Arch Samba Server setup
I was hoping an experienced Arch server admin could lend a hand.
I have setup a new samba server on my LAN using Archlinux.
I have it set as a PDC; however, I get failures when trying to connect Win XP Pro clients onto the domain - "The user name could not be found."
On the client boxes, I choose System Properties > Computer Name (Tab) and try to join the domain using the Network ID Wizard and then try the "Change" button which provides a field to enter the domain name to join.
Neither of these work, but surprisingly, client boxes can access Samba server and shares by entering the domain name in the WORKGROUP field.
I tried to set the Samba server as a WINS server but it has not solved the issue.
My testparm output:
[root@a1 /]# testparm -Lv
Load smb config files from /etc/samba/smb.conf
Processing section "[mw]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
workgroup = MW
server string = A1 Server
passdb backend = tdbsam
log file = /var/log/samba.%m
max log size = 500
time server = Yes
logon path =
logon home =
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
wins server = 192.168.169.188
hosts allow = 192.168.169., 127.
hosts deny = 0.0.0.0/0
[mw]
path = /mw
read only = No
create mask = 0777
force create mode = 0777
force security mode = 0777
directory mask = 0777
force directory mode = 0777
force directory security mode = 0777
oplocks = No
level2 oplocks = No
Do I need to have Samba act as a LAN DNS Server in order to allow Win XP Pro clients onto the domain?
From reading the TOSHARG2, I didn't think it was necessary to run Named or Winbind if not attempting roaming profiles.
I use static ip addresses on my LAN.
Do I need to make a special group for the samba users in order to allow them onto the domain?
I'm trying to find an answer in the TOSHARG2 but so far I can't find a solution.
I would appreciate any suggestions to follow up on.
Thanks for reading.
Have you created machine accounts? (The ones with $ as last character)
edit: Oh and you know that you need a privileged account to join the domain, right?
Last edited by rine (2008-11-19 09:35:34)
Similar Messages
-
Most Arch like Web Server setup?
What is the most Arch like Web Server setup?
or http://www.hiawatha-webserver.org/
Fantastic small KISS web server. -
My Samba server stopped working and I have no idea why.
I set up a samba server once I got arch installed and it was working like a boss for about a month. Then one day (i think the machine may have rebooted) it just stopped working. I can't access my samba share from any of my other machines (all running Windows 7). I hadn't changed anything so I don't know what the culprit is. I did some update and looked at the smb.conf file but everything seems to be in order. I also tried to connect with smbclient from the machine itself and I get an NT_STATUS_CONNECTION_REFUSED error.
What's going on?
Here is my smb.conf
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
# For a step to step guide on installing, configuring and using samba,
# read the Samba-HOWTO-Collection. This may be obtained from:
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
# Many working examples of smb.conf files can be found in the
# Samba-Guide which is generated daily and can be downloaded from:
# http://www.samba.org/samba/docs/Samba-Guide.pdf
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#======================= Global Settings =====================================
[global]
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
workgroup = WORKGROUP
# server string is the equivalent of the NT Description field
server string = Vault Samba Server
# Security mode. Defines in which mode Samba will operate. Possible
# values are share, user, server, domain and ads. Most people will want
# user level security. See the Samba-HOWTO-Collection for details.
security = share
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.
# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
; load printers = yes
# you may wish to override the location of the printcap file
; printcap name = /etc/printcap
# on SystemV system setting printcap name to lpstat should allow
# you to automatically obtain a printer list from the SystemV spool
# system
; printcap name = lpstat
# It should not be necessary to specify the print system type unless
# it is non-standard. Currently supported print systems include:
# bsd, cups, sysv, plp, lprng, aix, hpux, qnx
; printing = cups
# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
; guest account = pcguest
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/%m.log
# Put a capping on the size of the log files (in Kb).
max log size = 50
# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
# password server = *
; password server = <NT-Server-Name>
# Use the realm option only with security = ads
# Specifies the Active Directory realm the host is part of
; realm = MY_REALM
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
; passdb backend = tdbsam
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting.
# Note: Consider carefully the location in the configuration file of
# this line. The included file is read at that point.
; include = /usr/local/samba/lib/smb.conf.%m
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
interfaces = 192.168.1.109
# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
; local master = no
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
; os level = 33
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
; domain master = yes
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
; preferred master = yes
# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
; domain logons = yes
# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
; logon script = %m.bat
# run a specific logon batch file per username
; logon script = %U.bat
# Where to store roving profiles (only for Win95 and WinNT)
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
dns proxy = no
# These scripts are used on a domain controller or stand-alone
# machine to add or delete corresponding unix accounts
; add user script = /usr/sbin/useradd %u
; add group script = /usr/sbin/groupadd %g
; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
; delete user script = /usr/sbin/userdel %u
; delete user from group script = /usr/sbin/deluser %u %g
; delete group script = /usr/sbin/groupdel %g
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
;[printers]
; comment = All Printers
; path = /var/spool/samba
; browseable = no
;# Set public = yes to allow user 'guest account' to print
; guest ok = no
; writable = no
; printable = yes
[proraid]
comment = ProRaid Share
path = /proraid
public = yes
available = yes
brosable = yes
read only = no
writable = yes
# This one is useful for people to share files
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
;[public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = no
; printable = no
; write list = @staff
# Other examples.
# A private printer, usable only by fred. Spool data will be placed in fred's
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /homes/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
# A private directory, usable only by fred. Note that fred requires write
# access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
# also use the %U option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/pc/%m
; public = no
; writable = yes
# A publicly accessible directory, read/write to all users. Note that all files
# created in the directory by users will be owned by the default user, so
# any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of course
# be specified, in which case all files would be owned by that user instead.
;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no
# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765Hi,
My thought is to check the current IP of the server, as your smb.conf has the line interfaces = 192.168.1.109 which means samba will only listen on that interface for requests. If the IP of the server has changed, that would explain why samba isn't working. -
Arch Samba - Windows 2008 Domain
I have made the thread bellow thinking i solve my problem giving access on FTMG...but unfortunately nope...
