This is actually a hint for both OS X Server 10.5 and iCal. I was trying to implement the calendaring feature in OS X Server and hit a wall when Apple's documentation did not explain how to set up multiple calendars for a single group, and how to manage them in iCal. After much searching, I found the answer (not supported by Apple) in this Apple Discussions thread.
In order to create a group calendar, you have create a group and enable calendars for that group. This is reasonably well explained in the "iCal Service administration guide for Version 10.5 Leopard" guide. In order to view the group calendars, open iCal (it has to be iCal 3), open its Preferences, and click on the Accounts tab.
Having a pressing need to access a Cisco router via the console cable, and not having a PC with a serial port laying around anywhere, I decided to look into how to access the serial port on an Xserve that's running Leopard Server. Previous hints targeted at Tiger Server and below, however, do not work any more as the serial support files are no longer found in /System » Library » StartupItems/. Through some digging, I found the solution to the problem and can now access the router via the serial port at any time, even from my iPhone (through Terminal, of course)!
Leopard Server moved the SerialTerminalSupport shell script to /usr » libexec » serial. The syntax for launching it remains the same, though, just the location has changed. Thinking that was all it took, I stopped the SerialTerminalSupport service with this command (run all these commands as superuser):
And tried to launch the screen program to open a connection via the serial port with screen /dev/cu.serial. No luck. I see bits and pieces of the Cisco's console prompt in my Terminal window, but the screen session keeps sending garbage -- to the point where I'd have to close the Terminal window and issue a kill command to let go of /dev/cu.serial and the screen session.
It turns out that by default, OS X Server sets the baud rate of the serial port to 57600, which is too fast for the Cisco console port.
Squirrelmail as included with Mac OS X Server lets you remotely access your Inbox via a web-browser. It also automatically creates sub-folders to store drafts, sent, and trashed emails as done during a Squirrelmail session. These have a folder structure like this:
When you look at this in Apple Mail, you will see a triangle next to your Inbox, and turning it down reveals the same sub-folders. The purpose of this posting is that this structure is not the same as the default Apple Mail structure, and as such, Apple Mail and Squirrelmail will not automatically be using the same IMAP folders to store drafts, sent, and trash.
It is possible in Apple Mail to select one of these Squirrelmail-created folders, and go to the Mailbox menu and select the "Use This Mailbox For..." command to make it the folder to use for that purpose. It is also possible to edit the Squirrelmail config.php file to adjust its settings which as default will be:
I have worked out what to set Squirrelmail to use so that it will then use the same folders that Apple Mail uses as standard. The benefit would be that rather each and every user having to alter the Apple Mail setup, I could do one edit of the config file for Squirrelmail and this would then apply forever for all users.
OS X 10.5 Server comes with a Radius server, but at the surface, it seems that Apple only ships with support for wireless access stations. However, the foundation is a fully working FreeRadius server.
When trying to get the Radius server to work together with our Checkpoint firewall for VPN authentication, I found that the Radius server tries to authenticate the users against the /etc/passwd file. However, for authorization, it correctly queries the OpenDirectory. I opened a support call with Apple, and I eventually received the following instructions to change the behavior.
Read on to see the response I received from Apple...
This one is simple, but can save some incredible headaches.
When installing OS X Server 10.5, you are presented with a few different install options. If you plan to use Apple Remote Desktop with your machine, you should choose Advanced. The standard install will only allow Screen Sharing to be used.
[robg adds: A friend who administers Server tells me "one can activate ARD via the kickstart command, logged in via ssh, but Advanced indeed activates ARD right after configuring."]
I was finally able to figure out how to disable SSH access to a user account, but still allow SFTP to occur. Edit /etc/sshd_config, and add this section:
Match User sftponly
ForceCommand /usr/libexec/sftp-server -l INFO
Replace sftponly with your short user name, then save the file and quit the editor.
[robg adds: You'll probably have to restart Remote Login in the Sharing panel to make these changes take effect, but I'm not sure of that, as I haven't tested this hint. It's categorized as an OS X Server hint, but I have no reason to think it wouldn't work in Client as well.]
I have succesfully made Apache 2.2 use the accounts in our Mac OS X Open Directory, instead of a flat text file. I found that the DN (distinguished name) needed an extra element on the front, uid=. But all the examples I had been finding on the web used a DN of this form:
Once I added uid=USERNAME on the front, and omitted the cn= part, it worked fine:
I found this out by using the command-line tool ldapsearch:
This is a way to transparently set up a server to cache software updates on your local network. This doesn't require any modifications (defaults write...) on clients -- it just works. And I didn't find any other similar solution on the internet; not even here! It does require Mac OS X Server, however. Here's how we did it:
Build a Mac OS X Server and call it yoursus. We used a headless Mac mini to do the job.
You must use external DNS servers on this server (so it won't check itself for updates).
Add a record for your server on your internal DNS, so yoursus.yourdomain.com resolves to your SUS's IP.
Start Software Update Server (SUS). It may take some time to cache all updates -- our /usr/share/swupd/html/ folder now has almost 9GB of files in it!
Start Web Service, and add following redirect (Server Admin » Web » Sites » default » Edit » Aliases » URL Aliases and Redirects » Add » Redirect):
Add a zone in your internal DNS, called swscan.apple.com, and point the whole subdomain to the IP of your SUS.
Flush your DNS cache on the clients: lookupd -flushcache
Now test your setup. Using Safari, following this link to Apple's catalog on your SUS should show Apple's real catalog (ApplePostURL should start with swquery.apple.com), while the same on other computers in your network should resolve and be forwarded to your SUS, http://yoursus.yourdomain.com:8088/index.sucatalog (ApplePostURL will start with yoursus.yourdomain.com:8088 this time).
I was trying to figure out why Static Maps would not work on my 10.4 Server. The setup is straightforward: add MAC Address and assign IP; pretty simple. However, my server would not hand out the assign IPs.
Well I found out that when you create static maps on OS X Server, your clients should not have anything in the DHCP Client ID box (i.e. they should leave it blank). Hopes that helps someone!
Recently we installed an Intel XServe at a company where all Mac stations were running Mac OS 9.2.2. I may seem odd, but here in Greece, most of the publishing companies still rely on native boot Mac OS 9 stations. The problem that occurred was that none of the Mac OS 9 stations could not search the 1.5TB shared AFP volume of the XServe with Sherlock, an abilty that the older Panther Server use to provide.
After extensive search, I end up to the conclusion -- I may be wrong -- that the missing Install Mac OS 9 drivers option of the Disk Utility was to blame. This conclusion came up since Mac OS 9 clients can successfully search any PowerPC-based Tiger Server. I've come up with this solution: install Searchlight, a $29.90 utility, on the XServe, and Netscape 7.02 on the Mac OS 9 clients. It's not perfect, but it's a solution.
[robg adds: Lacking an Xserve here at macosxhints HQ, I can't confirm either the problem or a solution...]