Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - urban420

Pages: [1]
1
Yosemite Server - Foundation Services / SSL Certificates with firewall
« on: April 28, 2015, 10:54:07 PM »
It's been way too long since I have posted but I think that is because your books have been so great that everything just works. Seriously, I read a few other books and nothing was as dead simple and easy to understand as your writing and the way you walk through stuff.

I have a couple of issues I am working on but I can't seem to completely wrap my mind around.

The first thing is that I want to do is to make some of my network users mobile users. I think you talked about this briefly in one of the books, but I am having trouble locating where it was. So if I have a network user and I want to change them to a mobile user is it really as simple as outlined in this article:

https://support.apple.com/kb/PH14265?locale=en_US

My network users have local home folders and I don't want to use any type of sync services, I just want to allow users to log on to a specific machine without being connected to the network. Seems simple enough, but maybe I am missing something that is supposed to be done on the actual server?

My second, possibly more complicated issue is that when I set up our server I did so with an SSL following your book. Everything worked, no problems and the world is wonderful.

At the same time I installed our server I purchased a new Sonicwall TZ 215. I'm not overly Sonicwall savvy so I work with a company that set it up and manages it for us. Really they just help me when changes are needed, but they did the original configuration. We liked the idea of the SSL VPN so we use that for remote access. When they originally set up the firewall they did not install a 3rd party SSL but rather used a self signed certificate. There are only two of us that use it so it has never been an issue.

Fast forward a year and now I am thinking that SSL certs are so cheap I should just install one for the firewall. I will also likely need it in place for PCI compliance as they are starting to fail merchants for using self signed certs. Keep in mind we don't host our website on our server and we are not currently using it as our mail server. Right now it is purely for basic server functionality.

So here is my questions:

- I have an SSL installed on our server. The SSL is set up with the server's name - server.domain.com. The server sits behind the firewall with no public IP.

- I need to install an SSL on our firewall that has a public static IP address.

It seems like I am going to run into problems but I am not sure why. I guess I am trying to understand why there is even a need for an SSL on the server in the first place when it does not have an external IP. Plus, how does it validate without a public IP address? Or does it even matter

Long story short, if I install a SSL cert on the firewall (named firewall.domain.com) that has a public IP will this cause me any issues?

I kind of feel like maybe it really is not as complicated as I am making it out to be, so I had to ask the question.

Again, thanks for the books because I can say that while I still have not completely harnessed everything that OS X Server has to offer, I'm not afraid to try things that I would otherwise never touch. Our network is solid and I rarely have to deal with any problems. It just runs like it should and I feel that that is due in large part to being set up correctly thanks to the wealth of info you shared in your books. I tell anyone that asks about switching to an OS X Server to go buy your book.

Thanks again.

2
Mavericks Server - Foundation Services / File Share Error
« on: April 12, 2014, 07:23:06 PM »
I'm finally getting around to deploying our new equipment and pretty much have everything in place. As I have said before, this book was a great help to me and I don't think i could have set up our server without it. Even though it does not cover everything you need to know, it does as it title states - it covers the foundation of things. At least as far as I am concerned there simply is no book/guide out there that explains things in a way that nearly anyone can understand in a way that this book does. To anyone looking for help with a OS X Server set up - get this book.

With that out of the way, I wanted to see if others are experiencing an issue that I have come across. I've been reads some threads at Apple and elsewhere and it looks like I am not the only one. In fact, it looks like it could be a bug with recent updates.

As I said, I am rolling our equipment out and we are pretty much all Apple equipment with the exception of a couple PC's. With that said when I set up file shares I chose to allow AFP and SMB protocols. So the problem I am seeing is when a file or files are copied to a share on the server an error is presented that states:

"The Finder can’t complete the operation because some data in “filename” can’t be read or written.(Error code -36)"

I have been working on our set up for a couple months and when I tested the file sharing previously I did not see this, so I suspect it is from a recent upgrade and it seems that others are saying the same thing. I found a couple threads on the Apple Support Site that discussed the issue so I chatted with Apple and apparently the issue is known, the fix has been developed and it will be forthcoming sometime soon.

Here are a of the couple threads:

https://discussions.apple.com/thread/5944699?start=0&tstart=0

https://discussions.apple.com/thread/5941762?start=0&tstart=0

I am just wondering if any of you guys have experienced the issue and what, if any workarounds you are using.