https://bbs.archlinux.org/viewtopic.php?id=107350
My Situation:
3 Servers on Windows 2008 Domain (Example: 192.168.1.1 / 2 / 3)
1.1 - DC
1.2 - Exchange
1.3 - ISA FTMG (Gateway to all servers)
1 Arch Server for Backup (Samba Share PUBLIC) - 192.168.1.4
And my problem is annoying at least, i go to one of my windows 2008 servers and push on explorer \\192.168.1.4\Backup and sometimes fully work without any problem... and another times (let's say 5 minutes after i push again) and:
Network path could not be found
or
xx.xx.xx.xx is not setup to establish a connection on port "File and Print Sharing (SMB)"
BUT FROM THIS WINDOWS 2008 SERVER IT PINGS 192.168.1.4
AND
TRACERT GO DIRECTLY TO 192.168.1.4
And if i try and try eventually it will work again.....can't damn understand what's going on with this.....
On ISA I gave FULL ACCESS to my servers to go where the hell they want and even so......
Thanks in advance for all the help....yep i need it.
SniffKimTjik wrote:
I'm sorry I didn't know that this wasn't covered in the Wiki. When I get some time I'll probably add something about. No neither of those links are correct. You already have one DC, a native Windows server, and the second one isn't necessary (you don't need to join the whole Linux workstation to the domain, just the Samba service; the Samba service will with hostname be recognized as a stand-alone server).
In lack of an appropriate Wiki entry Samba's own How-to is better: http://www.samba.org/samba/docs/man/Sam … ember.html
Look for this section: "Joining an NT4-type Domain with Samba-3"
Even that How-to might be confusing since it covers all kinds of configurations at the same time. What you need, as far as I can understand your description, is only what's written in that section.
Start with the strings in smb.conf for domain, password server (in your case probably the DC itself) and security set to domain. Restart samba and the you need to know an administrator account (user and password) and fill it in to the command example shown, e g "net rpc join -S DOMPDC -UAdministrator%password". If everything works you should get confirmation about it. You could also double-check the AD on the DC and see if the Samba server is added.
See if you get this to work.
OK, sorry for the delay in my answer but i was traveling and couldn't test the above in the production environment.
I have add the backup server to the domain successfully but that was not the problem.
Now i have full details and maybe you could give your opinion:
FTMG (Forefront Threat Management Gateway)
SWITCH LAYER 3
SERVER BACKUP----------------------SERVERDC---------------------------SERVEREXCHANGE
THE PROBLEM is that if the DC have a share or exchange, everything works ok \\dc or \\exchange, but if you try to connect to the share archserver the connection drop quite often \\archserver
WHY? Because after some trace in FTMG, the microsoft firewall consider that the archserver is doing spoofing, yes is on the same network as all servers, same domain as above help, trusted...etc.
SOLUTION? First i give permissions on the firewall to the archserver (ALLOW ALL /PROTOCOLS ETC), but even so the FTMG was intercepting all the requests to the archserver and still consider him spoofing...odd enough no??!! By the way the FTMG Server control all network, is the gateway to all servers and switching.
Are you thinking to change the gateway to archserver or just don't put any....yep same result, FTMG catch archserver still.
I gave up and come with my actual solution (VLAN or BACKUP NETWORK), all servers with a extra ethernet card dedicated to the backup network or vlan just to backup without the firewall going there to trace anything.
And that's it....
But my question to you all is, everytime that we have a linux server (share) together with FTMG in same network do you have the same result, it seems to me like FTMG have something like: IT'S LINUX / GET BLOCKED.
Thanks for your help and patience regarding my answer.
TD (Sniffer) -
Map linux shared folders to Z drive in Windows Client. Unable to login through Samba Server
Hi,
I am trying to map my linux machine to a network drive Z in Windows 7 . I added user guid in smbusers and created a password for this user through smbpasswd . Started Samba server on linuc, but when trying to create a network drive, it is asking for the login. I used credentials as GUID/<CREATEDPWD> . Not able to login with these credentials. Am I missing something. My Domain is ORADEV. I attached related files smb.conf,lmhosts,smbusers files. Please let me know if i am not configuring samba server correctly.
Here is the sm.conf file Details :
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#======================= Global Settings =====================================
[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = ORADEV
# server string is the equivalent of the NT Description field
server string = %L (ST Samba Host), RedHat AS %v
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.
# if you want to automatically load your printer list rather
# than setting them up individually then you'll need this
# printcap name = /etc/printcap
# load printers = yes
# It should not be necessary to spell out the print system type unless
# yours is non-standard. Currently supported print systems include:
# bsd, sysv, plp, lprng, aix, hpux, qnx
# printing = lprng
# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
guest account = adoddi
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/%m.log
# Put a capping on the size of the log files (in Kb).
max log size = 0
# Security mode. Most people will want user level security. See
# security_level.txt for details.
security = server
# Use password server option only with security = server
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
password server = *
password server =Samba Server
# Password Level allows matching of _n_ characters of the password for
# all combinations of upper and lower case.
; password level = 8
; username level = 8
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
# The following is needed to keep smbclient from spouting spurious errors
# when Samba is built with support for SSL.
; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt
# The following are needed to allow password changing from Windows to
# update the Linux sytsem password also.
# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.
