Lion Server and FileVault
Greetings,
I am looking into setting up a Lion server that will be part of a domain and that will be used to authenticate users. Can FileVault be enabled for users authenticated via AD/LDAP? Any information would be appreciated.
Are you supporting only Lion clients? I believe Lion no longer supports the creation of legacy file vault home folders. In Lion, just encrypt the entire drive.
If you need to support Snow or before, then use MCX settings in Workgroup Manager to set home folder encyption policy. This is on the Mobility button.
Similar Messages
-
Creating a simpel network with Lion Server, and add Windows XP computers to it
We have a Mac Lion Server and 3 computers with Windows XP. Previously we had a Windows 2003 server with a domain name: "MYDOMAIN". When logging into Windows it logs into this domain.
I would like to replace this Windows 2003 server with my new Mac Lion server so, I build up a test setup. I connected the Mac Lion server (iMac) with my Windows XP pc with an ethernet cable. Then, I setup a DHCP, DNS and Open directory in the Server Admin. Added users. I configured the IP adres of the server to a static one by setting the IPv4 to "using DHCP with manual address".
Then I wanted to let my Windows XP server join the domain of the Lion Server, however I cannot let my Windows XP client connect to the domain of the Lion Server.
I read in the advanced administration that you can set up Windows XP for domain login. Where do I find the name of this domain? It should be stated in the server admin, open directory, settings, general tab, but the only thing I find here is: Role: Open Directory Master.
In Windows XP, when I explore in explorer the Microsoft-Windows Network I can see in "MYDOMAIN" the MacLion Server and my Windows XP pc. So sharing files is no problem.
However, I really want to create a new domain with my Lion Server and let the Windows XP pc's login to the new domain.
I hope anyone can help me.Thanks for the info.
I read some stuff about this indeed, so I was thinking, because we have a small network, could it be possible to share files on the server via a workgroup?
If we add the 3 Windows XP pc's to the same workgroup as the Lion Server, would there be a problem?
Then at startup of Windows XP, should we login to the pc instead of the domain? And where would I find the Lion server in Windows XP? -
I have a new lion server and 4 lion laptops. The laptops loose connection to the shared documents and printers from the server after roughly 1 hour. By disconnecting and re-connecting wireless the connection is regained to shares and printers. We can still surf the web when it goes down.
Ok 1st one. The warning restriction message relates to this line in main.cf:
smtpd_helo_restrictions = permit_sasl_authenticated permit_mynetworks check_helo_access hash:/etc/postfix/helo_access reject_non_fqdn_hostname reject_invalid_hostname permit reject_invalid_helo_hostname
The last reject occurs after the single word "permit" and is ignored.
However, that's not the problem.
I'm not exactly sure what's happening, but this might be a clue.
It would appear that either postfix is not being able to create the socket for private/policy or it's somehow created with the wrong permissions. You might need to ramp up the debug level to get a better idea.
You could check if it's being created by "netstat -a | grep private/policy" in terminal.
My guess is that it's not being created because there is no setup statement in your master.cf file, but I don't understand why postfix would be looking for it if it isn't set up. Private/policy I think relates to grey listing. Maybe gives you a hint. -
Lion Server and TimeMachine Error 13
Hello,
I have a problem with a Lion Server and TimeMachine service. I have enabled the service and selected a volume for it. The server creates the share and does not report aby errors. If I go to a client machine and open TM I can see the "Backups" share and select it. The users credentials are validated witout a problem but when the backup is started it will end with the error "Cannot create sparseimage error 13"
I have checked that the share is visible to the client machine and the client has write permissions for the share.
Any ideas why this is happening?
MMHello,
I have a problem with a Lion Server and TimeMachine service. I have enabled the service and selected a volume for it. The server creates the share and does not report aby errors. If I go to a client machine and open TM I can see the "Backups" share and select it. The users credentials are validated witout a problem but when the backup is started it will end with the error "Cannot create sparseimage error 13"
I have checked that the share is visible to the client machine and the client has write permissions for the share.
Any ideas why this is happening?
MM -
Upgrading to Mountain Lion server and all services breaks down...
Hi!
I have, after endless hours of scanning logs and .plist and other files' content and permission settings found why Mountain Lion Server.app in some cases doesn't seem to be able to take control over all service, stating it can't read or write its own setting files etc.
