| Apple Training Series books emphasize hands-on training. The lessons contained within this book are designed to prepare system administrators for the tasks demanded of them by loading and deploying computers and managing the accounts and access rights on each of them. To become truly proficient, you need to learn both the theory and techniques behind each of these topics. Lesson Structure This reference guide is broken into two parts, each bringing you into a world of configuration files, mechanisms, best practices, and integration: Part 1, Deployment, instructs you on techniques you can use to streamline the deployment of multiple computers containing similar configurations. This section begins with strategies used to plan your computer deployment, and it later discusses methods used to install and maintain the software on each computer. Part 2, User Account Management, shows you how to effectively manage all of your users. You'll start with a number of planning and strategy topics, followed by learning what features the Mac OS X management tools offer you for setting up your users and their environment. You'll also learn about some of the special features available to mobile users and Windows users that can assist in creating a more cohesive computing environment for everyone. Part 2 concludes with information that will assist you in administrating Windows-based user accounts, managing network views, and using Apple Remote Desktop. Appendix, Using Radmind, gives a short introduction to using Radmind to manage the software installed on your computers. Note The step-by-step exercises included in the lessons are mostly nondestructive if followed correctly. However, a few exercises are disruptive, in that they may turn certain network services off or on suddenly. Some exercises, if performed incorrectly, could result in data loss to some basic services and even erase a disk or volume of a computer connected to the network on which the Mac OS X and/or Mac OS X Server resides. As such, it is recommended that you run through the exercises on Mac OS X computers that are not critical to your productivity or connected to a production network. Instructions are given for restoring your services back to their initial state, but reasonable caution is recommended. Apple Computer, Inc. and Peachpit Press are not responsible for any data loss or any damage to any equipment that occurs as a direct or indirect result of following procedures in this book.
Prerequisites Because Mac OS X and Mac OS X Server contain several open-source initiatives, it is impossible to include all the possibilities and permutations here. First-time users of Mac OS X and Mac OS X Server may find the concepts in this book a bit unfamiliar, but that should not dissuade them from learning an integral part of Mac OS X. Seasoned administrators of Mac OS X, Windows, and UNIX will find this book extremely helpful in integrating their various systems to work in tandem. Before undertaking the lessons in this book, you should have experience in the following areas: Apple Certified Technical Coordinator (ACTC) certification or equivalent knowledge Network and Internet topical knowledge Understanding of the purpose, function, and use of basic IP networking, including IP addresses, subnet masks, ports, and protocols Familiarity with the command line and Secure Shell Protocol (SSH)
Hardware Requirements It is not necessary to have computers set up for this reference guide, although basic configuration requirements are listed in this section for readers who want to locate files, attempt commands, and adjust settings based on the lessons in this book. In order to follow along, you are expected to network your computers and provide basic services without prior instruction. To complete the lessons in this book, you will need at least two Macintosh computersone with Mac OS X v10.4 installed and one with Mac OS X Server v10.4and network cables and a switch to keep them connected via a small private local network. It may be helpful to have a third Mac OS X computer to test images and software created during the first half of this book. Before you set up Mac OS X and Mac OS X Server, you'll want to keep in mind that you should have temporary Internet access to download and install all necessary software updates using the Software Update mechanism in Mac OS X. You will also need the following items, freely downloadable from Apple or on the Mac OS X/Mac OS X Server CD or DVD: Server Admin Tools package Developer Tools (Xcode) package Latest Mac OS X Server Combo Update package
Set Up Your Client Computer In this exercise, you will ensure that your Mac OS X computer is properly configured. 1. | Do an erase and install of Mac OS X, if this is a computer that can have all of the data on it erased. DO NOT ERASE a disk with data you wish to keep!
| 2. | If this is a portable computer, ensure that the power cable is connected.
| 3. | In the Welcome window, select your country of choice and click Continue.
| 4. | In the Do You Already Own a Mac? window, select "Do not transfer my information" and click Continue.
| | | 5. | In the Select Your Keyboard window, make a selection and click Continue.
| 6. | In the Enter Your Apple ID window, leave the Apple ID and Password fields blank and click Continue.
| 7. | In the Registration Information window, press Command-Q and skip the registration process.
| 8. | In the "You have not finished setting up Mac OS X" dialog, click Skip.
You do not need to register with Apple for this book.
| 9. | In the Create Your Account window, enter the following information:
- Name: Apple Admin
- Short Name: apple
- Password: apple
Using the same word for the user name and password does not follow best practices. Because you will be using many different accounts and passwords throughout the book, the exercises use simple, easy-to-recall passwords.
| 10. | Click Continue.
| 11. | In the Select Time Zone window, click your time zone on the map, and then click Continue.
| 12. | In the Set the Date and Time window, reset the time and date if either one is incorrect, and then click Save.
| 13. | Click Continue.
| 14. | In the Don't Forget to Register window, click Done.
The Setup Assistant will quit, and the Finder will open.
At this point, your computer should be configured only with an administrator's name and password and basic settings such as date, time, and keyboard settings. Do not configure any network settings.
|
Configure Preference Settings and Update Software Because you will be using multiple user accounts, you need to disable automatic login. 1. | Open the Accounts pane of System Preferences.
| 2. | Click the Lock button and authenticate as Apple Admin.
| 3. | Click Login Options.
| 4. | Deselect the "Automatically log in as" checkbox.
Disabling automatic login is a basic security measure. If your computer logs in automatically, any person who starts the computer can access your files.
| 5. | Select "Name and password" for "Display Login Window as."
| 6. | Select the "Enable fast user switching" checkbox.
| 7. | In the Warning sheet, click OK.