# NOTE2: You do NOT need these to allow workstations to change only
# the encrypted SMB passwords. They allow the Unix password
# to be kept in sync with the SMB password.
; unix password sync = Yes
; passwd program = /usr/bin/passwd %u
; passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
# Unix users can map to different SMB User names
; username map = /etc/samba/smbusers
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
; include = /etc/samba/smb.conf.%m
# This parameter will control whether or not Samba should obey PAM's
# account and session management directives. The default behavior is
# to use PAM for clear text authentication only and to ignore any
# account or session management. Note that Samba always ignores PAM
# for authentication in the case of encrypt passwords = yes
; obey pam restrictions = yes
# Most people will find that this option gives better performance.
# See speed.txt and the manual pages for details
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24
# Configure remote browse list synchronisation here
# request announcement to, or browse list sync from:
# a specific host or from / to a whole subnet (see below)
; remote browse sync = 192.168.3.25 192.168.5.255
# Cause this host to announce itself to local subnets here
; remote announce = 192.168.1.255 192.168.2.44
# Browser Control Options:
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
local master = no
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
; os level = 33
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
domain master = no
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
preferred master = no
# Enable this if you want Samba to be a domain logon server for
# Windows95 workstations.
; domain logons = yes
# if you enable domain logons then you may want a per-machine or
# per user logon script
# run a specific logon batch file per workstation (machine)
; logon script = %m.bat
# run a specific logon batch file per username
; logon script = %U.bat
# Where to store roving profiles (only for Win95 and WinNT)
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
wins server = 130.35.62.34
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The built-in default for versions 1.9.17 is yes,
# this has been changed in version 1.9.18 to no.
dns proxy = no
# Case Preservation can be handy - system default is _no_
# NOTE: These can be set on a per share basis
; preserve case = no
; short preserve case = no
# Default case is normally upper case for all DOS files
; default case = lower
# Be very careful with case sensitivity - it can break things!
; case sensitive = no
#============================ Share Definitions ==============================
# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
# also use the %U option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
[ade]
comment = ADE Directory
path = /ade_global/
public = no
writable = yes
[homes]
comment = Home Directories (UNIX Home Dirs auto_home)
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
# If you want users samba doesn't recognize to be mapped to a guest user
map to guest = bad user
security = user
# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
#[printers]
# comment = All Printers
# path = /var/spool/samba
# browseable = no
# Set public = yes to allow user 'guest account' to print
# guest ok = no
# writable = no
# printable = yes
# This one is useful for people to share files
[tmp]
comment = Temporary file space on %L
path = /tmp
read only = no
public = yes
# This is for the /private dir
[private]
comment = /private file space on %L
path = /private
read only = no
public = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
;[public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = @staff
# Other examples.
# A private printer, usable only by fred. Spool data will be placed in fred's
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /home/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
# A private directory, usable only by fred. Note that fred requires write
# access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
# A publicly accessible directory, read/write to all users. Note that all files
# created in the directory by users will be owned by the default user, so
# any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of course
# be specified, in which case all files would be owned by that user instead.
[public]
path =: /usr/somewhere/else/public
public = yes
only guest = yes
writable = yes
printable = no
# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765
Here is the smbusers file : adoddi is my GUID
# Unix_name = SMB_name1 SMB_name2 ...
root = administrator admin
nobody = guest pcguest smbguest
adoddi = adoddi
lcmHosts File :
127.0.0.1 localhostHi,
To clarify a couple of things:
1- "reverse-route" does not have anything to do with this issue, the problem relies on the Windows 7 machine.
2- Do you connect with an Admin account (Windows admin)?
3- Do you run the VPN client as an administrator?
4- Have you tried to disable any AV or software protection on the machine (just for testing).?
Let me know.
Portu.
Please rate any helpul posts
Message was edited by: Javier Portuguez -
Sane virtual mail server setup?
I'm giving up. I want a simple mail server setup (imaps, pop3s, smtps) with virtual user support that I can comfortably configure from the web (PostfixAdmin, web-cyradm, courier-web). I want to manage multiple users on multiple domains. It appears that the task I want to accomplish is insanely complex for some reason. I'd like to use as few different software packages as possible.
I can't find a simple and sane tutorial on the topic and I don't even care what software is going to be used. Of course, I did search and play around with the config for hours but to no avail. The tutorials in the Arch wiki are no good either, they are either outdated or do not allow me to do web configuration.
Help me out here, please.It's always good to have alternatives, but out of curiousity, did you not try the courier-mta wiki? I used that wiki guide recently and it had me running with a system like what you describe without too much fuss. The only stuff I haven't tried/used is web-based administration or mail access; perhaps this was the problem for you?
-
hi,
I install Occas on OS win7 64bit, jdk 1.6.0.45.
I got the following error message while I start Occas server:
because error occurs when parsing sip related annotations of "testservicecomplexobject-application"
WLST-WLS-1396579151484: com.bea.wcp.sip.engine.server.setup.SipAnnotationParsingException
at com.bea.wcp.sip.engine.server.setup.SipAnnotationData.<init><SipAnnotationData.java:155>
Also, when I deploy a sip servlet package(sar) to the Occas server, after deploy finish, at the deployment manager page,
health term is none.