As a Swede I of course run a system set in the Swedish language. Mountain Lion can't upgrade a Swedish system, only fore languages are accepted !!!
See Migration Logs!
//Excerpt from the Mail Migration log:
Begin Mail Migration: Thu Aug 2 19:34:24 2012
purge: 0
sourceRoot: /Library/Server/Previous
sourceType: System
sourceVersion: 10.7.4
targetRoot: /
language: sv
Did not supply a valid language for the --language parameter, needs to be one of [en | fr | de | ja]
As you can see, it can only upgrade in English, French, German and Japanese system language. With no inital warnings the system crashes and causes a true mess half the way through its installation when you start Server.app.
Solution:
Throw Server.app in the trash or move it outside the Application folder, to force the computer to realized "its not a server". It can take half a minute or so for the system to realize it is no longer a server. You will see a sign.
Change the language setting to English in your system preferences and restart your computer. Move back Server.app from the trash (or where you put it) and start Server.app, thereby initiating a new Servers installation. I was happy to find that all mail accounts etc was found again. I thought for several hours they where lost.
The various sites hosted by the server did however not appear in their correct new location (when I tryed this). I had to manually move them from the "Previous" folder in /Library/Server/Previous/Library/Server/Web/Data/Sites/ to /Library/Server/Web/Data/Sites/
I hope this helps anyone out there....
Cheers!
StefanPlease explain.... when are you stoped from upgrading?
I haven't actually had problems with the actual OS upgrade it is when you launch Server.app the first time everything goes to f-n h....
Server.app should reconfigure and move around a lot of files and it does, but not succeeding doing it correctly. Many services can't read their config files and have them in two places. I trying to figure out which ones are being used. Somethime both locations are used but only parts of the settings in the files !?!?
I am soon giving up... -
How to setup iCal on a Lion server and its client machines?
I recently bought a new mini server (running Lion) in order to share our iCal calenders (like in the Apple presentations). I thought this would be an easy process but apparently it isn't. So what was I already able to achieve:
1) Set up 5 different clients (on the Lion server), with corresponding e-mailadresses and passwords.
2) Activated iCal on the server preference window (ical: on)
3) Tried to add the user a account on one of the five client machines => HERE it goes wrong.
My main issue is that I'm not able to add a user account on a client machine and have it connected to the server.
It would be really nice if someone could assist me with it.
Warm RegardsI posted additional information online using the newly created Launchpad login Service account.
I hope that explains my situation, if not I will add more detail here.
There is no problem, when ither of the two OS are used to enable printing with the HP Deskjet 2050 J510 series printer.
The problem begins when I try to print from the other OS , when connected to one of the Operating System.
I have tried without success to print from Windows 7 Ultimate 64-bit OS from an HP Deskjet 2050 J510 series connected to a Ubuntu 12.04 LTS server with Amahi (HDA), installed.
The same thing occurred when I tried to print from the Ubuntu server and the printer was connected to the Windows 7 Ultimate 64-bit running P.C. -
Step-by-step to set up vpn on the lion server and then connect a computer running 10.6?
I've recently bought the Lion server. Checking VPN and adding my static IP sounds easy enough.
I then went home to my computer running 10.6, opened the system preferences, added vpn under network.
I guess I have to choose LTP2? What would be the network name? I left it as the filled in "VPN (L2TP)".
As the server address I put my static IP. Account name - is that my user name from the file sharing network
I created in the server software? That's what I used, and added the password for that user account under
Authentification settings, plus the shared secret, I had copied from the server.
Once I apply these settings and try to connect I get the message that the server is not responding and to try to reconnect.
Can anyone fill i the blancs? Obviously I'm missing some stuff inbetween, but canot find answers online.
I guess this is too basic for a forum, but where does one start to learn this stuff??
Do I need to open specific ports on my router connected to the server network? It does say "vpn is enabled" in the
setup window.
Do I need to create a certificate of some sorts and plce it somewhere?
Do I need tp upgrade my other computer to Lion? I created a "VPN.mobileconfig" file on the server, but when I copy
and open it on a machine running 10.6 it doesn't install anything and just opens up in text edit as a bunch of code.
