To share your Ethernet connection through AirPort under 10.3 Server, do the following:
Ethernet card must have a static IP.
In Server Admin, under NAT, share your Built-in Ethernet.
Under DHCP, create a new subnet with the following settings:
Subnet mask: 255.255.255.0
Network Interface: en1
Router: Ethernet card's IP.
Also make sure you have the correct DNS entered.
Create a Computer to Computer Network with the AirPort menu item.
All internet traffic will now be routed through this connection to connected users. A point to note is that if I enabled WEP on my computer-computer network, I could not obtain an IP address from my DHCP server. Instead I made my DHCP IP range only 1 IP long.
If you install Panther Server and attempt to set up MovableType with MySQL, it will fail and corrupt some of your data. The problem lies in the datetime fields in the MovableType tables in mysql. To solve this problem:
Archive your existing mysql data (if any) from /var/mysql (I changed to the /var directory and used tar cvpf /tmp/mysql-data.tar ./mysql)
Install the downloadable MySQL install from the mysql.com download page (detailed install instructions can be found at the excellent Entropy site).
Go to the new directory (/usr/local/mysql) and move the data subdirectory to one side (mv data data.standard)
Extract the backup and rename it (tar xvpf /tmp/mysql-data.tar; mv mysql data).
Install the startup script (part of the MySQL distribution) and start restoring your MovableType data.
The main reason that the two versions can be installed stems from the fact that the startup scripts use different flags in /etc/hostconfig. The Apple version uses MYSQL which will be set to -NO- by the MySQL installer. The MySQL version uses MYSQLCOM which will be set to -YES-.
When Apple releases a patch for the problem, you can reverse the settings in /etc/hostconfig and move the data files from /usr/local/mysql/data back into /var/mysql.
In Jaguar server, the GUI admin tool had a section to add an account for all email to be sent if the user did not exist. This feature is not part of Panther Server. After much trial and error, and many readings of many forums, I figured out a simple, if annoying way to do this.
As root, vi /etc/postfix/main.cf and include the following line (I put mine at the bottom of the file):
virtual_alias_maps = hash:/etc/postfix/virtual
As root, vi /etc/postfix/virtual and add the following:
I put this at the top above the comments. You must include all local users or the catch-all account will get all mail. localUser# is used in place of the actual user account name for local users. catch-all is used in place of the account you designate as the catch-all. domain.com is used in place of your domain name. There are tabs between the entries on each line. There is a caveat -- if you create an alias, that email will go to the catch-all account as well as to the aliased accounts.
As root, run postmap /etc/postfix/virtual
As root, run postfix reload
That is it!
[robg adds: I don't have Server, so I can't attest to the workability of this fix...]
See diskutil's partitionDisk output for examples. There's no GUI way, that's why you reading this! A partition map and yours partitions will be created and will have a new fs created and mounted (as /dev/disk3s2 and /dev/disk3s3 in my example).
Yes! That's it! Easy?
I'v tried this on PMG4 using two 6GB HDD's and running Mac OS X Server (10.2 & 10.2.8). Then on an XServe with two 180GB IBM's (why Apple is still using these?) Works great. Disk Utitilty.app sees the RAID, can check it, but it has no clue about the volumes on it. So you have to fsck manually. When journaling is turned on, this is probably not needed. Turn on journaling using diskutil enableJournal /Volumes/Part1. Thats all for now. Have fun!
I have a client who I set up with an OS X Server. In addition to Users' home directories, there is a shared folder where my users save files that need to be read and written to by all users. OS X Server has default permissions set so that the owner of a file has read/write access and everyone in the group has only read-only access (standard UNIX behavior). I needed (as do many others, I have found out) to let the group have read and write access, as well.
Although Apple's KnowledgeBase article number 107623 claims that OS X 10.2.6 server can be set to inherit permissions or set with custom permissions, this ability seems to be less of a feature and more of a phantom. After searching the Apple Discussions, I have found many other users with similar problems, and the only solution seems to be to give up with Workgroup Manager and embrace cron. Until tonight I had never used cron, but I now understand its use. I wanted to pass on my solution to this problem to anyone else with this or a similar problem (I also posted on the Apple Discussions).
You will need a basic understanding of how to execute commands via the Terminal (specifically pico) and have a basic understanding of permissions (owner, group, others, chmod, etc...).
This hint is just ment to instruct a user on how to turn SNMP (a brief overview of SNMP is at the end of the hint) on with basic setup info. How to use the CLI to get info is not dealt with ... or you can buy a graphical interface to monitor your Mac. By no standard am I an expert on this; I have been forced to use this method to monitor my server since Apple does not support "Server Monitor" (a great monitoring app) on the G4 on which I installed my server software (I should have bought an XServe; if you want to remote monitor your Mac, read on). So anyway, I had to learn a new thing, not so bad.
Basic setup of SNMP on OS X server:
[client is not the same; Server only in 10.2]
Log in as Root. This is easier so you can edit the hidden files you need to. If you know how to use the sudo command and a unix text editor, feel free.
Use the Go -> Go to Folder command and enter /etc.
In the list of files, find hostconfig and open it.
Under the header # Services, add SNMPSERVER=-YES- below the list of other services, and save the file.
Now open Terminal window and type or paste snmpconf -g basic_setup (you must be root user or use sudo command). Enter man snmpconf first to read about this command if you wish.
Follow the instructions onscreen to set up the basics. This can get very detailed and you can run it again after you read more on SNMP and understand what to enter better.