and also I found many error info in AdminServer/logs/domain.log as below blue font:
####<Apr 4, 2014 11:09:21 AM CST> <Error> <WLSS.Setup> <E76C3BE51B4188> <AdminServer> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1396580961513> <BEA-331210> <Skip SIP related logic, because error occurs when parsing sip related annotations of "b2bua-sip-servlet-1.0.0-SNAPSHOT"
com.bea.wcp.sip.engine.server.setup.SipAnnotationParsingException:
at com.bea.wcp.sip.engine.server.setup.SipAnnotationData.<init>(SipAnnotationData.java:155)
at com.bea.wcp.sip.util.DeploymentUtil.getOrCreateAnnotationData(DeploymentUtil.java:74)
at com.bea.wcp.sip.util.DeploymentUtil.getAnnotationData(DeploymentUtil.java:89)
at com.bea.wcp.sip.engine.server.SipServerTailModule$1.visit(SipServerTailModule.java:129)
at com.bea.wcp.sip.engine.server.SipServerTailModule.visitAllContexts(SipServerTailModule.java:112)
at com.bea.wcp.sip.engine.server.SipServerTailModule.initialize(SipServerTailModule.java:137)
at com.bea.wcp.sip.engine.server.SipServerTailModule.prepare(SipServerTailModule.java:69)
at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:507)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:41)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:149)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:1221)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:41)
at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:367)
at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.createAndPrepareContainer(ActivateOperation.java:207)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doPrepare(ActivateOperation.java:98)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.prepare(AbstractOperation.java:217)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentPrepare(DeploymentManager.java:747)
at weblogic.deploy.internal.targetserver.DeploymentManager.prepareDeploymentList(DeploymentManager.java:1216)
at weblogic.deploy.internal.targetserver.DeploymentManager.handlePrepare(DeploymentManager.java:250)
at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.prepare(DeploymentServiceDispatcher.java:159)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doPrepareCallback(DeploymentReceiverCallbackDeliverer.java:171)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$000(DeploymentReceiverCallbackDeliverer.java:13)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$1.run(DeploymentReceiverCallbackDeliverer.java:46)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused By: java.lang.LinkageError: loader constraint violation: when resolving overridden method "antlr.debug.LLkDebuggingParser.removeMessageListener(Lantlr/debug/MessageListener;)V" the class loader (instance of weblogic/utils/classloaders/ChangeAwareClassLoader) of the current class, antlr/debug/LLkDebuggingParser, and its superclass loader (instance of sun/misc/Launcher$AppClassLoader), have different Class objects for the type antlr/debug/MessageListener used in the signature
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Class.java:2436)
at java.lang.Class.privateGetPublicMethods(Class.java:2556)
at java.lang.Class.getMethods(Class.java:1412)
at com.bea.wcp.sip.engine.server.setup.SipAnnotationData.classAnnotationParsing(SipAnnotationData.java:344)
at com.bea.wcp.sip.engine.server.setup.SipAnnotationData.jarAnnotationParsing(SipAnnotationData.java:288)
at com.bea.wcp.sip.engine.server.setup.SipAnnotationData.annotationParsing(SipAnnotationData.java:223)
at com.bea.wcp.sip.engine.server.setup.SipAnnotationData.<init>(SipAnnotationData.java:144)
at com.bea.wcp.sip.util.DeploymentUtil.getOrCreateAnnotationData(DeploymentUtil.java:74)
at com.bea.wcp.sip.util.DeploymentUtil.getAnnotationData(DeploymentUtil.java:89)
at com.bea.wcp.sip.engine.server.SipServerTailModule$1.visit(SipServerTailModule.java:129)
at com.bea.wcp.sip.engine.server.SipServerTailModule.visitAllContexts(SipServerTailModule.java:112)
at com.bea.wcp.sip.engine.server.SipServerTailModule.initialize(SipServerTailModule.java:137)
at com.bea.wcp.sip.engine.server.SipServerTailModule.prepare(SipServerTailModule.java:69)
at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:507)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:41)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:149)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:1221)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:41)
at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:367)
at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.createAndPrepareContainer(ActivateOperation.java:207)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doPrepare(ActivateOperation.java:98)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.prepare(AbstractOperation.java:217)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentPrepare(DeploymentManager.java:747)
at weblogic.deploy.internal.targetserver.DeploymentManager.prepareDeploymentList(DeploymentManager.java:1216)
at weblogic.deploy.internal.targetserver.DeploymentManager.handlePrepare(DeploymentManager.java:250)
at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.prepare(DeploymentServiceDispatcher.java:159)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doPrepareCallback(DeploymentReceiverCallbackDeliverer.java:171)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$000(DeploymentReceiverCallbackDeliverer.java:13)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$1.run(DeploymentReceiverCallbackDeliverer.java:46)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
####<Apr 4, 2014 11:09:21 AM CST> <Error> <WLSS.Engine> <E76C3BE51B4188> <AdminServer> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1396580961523> <BEA-330004> <Failed to deploy SIP application "b2bua-sip-servlet-1.0.0-SNAPSHOT"
java.lang.NullPointerException
at com.bea.wcp.sip.engine.server.setup.SipDeploymentDescriptor.<init>(SipDeploymentDescriptor.java:285)
at com.bea.wcp.sip.engine.server.setup.SipDeploymentDescriptor.parse(SipDeploymentDescriptor.java:148)
at com.bea.wcp.sip.engine.server.CanaryContext.initContext(CanaryContext.java:396)
at com.bea.wcp.sip.engine.server.CanaryContext.<init>(CanaryContext.java:334)
at com.bea.wcp.sip.engine.server.CanaryServer.installContext(CanaryServer.java:1001)
at com.bea.wcp.sip.engine.server.SipService.setupSipServletContext(SipService.java:126)
at com.bea.wcp.sip.engine.server.SipServerTailModule$1.visit(SipServerTailModule.java:130)
at com.bea.wcp.sip.engine.server.SipServerTailModule.visitAllContexts(SipServerTailModule.java:112)
at com.bea.wcp.sip.engine.server.SipServerTailModule.initialize(SipServerTailModule.java:137)
at com.bea.wcp.sip.engine.server.SipServerTailModule.prepare(SipServerTailModule.java:69)
at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:507)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:41)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:149)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:1221)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:41)
at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:367)
at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.createAndPrepareContainer(ActivateOperation.java:207)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doPrepare(ActivateOperation.java:98)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.prepare(AbstractOperation.java:217)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentPrepare(DeploymentManager.java:747)
at weblogic.deploy.internal.targetserver.DeploymentManager.prepareDeploymentList(DeploymentManager.java:1216)
at weblogic.deploy.internal.targetserver.DeploymentManager.handlePrepare(DeploymentManager.java:250)
at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.prepare(DeploymentServiceDispatcher.java:159)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doPrepareCallback(DeploymentReceiverCallbackDeliverer.java:171)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$000(DeploymentReceiverCallbackDeliverer.java:13)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$1.run(DeploymentReceiverCallbackDeliverer.java:46)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Can anyone give some suggession?
