based storage, 538 configuration file, SMB (Server Message
clustering, Apache web server, 358 Block), 482
CNAME record, DNS, 189, 322 Confirm screen, Podcast Producer Setup
code page, configuring SMB, 481 Assistant, 422, 423
Code Page drop-down, SMB, 90 Connect to Server dialog box
collaboration alias, 378 connecting to AFP from Mac OS X,
collaboration services, 379 478
collaborative services, 340 creating users and groups, 35
command line Connected to Directory System role, Open
accessing Software Update, 564, Directory, 105
565, 566, 567 connecting remotely, iChat, 309, 310
configuring Address Book, 260, 273– connection settings
275 configuring Address Book proxy, 344
configuring firewall from, 169, 170 configuring AFP, 476
configuring VPN from, 219 configuring iCal proxy, 344, 345
iChat Server options, 314–316 configuring Mail proxy, 346
Mobile Access service, 354 configuring Web Proxy entries, 347
MySQL, 414, 415 connections
Push Notification service, 354 AFP (Apple Filing Protocol), 56
QuickTime Streaming Server, 471, creating iCal accounts, 291
472 FTP (File Transfer Protocol), 92
Time Machine, 543, 544 Maximum Connections section, AFP,
tuning MySQL, 400–402 60
using for iCal services, 296–300 NFS (Network File System), 98
using Podcast Producer from, 447– SMB (Server Message Block), 85
451 unsecured, 291
Wikis service, 354 VPN clients, 217
command line tools, RADIUS, 224, 225 connectivity
commands, mysqladmin command, 414, mail services, 333–335
415 reviewing DHCP logs, 182
Comment field, Workgroup Manager, 128 testing
Common Unix Printing System. See CUPS pinging IP addresses, 157
Compressor, tuning streams, 456 Traceroute, 158
computer groups, Workgroup Manager, cononical names, CNAME record, 189
130–132 Console tool
computer models, Automator action filtering, configuring AFP, 477
256 writing queries, 409, 410
configuration Contact field, Server Preferences, 118
Address Book service, 260–266 contact information, Server Preferences,
configuring VPN from command line, 118, 119
219 contact repository, Address Book service,
DNS (Domain Name Service), 25–28 259
contacts
584 Index

finding contacts in LDAP, 271 Data compression option, Retrospect, 553

using Address Book client, 270 data management, building SLAs, 536
content data protection, ILM (Information life cycle
accessing, 393–395 management), 533
entering page content, wikis, 388, data rate, configuring asr for multicast
389 imaging, 251
user-generated, 393 data storage area, separation of boot
Copy all updates from Apple setting, volume, 12
Software Update service, 558 data store, Address Book service, 260
Copy backups option, Retrospect, 553 Data Store field, backing up Address Book,
Copy Create Table Syntax option, 412 272
CoreServices, accessing Software Update, Data Store option, 281
564 Data Store setting
cost, ILM (Information life cycle configuring Address Book, 263
management), 533 configuring wikis, 381
courses, Mac OS X resources, 575 data, synchronizing, 538
Cover Sheet option, 516 database. See MySQL
CRAM-MD5, setting up mail services, 324 database administration, 412, 413
Create Printer Pool button, Print & Fax pane, Database location option, 399
517 Database setting, 403
credits, setting up podcast workflows, 430 Date & Time tab, Settings screen, 30
Critical log level, setting up print service, Debug log level, setting up print service, 515
514 Default Index Files setting, 372
CUPS (Common Unix Printing System), Default theme setting, 381
managing printing with, 529, 530 delay option, podcast command, 448
curl command, 450 delegates, adding iCal delegates, 294, 295
custom sites, configuring web services, 361, delegation, description, 293
362 delegation name record, 189
Custom Sites tab, Web screen, 362, 363 Delegation tab, Accounts window, 293, 294
custom workflow window, System Image Delete outdated software updates setting,
Utility, 255 558
Cyberduck, connecting to FTP, 489, 490 demilitarized zone
Cyrus, 318 access controls, Mobile Access, 349
Mobile Access enabling proxies for
services, 342
■D reverse proxy functionality for
collaborative services, 340
daemons
MySQL, 397 Deny only clients listed below option, 245
SMB (Server Message Block), 84 deploying printers, 522–528
Darwin kernel, 51 to groups of users, 524–526
Darwin Streaming Server, 471 to Windows clients, 526–528
data classification desktop administration. See also
characteristic method, 536 client systems
chronological method, 535 activating NetBoot service, 230
hierarchical method, 536 configuring NetBoot service, 242–
ILM (Information life cycle 247
management), 535 creating bootable disk image from
methods, 535, 536 CD/DVD, 228
noncritical data, 535 creating image hosted on server, 228
sensitive data, 535 creating NetBoot image, 231–235
vital data, 535 creating NetInstall image, 236, 237
 Index 585

creating NetRestore image, 238–241 QuickTime Streaming, 459

disk duplication tools, 227 directories
duplicating master image, 228 creating directories, 300
imaging strategy, 229 providing access to directories outside
introduction, 227 web sites, 378, 379
System Image Utility, 231–241 directory administrator account
destinations, setting up podcast workflows, creating Open Directory master, 33
432 creating Open Directory replica, 108
devices option, podcast command, 448 Podcast Producer Setup Assistant,
DHCP (Dynamic Host Control 422
Protocol), 173–188 setting up Open Directory master, 106
creating subnet, 177–184 directory domains
empty DHCP subnets listing, 178 creating users, Workgroup Manager,
enabling DHCP relay, 187, 188 123
enabling DHCP service, 175, 176 publishing automounts into, 135
Gateway Setup Assistant, 153 Directory drop-down, share point settings,
lease offers, 174 74
options, 186, 187 Directory Gateway setting, configuring
reserving IP addresses, 184–186 Address Book, 264
reviewing DHCP logs, 183 directory service objects, managing with
setting DHCP logging level, 176, 177 Workgroup Manager, 116
WINS, 483 directory service solutions, 101
DHCP Option Numbers, 569–573 Directory Services
DHCP pools, 174 binding clients into Open Directory,
creating subnet, 177 142–147
VPN (Virtual Private Networking), 204, components of, 101–104
205 enabling wiki/blog web services, 380
DHCP relay, enabling, 187, 188 managing Open Directory, 109–114
DHCP reservation, 184, 185 Open Directory roles, 105
DHCP subnets warning dialog, 153 preparing for Podcast Producer, 418
DHCP window, Server Admin preparing to set up Open Directory, 104–
Log button/screen, 182 109
Settings button/screen, 176, 177 directory services search policy, 147
Static Maps button/screen, 184 Directory tool, Address Book service, 259
Subnets button/screen, 178 Directory Utility application
DNS tab, 179, 180 binding with, 143–147
General tab, 178 directory services search policy, 148
LDAP tab, 181 trusted binding, 145–147
WINS tab, 181, 182 untrusted binding, 143–145
dialog boxes disable login options, Open Directory, 112
Add Printer dialog box, 508, 509, Disconnect button, AFP Connections pane,
510, 511, 512, 523, 527 57
Connect to Server dialog box, 35 Disconnect if idle for option, 215
DHCP subnets warning dialog, 153 Disconnect when switching user accounts
Movie Settings dialog box, iMovie, option, 215
465 Disconnect when user logs out option, 215
remote camera sharing dialog, 444 disk duplication tools, 227
RTP Track Settings dialog box, iMovie, disk image, Retrospect, 545
466, 467 Disk option, Media Set Type field, 547
digest authentication Disk Utility screen
enabling iCal with Server Admin, 282 creating image for asr, 248–250
586 Index

installing Mac OS X Server 10.6, 13, Domain Master Browser setting, SMB, 90,
14 481
partitioning, 15, 16 Domain Member setting, SMB, 86, 480
DNAME record, DNS, 189 domain name, configuring mail client, 327
DNS (Domain Name Service), 188– Domain Name field, configuring web site,
201 361
adding server to Server Admin, 48 Domain Name Service. See DNS
configuration, 25–28 domains
description, 12 Allow federation with all domains
editing configuration files, 198, 199 option, iChat, 308
enabling DNS, 190 Allow federation with the following
enabling iCal with Server Admin, 282 domains option, iChat, 308
global DNS settings, 191 Backup Domain Controller setting,
Mobile Access design, 341 SMB, 86
OpenDNS web content filtering, 200, creating users, Workgroup Manager,
201 123
pre-configuration, Apache web description, 189
server, 359 directory domains, publishing
preparing for mail server, 319, 320 automounts into, 135
preparing to install iCal server, 277 Host Domains option, iChat, 307
request forwarders, 190 Primary Domain Controller setting,
setting up DNS, 189–191 SMB, 87
setting up Open Directory master, setting up mail services, 322
105 SMB as domain controller for
setting up wide-area Bonjour, 194– Windows, 482, 483
197 VPN on Demand tab, 216
Snow Leopard, 12 DonCCCt add duplicate files to the Media
which DNS servers are in use, 184 Set option, 553
zone transfers, 191 Dovecot, 318, 319
DNS (Domain Name Service), zones. See simultaneous IMAP connections, 325
zones, DNS Snow Leopard server features, 8
DNS CNAME record, 322 downloads log, FTP, 96
DNS name drives, partitioning, 15, 16
configuring mail client, 327 dscl command, 275
configuring web services, 361 Dual Source, setting up podcast workflows,
creating Open Directory master, 33 429
Network Names screen, 23, 24
setting up Open Directory master,
106
using .local, 23
■E
eDirectory, 101
Workgroup Manager Preferences, 141 Effective Permissions Inspector, 70, 502,
DNS records, 189 503
creating, 193 Eject tapes and discs when script is
preparing to set up Open Directory, 104 complete option, 553
DNS recursion, 190, 198 e-mail
DNS tab, Server Admin, 179, 180 mail services, 317–336
DNS window, Server Admin messages flagged falsely as spam, 322–
Bonjour button/screen, 194, 195 324
Zones button/screen, 192, 194, 197, 198 Email Address setting, integrating iCal
Dock Display tab, Workgroup Manager, 133 server with Mail, 287
e-mail invitations, 122
 Index 587

Email Invitations settings screen, 287 PPTP servers, 206

e-mail notifications, preparing for Podcast Ending IP Address field, Server Admin, 179
Producer, 419 Entourage, configuring mail client, 327
Email setting, Administrator, 372 Episode Poster Image, 434
embedding video into web page, 468 Error Document setting, 372
EMC Retrospect 8 directory, 546 Error log level, 514
Emergency log level, 514 error logs, configuring site-specific options,
Enable Access log setting, QuickTime 374
Streaming, 462 Error Notification Address option, 488
Enable as Time Machine backup destination error.log file, 300
check box, Share Points tab, 72–75 etc/bootpd.plist file
Enable Automount check box, Share Points DHCP options, 186, 187
tab, 72 enabling DHCP relay, 187
Enable Automount option, Share Points, etc/dns/options.conf.apple file, 199
493–496 etc/my.cnf file. See my.cnf file
Enable dialog box, Software Update, 559 etc/named.conf file, 199
Enable Email invitations box, 281, 286 etc/resolv.conf file, 184
Enable Error log setting, QuickTime Ethernet, 554
Streaming, 462 configuring NetBoot service, 242
Enable Guest Access setting, 60 multicast imaging, 248
Enable home folder streaming option, Eudora, configuring mail client, 327
QuickTime Streaming, 459, 463 Exchange, Microsoft, 275
Enable L2TP over IPSec check box, 209 Execute permission, POSIX, 65
Enable Load Balancing check box, 209 Export drop-down, NFS share point
Enable MacBinary . setting, FTP, 93 settings, 80
Enable PPTP check box, 206 Export option, Sequel Pro, 413
Enable server-to-server communication export settings, 431
option, iChat, 304 exporting VPN configurations, 219
Enable Spotlight Searching check box, Express or Standard screen, Podcast
Share Points tab, 72–75 Producer Setup Assistant, 421, 422
enable streaming on port 80 option, Extensible Messaging and Presence
QuickTime Streaming, 461 Protocol. See XMPP
Enable streaming on selected addresses external connection settings
only option, QuickTime Streaming, configuring Address Book proxy, 344
459 configuring iCal proxy, 344, 345
Enable this web proxy entry option, 347 configuring Mail proxy, 346
Enable virtual share points, SMB, 91 configuring Web Proxy entries, 347
Enable web-based administration option, External Web Services setting, 381
QuickTime Streaming, 459
Enable WINS server option, SMB, 91
Enable XMPP server-to-server federation
option, iChat, 307, 311
■F
failover, routers, 150
Enabled streaming on selected addresses federating iChat, 311, 312
only option, QuickTime Streaming, federation
459 Allow federation with all domains
encode verb, pcastaction command, 450 option, iChat, 308
encoding database, 405 Allow federation with the following
Encrypt contents with FileVault option, domains option, iChat, 308
Workgroup Manager, 138 connecting remotely, iChat, 310
encryption description, 303
FTP servers, 93
588 Index

