Apple Xserve Up Mac OS X Server Spezifikationen

Mac OS X ServerCommand-Line AdministrationFor Version 10.5 Leopard

10 Contents187 Managing Mail Service187 Starting and Stopping Mail Service187 Checking the Status of Mail Service187 Viewing Mail Service Settings187

100 Chapter 8 Managing User and Group Accounts Administering and Creating User AccountsThis section describes how to administer user accounts stor

Chapter 8 Managing User and Group Accounts 101 To create a local administrator user with a specific UID:$ sudo /System/Library/ServerSetup/serverse

102 Chapter 8 Managing User and Group Accounts 3 Authenticate as an administrator by entering the following command, replacing adminusername with

Chapter 8 Managing User and Group Accounts 103 After you enter the command, the dscl tool displays a list of assigned user ID numbers, similar to t

104 Chapter 8 Managing User and Group Accounts 6 Specify the new user’s default UNIX shell:> create ajohnson UserShell /bin/bash7 Specify the u

Chapter 8 Managing User and Group Accounts 105 Replace username with the name of an administrator user on the remote server and replace server with

106 Chapter 8 Managing User and Group Accounts Removing a User AccountYou can remove a user account by using the dscl tool. This does not remove t

Chapter 8 Managing User and Group Accounts 107 To terminate a user’s processes:After disabling the user account, you need to kill the user’s active

108 Chapter 8 Managing User and Group Accounts To test a user’s password:$ sudo /System/Library/ServerSetup/serversetup -verifyNamePassword shortn

Chapter 8 Managing User and Group Accounts 109 To change a user account attribute to a new value:1 Start the dscl tool in interactive mode, specify

Contents 11222 Viewing DHCP Service Settings223 Changing DHCP Service Settings223 DHCP Service Settings224 DHCP Subnet Settings Array226 Adding a DHCP

110 Chapter 8 Managing User and Group Accounts For more information, see the createhomedir man page.In all cases, Home folders are created on the

Chapter 8 Managing User and Group Accounts 111 Creating a Group AccountYou can create a group account by using dscl and other tools. When you creat

112 Chapter 8 Managing User and Group Accounts 6 Review the settings of your group by entering the following command, replacing officegroup with t

Chapter 8 Managing User and Group Accounts 113 Adding a User to a GroupYou can add users to a group using the dscl tool.To add a user to a group:1

114 Chapter 8 Managing User and Group Accounts 6 Quit dscl by entering:> quitTo find the GUID of the administrator user admin on the local host

Chapter 8 Managing User and Group Accounts 115 5 Remove the user by entering the following command, replacing ajohnson with the short name of the u

116 Chapter 8 Managing User and Group Accounts To create a nested group:$ dseditgroup -o edit [-a childgroup] [-t group] [-u username] [-P passwor

Chapter 8 Managing User and Group Accounts 117 After a nested group is established, it can be unnested by using the dseditgroup tool with the -d op

118 Chapter 8 Managing User and Group Accounts Viewing the Workgroup a User Selects at Login When you define preferences for a group, it is known

Chapter 8 Managing User and Group Accounts 119 SyntaxThese command extensions have the following syntax:-mcxread recordPath [-v mcxVersion] [-o

12 Contents241 Viewing VPN Service Settings241 Changing VPN Service Settings242 Available VPN Service Settings245 Available VPN serveradmin Commands24

120 Chapter 8 Managing User and Group Accounts ExampleThe following command sets the autohide key in the com.apple.dock domain to a value of TRUE

Chapter 8 Managing User and Group Accounts 121 The following command causes the autohide Dock key to no longer be managed:$ dscl> cd /LDAPv3/127

122 Chapter 8 Managing User and Group Accounts ExamplesThe following example displays the managed preferences for Sam and stores the results in XM

Chapter 8 Managing User and Group Accounts 123 To import users and groups:1 Create a file containing the accounts to import, and place it in a loca

124 Chapter 8 Managing User and Group Accounts The first record in the file, the record description, describes the format of each account record i

Chapter 8 Managing User and Group Accounts 125 For group accounts, the list of attributes must include:Â RecordName (the group name)Â PrimaryGroupI

126 Chapter 8 Managing User and Group Accounts Note: In this example, the colon (:) is the field separator. Because there is a colon in the descr

Chapter 8 Managing User and Group Accounts 127 Exporting Users and GroupsTo export records from Open Directory use dsexport. The dsexport tool is i

128 Chapter 8 Managing User and Group Accounts Mac OS X provides distinct permissions for these types of users:Â The owner of the item, who is usu

Chapter 8 Managing User and Group Accounts 129 Â The following file (-) displays read, write, and executable permissions for owner (rwx), but only

Contents 13270 Starting and Stopping QTSS270 Viewing QTSS Status270 Viewing QTSS Settings271 Changing QTSS Settings271 Available QTSS Parameters274 Ma

130 Chapter 8 Managing User and Group Accounts Changing PermissionsTo change permissions for an item, use the chmod tool.$ chmod securitygroup cha

Chapter 8 Managing User and Group Accounts 131 Changing the GroupTo change the group of a file or folder, use the chgrp tool.$ chgrp groupname file

132 Chapter 8 Managing User and Group Accounts The computer uses a file called /etc/sudoers to determine which users have the authority to use the

Chapter 8 Managing User and Group Accounts 133 4 Restrict which administrators are allowed to run the sudo tool by removing the line that begins wi

134 Chapter 8 Managing User and Group Accounts Note: An Open Firmware password provides some protection, but it can be reset if a user has physic

Chapter 8 Managing User and Group Accounts 135 To change a user’s password:$ pwpolicy -n /LDAPv3/ipaddress -a adminusername -u usertochange -setpas