Thanks in advance!
BR//MarginHi,
I changed my jvm from sun jdk to latest jrockit and the issue was solved :) -
Using the AUSST tool to set up a remote update server on Windows Server 2012R2 which is IIS 8.5.
Working through this document: http://helpx.adobe.com/creative-cloud/packager/update-server-setup-tool.html#Preparing a web server to use as the update server
Have reached the point where it says "Add the httpHandles for the zip, xml, crl, dmg, and sig extension in the web.config file as shown here:"
I have added the lines specified to the web.config file, here is the complete file:
configuration>
<system.web>
<compilation targetFramework="4.5" />
<membership>
<providers>
<add name="WebAdminMembershipProvider" type="System.Web.Administration.WebAdminMembershipProvider" />
</providers>
</membership>
<httpModules>
<add name="WebAdminModule" type="System.Web.Administration.WebAdminModule"/>
</httpModules>
<authentication mode="Windows"/>
<authorization>
<deny users="?"/>
</authorization>
<identity impersonate="true"/>
<trust level="Full"/>
<pages validateRequest="true"/>
<globalization uiCulture="auto:en-US" />
<httphandlers>
<add path="*.zip" verb="*" type="system.web.staticfilehandler" />
<add path="*.xml" verb="*" type="system.web.staticfilehandler" />
<add path="*.crl" verb="*" type="system.web.staticfilehandler" />
<add path="*.dmg" verb="*" type="system.web.staticfilehandler" />
<add path="*.sig" verb="*" type="system.web.staticfilehandler" />
</httphandlers>
</system.web>
<system.webServer>
<modules>
<add name="WebAdminModule" type="System.Web.Administration.WebAdminModule" preCondition="managedHandler" />
</modules>
<validation validateIntegratedModeConfiguration="false" />
</system.webServer>
</configuration>
But when I try to access the web site I get this: " The configuration section 'httphandlers' cannot be read because it is missing a section declaration "
Clearly I am a newbie in IIS (and indeed on Web Development of any sort).
Could someone please point out the no-doubt-obvious mistake?
Thanks.I'm on 2012 R2 too.
ISAPI Module is not available by default. Choose to add ISAPI features (and Server Side Includes) using the Server Manager, Add Roles and Features, Web Server, Web Server, Application Development. I chose both ISAPI options as well as Server Side Includes - not sure which is needed.
Added Server Side Includes (as well as the ISAPI .xml .crl .zip .dmg .sig ) entries in Add Module Mappings (as per https://forums.adobe.com/thread/951308?tstart=0)
My HTTP Handlers section is as follows:
<httpHandlers>
<add path="*.xml" verb="*" type="System.Web.StaticFileHandler"/>
<add path="*.crl" verb="*" type="System.Web.StaticFileHandler"/>
<add path="*.zip" verb="*" type="System.Web.StaticFileHandler"/>
<add path="*.dmg" verb="*" type="System.Web.StaticFileHandler"/>
<add path="*.sig" verb="*" type="System.Web.StaticFileHandler"/>
<add verb="*" path="*.rules" type="System.Web.HttpForbiddenHandler" validate="true"/>
<add verb="*" path="*.xoml" type="System.ServiceModel.Activation.HttpHandler, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" validate="false"/>
<add path="*.svc" verb="*" type="System.ServiceModel.Activation.HttpHandler, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" validate="false"/>
<add path="trace.axd" verb="*" type="System.Web.Handlers.TraceHandler" validate="True"/>
<add path="WebResource.axd" verb="GET" type="System.Web.Handlers.AssemblyResourceLoader" validate="True"/>
<add path="*.axd" verb="*" type="System.Web.HttpNotFoundHandler" validate="True"/>
<add path="*.aspx" verb="*" type="System.Web.UI.PageHandlerFactory" validate="True"/>
<add path="*.ashx" verb="*" type="System.Web.UI.SimpleHandlerFactory" validate="True"/>
<add path="*.asmx" verb="*" type="System.Web.Services.Protocols.WebServiceHandlerFactory, System.Web.Services, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" validate="False"/>
<add path="*.rem" verb="*" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory, System.Runtime.Remoting, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" validate="False"/>
<add path="*.soap" verb="*" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory, System.Runtime.Remoting, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" validate="False"/>
<add path="*.asax" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.ascx" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.master" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.skin" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.browser" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.sitemap" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.dll.config" verb="GET,HEAD" type="System.Web.StaticFileHandler" validate="True"/>
<add path="*.exe.config" verb="GET,HEAD" type="System.Web.StaticFileHandler" validate="True"/>
<add path="*.config" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.cs" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.csproj" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.vb" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.vbproj" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.webinfo" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.licx" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.resx" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.resources" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.mdb" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.vjsproj" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.java" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.jsl" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.ldb" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.ad" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.dd" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.ldd" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.sd" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.cd" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.adprototype" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.lddprototype" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.sdm" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.sdmDocument" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.mdf" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.ldf" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.exclude" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*.refresh" verb="*" type="System.Web.HttpForbiddenHandler" validate="True"/>
<add path="*" verb="GET,HEAD,POST" type="System.Web.DefaultHttpHandler" validate="True"/>
<add path="*" verb="*" type="System.Web.HttpMethodNotAllowedHandler" validate="True"/>
</httpHandlers>
You should be able to get a web page with "0001" printed on it when you access your servers website from another PC.
