I'm not claiming to have thought of this, but I've implemented it at home and it's working well, so I thought I'd pass it on. I found instructions at www.afp548.com on how to set up my local DNS server to block ads.
The steps are fairly well laid out, and I didn't have any problems setting it up on OS X 10.2.8 Server.
[robg adds: As I usually do on such hints, I'll add a friendly reminder that ads are what help keep many free websites free. That said, many ads are amazingly annoying and distracting. That's why I prefer to block them at the local level, as I can then control exactly which ones I don't want to see...]
While Ars has detailed the changes in 10.4 Client, AFP 548 goes into elaborate detail on the behind the scenes changes in 10.4 Server. Some of the subjects discussed include Open Directory (LDAP), new Client management, Apple's implementation of ACLs, implementation of the Jabber IM protocol and chat logging, as well as other details from someone who works with and implements OS X Server solutions professionally.
[robg adds: This is the most detailed look at Server that I've seen yet -- reviews of Server have been somewhat hard to find, which is why I chose to run this as a story instead of just a link. If you know of other Server reviews, please list them in the comments.]
Your Apple users love you for getting them an Xserve with a true AFP service for their file sharing, but your Windows users continually feel that their connections are sluggish. No, don't go migrating all of your Windows data off the Xserve, simply have your Windows users map the network drive that they are trying to access.
I've seen this work at many different sites to speed up Windows XP connections to Mac OS X Server's SMB shares.
For a while now, I've ignored a 15-second (approximately) delay when connecting to an OS X Server (10.3) FTP server (xftpd). The delay was occurring after connecting, but before the server prompted for login.
After not finding any solutions in my searches online, I finally resorted to figuring it out myself. It turns out that, by default, the FTP service on OS X Server is configured to attempt to use RFC 931 to identify the user of the connecting client. However, the client is not, by default, configured to support the same functionality.
Fortunately, some digging in the man pages suggested that adding the -I command-line option to the FTP server (in the xinetd configuration) might eliminate the connection delay ... and it did! Included below is the (modified) /etc/xinetd.d/ftp file from my server (the -I option was added to the existing -a on the server_args line).
disable = no
instances = 100
socket_type = stream
wait = no
user = root
server = /usr/libexec/xftpd
server_args = -aI
groups = yes
flags = REUSE
With this change, there's no more delay when connecting...
After googling and searching in macosxhints.com without finding a solution, I finally got this to work, so I hope this may help others. The problem I had was that I could not get JSP files to be served on port 80. When I started Tomcat, I could only see Tomcat's examples, which are on port 9006. There may be a better solution, but being new to Tomcat, this is how I solved it. If someone else has a better solution I'd be happy to hear from you.
The OS X Server (Panther) CDs will not boot the MacMini. To work around this, attach a FireWire drive to a Mac capable of installing Panther Server. Install to the FireWire drive, and run all updates. Now connect the FireWire drive to the mini, and boot off of the mini's Boot DVD. Click on the Apple logo menu item, and choose Disk Utility.
Once Disk Utility is opened, select the Mac mini internal disk and choose Restore. Drag the FireWire volume to the source box, and drag the mini's hard drive to the destination box, and choose Restore. Once complete, shutdown and disconnect the FireWire drive and reboot the mini into Panther Server.
Since I have a couple of Mac OS X Server boxes running on non-XServe hardware using Apple's built in software RAID feature, I needed a way to monitor the status of mirrored RAIDs (that is, a way to be notified when one disk blows up, before the entire system fails because the other disk blows up). So I wrote a Perl script that will parse the output of diskutil checkRAID and, if any RAID sets are degraded, will email a warning to a specified email address. You should ideally run this as, say, an hourly cronjob as a non-root user, on a machine that is able to send mail via the unix mail command.
Obviously this isn't terribly sophisticated. I'm sure it'll work for striped disk arrays as well, but there's little point -- once a stripe is degraded, you're going to be restoring from backup. If Apple allows more sophisticated RAIDs in the future (0+1, 5, etc.), then hopefully they'll also provide robust monitoring tools.
I put the output to the log just as a record; it's overwritten every 10 minutes and errors go to /dev/null. You could remove that bit and allow your cron job to notify you if there is an error. Hope this helps someone; it keeps me from being woken up at 4am!
The mail server admin panels in Panther Server have changed from their equivalents in Jaguar Server, hiding the options to modify the port on which Postfix listens for SMTP connections. Combined with the trend of more ISPs blocking traffic on port 25, this has become a more popular problem.
As root, edit the file /private/etc/postfix/master.cf, so it looks something like the following. I use port 2525 in this example; you can substitute it with any port you'd like to use...
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd
2525 inet n - n - - smtpd
This editing should consist of adding the last line given here.
Restart your mail service in 'Server Admin,' or restart your server, and you should be golden.
You will have to edit the mail clients' SMTP preferences to use this port. If your client is Mail.app, this is simple and in the 'Accounts' pane of 'Preferences.'
I have a couple of virtual domain hosted on my OS X server box, and wanted those domains to be able to host their own mailing list. So after much searching on the Internet, here are the config changes for mailman: