Let’s start out with what’s actually available in the Server Admin CLI: serveradmin. The serveradmin command, followed by settings, followed by san shows a few pieces of information: /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin settings san The results would be similar to: san:computers = _empty_array san:primaryController = "95C99FB1-80F2-5016-B9C3-BE3916E6E5DC" san:ownerEmail = "krypted@me.com" san:sanName = "krypted" san:desiredSearchPolicy:_array_index:0 = "" san:serialNumbers = _empty_array san:dsType = 0 san:ownerName = "Charles Edge" san:managePrivateNetwork = yes san:metadataNetwork = "10.0.0.0/24" san:numberOfFibreChannelPorts = 2 san:role = "CONTROLLER" Here, we see the metadata network, the GUID of the primary (active) MDC, the name of the SAN, an array of serial numbers (if applicable – rarely encountered these days), the owner info plugged in earlier…
-
-
Managing DNS Services In macOS Server 5.4 for High Sierra
The changes in the Server app are pretty minimal in the macOS Server 5.4 version that we’re now looking at. All of the options from previous versions are still there and the dnsconfig command line interface for managing the service are basically unchanged. The DNS service in macOS Server, as with previous versions, is based on bind 9 (BIND 9.9.7-P3 to be exact). This is very much compatible with practically every DNS server in the world, including those hosted on Windows, macOS, Linux and even Zoe-R. The first time you open the DNS Service click on the DNS service in the ADVANCED section of the list of SERVICES. Then, click on the cog wheel…
-
Configure The Adaptive Firewall In macOS Server 5.4 for High Sierra
macOS Server 5.4 running on High Sierra (macOS 10.13) has an adaptive firewall built in, or a firewall that controls incoming access based on clients attempting to abuse the server. The firewall automatically blocks incoming connections that it considers to be dangerous. For example, if a client attempts too many incorrect logins then a firewall rule restricts that user from attempting to communicate with the server for 15 minutes. If you’re troubleshooting and you accidentally tripped up one of these rules then it can be a bit frustrating. Which is why Apple gives us afctl, a tool that interacts with the adaptive firewall. To enable the adaptive firewall, use the -f…
-
Setup An Open Directory Master In macOS Server 5.4 On High Sierra (10.13)
Open Directory has never been this easy to setup for a basic environment as it is in macOS Server 5.4 (for macOS 10.13 running on High Sierra). As with almost any previous version of macOS Server and Open Directory, once you’ve installed the Server app, run the changeip command along with the -checkhostname option to verify that the IP, DNS and hostname match. If (and only if as it will fail if you try anyway) you get an indication of “Success.” I know, I know, you’ve been told that you didn’t have to do this kind of command line stuff any more… But really, you should – and if you don’t…
-
Configure The Mail Service In macOS Server 5.4
Mail is one of the hardest services to manage. Actually, mail is pretty simple in and of itself: there’s protocols people use to access their mail (such as IMAP and POP), protocols used to communicate between mail servers and send mail (SMTP, SMTPS) and then there’s a database of mail and user information. In macOS Server 5.4 for High Sierra, all of these are represented by a single ON button, so it really couldn’t be easier, once you can just enter email addresses into the Users section. But then there’s the ecoysystem and the evil spammers. They’re totally the worst. Like ever. As the former systems administrator of a large number…
-
Promote A macOS Server Open Directory Replica To An Open Directory Master
Previously, we looked at setting up an Open Directory Master in macOS. An Open Directory Replica keeps a copy of the Open Directory database available for users even when the Master goes offline. But it can also take a part of the load from the Open Directory Master and when using the new Locales feature, balance network traffic. To get started with an Open Directory Replica, first enable SSH, now disabled by default. If SSH is not enabled, you will not be able to create an Open Directory Replica. SSH is enabled on a server by opening the Server app, clicking on the name of the server and then clicking…
-
statshares in Server 5.4 for macOS High Sierra
The statshares option has an -m option to look at a mount path for showing the path to the mount (e.g. if the mount is called krypted this should be something like /Volumes/krypted): smbutil statshares -m /Volumes/krypted When run, you see a list of all the attributes OS X tracks for that mount path, including the name of the server, the user ID (octal), how SMB negotiated an authentication, what version of SMB is running (e.g. SMB_1), the type of share and whether signing, extended security, Unix and large files are supported. Additionally, if you’d like to see the attributes for all shares, use the -a option after statshares: smbutil…
-
Setup the File Sharing Service in macOS 10.13, High Sierra
macOS Server 5.2/5.3 and below had this great file sharing service. And while the GUI elements are gone from the Server app in High Sierra, the options available in the client operating system have matured to the point where they’re no longer really necessary. You can still configure users and groups using the Server app, and once those are created, you’ll be ready to configure share points that can be accessed using the Sharing System Preferences. Configure Sharing Through System PreferencesTo access the sharing options, open System Preferences and click on File Sharing. First, we’ll configure the global options using the Options… button.This brings up the ability to choose whether…
-
Setup The Calendar Service In macOS Server 5.4 for High Sierra
Configuring Calendar Server in macOS Server 5.4 (running on High Sierra) is a fairly simple and straight forward process. The Calendar Server is a CalDAV Server, leveraging HTTP and HTTPS, running on ports 8008 and 8443 respectively. To enable the Calendar service in macOS Server 5.4, first open the Server application and click on Calendar in the SERVICES section of the sidebar. Once open, click on Enable invitations by email to enable email notifications of invitations in the Calendar Server. Provide the email address and then click on the Next button. At the Configure Server Email Address screen, provide the type of incoming mail service in use, provide the address of the mail…
-
Configure NetInstall Services In macOS Server 5.4 for High Sierra
The NetBoot service allows administrators of Apple computers to leverage images hosted on a server to boot computers to a central location and put a new image on them, upgrade them and perform automations based on upgrades and images. Since the very first versions of macOS, the service has been called NetBoot and so the name remains at the command line, but is listed as NetInstall in the Server app. In the Server app, Apple provides a number of options surrounding the NetInstall service, based on Automator-style which we’ll explore further in this article. The first step to configuring the NetInstall service is to decide what you want the service to…