I used the default paths so this was my URL:
http://server.ucd.ie/Adobe/CS/webfeed/oobe/aam20/win/updaterfeed.xml -
10.5.1 Server Setup - Help Make it all Work!
Hello Everyone, I currently have a new MacMini running 10.5.1 with our Calendar, Wiki and File Sharing. I have recently just returned from the Mac OS 10.5 Training Session from Chicago Columbia College and was astonished at what their demo servers did versus what mine has never done lol. We are a small tech company and there isn't much yet in the way of documentation or training or even training materials for Leopard Server. So I wanted to share some of what we learned from the training seminar and hopefully someone will know the proper answers to my questions. This is going to be a bit long winded but I think it's important to convey my questions/concerns.
1. Ok initial setup of our Leopard server requires you to input a host name and then the domain name. Well after the first install of Leopard we found as I have read amongst the posts for the past 2 hours that if you place let's say macmini in the host-name field then place domain.com in the domain field. After the server setup is complete Leopard Server wants you to chat, vpn, and browse to http://macmini.domain.com/groups as well as mail. This is all well and good if you have access to DNS like I do and can easily make changes to the MX & A records but if your a typical SMB user then you won't and this means that once your e-mail is setup and your ready to start using your server anyone you e-mail will come from [email protected] and not [email protected] which is a huge problem. So be cautious here. I was instructed by Apple after scratching their head to leave the host-name blank and only fill in the domain name here if your on let's say a T1 or other medium with a static IP pointed at your machine or router. So this is my first pet peve, there is a sloppy work around to this by telling the server to receive e-mail for domain.com as well but still whenever you send it comes from the original domain.
2. Application Setup - Single Sign-on - When I attended Leopard training this week in Chicago I was amazed at how whenever a user (demo -lab environment) logged into ichat, ical, wiki or e-mail there was simple single sign-on kerberos auth. What I mean by this is once the server is up and running and your Mac connects to the network for the first time either by manual add thru the directory application or a new Mac that finds the Leopard server automatically at first boot and you auth a user on the server to that Mac then there is just a single signon from that point on, NOT! For us our users log into their machines, (mind u they are already users on the Leopard server and can log in just fine) and they try to go to their e-mail for the first time it always fails. We then have to disable SSL over SMTP and IMAP and manually type in their passwords because the MacMail clients cannot trust the SSL cert or we simply just delete their accounts and recreate them from scratch. Same happens with iChat. By design when you auth your Mac against the server, the server auto configs the security and client apps, i.e. mail, ichat, directory, VPN, ical. But iCal has consistently failed setup across 5 server builds and 10 clients. What will happen is when you go to prefs in ichat you see your account but it can't auth you and doesn't show up in ical for your personal server calendar. If you manually remove your user account and re-add it works great. But next time you go to ichat, once again you have to recreate. And I can recreate this all day long. But at the demo it worked like magic. So that is problem number two, SSL and single sign-on does not really work and app auto-config does not work at all.
3. Apple Airport Extreme 802.11N. - As a test and per Apple's recommendation for SMB clients we picked up a new Airport. We patched it and setup user/pass info and setup DHCP on the device for so if server fails we have internet. And during server setup it logged into Airport and tried to configure settings. We were on the net and all was good after server setup. However with VPN enabled per user in Standard mode on server we have only been able to gain VPN access for clients if they are actually inside the network. I have spent about 10 hours back and forth with Apple Support trying to get VPN to work outside. The Manual setup of new Airport Port-Mapping is simple but crude. It does not seem to work. And there is a default hosts setting which should translate to an open DMZ but does not. So that is third on my list, running a MacMini with 2gig's of RAM which is within SPEC for Leopard Server and using the Apple Recommended solution of an Airport Extreme N does not work for s&*% and I would be very surprised if anyone here has gotten that to work.
4. E-Mail Services - As stated prior Leopards auto app setup utility does not work for crap unless by some magic there are other steps besides the ones outlined and printed with the purchase of server. But the main thing about mail is that we are missing the basics. I mean your going to be hard pressed to find ANY e-mail application on the market today, Notes, Exchange, Gmail, Hotmail, Yahoo, iMail or other that does not include basic vacation/out of the office message replies. This is a huge issue for any small business or for that matter any size business that wants to automate things when they are out and I think this is one of my small peeves but certainly worth a listing here.
5. VPN - We have tried like **** to get the VPN to work thru the Airport as previously noted but we have also connected MacPro with 2 nics, one for net and one for LAN and not been able to connect to the server from outside our network. Here is my largest frustration, we currently run SBS2003 from MSFT and they run flawlessly. I have literally sat with clients in their office during a new setup for SBS and in 3-4 hours we were up and running with minimal system level changes from the guided path. And for Apple to advertise this in the manual and all online materials as being SMB friendly is a complete slap in the face. Now don't confuse my above descriptions of problems we have seen across 5 Leopard builds as being a rant because it's not but seriously I am a network engineer with 10 years in the field working with 20+ product ranges and in our office we only use Mac because of stability and uptime. But OS X 10.5 is not Small Business Friendly at all even with the half hearted attempt at the new System Admin console for SMB users. However that being said I will still push on and try to get all these little bugs worked out and what I would really like to see is some feedback on my issues and I would love to know if anyone else has had similar issues. I really had hoped that 10.5 could help my firm finally push the proper solution (Mac OS X) for our SMB clients but it just isn't there yet.