Enable server-to-server FileMaker Server, securing Open Directory,

communication option, iChat, 304 112
Enable XMPP server-to-server files
federation option, iChat, 307 setting file permissions, 300
Require secure server-to-server touching files, 300
federation option, iChat, 307 fileserver, building, 29–42
feeds creating Open Directory master, 30,
blogs, 390 31–35
description, 380 creating Share Points, 37–42
wikis, 384, 385, 389 creating users and groups, 35–37
fields, creating in MySQL, 407, 408 FileVault encryption option, Workgroup
file conversion, FTP, 93, 488 Manager, 138
file locking, 77 filter, description, 245
file manipulation, 284 Filter Xyz actions, Automator, 256
File option, Media Set Type field, 547 filters, OpenDNS, 200, 201
file permissions, 499–503 Filters tab, Server Admin: NetBoot window,
ACLs, 500, 501–503 245, 246
POSIX permissions, 500–501 Final Cut Server, 456
File Replication Pro, 538 Find Hardware Address options, 245
file service log, SMB (Server Message Finger server, DHCP options, 187
Block), 84 firewalls
file shares, Server Admin tool, 135 application-layer firewall, 162
file sharing configuring firewall from command
accessing Share Points, 493 line, 169, 170
AFP (Apple Filing Protocol), 55 controlling access to server, 162–171
buttons related to, 51 creating rules, 167, 168
CIFS for Windows file sharing, 49 defining address groups, 163–165
configuring Share Points, 492 defining services, 165–167
FTP (File Transfer Protocol), 92 preventing intrusions, 169
NFS (Network File System), 98 description, 149
selecting protocol, 74 MTU size, network firewall, 467
server-side file tracking, 499 ports, 320
settings common to protocols, 71 preparing for mail server, 320
SMB (Server Message Block), 84 setting global firewall options, 169
Spotlight searching, 75 setting up firewall, 163
File Sharing pane testing firewall, 170, 171
Server Admin: Server window, 38 VPN clients, 210
AFP tab, 75 FireWire drives, 534
configuring FTP, 488 FireWire Target Disk Mode
FTP tab, 77, 78 creating image for asr, 248
NFS tab, 78–84 creating NetBoot image, 232
Permission tab, 39 preparing master system for imaging,
SMB tab, 76, 77 238
file sharing protocols, 473 Flush Table option, 413
AFP (Apple Filing Protocol), 474–479 Folder Listing setting, configuring site-
enabling, 473 specific options, 373
FTP (File Transfer Protocol), 484–491 folders
NFS (Network File System), 491 automounts, 135
SMB (Server Message Block), 479–484 creating folders, 300
file type, disabling, 367 leveraging automount as home
folder, 137
 Index 589

Web Folder setting, 372 Push Notification service, 354

Footer tab, Workgroup Manager, 526 QuickTime Streaming services, 472
forward proxy, 369–370 Software Update service, 566
Forward web traffic to internal servers field, tuning MySQL, 401
Mobile Access window, 346
forwarders
DNS configuration, 27
DNS requests, 190
■G
Gateway Setup Assistant, 151–156
forwarding ports, setting up, 159–161 DHCP subnets warning dialog, 153
FTP (File Transfer Protocol), 91–98, LAN interfaces screen, 154, 155
484–491 VPN Settings screen, 155, 156
accessing Share Points, 493 WAN Interface screen, 154
anonymous access, 93, 95, 485 general settings
anonymous users, 97 AFP (Apple Filing Protocol), 58, 59
authenticated users, 97 Podcast Producer, 425, 426
authentication, 93, 95 General tab, Server Admin, 178
configuring, 488, 489 General tab, Server Admin: Web window,
configuring PASSV, 491 372, 373
connecting to FTP using Cyberduck, General tab, Settings pane
489, 490 AFP settings, 58
connections, 92 FTP (File Transfer Protocol), 92
disconnections, 92 QuickTime Streaming, 457, 458
enabling, 473 Server Admin: Address Book
enabling FTP share point, 488 window, 264
encryption, 93 Server Admin: AFP window, 59
file sharing, 92, 473 Server Admin: iCal window, 281
Log button/screen, 92 Server Admin: NetBoot window
Messages tab, FTP service, 485 configuring NetBoot service, 242,
Overview tab, 92 243
presenting data to users, 486, 487 Server Admin: SMB window
Rule violation attempts, 96 configuring SMB, 479
security with FTP, 485 SMB (Server Message Block), 85
Settings button, 92 getconfig option, podcast command, 449
Advanced tab, 96 getmasterconfig option, slapconfig
General tab, 92 command, 108
Logging tab, 95 global password policies, securing Open
Messages tab, 94 Directory, 110–112
Share Points window, 77 global quotas, configuring print quotas, 521
ftp command, 490 globalSAN, 554, 555
FTP commands log, 96 Google Talk service, 311
FTP protocol settings, Share Points tab, 77, Graphs button, AFP (Apple Filing Protocol),
78 56, 57
FTP Root with Share Points option, 97, 487 Graphs button/screen, Server Admin: Server
FTP root without share points, 97 window, 52
FTP roots, 486, 487 graylisting
Full Control ACE, 501 disabling, 332, 333
fullstatus option, serveradmin messages flagged falsely as spam, 323
command greater-than symbol (YYY) file manipulation,
configuring iCal services, 296 284
configuring iChat, 315 grooming, description, 551
Mobile Access service, 354 grooming scripts, Retrospect, 551–553
590 Index

Group folder, Share Points, 493 Home Folder Only option, FTP, 97, 487
Group ID field, Workgroup Manager, 128 home folder options, Workgroup Manager,
group lists, mail, 331 138
Group permission, POSIX permissions, 500 Home Folder with Share Points option, FTP,
groupblog verb, pcastaction command, 451 97, 487
groups Home tab, Workgroup Manager, 136, 137
creating computer groups, Homes setting, 91, SMB
Workgroup Manager, 130–132 Host Description setting, 372
creating, Server Preferences, 122 Host Domains option, iChat, 307
creating users and groups, 35–37 Host Name authentication setting
creating, Workgroup Manager, 128– configuring Address Book, 265
130 enabling iCal with Server Admin, 282
SACL (service access control list), 53 Host Name setting
user membership of, Server Preferences, configuring Address Book proxy, 344
120, 121 configuring iCal proxy, 344
Groups tab, Workgroup Manager, 127 configuring Mail proxy, 345, 346
Guest Access configuring site-specific options, 372
AFP settings, 60 configuring Web Proxy entries, 347
AFP share points, 65 Host Port setting
configuring AFP, 476 configuring Address Book proxy, 344
SMB settings, 87 configuring iCal proxy, 344
guest account, Workgroup Manager, 131 configuring Mail proxy, 345, 346
GUI iChat Server federation, 9 configuring Web Proxy entries, 347
host security, securing Open Directory, 110
Host setting, MySQL, 403
■H hosting web sites, 358
hosts
Handbrake, tuning streams, 456
hardware description, 2
choosing, 6, 7 DHCP (Dynamic Host Control Protocol),
Mac mini, 6 173–188
Mac Pro, 7 htaccess files, password protecting web
Xserve, 7 sites, 377
Hardware Address options, 245 HTTP (HyperText Transfer Protocol)
Hardware section, default Server Admin configuring NetBoot service, 244
screen, 50 protocols for streaming content, 454
help verb, pcastaction command, 451 HTTPS prefix, configuring SSL certificate for
hierarchical method, data classification, 536 web sites, 377
hint tracks, 463

■I
adding hint track to movies, 465–467
hinting tracks, iMovie, 466
hinting movies, 465–467 iCal, 277–300
home directories configuring iCal proxy, 344, 345
automating client connections with, configuring to work with Push
134–140 Notification, 352, 353
mobile home directories, 134 enabling proxy for, 342
network home directories, 134 troubleshooting tips, 300
QuickTime Streaming Server, 463, 464 iCal clients
home folder, leveraging automount as home configuring iCal clients, 289–295, 296
folder, 137 connecting uncooperative clients,
home folder location option, Workgroup 299
Manager, 139 creating iCal accounts, 289, 290, 292
 Index 591

Add an Account screen, 290 prepopulating buddy lists, 310

adding iCal delegates, 294, 295 setting up iChat Server, 304–310
connection information, 291 command line options, 314–316
delegation, 293, 294 using Server Admin, 305–308
Kerberos/SSL, 291 using Server Preferences, 304, 305
Push Notification services, 292 setting up iChat user accounts, 308,
Refresh calendars drop-down list, 309
292 Snow Leopard, 303
server settings, 292, 293 storing Jabber configuration files, 315,
unsecured connection, 291 316
logging in via web portal, 295 iChat Server, command line options, 314–
setting up for Windows, 296 316
iCal server iChat Server federation, Snow Leopard
alternative clients, 277 server features, 9
backing up calendars, 284 idle users settings, AFP (Apple Filing
checking status, 283 Protocol), 62, 63
clustering CalDAV, 284, 285 Idle Users tab, AFP, 477
configuring, 278–283 Idle Users tab, Server Admin: AFP window,
enabling calendars for users, 288, 62, 63
289 ILM (Information life cycle
installing, 277, 278 management), 533–537
integrating with Mail, 286–288 building SLAs, 536, 537
integrating with Wiki, 285, 286 classifying data, 535
managing, 283–288 data classification, 535, 536
troubleshooting, 299, 300 managing information life cycle, 537
iCal services storage classification, 534, 535
checking iCal server status, 283 iMac, Mac OS X Server 10.6 requirements,
configuring services with 11
serveradmin, 296–298 Image Settings screen
configuring with Server Admin, 280– creating NetBoot image, 232, 233
283 creating NetInstall image, 236, 237
configuring with Server Preferences, creating NetRestore image, 239, 240
278, 279 image source, Automator action defining,
getting iCal service to start, 299 256
proxying, 283 images, Automator action creating, 256
reducing maximum attachment size, Images tab, Server Admin: NetBoot window,
298 243, 244
starting, 283 imaging
using command line for, 296–300 automations, 254–257
iCal wiki interface, 295 booting from system image, 231
iChat, 303–316 choosing image type, 233
configuring Mac OS X client, 312– configuring asr for multicast imaging,
314 250–253
saving iChat transcripts, 313, 314 creating bootable disk image from
setting up clients, 312, 313 CD/DVD, 228
connecting remotely, 309, 310 creating image hosted on server, 228
customizing welcome message, 310 creating NetBoot image, 231–235
enabling iChat service using Server creating NetInstall image, 236, 237
Admin, 306 creating NetRestore image, 238–241
federating iChat, 311, 312 configuring NetRestore image for
Mac OS X Server, 303 deployment, 239–241
592 Index

preparing master system for imaging, NetInstall service, 228

238 printers, 506–512
duplicating master image, 228 QuickTime Streaming Server, 456,
image settings in System Image 457
Utility, 233 Retrospect, 544–546
imaging client over asr, 253, 254 server administration tools, 45
local imaging, 229 Installed Software tab, Software Update
monolithic imaging, 229 pane, 563, 564
multicast imaging, 238, 248 interfaces, configuring network interface,
network imaging, 229 22–24
package-based imaging, 229 internal connection settings
unicast imaging, 247 configuring Address Book proxy, 344
imaging strategy, 229 configuring iCal proxy, 344, 345
IMAP (Internet Message Access configuring Mail proxy, 346
Protocol), 318 configuring Web Proxy entries, 347
configuring mail client, 327 intrusions, preventing, 169
setting up mail services, 322 IP address setting, 372
simultaneous IMAP connections, 325 IP addresses
IMAP Host Name setting, 345 APIPA pool, 174
IMAP Host Port setting, 345 assigning, 173
IMAP Port setting, 345 configuring mail client, 327
IMAP SSL Certificate setting, 345 configuring network interface, 22
iMovie configuring web services, 362
hinting movies, 465 creating subnet, DHCP, 177
hinting tracks, 466 DHCP (Dynamic Host Control
Movie Settings dialog box, 465 Protocol), 173
RTP Track Settings dialog box, 466, 467 DHCP pool, 174
inactivity, Workgroup Manager, 140 DHCP reservation, 184
Incoming IMAP Port setting, 345 DNS (Domain Name Service), 188–
Incoming Mail Server setting, 287 201
Incoming Port setting, 343, 344, 347 DNS recursion, 190
Incoming SMTP Port setting, 345 editing zone files, DNS, 199
index files, configuring site-specific options, lease offers, 174
372 pool of, VPN, 204
index.html file, 382 PPTP servers, 206
Info tab, Workgroup Manager, 127, 128 pre-configuration, Apache web
Info.plist file, 435 server, 358
Information log level, 515 reserving IP addresses, DHCP, 184–
information_schema option, Sequel Pro, 405 186
inheritance, ACLs (access control lists), 66 setting up forwarding ports, 159
InnoDB table, creating, 407 subnets, 12
Inspector tab, Workgroup Manager, 141, testing NAT from client, 157
142 IP Bindings tab, QuickTime Streaming, 457,
Inspector tool, Workgroup Manager, 140, 459, 460, 461
141 ipfw command
Inspector, Workgroup Manager, 143 configuring ipfw from command line,
Install Open Directory Auto Archive window, 169
115 firewall controlling access to server, 162
installation ipfw tool, 162
iCal server, 277, 278 ipfw.conf file
Mac OS X Server 10.6, 13–17
 Index 593

