Join Sean Colins for an in-depth discussion in this video A tour of the services, part of Learning OS X Server App.
Now that we've got your server set up, we're going to go through a quick tour of the available services, and I'll give you some tips along the way. To get there, we're going to go to the Go menu, and pulldown to Applications. In Applications, we'll go to Server. Double-click on it. I'm going to close the application's window in the background just so we've got a nice, clean interface to work with here in the front. And we'll start off. So, in the side bar, we have several sections. The top is sort of devoted to the server as a whole. The second one is about accounts, users and group accounts.
The third is services. These are the ones they expect you to configure and interact with frequently. And then down here under that we have a hidden area called Advanced. This has some stuff in it that is truly advanced that requires a lot of work in order to use and some other things that are just split off because they really shouldn't be turned on unless you really know what you're doing. And so it's best to sort of keep them out of the main group. Let's go up to the top and see where we can start. So up here under hardware, we've got the name of the server and it's got a cool little picture of the hardware we're running on.
We're on a Mac Mini so that's what it's showing us. Your mileage may vary, you may see a different piece of hardware there. Over here under the Overview tab, this is where you can rename your computer. using this edit button right here you can walk through changing the host name. I don't really recommend that you do this but there is a pathway that Apple has set up for you that is sanctioned, so if you do run through the process of changing your computer's name, your server's name in this case If you have a problem you can always call Apple Care and they'll know exactly what you've done and they'll be able to talk you through fixing it.
Under Settings if we click there, we have the ability to turn on Remote login via SSH and or remote desktop. We can turn on the remote use of the server app to administer the server. We can also enable Apple push notifications. This would be a great place for you to use an credit card free Apple ID if you've created one already. We can also use this Edit button over here to change the location of the Service Data. If we wanted to put all of the databases and other things that the Server's going to use on a different hard drive other than the one that we're currently booted from, We would click edit here and select a different hard drive.
We're not going to that in this case but if you wanted to, that would be perfectly fine. Under storage, we have the ability to create folders. And again, if we were using this as a remote administration application server to remotely admin a completely different computer, the ability to create new folders right here. Would be very useful. We can also edit permissions on the folders and files on the hard drive, and we can propagate permissions down through the file hierarchy once we've completed that. Over here under alerts we have the ability to view, repair, and clear alerts from the server.
We can repair damage to different things. For example, if you have a certificate that is expiring and you need to repair it, the new alert system gives you the ability, if you read the alert. To click a little button that fixes it. So easy. Great system here, and we also would configure delivery. So if we wanted to deliver via email we would setup an email address, push notifications right here, and then we would choose, which way we want to send alerts. on each of these different alert types. Under certificates, we can select the automatically generated SSL Certificate that's provided during initial setup.
This is another reason why setting our hostname is so important before we do our first run of the server app because certificates are created during that initial setup. And they are created with the fully qualified domain name of our server. If we have the wrong name and we needed to change it later on, that would create some problems for us that now we simply don't have to solve. We can also add, remove, and view all certificates, as well as purchase certificates. That we may have purchased from a trusted third party provider. Trusted third party certificates, by the way, are recommended but not required.
I'd also like to note that the default expiration time for a self-signed certificate in Maverick's Server is two years from the date of creation. You may want to put that expiration date in your calendar, so you can start preparing for the renewal of your certificate ahead of time. Under logs, we have a rich viewing, filtering, and searching environment for relevant log files for each of many different services. Those are all selectable here using the selector. It's much easier to find relevant logs than viewing in the console application.
And a useful thing to do here is to search or filter, you can do both here, on common keywords that might point out problems. Like warn, or fail, or perhaps the name of a user account that is having trouble in a related service log. Maybe someone who is having trouble accessing a file share for example. Over here in statistics, we can easily view a history of seven days or less down to an hour of usage for processor, memory, and network traffic, as is all selectable here. And we also have the addition of Bytes Served in the caching service which we'll learn about soon.
Under accounts, we have both users and groups. When you have users selected, you can add or remove users from whatever directories are available and writable to the server. Typically, this will include a local directory, which is unlabeled if it's the only one available, like ours is now, and a local network directory which will be available if you've Created one using profile manager when it automatically generates an open directory master. You may also see active directory user accounts in here if you're already bound to an active directory environment.