Cheers,
DMThanks for the quick read and response. Do you feel the issue might lie with the fact that it is a Mac Mini? And possibly just not powerful enough to run Leopard Server? I have to say in our trials with MacPro it was like night and day as to how they performed. And if you could elaborate on this "Many VPNs don't play well with NAT so your VPN server should have a direct connection to the public network (preferably firewalled, of course, but not NATted)." Most every SoHo and for that matter uses simple NAT translation for security even our multi thousand dollar Cisco PIX and ASA's are basic NAT devices to start with. How would you put the VPN on public net while keeping the attack surface low for the rest of the services like file, web, mail and print?
Don't get me wrong I want this to work more than you can imagine. We are so tired of supporting MSFT technologies that cost thousands a year in antivirus, antispyware, antispam and other malware protection for the enterprise. We know that Leopard has great potential but for an integrator, getting this system up and functional is not an easy task. And the worst part of it is every time we have called for support the tech always lets out a sigh when they hear we have run standard setup because they are not allowed to walk us thru the server console to make repairs. And have been told by 3 techs so far that this is a new product and the support avenues are not there for standard since it just supposed to work out of the box. But when it doesn't then ohh well. Which is sorta sad...
DM -
hi..what settings work on iphone 4 - lineone mail server setup.. have tried Tiscali recommendations, which aren't biong picked up..nightmare..!
Used Imap, Pop mail..!Thanks for the quick read and response. Do you feel the issue might lie with the fact that it is a Mac Mini? And possibly just not powerful enough to run Leopard Server? I have to say in our trials with MacPro it was like night and day as to how they performed. And if you could elaborate on this "Many VPNs don't play well with NAT so your VPN server should have a direct connection to the public network (preferably firewalled, of course, but not NATted)." Most every SoHo and for that matter uses simple NAT translation for security even our multi thousand dollar Cisco PIX and ASA's are basic NAT devices to start with. How would you put the VPN on public net while keeping the attack surface low for the rest of the services like file, web, mail and print?
Don't get me wrong I want this to work more than you can imagine. We are so tired of supporting MSFT technologies that cost thousands a year in antivirus, antispyware, antispam and other malware protection for the enterprise. We know that Leopard has great potential but for an integrator, getting this system up and functional is not an easy task. And the worst part of it is every time we have called for support the tech always lets out a sigh when they hear we have run standard setup because they are not allowed to walk us thru the server console to make repairs. And have been told by 3 techs so far that this is a new product and the support avenues are not there for standard since it just supposed to work out of the box. But when it doesn't then ohh well. Which is sorta sad...
DM -
Foe Windows 8.1 - Outlook mail: what is the server setup for iCloud mail?
Why ask under appletv security content?
http://support.apple.com/kb/ht4864 -
Mail Server setup - EM 10.2.0.1.0
On Mail Server setup (EM 10.2.0.1.0) doesn't exists the options to set the User Name and Password, for authentication.
How do I configure a user authentication for the SMTP server?You have to provide valid values for only the follwing two fields:
1 Outgoing Mail (SMTP) Server
2 and Sender's E-mail Address
Optionally you cand enter something in the Identify Sender As that will be used in the email body as an alias for the email address.
It should work. I tested this a few moments earlier. -
Server Setup advice for a video production house
Hello Forum,
I recently started working for a small video production company, I need advice on the type of server and other hardware and services that will allow my co-workers to work efficiently. Here are some details:
Currently we are going to buy a new server, I am not sure what we should look at getting,
currently we use a mini mac running OSX server and have 6 iMacs that the editors and other staff use.
We also have a 15 TB Drobo network storage device which is attached to the mini-mac server we are going to replace.
The production team uses Final Cut and Motion to build documentaries.
The other issue is that need a way to connect the office in Baltimore to the office in Washington DC and ideally share files between each location, currently they cannot access the network from Baltimore and have to have a copy of the unedited footage on their own Drobo.
What type of server setup do you recommend? Quad core? speed?
Should we set up a VPN to connect offices or does someone have a better idea, if so what applications do we need?
I know windows networking pretty well, but Mac is totally new to me.Currently editing files from the server is really slow and files are usually pulled to the iMacs to do editing, burning DVDs from files on the server hardly ever works- they pull them local then burn the DVD and it works.
I would love to hear suggestions to help us get up and running.
Anyone know of a good website for server setup- Since there is no Domains in OSX that i know of, how can we secure the network? Links would be great.
Thanks in advance for any help and suggestions.Well if your looking for performance. You could get a Promise VTrak E-Class RAID with 32TB of storage, later on you can add more chassis to the raid for more storage space. The raid can be expanded up to 160TB. (80 drive bays, each drive 2 TB)
Using fiber you could attach the raid to an xServer or Mac Pro (running mac os x server). You'll probable want at least 8 or 16 GB of ram on the server.
The server can run a copy of final cut server. Witch makes it easer to work as a group. Mac OS X server, when properly configured, can also be used to create a VPN between both locations.
Final Cut Server will let editors check in/out specific parts of the documentaries. So the project lives on the server; instead of scattered over every ones computers. Part of this is you can pull down thumb nails versions of the video to work off of. Only when you do the final render do you download the HD version of the video.
If you want even better performance on the editing stations. you could also upgrade to Mac Pros. Mac Pros have upgrade slots witch you can use to add fiber networking. You could also use the upgrade slots to add a black magic real time HD capture card.
Or if you want to keep the imacs. you might want to hook the server to a switch by fiber, and have the imacs connected to the same switch by 1000-T
If you call apple i'm sure they'd be happy to help you figure this all out.
for info on Promise: http://www.promise.com/apple/
for mor info on final cut server: http://www.apple.com/finalcutserver/ -
Lion Server setup & Time Capsule
Greetings,
I am new to lion server so please bear with me. Some of my question me seem dumb to some of you. But to me the only dumb question is one not asked. So please bear with me.
