Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - isthatyourbag

Pages: [1]
El Capitan Server - Foundation Services / Update Radius
« on: January 18, 2017, 09:31:07 AM »
Is it possible to update the radius package in Server 5.2 and Sierra 10.12.2? Server is using version 2.2.9 but FreeRadius is current at 3.0.12.

Followed along in the Groups and Users chapters. Made groups first, and set access appropriately. Then created users, and added users back to groups, and the access controls were all off.

1 - creating a new user seemed to give them access to everything.
2 - new users became part of the Workgroup, which also had access to everything.

So, I removed all access from the Workgroup and access from each individual user in order that the Group's access would work.

Seems like a very backhanded way of doing things. Isn't there a better way?

I did a test with a different machine running El Capitan 10.5.6 and joined it to my network. The process asked me if I wanted to trust the certificates, and when I said Yes, the Open Directory CA and code signing certificate appeared in my key chain.

The server machine is running Server 5.2 on top of Sierra.

El Capitan Server - Foundation Services / Re: Multiple machine setup
« on: October 17, 2016, 04:11:59 PM »
Ay thoughts or comments are appreciated. I did a reinstall of my main file sharing server, the OD master. ( I got a paranoid thing going on and felt the need.  :( ). I put the Profile manager on the mail machine, and then couldn't get the Admin account to authenticate, while user accounts could. Thought I was down a dead end, and then I remembered I was using a machine admin account from the first machine. Duh.

Now I'm out of town for a few days and can't retest. We'll see what happens next week when I'm hands on again.

I've bound a Sierra client and it shows the offending certificate - the one that's not trusted and that's where the Open Directory shows up. It's at the top of the chain.

I'm using Server 5.1.x on a mac mini server with El Capitan. I have purchased a third party SSL certificate, and in the Server app certificates section, I've set Open Directory to use this certificate.
Why do my client machines ask to trust a self-signed Open Directory Certificate Authority instead of using the 3rd party (trusted) certificate?

Why is Open Directory creating a CA to use?

El Capitan Server - Foundation Services / Multiple machine setup
« on: October 09, 2016, 04:33:21 PM »
Love your books. Reading then again and considering a change…

I have 2 machines running Server 5.1.x. Machine One handles mail; Machine Two handles file sharing, profile manager and open directory. They are currently on the same subnet.

I'm considering pushing profile manager to the Machine One as a security enhancement along with placing them on a different subnet. I'm bothered that it currently is "on the internet" with everything else. (I am using a router/firewall product.)

Will profile manager function on a different physical machine than the Open Directory?

Thanks for your thoughts, and when can we expect the Sierra versions?  ;)

Pages: [1]