136 Chapter 8 Managing User and Group Accounts To set the password policy of a user to require that they change their password:$ pwpolicy -n /LDAP

9 1379 Working with File ServicesUse this chapter to learn the commands to create share points and manage file services.This chapter covers the c

138 Chapter 9 Working with File Services Listing Share PointsTo list share points:$ sudo sharing -lIn the resulting list is a section of propertie

Chapter 9 Working with File Services 139 To create a share point that uses AFP, FTP, and SMB:Enter the following command, replacing 100GB with the

14 Contents289 Applying a Quartz Composer Transition290 Applying a Quartz Composer Effect292 Shared File System Uploading Mechanisms292 Copy Upload293

140 Chapter 9 Working with File Services Modifying a Share PointTo change share point settings:$ sudo sharing -e sharepointname [-n customname] [-

Chapter 9 Working with File Services 141 To set the grace period for enforcing disk quotas for groups:$ sudo edquota -t -gFor a group, you specify

142 Chapter 9 Working with File Services Changing AFP SettingsYou can change AFP service settings using the serveradmin tool.To change a setting:$

Chapter 9 Working with File Services 143 allowRootLogin Allow user to log in as root.Default = noattemptAdminAuthAllow administrator user to masque

144 Chapter 9 Working with File Services idleDisconnectTime Idle time (in minutes) allowed before disconnect.Default = 10kerberosPrincipalKerberos

Chapter 9 Working with File Services 145 Available AFP serveradmin CommandsIn addition to the standard start, stop, status, and settings commands,

146 Chapter 9 Working with File Services Viewing Connected UsersTo retrieve information about connected AFP users, use the getConnectedUsers comma

Chapter 9 Working with File Services 147 Sending a Message to AFP UsersTo send a text message to connected AFP users, use the sendMessage command w

148 Chapter 9 Working with File Services The computer responds with the following output:afp:command = "disconnectUsers"afp:messageSent

Chapter 9 Working with File Services 149 The computer responds with the following output:afp:command = "cancelDisconnect"afp:timeStamp =

15PrefaceAbout This GuideThis guide describes Mac OS X Server command-line tools and commands, including the syntax, purpose, and parameters, an

150 Chapter 9 Working with File Services Viewing AFP Service StatisticsTo view a log of periodic samples of the number of connections and the data

Chapter 9 Working with File Services 151 Managing NFS ServiceNFS is a file service used to provide file sharing to UNIX and Linux systems. With NFS

152 Chapter 9 Working with File Services Managing FTP ServiceMac OS X Server features a robust FTP file service for Internet file sharing from any

Chapter 9 Working with File Services 153 Changing FTP Service SettingsTo change FTP service settings, use the serveradmin tool.To change a setting:

154 Chapter 9 Working with File Services bannerMessage Displays a banner message that appears when you are prompted to log in to FTP. Customize to

Chapter 9 Working with File Services 155 Available FTP serveradmin CommandsTo manage FTP service, use the following commands with serveradmin. For

156 Chapter 9 Working with File Services Managing SMB ServiceMac OS X Server includes Samba 3, a popular open-source project that delivers high-pe

Chapter 9 Working with File Services 157 Changing SMB Service SettingsYou can change SMB service settings using the serveradmin tool.To change a se

158 Chapter 9 Working with File Services domain master Whether the server is providing Windows domain master browser service. Can be set to:yes |

Chapter 9 Working with File Services 159 Available SMB serveradmin CommandsTo manage SMB service, use the following commands with the serveradmin t

16 Preface About This Guide Using This GuideThis guide describes commands that perform functions used to configure and manage Mac OS X computers.

160 Chapter 9 Working with File Services Viewing SMB User InformationTo retrieve information about connected SMB users, use the serveradmin getCon

Chapter 9 Working with File Services 161 Disconnecting SMB UsersTo disconnect SMB users, use the serveradmin disconnectUsers command. Users are spe

162 Chapter 9 Working with File Services Updating Share Point InformationAfter you make a change to an SMB share point using the sharing tool, you

Chapter 9 Working with File Services 163 Using chmod to Modify ACLsUsing chmod, you can add and delete ACEs for a file or a folder. The following p

164 Chapter 9 Working with File Services The output should look like the following: -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1owner: juser0:

Chapter 9 Working with File Services 165 The output is similar to the following:ProcessVolume: processing /Access control lists are supported on /.

166 Chapter 9 Working with File Services

10 16710 Working with the Print ServiceUse this chapter to learn the commands to configure and manage the Print service.This chapter covers the c

168 Chapter 10 Working with the Print Service CUPS has its own URL, 127.0.0.1:631, which you can access with a web browser. The URL is independent

Chapter 10 Working with the Print Service 169 Performing Print Service TasksTo perform print service tasks, use the serveradmin tool and commands t

Preface About This Guide 17 Parameters You Must Enter as ShownIf you must enter a parameter as shown, it appears following the command in the same

170 Chapter 10 Working with the Print Service To change several settings:$ sudo serveradmin settingsprint:setting = valueprint:setting = valueprin

Chapter 10 Working with the Print Service 171 Queue Data ArrayPrint service settings include an array of values for each print queue. The array is

172 Chapter 10 Working with the Print Service The following is an example of a queue array parameter block:print:queuesArray:_array_id:my_printer:

Chapter 10 Working with the Print Service 173 Listing QueuesTo list print service queues, use the serveradmin getQueues command.$ sudo serveradmin

174 Chapter 10 Working with the Print Service For each job, the command lists: Document name Document size Job ID Submitting user Submitting

