macOS Server has long had a VPN service to allow client computers to connect to a network even when they’re out of the home or office. And as with many a service on macOS Server, this is one of the easiest VPN servers you’ll ever setup. The server was once capable of running the two most commonly used VPN protocols: PPTP and L2TP. And while PPTP is still accessible via the command line, L2TP is now configured by default when you setup the server using the Server app. Setting Up The VPN Service In macOS Server To setup the VPN service, open the Server app and click on VPN in…
-
-
Configure Xsan Clients Using macOS Server 5.4
Yosemite brought Xsan 4, which included a whole new way to add clients to an Xsan. Xsan Admin is gone, as of El Capitan, but unchanged from then to macOS Sierra (other than a couple of binaries moving around). These days, instead of scanning the network using Xsan Admin. we’ll be adding clients using a Configuration Profile. This is actually a much more similar process to adding Xsan clients to a StorNext environment than it is to adding clients to Metadata Controllers running Xsan 3 and below. But instead of making a fsnameservers file, we’re plugging that information into a profile, which will do that work on the client on our behalf.…
-
statshares in Server 5.4 for macOS High Sierra
The statshares option has an -m option to look at a mount path for showing the path to the mount (e.g. if the mount is called krypted this should be something like /Volumes/krypted): smbutil statshares -m /Volumes/krypted When run, you see a list of all the attributes OS X tracks for that mount path, including the name of the server, the user ID (octal), how SMB negotiated an authentication, what version of SMB is running (e.g. SMB_1), the type of share and whether signing, extended security, Unix and large files are supported. Additionally, if you’d like to see the attributes for all shares, use the -a option after statshares: smbutil…
-
Setup The Calendar Service In macOS Server 5.4 for High Sierra
Configuring Calendar Server in macOS Server 5.4 (running on High Sierra) is a fairly simple and straight forward process. The Calendar Server is a CalDAV Server, leveraging HTTP and HTTPS, running on ports 8008 and 8443 respectively. To enable the Calendar service in macOS Server 5.4, first open the Server application and click on Calendar in the SERVICES section of the sidebar. Once open, click on Enable invitations by email to enable email notifications of invitations in the Calendar Server. Provide the email address and then click on the Next button. At the Configure Server Email Address screen, provide the type of incoming mail service in use, provide the address of the mail…
-
Using The Messages Service In macOS Server 5.4 On High Sierra
Getting started with Messages Server couldn’t really be easier. Messages Server in the macOS Server 5.4 version of the Server app uses the open source jabber project as the back-end code base. The jabber binary is located at /Applications/Server.app/Contents/ServerRoot/private/var/jabberd directory and the autobuddy binary is at /Applications/Server.app/Contents/ServerRoot/usr/bin/jabber_autobuddy. The actual jabberd binary is also stored at /Applications/Server.app/Contents/ServerRoot/usr/libexec/jabberd, where there are a couple of perl scripts used to migrate the service between various versions as well. Setting up the Messages service is simple. Open the Server app and click on Messages in the Server app sidebar.  Click on the Edit… button for the Permissions. Here, define which users and interfaces are allowed to…
-
Use SSH, ARD, SNMP, And The Server App Remotely on Server 5.4
SSH allows administrators to connect to another computer using a secure shell, or command line environment. ARD (Apple Remote Desktop) allows screen sharing, remote scripts and other administrative goodness. You can also connect to a server using the Server app running on a client computer. To enable any or all of these, open the Server app (Server 5.4 for High Sierra), click on the name of the server, click the Settings tab and then click on the checkbox for what you’d like to enter. All of these can be enabled and managed from the command line as well. The traditional way to enable Apple Remote Desktop is using the kickstart…
-
Manage The Software Update Service In macOS Server 5.4
The software patching configuration built into most operating systems is configured so all that a user has to do is open a box at home, join the network and start using the computer right away. As environments grow from homes to small offices and then small offices grow into enterprises, at some point software updates and patches need to be managed centrally. macOS heavily leverages the App Store. This allows administrators to pretty much be hands off when it comes to managing updates. But some environments need to control the flow of updates anyway. Apple has had this ability since the early days of OS X and in macOS, you…
-
Use wfsctl to Manage WebDAV Shares in macOS 10.13 High Sierra
Apple has slowly been moving us away from the legacy afp file sharing protocol for some time. High Sierra (macOS 10.13) now comes with a new suite of tools to manage WebDAV shares. Most of these are configurable using wfsctl located at /usr/sbin/wfsctl. When run, the tool reports as “WebDAV File Sharing control utility.” To start the WebDAV service, use the start verb: wfsctl start At this point, the service will attempt to lookup the hostname of the server. If the hostname cannot be found (or once found does not match the expected results) then the service will not start. For more on why this might be happening, use the…
-
Before You Upgrade to macOS Server 5.4 on High Sierra (macOS 10.13)
The latest version of the Apple Server app is out (macOS Server 5.4), and before you upgrade, there are a few points to review: As always, make a clone of your computer before upgrading. During the upgrade to High Sierra, if the operating system is running on a solid state drive, the drive will automatically upgrade to APFS. You cannot share APFS volumes over AFP, so if you’re running file services, make sure you’re aware of that. You can choose not to upgrade to APFS using the command line to upgrade a server. Even though the file sharing services are not in the Server app, you can still configure ACLs…
-
Use Startup Profiles In macOS
Startup profiles configure profiles to install at the next boot, rather than immediately. Useful in a number of scenarios. Use the -s to define a startup profile and take note that if it fails, the profile will attempt to install at each subsequent reboot until installed. To use the command, simply add a -s then the -F for the profile and the -f to automatically confirm, as follows (and I like to throw in a -v usually for good measure): profiles -s -F /Profiles/SuperAwesome.mobileconfig -f -v And that’s it. Nice and easy and you now have profiles that only activate when a computer is started up.