Please help!Same problem here. Just bought the Mac Mini Server with Lion OS X 10.7.2 and created this vpn.mobileconf file. This file seems to do what it supposed to do when I double clicked it while still on the server. Hence copying it over and double clicking it on my MacBook Pro made the texteditor open the file showing the actual contents of it. Trying to import it into my network preference settings wasn't possible either since the file showed grayed out. It seems the operating system on my MacBook Pro (OS X 10.6.8) doesn't recognize it as the correct file type. Entering the settings of the vpn.mobileconf file manually on the Laptop doesn't work either. Time for OS X 10.6.9?
-
Mountain Lion (server and client) and iOS Notes syncing
I run an IMAP server on my Mac mini running Mountain Lion 10.8.3 and Server 2.2.1. I have an email account on this server and can access and update Mail on both my MacBook Air (Mac OS X 10.8.3) and my iPhone (iOS 6.1.3) and see the results on the other device. However, I cannot get Notes to sync.
I created a note on my iPhone but it does not appear on my MacBook. This is the only account that has Notes enabled on my iPhone; if I turn Notes off for this account the note disappears and comes back when turn them back on again.
I created a note on my MacBook but it does not appear on my iPhone. This is the only account that has Notes enabled on my MacBook; if I turn Notes off for this account the note disappears and comes back when turn them back on again.
How can I get Notes to sync between my OS X and iOS devices?
NOTE: Helpful as you may try to be, I am not looking for alternatives to Notes. Syncing to any IMAP server should work and there is nothing to say it doesn't work so I want to get it working for me. It is all about storing my data on my server and none of the other options address this.After trying everything else, I discovered the answer by just "playing around:" You need to allow clear text passwords for Mail. Once I'd made this change my Notes automatically appeared and stay in sync on all of my devices (iMac, MacBook Air and iPhone). This is still working after the update to OS X Mavericks and Server 3.
-
New Lion Server and Client install... what to expect?
Ok, so in a week I have a Mac Mini Server and a classroom of clients to set up, image, OD master, connect to AD, manage prefs etc (If I had the choice, I wouldn't touch Lion for at least 6 months, but it's not a luxury I have).
I have no AD system to test it with here, so what fun and games can I look forward to? Looking around, it seems that binding to AD is currently rather unreliableThe 3800 can handle MaxTurbo and TV. You can feed your 5 TV Receivers over good quality RG59 or over Ethernet, or up to two may be connected via Wireless.
The preference is for Ethernet over Cat5e/Cat6 or Wireless. Wireless is liked by installers because they don't have to run wires for them. Ethernet is by far the best choice.
Since the 3800 (or any U-verse RG) only has 4 RJ45 ports, you cannot connect all 5 TV Receivers directly to the RG via Ethernet, so some would have to move to a switch connected to the RG. You need to be careful when mixing IPTV and general traffic on a switch, especially if you have a third party wireless access point or wireless router connected to that switch.
Do be aware of the limitation of no more than 4 LIve HD streams coming into your home at the same time. I mention this because you say 5 TVs. You can view different programs on all 5 TVs, but some would have to be recorded.
-
My company just got a new iomega SAN and I wanted to test it on a lion server. So I setup lion server on a mac pro and configured the SAN to the switch. The problem is that when I go to server app, File sharing & click + to add a share point Im not able to add the shares from the SAN, only the Macintosh HD shows.
But when I switch to my snow leopard server I can add the SAN shares with no problem. Does anybody know how I can get this working with lion server?You should check OS X logs and Windows client logs to have a better understanding of what happened.
-
Mountain Lion Server.app no longer supported?
Probably a long shot, but try resetting the App Store and Clearing Cookies.
Reset Learned from Old Toad
Resume Interrupted Downloads
Sign in Doesn’t Appear/Accept Text
Software Update - Adjust
Software Update – Stop it From bugging you
App Store support. There is troubleshooting and a contact link.
Support -
I installed Lion Server on my Mac Pro. Everything looked to be working until I checked Profile Manager and I get an error message "Error Reading Settings" Not sure how to fix it. Tried to download Server agian but can't.