Chapter 10 Working with the Print Service 175 Viewing Print Service Log Files and Log PathsTo view the contents of the Print service logs and to vi

176 Chapter 10 Working with the Print Service

11 17711 Working with NetBoot Service and System ImagesUse this chapter to learn the commands to configure and manage NetBoot Service and system

178 Chapter 11 Working with NetBoot Service and System Images Viewing NetBoot Service StatusTo see if the service is running:$ sudo serveradmin st

Chapter 11 Working with NetBoot Service and System Images 179 The Storage Record ArrayA volume parameter array.netBootFiltersRecordsArray... An arr

18 Preface About This Guide Mac OS X Server Administration GuidesGetting Started covers installation and setup for standard and workgroup configur

180 Chapter 11 Working with NetBoot Service and System Images The Filters Record ArrayAn array of the following values appears in NetBoot service

Chapter 11 Working with NetBoot Service and System Images 181 The Port Record ArrayAn array of the following items is included in the NetBoot servi

182 Chapter 11 Working with NetBoot Service and System Images Working with System ImagesA boot image is a file that acts like a mountable disk or

Chapter 11 Working with NetBoot Service and System Images 183 Using hdiutil with System ImagesTo manipulate disk images, use the hdiutil tool. You

184 Chapter 11 Working with NetBoot Service and System Images Imaging Multiple Clients Using Multicast asrYou can enable a multicast image server

12 18512 Managing Mail ServiceUse this chapter to learn the commands to manage Mail service.Mac OS X Server provides a full complement of tools f

186 Chapter 12 Managing Mail Service If you make a manual change to the configuration file of Postfix, Server Admin overwrites your changes the ne

Chapter 12 Managing Mail Service 187 Managing Mail ServiceMac OS X Server ships with powerful tools to help you administer Mail service. The follow

188 Chapter 12 Managing Mail Service Mail Service SettingsUse the following parameters with the serveradmin tool to change settings for Mail servi

Chapter 12 Managing Mail Service 189 postfix:lmtp_sasl_password_maps Default = nopostfix:smtp_sasl_password_mapsDefault = nopostfix:qmgr_clog_warn_

Preface About This Guide 19 Viewing PDF Guides OnscreenWhile reading the PDF version of a guide onscreen:Â Show bookmarks to see the guide’s outlin

190 Chapter 12 Managing Mail Service postfix:lmtp_connect_timeout Default = "0s"postfix:strict_7bit_headersDefault = nopostfix:unknown_h

Chapter 12 Managing Mail Service 191 postfix:mail_spool_directory Default = "/var/mail"postfix:mailbox_delivery_lockDefault = "flock

192 Chapter 12 Managing Mail Service postfix:trigger_timeout Default = "10s"postfix:newaliases_pathDefault = "/usr/bin/newaliases&q

Chapter 12 Managing Mail Service 193 postfix:fallback_transport Default = 0postfix:owner_request_specialDefault = yespostfix:default_transportDefau

194 Chapter 12 Managing Mail Service postfix:debug_peer_level Default = 2postfix:in_flow_delayDefault = "1s"postfix:smtpd_junk_command_l

Chapter 12 Managing Mail Service 195 postfix:myhostname Default = "<hostname>"postfix:default_minimum_delivery_slotsDefault = 3post

196 Chapter 12 Managing Mail Service postfix:strict_8bitmime Default = nopostfix:virtual_transportDefault = "virtual"postfix:berkeley_db

Chapter 12 Managing Mail Service 197 postfix:bounce_notice_recipient Default = "postmaster"postfix:smtp_connect_timeoutDefault = "30

198 Chapter 12 Managing Mail Service imap:pop_auth_clear Default = noimap:imapidresponseDefault = yesimap:sasl_auto_transitionDefault = noimap:mup

Chapter 12 Managing Mail Service 199 imap:autocreatequota Default = 0imap:allowanonymousloginDefault = noimap:pop_auth_apopDefault = yesimap:partit

 Apple Inc.© 2007 Apple Inc. All rights reserved. The owner or authorized user of a valid copy of Mac OS X Server software may reproduce this public

20 Preface About This Guide Getting Documentation UpdatesPeriodically, Apple posts revised help pages and new editions of guides. Some revised hel

200 Chapter 12 Managing Mail Service Mail serveradmin CommandsYou can use the following commands with the serveradmin tool to manage Mail service.

Chapter 12 Managing Mail Service 201 mail:samplesArray:_array_index:i:vn = <sample>mail:samplesArray:_array_index:i:t = <time>mail:v1Le

202 Chapter 12 Managing Mail Service Backing Up Mail FilesWhen talking about mail-related backup, IMAP mailboxes are the first thing that come to

Chapter 12 Managing Mail Service 203 Â Postfix configuration file (/etc/postfix/main.cf)The largest database is the mailbox folders database. Each

204 Chapter 12 Managing Mail Service 4 When “Enter key and certificate label:” appears in the Terminal window, enter a one-word key, a blank space

Chapter 12 Managing Mail Service 205 11 Enter a phrase or random text, and then press Return. The following output appears.For Common Name, enter t

206 Chapter 12 Managing Mail Service Importing an SSL Certificate into the KeychainTo import an SSL certificate into a keychain, use the certtool

Chapter 12 Managing Mail Service 207 To create a password file:1 Log in to the server as root.2 In TextEdit, create a file and enter the password a

208 Chapter 12 Managing Mail Service Things to note:Â cyradm is a limited shell. It supports shell-style redirection, but does not understand pipe

Chapter 12 Managing Mail Service 209 Sample Sieve ScriptsThe following scripts are examples of common scripts a user might want to use.Vacation Not

