You are previewing Snow Leopard™ Server.
O'Reilly logo
Snow Leopard™ Server

Book Description

In-depth guide to all aspects of handling Apple's newest big cat

Whether you manage a large enterprise server or your own Macs at home or in a small office, this book has what you need to understand Apple's new Mac OS X Snow Leopard Server inside and out. Crammed with information, this detailed guide presents best practices and insights that have been field-tested by author Daniel Dilger, a professional administrator and Apple developer. You'll soon learn to deploy, administer, and update Apple's powerful new cat.

  • Get to know Mac OS X Snow Leopard Server, Apple's scalable, 64-bit UNIX-based operating system, and the most powerful Mac OS X version yet

  • Explains all aspects, both hardware and software

  • Shows how to host Web 2.0 applications, crunch tons of data, or centralize the day-to-day activities of a software development team

  • Covers installation and configuration, account authentication and authorization, using open directory, using print and file services, managing accounts and deployment, and using Apple Remote Desktop, Enterprise solutions, and command line control

  • Explores open source applications such as iChat Theater, Mail, iCal, Podcast Producer, and more

Keep Mac OS X Snow Leopard Server purring with this practical guide.

Table of Contents

  1. Copyright
  2. Credits
  3. About the Author
  4. Acknowledgments
  5. Foreword
  6. Introduction
    1. What's Inside This Book
    2. Origins of Mac OS X Server
      1. Leveraging open-source software before Linux
      2. From NeXT to Mac OS X Server
      3. Mac OS X Server 1.0
      4. Mac OS X Server 10.0 and 10.1
      5. Mac OS X Jaguar Server 10.2
      6. Mac OS X Panther Server 10.3
      7. Mac OS X Tiger Server 10.4
      8. Mac OS X Leopard Server 10.5
      9. Mac OS X Snow Leopard Server 10.6
    3. On the Web
  7. I. Mac OS X Overview
    1. 1. Introducing Mac OS X Server
      1. 1.1. Planning Mac OS X Server Deployments
        1. 1.1.1. Planning for ongoing maintenance
        2. 1.1.2. Planning for software expenses
        3. 1.1.3. Planning for hardware expenses
        4. 1.1.4. Planning for practical use
      2. 1.2. Administration Tools
        1. 1.2.1. Basic administration tools
        2. 1.2.2. Advanced administration tools
      3. 1.3. Basic versus Advanced Management Roles
        1. 1.3.1. Basic management in standard and workgroup configurations
        2. 1.3.2. Advanced management in advanced configurations
        3. 1.3.3. Moving beyond advanced management
      4. 1.4. Kernel, Unix, and Open-Source Services
        1. 1.4.1. The Mac OS X kernel
          1. 1.4.1.1. The origins of Mac OS X's Mach/BSD kernel
          2. 1.4.1.2. Apple modifications to the Mach/BSD kernel
          3. 1.4.1.3. The Darwin open-source project
          4. 1.4.1.4. The kernel's I/O Kit
          5. 1.4.1.5. Unique features of the XNU kernel
        2. 1.4.2. The Mac OS X Unix userland of open-source services
      5. 1.5. Specialized Server Applications
      6. 1.6. Managing Network Client Resources
        1. 1.6.1. NetBoot
        2. 1.6.2. NetInstall and NetRestore
        3. 1.6.3. Managed Clients
      7. 1.7. What's New in Snow Leopard Server
        1. 1.7.1. Address Book Server
          1. 1.7.1.1. Moving contacts out of LDAP
          2. 1.7.1.2. Exchange-style contacts
        2. 1.7.2. iCal Server 2
        3. 1.7.3. New mail services
        4. 1.7.4. Push Notification Server
        5. 1.7.5. Podcast Producer 2
        6. 1.7.6. 64-bit kernel
        7. 1.7.7. Mobile Access
        8. 1.7.8. Other new Snow Leopard features
      8. 1.8. Summary
    2. 2. Mac OS X Server for Windows Users
      1. 2.1. Integrating with Active Directory
        1. 2.1.1. Understanding Active Directory and Open Directory
          1. 2.1.1.1. Introducing Open Directory
          2. 2.1.1.2. Managed preferences
          3. 2.1.1.3. Home directories
        2. 2.1.2. Using Mac OS X Server with Active Directory
      2. 2.2. Hosting Services for Windows Clients
        1. 2.2.1. Acting as a Primary Domain Controller
        2. 2.2.2. Acting as a Backup Domain Controller
      3. 2.3. Migrating from Windows Server
      4. 2.4. Summary
  8. II. Installing Mac OS X Server
    1. 3. Planning Deployment Complexity
      1. 3.1. Standard Configuration
        1. 3.1.1. Evaluating the capabilities of standard configuration
          1. 3.1.1.1. DNS and DHCP services
          2. 3.1.1.2. Network firewall, NAT, RADIUS, and VPN services
          3. 3.1.1.3. Advanced services
          4. 3.1.1.4. QuickTime Streaming Server, Podcast Producer, and print services
          5. 3.1.1.5. Client computer management
        2. 3.1.2. Moving beyond standard configuration
          1. 3.1.2.1. Moving to workgroup configuration
          2. 3.1.2.2. Upgrading to advanced configuration
      2. 3.2. Workgroup Configuration
        1. 3.2.1. Evaluating the capabilities of workgroup configuration
          1. 3.2.1.1. DNS and DHCP services
          2. 3.2.1.2. Network firewall, NAT, RADIUS, and VPN services
          3. 3.2.1.3. Advanced services
          4. 3.2.1.4. QuickTime Streaming Server, Podcast Producer, and print services
          5. 3.2.1.5. Client computer management
        2. 3.2.2. Moving away from a workgroup configuration
          1. 3.2.2.1. Moving to standard configuration
          2. 3.2.2.2. Upgrading to advanced configuration
      3. 3.3. Advanced Configuration
        1. 3.3.1. Evaluating the capabilities of advanced configuration
          1. 3.3.1.1. DNS and DHCP services
          2. 3.3.1.2. Network firewall, NAT, RADIUS, and VPN services