During certain exercises, you will need to quickly switch between different user accounts. With Fast User Switching enabled, you will be able to log in a new user without having to log out the current user.
| 8. | Click the Show All button to return to all System Preferences.
| 9. | Open the Date & Time pane of System Preferences.
| 10. | Deselect the checkbox for "Set date & time automatically" if it's selected.
| 11. | Click the Show All button to return to all System Preferences.
| 12. | Open the Network pane of System Preferences.
| | | 13. | From the Show pop-up menu, choose Network Port Configurations.
| 14. | Turn off all Port Configurations except Built-in Ethernet.
This will ensure that you are not inadvertently connecting to a network other than the private network you are creating.
| 15. | Click Apply Now.
| 16. | Click the Show All button to return to all System Preferences.
| 17. | Open the Sharing pane of System Preferences.
| 18. | In the Computer Name field, enter DS Client and press the Tab key.
| 19. | Quit System Preferences.
| 20. | Temporarily connect to the Internet and run Software Update repeatedly to obtain all current software updates.
| 21. | Download and install Server Admin Tools, if you do not already have them, from Apple's support site (www.apple.com/support).
| 22. | Insert the Mac OS X v10.4 DVD and install the Developer Tools.
| 23. | Install Remote Desktop Admin software if you have purchased it from Apple.
The software is not necessary for this book but may help manage your remote server.
| 24. | Run Software Update repeatedly to update any final tools.
| 25. | Disconnect from the Internet and connect to your local private switch to ensure that you are on a private network.
|
Configure Workgroup Manager You can use Workgroup Manager in its default configuration to modify user and group records. However, in this course you will also use it to directly view and modify directory data. In order to do so, you need to enable the Inspector. 1. | Open /Applications/Server/Workgroup Manager.
Typically, Workgroup Manager is used to administer a Mac OS X Server computer. However, you can skip connecting to a server and just manage the accounts in the local NetInfo database.
| 2. | Choose Server > View Directories.
This command dismisses the Connect dialog and opens a Workgroup Manager window for the local directory.
| 3. | In the "This is not a server directory node" warning sheet, select the "Do not show this warning again" checkbox and click OK.
The purpose of this warning is to remind you that you are editing directory data on a nonMac OS X Server computer.
| 4. | Choose Workgroup Manager > Preferences.
| 5. | Select the "Show 'All Records' tab and Inspector" checkbox.
This option allows you to use Workgroup Manager to directly view and manipulate directory service data.
| 6. | Click OK.
Notice that an Inspector button (a target) has been added next to the Users, Groups, and Computers buttons on the left. The Inspector is used to modify data directly.
| 7. | In the warning sheet, click OK.
| 8. | Quit Workgroup Manager.
Workgroup Manager is now configured to allow you to view native directory data.
|
Perform the Initial Server Configuration Later on in the directory services section, you will configure Mac OS X Server to provide directory services. 1. | Do a custom erase and install of Mac OS X Server, and add the X11 package if this is a computer that can have all of the data on it erased. DO NOT ERASE a disk with data you wish to keep!
| 2. | If this is a portable computer, ensure that the power cable is connected.
| 3. | In the Welcome window, select your country of choice and click Continue.
| 4. | In the Select Your Keyboard window, make a selection and click Continue.
| 5. | In the Serial Number window, enter the serial number that came with your server software.
| 6. | In the Administrator Account pane, create an administrator account with these settings:
- Name: First Administrator
- Short Name: fadmin
- Password: fadmin
Using the same word for the user name and password does not follow best practices. Because you will be using many different accounts and passwords throughout the book, the exercises use simple, easy-to-recall passwords.
| 7. | Click Continue.
| 8. | In the Network Names pane, enter the following:
- Computer Name: C-serverbook
- Local Hostname: C-serverbook
| | | 9. | Click Continue.
In the Network Interfaces list, make sure TCP/IP is selected for the Built-in Ethernet port and that all other checkboxes are deselected, and then click Continue.
| 10. | In the TCP/IP Connection pane for Built-in Ethernet, configure your connection as follows:
- Configure IPv4: Manually
- PIP Address: 10.1.10.1
- Subnet Mask: 255.255.0.0
- Router Address: 10.1.10.1
- DNS: 10.1.10.1
- Search Domains: pretendco.com
| 11. | Click Continue.
| 12. | In the Directory Usage pane, choose Standalone Server from the "Set directory usage to" pop-up menu and click Continue.
| 13. | In the Services pane, leave all services off except Apple Remote Desktop and click Continue.
| 14. | In the Time Zone pane, select your time zone and click Continue.
| 15. | In the Network Time pane, make sure to deselect the "Use a network time server" checkbox if it's selected.
| 16. | Click Continue.
| 17. | Review your settings, make corrections if necessary, and then click Apply.
Server Assistant configures the server according to your instructions and then reboots the server.
| | | 18. | After the server reboots, log in as First Administrator (password: fadmin).
| 19. | Obtain the latest Mac OS X Server Combo update and install that update.
| 20. | Install Developer Tools from the Mac OS X Server CD or DVD.
| 21. | Open the Server Admin application located in /Applications/Server and authenticate as First Administrator.
| 22. | Select your server from the list on the left, click the Settings button, and then choose Date & Time.
| 23. | Double-check your time zone, changing it if necessary, and click Save.
| 24. | Quit Server Admin.
|
|