More on that later though. Under groups you can create groups, you can remove them, you can change access rights to entire services for the numbers of those groups. And you can put your users into groups according to what they do if those rules affect how much access they should have to the resources you provide with the server. Now, under Services, we start off with caching. Caching allows your server to download, hold, and reflect any software or books from the iTunes store or Mac App Store so those resources Including software updates to entire operating systems, only need to be downloaded once from Apple, across your Internet connection, saving time, bandwidth, and usually, money.
Under Calendars, you can use your server to host the calendars for all of your users. And under contacts, you can use your server to host server based contact directories for each of your users. But remember, they can't share contacts because there is no delegation as there is in the calendar server. Under file sharing, just as the name says, you can setup folders which contain files like documents, movies. Pictures, music, and other data and then you can grant access to those things to the users that you have setup so that they can share them.
The mail service allows you to become your own internet email provider. While compelling, unless you simply turn it on and ignore all facets of mail server administration. This is a subject that could easily be a title of its own, and as such is really beyond the scope of this class. Under messages, you can become your own internet chat server. You can host the chat messages between all of your people, and if you configure it to do so, they can even chat with other users on other services like Gmail by federating your server with those other servers.
But the messages remain archived. On your server if they're between two users that are using the same service on your server. We'll talk about that in greater detail when we get to the messages service later on. Under profile manager, when we say mobile device management or MDM, as I mentioned before, we're referring to profile manager. It has the ability to author profiles which define certain characteristics you wish to send or apply to devices like iPhones iPads and Macs, profile manager is the new management tool that has actually been around for several years but is now well developed, mature and ready to help you manage your devices.
It can also distribute and manage Apple volume purchase program or vpp purchase applications and iBooks for devices and users enrolled with your server. It's very deep, it's very cool, and I'm going to show you how to use it in the MDM chapter. Now under Time Machine, if you a give notebook, like a MacBook Air, to one of your people or even one of your kids, you're likely aware that they never back it up, right. Well, Apple provides this tool called Time Capsule to give you a place to wirelessly back up your devices. But if you haven't purchased a Time Capsule And you have an OS X Server, with this Time Machine service, you can back up all of your client computers to a disk attached to your server, and you can easily and efficiently manage those backups, and even find out when someone hasn't been backed up in awhile with a server-based notification.
It's very cool. The VPN service, provides you with secure remote access and we teach you about it in a chapter we've named Secure Remote Access. We call it that because that's what a VPN does for you. Even if everyone on your team doesn't work in the same place with you they can still use the VPN. To connect remotely and at least for their computer, it's like they're right there with you. It's extremely helpful when it comes to services like xcode that are only available to computers that are on your local area network. Next, we have in the list websites.
This is where you would configure your server to hold and serve up web pages that you may have written with Dreamweaver or some other web development tool. If your testing your company's next awesome website, this can be a great way to host the test site internally before you make it public to the world. Then again, if you apply some advanced configuration skills, you could host it for the world right from your OS 10 server. Below that we have, Wiki's. Once you set up your personal look for your page, in the Wiki, this service is the easiest way for your people to collaborate in one place, with access rights that you control.
In my company we use our OS 10 Wiki servers, for everything from a knowledge base of useful information for our technicians. To a sales customer relationship management system. We even use it as a repository for fun recipes for the holidays. You're really limited mostly by your imagination here, as it's just a fantastic way for the users you grant access to to interact with each other, collaboratively. Next in the list is our favorite new feature in OS ten server, Xcode. This service might just be the reason why you're watching this title in the first place.
The Xcode service gives every Apple software developer the equivalent of an extra person on their development team who is dedicated to making their code better. It's like your code-testing buddy. With the ability to just sit out there and test and validate your code, insuring that your apps give your users a fantastic experience the first time they open it and every time after. All right. So, what about this Advanced Section down here? Well, we start off with DHCP. This service shouldn't really be turned on. Unless you're an experienced network administrator and you're certain that this service will not disrupt your existing network.