1 211 Executing CommandsUse this chapter to learn how to execute commands and to view online information about commands and tools.A command-line

210 Chapter 12 Managing Mail Service # If it's from my mom...if header ["From"] :contains ["Mom"]{# send it to my home em

13 21113 Configuring and Managing Web TechnologiesUse this chapter to learn the commands to configure and manage Web service and the web componen

212 Chapter 13 Configuring and Managing Web Technologies Apache 2.0 files are in the /etc/apache2/ folder.The main configuration file for the Apac

Chapter 13 Configuring and Managing Web Technologies 213 To view a group of settings:You can view a group of settings that have part of their names

214 Chapter 13 Configuring and Managing Web Technologies To change several settings:$ sudo serveradmin settingsweb:setting = valueweb:setting = va

Chapter 13 Configuring and Managing Web Technologies 215 To view samples:$ sudo serveradmin commandweb:command = getHistoryweb:variant = statisticw

216 Chapter 13 Configuring and Managing Web Technologies Example Script for Adding a WebsiteThe following script shows how you can use serveradmin

Chapter 13 Configuring and Managing Web Technologies 217 web:Sites:_array_id:_ipaddr\:_port__servername:ErrorDocument:_array_index:0:StatusCode = 4

218 Chapter 13 Configuring and Managing Web Technologies Apache TomcatMac OS X Server comes with Apache Tomcat, the open source servlet container

Chapter 13 Configuring and Managing Web Technologies 219 To set/change the root password: $ sudo /usr/sbin/serveradmin stop mysql $ sudo /usr/sbin/

22 Chapter 1 Executing Commands Terminal presents a prompt when it is ready to accept a command. The prompt you see depends on your Terminal and s

220 Chapter 13 Configuring and Managing Web Technologies

14 22114 Configuring and Managing Network ServicesUse this chapter to learn the commands to configure and manage DHCP, DNS, Firewall, NAT, and VP

222 Chapter 14 Configuring and Managing Network Services xinetd uses a different configuration file for each service it provides. In the /etc/xine

Chapter 14 Configuring and Managing Network Services 223 Changing DHCP Service SettingsTo change a DHCP setting:$ sudo serveradmin settings dhcp:se

224 Chapter 14 Configuring and Managing Network Services DHCP Subnet Settings ArrayAn array of settings listed in the following table is included

Chapter 14 Configuring and Managing Network Services 225 net_mask The subnet mask for the subnet.Corresponds to the Subnet Mask field in the Genera

226 Chapter 14 Configuring and Managing Network Services Adding a DHCP SubnetTo add other subnets to your DHCP configuration, use the serveradmin

Chapter 14 Configuring and Managing Network Services 227 Adding a DHCP Static MapTo add a static map to the DHCP configuration, use the serveradmin

228 Chapter 14 Configuring and Managing Network Services Viewing the Location of the DHCP Service LogTo view the location of the DHCP service log,

Chapter 14 Configuring and Managing Network Services 229 Viewing DNS Service SettingsTo view a setting:$ sudo serveradmin settings dns:settingTo vi

Chapter 1 Executing Commands 23 Standard PipesMany commands can receive text input from the user and print text to the console. They do so using st

230 Chapter 14 Configuring and Managing Network Services Viewing DNS Service StatisticsTo view a summary of the DNS service workload, use the serv

Chapter 14 Configuring and Managing Network Services 231 This change takes place immediately, but is not persistent if you reboot the computer. To

232 Chapter 14 Configuring and Managing Network Services Checking the Status of Firewall ServiceTo see summary status of the service:$ sudo server

Chapter 14 Configuring and Managing Network Services 233 Using ipfilter Groups with the Rules ArrayAn array of the following settings is included i

234 Chapter 14 Configuring and Managing Network Services Packets are passed to ipfw from a number of places in the protocol stack. (Depending on t

Chapter 14 Configuring and Managing Network Services 235 #add 01010 deny all from any to 127.0.0.0/8#add 01020 deny ip from 224.0.0.0/4 to any in#a

236 Chapter 14 Configuring and Managing Network Services An example of this is the following:$ sudo serveradmin settingsipfilter:rules:_array_id:1

Chapter 14 Configuring and Managing Network Services 237 Viewing the Firewall Service Log and Log PathTo view the contents of the ipfilter service

238 Chapter 14 Configuring and Managing Network Services Viewing the Status of NAT ServiceTo see a summary status of the service:$ sudo serveradmi

Chapter 14 Configuring and Managing Network Services 239 NAT serveradmin CommandsTo manage NAT service, use the following commands with the servera

24 Chapter 1 Executing Commands Using Environment VariablesSome commands require the use of environment variables for their execution. Environment

240 Chapter 14 Configuring and Managing Network Services <dict><key>proto</key><string>tcp</string><key>target

Chapter 14 Configuring and Managing Network Services 241 VPNs allow users at home or away from the LAN to securely connect to it using any network

242 Chapter 14 Configuring and Managing Network Services Available VPN Service SettingsTo change settings for VPN service, use the following param

Chapter 14 Configuring and Managing Network Services 243 com.<name>.ppp.l2tp:Interface:TypeDefault = "PPP"com.<name>.ppp.l2tp

244 Chapter 14 Configuring and Managing Network Services com.<name>.ppp.pptp:DNS:OfferedSearchDomainsDefault = _empty_arraycom.<name>.

