The latest version of the Apple Server app is out (macOS Server 5.4), and before you upgrade, there are a few points to review:
- As always, make a clone of your computer before upgrading.
- During the upgrade to High Sierra, if the operating system is running on a solid state drive, the drive will automatically upgrade to APFS. You cannot share APFS volumes over AFP, so if you’re running file services, make sure you’re aware of that. You can choose not to upgrade to APFS using the command line to upgrade a server. Even though the file sharing services are not in the Server app, you can still configure ACLs using the Storage tab under the server’s main screen.
- The FTP Service is gone.
- Time Machine service is gone, so if you were relying on that, rethink your backup strategy. Some options:
- A third party backup tool.
- A share that Time Machine on client systems can backup to.
- Don’t upgrade.
- Xcode Server is gone. You can still leverage third party tools to get build automations in place, but this is no longer a built-in component of macOS Server.
- Imaging is dead. But NetInstall still works. Because you need to run a firmware update for High Sierra (and APFS), there are caveats to imaging. You can run a NetInstall to install High Sierra onto clients (which does the firmware update). You can do a NetRestore (and Define NetRestore Sources for NetBoot) from a volume that’s already been converted to APFS to another volume that’s already been converted to APFS. But you can’t NetRestore an HFS+ volume onto an APFS volume or High Sierra on APFS onto a volume running HFS+. Long live DEP.
- If you’re running Calendar, Contacts, and/or Mail, then you should consider moving to Google Apps or Office 365.
- Running the Wiki service configures passwords to use a less secure way of storing passwords.
- Alerts, Certificates, Logs, Stats, creating users, Calendar, Contacts, Mail, Messages, VPN, Websites, Wiki, DHCP, DNS, and Xsan haven’t changed in forevers, and remain pretty static in this version.
- Open Directory and Software Update aren’t in the Services or Advanced area of the Server sidebar. You’ll access those through the View menu. The slapconfig and other binaries that comprise OD remain pretty much untouched where they are.
- If you’re running software like anti-virus that has Kernel Extensions, those should work upon upgrade (provided they’re High Sierra compatible). If you reinstall software with Kernel Extensions, you may have to accept the installation of the Kernel Extension, due to a new and more secure way of interacting with Kernel Extensions.
- There are new options in Profile Manager.
Provided that you’re ok with all this, we can proceed with the upgrade!
krypted September 26th, 2017
Posted In: Mac OS X, Mac Security, Mass Deployment
apfs, Apple, file sharing, high sierra, iMaging, MAC, macos, macos server, Open Directory, profile manager, secure kernel extensions, SKEL, slapconfig, SMB, Software Update, upgrade