Look at /usr/lib/libpq library. I have had the same problem. There were following files:
-rwxr-xr-x 1 root wheel 163680 30 jul 21:17 /usr/lib/libpq.5.4.dylib
lrwxr-xr-x 1 root wheel 15 30 jul 21:20 /usr/lib/libpq.dylib -> libpq.5.4.dylib
Result for command sudo /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/wipeDB .sh was:
Password:
devicemgr:state = "STOPPED"
postgres:state = "RUNNING"
(in /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend)
Couldn't drop device_management : #<RuntimeError: Please install the postgresql adapter: `gem install activerecord-postgresql-adapter` (dlopen(/Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backen d/vendor/gems/pg-0.9.0/lib/pg_ext.bundle, 9): Library not loaded: /usr/lib/libpq.5.dylib
Referenced from: /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/vendor /gems/pg-0.9.0/lib/pg_ext.bundle
Reason: image not found - /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/vendor /gems/pg-0.9.0/lib/pg_ext.bundle)>
(in /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend)
Please install the postgresql adapter: `gem install activerecord-postgresql-adapter` (dlopen(/Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backen d/vendor/gems/pg-0.9.0/lib/pg_ext.bundle, 9): Library not loaded: /usr/lib/libpq.5.dylib
Referenced from: /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/vendor /gems/pg-0.9.0/lib/pg_ext.bundle
Reason: image not found - /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/vendor /gems/pg-0.9.0/lib/pg_ext.bundle)
/Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/vendor/ rails/activerecord/lib/active_record/connection_adapters/abstract/connection_spe cification.rb:76:in `establish_connection'
/Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/vendor/ rails/railties/lib/tasks/databases.rake:69:in `create_database'
/Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/vendor/ rails/railties/lib/tasks/databases.rake:31
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 636:in `call'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 636:in `execute'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 631:in `each'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 631:in `execute'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 597:in `invoke_with_call_chain'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/monitor. rb:242:in `synchronize'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 590:in `invoke_with_call_chain'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 583:in `invoke'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 2051:in `invoke_task'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 2029:in `top_level'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 2029:in `each'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 2029:in `top_level'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 2068:in `standard_exception_handling'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 2023:in `top_level'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 2001:in `run'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 2068:in `standard_exception_handling'
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rake.rb: 1998:in `run'
/usr/bin/rake:31
Couldn't create database for {"adapter"=>"postgresql", "username"=>"_devicemgr", "encoding"=>"UTF8", "pool"=>5, "database"=>"device_management"}
devicemgr:state = "STARTING"
There was missing symlink to right version of libpq dynamic library!
After I entered the following commands and now it works well for me:
$ cd /usr/lib
$ sudo ln -s libpq.5.4.dylib libpq.5.dylib
$ sudo /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/wipeDB .sh
devicemgr:state = "STOPPED"
postgres:state = "RUNNING"
(in /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend)
(in /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend)
devicemgr:state = "RUNNING"
Milan -
If I buy a Mac Mini Server, can I remove Lion Server and just keep OS X Lion?
This is because it has much better specs than the regular ones.
Here was my solution to removing the 'server' software and running with standard Lion.
https://discussions.apple.com/thread/3108472?start=0&tstart=0
I had issue running certain software on the server version and now my machine just runs regular Lion as opposed to Snow Leopard server the issues are gone.
If you have multiple Macs you also only pay for OS X Lion once and not have to spend the extra on the server version. -
hello i was wondering how can i find out if my macbook pro has ox s lion server ? and if it doesn't have is it necessary to get ? ??? thanks x
and my other qustion is how can i find out if my poor baby mac has got virus ??? becouse i have installed a program called macbook cleaner by mistake and then i founf out that is not an apple app so i thought maybe that was a virus?"??? :-(Please read this whole message before doing anything.
This procedure is a diagnostic test. It won’t solve your problem. Don’t be disappointed when you find that nothing has changed after you complete it.
Third-party system modifications are a common cause of usability problems. By a “system modification,” I mean software that affects the operation of other software -- potentially for the worse. The following procedure will help identify which such modifications you've installed. Don’t be alarmed by the complexity of these instructions -- they’re easy to carry out and won’t change anything on your Mac.
These steps are to be taken while booted in “normal” mode, not in safe mode. If you’re now running in safe mode, reboot as usual before continuing.