          3. 3.3.1.3. Advanced services
          4. 3.3.1.4. QuickTime Streaming Server, Podcast Producer, and print services
          5. 3.3.1.5. Client computer management
        2. 3.3.2. Upgrading from standard and workgroup configurations
      4. 3.4. Summary
    2. 4. Evaluating Hardware Requirements
      1. 4.1. Evaluating Server Hardware Needs
        1. 4.1.1. Planning for essential hardware requirements
        2. 4.1.2. Building to scale for future needs
      2. 4.2. Planning Server and Network Data Storage
        1. 4.2.1. Evaluating storage needs
        2. 4.2.2. Determining the most appropriate storage technology
          1. 4.2.2.1. Using RAID storage
          2. 4.2.2.2. Storage types
          3. 4.2.2.3. Service availability
      3. 4.3. Network Performance Requirements
        1. 4.3.1. Planning network needs for basic services
        2. 4.3.2. Building to scale for future needs
      4. 4.4. Summary
    3. 5. Integrating with the Existing Server Infrastructure
      1. 5.1. Upgrading from Mac OS X Leopard Server
        1. 5.1.1. Mac OS X Snow Leopard Server's 64-bit kernel
        2. 5.1.2. Changes in Mac OS X Snow Leopard Server software
        3. 5.1.3. Planning server upgrades
      2. 5.2. Migrating from Previous Versions of Mac OS X Server
      3. 5.3. Migrating from Windows Server
        1. 5.3.1. Planning to migrate services to Snow Leopard Server
        2. 5.3.2. Windows domain migration to Snow Leopard Server
          1. 5.3.2.1. Acting as a Primary Domain Controller
          2. 5.3.2.2. Migrating users, groups, and computers to the new server
          3. 5.3.2.3. Provisioning home directories and roaming user profiles for users
          4. 5.3.2.4. Configure Windows access to print service
      4. 5.4. Integrating with Existing Network Services
        1. 5.4.1. Operating in heterogeneous server environments
        2. 5.4.2. Serving heterogeneous clients
      5. 5.5. Summary
    4. 6. Software Installation and Initial Configuration
      1. 6.1. Installing Mac OS X Server
        1. 6.1.1. Compiling installation details
        2. 6.1.2. Preparing the server environment
        3. 6.1.3. Choosing an installation startup method
          1. 6.1.3.1. Standard DVD installation
          2. 6.1.3.2. Remote interactive installation
          3. 6.1.3.3. Preinstalled server
          4. 6.1.3.4. Upgrade an existing server
          5. 6.1.3.5. Upgrade an existing Mac OS X machine to Server
          6. 6.1.3.6. NetBoot and automatic installation
        4. 6.1.4. Preparing the boot volume
        5. 6.1.5. Installing Mac OS X Server files
        6. 6.1.6. Using Server Assistant
          1. 6.1.6.1. Local or remote
          2. 6.1.6.2. Automatic
          3. 6.1.6.3. Manage Users and Groups
          4. 6.1.6.4. Import Users and Groups
          5. 6.1.6.5. Configure Manually
      2. 6.2. Remote Interactive Installation
        1. 6.2.1. Remote installation by using Server Assistant
        2. 6.2.2. Remote installation by using VNC screen sharing
        3. 6.2.3. Remote configuration by using the command line
      3. 6.3. Automatic Installation
      4. 6.4. Summary
  9. III. Basic Mac OS X Server Management
    1. 7. Server Preferences
      1. 7.1. Managing Users and Groups
        1. 7.1.1. Creating new accounts
        2. 7.1.2. Importing user accounts from another directory
        3. 7.1.3. Assigning contact information to an account
        4. 7.1.4. Allowing or denying an account's access to services
        5. 7.1.5. Sending a welcome message to new accounts
        6. 7.1.6. Editing group membership for an account
        7. 7.1.7. Creating new groups
        8. 7.1.8. Importing group accounts from another directory
        9. 7.1.9. Managing group memberships
      2. 7.2. Managing Services
        1. 7.2.1. File Sharing
          1. 7.2.1.1. Default file shares
          2. 7.2.1.2. Share permissions versus file permissions
          3. 7.2.1.3. Moving beyond simple file-sharing options
        2. 7.2.2. Address Book service
        3. 7.2.3. iCal service
        4. 7.2.4. iChat service
        5. 7.2.5. Mail service
        6. 7.2.6. Web Server
        7. 7.2.7. VPN service
        8. 7.2.8. Firewall
      3. 7.3. Managing System Information
        1. 7.3.1. Information
        2. 7.3.2. Logs
        3. 7.3.3. Graphs
      4. 7.4. Performing Basic Server Administration
        1. 7.4.1. Planning for backup and restoration
          1. 7.4.1.1. Selecting backup media
          2. 7.4.1.2. Selecting storage device types
          3. 7.4.1.3. Selecting backup strategies
        2. 7.4.2. Time Machine Server
          1. 7.4.2.1. Backing up the server: local Time Machine
          2. 7.4.2.2. Bootable backups
          3. 7.4.2.3. Offsite backups
        3. 7.4.3. Managing software updates
          1. 7.4.3.1. Updating network machines: Software Update Server
          2. 7.4.3.2. Updating the server: local Software Update
        4. 7.4.4. Firewall
          1. 7.4.4.1. Two application firewalls
          2. 7.4.4.2. Advanced IP firewall
      5. 7.5. Summary
    2. 8. Additional Basic Admin Tools
      1. 8.1. Monitoring Server Statistics from Dashboard with the Server Status Widget
        1. 8.1.1. Server Status resource charts
        2. 8.1.2. Server Status service monitoring
      2. 8.2. Upgrading to Advanced Tools
        1. 8.2.1. One-way migration risks with Server Admin
        2. 8.2.2. One-way migration risks with Workgroup Manager
        3. 8.2.3. Command-line utilities in standard configuration
      3. 8.3. Summary
  10. IV. Advanced Mac OS X Server Management
    1. 9. Server Admin
      1. 9.1. Authenticating with a Server
      2. 9.2. Exploring the Interface
