Setting up OS X Server has never been easier. Neither has upgrading OS X Server. In this article, we’ll look at upgrading a Mac from OS X 10.8 or 10.9 running Server 2 or Server 3 to OS X 10.10 (Mavericks) running Server 4. The first thing you should do is clone your system. The second thing you should do is make sure you have a good backup. The third thing you should do is make sure you can swap back to the clone should you need to do so and that your data will remain functional on the backup. The fourth thing you should do is repeat all that…
-
-
Set Up The VPN Server and Client on Yosemite Server
OS X Server has long had a VPN service that can be run. The server is capable of running the two most commonly used VPN protocols: PPTP and L2TP. The L2TP protocol is always in use, but the server can run both concurrently. You should use L2TP when at all possible. Sure, “All the great themes have been used up and turned into theme parks.” But security is a theme that it never hurts to keep in the forefront of your mind. If you were thinking of exposing the other services in Yosemite Server to the Internet without having users connect to a VPN service then you should think again,…
-
Setup The DCHP Service In Yosemite Server
DHCP, or Dynamic Host Control Protocol, is the service used to hand out IP addresses and other network settings by network appliances and servers. The DHCP Server built into OS X Server 3, installed on Yosemite running the Server app (aka Yosemite frickin’ server) is easy-to-use and fast. It’s pretty transparent, just as DHCP services should be. To install the service, open the Server app and then click on the Show button beside Advanced in the server sidebar. Then click on DHCP. At the DHCP screen, you’ll see two tabs: Settings, used for managing the service and Clients, used to see DHCP leases in use by computers that obtain IP…
-
OS X Yosemite Server and dnsconfig
DNS is DNS. And named is named. Except in OS X Server. The configuration files for the DNS services in OS X Server are stored in /Library/Server/named. This represents a faux root of named configuration data, similar to how that configuration data is stored in /var/named on most other platforms. Having the data in /Library/Server/named makes it more portable across Mac DNS Servers. Traditionally, you would edit this configuration data by simply editing the configuration files, and that’s absolutely still an option. In Yosemite Server, a command is available at /Applications/Server.app/Contents/ServerRoot/System/Library/PrivateFrameworks/DNSManager.framework called dnsconfig, introduced back in Mavericks. The dnsconfig command appears simple at first. However, the options available are actually…
-
Mac Network Commands Cheat Sheet
After writing up the presentation for MacSysAdmin in Sweden, I decided to go ahead and throw these into a quick cheat sheet for anyone who’d like to have them all in one place. Good luck out there, and stay salty. Get an ip address for en0: ipconfig getifaddr en0 Same thing, but setting and echoing a variable: ip=`ipconfig getifaddr en0` ; echo $ip View the subnet mask of en0: ipconfig getoption en0 subnet_mask View the dns server for en0: ipconfig getoption en0 domain_name_server Get information about how en0 got its dhcp on: ipconfig getpacket en1 View some network info: ifconfig en0 Set en0 to have an ip address of 10.10.10.10…
- Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Network Infrastructure, sites, Ubuntu, Unix
Manage Apex Domains In OS X
OS X Server supports running a traditional bind implementation of DNS. You can define a record for most any name, including google.com, www.google.com, www.www.google.com, etc. You can use this to redirect subdomains. In this example, we’ll create an A Record to point www.google.com to 127.0.0.1 without breaking other google.com subdomains. To get started, let’s use the DNS service in the Server app to create test.www.google.com. The reason for this is that OS X will then create a zone file for www.google.com. If we created www.google.com instead, then OS X would automatically create google.com, which would break the other subdomains. To do so, open Server app and click on the DNS Service. Then…
-
Bringing stroke Back
Stroke got moved, so dug this up and am reprinting with the latest and greatest location. Network Utility has a port scanner – it’s built in and really easy to use. Sure, stroke isn’t nmap, but it’s not trying to be… Since Network Utility is distributed with every copy of Mac OS X it stands to reason that every copy of Mac OS X has the ability to scan a port without using a GUI tool. Enter one of the best named tools in Mac OS X, stroke. Stroke is the command line back-end to the Port Scan tab of Network Utility. To use stroke, you will need to cd into the…
-
Network Port Testing With Netcat
You can do some pretty simple testing of ports and network communications using strategies I’ve outlined in the past with tcpdump, trace route, telnet, curl, stroke and of course ping. However, netcat has a few interesting things you can do with it; namely actually run a port super-quickly to test traffic between subnets, forcing scans of ipv6 traffic, debugging sockets, keeping connections alive, parodying through SOCKS 4 and 5 and just checking for daemons that are listening rather than actually sending data to them. In this first example, we’re going to just check that Apple’s web server is accessible (adding -v for verbose output): /usr/bin/nc -v www.apple.com 80 The result would be pretty verbose…
-
New AWS OmniGraffle Stencil
Before I post the new stencil, let me just show you how it came to be (I needed to do something, which required me to do something else, which in turn caused me to need to create this): Anyway, here’s the stencil. It’s version .1 so don’t make fun: AWS.gstencil. To install the stencil, download, extract from the zip and then open. When prompted, click on Move to move it to the Stencils directory. Reopen OmniGraffle and create a new object. Under the list of stencils, select AWS and you’ll see the objects on the right to drag into your doc. Good luck writing/documenting/flowcharting!
-
Configure Syslog Options on a Meraki
Meraki has a syslog option. To configure a Meraki to push logs to a syslog server, open your Meraki Dashboard and click on a device. From there, click on “Alerts & administration”. At the “Alerts & administration” page scroll down to the Logging section. Click on the “Add a syslog server” link and type the IP address of your syslog servers name or IP. Put the port number into the Port field. Choose what types of events to export. This could be Event Log, Flows or URLs, where: Event Log: The messages from the dashboard under Monitor > Event log. Flows: Inbound and outbound traffic flows generate syslog messages that…