• Mac OS X Server,  Mass Deployment,  Network Infrastructure

    Adding DHCP Options in Mac OS X Server

    Mac OS X Server comes with a number of DHCP options available; most notably the options available in the GUI. But what about options that aren’t available in the GUI, such as NTP. Well, using /etc/bootpd.plist, the same file we used to define servers allowed to relay, you can also define other options. These begin with the following keys that can be added into your property list: dhcp_time_offset (option 2) dhcp_router (option 3) dhcp_domain_name_server (option 6) dhcp_domain_name (option 15) dhcp_network_time_protocol_servers (option 42) dhcp_nb_over_tcpip_name_server (option 44) dhcp_nb__over_tcpip_dgram_dist_server (option 45) dhcp_nb_over_tcpip_node_type (option 46) dhcp_nb_over_tcpip_scope (option 47) dhcp_smtp_server (option 69) dhcp_pop3_server (option 70) dhcp_nntp_server (option 71) dhcp_ldap_url (option 95) dhcp_netinfo_server_address (option 112) dhcp_netinfo_server_tag…

  • Mac OS X Server,  Mac Security

    Only Use Kerberos with Podcast Producer

    By default the /Library/Preferences/com.apple.pcastserverd.plist allows basic, digest and Kerberos authentication. Attempts to authenticate will be made in the reverse order, respectively. This is pulled from the http_auth_type array, which you can see using the following command: serveradmin settings pcast You can then remove an entry and edit existing entries to change the supported mechanisms using serveradmin if you cannot stop the Podcast Producer service. If you can stop the service then the easiest way to edit the authentication mechanisms is to edit /Library/Preferences/com.apple.pcastserverd.plist directly. To do so, locate the http_auth_type key as you see it here: <key>http_auth_type</key> <array> <string>basic</string> <string>digest</string> <string>kerberos</string> </array> Here, remove each string that you no longer…

  • Mac OS X Server

    Adding Recursion in named.conf

    In DNS, recursion references the process where a name server will make DNS queries to other name servers on behalf of client systems. Most name servers are simply DNS clients that cache information for a specified amount of time. Recursion is disabled by default on most name servers. In Mac OS X recursion is enabled for subnets local to the server only. In environments where you wish to provide recursive queries you can enable recursion by opening Server Admin, clicking on the disclosure triangle for the server you will be configuring and then clicking on the DNS service. From here, click on the Settings icon in the Server Admin toolbar…

  • Mac OS X Server

    15 Changes in Snow Leopard Server

    Now that Mac OS X Server 10.6 has been out for a little while and the new features have able to sink in a bit, it seems like a good time to lay out what those new features are. While on the outside Mac OS X Server 10.6 has been described as a minor update outside of the whole 64-bit thing, it’s worth noting that it sports about as many new features as every version of Mac OS X Server that it follows. These include: NetRestore has been integrated with System Image Utility to facilitate easier creation of NetRestore NetBoot sets, allowing for asr-based restores (asr has not been given…

  • Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Setting up a Dual Directory with Snow Leopard Server

    In Snow Leopard Server it seems that someone at Apple figured out that a bunch of people were building these weird triangle, or dual directory, thingies. So, if you bind a Mac OS X Server to Active Directory and then open Server Admin and then click on Open Directory you’ll see a button to Kerberize Services. Once you’ve Kerberized the services, if you click on the Change… button for Role you’ll see a different option than you normally see when setting an Open Directory Master. In the Choose Directory Role screen you’ll see a new screen that tells you that you’re connected to another directory. It will then ask if…

  • Mac OS X,  Mac OS X Server,  Mass Deployment,  Microsoft Exchange Server

    Snow Leopard & Managed Client Preferences

    In Mac OS X 10.6’s Open Directory, when you add ManagedClient to managed preferences you end up with two com.apple.mail entries (one suffixed with .managed). One is called com.apple.mail.managed, which is used for Mail for 10.5 and below and frankly doesn’t seem to be complete, so I’ve manually populated my environment with keys from 10.5 Server. The other is com.apple.mail, which now supports SSL, but only gives the drop-downl list for Always, showing no options in Once/Often. One thing that was a bit confusing to me is what Beau and I discovered to be a GUI bug, where when you click on a manifest and then click on Once, Often…

  • Mac OS X Server,  Uncategorized

    @bynkii Let the Cat Out Of the Bag – Next Book

    No, not another Snow Leopard post. Well, I suppose it kindof is actually. It’s a pseudo-official announcement that John Welch, Chris Barker and I will be teaming up to write a book on Snow Leopard Server. The book has been posted to Amazon.com and will hopefully be out by Valentines Day. That’s not to say that we will be responsible in any way shape or form for the results if you give your significant other this book for Valentines Day…