configuring firewall from command binding clients into Open Directory,

line, 169 147
firewall controlling access to server, 162 components of Open Directory, 102
iPhone configuring AFP, 475
learning resources, 575 configuring Mac OS X Client, iChat,
setting up Push Notification for, 350– 312
353 creating Open Directory master, 33
tuning streams, 456 enabling iCal with Server Admin, 282
IPP (Internet Printing Protocol), 509, 510 NFS share point options, 498
IPP protocol, 516 PPP authentication, PPTP servers,
IPSec authentication 206
Enable L2TP over IPSec check box, proxied services, 342
209 security, setting up mail services, 324
L2TP servers, 208, 209 setting up Open Directory master,
iSCSI, 554, 555 106, 107
iTunes, tuning streams, 456 setting up print service, 515
iTunes verb, pcastaction command, 450 trusted binding with Directory Utility, 145
iTunesU verb, pcastaction command, 451 Kerberos v5 for authentication setting,
iWork/iLife issues with Retrospect, 553 Accounts window, 293
Kerberos v5 security levels, NFS, 83
Keychain Access tool
■J certificates, 355
configuring SSL certificate for web
Jabber
Allow federation with all domains sites, 376
option, iChat, 308 importing SSL certificate from Address
configuring iCal services, 298 Book server, 343
configuring Mac OS X Client, iChat, klist command line tool, 147
312, 313

■L
customizing welcome message,
iChat, 310
Enable XMPP server-to-server L2TP servers, 208–210
federation option, iChat, 307 authentication, 209
federating iChat, 311 authentication settings, VPN, 214
Host Domains option, iChat, 307 Enable L2TP over IPSec check box,
iChat service, 303 209
SSL certificate option, iChat, 307 Enable Load Balancing check box,
storing Jabber configuration files, 315, 209
316 IPSec authentication, 208, 209
JavaScript, embedding video into web page, load balancing, 208
468 protocol choice, 204
JetDirect, 511, 512 SSL certificates, 209, 210
JungleDisk, 538 using both PPTP and L2TP, 208
LAN interfaces screen, Gateway Setup
Assistant, 154, 155
■K LAN Manager, authentication settings, 88
landing page
Kerberos, 103
accessing iCal service, 291 configuring web services, 361
authentication, FTP, 93 wikis, 387, 388, 389
Authentication option, iChat, 307 language selection screen, installing Mac
authentication settings, 87, SMB OS X Server 10.6, 13, 14
authentication settings, AFP, 59
594 Index

LDAP (Lightweight Directory Access locking

Protocol), 102 file locking, 77
Address Book service, 260 opportunistic locking, 77
creating new LDAP connection, 144 strict locking, 77
Mac OS X Server 10.6, 259 Log and archive all chats option, iChat, 304
objects and attributes, 102 Log button/screen
viewing and creating LDAP connections, FTP (File Transfer Protocol), 92
145 Server Admin: DHCP window, 182
LDAP contacts, 276 log files, finding iCal log files, 300
Address Book service, 259, 275 Log Level option
finding contacts in LDAP, 271 enabling iCal with Server Admin, 281
LDAP over SSL field, Server Admin, 180 setting up print service, 514
LDAP ports, 109, 180 Log Level setting, SMB, 88, 263
LDAP search base logging
creating Open Directory master, 33 access logs, 374
setting up Open Directory master, 106 AFP settings, 60, 61
LDAP servers error logs, 374
components of Open Directory, 102 FTP settings, 95
untrusted binding with Directory per-site logging, 375
Utility, 143 reviewing DHCP logs, 183
viewing published services in, 143 routers, 150
LDAP tab, Server Admin, 181 setting DHCP logging level, 176, 177
LDAPv3 plug-in, 144 SMB settings, 88
lease offers, 174 logging levels, setting up mail services, 325
Lease Time field, Server Admin, 179 Logging tab, AFP, 476
less-than symbol (<) file manipulation, 284 Logging tab, Server Admin: Web window,
licensing agreement 374, 375
NetBoot clients, 234 Logging tab, Settings pane
NetInstall image, 237 configuring FTP, 489
life cycle management, ILM (Information life QuickTime Streaming, 458, 462
cycle management), 533–537 Server Admin: AFP window, 60, 61
Limit user bandwidth for updates to setting, Server Admin: NetBoot window
559 configuring NetBoot service, 244,
Limited administration capabilities 245
creating limited administrator user, Server Admin: SMB window
125, 126 configuring SMB, 481
Privileges tab, Workgroup Manager, 124 logins
Linux clients, connecting to SMB from, 483 Allow simultaneous login on
list_uploads option, podcast command, 449 managed computers option, 125
lists. See also mailing lists disable login options, 112
listxyz options, podcast command, 448 Logs button
load balancing AFP (Apple Filing Protocol), 56
Enable Load Balancing check box, SMB (Server Message Block), 84
209 Logs button/screen, Server Admin: Server
L2TP servers, 208 window, 51, 52
local account, adding identity to, 147 Logs icon/window, Server Admin: MySQL
Local home template option, Workgroup window, 400
Manager, 138 Lookup command, DNS configuration, 27
local imaging, 229 loopback address, 74
local namespace, Mac OS X Server, 191 lpc command, 531
local, using .local in DNS field, 23 LPD (Line Printer Daemon), 510, 511
 Index 595

lpq command, 531 managing Apache modules, 366

lpr command, 531 managing printers, 505
LPR protocol, 516 Network Address Translation, 150,
lprm command, 531 151
pre-configuration, Apache web
server, 358
■M preventing intrusions, 169
protocols, 318
MAC address
Automator action filtering clients by, protocols for streaming content, 454
256 proxies, 369
configuring NetBoot service, 245, 246, reasons for streaming content, 453
247 Sequel Pro connecting to, 403, 404
Mac bookshelf, Mac OS X resources, 575 setting global firewall options, 169
Mac mini setting up firewall, 163
choosing hardware, 6 setting up forwarding ports, 159–161
Mac OS X Server 10.6 requirements, 11 Snow Leopard server features, 8
Mac OS X storing mail in, 318
backup applications, 538–554 testing firewall, 170, 171
connecting to AFP from Mac OS X, using as router, 149–162
478, 479 Mac OS X Server 10.6
connecting to SMB from, 484 Address Book service, 260
deploying printers, 522–528 applying software patches and
imaging strategy, 229 updates, 28
setting up web service in, 359–365 building fileserver, 29–42
web servers, 357 configuring network interface, 22–24
Mac OS X client creating administrator account, 20–
configuring, iChat, 312–314 22
saving iChat transcripts, 313, 314 creating Open Directory master, 30–
setting up clients, 312, 313 35
managing printers, 505 creating Share Points, 37–42
Mac OS X collaborative services, providing creating users and groups, 35–37
reverse proxy functionality for, 340 DNS configuration, 25–28
Mac OS X Server installing, 13–17
accessing web services page, 383 applying software patches and
administration, more resources, 575, updates, 28
576 DNS configuration, 25–28
Automatically Configure My Mac language selection screen, 13, 14
button, 121 minimum requirements for, 11
configuring firewall from command Network Names screen, 23, 24
line, 169, 170 overview, 1
creating rules, 167, 168 partitioning, 15, 16
defining address groups, 163–165 registration information, 19
defining services, 165–167 selecting region, 17, 18
Dovecot, 318, 319 serial numbers, 19
firewall controlling access to server, setting time zone, 19, 20
162–171 Users & Groups, 24
getting started, 2 welcome screen, 17, 18
iChat service, 303 Mac OS X Server-based web server, 357
installing printers, 506 Mac OS X Web service, collaboration
local namespace, 191 services, 379
mail components, 317–319 Mac Pro
596 Index

choosing hardware, 7 using Server Admin, 321, 322

Mac OS X Server 10.6 requirements, 11 using Server Preferences, 320, 321
MacEnterprise mailing list, learning setting up mailing lists, 331
resources, 576 SMTP (Simple Mail Transfer
Mail Protocol), 318
configuring Mail proxy, 345, 346 storing mail in Mac OS X Server, 318
configuring to work with Push troubleshooting, 332–336
Notification, 350–352 webmail, 328, 329
enabling proxy for, 342 mail verb, pcastaction command, 451
integrating iCal server with, 286–288 Mail window, Server Admin, 326
storage, setting up mail services, 325 mailing lists
mail components, Mac OS X Server, 317– enabling, 331
319 group lists, 331
mail exchange (MX) record, 319 learning resources, 576
MAIL FROM: command, 334 Mailman tool, 331
Mail Queue tab, Server Admin: Mail window, setting up, 331
336 standard mailman mailing lists, 331
mail rules, 329, 330 Mailing Lists tab, Server Admin: Mail
Mail Server Type setting, 287 window, 331, 332
mail services, 317–336 Mailman tool, 331
blacklisting, recovering from, 335, man page, pcastaction command, 451
336 Manage Account Access screen, adding
configuring mail client, 327, 328 iCal delegates, 294, 295
connectivity issues, 333–335 managed client, description, 132
creating mail accounts, 330 managed preferences
Cyrus, 318 Workgroup Manager, 132
DNS, 319, 320 configuring policies, 132
Dovecot, 318, 319 configuring Software Update for
ensuring working, 328 clients, 560, 561
firewalls, 320 deploying printers, 525
graylisting, 332, 333 mobile home directories, 134
IMAP (Internet Message Access Mobility managed preferences, 137
Protocol), 318 network home directories, 134
Mac OS X Server mail components, Management Console, installing Retrospect,
317–319 544
mail rules, 329, 330 mappings, description, 144
POP (Post Office Protocol), 318 mASR configuration tool, configuring asr for
Postfix, 319 multicast imaging, 250, 251
preparing for mail server, 319, 320 master images, deploying, 247
preparing for Podcast Producer, 418, master password options, Workgroup
419 Manager, 138
protocols, 318 master role, Open Directory, 105
securing mail services, 326 master role, Open Directory master, 105–
setting up mail services, 320–327 107
configuring SMTP, 325 master system
messages flagged falsely as spam, configuring NetRestore image for
322–324 deployment, 239
security protocols, 324 preparing master system for imaging,
spam and virus detection settings, 238
323 master zones, DNS, 192
storage, 324, 325 Maximum Attachment Size option, 281
 Index 597