When you finish, I would restart ... but if you know how to use the CLI to start the process or restart the SNMP process, you can do that instead.
Now you can use SNMP commands from a UNIX terminal on any Mac and get info about the Mac you just set up.
For the Newbie, SNMP is Simple Network Management Protocol, which is used in some cases to manage a PC and more so on the Mac-end to monitor machines. You can get a verity of information like running processes, CPU usage, temperatures and lots more. The information you get depends on two things. Your hardware can supply the information to the system and the MIB (Management Information Base) files installed in your system. All Mac OS X installs include some form of SNMP; you just have to turn it on and use it. For more information, go to www.net-snmp.com and www.dartware.com/net-snmp.
[robg adds: I haven't tested this one, and I'm not sure if it's even possible on Client as opposed to Server -- anyone know for sure?]
What is more annoying than mcx_cache when dealing with clients in a Mac OS X Server lab? Have you recieved a window saying that you are not permitted to log in? And you are 100% sure that everything is set up correctly; login might even have worked for days until this shows up!
In most cases (atleast here), this is because of this annoying cache file, storing information about your Mac OS X Server. Destroying this directory from NetInfo has been 100% painless in all ways here, as it is re-created again at next log in.
For some time, I did this manually by destroying it from the NetInfo Manager app, but as my school got more and more X clients, and it was taking up a lot of time, I had to find a better solution to this. The solution was to create a cron script to run a command that did this automatically. I use the great app CronniX to make the cron script. From this app, choose to manage the System User's crons. Add a new one, and choose run time yourself; I set mine to run one time each hour. The command to execute is this:
sudo niutil -destroy . /mcx_cache
[robg adds: I can't vouch for this one, having no access to nor experience with Server...]
While looking at a server share point I admin, I learned an interesting anomaly that I hadn't been aware of before. When I login to the server remotely, I login as jmserver. Say I create a folder on the mounted sharepoint. That is, I don't drag it from the client machine to the server, but rather create a folder directly in the folder of the sharepoint.
When I look at that folder with the Finder of the client machine (ie I'm not working on the server directly), "Get Info" tells me that the owner of that file is "blank." Why doesn't the Finder know that jmserver is the owner?
MacManager tells me that the UID for the user jmserver on the server is 1035. New folders created on that share point then are owned by jmserver with UID 1035 (you can see the UIDs of a given file with ls -n).
NetInfo is the tool that associates the UIDs of files with the names of the owners. In this case, there are two NetInfo Databases -- one on the client machine, and one on the server. NetInfo on my client machine doesn't have an entry for a UID of 1035, so when the (client) Finder asks NetInfo who is associated with 1035, it reports back with a "blank." I tested this by creating a new user on the local machine with a UID of 1035 -- and, bob's your uncle, the Finder began reporting that the owner was the new user.
The bottom line is that the Get Info view of permissions is not be trusted when looking at a server share; you can only believe the terminal. And, if you need to change permission settings, you will only be able to do this in the terminal, not with the Get Info view, since it only allows owners to make those changes, and it doesn't recognize you as an owner.
I have a Server with Mac OS X Server 10.2 on it. And I wanted to restrict what kind of applications some of my users could use. With all built-in Apple apps, and most everyone else's programs, it's no problem. Just restrict access to everything, then allow the apps you want them to use.
But with some apps, like CoooL and R-Name, when I add these applications, this shows up in my allow list: com.apple.creatorcode.????. Then I can't separate those two apps from each other, or other apps with the same behavior.
The fix for this is to show the contents of the application (control-click on the application, then select Show Package Contents), then edit the /Contents -> Info.plist file using Property List Editor, or the text editor of your choice. In Property List Editor, create a new child. Call the Property CFBundleIdentifier, the Class is String, and the Value is the name of the application. Save it, then try to re-add the app to Workgroup Manager, and look at that beauty! It should work as expected now.
Found out your built-in FTP server isn't running as it did, after you activated the Firewall and even opened up the 20 and 21 IP ports, too? The built-in FTP server in 10.2, when using passive mode file transfers, opens an IP port which can be any one number between 1024 and 65534; the IANA registered ports for passive FTP are 49152 to 65534.
If you don't use an IP firewall (IPFW), you wouldn't notice this, but when the IPFW is switched on (specially on the server version), you find out that the whole FTP server does it's work only halfway. You can connect and get the first directory listing, but not any other listing, and starting a file transfer fails. Why, because in the IPFW we normally add only the two standard FTP ports 20 (listing) and 21(active file transfer) to open up holes to allow connections to the FTP Server.
In the Server Admin Tools, only these two IP ports are mentioned. With the Tool, you can't even set up the needed IP port range. This means without using the terminal and configuring the IPFW directly, you can't use the the FTP Server and IPFW together. It's one or the other "out-of-the-box!" After a lot of trial and error, and google'ing on the net, I found the following solution.
The first thing I found out was that the Mac OS X built-in FTP Server is not Apple's own design, it's actually an adapted WU-FTPD source to integrate it better with MacOS X. Second thing, after finding it's a WU-FTPD version, in the user manual (man files) on their website, there's an option to lock down the IP port range for passive FTP file transfers with the command passive ports cidr min max, which needs to be added to the /Library -> FTPServer -> Configuration -> ftpaccess config file. The third thing I found is that opening the firewall for the IANA registered ports for passive FTP mentioned above.
This was the short version of what needs to be done to get the FTP Server working correctly again.
A full version How-To, with all the command line entries, can be found here. Hope this post is some help to other Server Admins whose FTP server isn't working correctly.