        1. 9.2.1. Server list and action bar
          1. 9.2.1.1. Add Server
          2. 9.2.1.2. Add Group
          3. 9.2.1.3. Add Smart Group
        2. 9.2.2. Add Service
          1. 9.2.2.1. Additional action bar buttons
        3. 9.2.3. Toolbar
          1. 9.2.3.1. Overview
          2. 9.2.3.2. Logs
          3. 9.2.3.3. Graphs
          4. 9.2.3.4. File Sharing
          5. 9.2.3.5. Server Updates
          6. 9.2.3.6. Certificates
          7. 9.2.3.7. Settings
      3. 9.3. Managing and Configuring Services
      4. 9.4. Reviewing Logs
      5. 9.5. Monitoring Performance
      6. 9.6. File Share Points, Permissions, and Quotas
        1. 9.6.1. Creating share points
        2. 9.6.2. Defining access permissions
        3. 9.6.3. Enabling quota support on a volume
      7. 9.7. Updating Server Software
      8. 9.8. Managing Certificates
      9. 9.9. Configuring Settings
        1. 9.9.1. Serial number upgrades or changes
        2. 9.9.2. Hostname or network configuration settings
        3. 9.9.3. Time and date settings
        4. 9.9.4. Alert notification settings
        5. 9.9.5. SACL settings
        6. 9.9.6. Limited administrative access settings
        7. 9.9.7. Adding a new service for configuration
      10. 9.10. Working with Multiple Servers
        1. 9.10.1. Using groups and Smart Groups
        2. 9.10.2. Importing and exporting server settings
        3. 9.10.3. Importing and exporting server preferences
      11. 9.11. Summary
    2. 10. Workgroup Manager
      1. 10.1. Authenticating with a Server
        1. 10.1.1. User accounts in the local directory
        2. 10.1.2. User accounts in the network directory
      2. 10.2. Exploring the Interface
        1. 10.2.1. The toolbar
          1. 10.2.1.1. Accounts and Preferences modes
          2. 10.2.1.2. Other toolbar buttons
          3. 10.2.1.3. Using Search to filter accounts
          4. 10.2.1.4. Using Search to batch-edit accounts
        2. 10.2.2. The directory domain authentication strip
          1. 10.2.2.1. BSD local node accounts
          2. 10.2.2.2. Active Directory and LDAPv3 directory servers
        3. 10.2.3. The accounts list
        4. 10.2.4. The Account Record pane
        5. 10.2.5. The Account Preferences pane
      3. 10.3. Working with User Accounts
        1. 10.3.1. The User Basic tab
          1. 10.3.1.1. User account name
          2. 10.3.1.2. Account short names
          3. 10.3.1.3. User ID
          4. 10.3.1.4. Password
          5. 10.3.1.5. Photo
          6. 10.3.1.6. User account access and server administration
        2. 10.3.2. The User Privileges tab
        3. 10.3.3. The User Advanced tab
          1. 10.3.3.1. Simultaneous login
          2. 10.3.3.2. Default shell
          3. 10.3.3.3. Password type and policy
          4. 10.3.3.4. Comments and keywords
        4. 10.3.4. The User Groups tab
        5. 10.3.5. The User Home tab
          1. 10.3.5.1. Home folders
          2. 10.3.5.2. Quotas
        6. 10.3.6. The User Mail tab
        7. 10.3.7. The User Print tab
        8. 10.3.8. The User Info tab
        9. 10.3.9. The User Windows tab
        10. 10.3.10. The User Inspector tab
        11. 10.3.11. Working with Group Accounts
        12. 10.3.12. The Group Basic tab
          1. 10.3.12.1. Group account name
          2. 10.3.12.2. Group short names
          3. 10.3.12.3. Group ID
          4. 10.3.12.4. Photo and Photo Path
          5. 10.3.12.5. Comment
          6. 10.3.12.6. The Group Members tab
        13. 10.3.13. Group Folder tab
        14. 10.3.14. The Group Inspector tab
      4. 10.4. Working with Computer Accounts
        1. 10.4.1. The Computer General tab
        2. 10.4.2. The Computer Network tab
        3. 10.4.3. The Computer Inspector tab
      5. 10.5. Working with Computer Group Accounts
        1. 10.5.1. The Computer Group Basic tab
        2. 10.5.2. The Computer Group Members tab
        3. 10.5.3. The Computer Group Inspector tab
      6. 10.6. Creating and Configuring Records
        1. 10.6.1. Creating new users and groups
        2. 10.6.2. Creating new computers and computer groups
      7. 10.7. Managing Account Access and Privileges
        1. 10.7.1. Configuring account features
        2. 10.7.2. Organizing, filtering, and editing domain accounts
      8. 10.8. Summary
    3. 11. Additional Advanced Admin Tools
      1. 11.1. iCal Server Utility
      2. 11.2. Server Monitor
        1. 11.2.1. Monitoring groups of servers
        2. 11.2.2. Xserve hardware detail
      3. 11.3. RAID Admin
      4. 11.4. System Image Utility
      5. 11.5. Command-Line Tools
        1. 11.5.1. Using the Unix command line
        2. 11.5.2. Remote administration by using SSH
        3. 11.5.3. Using systemsetup, serveradmin, and networksetup
          1. 11.5.3.1. Configuring services
          2. 11.5.3.2. Configuring network services
        4. 11.5.4. User and directory command-line tools
          1. 11.5.4.1. Managing directory services
          2. 11.5.4.2. Managing users
        5. 11.5.5. Volume, disk image, and file permission tools
          1. 11.5.5.1. Disk imaging
          2. 11.5.5.2. File system permissions
      6. 11.6. Summary
  11. V. Supplying Core Network Services
    1. 12. DNS Service
      1. 12.1. Introduction to DNS
        1. 12.1.1. The DNS hierarchy
          1. 12.1.1.1. DNS zones
          2. 12.1.1.2. DNS machine records
        2. 12.1.2. Bonjour and multicast DNS
      2. 12.2. Planning DNS
      3. 12.3. DNS Setup and Configuration
        1. 12.3.1. DNS configuration files
        2. 12.3.2. DNS zones
          1. 12.3.2.1. Manual zone configuration
          2. 12.3.2.2. Using Server Admin to create zone records
        3. 12.3.3. DNS machine records