Maximum Attachment Size setting, 381 MIME types

Maximum Connections section, 60 Apache web server, 367, 368
Maximum connections setting, 458 description, 367
Maximum log size option, 514 disabling file type, 367
Maximum throughput setting, 458 editing MIME types for Web service,
MaximumAttachmentSize setting, calendar, 368
298 PHP MIME type, 367
mcxrefresh, Snow Leopard server features, removing MIME types, 368
8 MIME Types tab, Server Admin: Web
MDS 9000, Cisco, 223 window, 367, 368
Media Cleaner, tuning streams, 456 mkdir command, 300
Media directory field, QuickTime Streaming Mobile Access service
settings, 458 accessing iCal service, 291
Media Set Security, configuring backups checking status, 347, 348
with Retrospect, 548 command line, 354
media sets configuring, 342–347
configuring backups with Retrospect, configuring access controls, 348, 349
547, 548 configuring Address Book proxy,
using with Retrospect 343, 344
DonCCCt add duplicate files to, 553 configuring iCal proxy, 344, 345
Recycle after successful copy option, configuring Mail proxy, 345, 346
553 configuring web proxy entries, 346,
Select Media Sets screen, 549 347
setting up grooming policy, 552 connecting clients, 350
Media verification option, Retrospect, 553 controlling access, 348, 349
megabits per second, streaming codec creating iCal accounts, 293
speeds, 456 description, 339
Members tab, Workgroup Manager design considerations, 341, 342
creating computer groups, 130, 132 enabling proxies for services, 342
creating groups, 129, 130 installing, 339, 340
memory requirement, web servers, 357 network design, 341
MEMORY table, creating, 407 port scanning, 350
merge verb, pcastaction command, 450 proxies, 342
message code 250, mail services, 334, 335 reverse proxy functionality, 340
message code 354, mail services, 334 serveradmin command, 354
messages, creating alias for account, 329 setting up, 340–350
Messages dialog, saving iChat transcripts, Snow Leopard server features, 8
313 starting service, 347
messages flagged falsely as spam, setting Mobile Access Settings pane, Server Admin,
up mail services, 322–324 346
Messages tab, FTP service, 485 mobile account, creation options, 137
Messages tab, Settings pane, 94 mobile home directories, description, 134
metadata MobileMe, 275
ACLs (access control lists), 66 Mobility icon, Workgroup Manager, 137
podcasting, 449 Mobility managed preferences, Account
metadata option, podcast command, 448, Creation tab, 137–139
449 Mobility managed preferences, Account
metaindexURL key, 567 Expiry tab, 140
Microsoft Exchange, 275 moderator, Mailman, 331
Microsoft Windows, setting up iCal clients modules, managing Apache modules, 366,
for, 296 367
598 Index

monolithic imaging, 229, 238 database administration, 412, 413

Montage, setting up podcast workflows, 429 description, 397
mounts, automounts, 135 inspecting existing tables/elements,
Movie Settings dialog box, iMovie 411, 412
hinting movies, 465, 466 installing MySQL service, 398
hinting tracks, 466 introduction, 397
Packet Size Limit setting, 467 managing MySQL databases, 402–
settings, 465, 466 413
track hinter settings, 466 naming and encoding database, 405
movies performance tuning books, 401
accessing video through browser, quitting database server, 415
467, 468 service logs, 400
adding hint track to movies, 465–467 setting up, 398–400
hinting movies, 465–467 setting up database, 404–406
preparing movie for Internet sharing, tuning, 400–402
465 using command line, 414, 415
QuickTime Streaming Server creating, writing queries, 409–411
465–468 MySQL GUI Tools, connecting to databases,
MP3 Broadcast Password setting, 402
QuickTime Streaming settings, 459 mysql option, Sequel Pro, 405
mp3broadcaster command, QuickTime mysqladmin command, 414, 415
Streaming Server, 472 mysqld daemon, 397, 398, 401
MTU size, network firewall, 467 mysqldump command, 414
Mulberry, configuring mail client, 327
multicast imaging
configuring asr for multicast imaging,
250–253
■N
Name field
creating NetRestore image, 238 contact information, Server
imaging, 248 Preferences, 118
imaging client over asr, 254 creating groups, Workgroup Manager,
setting multicast address for stream, 128
252 name service log, SMB (Server Message
using, 247 Block), 84
MX (mail exchange) record, 319 Name setting, connecting to database
MX logic, messages flagged falsely as server, MySQL, 403
spam, 323 named.conf file, editing configuration files,
MX record, DNS, 189 DNS, 199
Mxtoolbox web site, recovering from names
blacklisting, 335 CNAME record, DNS, 189
my.cnf file DNAME record, DNS, 189
connecting to database server, DNS (Domain Name Service), 188–
MySQL, 403 201
tuning MySQL, 401 domains, 189
MyISAM table, creating, 407 name resolution, DNS, 190
MySQL NAS (network attached storage) devices,
backing up MySQL, 413, 414 538
connecting to databases, 402 NAT (Network Address Translation),
connecting to Mac OS X server, 403, 150–151
404 Gateway Setup Assistant, 151–156
creating fields, 407, 408 manually enabling NAT, 156–157
creating tables, 406, 407 setting advanced options, 161–162
 Index 599

subnet mask, 150 Network pane, System Preferences

testing NAT from client, 157–158 clients using forward proxy, 369
NAT overview screen, Server Admin Proxies tab, 369
application, 152 Network pane, VPN clients, 211, 212, 213,
natd.plist file, 159, 160 214
Navicat, 402 network printing, 509–512
near-line storage, 534 Internet Printing Protocol (IPP), 509–
NetBIOS, 483 510
NetBIOS name resolution over TCP/IP, 91 JetDirect, 511–512
NetBoot image, creating, 231–235 LPD (Line Printer Daemon), 510–511
NetBoot service, 228 Network Routing Definition setting, 207
activating, 230 Network service options, VPN clients, 218
anatomy of NetBoot image, 242 network sniffers, digest authentication, 459
configuring, 242–247 network storage, iSCSI protocol, 554–555
creating NetBoot image, 231–235 network systems, 173
introduction, 227 Network Utility, 170–171
NetBooting client systems, 257 closed port in Network Utility, 170
NetBoot set DNS configuration, 27
configuring NetBoot service, 242, open port in Network Utility, 171
243, 244 Port Scan option, 170, 171
creating NetBoot image, 234 testing NAT from client, 157, 158
creating NetRestore image, 240, 241 networking
imaging client over asr, 254 adding new network interface, 212
NetInstall image, creating, 236–237 connectivity, mail services, 333
NetInstall Image option, creating bootable DNS (Domain Name Service), 12
disk image from CD/DVD, 228 RADIUS, 220–225
NetInstall service, 228, 236–237 S2SVPN, 219–220
NetRestore image, creating, 238–241 subnets, 12
configuring NetRestore image for VPN (Virtual Private Networking), 204–
deployment, 239–241 220
preparing master system for imaging, networks
238 configuring network interface, 22–24
NetRestore service, 228, 238–241 creating image for asr, 248–250
NetRestore, Snow Leopard server features, description, 2
8 TCP/IP settings for network interface,
NetRestore source, 256 184
network access, securing Open Directory, New Computer Group icon, Server Admin
109 toolbar, 130
network connections option, 399 New User icon, Workgroup Manager, 123
network discovery protocol, 508 NFS (Network File System), 98–100,
network disk image, creating 491
NetBoot image, 233 accessing Share Points, 493
NetInstall image, 236 choosing protocol to access
NetRestore image, 239 automounts, 136
network firewall, MTU size, 467 configuring NetBoot service, 244
network home directories, 134 connections, 98
network home folders, 138 enabling, 473
network home quota option, 139 Export drop-down, 80
network imaging, 229 file sharing, 473
Network Interface field, General tab, 179 Overview tab, 98
Network Names screen, 23–24 Settings button, 99
600 Index

share point options, 498–499 Connected to Directory System role,

Share Points window, 78 105
using AFP or NFS, 74 creating accounts, Server
NFS protocol settings Preferences, 116
exporting NFS share to list of clients, deploying printers to groups of users,
79–81 524
privilege mapping, 81–82 enabling wiki/blog web services, 380
security level, 82–84 introduction, 101
Share Points tab, 78–84 managing Open Directory, 109–114
nil errors, resolving, 299 preparing for Podcast Producer, 418
noncritical data, 535 preparing to install iCal server, 277
None option, privilege mapping, NFS, 82 preparing to set up, 104
Notice log level, 514 replication process, 108
notification option, serveradmin command, roles, 105
354 securing Open Directory, 109–114
notifications binding policies, 110
Push Notification Server option, 281 service access controls, 113
Push Notification service, 350–353 security, setting up mail services, 324
Push Notification services, 292 storing passwords, 104
setting up podcast workflows, 433 understanding Open Directory roles, 109
vacation notification, 330 Open Directory master, 105–107
NS record, DNS, 189 backup for, 108
NTLM, authentication settings, 87, SMB slapd process, 108
NTLMv2 & Kerberos, 87, SMB Open Directory master, creating, 30, 31–35
Open Directory replica, 105
configuring, 107–108
■O creating, 108–109
slurpd process, 108
objects
LDAP, 102 Open Directory window, Server Admin:, 107
managing directory service objects with OpenConnector, CalDAV, 296
Workgroup Manager, 116–141 OpenDNS tool, 200–201
OCP Research group, 39 operating systems
offline storage, 534 creating bootable disk image from
OmniGraffle, 167 CD/DVD, 228
online storage, 534 creating image hosted on server, 228
Only show managed printers option, 525 imaging strategy, 229
Op locking option, 497 opportunistic locking, 77
Open Directory Optimize Table option, 413
automounting, Share Points, 494 options, DHCP, 186–187, 569–573
backing up, 114–115 Options tab, Retrospect, 553
binding clients into Open Directory, Options tab, Sites pane, 373, 375
142–147 options.conf.apple file, 199
binding with Directory Utility, 143– Others permission, POSIX permissions, 500
147 Outgoing Mail Server setting, 287
trusted binding, 145–147 output format, 430
untrusted binding, 143–145 overrides, Allow All Overrides setting, 374
building fileserver, 29 Overview button
components of directory services, AFP (Apple Filing Protocol), 56
102 SMB (Server Message Block), 84
configuring Software Update for Overview button/pane, 51
clients, 560 Overview screen
 Index 601

checking Mobile Access status, 347 path option, account creation, Workgroup
Podcast Producer, 424, 425 Manager, 139
Print service, 513, 514 Path setting, relays, QuickTime Streaming,
Overview tab 461
FTP (File Transfer Protocol), 92 pause option, podcast command, 448
NFS (Network File System), 98 payloads, packets, 149
Owner permission, POSIX permissions, 500 pcastaction command, 450
PDC (Primary Domain Controller) setting, 87,
SMB
■P performance
encoding database, 405
package selection, Automator action
customizing, 256 opportunistic locking, 77
package-based imaging, 229 Server Admin graphs, 52
packages, Automator action adding, 256 performance tuning books, MySQL, 401
Packet Size Limit setting, 467 Permission tab, File Sharing pane, 39
packets permissions
description, 149 ACLs, 500, 501–503
stateful packet inspection, 150 Effective Permissions Inspector, 70
pages, creating, wikis, 388 file permissions, 499–503
Partition Disk action, Automator, 256 NFS share point options, 498
partitioning, Mac OS X Server 10.6, 15–16 POSIX permissions, 500–501
pass option, podcast command, 448 Propagate Permissions option, ACLs,
Password Assistant, 21, 22 70
Password field, Administrator Account setting file permissions, 300
screen, 21 Share Point permissions and ACLs,
password policies, global, securing Open 65–71
Directory, 110–112 SMB share point options, 497
password policies, per-user password policy per-queue quotas, 521
overrides, 146 per-user overrides, password policy, 112
password protection, QuickTime Streaming per-user password policy overrides, 146
Server, 464 PHP MIME type, 367
Password server, 104 PHP module, managing Apache modules,
components of Open Directory, 102 366
ports, 109 phpMyAdmin, connecting to databases, 402
Password setting Picture path field, 128
connecting to database server, Ping command, DNS configuration, 27
MySQL, 403 pinging IP addresses
Incoming Mail Server, integrating iCal as test of connectivity, 158
server with Mail, 287 testing NAT from client, 157
Outgoing Mail Server, integrating iCal playlists
server with Mail, 287 configuring playlists, 471
passwords streaming playlists, 469–471
L2TP servers, 208 plist (property list) files, 161
password protecting web sites, 377–378 plistbuddy tool, podcasting, 450
Passwords tab, Open Directory plutil, 161
disable login options, 112 Podcast Capture
setting global password policies, 111 authenticating through the Web, 446
patches Choose a Podcast Type screen, 437
applying software patches and choosing source in, 438
updates, 28 configuring camera and audio
managing Apache modules, 366 settings, 443
602 Index

