DNS + do I need a diradmin account?

I have a 10.5.8 server currently being used as a file server for 8 Macs. It is behind a NAT router so is not accessible from the Internet, and doesn't need to be. E-mail and website is handled by a hosting company. All computers have manually-set IP addresses.
I want to eventually set up portable home directories (PHD) so people can work from any computer.
I have set up a clean server and client to duplicate the work system. I've read lots of Apple's documents, and while they are not too bad, there are lots of ifs and buts for much more advanced configurations than mine. So I am a little confused over some things and would be grateful for advice from more expert people than me.
Question 1
Most of the information I have seen about setting up OS X Server seems to assume the machine is accessible from the internet. This one isn't.
During the install, I set the Primary DNS Name to "ueserver.private". The IP address was set manually to 192.168.200.99.
According to checkip -checkhostname, this is fine with name and IP addresses consistent. And I have been able to get PHD to work.
Is this an acceptable way to set the DNS up for this situation, or is there a better way?
Question 2
During the install, I set the server configuration to be "Standard". This seems to have already set OD to be "Open Directory Master", and AFP is active. Guest access is already enabled as required for PHDs.
Documentation I have seen suggests that I should create a diradmin account to administer OD. This is mainly from people who set their machines up as Advanced configurations.
The overall administrator account seems to be able to do anything the diradmin account could do.
Is there any reason to create a separate diradmin account?
Thanks
David

Camelot wrote:
Do you mean/want Portable home directories, or do you really want/mean network home directories?
Portable home directories are designed for systems that split their time between in the office and remote. They have all their home directory data locally and sync with the master whenever they're in the network.
By comparison, Network home directories are designed for systems that are always local to the server, and no user data is saved on the local machine. It's this feature that allows any user to log on from any workstation, which is what it sounds like you're after.
Hello Camelot
I did consider this. What swung me to PHD was a comment in the Apple docs that with PHD, performance was better as it went to the local disk rather than over the network. And there was the advantage that they could still keep working if the server was down for any reason.
Is this an acceptable way to set the DNS up for this situation, or is there a better way?
It's OK, but generally I'd look for another level of hostname. For example, I'd expect something like company.private for the main domain, with this server being ueserver.company.private. This makes it easy to name the workstations things like station1.company.private, station2.company.private, etc.
Thanks for the advice. It's something I had not thought about. OTOH, I'm not sure I'll need to give names to the workstations. (For that matter, drafting1.local will always work.)
Is there any reason to create a separate diradmin account?
Mainly for reasons of delegation. In large organizations its common to delegate user administration to individual(s) that are different from the network admins. Having a separate directory administrator role makes that easier to do.
Ok, well I do it all, so having a separate diradmin account seems unnecessary.
There are some other under-the-hood elements such as directory replication. You don't say how you're handling replication...?
No replication. It's too small an operation to have more than one server, and I believe another OS X Server is required for a replica.
And one more small question:
I used Directory Utility on the client to set up the directory server. It seems to ask for the directory admin (or in my case, the server admin) username and password. This is not something I would usually give out to people setting up a new computer.
Is this what it is really asking for? If so, I would mean that the admin would have to bind the client to the server. This is no big deal in my case, but would be for a site with hundreds of computers to set up. Is there any other way to do this?
Thanks
David

Similar Messages

  • Do my husband and I need separate itunes accounts to correctly sync our iphones?

    We have been using the same itunes/apple id to sync and backup our iphones without any problems.  Today was my first problem with helping my husband set up his new iphone 4s.  An AT&T salesperson said we needed our own accounts.  Anyone know if that is true?  AT&T transfered my husband's contacts to his new phone but I'm afraid to plug it into the computer because earlier today I ended up putting all of my contacts on his phone and couldn't find his.
    Thank you!

    It probably means that only one of you can use iCloud or at least sync calender/contacts with it. I would guess that you could manually manage the other phone as you have before.

  • I forgot my Apple ID password. and I tried to rest it but I don't get a reset email to change the password. What do I need to do to return the account. (I need the specified account because I bought apps with it.)

    I forgot my Apple ID password. and I tried to rest it but I don't get a reset email to change the password. What do I need to do to return the account. (I need the specified account because I bought apps with it.)

    The Best Alternatives for Security Questions and Rescue Mail
        a. Send Apple an email request at: Apple - Support - iTunes Store - Contact Us.
        b. Call Apple Support in your country: Customer Service: Contact Apple support.
        c. Rescue email address and how to reset Apple ID security questions.

  • My children got Itunes cards for christmas.  There devices are all on my imac.  Do they each need a separate account or is there a way to keep them all separate under one account.

    My children got Itunes cards for christmas.  There devices are all on my imac.  Do they each need a separate account or is there a way to keep them all separate under one account.

    I need an answer to this too.