Chapter 14 Configuring and Managing Network Services 245 Available VPN serveradmin CommandsTo manage VPN service, use the following commands with t

246 Chapter 14 Configuring and Managing Network Services The s2svpnadmin tool can: List configured site-to-site VPN servers Display their config

Chapter 14 Configuring and Managing Network Services 247 Adding a VPN Keyagent UserTo enable PPTP in your VPN server, add a keyagent user in the LD

248 Chapter 14 Configuring and Managing Network Services Hardware RequirementsIP failover requires the following hardware setup:Â Primary serverÂ

Chapter 14 Configuring and Managing Network Services 249 3 Disconnect the primary server from the public and private networks.4 On the secondary se

Chapter 1 Executing Commands 25 Executing Commands and Running ToolsTo execute a command in the shell, enter the complete pathname of the tool’s ex

250 Chapter 14 Configuring and Managing Network Services You run the Test script to determine whether the IP address should be acquired and to det

Chapter 14 Configuring and Managing Network Services 251 PostAcq10.StartTimerPostAcq20.StartApache<Primary server returns to service>PreRel10

252 Chapter 14 Configuring and Managing Network Services 3 Recreate the two default records:$ sudo dscl . -create /machines/localhost$ sudo dscl .

15 25315 Configuring and Managing Open DirectoryUse this chapter to learn the commands to configure and manage the Open Directory service.This ch

254 Chapter 15 Configuring and Managing Open Directory Using General Directory ToolsThis section describes how to test Open Directory configuratio

Chapter 15 Configuring and Managing Open Directory 255 Managing OpenLDAPTo provide directory services for mixed-platform environments, Open Directo

256 Chapter 15 Configuring and Managing Open Directory An example value for rootdn is uid=root,cn=users,dc=example,dc=com.An administrator can edi

Chapter 15 Configuring and Managing Open Directory 257 Idle Rebinding OptionsThe following LDAPv3 plug-in parameters are documented in Open Directo

258 Chapter 15 Configuring and Managing Open Directory ldapsearch can also be used for debugging issues with LDAP, independent of the directory se

Chapter 15 Configuring and Managing Open Directory 259 ibm-ldapservicename: tr17n01.aset.psu.eduibm-serverId: 0f876740-64d2-102b-8f0b-8ab9d7eaa702i

26 Chapter 1 Executing Commands Correcting Typing ErrorsYou can use the Left and Right Arrow keys to correct typing errors before you press Return

260 Chapter 15 Configuring and Managing Open Directory uid: ajohnsoncn: Anne JohnsonUsing LDIF FilesLightweight Directory Interchange Format (LDIF

Chapter 15 Configuring and Managing Open Directory 261 Managing Open Directory PasswordsWhen a user’s account has a password type of Open Directory

262 Chapter 15 Configuring and Managing Open Directory The following tools are available for setting up your Kerberos and Apple single sign-on env

Chapter 15 Configuring and Managing Open Directory 263 The principal.kadm5 database is the kadmind process’ policy database. It is located in /var/

264 Chapter 15 Configuring and Managing Open Directory Often the server administrator can assume that its server’s principal name is serviceType/f

Chapter 15 Configuring and Managing Open Directory 265 Manipulating a Single Named Group RecordUse dseditgroup to manipulate a single named group r

266 Chapter 15 Configuring and Managing Open Directory Configuring the Active Directory Plug-InUse dsconfigad to configure the Active Directory pl

Chapter 15 Configuring and Managing Open Directory 267 To start the RADIUS server:$ sudo radiusconfig -startTo stop the RADIUS server:$ sudo radius

268 Chapter 15 Configuring and Managing Open Directory To assign an access control group to a client of the RADIUS service:$ sudo radiusconfig -se

16 26916 Configuring and Managing QuickTime Streaming ServerUse this chapter to learn the commands to configure and manage the QuickTime Streamin

Chapter 1 Executing Commands 27 The sudo command gives root user privileges to users specified in the sudoers file. If you’re logged in as an admin

270 Chapter 16 Configuring and Managing QuickTime Streaming Server Performing QTSS TasksTo start QTSS, use the serveradmin or quicktimestreamingse

Chapter 16 Configuring and Managing QuickTime Streaming Server 271 Changing QTSS SettingsYou can change QTSS settings by using the serveradmin tool

272 Chapter 16 Configuring and Managing QuickTime Streaming Server modules:_array_id:QTSSAccessLogModule:request_logfile_nameDefault = "Strea

Chapter 16 Configuring and Managing QuickTime Streaming Server 273 modules:_array_id:QTSSMP3StreamingModule:mp3_request_logfile_dirDefault = "

274 Chapter 16 Configuring and Managing QuickTime Streaming Server Managing QTSSTo manage QTSS, use the following commands with the serveradmin to

Chapter 16 Configuring and Managing QuickTime Streaming Server 275 Viewing QTSS ConnectionsTo retrieve information about QTSS connections, use the

276 Chapter 16 Configuring and Managing QuickTime Streaming Server Viewing Service Logs and Log PathsTo view the contents of the QTSS logs, use ta

Chapter 16 Configuring and Managing QuickTime Streaming Server 277 3 Send a HUP signal to one of the two process IDs (PIDs) for QuickTimeStreamingS

278 Chapter 16 Configuring and Managing QuickTime Streaming Server To reset the broadcaster user name and password:1 Log in to the server computer

Chapter 16 Configuring and Managing QuickTime Streaming Server 279 To set up Open-Directory-based user access control:1 Create user accounts and pa

28 Chapter 1 Executing Commands When commands execute, output is mailed to the owner of the crontab file or to the user named in the MAILTO enviro

280 Chapter 16 Configuring and Managing QuickTime Streaming Server The following is a description of the parameters in the qtaccess file:You can a

Chapter 16 Configuring and Managing QuickTime Streaming Server 281 Adding User Accounts and PasswordsYou can add a user account and password if you

282 Chapter 16 Configuring and Managing QuickTime Streaming Server Creating Reference MoviesTo create reference movies that can be used to embed Q