connecting to Podcast Producer setting up workflows, 427–436

server, 437 controlling access to workflows,
controlling access to workflows, 435–436
435–436 Podcast Composer, 428–433
introduction, 417 Podcast Composer exporting
Podcast Producer Setup Assistant, workflows, 435
424 poster frames, 433–434
recording screencast in, 439 sharing camera to Server Admin, 443
recording video, 440 Snow Leopard server features, 8
running workflows from the Web, stopping service, 451
446–447 tuning streams, 456
sharing camera to Server Admin, using from command line, 447–451
443–445 wizard, 420–424
workflows, 436–447 workflows, 436–447
Podcast Capture tool, 442 workinf with files offline, 450
podcast command, 447–449 Podcast Producer Setup Assistant,
Podcast Composer, 428–433 421–424
deploying podcast workflow, 433 Confirm screen, 422, 423
destinations, 432 directory administrator, 422
export settings, 431 Express or Standard screen, 421,
intros, outros, and watermarks, 430 422
notifications, 433 opening, 420
Podcast Producer Setup Assistant, Summary screen, 423, 424
424 Xgrid controller, 421
poster frames, 434 Podcast submitted screen, 442
selecting source, 429 podcasting
title and author information, 428 curl command, 450
Podcast Composer tool, 435 metadata, 449
Podcast Information screen, 440, 441 plistbuddy tool, 450
Podcast Library, Podcast Producer Setup using podcast command, 447–449
Assistant, 424 policies
Podcast Producer account creation policies, Workgroup
adding Podcast Producer service, Manager, 138
420 configuring, Workgroup Manager,
authentication, 451 132–134
configuring access lists, 436 creating computer groups, 130
connecting Podcast Composer to directory services search policy, 147
server, 437 Dock policies in Workgroup Manager,
e-mail notifications, 419 134
General settings, 425, 426 Policies section, Open Directory settings,
granular settings for, 426, 427 111
introduction, 417 pooling, creating printer pool, 517–520
Overview screen, 424, 425 POP (Post Office Protocol), 318
preparing for, 418–419 port 21, 491
Properties tab, 426, 427 port 25
publishing data, 419 configuring mail client, 327
QuickTime Streaming Server files, firewalls, 320
472 port 106, 109
running workflows from the Web, 446 port 110, 327
setting up with Server Admin tool, port 1220, 470
424–427 port 143, 327
 Index 603

port 16384 through 16403, 309 Port Scan option, Network Utility, 170, 171
port 1723, 206 port scanning
port 1813, 224 Mobile Access service, 350
port 311, 109 VPN clients, 210, 211
port 3306 Port setting
connecting to database server, Accounts window, 293
MySQL, 403 configuring site-specific options, 372
mysqld daemon, 397 connecting to database server,
port 3659, 109 MySQL, 403
port 389, 109 Incoming Mail Server, integrating iCal
port 443 server with Mail, 287
configuring site-specific options, 372 Outgoing Mail Server, integrating iCal
configuring SSL certificate for web server with Mail, 287
sites, 377 port settings
pre-configuration, Apache web server, configuring Address Book proxy,
358 343, 344
port 465, 327 configuring iCal proxy, 344
port 5269, 310 configuring Mail proxy, 345, 346
port 587, 327 configuring Web Proxy entries, 347
port 625, 109 ports
port 636, 109 closed port in Network Utility, 170
port 749 configuring UDP port for RADIUS
connecting remotely, iChat, 310 authentication, 224
Kerberos, 109 connecting remotely, iChat, 309
port 80, 461 connecting uncooperative iCal
configuring site-specific options, 372 clients, 299
configuring SSL certificate for web creating rules, 168
sites, 377 defining services, 165
pre-configuration, Apache web server, firewalls, 320
358 LDAP, 109
port 8000, 470 LDAP ports, 180
port 8080, 372 Open Directory, 109
port 8088 open port in Network Utility, 171
configuring Software Update service, Password server, 109
558 PPTP servers, 206
Software Update working with pre-configuration, Apache web
repository, 565 server, 359
port 88 Server Admin, 109
connecting remotely, iChat, 310 setting up forwarding ports, 159–161
Kerberos, 109 specifying range of ports, 170
port 8843, 344 SSL, 109
port 993, 327 TCP, 109
port 995, 327 testing firewall, 170
Port authentication setting VPN ports, 206
configuring Address Book, 265 Workgroup Manager, 109
enabling iCal with Server Admin, 282 POSIX permissions, 65, 500–501
Port field, DNS tab, DHCP Subnets, Server Group permission, 500
Admin, 180 Others permission, 500
port forwards Owner permission, 500
routers, 150 Share Point permissions and ACLs, 65
setting up forwarding ports, 159
604 Index

PostBox with Lightning connector, CalDAV, print quotas, 520–522

296 print server, 505
poster frames, 433–434 Print service, 512–515
Postfix, 319, 333 Print window, System Admin, Queues pane,
postflight verb, pcastaction command, 450 518, 519
post-install scripts, Automator action printer control panel, 527
adding, 256 printer drivers
PPP authentication, PPTP servers, 206 deploying printers, 523
PPTP servers, 206–207 installing, 508
authentication settings, VPN, 214 installing, Snow Leopard, 506
choosing DNS servers to client, 207 printer jobs, 523
configuring VPN to serve PPTP, 206 printer pool, 517–520, 530
Enable PPTP check box, 206 printer spoolers, 505
encryption, 206 printers
IP addresses, 206 creating printer pool, 517–520
Network Routing Definition setting, deploying printers, 522–528
207 to groups of users, 524–526
ports, 206 to Windows clients, 526–528
PPP authentication method, 206 installing printer, 506–512
protocol choice, 204 sharing printers, 516–522
using both PPTP and L2TP, 208 printing
VPN ports, 206 Add Printer dialog box, 508
PPTP tab, Settings icon, Server Admin: VPN Bonjour printing, 508
window, 206, 207 Internet Printing Protocol (IPP), 509–
preferences, 132 510
Preferences icon, Workgroup Manager, 132, JetDirect, 511–512
133 LPD (Line Printer Daemon), 510–511
Preferences screen, Workgroup Manager, managing printing with CUPS, 529–
141 530
preflight verb, pcastaction command, 450 network printing, 509–512
presets option, podcast command, 449 troubleshooting, 512
Primary Domain Controller setting, 87, 480, USB-based printing, 508
SMB Private access, wikis, 386
primary zones, DNS, 192 privilege mapping, NFS protocol settings,
Print & Fax pane, System 81–82
Preferences Privileges tab, Workgroup Manager
adding and removing printers, 506 creating users, 124, 125, 126
creating printer pool, 517, 518, 519 Limited administration capabilities,
deploying printers, 522 124
installing printers, 506, 507 tiered administration, 113
managing printing with CUPS, 529 progressive download, QuickTime
printer pool not show in Server Admin, Streaming Server, 454
520 Promise RAID, 534
print queues prompting user options, account creation,
configuring print quotas, 520, 521 Workgroup Manager, 137
creating printer pool, 518 Propagate Permissions option, ACLs, 70
deploying printers, 523 Properties tab, Podcast Producer, 426, 427
IPP configuration, 510 proto key, 160
LPD configuration, 511 Protocol drop-down, 74
managing print jobs, 523 Protocol option, 516
troubleshooting, 512
 Index 605

Protocol Options button, Share enabling proxy on client, 370

Points tab, 72, 75–84 forward proxy, 369
AFP protocol settings, 75 iCal services, 283
FTP protocol settings, 77–78 Mobile Access service, 340, 342
NFS protocol settings, 78–84 reverse proxy functionality for
SMB protocol settings, 76–77 collaborative services, 340
protocols Proxies tab, Network pane, System
AFP (Apple Filing Protocol), 55–84, Preferences, 369
474–479 proxy option, serveradmin command, 354
Bonjour, 508 proxy services, Apache web server, 368–
choosing protocol to access 371
automounts, 136 Proxy tab, Server Admin: Web window, 369
DHCP (Dynamic Host Control PTR record, DNS, 189, 193
Protocol), 173–188 Public access, wikis, 386
file sharing, 473 publish verb, pcastaction command, 451
FTP (File Transfer Protocol), 91–98, publishing data, 419
484–491 Push Notification Server option, 281
HTTP (HyperText Transfer Protocol), Push Notification service
454 command line, 354
IMAP (Internet Message Access configuring iCal to work with, 352–
Protocol), 318 353
L2TP, 204 configuring Mail to work with, 350–
LDAP, 102 352
Mac OS X Server, 318 creating iCal accounts, 292
network discovery protocol, 508 description, 339
network printing, 509 installing, 339–340
NFS (Network File System), 98–100, serveradmin command, 354
491 setting up for iPhone, 350–353
POP (Post Office Protocol), 318 Snow Leopard server features, 8
PPTP, 204 starting service, 353
RTSP (Real Time Streaming Python module, managing Apache modules,
Protocol), 454 366
security protocols, setting up mail
services, 324
SMB (Server Message Block), 84–91,
479–484
■Q
qceffect verb, pcastaction command, 450
SMTP (Simple Mail Transfer queries, MySQL
Protocol), 318 description, 398
streaming content, 454 running queries, 411
VPN (Virtual Private Networking), 204 writing queries, 409–411
XMPP (Extensible Messaging and Queues icon, Server Admin toolbar, sharing
Presence Protocol), 303 printers, 517
Provide updates using port setting, 558 Queues pane, 518, 519
proxies QuickLook, setting up podcast workflows,
configuring Address Book proxy, 429
343–344 QuickTime Broadcaster application, 468–
configuring iCal proxy, 344–345 469
configuring Mail proxy, 345–346 QuickTime movie, hinting movies, 465
configuring web proxy entries, 346– QuickTime playlists, streaming, 470
347 QuickTime Streaming Server
enabling proxies for services, 342
606 Index

accessing video through browser, online storage, 534

467–468 RCPT TO: command, connectivity, mail
adding hint track to movies, 465–467 services, 334
bandwidth considerations, 454–456 Read and Write permissions, SMB share
command-line options, 471–472 point options, 497
configuring, 457–464 Read options, ACEs, 501
creating movies, 465–468 Read permission, POSIX, 65
home directory, 463–464 realms
implementing, 454 password protecting web sites, 377
installing, 456–457 testing access to, 378
password protecting, 464 users editing data in, 378
playing sample video, 462 Realms tab, Sites pane, Server Admin: Web
progressive download, 454 window, 377
Real Time Streaming Protocol records
(RTSP), 454 creating DNS records, 193
restricting access, 464 domains, 189
streaming playlists, 469–471 inspecting, Workgroup Manager,
QuickTime Streaming window, 140–142
Server Admin naming records, Bonjour, 197
Access tab, Settings pane, 457, 458, recursion, DNS, 190, 198
460 Recycle source Media Set after successful
General tab, Settings pane, 457, 458 copy option, Retrospect, 553
IP Bindings tab, Settings pane, 457, redundancy, 537
459, 460, 461 Refresh calendars drop-down list, creating
Logging tab, Settings pane, 458, 462 iCal accounts, 292
Relays tab, Settings pane, 458, 461 Refresh Databases option, Sequel Pro, 405
quitting database server, MySQL, 415 Refuse all messages from these hosts and
Quota option, user, enabling iCal with Server networks option, enabling SMTP,
Admin, 281 325
quotas, configuring print quotas, 520–522 region, selecting, 17, 18
Quotas option Register with WINS server option, 91, SMB
sharing printers, 516 registration information, Mac OS X Server
User, configuring Address Book, 263 10.6, 19
relational database. See MySQL
Relay Name setting, relays, QuickTime
■R Streaming, 461
Relay outgoing mail through host option,
RADIUS (Remote Authentication Dial
In User Service), 220–225 enabling SMTP, 325
command line tools, 224–225 relay settings, Mail window, Server Admin,
configuring UDP port for RADIUS 326
authentication, 224 Relay Type setting, relays, QuickTime
connecting to Cisco, 223–224 Streaming, 461
description, 203, 225 relay_enabled key, enabling DHCP relay,
limiting access to, 225 187
PPP authentication, PPTP servers, relay_ip_list key, enabling DHCP relay, 187
206 relaying mail service, messages flagged
setting up Apple AirPort, 222 falsely as spam, 323
setting up RADIUS service, 220–221 relaying, setting up mail services, 320
radiusconfig tool, 224–225 Relays tab, Settings pane, QuickTime
RAID Streaming, 458, 461
data volumes, 12 remote camera sharing dialog, 444
 Index 607