  • I bought a 2nd hand iphone 5 now i cant activate it beacuse they need an icloud account now i cant activate it and the seller wont answer our calls can this be open becausethe phone is useless and i will pay yhe exact price just to activate my phone pleas

    Please help me i cant activate my phone it needs an icloud account or should i just throw away may phone? 3mths of salary was wasted now cant use the phone help.. And the one who sold me the iphone cant be contact anymore help please help.. Im going to pay the exact amount because i can afford a new one. Is there anything apple can help?

    Monnete222 wrote:
    Is there anything apple can help?
    Sorry... No. There is no workaround for Activation lock.
    The Apple ID and Password that was Originally used to Activate the iDevice is required.
    If you cannot get this information from the seller
    Removing a device from a previous owner’s account
    You need to return the Device for a refund.

  • DIRADMIN account not working anymore

    I have seen many other posts related to this issue, and I have tried all the suggestions I have seen. I can't log into Workgroup Manager as diradmin and can't re-kerberize my domain as it doesn't take the diradmin account and password in slapconfig.
    I am at a point now where I may have to demote and re-promote my OD Master, but what will that do to the 7 replicas I have each with Home directory mounts????

    Hi
    You could try the root account?
    After the server software has installed you are prompted to create the default admin account. At that stage root is enabled and is synchronised with that account. This only happens with the Server OS. The name of course is different but the password is the same. If at some future stage you decide to change either the admin or root passwords they are not synchronised.
    The same process works for Open Directory. When OD Promotion takes place you are prompted to create the default directory admin account:- diradmin. At that stage the root account is copied over to the LDAP directory as well. It takes the same password as is set for the diradmin account. Again passwords are not synchronised.
    You can verify this by monitoring the slapconfig.log. Console > /Library/Logs > slapconfig.log. Slapconfig is the process that drives OD Master creation. You'll see the other processes slapconfig brings along for the ride; kerberosautoconfig, sso_util, kdcsetup and mkpassdb. Two entries you should see are:
    2005-07-21 11:55:14 +0100 - command: /usr/sbin/mkpassdb -a -u diradmin -p -q
    2005-07-22 11:55:14 +0100 - command: /usr/sbin/mkpassdb -a -u root -p -q
    Its at this stage the root account has been created along with the diradmin one.
    Have you tried this method yet?
    HTH, Tony

  • Do you need a .mac account to use Mail?

    I'm not able to use Mail, even though I'd like to. I don't have, or intend to get, a .mac account.
    Is the program otherwise usable?
    I have a yahoo account. It would be nice to use Mail in order to send email using Yahoo. Is this possible?

    Maxply wrote:
    I'm not able to use Mail, even though I'd like to. I don't have, or intend to get, a .mac account.
    Is the program otherwise usable?
    I have a yahoo account. It would be nice to use Mail in order to send email using Yahoo. Is this possible?
    You do not need a .Mac account.
    It works with any POP or IMAP email server.
    Yahoo mail's settings: See
    http://email.about.com/cs/yahoomailtips/qt/et032501.htm
    It must be true. I read it on the Internet!
    -fred

  • Two Iphones need two itunes accounts?

    Plan on buying two iphones, one for me and the wife. Do we each need an itunes account? Why or why not? Is there an advantage to having different accounts? If I use my itunes account to activate both phones will it play song purchased with my account on both phones?

    MacShadow,
    Activation for the iPhone, and authorization to play iTunes Store content are two different things.
    This page has the video tutorial on activation, and shows activating more than one phone on either individual or family plans:
    http://www.apple.com/iphone/usingiphone/activation.html
    This article discusses authorization, and mentions syncing to an unlimited number of iPods in the footnotes:
    http://docs.info.apple.com/article.html?artnum=93014
    Hope this helps,
    Nathan C.

  • Help needed in retrieving account description present in PO distributions

    Hi All,
    I have written a query to retrieve purchase orders and it's distributions. I need to retrieve account descrption related to distributions. I have got account number from gl_code_combinations table(segment1 to segment5). I am not able to proceed further in getting account description. Please suggest which are the tables and what is the link between them.
    Thanks and Regards,
    Mahesh

    Hi,
    Please find my comments below:
    Thanks for the reply
    Welcome
    If we link with fnd_flex_values_vl and gl_code_combinations, number of records is increasing i.e records are repeating.
    add condition flex_value_set_id
    Also account number will be like 01-0101-0101-1010, so this means that account number is flex field. Then i think we have to use flex field tables. But i am not able to find out which are the tables and what is the link between them
    Account number is a combination of Segments. You cannot find total combination anywhere. You have to take Code combination id, get the segments, link the segment with fnd_flex_values_vl with particular value_set_id and display the description against that segment.
    Finally you have to concatenate all the segment descriptions.
    Regards,
    Sridhar

  • HT204053 My apple ID is Steven.carter(AT)logan(DOT)edu my original iPhone account I'd was sstevostv(AT)aol(DOT)com. The AOL account is inactive. I am unable to set my iCloud up, I need my iCloud account to be under either sw.carter(AT)live(DOT)com or Stev

    My apple ID is Steven.carter(AT)logan(DOT)edu my original iPhone account I'd was sstevostv(AT)aol(DOT)com. The AOL account is inactive. I am unable to set my iCloud up, I need my iCloud account to be under either sw.carter(AT)live(DOT)com or Steven.carter(AT)logan(DOT)edu.
    <Email Edited by Host>

    I am having a similar issue. I had to change my apple ID because my email account is close, but am unable to change my iCloud ID. It seems there is no way to change the iCloud ID. Unless I am missing something, this seems like an oversight by Apple. Any advice anyone has would be greatly appreciated.