17 28317 Configuring the Podcast Producer ServiceUse this chapter to learn how to control and manage Podcast Capture and the Podcast Producer ser

284 Chapter 17 Configuring the Podcast Producer Service You can submit multiple files and specify metadata (submission description) and upload buf

Chapter 17 Configuring the Podcast Producer Service 285 Binding and Unbinding CamerasTo bind a camera to the Podcast Producer server:$ sudo podcast

286 Chapter 17 Configuring the Podcast Producer Service To resume video capture on a camera:$ podcast --resume camera_nameConfiguring Podcast Prod

Chapter 17 Configuring the Podcast Producer Service 287 Configuring PropertiesTo add a custom property:$ sudo pcastconfig --add_property p_name --v

288 Chapter 17 Configuring the Podcast Producer Service Launching Podcast Producer Server Upon System StartupTo edit the launchd configuration to

Chapter 17 Configuring the Podcast Producer Service 289 For more information about pcastaction and its commands, see its man page. You can also vie

Chapter 1 Executing Commands 29 Viewing Command InformationMost command-line documentation comes in the form of man pages. These formatted pages pr

290 Chapter 17 Configuring the Podcast Producer Service Note: Enclose the repository identifier in double quotes ("/copy machine") or e

Chapter 17 Configuring the Podcast Producer Service 291 Compound Eye "/compound eye"Concert "/concert"Crystallize "/crysta

292 Chapter 17 Configuring the Podcast Producer Service Shared File System Uploading MechanismsPodcast Producer provides the following mechanisms

Chapter 17 Configuring the Podcast Producer Service 293 FTP UploadPodcast Producer uses the ftp_upload_url mechanism as a last resort because it is

294 Chapter 17 Configuring the Podcast Producer Service

18 29518 Configuring and Managing iCal Service and iChat ServiceUse this chapter to learn the commands to configure and administer iCal and iChat

296 Chapter 18 Configuring and Managing iCal Service and iChat Service To modify service settings:1 Open the iCal service configuration file (cald

19 29719 Configuring and Managing System LoggingUse this chapter to learn the commands to configure and manage system logging.Logging System Even

298 Chapter 19 Configuring and Managing System Logging The following example specifies that for any log messages in the category mail, with a prio

Chapter 19 Configuring and Managing System Logging 299 Remote LoggingUsing remote logging in addition to local logging is strongly recommended for

3 1 Contents Preface 15 About This Guide16 Using This Guide 16 Understanding Notation Conventions 16 Summary 16 Commands and Other Terminal Te

30 Chapter 1 Executing Commands To access command help:m Enter the command followed by the -help, -h, --help, or help parameter:$ hdiutil help$ di

300 Chapter 19 Configuring and Managing System Logging Configuring Mac OS X Server to act as a remote log server involves changing syslogd command

301AppendixPCI RAID Card Command ReferenceUse this appendix to learn the megaraid commands to manage a PCI RAID card.The megaraid tool uses are

302 Appendix PCI RAID Card Command Reference megaraid -create R0 | R1 | R5 -drive {0 1 2 3} [-stripesize n] [-size x] [-writecache enable | disabl

Appendix PCI RAID Card Command Reference 303 Note: For more information, see the megaraid man page. You can also use megaraid commands with a [-l

304 Appendix PCI RAID Card Command Reference

305GlossaryGlossaryThis glossary defines terms and spells out abbreviations you may encounter while working with online help or the various refe

306 Glossary boot ROM Low-level instructions used by a computer in the first stages of starting up.BootP An older method of allocating IP addresses

Glossary 307 computer name The default name used for SLP and SMB service registrations. The Network Browser in the Finder uses SLP to find computers

308 Glossary DNS Domain Name System. A distributed database that maps IP addresses to domain names. A DNS server, also known as a name server, keeps

Glossary 309 FTP File Transfer Protocol. A protocol that allows computers to transfer files over a network. FTP clients using any operating system th

2 312 Connecting to Remote ComputersUse this chapter to learn the commands to connect to remote computers.Connecting to remote computers helps yo

310 Glossary ICMP Internet Control Message Protocol. A message control and error-reporting protocol used between host servers and gateways. For examp

Glossary 311 Kerberos A secure network authentication system. Kerberos uses tickets, which are issued for a specific user, service, and period of tim

312 Glossary log in (verb) To start a session with a computer (often by authenticating as a user with an account on the computer) in order to obtain

Glossary 313 NetBIOS Network Basic Input/Output System. A program that allows applications on different computers to communicate within a local area

314 Glossary password policy A set of rules that regulate the composition and validity of a user’s password.Password Server See Open Directory Passw

Glossary 315 PPD file Postscript Printer Description file. A file that contains information about the capabilities of a particular printer model. The

316 Glossary QTSS QuickTime Streaming Server. A technology that lets you deliver media over the Internet in real time.queue An orderly waiting area

Glossary 317 RAID level A storage allocation scheme used for storing data on a RAID array. Specified by a number, as in RAID 3 or RAID 0+1.RAID set

318 Glossary session The period of time during which two programs, or two users running programs, communicate across a network. For example, when a u

Glossary 319 spam Unsolicited email; junk mail.SSL Secure Sockets Layer. An Internet protocol that allows you to send encrypted, authenticated infor

32 Chapter 2 Connecting to Remote Computers The following are SSH tools:  sshd—Daemon that acts as a server to all other commands ssh—Primary us

320 Glossary URL Uniform Resource Locator. The address of a computer, file, or resource that can be accessed on a local network or the Internet. The