remote connections, iChat, 309–310 root account, creating Open Directory

Repair Table option, 412 replica, 108
replica role, 105, 107–108 Root Password option, setting up MySQL,
replicatenow option, slapconfig command, 399
108 Root to Nobody option, privilege mapping,
replication process, Open Directory, 108 NFS, 82
repository, Software Update working with, Root to Root option, privilege mapping,
565 NFS, 82
Request Incoming Stream option, 461 Router field, General tab, DHCP Subnets,
Require an administrator password option, Server Admin, 179
525 routers
Require Authenticated Binding option, 110 accessible control options, 150
Require secure server-to-server federation description, 149
option, iChat, 307 failover, 150
Require Single-Sign On authentication, 515 logging, 150
requirements, Mac OS X Server 10.6, 11 stateful packet inspection, 150
resolv.conf file, 184 subnets, 12
Resources directory, exporting workflows, using Mac OS X Server as router,
435 149–162
resources, Mac OS X Server administration, Gateway Setup Assistant, 151–156
575–576 manually enabling NAT, 156–157
restore verb, asr command, 253 Network Address Translation, 150–
restores, NetRestore service, 228 151
resume option, podcast command, 448 setting advanced options, 161–162
Retrospect, 538, 544–554 setting up forwarding ports, 159–161
adding member in Retrospect, 549 testing NAT from client, 157–158
Backup Assistant RSS feeds, 380
Schedule button/tab, 550, 551 rsync, 538
Select Media Sets screen, 549 RTP Track Settings dialog box, iMovie, 466,
Select Sources screen, 546, 547 467
Summary screen, 550 RTSP (Real Time Streaming Protocol)
configuring backups with, 546–551 accessing video through browser,
Copy backups option, 553 467
Data compression option, 553 protocols for streaming content, 454
disk image, 545 restricting access, QuickTime, 464
DonCCCt add duplicate files to the streams, 461
Media Set option, 553 Rule violation attempts log, FTP, 96
Eject tapes and discs when script is rules, creating, 167–168
complete option, 553
grooming scripts, 551–553
installing, 544–546
iWork/iLife issues with, 553
■S
S2SVPN, 219–220
Media verification option, 553 s2svpnadmin command, 219
Recycle source Media Set after s2s.xml file, federating iChat, 311
successful copy option, 553 SACL (service access control list), 53, 271–
scheduling script in, 551 272
utility scripts, 553–554 Samba clients, 483–484
reverse proxy functionality, Mobile Access connecting to SMB from Mac OS X,
service, 340 484
Role drop-down, Settings button, 86, SMB connecting to SMB from Unix/Linux
roles, Open Directory, 105–109 clients, 483
608 Index

connecting to SMB with Windows, 484 Select Media Sets screen, Retrospect
Scan e-mail for junk mail option Backup Assistant, 549
messages flagged falsely as spam, 323 Select shared printer by name option,
Schedule button/tab deploying printers to Windows
Retrospect Backup Assistant, 550, 551 clients, 528
Scheduled Check tab, Software Update Select Sources screen, Retrospect Backup
pane, 562 Assistant, 546, 547
screens Send all traffic over VPN connection option,
Administrator Account screen, 21, 22 VPN clients, 215
Disk Utility screen, 13, 14 Send Message button, AFP Connections
language selection screen, 13, 14 pane, 57
Network Names screen, 23–24 sensitive data, 535
Serial Number screen, 19 Sequel Pro
Time Zone screen, 20 Add Database option, 405
welcome screen, 17–18 backing up MySQL, 413
scripting, 257 connecting to Mac OS X server, 403–
SCSI commands, sending/receiving over 404
TCP/IP network, 554 creating fields, 407–408
scutil, getting iCal service to start, 299 creating tables, 406–407
Search Base field, DNS tab, DHCP Subnets, database administration, 412–413
Server Admin, 180 downloading, 402
Search for shared contacts option, inspecting existing tables/elements,
configuring Address Book, 264 411–412
Search for user accounts option, configuring naming and encoding database, 405
Address Book, 264 Select Database menu, 404
search policies, directory services search setting up database, 404–406
policy, 147 writing queries, 409–411
secondary zones, DNS, 192, 197–198 serial numbers, Mac OS X Server 10.6, 19
securing Open Directory, 109–114 Server address setting, Accounts window,
configuring binding policies, 110 292
service access controls, 113 Server Admin application, 49–55
setting global password policies, adding server to, 46–49
110–112 AFP (Apple Filing Protocol), 55–84
tiered administration, 113 building fileserver, 29
security buttons/tabs, 51
ACLs (access control lists), 66 configuring Address Book, 260, 262–
aliases, 378 266
Authentication option, iChat, 307 configuring iCal service, 280–283
configuring site-specific options, 373 configuring QuickTime Streaming
FTP (File Transfer Protocol), 485 Server, 457–462
host security, 110 controlling access to workflows, 435
NFS protocol settings, 82–84 creating primary zones, DNS, 192
securing mail services, 326 creating printer pool, 518–520
unsecured connection, iCal accounts, creating rules, 167
291 creating Share Points, 37
security protocols, setting up mail services, creating subnet, DHCP, 177
324 default Server Admin screen, 50
Security tab, Sites pane, Server Admin: Web Hardware section, 50
window, 376 Software section, 50
Select Database menu, Sequel Pro, setting Status section, 51
up database, 404 defining address groups, 164
 Index 609

defining services, 165–167 Authentication tab, 264, 265

enabling DHCP service, 175–176 General tab, 263, 264
enabling Software Update service, Server Admin: AFP window
557 Access tab, Settings icon,
federating iChat, 311 configuring AFP, 475
FTP (File Transfer Protocol), 91–98 configuring AFP, 475
Gateway Setup Assistant, 152 Idle Users tab, Settings pane, 477
installing Mobile Access, 339, 340 Logging tab, Settings icon, 476
installing Push Notification, 339, 340 Settings button/pane
installing QuickTime Streaming Access tab, 59–61
Server, 456 General tab, 58, 59
installing server administration tools, Idle Users tab, 62–63
46 Logging tab, 60, 61
integrating iCal server with Wiki, 285 Share Points tab, 63, 64, 71, 72
limiting access to VPN and RADIUS, Server Admin: DHCP window
225 Log button/screen, 182
manually enabling NAT, 156 Settings button/screen, 176, 177
NAT overview screen, 152 Static Maps button/screen, 184
NFS (Network File System), 98–100 Subnets button/screen, 178
Podcast Producer Setup Assistant, DNS tab, 179, 180
420–421 General tab, 178
server logs in, 52 LDAP tab, 181
setting up DNS, 189–191 WINS tab, 181, 182
setting up iChat Server using, 305, Server Admin: DNS window
306–308 Bonjour button/screen, 194, 195
setting up mail services using, 321– Settings button/screen, 191
322 Zones button/screen, 25, 26, 192, 194,
setting up MySQL, 398 197, 198
setting up Podcast Producer with, Server Admin: File Sharing window
419, 424–427 AFP tab, 75
setting up Print service, 512–515 configuring automounts, Share
shared cameras in Server Admin, 445 Points icon, 135
sharing camera to, 443–445 configuring FTP, 488
sharing printers, 516–520 FTP tab, 77–78
SMB (Server Message Block), 84–91 NFS tab, 78–84
tuning MySQL, 401 SMB tab, 76–77
Server Admin tool Server Admin: FTP window
activating NetBoot service, 230 Settings button/pane
adding/removing web sites, 371 Advanced tab, 96
backing up Open Directory, 114 General tab, 92
creating Open Directory replica, 109 Logging tab, 95
creating web sites, 371–379 Messages tab, 94
defining file shares, 135 Server Admin: iCal window
enabling file sharing protocols, 473 adding Push Notification, 352
New Computer Group icon, 130 Authentication tab, 282
ports, 109 checking iCal server status, 283
setting up Open Directory master, General tab, 281
105–107 Server Admin: iChat window, 311
setting up web services, 363–365 Server Admin: Mail window
server administration tools, installing, 45 adding Push Notification, 350, 351
Server Admin: Address Book window Mail Queue tab, 336
610 Index

Mailing Lists tab, 331, 332 Services tab, 512

relay settings, 326 Services tab, Settings screen
Server Admin: Mobile Access installing Mobile Access service, 339
window setting up iChat Server, 305, 306
checking Mobile Access status, 347– setting up RADIUS service, 221
348 Settings button/screen, 175, 190
configuring access controls, 348–349 Services tab, 175, 176
configuring Mobile Access, 342, 343 Services tab, enabling iCal, 280
Forward web traffic to internal servers setting up MySQL, 398
field, 346 Settings icon/screen, 456, 457
Server Admin: MySQL window Server Admin: SMB window
Logs button/screen, 400 Access tab, Settings pane, 481
Settings button/screen, 399 Advanced tab, Settings pane, 481
Server Admin: NetBoot window configuring SMB, 479
Filters tab, Settings pane, 245, 246 General tab, Settings pane, 479
General tab, Settings pane, 242, 243 Logging tab, Settings pane, 481
Images tab, Settings pane, 243, 244 Settings button/pane
Logging tab, Settings pane, 244, 245 Access tab, 87
Server Admin: Open Directory window, 107, Advanced tab, 89
114, 115 General tab, 85
Server Admin: Podcast Producer Logging tab, 88
window Server Admin: Software Update window,
General settings, 425, 426 558
launching Setup Wizard, 421 Server Admin: VPN window
Overview screen, 424, 425 Client Information tab, Settings icon,
Properties tab, 426, 427 207, 208
Server Admin: Print window, 513 PPTP tab, Settings icon, 206, 207
Queues pane Settings icon
creating printer pool, 518, 519 configuring VPN to serve L2TP, 209
sharing printers, 517 configuring VPN to serve PPTP, 206
Settings pane, 514, 515 Server Admin: Web window
Server Admin: QuickTime Streaming configuring site-specific options,
window 371–376
Access tab, Settings pane, 457, 458, Aliases tab, Sites icon, 378, 379
460 General tab, Sites icon, 372, 373
General tab, Settings pane, 457, 458 Logging tab, Sites icon, 374, 375
IP Bindings tab, Settings pane, 457, Options tab, Sites icon, 373, 375
459, 460, 461 Realms tab, Sites icon, 377
Logging tab, Settings pane, 458, 462 Security tab, Sites icon, 376
Relays tab, Settings pane, 458, 461 configuring wikis, 381, 382
Server Admin: Server window disabling file type, 367
Access button/tab, 53–55 editing MIME types for Web service,
activating NetBoot service, 230 368
configuring Address Book, 263 enabling forward proxy, 369, 370
controlling access to Address Book, enabling modules for Web service,
271 367
enabling services, 340 enabling webmail, 328, 329
File Sharing pane, 38, 39 enabling wikis and blogs, 380
Graphs button/screen, 52 general settings for Web service, 365
Logs button/screen, 51, 52 integrating iCal server with Wiki, 285
Overview button/pane, 51 MIME Types tab, 367, 368
 Index 611

Proxy tab, 369 configuring ipfw from command line,

Wiki tab, 381, 382 169
server logs, Server Admin application, 52 configuring RADIUS, 224
Server Name field, DNS tab, DHCP Subnets, configuring VPN from command line,
180 219
server option, podcast command, 448 finding iCal log files, 300
Server path setting, Accounts window, 293 Mobile Access service, 354
Server Preferences notification option, 354
configuring Address Book, 260–262 options, 296
configuring iCal service, 278–279 proxy option, 354
setting up iChat Server using, 304– Push Notification service, 354
305 QuickTime Streaming services, 472
setting up iChat user accounts, 308– setting advanced options for NAT,
309 161
setting up mail services, 320–321 settings option, 296, 298
Server Preferences tool Software Update service, 566–567
binding client computer to user, 121 tuning MySQL, 401
contact information, users, 118, 119 Wikis service authentication, 354
creating groups, 122 servers
creating user account, 117, 118 adding server to Server Admin, 46–
creating users, 116–117 49
enabling calendars for users, iCal, blacklisting, recovering from, 335
288 configuring web proxy entries, 346–
services, users, 119, 120 347
setting up web servers, 360–363 connecting to Address Book server,
user membership of groups, 120, 121 266–269
Server requires authentication setting, description, 2
Outgoing Mail Server, 287 firewall controlling access to server,
Server Settings tab, Accounts 162–171
window getting started with, 2
connecting to Address Book server, installing Mac OS X Server 10.6, 13–
268, 269 17
creating iCal accounts, 292, 293 L2TP servers, 208–210
Server Side Includes (SSI) setting, 374 Password server, 104
Server window, Server Admin PPTP servers, 206–207
Services tab, 512 Software Update, 557
Services tab, Settings screen using Mac OS X Server as router,
activating NetBoot service, 230 149–162
setting up iChat Server, 305, 306 which DNS servers are in use, 184
Settings button/screen, 175, 190 SERVERS list
Services tab, 175, 176 activating NetBoot service, 230
Services tab, enabling iCal, 280 backing up Open Directory, 114
serveradmin command configuring Address Book, 263
Address Book service, 273 configuring Software Update service,
backing up Address Book, 272 558
backing up calendars, 284 creating subnet, DHCP, 177
clustering CalDAV, iCal server, 284 disabling file type, 367
configuring Address Book, 273–275 enabling DHCP service, 175
configuring iCal services with enabling file sharing protocols, 474
serveradmin, 296–298 enabling iCal with Server Admin, 280
configuring iChat, 315
612 Index

