In order to use the Apple Volume Purchase Program (VPP), you will need an MDM solution (Profile Manager, Jamf Pro, MobileIron, Meraki, FileWave, etc). The same program is used for device-based VPP or user-based VPP. There are two programs, which is meant to simplify the experience of setting up an MDM solution and long-term maintenance. The first is the traditional VPP account, available to companies and other non-educational environments that have a DUNS number. The second is the newer Apple School Manager, for educational institutions. Before starting to buy apps and associating those apps from an MDM solution, there are a few things you should know. The first is that…
-
-
Manage Groups In macOS Server 5.4 Running On High Sierra
There are a couple of ways to create groups in macOS Server 5.4, running on High Sierra. The first is using the Server app, the second is using the Users & Groups System Preference pane and the third is using the command line. In this article we will look at creating groups in the directory service with the Server app. Once a server has been an Open Directory Master all user and group accounts created will be in the Local Network Group when created in Server app. Before that, all user and group objects are stored locally when created in Server app. Once promoted to an Open Directory server, groups are created in the…
-
Use The Profiles Command In High Sierra
You might be happy to note that other than the ability to interpret new payloads, the profiles command mostly stays the same in High Sierra. You can still export profiles from Apple Configurator or Profile Manager (or some of the 3rd party MDM tools). You can then install profiles by just opening them and installing. Once profiles are installed on a Mac, mdmclient, a binary located in /usr/libexec will process changes such as wiping a system that has been FileVaulted (note you need to FileVault if you want to wipe an OS X Lion client computer). /System/Library/LaunchDaemons and /System/Library/LaunchAgents has a mdmclient daemon and agent respectively that start it up…
-
Websites and Apache on macOS Server 5.4 on High Sierra
Web Services in macOS Server, Linux and most versions of Unix are provided by Apache, an Open Source project that much of the Internet owes its origins to. Apache owes its name to the fact that it’s “a patchy” service. These patches are often mods, or modules. Configuring web services is as easy in macOS Server 5.4, running on High Sierra (10.13), as it has ever been. To set up the default web portal, simply open the Server app, click on the Websites service and click on the ON button. After a time, the service will start. Once running, click on the View Server Website link at the bottom of the pane. Provided…
-
Using Wikis In macOS Server 5.4
A wiki is a repository of dynamically created and managed content, or content created or edited by multiple users collaboratively. This article is about using the wiki service in macOS Server 5.4 (the Apple Server app running on 10.13/High Sierra). I reference file services with WebDAV because it is a very nice integration piece that I think a lot of people will find pretty beneficial. To get started with the Wiki service, first turn it on. This one isn’t heavily dependent on host names (other than being able to access the server from a browser) or directory services (other than being able to authenticate users, but local accounts are perfectly functional)…
-
Setup An Open Directory Master In macOS Server 5.4 On High Sierra (10.13)
Open Directory has never been this easy to setup for a basic environment as it is in macOS Server 5.4 (for macOS 10.13 running on High Sierra). As with almost any previous version of macOS Server and Open Directory, once you’ve installed the Server app, run the changeip command along with the -checkhostname option to verify that the IP, DNS and hostname match. If (and only if as it will fail if you try anyway) you get an indication of “Success.” I know, I know, you’ve been told that you didn’t have to do this kind of command line stuff any more… But really, you should – and if you don’t…
-
Configure The Mail Service In macOS Server 5.4
Mail is one of the hardest services to manage. Actually, mail is pretty simple in and of itself: there’s protocols people use to access their mail (such as IMAP and POP), protocols used to communicate between mail servers and send mail (SMTP, SMTPS) and then there’s a database of mail and user information. In macOS Server 5.4 for High Sierra, all of these are represented by a single ON button, so it really couldn’t be easier, once you can just enter email addresses into the Users section. But then there’s the ecoysystem and the evil spammers. They’re totally the worst. Like ever. As the former systems administrator of a large number…
-
Configure Xsan Clients Using macOS Server 5.4
Yosemite brought Xsan 4, which included a whole new way to add clients to an Xsan. Xsan Admin is gone, as of El Capitan, but unchanged from then to macOS Sierra (other than a couple of binaries moving around). These days, instead of scanning the network using Xsan Admin. we’ll be adding clients using a Configuration Profile. This is actually a much more similar process to adding Xsan clients to a StorNext environment than it is to adding clients to Metadata Controllers running Xsan 3 and below. But instead of making a fsnameservers file, we’re plugging that information into a profile, which will do that work on the client on our behalf.…
-
statshares in Server 5.4 for macOS High Sierra
The statshares option has an -m option to look at a mount path for showing the path to the mount (e.g. if the mount is called krypted this should be something like /Volumes/krypted): smbutil statshares -m /Volumes/krypted When run, you see a list of all the attributes OS X tracks for that mount path, including the name of the server, the user ID (octal), how SMB negotiated an authentication, what version of SMB is running (e.g. SMB_1), the type of share and whether signing, extended security, Unix and large files are supported. Additionally, if you’d like to see the attributes for all shares, use the -a option after statshares: smbutil…
-
Upgrade macOS Server
The latest version of macOS Server (5.4) is now available to be installed. To do so, first backup your server. Then, backup your server again, making sure you have a functional, bootable clone. Once you’re sure you have a solid backup of your server, open the App Store and search for Server. When you find the Server app, click on it. Once downloaded, you’ll be prompted that the Server app has been replaced.Go into Applications and open the Server app. When prompted, click on Install (or Open if the server is already installed). The download will begin. Once complete, you’ll see a notice that the “Server app replacement detected.” Click OK.…