  • Hello,somebody can tell me if I can find my lost Iphone5 if the "find my phone" app is tunrned off ,I tried to locate my phone and when I sign in says that I need an Icloud account(to sign in I'm using apple id account)Thanx

    hello,somebody can tell me if I can find my lost Iphone5 if the "find my phone" app is tunrned off ,I tried to locate my phone and when I sign in says that I need an Icloud account(to sign in I'm using apple id account)Thanx

    You can't create an iCloud account on your PC.  You have to first create an iCloud account on an iOS device (iPhone, iPad, iPod Touch) or Mac (running OS X Lion or higher).  After creating the account on one of these devices you can use the ID to sign into the account on your PC.

  • HT1918 How do I change my billing info so that I don't need a bank account to d/l or update apps. I deleted my bank account and now I can't download or update anything?

    How do I change my billing info so that I don't need a checking account? I don't have a banking account and now I can't download or update any apps because I have no checking account.

    In general, Apple does not provide refunds but you can try to contact them here: http://www.apple.com/support/itunes/contact/

  • Why do I need a snapfish account?

    why do i need a snapfish account?

    Odlavso,
    Welcome to the HP Forum.
    You do not need a Snapfish account.
    If you have a printer that is ePrint capable and you want to use ePrint, you do need to register for an HP Connected account.
    Sign In - HP Connected
    Reference: 
    HP Connected support
    Click the Kudos Thumbs-Up to show appreciation and say Thanks.
    Although I strive to reflect HP's best practices, I do not work for HP. 
    HP provides Administrative and Moderation services for the HP Forum.
    Kind Regards,
    Dragon-Fur

  • I have 7 iPhones, do I need an iTunes accounts for all of them

    I have 7 iPhones, do I need an iTunes accounts for all of them

    In that case, here is the applicable section from the iTunes Store agreement...
    If you are a commercial enterprise or educational institution, you may download and sync an App Store Product for use by either (a) a single individual on one or more iOS Devices used by that individual that you own or control or (b) multiple individuals, on a single shared iOS Device you own or control.
    So the way we have interpreted this is that each user( in a business) requires a separate iTunes account, though if the user had multiple devices that only he or she used, they need just one account for those devices.  If you are an educational institution you can check out the iOS 5 Education Deployment Guide.  Educational organizations have some different options. 
    http://images.apple.com/education/docs/IOS_5_Education_Deployment_Guide.pdf

  • I just pruchased a audio book and now I am trying to get it to itunes.  It keeps saying  I need a audible account name and password? My computer is authorized but I dont know my audibe account info? could you help me

    I just purchased a adio book and now I am trying to get it to itunes.  It keeps saying i need a audible account username and password? I put in my itunes info but that is not it? the book is in "public": on my computer could you help me

    Hello Timmy790
    Try the suggestions in the article below to resolve the issue of seeing your old Apple ID on your iPhone.
    iOS 7: If you're asked for the password to your previous Apple ID when signing out of iCloud
    http://support.apple.com/kb/ts5223
    Regards,
    -Norm G.

Maybe you are looking for

  • Error in connecting oracle odbc driver 9.1.0.8

    java.SQLException:[Microsoft][ODBC Driver Manager][Driver's SQLAllocHandle on SQL_HANDle_ENV failed this error is raised when connecting oracle 9i database using oracle odbc 9.1.0.8 driver. please help me                                              

  • Maintaining Multiple Vendor Phone Fax and Email using IDOC

    Hello Guru's, I have a requirement where I must be able to maintain multiple phone and fax entries for all of our vendors.  Is there a standard segment in IDOC CREMAS05 that will allow for this maintenance?  Or will I have to use a separate BAPI / FM

  • AWR import

    Hi, I've made AWR snapshot export from one database and want to import it to another database, but i have errors. Why? | begin ERROR at line 1: ORA-20102: user name 'awrstage' is invalid ORA-06512: at "SYS.DBMS_SWRF_INTERNAL", line 370 ORA-01918: use

  • Script using Update-Recipient

    Working on a Script that will be run as a scheduled task.  I have most of the script setup but running into one stopping point that's not working how I want it to. The script runs a Get-Mailuser with some filters that is saved into a variable. I then

  • Should I Try Adding An Airport Base Station to Speed up Network?

    I have the incredibly slow network problem at home on my D-Link, WEP wireless system that I did not have on my Powerbook, iMac G5, or my old iBook. I have to have this system as my partner works from home on a Windows machine. At the school where I t