enabling iChat service using Server activating NetBoot service, 230

Admin, 305 Mobile Access service, 339
installing QuickTime Streaming setting up iChat Server, 305, 306
Server, 457 setting up web services, 363, 364
setting up firewall, 163 Server windows, Server Admin, 190
setting up MySQL, 399 building fileserver, 30
setting up Print service, 512, 513 installing QuickTime Streaming
setting up web services, 364 Server, 456, 457
server-side file tracking, 499 setting up MySQL, 398
server-to-server communication setting up print service, 512
option, iChat, 304 services, users
Enable XMPP server-to-server Server Preferences, 119, 120
federation option, iChat, 307 Set MySQL Root Password option, setting
Require secure server-to-server up MySQL, 399
federation option, iChat, 307 setconfig option, podcast command, 449
service access controls, securing Open Settings button
Directory, 113 AFP, 58
Service Configuration Assistant Access tab, 59–61
setting up mail services General tab, 58, 59
configuring mail services in Server Idle Users tab, 62–63
Admin, 321, 322 Logging tab, 60, 61
security settings, 324 AFP (Apple Filing Protocol), 58
spam and virus detection settings, FTP (File Transfer Protocol), 92
323 Advanced tab, 96
service configuration list, configuring mail General tab, 92
client, 328 Logging tab, 95
service logs, setting up MySQL, 400 Messages tab, 94
services Movie Settings dialog box, iMovie,
Address Book, 259–276 465, 466
DHCP Option Numbers, 569–573 NFS (Network File System), 99
directory services search policy, 147 SMB (Server Message Block), 85
enabling DHCP service, 175–176 Access tab, 87
enabling services for users, 289 Advanced tab, 89
iCal services, using command line General tab, 85
for, 296–300 Logging tab, 88
iChat, 303–316 Settings button/screen
introduction, 2 Server Admin: DHCP window, 176,
mail services, 317–336 177
Mobile Access service, 339 Server Admin: MySQL window, 399
Push Notification service, 339 Server Admin: Podcast Producer
setting up Print service, 512–515 window
setting up RADIUS service, 220–221 General settings, 425, 426
Software Update, 557 Properties tab, 426, 427
services, defining, firewall controlling access Server Admin: Server window, 175
to server, 165–167 Services tab, 175, 176, 190
Services tab, Settings screen setting up MySQL, 398
DHCP window, Server Admin, 175, Settings icon, Server Admin toolbar
176 activating NetBoot service, 230
enabling Software Update service, adding Push Notification, 350, 351,
557 352
Server window, Server Admin configuring AFP, 475
 Index 613

configuring Mobile Access, 342, 343 Share Points icon, Server Admin toolbar,
configuring NetBoot service, 242 135
configuring QuickTime Streaming, share points settings, AFP, 63, 64
457, 458 share points settings, Enable virtual share
configuring wikis, 381, 382 points, 91, SMB
editing MIME types for Web service, Share Points tab
368 AFP (Apple Filing Protocol), 63
enabling forward proxy, 369, 370 AFP protocol settings, 75
enabling iCal, 280 Enable as Time Machine backup
installing Mobile Access service, 339 destination check box, 75
installing QuickTime Streaming Enable Automount check box, 72
Server, 456, 457 Enable Spotlight Searching check
manually enabling NAT, 156 box, 75
setting up print service, 514, 515 FTP protocol settings, 77–78
setting up web services, 363, 364 NFS protocol settings, 78–84
Settings icon, Server Admin: VPN Protocol Options button, 72, 75–84
Client Information tab, 207, 208 Server Admin: AFP window, 64, 71,
configuring VPN to serve L2TP, 209 72
configuring VPN to serve PPTP, 206 SMB protocol settings, 76–77
PPTP tab, 206, 207 shared services, 2
settings option, serveradmin SharePoints folder, creating Share Points,
command, 298 38, 39
backing up Address Book, 272 Sharing Name option, sharing printers, 516
configuring Address Book, 273 sharing printers, 516–522
configuring iCal services, 296 shell verb, pcastaction command, 450
configuring iChat, 315 Short Name field, creating groups, 128
finding iCal log files, 300 Shortname field, 330
Mobile Access service, 354 Show Create Table Syntax option, 412
Push Notification service, 354 Single Source, 428
Software Update service, 567 Sites icon, Server Admin toolbar
tuning MySQL, 402 configuring site-specific options
Wikis service authentication, 354 Aliases tab, 378, 379
Share Points General tab, 372, 373
automounting, 493–496 Logging tab, 374, 375
configuring Share Points, 492 Options tab, 373, 375
creating, 37–42 Realms tab, 377
Enable Automount option, 493–496 Security tab, 376
enabling FTP share point, 488 enabling wikis and blogs, 380
FTP root with Share Points option, size options, 139
487 slapconfig command, Open Directory
FTP root without share points, 97 replication, 108
Home Folder Only option, FTP, 487 slapd process, Open Directory master, 108
Home Folder with Share Points SLAs (Service Level Agreements)
option, 487 building SLAs, 536–537
NFS protocol, 498–499 managing information life cycle, 537
options, 493 slave zones, DNS, 192, 197
Share Point permissions and ACLs, sleeping desktop, idle users, AFP settings,
65–71 62
SMB options, 496–497 slurpd process
Spotlight, 496 Open Directory replica, 108
SMB (Server Message Block),, 84–91
614 Index

SMB (Server Message Block), 479– SMTP (Simple Mail Transfer

484 Protocol), 318
accessing Share Points, 493 avoiding being tagged as spam
authentication, 87 server, 320
Backup Domain Controller setting, 86 connectivity, mail services, 334
character set, 90 setting up mail services, 322–325
choosing protocol to access SMTP Host Name setting, configuring Mail
automounts, 136 proxy, 346
Code Page drop-down, 90 SMTP Host Port setting, configuring Mail
configuration file, 482 proxy, 346
configuring SMB, 479–482 SMTP port, configuring mail client, 327
connecting from Mac OS X, 484 SMTP Port setting, configuring Mail proxy,
connecting from Unix/Linux clients, 345
483 SMTP Relay setting, configuring wikis, 381
connecting with Windows, 484 SMTP SSL Certificate setting, configuring
Connections window, 85 Mail proxy, 345
Domain Master Browser setting, 90 Snow Leopard
Domain Member setting, 86 Address Book service, 260
enabling, 473 DNS reliance, 12
file locking, 77 iChat service, 303
file service log, 84 installing printer drivers, 506
file sharing, 473 learning resources, 575
Homes setting, 91 mail services, 317
Log Level setting, 88 server features, 8
Logs button, 84 SOA record, DNS, 189
name service log, 84 Software section, default Server Admin
Overview button, 84 screen, 50
Primary Domain Controller setting, 87 Software Update, 557–567
Role drop-down, 86 command line accessing, 564–565,
Settings button, 85 566–567
Access tab, 87 configuring service, 558–559
Advanced tab, 89 configuring updates for clients, 560–
General tab, 85 562
Logging tab, 88 CoreServices accessing, 564
share point options, 496–497 disabling updates, 559
Share Points window, 76 enabling service, 557
SMB as domain controller for getting list of available updates, 563,
Windows, 482–483 564
Standalone Server setting, 86 installing services, 557
WINS Registration setting, 91 introduction, 557
Workgroup Master Browser setting, managing server, 559–560
90 multiple servers, 567
Workgroup name, 87 serveradmin command, 566
SMB protocol settings, Share Points tab, System Preferences accessing, 562–
76–77 564
SMB protocol, sharing printers, 516 using services, 562–567
SMB share points working with repository, 565
Op locking option, 497 Software Update pane
Strict locking option, 496 Check Now button, 563
smb.conf file, 482 Installed Software tab, 563, 564
Scheduled Check tab, 562
 Index 615

Software Update service, configuring iCal configuring SSL certificate for web
services with serveradmin, 296 sites, 376
Software Update window, 28, 29 securing web sites for transactions, 376–
softwareupdate command 377
getting list of available updates, 564 SSL authentication setting
using Software Update services, 564– configuring Address Book, 265
565 enabling iCal with Server Admin, 282
Source IP setting SSL certificate option, iChat, 307
relays, QuickTime Streaming, 461 SSL Certificate setting
sources configuring Address Book proxy, 343
Select Sources screen, Retrospect, configuring iCal proxy, 344
546, 547 configuring Mail proxy, 345
setting up podcast workflows, 429 SSL certificates
spam and virus detection settings, 323 configuring mail client, 327
spam mail enabling webmail, 328
disabling graylisting, 332 importing from Address Book server,
messages flagged falsely as spam, 343
322–324 L2TP servers, 208, 209, 210
real-time blacklist server, 325 pre-configuration, Apache web
spam server server, 359
avoiding being tagged as, 320 securing mail services, 326
spam threshold SSL certification
setting up mail services, 320 clustering CalDAV, iCal server, 284
specifying UDP port for RADIUS, 224 SSL option
SPF record, DNS, 189 configuring Address Book proxy, 344
splash page configuring iCal proxy, 345
Snow Leopard server features, 8 configuring Mac OS X Client, iChat,
Spotlight 312
accessing content, 394 configuring Mail proxy, 345
for blogs and wikis, 395 configuring Web Proxy entries, 347
Enable Spotlight Searching check enabling iCal with Server Admin, 281
box, 75 SSL Port authentication setting, configuring
Share Point permissions and ACLs, Address Book, 265
65 SSL Post authentication setting, enabling
Share Points, 496 iCal with Server Admin, 282
share points settings, AFP, 63, 64 SSL setting, Accounts window, creating iCal
SQL (Structured Query Language) accounts, 293
writing queries, 409 SSL setting, Incoming Mail Server,
Squeeze integrating iCal server with Mail,
tuning streams, 456 287
SquirrelMail, 329 SSL setting, Outgoing Mail Server,
SRV record, DNS, 189 integrating iCal server with Mail,
SSH access 287
creating Open Directory replica, 108 Standalone Server setting, 86, 480, 481,
SSI (Server Side Includes) SMB
configuring site-specific options, 374 Standard authentication, FTP, 93
SSL standard mailman mailing lists, 331
accessing iCal service, 291 Standard security level, NFS, 83
Mobile Access design, 342 start option, podcast command, 448
ports, 109 start option, serveradmin command,
SSL (Secure Sockets Layer) Address Book service, 273
616 Index

Starting IP Address field, General tuning streams, 456

tab, DHCP Subnets streaming live audio
Server Admin, 179 QuickTime Streaming Server, 454
StartInterval integer, Time Machine, 543 streaming playlists, 469–471
startup option, account creation, Workgroup streaming protocols
Manager, 139 multicast imaging, 248
Starwind, 554 streaming video. See also QuickTime
stateful packet inspection, 150 Streaming Server
Static Maps button/screen bandwidth considerations, 454–456
Server Admin: DHCP window, 184 implementing QuickTime Streaming
status option, serveradmin command Server, 454
configuring iCal services, 296 strict locking, 77
tuning MySQL, 401 Strict locking option
Status section SMB share points, 496
default Server Admin screen, 51 subnet mask
status verb, serveradmin command description, 150
configuring iChat, 315 Subnet Mask field, General tab
Mobile Access service, 354 DHCP Subnets, Server Admin, 179
Push Notification service, 354 Subnet Name field, General tab
QuickTime Streaming services, 472 DHCP Subnets, Server Admin, 179
Software Update service, 566 subnets
Stealth Mode creating subnet, DHCP, 177–184
setting global firewall options, 169 DHCP pools, 177
Stop button, AFP Connections pane, 57 empty DHCP subnets listing, 178
stop option, podcast command, 448 networking considerations, 12
stop option, serveradmin command Subnets button/screen
Address Book service, 273 Server Admin: DHCP window, 178
storage DNS tab, 179, 180
NAS (network attached storage) General tab, 178
devices, 538 LDAP tab, 181
setting up mail services, 324–325 WINS tab, 181, 182
storage classification Summary screen
cloud-based storage, 538 Podcast Producer Setup Assistant, 423,
ILM (Information life cycle 424
management), 534–535 Summary screen, Retrospect Backup
near-line storage, 534 Assistant, 550
offline storage, 534 sw_vers command, 237
online storage, 534 swupdate option, serveradmin
Storage folder command
creating Share Points, 38, 39 configuring iCal services, 296
Store Site Files In field swupd.plist file
configuring web services, 361 cascading Software Update downloads,
streaming 567
Darwin Streaming Server, 471 sync settings option
streaming codec speeds, 455 account creation, Workgroup Manager,
streaming content 138
implementing QuickTime Streaming synchronizing data, 538
Server, 454 system configuration settings
installing QuickTime Streaming Automator action applying, 256
Server, 456–457 system image
reasons for, 453 booting from system image, 231
 Index 617