      4. 12.4. Managing and Monitoring DNS
        1. 12.4.1. Securing DNS
          1. 12.4.1.1. DNS spoofing
          2. 12.4.1.2. Server mining
          3. 12.4.1.3. DNS profiling
          4. 12.4.1.4. Denial of service (DoS)
          5. 12.4.1.5. Service piggybacking
        2. 12.4.2. Services depending on DNS
          1. 12.4.2.1. MX records for mail services
          2. 12.4.2.2. Round-robin load distribution
          3. 12.4.2.3. Hosting multiple domain names on the same server
          4. 12.4.2.4. Virtual domain hosting
        3. 12.4.3. Using DNS with Bonjour
      5. 12.5. Summary
    2. 13. DHCP Service
      1. 13.1. Introduction to DHCP
      2. 13.2. Planning DHCP
        1. 13.2.1. Public versus private IP addresses
        2. 13.2.2. Subnets
        3. 13.2.3. DHCP subnets
        4. 13.2.4. Dynamic and static IP addressing
          1. 13.2.4.1. Assigning dynamic addresses
          2. 13.2.4.2. Reserving static addresses
        5. 13.2.5. Planning DHCP subnets
      3. 13.3. DHCP Setup and Configuration
        1. 13.3.1. Configuring network services in DHCP
          1. 13.3.1.1. DNS
          2. 13.3.1.2. LDAP
          3. 13.3.1.3. WINS
        2. 13.3.2. Setting up a static IP reservation
      4. 13.4. Managing and Monitoring DHCP
        1. 13.4.1. Troubleshooting common problems
          1. 13.4.1.1. No DHCP assignments occurring in a specific subnet
          2. 13.4.1.2. Client computers not getting DHCP assignments
        2. 13.4.2. Using multiple DHCP servers
      5. 13.5. Summary
    3. 14. Firewall Service
      1. 14.1. Introduction to Firewalls
        1. 14.1.1. The Mac OS X Leopard application firewall
        2. 14.1.2. The port filtering IP firewall
          1. 14.1.2.1. TCP and UPD ports
          2. 14.1.2.2. Firewall rule priority
      2. 14.2. Planning Firewall Services
        1. 14.2.1. Limiting services to local users
          1. 14.2.1.1. Defining address groups and allowing services
          2. 14.2.1.2. Advanced firewall rules
          3. 14.2.1.3. Logging allowed or denied packets
        2. 14.2.2. Limiting external access to a specific user
        3. 14.2.3. Blocking external access to a specific user
        4. 14.2.4. Limiting peer-to-peer file sharing and gaming
      3. 14.3. Firewall Setup and Configuration
        1. 14.3.1. Defining address groups
        2. 14.3.2. Allowing services
        3. 14.3.3. Logging options
        4. 14.3.4. Advanced firewall rules
      4. 14.4. Managing and Monitoring Firewall Services
        1. 14.4.1. Invalid rule troubleshooting
        2. 14.4.2. Stealth mode
        3. 14.4.3. Adaptive firewall
      5. 14.5. Summary
    4. 15. NAT Service
      1. 15.1. Introduction to NAT
        1. 15.1.1. Creating private networks
          1. 15.1.1.1. NAT firewall integration
          2. 15.1.1.2. Problems related to NAT
        2. 15.1.2. Exposing public services to outside users
        3. 15.1.3. IP forwarding without NAT
      2. 15.2. Planning NAT Services
        1. 15.2.1. Alternatives to NAT
        2. 15.2.2. Integrating with external NAT services
      3. 15.3. NAT Setup and Configuration
        1. 15.3.1. Configuring NAT for a LAN
        2. 15.3.2. Configuring port forwarding
        3. 15.3.3. Configuring a gateway without NAT
        4. 15.3.4. Using the Gateway Setup Assistant
      4. 15.4. Managing and Monitoring NAT
      5. 15.5. Summary
    5. 16. VPN Service
      1. 16.1. Introduction to VPN
        1. 16.1.1. VPN transport protocols
          1. 16.1.1.1. PPTP (Point-to-Point Tunneling Protocol)
          2. 16.1.1.2. L2TP/IPsec (Layer 2 Tunneling Protocol using IPsec encryption)
        2. 16.1.2. Authentication methods
        3. 16.1.3. Remote access for mobile devices
      2. 16.2. Planning VPN Services
        1. 16.2.1. Network limitations
        2. 16.2.2. Hardware VPN appliances
      3. 16.3. VPN Setup and Configuration
        1. 16.3.1. Server Preferences
        2. 16.3.2. Server Admin
      4. 16.4. Managing and Monitoring VPN Services
      5. 16.5. Summary
    6. 17. RADIUS Service
      1. 17.1. Introduction to RADIUS
        1. 17.1.1. Securing Wi-Fi access using directory services
        2. 17.1.2. Alternatives to using RADIUS
      2. 17.2. Planning RADIUS Services
        1. 17.2.1. Working with AirPort base stations
        2. 17.2.2. Planning to use security certificates
      3. 17.3. RADIUS Setup and Configuration
      4. 17.4. Managing and Monitoring RADIUS
      5. 17.5. Summary
    7. 18. Xgrid Service
      1. 18.1. Introduction to Xgrid
        1. 18.1.1. Xgrid components
          1. 18.1.1.1. Agents
          2. 18.1.1.2. Clients
          3. 18.1.1.3. Controllers
        2. 18.1.2. Computational grids
          1. 18.1.2.1. Xgrid clusters
          2. 18.1.2.2. Local grids
          3. 18.1.2.3. Distributed grids
        3. 18.1.3. Xgrid Admin
      2. 18.2. Planning Xgrid Distributed Processing
        1. 18.2.1. Security
        2. 18.2.2. Hardware and network requirements
      3. 18.3. Xgrid Setup and Configuration
        1. 18.3.1. Configuring the Xgrid service
        2. 18.3.2. Configuring an Xgrid controller
        3. 18.3.3. Configuring an Xgrid agent
      4. 18.4. Managing and Monitoring Xgrid Services
        1. 18.4.1. Monitoring Xgrid logs
      5. 18.5. Summary
    8. 19. Other Network Services
      1. 19.1. Introduction to Other Network Services
        1. 19.1.1. Network Time Protocol
        2. 19.1.2. Simple Network Management Protocol
        3. 19.1.3. Secure Shell
          1. 19.1.3.1. Public-key cryptography
          2. 19.1.3.2. Public-key authentication
          3. 19.1.3.3. Kerberos authentication
        4. 19.1.4. Virtual Network Computing