Server and time capsule will both do NAT, DHCP. Which should I use for the network Server or Time Capsule. I am connecting with a Brighthouse cable modem with a Dynamic IP. I have the Time Capsule in Bridge Mode with a static IP 192.168.0.6. The server is Static with 192.168.0.5. Brighthouse wireless is disabled as I like the time capsule wireless. Time capsule is providing WI-FI. Brighthouse router/Modem provides the Router at 192.168.0.1.
I have a domain name abc.net. Should I set up lion server first and then set up Time Capsule after it is working? Do I set this up as a .local, .private or .net account during server setup? I want to be able to get to my computer from my domain name and handle my mail.
I set this up once and it worked for about 2 hours. After that it would never see my computer. So I am setting up server again but wanted to see if I could get a little first time guidence this time. I also signed up with DYNDNS for DNS updating and that just seemed to throw a whole new batch of problems in.
So any help would be great... Not dumb with computers, but new to apple servers. And I don't do geek well!!
I think all the IP numbers, what I need to change on Netfirms to get to my computer get me confused in the setup.
ThanksServer and time capsule will both do NAT, DHCP
Sure.
Which should I use for the network Server or Time Capsule
Why do you think you need to use either of them?
Ideally, you should have ONE device on your network running NAT, and ONE device running DHCP.
From your description it sounds like your Brighthouse router is running NAT therefore there is no need to run NAT anywhere else.
The chances are that the Brighthouse router is also running a DHCP server for your LAN, therefore there is also no need to run DHCP off the Time Capsule or the Server. You've already got those bases covered.
So, at least without more information, I'd be inclined to say: neither.
Should I set up lion server first and then set up Time Capsule after it is working?
Probably. It depends on what your plans are for the Time Capsule. If you're using the TC as a wireless base station then it doesn't need to be running until you're ready to connect wireless clients.
If you're using the TC for backup, you don't need it until your server and/or clients are setup and ready to backup.
Since the TC is not (as per the above) running either NAT or DHCP, there's not much else to do with it.
So focus on the server.
Do I set this up as a .local, .private or .net account during server setup?
That's entirely up to you, although there are a couple of options. First off, though, realize that there is no, zip, nada connection between the hostname you use on your internal LAN and any public domain. It's 100% valid for your server to be called foo.bar while serving web content for abc.net and getting email for xzy.com, all at the same time.
Personally, I tend to set them the same (e.g. abc.net in this case), but others will recommend a different approach. It's largely personal preference.
I want to be able to get to my computer from my domain name and handle my mail.
If you're talking about getting to your computer/mail from an external locale, that's 100% down to DNS and completely independent of what the server thinks its own name is. -
Exchange Server Setup Encountered an Error
I'm trying to install Exchange Server 2010 on a Windows 7 Service Pack 1 machine. I get to step 4... it says Microsoft Exchange Server 2010 Setup Initializing for a brief moment and then Exchange Server Setup Encountered an Error. I looked in
the event log and this is what it says, can someone help me figure out what is wrong?
Thank you,
Cynthia
Log Name: Application
Source: MSExchange Common
Date: 10/10/2014 1:12:36 PM
Event ID: 4999
Task Category: (1)
Level: Error
Keywords: Classic
User: N/A
Computer: HP
Description:
The description for Event ID 4999 from source MSExchange Common cannot be found. Either the
component that raises this event is not installed on your local computer or the installation
is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the
event.
The following information was included with the event:
9788
E12
c-RTL-AMD64
14.00.0639.021
ExSetupUI
M.E.Management.SystemManager
M.E.M.S.W.WizardForm.InitializeComponent
System.ArgumentException
e578
14.00.0639.021
Falsehi Cynthna7575
Thank you for your question.
By your state,I think you want to install EMC on windows 7.
If that,you can refer to the following steps;
1.Check that you have installed the necessary operating system components
a. Open Control Panel, and then select Programs.
b. Click Turn Windows features on or off.
c. Select Microsoft .NET Framework 3.5.1.
d. Navigate to Internet Information Services > Web Management Tools >IIS 6 Management Compatibility.
e. Select the check box for IIS 6 Management Console, and then click OK.
2.Ensure that you un-tick the box during the setup wizard to automatically install roles and features required for Exchange
3.If there will be issue, you can try to install Exchange management tool in other Windows 7 X64 machine to see whether it is OK
If any questions,please let me know.
Best Regard,
Jim Xu
Maybe you are looking for
-
me and my wife are having trouble udating our iphones with itunes our passwords havent changed. when i try to udate my iphone her email address comes up and wants her password and when she udates her iphone apps my email address comes up and sometime
-
Error message when cutting a sequence into a sequence
When we try to cut a sequence into another sequence, we either get a nested sequence (the nest tool is turned off) or we crash with this error message: We are in Premiere Pro 2014.2 with our media on a server. I moved the entire project to my local
-
Need to upgrade sound driver in HP dx2390 OS: Windows 7 Home Premium 32 BIT
Hi ! I have just installed windows 7 on my desktop pc model: dx2390 Microtower hp s/n: 3cb91022f4 i download the sound the sound driver from hp drivers support but its not working. I update windows and realtek sound driver has been installed but i go
-
Things that bother me with Verizon
I was hoping that Verizon would provide a customer support e-mail address but I couldn't find it. I'm unhappy about a number of things with FIOS TV. First I signed on because of what seemed like a good deal but unlike cable I needed to pay for an ada
-
TABLE function to simulate parameterized view
Hi all, Since view can not have parameters, I tried to used stored procedure to return ref cursor then used TABLE function in select statement to simulate a view with parameters, since it's easy to pass parameters to a stored procedure. The idea is l