System Image Utility, 228, 231–241 connectivity, mail services, 334

automations, 254–257 template verb, pcastaction command, 451
Automator Library pane, 255 templates, 385–386
choosing image type, 233 test option, Sequel Pro, 405
creating NetBoot image, 231–235 text encoding, AFP, 58
creating NetInstall image, 236–237 theme setting, configuring wikis, 381
creating NetRestore image, 238–241 themes, assigning themes to wikis, 385–386
custom workflow window, 255 Thunderbird, configuring mail client, 327
image settings in, 233 ticket granter service (TGS), 103
System Preferences Ticket Granting Ticket (TGT), 475
accessing Software Update, 562–564 Ticket Viewer application, 147
binding with Directory Utility, 143 Time Machine, 538, 539–544
Network pane AFP (Apple Filing Protocol), 65
clients using forward proxy, 369 backups, 24
Print & Fax System pane changing frequency of backups, 543
deploying printers, 522 command line options, 543–544
System Preferences pane, Time Machine, Enable as Time Machine backup
540 destination check box, 75
System Preferences screen, 507 enabling, 541
connecting to Address Book server, excluding directories from backups,
266 542
Print & Fax pane excluding items from backups, 541,
adding and removing printers, 506 542
creating printer pool, 517, 518, 519, selecting Time Machine target, 540
520 setting up, 539–542
installing printers, 506, 507 stopping system questions, 543
system requirements System Preferences pane, 540
Mac OS X Server 10.6, 11 using iSCSI with, 555
using unsupported volumes, 544
time zone, setting, 19, 20
■T TimeMachineEditor, 541
title verb, pcastaction command, 450
tables, database
creating tables, MySQL, 406–407 touch command, 300
database administration, 412–413 Traceroute, testing NAT from client, 158
description, 398 track hinter settings
inspecting existing tables, MySQL, 411– Movie Settings dialog box, iMovie,
412 466
targetIP key RTP Track Settings dialog box, iMovie,
setting up forwarding ports, 160 466, 467
targetPortRange key tracks, 466
setting up forwarding ports, 160 training guides, Apple Authorized, 575
TCP ports, 109 transactions, securing web sites for, 376–
TCP/IP 377
connecting remotely, iChat, 309 transcripts, 313–314
description, 149 troubleshooting
NetBIOS name resolution, 91 iCal server, 299–300
settings for network interface, 184 mail services, 332–336
WINS (Windows Internet Name Service), trusted binding
91 Accounts System Preference Pane,
teams service, configuring, 354 143
telnet command Directory Utility, 145–147
618 Index

Open Directory, 142 User Name setting, Incoming Mail Server,

TXT record, DNS, 189 287
Type authentication setting User Name setting, Outgoing Mail Server,
configuring Address Book, 264 287
enabling iCal with Server Admin, 282 user option, podcast command, 448
User Quota option, enabling iCal with Server
Admin, 281
■U User Quotas setting, configuring Address
Book, 263
UDP options, relays, QuickTime Streaming,
461 user-generated content, 393
UDP port, configuring for RADIUS Username setting, 403
authentication, 224 users
Unannounced UDP option, 461 adding users to groups
unicast imaging, 247 tiered administration, 113
Unix, managing printing with CUPS, 529– Workgroup Manager, 127
530 Allow simultaneous login on
Unix/Linux clients, connecting to SMB from, managed computers option, 125
483 binding client computer to user, 121
unpack verb, pcastaction command, 450 contact information, Server
unsecured connection, creating iCal Preferences, 118, 119
accounts, 291 creating groups, Workgroup
untrusted binding Manager, 128, 130
Directory Utility, 143–145 creating iCal accounts, 290, 291
Open Directory, 142 creating limited administrator user,
updates, 28. See also Software Update 125, 126
updates page, 393 creating, Server Preferences, 116–
uploads, list_uploads option 117
podcast command, 449 creating user account, Server
uploads log, FTP, 96 Preferences, 117, 118
URL field, DNS tab, 180 creating users and groups, 35–37
URLs, 372 creating, Workgroup Manager, 123–
USB-based printing, 508 127
Use Kerberos v5 for authentication setting, enabling services for users, 289
Accounts window, 293 group membership, Server
Use SSL option Preferences, 120, 121
configuring Address Book proxy, 344 idle users, AFP settings, 62
configuring iCal proxy, 345 Idle Users tab, AFP, 477
configuring mail client, 327 presenting data to, 486–487
configuring Mail proxy, 345 services, Server Preferences, 119, 120
configuring Web Proxy entries, 347 setting up iChat user accounts, 308–309
enabling iCal with Server Admin, 281 Users & Groups field, password protecting
Use SSL setting, Accounts window, 293 web sites, 377
Use SSL setting, Incoming Mail Server, 287 Users & Groups, Mac OS X Server 10.6, 24
Use SSL setting, Outgoing Mail Server, 287 utilities, Disk Utility screen, 13, 14
Use verbose logging option, VPN clients, utility scripts, Retrospect, 553–554
215

■V
user account, Automator action adding, 256
User and password in file option, 459
User and password in Open Directory vcf files, Address Book service, 260, 274
option, 459 versions, applying software patches and
User chooses option, 139 updates, 28
 Index 619

video authentication settings, 214

accessing video through browser, choosing VPN type, 213
467–468 connections, 217
configuring camera and audio Disconnect if idle for option, 215
settings, 442–443 Disconnect when switching user
embedding video into web page, 468 accounts option, 215
playing sample video, 462 Disconnect when user logs out
Podcast Capture recording video, 440 option, 215
video assets, preparing for Podcast exporting VPN configurations, 219
Producer, 419 Network pane, 211, 212, 213, 214
Virtual Sharepoints option, configuring SMB, Network service options, 218
482 port scanning, 210, 211
virus checking, spam and virus detection Send all traffic over VPN connection
settings, 323 option, 215
vital data, 535 Use verbose logging option, 215
volume license, preparing master system for VPN settings, 214, 215
imaging, 238 VPN on Demand tab, 216
volumes VPN ports, PPTP servers, 206
configuring NetBoot service, 243 VPN Settings screen, Gateway Setup
creating image of, 248 Assistant, 155, 156
imaging client over asr, 253
partitioning, 15
preparing master system for imaging,
238
■W
WAN Interface screen, Gateway Setup
saving disk image to, 249 Assistant, 154
scanning for mounted volumes, 232 Warn log level, setting up print service, 514
separation of boot volume and data, watermark, setting up podcast workflows,
12 430
sources to create images, 231 watermark verb, pcastaction command, 450
VPN (Virtual Private Networking), web administration portal, streaming
204–220 playlists, 469
configuring VPN from command line, web content filtering, OpenDNS, 200–201
219 Web Folder setting, configuring site-specific
connecting remotely, iChat, 309 options, 372
description, 203, 225 Web Host Name setting, configuring Web
DHCP pools, 204, 205 Proxy entries, 347
enabling VPN service, 205 Web Host Port setting, configuring Web
L2TP servers, 208–210 Proxy entries, 347
limiting access to, 225 web pages, embedding video into web
Network Routing Definition setting, page, 468
207 web portal
networking condsiderations, 13 integrating iCal server with Wiki, 286
pool of IP addresses, 204 logging into iCal account via, 295
PPTP servers, 206–207 web proxy
pre-configuration considerations, 204 configuring Web Proxy entries, 346–
protocols, 204 347
S2SVPN, 219–220 Network pane, System Preferences, 369
setting up forwarding ports, 159 Web screen, Server Preferences
VPN clients, 210–218 configuring web services, 361
adding new network interface, 212 configuring web site, 362
adding new VPN interface, 213 web servers
620 Index

Apache web server, 357–395 providing access to directories

global configuration options, 365– outside web sites, 378–379
371 securing sites for transactions, 376–
initial considerations, 357 377
Mac OS X, 357 setting up, 359–365
Mac OS X Server-based web server, Web, the
357 authenticating through the Web, 446
managing Apache modules, 366–367 running workflows from the Web, 446–
memory requirement, 357 447
MIME types, 367–368 WebDAV protocol
pre-configuration, 358 Address Book service, 260
proxy services, 368–371 description, 277
setting up with Server Preferences, 360– WebDAV setting, configuring site-specific
363 options, 373
web service, setting up in Mac OS X, 359– webmail, 328–329
365 configuring web services, 361
Web Services enabling, 328
accessing web services page, 383 Server Admin: Web window, 328, 329
collaboration services, 379 Website field, contact information
configuring web proxy entries, 346– Server Preferences, 118
347 welcome message
configuring wikis, 381, 382 customizing, iChat, 310
editing MIME types for Web service, Messages tab, FTP service, 485
368 welcome screen, Mac OS X Server 10.6, 17–
enabling proxy for, 342 18
forward proxy, 369 whitelisting, 333, 354
integrating iCal server with Wiki, 285 wide-area Bonjour browsing, 194
preparing for Podcast Producer, 418, Wiki
419 iCal wiki interface, 295
providing access to directories integrating iCal server with, 285–286
outside web sites, 378 Wiki Creators setting, configuring wikis, 381
setting up with Server Admin, 363– Wiki Server option, enabling iCal with Server
365 Admin, 281
using blogs, 389–393 Wiki tab, Server Admin: Web window, 381,
using wikis, 381–389 382
Web Services tab, Server Admin, 285 wikis
Web Services tab, Server Admin: Web access control, 386–387
window, 329 accessing content, 393–395
Web Services tab, Sites pane, 380 accessing web services page, 383
web sites assigning themes, 385–386
adding/removing web sites, 371 authenticating wiki site, 383–384
configuring certificates for web sites, choosing template for, 385–386
376 configuring web services, 360
configuring site-specific options, configuring wikis, 381, 382
371–376 creating, 385–388
creating, 371–379 description, 379
hosting, 358 editing, 387
learning resources, 576 enabling, 380
password protecting web sites, 377– entering page content, 388–389
378 landing page, 387
per-site logging, 375 setting up wiki, 382
 Index 621

Spotlight, 395 enabling Inspector, 140, 141

using, 381–389 inspecting records, 140–142
Wikis service authentication, 354 managed preferences, 132, 524
windows managing directory service objects
connecting to SMB with, 484 with, 116–141
setting up iCal clients for Microsoft Mobility icon, 137
Windows, 296 Mobility managed preferences, 137
SMB as domain controller for, 482– ports, 109
483 Preferences screen, 141
Software Update window, 29 Workgroup Manager: Local window
Windows clients, deploying printers to, 526– creating computer groups, Basic tab,
528 130, 131
WINS (Windows Internet Name Service), 91, creating computer groups, Members
483 tab, 130, 132
WINS Registration setting, 91, 482, SMB creating groups, Basic tab, 129
WINS tab, Subnets screen, 181, 182 creating groups, Members tab, 129,
Workflow Inspector, 434 130
workflow option, podcast command, 448 creating users, Advanced tab, 125,
workflows 126
automations, 254, 255, 256 creating users, Basic tab, 123, 124
custom workflow window, System creating users, Groups tab, 127
Image Utility, 255 creating users, Info tab, 127, 128
setting up podcast workflows, 427– creating users, Inspector tab, 141,
436 142
controlling access to workflows, creating users, Privileges tab, 124,
435–436 125, 126
Podcast Composer, 428–433 Home tab, 136, 137
Podcast Composer exporting Workgroup Master Browser setting, 90
workflows, 435 Workgroup name, 87
setting poster frames, 433–434 WPA 2 Enterprise, using RADIUS, 222
workflows, podcasts, 436–447 Write options, ACEs, 501
binding cameras, 443–445 Write permission, POSIX, 65
running workflows from the Web, 446–
447
Workgroup Manager
Account creation options in, 139
■X
Xgrid Admin, tracking status of renders, 441
account creation policies in, 138 Xgrid controller, Podcast Producer Setup
Available Printers list, 525 Assistant, 421
configuring policies, 132–134 XMPP (Extensible Messaging and
configuring print quotas, 520–522 Presence Protocol), 303
configuring Software Update for Enable XMPP server-to-server
clients, 560–562 federation option, iChat, 307
creating computer groups, 130–132 federating iChat, 311
creating groups, 128–130 federation, 303
creating guest account, 131 Xserve
creating users, 123–127 choosing hardware, 7
creating users and groups, 35–37 Mac OS X Server 10.6 requirements, 11
deploying printers to groups of users, ! XXX file manipulation, 284
524–526
disabling inactive accounts, 112
Dock Display tab, 133
622 Index

■Y adding zones, 192–193

configuring secondary zones, 197–
! YYY file manipulation, 284 198
creating records, 193

■Z
domains, 189
editing zone files, 199–200
ZideOne connector, CalDAV, 296 primary zones, 192
Zones button/screen, Server Admin: DNS secondary zones, 192
window, 25, 26, 192, 194, 197, 198 zone files, 189
zones, DNS zone transfers, 191