        5. 19.1.5. Remote Management
      2. 19.2. Managing and Monitoring Other Network Services
      3. 19.3. Summary
  12. VI. Managing Accounts and Security
    1. 20. Introduction to Mac OS X Server Security
      1. 20.1. Hardening Local Server Security
        1. 20.1.1. Firmware secured startup
        2. 20.1.2. Physical port security
        3. 20.1.3. Wireless security
        4. 20.1.4. Audio- and video-recording security
        5. 20.1.5. Securing local account login
          1. 20.1.5.1. Acting as a root user
          2. 20.1.5.2. Acting as an administrative user
          3. 20.1.5.3. Acting as a limited administrative user
          4. 20.1.5.4. Acting as a non-administrative user
      2. 20.2. Securing User Data
        1. 20.2.1. Managing home folders
          1. 20.2.1.1. Home folders for Mac users
          2. 20.2.1.2. Home folders for other clients
          3. 20.2.1.3. Choosing a home folder type
        2. 20.2.2. FileVault home folder encryption
        3. 20.2.3. Network encrypted disk images
        4. 20.2.4. Securing certificates and other credentials
          1. 20.2.4.1. Mac OS X Keychain
          2. 20.2.4.2. Portable keychains
          3. 20.2.4.3. Smart cards
          4. 20.2.4.4. Certificate identities
          5. 20.2.4.5. Public Key Infrastructure
      3. 20.3. Securing Shared Data
        1. 20.3.1. Authentication
          1. 20.3.1.1. Security and directory services
          2. 20.3.1.2. Setting global security policy in Server Admin
          3. 20.3.1.3. Setting individual security policy in Workgroup Manager
        2. 20.3.2. Authorization
        3. 20.3.3. File access permissions
          1. 20.3.3.1. Inheritance and precedence
        4. 20.3.4. Service access permissions
          1. 20.3.4.1. Using SACLs to manage access to services
          2. 20.3.4.2. Using SACLs to manage access to Mobile Access services
          3. 20.3.4.3. Using SACLs to manage administrative access to services
        5. 20.3.5. Securing backups
      4. 20.4. Securing Transports with Encryption
        1. 20.4.1. VPN
        2. 20.4.2. SSL
          1. 20.4.2.1. Securing web access
          2. 20.4.2.2. Securing access with other services
      5. 20.5. Securing Applications and Preferences
        1. 20.5.1. Application signing
        2. 20.5.2. Managed preferences
      6. 20.6. Summary
    2. 21. Using Open Directory
      1. 21.1. Introduction to Open Directory
        1. 21.1.1. Directory service origins: NIS, NetInfo, NT domains
          1. 21.1.1.1. NIS
          2. 21.1.1.2. NetInfo
          3. 21.1.1.3. NT domains
        2. 21.1.2. Modern directory services: X.500 and LDAP
          1. 21.1.2.1. X.500
          2. 21.1.2.2. LDAP
          3. 21.1.2.3. Open Directory and LDAP
        3. 21.1.3. Directory domains
        4. 21.1.4. Search policy
          1. 21.1.4.1. Multiple levels of search policy
          2. 21.1.4.2. Automatic search policy
          3. 21.1.4.3. Custom search policy
          4. 21.1.4.4. Search policy for authentication and contacts
        5. 21.1.5. Open Directory authentication
          1. 21.1.5.1. Authentication methods
          2. 21.1.5.2. Kerberos authentication
          3. 21.1.5.3. Serving directory domains
        6. 21.1.6. Open Directory server roles
        7. 21.1.7. Managed preferences
      2. 21.2. Planning Directory Services
        1. 21.2.1. Strategic deployment
        2. 21.2.2. Capacity planning
        3. 21.2.3. Security planning
      3. 21.3. Directory Services Setup and Configuration
        1. 21.3.1. Creating an Open Directory master
        2. 21.3.2. Creating an Open Directory replica or relay
        3. 21.3.3. Retiring an Open Directory replica or relay
        4. 21.3.4. Acting as a Primary Domain Controller
        5. 21.3.5. Acting as a Backup Domain Controller
        6. 21.3.6. Configuring advanced LDAP settings
        7. 21.3.7. Server and client configuration using Directory Utility
      4. 21.4. Managing and Monitoring Directory Services
        1. 21.4.1. Monitoring directory service logs
        2. 21.4.2. Managing directory accounts in Workgroup Manager
          1. 21.4.2.1. Managed preferences
          2. 21.4.2.2. Importing records
        3. 21.4.3. Managing Open Directory policy
          1. 21.4.3.1. Managing binding policy
          2. 21.4.3.2. Managing authentication policy
        4. 21.4.4. Archiving and restoring Open Directory data
      5. 21.5. Summary
  13. VII. Providing File-Sharing, Mail, Collaboration, and Media Services
    1. 22. File-Sharing Services
      1. 22.1. Introduction to File-Sharing Services
        1. 22.1.1. Apple File Service
          1. 22.1.1.1. AFP versions in Mac OS X Server
          2. 22.1.1.2. Third-party AFP servers
          3. 22.1.1.3. AFP: made for Macs
          4. 22.1.1.4. AFP security
        2. 22.1.2. Windows File Service
          1. 22.1.2.1. A third-party SMB server
          2. 22.1.2.2. Using SMB on Macs
          3. 22.1.2.3. SMB security
        3. 22.1.3. Network File Service
        4. 22.1.4. FTP Service
        5. 22.1.5. Spotlight Server
        6. 22.1.6. Time Machine Server
      2. 22.2. Planning File Services
        1. 22.2.1. File service protocols
        2. 22.2.2. Special file service features
        3. 22.2.3. Managing access to files and share points
          1. 22.2.3.1. Ownership and permissions
          2. 22.2.3.2. Using ACLs and POSIX permissions
          3. 22.2.3.3. Inheritance and precedence
        4. 22.2.4. How much and what kind of storage
          1. 22.2.4.1. Using RAID storage
          2. 22.2.4.2. Using SAN storage
        5. 22.2.5. Service availability and hardware needs
      3. 22.3. File Service Setup and Configuration