Below are four lines of text in monospaced type, which are UNIX shell commands. They’re harmless, but they must be entered exactly as given in order to work. If you have doubts about the safety of running these commands, search this site for other discussions in which they’ve been used without any report of ill effects.
Some of the commands will line-wrap in your browser, but each one is really just a single long line, all of which must be selected. You can accomplish this easily by triple-clicking anywhere in the line. The whole line will highlight, and you can then either copy or drag it. The headings “Step 1” and so on are not part of the commands.
Note: If you have more than one user account, Step 2 must be taken as an administrator. Ordinarily that would be the user created automatically when you booted the system for the first time. The other steps should be taken as the user who has the problem, if different. Most personal Macs have only one user, and in that case this paragraph doesn’t apply.
To begin, launch the Terminal application; e.g., by entering the first few letters of its name in a Spotlight search.
Step 1
Copy or drag -- do not type -- the line below into the Terminal window, then press return:
kextstat -kl | awk ' !/apple/ { print $6 $7 } '
Post the lines of output (if any) that appear below what you just entered (the text, please, not a screenshot.)
Step 2
Repeat with this line:
sudo launchctl list | sed 1d | awk ' !/0x|apple|com\.vix|edu\.|org\./ { print $3 } '
This time, you'll be prompted for your login password, which won't be displayed when you type it. You may get a one-time warning not to screw up. You don't need to post the warning.
Step 3
launchctl list | sed 1d | awk ' !/0x|apple|edu\.|org\./ { print $3 } '
Step 4
ls -1A {,/}Library/{Ad,Compon,Ex,Fram,In,La,Mail/Bu,P*P,Priv,Qu,Scripti,Servi,Sta}* 2> /dev/null
Important: If you synchronize with a MobileMe account, your me.com email address may appear in the output of the above command. If so, change it to something like “[email protected]” before posting.
Remember, this is all drag-and-drop or copy-and-paste, whichever you prefer -- no typing, except your password.
You can then quit Terminal. -
Lion Server and 10.5 Clients....
We're just setup a new Lion Server as OD Master and imported our users from our old OD using the "Restore" function within Server Admin.
My test Lion client can login fine using a network account but when I try the same account from a 10.5 client I get the following error:
You are unable to log in to the the user account "breilly" at this time. Logging in to the account failed because an error occurred.
When I checked the console logs I found this error:
11/08/2011 14:21:02 authorizationhost[318] ERROR | -[HomeDirMounter mountNetworkHomeWithURL:attributes:dirPath:username:] | PremountHomeDirectoryWithAuthentication( url=afp://ncs-mac-od1.ncs.local/Staffhomes, homedir=/Network/Servers/ncs-mac-od1.ncs.local/Staffhomes/breilly, name=breilly ) returned 2
It seems very odd that I can log in on a Lion client but not a 10.5 client
Any help would be greatly appreciated.There is a simple way for unmanaged clients.
To point an unmanaged client to your update server, enter the following command in terminal:
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://<your_server>:8088/index-lion-snowleopard-leopard.merged-1.sucatalog
(replace <your_server> with the dns name of your update server. If the unmanaged client runs snowleopard or leopard, adjust the url accordingly. For snowleopard clients, remove the "lion-" part. For leopard clients, remove the "lion-snowleopard-" part
Maybe you are looking for
-
How can I select adn enlarge the entire document/image on a page, reducing the the surrounding boarder? I can move the different text and image boxes around independently of each other but the outer most boarders of the main template block appear to
-
Hello all, I am not able to delete the request from ODS . It gives the error message :no request found in the change log. how shlould i delete the request?? thnx in advance. Regards, Dhanya.
-
I use a Mac Pro (late 2013 model) to work on Lightroom 5. It has two monitors of different sizes. I prefer that LR 5 uses the bigger monitor as the Monitor 1. However, my LR5 current default uses the smaller monitor as the Monitor 1. Where can I chan
-
Hello, I have built few months ago two single edition apps for app viewer V26. I have read about the necessity to update multi-folios applications on the latest version but I am not sure it also concerns single editions apps. Can someone tell me if I
-
Help resolve an argument over ui/logic divide.
Where is the dividing line between ui and logic? For example where to put word completion code; should h:input be extended and the word completion code be put into the renderkit or something? how would it update? Note: I have my own opinion but need