DHCP hands out IP addresses and other network configuration information to any device that requests it on the same network. It's configuration is beyond the scope of this class, but I definitely want you to be careful here. Next we have DNS. This service is covered in our advanced network configuration chapter. It's configuration is of critical importance to the successful configuration of many services. In short a DNS server provides answers to requests from computers that know about it for the IP address is associated with names.
Like www.apple.com and store.apple.com. Essentially it connects names with numbers and numbers with names and without it, nothing on the internet would work the way we all know it should. Next, we have FTP. This file transfer service is something that a lot of people want, but really nobody with security in mind should be using, and it's all configured here. The reason why we discourage it is because there are better options available like S FTP as I mentioned in earlier places.
How SFTP is related to the SSH protocol. It's all encrypted, which is fantastic. FTP doesn't have that. FTP does not have the ability to encrypt data, and therefore your user name and your password are in the clear, it's very easy to hack, and so we really want to discourage people from using it. We won't be teaching... How to use it in this class, but I did want you to know that it's there and that's what it is. Again, if you're going to need a FTP like experience, I do recommend going with SFTP and doing that within SSH. Next we have Netinstall, if you want to make an image of your perfect Mac, with all of its licensed software already installed.
And its preference is set, and local user account's created, and printer driver's already downloaded and installed. And then take that image of your perfect Mac and like a kid playing with their favorite rubber stamp, just stamp out copies of it to computer after computer To distribute all over your company or maybe your school. Actually, it's very common in schools to find this happening. Then Netinstall is totally the service that you need. With a combination of tools, this service makes Mac deployment over a network fast and really easy. And we'll show you how to use it later on.
Next, we have open directory. Some services and some cool features available in OS ten server, requires something called a network account. Essentially, this is just a user account just like the ones you're used to, but it's located in a different place on the computer, and that makes it available for other computers on the network to use it in much the same way that they would a local account. Except that you as an administrator can change that password for that user in just one place on the server. It also affects their login every where that their server controls that they can log in with that server name and password.
I'm going to show you how to set this up for the services that needed and that will be later on in the title as well. Next we have software update. For Macs running operating systems before Mavericks there may be a need for more than just the caching server above to host updates from Apple to preserve your network bandwidth. However, because Mavericks is a free update for everyone, we decided that this service is beyond the scope of this class. However, if you need instructions on setting it up, you can just go back and watch Mac OS X Server 10.6 Essential Training, which was the last time we really covered this in depth.
The next service in our list is the Xsan service. This service allows you to set your server up to host and use the Xsan file system. I say host because this file system has to be hosted so that client computers can also use it and can access the data storage pools that are made available by the server. It's free to anyone who wishes to use it. Just basically turn it on, but it does require a fiber channel network which is a little expensive and requires some very specific equipment. The cool thing about this is it's a network storage array that behaves as if it were local to the machine that's using it.
So it gives you this really interesting hybrid of storage array that's in one location, that could be administered in one location. And accessed as if it were local from just about anywhere and it's also pretty fast. It's cool stuff. It's typically used in video editing and audio. Anything that requires a lot of storage that goes really, really fast. Unfortunately it's also very complicated and significantly outside of the scope of what we intend to cover here in this class. So that's the entire list of what we have in the sidebar. I just wanted to point out before we go that we have a couple of additional tools up here, under the Tools menu.
One of which we will definitely be using is the System Image Utility. We'll do that in conjunction with teaching net install later on because System Image Utility is how you actually create the images and work flows that create the images of your perfect Mac, as I described it. We also have the Directory Utility which allows you to see the raw data inside of the directories that hold your users and your Groups. We have screen sharing, which allows you to screen share between multiple computers. And of course, the XM Admin software, which allows you to administer that Xsan service that you're seeing below.
All right, so that's it. Let's get into the caching service as our first service that we're going to cover.
- Configuring your network
- Setting up Xcode, the developer's best friend
- Creating users and groups
- Connecting to shared folders
- Backing up clients
- Collaborating with web services
- Managing mobile devices
- Building a master image to deploy to new Macs
- Enabling a group calendar and contacts
- Keeping chats private
- Securing remote access