        1. 22.3.1. Apple File Service
        2. 22.3.2. Windows File Service
        3. 22.3.3. Network File Service
        4. 22.3.4. FTP File Service
      4. 22.4. Managing and Monitoring File Services
        1. 22.4.1. Managing file storage hardware
          1. 22.4.1.1. RAID storage
          2. 22.4.1.2. SAN storage
          3. 22.4.1.3. Monitoring IP failover
        2. 22.4.2. Using access control entries
        3. 22.4.3. Managing share points
          1. 22.4.3.1. Automount share points
          2. 22.4.3.2. Network home folders
        4. 22.4.4. Monitoring file service performance
      5. 22.5. Summary
    2. 23. Mail Services
      1. 23.1. Introduction to Mail Service
        1. 23.1.1. Outgoing SMTP mail
        2. 23.1.2. Incoming mail service
          1. 23.1.2.1. IMAP
          2. 23.1.2.2. POP
          3. 23.1.2.3. Push notifications
        3. 23.1.3. SSL and Mobile Access
      2. 23.2. Planning Mail Services
        1. 23.2.1. Configuring DNS for email services
        2. 23.2.2. Storage options for mail
          1. 23.2.2.1. Mail stores across volumes
          2. 23.2.2.2. Mail stores on Xsan
          3. 23.2.2.3. Mail stores on remotely mounted volumes
          4. 23.2.2.4. Backing up and restoring mail stores
        3. 23.2.3. Supporting POP and IMAP
        4. 23.2.4. Webmail services
        5. 23.2.5. Securing mail
          1. 23.2.5.1. Using or requiring SSL transport encryption
          2. 23.2.5.2. Using or requiring authentication for SMTP
          3. 23.2.5.3. Restricting access to SMTP
          4. 23.2.5.4. Using and requiring secure authentication for POP and IMAP
        6. 23.2.6. Managing junk mail and viruses
          1. 23.2.6.1. SpamAssassin junk mail filtering
          2. 23.2.6.2. ClamAV virus detection
        7. 23.2.7. Server-side message filtering
        8. 23.2.8. Mailing lists
        9. 23.2.9. Local host aliases and virtual hosting
      3. 23.3. Mail Service Setup and Configuration
        1. 23.3.1. Configuring basic mail services
          1. 23.3.1.1. Configure message and mailbox quotas
          2. 23.3.1.2. Configure mailing list settings
          3. 23.3.1.3. Configure logging settings
        2. 23.3.2. Advanced mail configuration
          1. 23.3.2.1. Configure SSL and authentication settings
          2. 23.3.2.2. Configure local host alias and virtual hosting settings
          3. 23.3.2.3. Configure mail data store settings
          4. 23.3.2.4. Training the junk mail spam filter
        3. 23.3.3. Granting mail access to users
      4. 23.4. Managing and Monitoring Mail Services
        1. 23.4.1. Monitoring mail service logs
        2. 23.4.2. Monitoring mail services
          1. 23.4.2.1. Local delivery mail service connections
          2. 23.4.2.2. Outgoing Internet mail service queues
          3. 23.4.2.3. Mail service accounts
          4. 23.4.2.4. Archiving mail
      5. 23.5. Summary
    3. 24. Web Services
      1. 24.1. Introduction to Web Services
        1. 24.1.1. Apache web services
        2. 24.1.2. WebDAV
        3. 24.1.3. CGI scripting
        4. 24.1.4. Using SSI
        5. 24.1.5. SSL encryption
        6. 24.1.6. Webmail, wikis, blogs, and RSS
      2. 24.2. Planning Web Services
        1. 24.2.1. Website configuration
        2. 24.2.2. Web service configuration
        3. 24.2.3. Apache modules
          1. 24.2.3.1. Mac-specific modules
          2. 24.2.3.2. Web application modules
        4. 24.2.4. SSL security
        5. 24.2.5. WebDAV realms
        6. 24.2.6. Virtual hosting and multihoming
          1. 24.2.6.1. Virtual hosts
          2. 24.2.6.2. Website aliases
          3. 24.2.6.3. Multihoming
      3. 24.3. Web Services Setup and Configuration
        1. 24.3.1. Configuring the web service
          1. 24.3.1.1. General settings
          2. 24.3.1.2. MIME type settings
          3. 24.3.1.3. Forward Proxy settings
          4. 24.3.1.4. Apache Module settings
          5. 24.3.1.5. Wiki settings
        2. 24.3.2. Configuring websites
      4. 24.4. Managing and Monitoring Web Services
        1. 24.4.1. Monitoring web services logs
        2. 24.4.2. Working with web applications
          1. 24.4.2.1. Apache Axis
          2. 24.4.2.2. Tomcat Java servlets and JSP
          3. 24.4.2.3. MySQL
          4. 24.4.2.4. Ruby on Rails
          5. 24.4.2.5. WebObjects
        3. 24.4.3. Monitoring web services performance
      5. 24.5. Summary
    4. 25. Web Collaboration Services
      1. 25.1. Introduction to Web Collaboration Services
        1. 25.1.1. Wikis
          1. 25.1.1.1. Text-based wikis
          2. 25.1.1.2. Mac OS X Server's graphical wiki services
          3. 25.1.1.3. Wiki themes
          4. 25.1.1.4. Wiki file structure
        2. 25.1.2. Blogs
        3. 25.1.3. Web-based email
        4. 25.1.4. Web calendar service
      2. 25.2. Planning Web Collaboration Services
      3. 25.3. Web Collaboration Services Setup and Configuration
        1. 25.3.1. Enabling web services
        2. 25.3.2. Enabling web collaboration features for a site
        3. 25.3.3. Configuring collaboration features in the web service
        4. 25.3.4. Configuring collaboration services on the web
          1. 25.3.4.1. My Page
          2. 25.3.4.2. Wikis
          3. 25.3.4.3. Blogs
          4. 25.3.4.4. Web calendar
          5. 25.3.4.5. Webmail
        5. 25.3.5. Access control for users and groups
        6. 25.3.6. Security
      4. 25.4. Managing and Monitoring Web Collaboration Services
        1. 25.4.1. Managing wiki and blog pages
        2. 25.4.2. Managing wiki and blog comments and tags
        3. 25.4.3. Enabling blog podcasts in group and personal blogs
        4. 25.4.4. Using search