I also wanted to get your thoughts on the overall state of what I call the whole SMB Mess. I've read a lot about it and read why Apple says they had to move to a different, seemingly more proprietary SMB protocol, but they have had since Lion to get it together and it just seems it is still a mess. I guess I never saw these issues because I have always worked in a Windows driven environment and the Apple computers we had played well with MS Servers and AD.  But now that I have transitioned us to a Apple server I am seeing more and more of these issues. That is not to say Windows does not have their own issues, they just don't seem to be revolving around a pretty important thing like file sharing. But also the hardware manufacturers have not had a couple of years to get their stuff fully compatible and for whatever reason it is not happening.

For example this week I was moving our Canon multifunction copier to our new Apple network and I quickly found out that the Canon would not talk to the OS X Server. We scan documents to a network drive and I ended up having to use FTP, which is less than desirable. It is my understanding this goes back to when Apple made changes in Lion regarding the type of SMB. Our Canon is a few years old, so I went looking for a new machine thinking it would not be an issue with new hardware, but I found that very few multifunction devices will work well in a network environment with OS X. To be clear, I am talking about a small/medium business level multifunction unit and not a consumer grade machine, for example our canon is an ImageRunner. I am not sure how the larger business type models are set up but I think they have far more options and utilize internal HDD.

As I mentioned above we have to keep a couple of PC's around for our shipping department and I continue to run into issues there as well. Getting a Win7 PC to play well with OD has been a nightmare. In fact, I have all but given up on trying to bind it to the OD and simple things like connecting to shares on the OS X Server from the PC is a pain. It works, it just does not seem to be anywhere near seamless.

Sorry for the lengthy post, I just needed to vent. At this point I am more than a little displeased with the level of integration between all of the various pieces of hardware. It just seems like in the year 2014 we should not be dealing with these types of issues and it really should to be a bit easier.

3
Mavericks Server - Foundation Services / RAID
« on: January 31, 2014, 11:58:49 AM »
Hello -

I just purchased your book and while i have only read the first few chapters thus far the information has been helpful already. But I had a question on the matter of whether or not to RAID a Mac Mini Server.

I am installing a Mac Mini Server at our office to replace a Windows server. When I decided to go the route of an Apple server the one thing that bothered me was the ability to run a RAID set up on the server. Coming from the world of Windows servers I am used to RAID controllers and multiple hot swap hard drives.

Over the past few months I have spoken with numerous people who all seem to be against running RAID on the Mini. Their solution is always to clone or Time Machine from one drive to the other and to me this leaves the possibility for lost data and does not really provide for redundancy. I think a lot of people shy away from RAID because they don't fully understand it, and they view it as a backup when in fact it is about redundancy and the backup is completely separate.

So on to my question, initially I wanted to RAID the Mac Mini Server but as I said above after I spoke to several people and researched on the web I was left with the impression that Apple discouraged RAID mirroring. It seems like when you RAID the volumes that you will lose some features that may be important. In fact in the book it briefly describes the fact that with RAID you lose the ability to have a Recovery volume and to use FileVault.

So my question is, what exactly do you lose when you set up RAID? And what does the loss of these features really mean?  I see there is an Apple support article that says:

"Recovery offers on-disk recovery tools, allows you to restore from Time Machine backups, reinstall OS X via the Internet, or set a firmware password."

Is there any way to prepare for the loss of these features? For example the Apple support article on RAID says:

"you should consider using the Recovery Disk Assistant to create an external recovery disk before creating your RAID volume."

Is this step something you recommend?

Over the years my experience has always been to try to adapt to the way Apple designed something rather that trying to adapt the hardware/software to the way I have always done it in the past. Obviously this is not the case in every situation, and sometimes Apple designs something to be easy so that just about anyone can manage it.

I'm not sure how much others would benefit from some clarification on these topics, and maybe the short blurb in the book really is enough information. I just know that having researched it previously it seemed like there was a lot more to it.

Overall I can't say how much i appreciate your book. For someone like myself who has always dealt with Windows servers but have been using Mac notebooks and workstations for years, the book has thus far been a wealth of information. I am really looking forward to future books and can't wait for the next release.

Thanks -

J

Pages: [1]