SSH allows administrators to connect to another computer using a secure shell, or command line environment. ARD (Apple Remote Desktop) allows screen sharing, remote scripts and other administrative goodness. You can also connect to a server using the Server app running on a client computer. To enable any or all of these, open the Server app (Server 5 for El Capitan and Yosemite), click on the name of the server, click the Settings tab and then click on the checkbox for what you’d like to enter.
All of these can be enabled and managed from the command line as well. The traditional way to enable Apple Remote Desktop is using the kickstart command. But there’s a simpler way in OS X El Capitan Server (Server 5). To do so, use the serveradmin command. To enable ARD using the serveradmin command, use the settings option, with info:enableARD to set the payload to yes:
sudo serveradmin settings info:enableARD = yes
Once run, open System Preferences and click on Sharing. The Remote Management box is then checked and the local administrative user has access to ARD into the host.
There are also a few other commands that can be used to control settings. To enable SSH for administrators:
sudo serveradmin settings info:enableSSH = yes
When you enable SSH from the serveradmin command you will not see any additional checkboxes in the Sharing System Preferences; however, you will see the box checked in the Server app. To enable SNMP:
sudo serveradmin settings info:enableSNMP = yes
Once SNMP is enabled, use the /usr/bin/snmpconf interactive command line environment to configure SNMP so you can manage traps and other objects necessary.
Note: You can’t have snmpd running while you configure SNMPv3. Once SNMPv3 is configured snmpd can be run.
To allow other computers to use the Server app to connect to the server, use the info:enableRemoteAdministration key from serveradmin:
sudo serveradmin settings info:enableRemoteAdministration = yes
To enable the dedication of resources to Server apps (aka Server Performance Mode):
sudo serveradmin settings info:enableServerPerformanceMode = yes
krypted September 22nd, 2015
When working on mail flow issues, one of the first troubleshooting steps with any mail server is to try and telnet into port 25 of the server. Exchange has an error, 530, that says that the smtp connection wasn’t authenticated. If you’re trying to relay through an Exchange server, that’s a good thing, as you wouldn’t want an open relay. However, if you’re trying to relay to an Exchange server, that’s not such a good thing. So let’s look at what this symptom looks like. First we try and telnet into port 25 of the server:
telnet exchange.krypted.com 25
Which shows the following:
Then we say hi:
And because the laws of robotics tell it to do so, the server says hi back:
250 exchange.krypted.com Hello
Then we try and relay to it:
And we get this error at some point in our smtp communication:
530 5.7.1 Client was not authenticated
Now, at this point we should look at the receive connector for Exchange, part of Hub Transport. To do so, open Exchange System Manager or Exchange Management Console and select Hub Transport under the Server Configuration section.
Here, locate your default receive connector (don’t do this on a send connector or you will create an open relay), right click it and then click on Properties.
At the Properties dialog, check the box for Anonymous users. This allows for another mail server to communicate with yours over smtp since that other server is basically just running through the message dialog we worked through earlier while telneted into the host. Click Apply to save the changes and for giggles go ahead and stop (disable) and start (enable) the connector.
krypted October 9th, 2013