        5. 25.4.5. Mobile web collaboration
        6. 25.4.6. Monitoring web collaboration logs
      5. 25.5. Summary
    5. 26. iCal Server
      1. 26.1. Introduction to iCal Server
        1. 26.1.1. The web-based architecture of iCal Server
        2. 26.1.2. A standards-based architecture
        3. 26.1.3. A unique approach to calendaring
        4. 26.1.4. Location and resource calendaring features
        5. 26.1.5. Secure Mobile Access and push notifications
      2. 26.2. Planning Calendar Services
      3. 26.3. iCal Service Setup and Configuration
        1. 26.3.1. Configuring iCal service settings
        2. 26.3.2. Enabling web calendars
        3. 26.3.3. Creating location and resource calendars
        4. 26.3.4. Assigning maps to location and resource records
        5. 26.3.5. Using iCal Server calendars within iCal
        6. 26.3.6. Access control for users and groups
        7. 26.3.7. Calendar service security
      4. 26.4. Managing and Monitoring iCal Server
        1. 26.4.1. Monitoring iCal service logs
        2. 26.4.2. Monitoring push notification logs
      5. 26.5. Summary
    6. 27. iChat Services
      1. 27.1. Introduction to iChat Server
        1. 27.1.1. A standards-based architecture
        2. 27.1.2. iChat Server's instant messaging features
        3. 27.1.3. Federating instant messaging servers
        4. 27.1.4. iChat Server and push notifications
      2. 27.2. Planning iChat Services
      3. 27.3. iChat Service Setup and Configuration
        1. 27.3.1. Enabling iChat services
        2. 27.3.2. Configuring iChat service settings
        3. 27.3.3. Configuring iChat Server from iChat
        4. 27.3.4. Populating iChat buddy lists from iChat Server
        5. 27.3.5. Creating multi-user chat conferences
        6. 27.3.6. Access control for users and groups
        7. 27.3.7. iChat Server security
      4. 27.4. Managing and Monitoring iChat Server
        1. 27.4.1. Monitoring iChat service logs
        2. 27.4.2. Monitoring push notification logs
      5. 27.5. Summary
    7. 28. Address Book Server
      1. 28.1. Introduction to Address Book Server
        1. 28.1.1. The web-based architecture of Address Book Server
        2. 28.1.2. A standards-based architecture
        3. 28.1.3. Following the pattern of iCal with Address Book
      2. 28.2. Planning for Address Book Services
      3. 28.3. Address Book Server Setup and Configuration
        1. 28.3.1. Enabling Address Book services
        2. 28.3.2. Configuring Address Book service settings
        3. 28.3.3. Using server contacts within Address Book
        4. 28.3.4. Access control for users and groups
        5. 28.3.5. Address Book service security
      4. 28.4. Managing and Monitoring Address Book Server
      5. 28.5. Summary
    8. 29. QuickTime Streaming Server
      1. 29.1. Introduction to QuickTime Streaming Server
        1. 29.1.1. Video streaming versus progressive download
          1. 29.1.1.1. Progressive download
          2. 29.1.1.2. Real-time streaming
        2. 29.1.2. Live broadcast streaming
        3. 29.1.3. QuickTime Broadcaster
          1. 29.1.3.1. Multicast transmission
          2. 29.1.3.2. Pairing QuickTime Streaming Server
          3. 29.1.3.3. Load balancing and relays
          4. 29.1.3.4. Audio and video compression
          5. 29.1.3.5. Transmission and the Session Description Protocol
        4. 29.1.4. Streaming video on demand
        5. 29.1.5. Video streaming with RTSP and RTP
      2. 29.2. Planning Streaming Media Services
        1. 29.2.1. Hardware and software requirements
        2. 29.2.2. Security
        3. 29.2.3. Preparing content
      3. 29.3. QuickTime Streaming Server Setup and Configuration
      4. 29.4. Managing and Monitoring QuickTime Streaming Server
        1. 29.4.1. Monitoring QuickTime Streaming Server logs
        2. 29.4.2. Monitoring QuickTime Streaming Server clients
      5. 29.5. Summary
    9. 30. Podcast Producer
      1. 30.1. Introduction to Podcast Producer
        1. 30.1.1. Podcast Capture
        2. 30.1.2. Podcast Producer Server
        3. 30.1.3. Podcast Composer workflows
        4. 30.1.4. Xgrid
      2. 30.2. Planning Podcast Production
        1. 30.2.1. Hardware requirements
          1. 30.2.1.1. Podcast Producer agent
          2. 30.2.1.2. Podcast Producer server
          3. 30.2.1.3. Podcast Producer Xgrid agent
        2. 30.2.2. Software requirements
      3. 30.3. Podcast Producer Setup and Configuration
        1. 30.3.1. Configuring the Podcast Producer service
          1. 30.3.1.1. Podcast Producer properties
        2. 30.3.2. Configuring Podcast Producer capture agents
        3. 30.3.3. Configuring Podcast Producer workflows
      4. 30.4. Managing and Monitoring Podcast Producer
        1. 30.4.1. Monitoring workflow job status in Xgrid Admin
        2. 30.4.2. Monitoring Podcast Producer logs
      5. 30.5. Summary
    10. 31. Print Services
      1. 31.1. Introduction to Print Services
        1. 31.1.1. CUPS
        2. 31.1.2. Print queues
        3. 31.1.3. Printing protocols
          1. 31.1.3.1. AppleTalk
          2. 31.1.3.2. LPR
          3. 31.1.3.3. IPP
          4. 31.1.3.4. SMB
        4. 31.1.4. Bonjour printer discovery
        5. 31.1.5. Open Directory printers
      2. 31.2. Planning Print Services
        1. 31.2.1. Performance
        2. 31.2.2. Security
      3. 31.3. Print Services Setup and Configuration
        1. 31.3.1. Printer queues
        2. 31.3.2. Advertising print services
        3. 31.3.3. Printer pools
        4. 31.3.4. Printer quotas
      4. 31.4. Managing and Monitoring Print Services
        1. 31.4.1. Monitoring printer logs
        2. 31.4.2. Managing print jobs
      5. 31.5. Summary
    11. 32. Mobile Access Server