321IndexIndexAab tool 217accessACLs 162, 163, 164Podcast properties 287QTSS 278, 279, 280, 281SSH service 35Telnet 36user 106See also ACL

322 Index installing server software 41, 42storage location 100See also remote computersconfigd daemon 82configurationautomatic 42, 43customizing

Index 323 Eemail. See Mail serviceencryption 31, 33, 34, 35, 45, 63energy saver settings 61environment variables 24env tool 24Ethernet 66, 72, 73

324 Index software updates 52installer tool 39, 182instant messaging. See iChat serviceInternet Printing Protocol. See IPPIP addresseschanging 68fo

Index 325 logs 201mailbox configuration 207Mailman 186managing 187overview 185Postfix 185settings 187, 188Sieve scripting 208, 210SSL 203, 20

326 Index overview 253passwords 261service tools 264, 265settings 254testing configuration 254testing plug-ins 254tools 254See also Active Dire

Index 327 settings 270, 271starting 270statistics 275status checking 270stopping 270quotas, disk 140Rracoon daemon 245RADIUS (Remote Authentica

328 Index Sieve scripting 208, 209, 210Simple Authentication and Security Layer. See SASLSimple Mail Transfer Protocol. See SMTPSimple Network Manage

Index 329 administrator 101, 102authentication 33creating 100, 102, 105introduction 99managing 99modifying 108QTSS 281removing 106user informa

Chapter 2 Connecting to Remote Computers 33 To generate the identity key pair:1 Enter the following command on the local computer: $ ssh-keygen -t

34 Chapter 2 Connecting to Remote Computers Be sure this is the correct key before accepting it. If possible, provide users with the encryption ke

Chapter 2 Connecting to Remote Computers 35 Important: Removing an entry from the known_hosts file bypasses a security mechanism that would help y

36 Chapter 2 Connecting to Remote Computers 5 To send a command to the remote computer, enter the command.6 To close a remote connection, enter lo

Chapter 2 Connecting to Remote Computers 37 You may see a series of messages on the screen, followed by the remote computer’s prompt. You are now l

38 Chapter 2 Connecting to Remote Computers

3 393 Installing Server Software and Finishing Basic SetupUse this chapter to learn the commands to install, set up, and update Mac OS X Server s

4 Contents Chapter 2 31 Connecting to Remote Computers31 Understanding SSH 31 How SSH Works 32 Generating Key Pairs for Key-Based SSH Connections 33

40 Chapter 3 Installing Server Software and Finishing Basic Setup To use the installer to install Mac OS X Server software:1 Start the target comp

Chapter 3 Installing Server Software and Finishing Basic Setup 41 Locating Computers for InstallationIf you are installing software on a remote com

42 Chapter 3 Installing Server Software and Finishing Basic Setup Preparing the Target Volume for a Clean InstallationIf the target volume has Mac

Chapter 3 Installing Server Software and Finishing Basic Setup 43 Servers that have had Mac OS X Server v10.5 installed automatically detect the pr

44 Chapter 3 Installing Server Software and Finishing Basic Setup  partial-DNS-name-of-server.plist—for example, myserver.plist built-in-hardwar

Chapter 3 Installing Server Software and Finishing Basic Setup 45 Working with an Encrypted Configuration FileIf the setup data in the configuratio

46 Chapter 3 Installing Server Software and Finishing Basic Setup The following sample configuration file shows the basic structure and contents o

Chapter 3 Installing Server Software and Finishing Basic Setup 47 <string>workgroup</string></dict><key>HostName</key>

48 Chapter 3 Installing Server Software and Finishing Basic Setup </dict></dict></array><key>PrimaryLanguage</key>&l

Chapter 3 Installing Server Software and Finishing Basic Setup 49 Configuring the Server Remotely from the Command LineIt’s possible to configure t

Contents 5 59 Viewing or Changing the Date and Time 60 Viewing or Changing the System Date 60 Viewing or Changing the System Time 60 Viewing or Chang

50 Chapter 3 Installing Server Software and Finishing Basic Setup Using the serveradmin ToolYou use the serveradmin tool to administer service-rel

Chapter 3 Installing Server Software and Finishing Basic Setup 51 Â servermgrd checks the validity of the SSL certificate if the “Require valid dig

52 Chapter 3 Installing Server Software and Finishing Basic Setup Serial numbers generated for the server can be generated with watermarks so they

Chapter 3 Installing Server Software and Finishing Basic Setup 53 Moving a ServerBefore setting a server up for the first time, try to place it in

54 Chapter 3 Installing Server Software and Finishing Basic Setup

4 554 Restarting or Shutting Down a ComputerUse this chapter to learn the commands to shut down or restart a local or remote computer.This chapte

56 Chapter 4 Restarting or Shutting Down a Computer Changing a Remote Computer’s Startup DiskYou can change a remote computer’s startup disk using

Chapter 4 Restarting or Shutting Down a Computer 57 Manipulating Open Firmware NVRAM VariablesTo manipulate Open Firmware NVRAM variables, use the

58 Chapter 4 Restarting or Shutting Down a Computer

5 595 Setting General System PreferencesUse this chapter to learn the commands to set system preferences.You can use Mac OS X Server to manage th

6 Contents 78 Viewing or Changing Web Proxy Settings 78 Viewing or Changing Secure Web Proxy Settings 79 Viewing or Changing Streaming Proxy Settings

60 Chapter 5 Setting General System Preferences Viewing or Changing the System DateTo view the system date$ sudo systemsetup -getdateor$ serverset

Chapter 5 Setting General System Preferences 61 Viewing or Changing Network Time Server UsageTo see if a network time server is being used:$ sudo s

62 Chapter 5 Setting General System Preferences To set how long the system waits to restart after a power failure:$ sudo systemsetup -setwaitforst