      1. 32.1. Introduction to Mobile Access
        1. 32.1.1. A standards-based architecture
        2. 32.1.2. Simplicity for mobile clients
      2. 32.2. Planning for Mobile Access Services
      3. 32.3. Mobile Access Server Setup and Configuration
        1. 32.3.1. Enabling Mobile Access services
        2. 32.3.2. Configuring Mobile Access service settings
        3. 32.3.3. Access control for Remote Access users
        4. 32.3.4. Mobile Access service security
      4. 32.4. Managing and Monitoring Mobile Access Server
      5. 32.5. Summary
    12. 33. Push Notification Server
      1. 33.1. Introduction to Push Notification Server
      2. 33.2. Planning Push Notification Services
      3. 33.3. Push Notification Setup and Configuration
        1. 33.3.1. Access control for push notification users
        2. 33.3.2. Push notification services security
      4. 33.4. Managing and Monitoring Push Notification Server
      5. 33.5. Summary
  14. VIII. Managing Network Client Computers
    1. 34. Managing Client Systems with NetBoot
      1. 34.1. Introduction to NetBoot
        1. 34.1.1. Obtaining initial NetBoot configuration
        2. 34.1.2. Downloading Mac OS X startup files
        3. 34.1.3. Using shadow files and network shares
      2. 34.2. Planning NetBoot Deployment
      3. 34.3. NetBoot Setup and Configuration
        1. 34.3.1. Configuring NetBoot Server
        2. 34.3.2. Creating NetBoot images by using System Image Utility
        3. 34.3.3. Creating a NetBoot image workflow
        4. 34.3.4. Enabling NetBoot images
        5. 34.3.5. Filtering NetBoot clients
        6. 34.3.6. Boot Server Discovery Protocol and DHCP
        7. 34.3.7. Configuring client systems for NetBoot
      4. 34.4. Managing and Monitoring NetBoot
        1. 34.4.1. Monitoring NetBoot Logs
        2. 34.4.2. Monitoring NetBoot clients
        3. 34.4.3. Hosting NetBoot images on multiple servers
      5. 34.5. Summary
    2. 35. Managing Client Systems with NetInstall and NetRestore
      1. 35.1. Introduction to NetInstall
      2. 35.2. Introduction to NetRestore
        1. 35.2.1. Creating NetInstall images with System Image Utility
        2. 35.2.2. Creating a NetInstall image workflow
        3. 35.2.3. Updating NetInstall images with packages
        4. 35.2.4. Creating NetRestore images with System Image Utility
        5. 35.2.5. Creating a NetRestore image workflow
        6. 35.2.6. Enabling NetInstall and NetRestore images
        7. 35.2.7. Filtering NetInstall and NetRestore clients
        8. 35.2.8. Boot Server Discovery Protocol and DHCP
        9. 35.2.9. Configuring client systems for NetBoot
      3. 35.3. Managing and Monitoring NetInstall and NetRestore
        1. 35.3.1. Monitoring NetInstall and NetRestore logs
        2. 35.3.2. Monitoring NetInstall and NetRestore clients
        3. 35.3.3. Hosting NetInstall and NetRestore images on multiple servers
      4. 35.4. Summary
    3. 36. Managed Preferences
      1. 36.1. Introduction to Managed Preferences
        1. 36.1.1. Mac OS X preferences
        2. 36.1.2. Managing preferences
      2. 36.2. Planning Managed Preferences
        1. 36.2.1. Determining the level of administrative control
        2. 36.2.2. Combining and layering managing preferences
        3. 36.2.3. User and group preferences
        4. 36.2.4. Computer and computer group preferences
        5. 36.2.5. Permanence of managed preferences
      3. 36.3. Managed Preferences Setup and Configuration
        1. 36.3.1. Managing preferences in Workgroup Manager
        2. 36.3.2. Manageable preferences in Workgroup Manager
          1. 36.3.2.1. Application preferences
          2. 36.3.2.2. Classic preferences
          3. 36.3.2.3. Dock preferences
          4. 36.3.2.4. Energy Saver preferences
          5. 36.3.2.5. The Finder preferences
          6. 36.3.2.6. Login preferences
          7. 36.3.2.7. Media Access preferences
          8. 36.3.2.8. Mobility preferences
          9. 36.3.2.9. Network preferences
          10. 36.3.2.10. Parental Controls preferences
          11. 36.3.2.11. Printing preferences
          12. 36.3.2.12. Software Update preferences
          13. 36.3.2.13. System Preferences
          14. 36.3.2.14. Time Machine preferences
          15. 36.3.2.15. Universal Access preferences
          16. 36.3.2.16. Preferences Editor and the Details tab
      4. 36.4. Monitoring Managed Preferences
      5. 36.5. Summary
    4. 37. Software Update Server
      1. 37.1. Introduction to Software Update Server
        1. 37.1.1. Software Update packages
        2. 37.1.2. Serving Software Updates to local users
      2. 37.2. Planning Software Update Services
        1. 37.2.1. Network capacity considerations
        2. 37.2.2. Server disk capacity considerations
      3. 37.3. Software Update Setup and Configuration
        1. 37.3.1. Service setup in Server Admin
        2. 37.3.2. Managing access to the Software Update service
        3. 37.3.3. Managing Software Update preferences for clients
      4. 37.4. Managing and Monitoring Software Update
      5. 37.5. Summary
    5. 38. Time Machine Server
      1. 38.1. Introduction to Time Machine Server
        1. 38.1.1. Time Machine versus Time Machine Server
        2. 38.1.2. Time Machine Server
        3. 38.1.3. Time Machine Client
      2. 38.2. Planning Time Machine Server Services
        1. 38.2.1. Time Machine network capacity planning
        2. 38.2.2. Time Machine disk capacity planning
      3. 38.3. Time Machine Server Setup and Configuration
        1. 38.3.1. Server Preferences
        2. 38.3.2. Server Admin
      4. 38.4. Managing and Monitoring Time Machine Server
      5. 38.5. Summary
  15. Glossary