Chapter 5 Setting General System Preferences 63 Viewing or Changing Startup Disk SettingsTo view or change a computer’s startup disk, use the syste

64 Chapter 5 Setting General System Preferences Viewing or Changing Language and Keyboard SettingsTo view or change language settings, use the ser

6 656 Setting Network PreferencesUse this chapter to learn the commands to change network settings on a server.Mac OS X Server provides command-l

66 Chapter 6 Setting Network Preferences Viewing Port Names and Hardware AddressesTo list all port names with their Ethernet (MAC) addresses:$ sud

Chapter 6 Setting Network Preferences 67 Managing Network Port ConfigurationsNetwork port configurations are sets of network preferences that can b

68 Chapter 6 Setting Network Preferences Changing a Server’s IP AddressThe server’s setup must reflect the network settings of the server’s primar

Chapter 6 Setting Network Preferences 69 To change a server’s IP address:1 Run the changeip tool:$ sudo changeip [(directory|-)] old-ip new-ip [old

Contents 7100 Creating a Local Administrator User Account for a Server101 Creating a Domain Administrator User Account102 Verifying a User’s Administr

70 Chapter 6 Setting Network Preferences For example, for built-in Ethernet, the computer responds with the following output:$ networksetup -getin

Chapter 6 Setting Network Preferences 71 To change DNS servers for a port or device:$ sudo serversetup -setDNSServer (devicename|"portname&quo

72 Chapter 6 Setting Network Preferences Statically Configuring Ethernet InterfacesYou can configure your server to define an IPv4 address on an i

Chapter 6 Setting Network Preferences 73 To list devices that support VLANs: $ networksetup -listdevicesthatsupportVLANIEEE 802.3ad Ethernet Link A

74 Chapter 6 Setting Network Preferences To remove an Ethernet interface from a bond virtual device (pseudo device):$ ifconfig bond_interface_name

Chapter 6 Setting Network Preferences 75 To enable AppleTalk on en0:$ serversetup -EnableDefaultATTo disable AppleTalk on en0:$ serversetup -Disabl

76 Chapter 6 Setting Network Preferences Starting SNMPYou can start SNMP in one of the following ways: Using Server Admin Using the launchctl co

Chapter 6 Setting Network Preferences 77 Collecting SNMP Information from the HostTo get the SNMP information you just added, enter this command fr

78 Chapter 6 Setting Network Preferences To view the system uptime:$ snmpget -c community_string localhost system.sysUptime.0SNMPv2-MIB::sysUpTime

Chapter 6 Setting Network Preferences 79 To enable or disable the secure web proxy for a configuration:$ sudo networksetup -setsecurewebproxystate

8 Contents140 Modifying a Share Point140 Disabling a Share Point140 Setting Disk Quotas141 Managing AFP Service141 Starting and Stopping AFP Service14

80 Chapter 6 Setting Network Preferences Managing AirPort SettingsAirPort uses wireless local area network (WLAN) technology to provide wireless c

Chapter 6 Setting Network Preferences 81 HostnameThe host name is a unique name that corresponds to a unique hardware MAC address. It is the name t

82 Chapter 6 Setting Network Preferences Managing Preference Files and the Configuration DaemonThe sets of configuration information a user create

Chapter 6 Setting Network Preferences 83 You can also manage system configuration parameters scutil using the --get and --set options. These provid

84 Chapter 6 Setting Network Preferences

7 857 Working with Disks and VolumesUse this chapter to learn the commands to initialize and test disks and volumes.This chapter covers the comma

86 Chapter 7 Working with Disks and Volumes Mounting VolumesYou can use the mount tool with parameters appropriate to the type of file system you

Chapter 7 Working with Disks and Volumes 87 To view disk information:$ dfThe computer responds with output similar to the following:Filesystem

88 Chapter 7 Working with Disks and Volumes The configuration file is /etc/diskspacemonitor/diskspacemonitor.conf. You can specify how often you w

Chapter 7 Working with Disks and Volumes 89 These scripts reclaim space used by log files generated by the following services:Â Apple file service

Contents 9162 Managing ACLs163 Using chmod to Modify ACLs164 Using fsaclctl to Enable and Disable ACL SupportChapter 10 167 Working with the Print Ser

90 Chapter 7 Working with Disks and Volumes To list the disks known and available on the computer:$ diskutil listIf your system is an Xserve compu

Chapter 7 Working with Disks and Volumes 91 To get mount info about a partition:$ diskutil info diskvolThis command tells you the device file that

92 Chapter 7 Working with Disks and Volumes When you start editing a device, the pdisk options change. Enter ? at the pdisk prompt to see the edit

Chapter 7 Working with Disks and Volumes 93 Before running newfs, label the disk using the disklabel tool.To format a disk:$ newfsFor more informat

94 Chapter 7 Working with Disks and Volumes To enable journaling:$ diskutil enableJournal volumeThe following example shows journaling being enabl

Chapter 7 Working with Disks and Volumes 95 Understanding Spotlight TechnologySpotlight is a desktop search technology that combines metadata-index

96 Chapter 7 Working with Disks and Volumes To view the metadata of a file:$ mdls filenameThe computer responds with something similar to the foll

Chapter 7 Working with Disks and Volumes 97 Managing RAID VolumesIn addition to standard drive management options, you can use diskutil to manage s

98 Chapter 7 Working with Disks and Volumes Imaging and Cloning Volumes Using ASRYou can use Apple Software Restore (ASR) to copy a disk image ont

8 998 Managing User and Group AccountsUse this chapter to learn the commands to set up and manage user and group accounts.With Mac OS X Server, y