Mountain Lion Server firewall

I recently had a forced upgrade from a Mac Mini Server 10.6.8 - which was working great until the hard drive failed - so I bought a new Mac Mini Server running 10.8.4.
I must say I felt a bit like I did when I first moved from OS9 to OSX. Everything I knew had been taken away and not replaced with anything very useful. I can't use proper Admin Tools, I can't remote admin from anything except another ML machine (?) except with screen sharing and I feel like I have no control over anything. It's like I'm using Server Lite for Kids.
Yesterday, after a power cut (and yes it should be on a UPS, staff stupidity) the wheels fell off, all the ports were closed and I couldn't screen share into the server. After getting someone on site and attaching a screen, we are getting repeated messages about connection attempts on different ports from different IP addresses (including the one I was trying to screen share from). I really don't understand what's going on with this. I've discovered that ipfw is deprecated and there is a new PF firewall which I can only control from the command line (no thanks I have a Mac not a Linux box). But I don't really understand what it's doing and why.
I'm given 4 options each time, I can allow or deny all packets, packets to this port only, packets from this IP only, and packets from this IP to this port - and I can choose 'forever' or 'until quit'. I would have expected that choosing to allow all packets (option 1) would effectively turn off the firewall but even having tried this option we kept on getting the same dialogs every time there was a connection request to the server. The firewall (in System prefs) is allegedly turned off - and when I tried turning it on it blocked my SMTP port (and no doubt other stuff) so I turned it off again.
I downloaded IceFloor but don't want to play with that until I am actually on site rather than working remotely (trying to be on holiday as it happens). I did open it to read the docs and it says that the PF firewall is currently off. So why have I been getting these dialogs and how do I control my firewall?
I'm sure this active firewall is great but there are some ports that I need to nail down for certain IP addresses only in order to pass muster with the payment card industry police and I don't understand how to do that now.
Hope someone can help
Thanks
James

You need to use the full path to the command, navagate to the location of the command and use ./command or add the path to your envirometn verables. Try this
sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl --h
That shoudl show you the help info.
If you actully have your system configured as a server "man afctl" shoudl show the current manual page for the command. It will not show up if your system is not configured as a server. afctl is only one aspect of the firewall controls on a Mac Server. pfctl is also another tool to know how to use.
The only GUI on 10.8 server for Firewall setup is in System Prefs, it's the same GUI as any other Mac and is very limited. The command line is about the only way to customize the existing firewall setup. Icefloor can be a useful tool to configure pf but is not a simple tool to use. In my opionin using something like Little Snitch is better for those who do not want to mess with the command line. It just makes more sense in how it makes and uses rules.

Similar Messages

  • Firewall gui for Mountain Lion Server

    Is there an easy firewall for Mountain Lion server? Im amazed Apple took this feature away. For what reason? I dont know command line very well and shouldnt have to learn it seeing as how Macs are supposed to be "user friendly". Doing a port scan I see about 20 ports open that I want to close but just dont know how as they're not application specifc (like pop3...). Any suggestions would be helpful.
    thanks.

    Scott Howe wrote:
    I meant to say "Is there a GUI for the Firewall for Mountain Lion Server"
    I totally agree with you, the whole point of OS X was to be easy to use i.e. GUI based, if we wanted a pure CLI system we would get Linux
    There are actually two different Firewalls on Mountain Lion Server, the 'standard' one you see in System Preferences which is an Application level firewall (ALF), and has extremely limited options but does have a GUI, and the CLI only one which is pfctl (Packet Filtering).
    Note: ipfw is depreciated in Mountain Lion.
    There is a third-party tool for configuring pfctl called IceFloor. Be careful though, I managed to screw up a system with it, as always make sure you have a backup before making changes.
    See http://www.hanynet.com/icefloor/

  • VPN to Mountain Lion Server issues

    Hi,
    I checked a lot of VPN threads here today, but I wasn't able to find a solution for my problem just now. I try to connect by VPN to my Mountain Lion Server, but I get an error message that the VPN server is not responding. I get this message from iPhone and Mac. The Mountain Lion Server is a new installation, no upgrade from an older server.
    Some informations on my setup:
    I installed the server with a hostname like myserver.mycompany.com and option 3 (internet access), as I want to use it for email at a later stage. All services are working fine (except VPN). DNS is active, but basically it only contains the adress myserver.mycompany.com and forwards everything else to our router.
    I changed the DNS settings of our domain ( hosted by an ISP - so not in the local DNS ! ). I created a subdomain vpn.mycompany.com which points to the static IP of our router.
    In the router I opened the UDP ports 500, 1701 and 4500, and for 1701 i made the same thing for TCP (I found this in a forum, but I think this is not necessary?), the ports are pointing to the ip of the os x server.
    In OS X Server I started VPN for L2TP using the vpn.mycompany.com hostname, and a shared secret.
    When I try to connect with I client from outside I try to connect using L2TP via vpn.mycompany.com using the shared secred and user-id and password. The user-id is created in OS X Mountain Lion server and is configured to use VPN service. When trying to connect I get the error message "L2TP-VPN server is not repsonding...".
    In the log file of the server I see some entries for each connect:
    Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: Connecting.
    Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IPSec Phase1 started (Initiated by peer).
    Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: receive success. (Responder, Main-Mode message 1).
    Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
    Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: receive success. (Responder, Main-Mode message 3).
    Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
    Oct 10 20:21:48 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Phase1 Retransmit).
    Oct 10 20:22:06 --- last message repeated 2 times ---
    Oct 10 20:22:06 myserver.mycompany.com com.apple.SecurityServer[17]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [2967] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [2967] (2,0)
    Oct 10 20:22:06 myserver.mycompany.com com.apple.SecurityServer[17]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [1716] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [2967] (100000,0)
    Oct 10 20:22:06 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Phase1 Retransmit).
    No more entries in log file now. Anyone any ideas what's going wrong. Might there be a problem as I use another servername outside as inside (vpn... instead of myserver...)?
    Thanks!

    Solved, first of all we tested to establish the VPN connection locally by adding the ip address of the server to /etc/hosts for vpn.mycompany.com. The VPN connected without problems then, so it was clear that it is a firewall/router problem, and not a server problem.
    After that we studied some more documentations and found that we don't have to open port 50, but ip protocoll 50 (ESP) on the firewall. After that was done, the connection was working from the internet as well.

  • Mountain Lion Server 10.8 DNS ERROR READING SETTINGS

    Hi! Well I changed from windows 2008 server to Mountain Lion Server. So far, I have been able to set up website hosting for one website, and I must say works better than windows server 2008, maybe thats because the mac keeps the drive spun up, while in windows server it was an external drive, whatever the issue mac serves up the site much faster that it comes exploding onto the screen of the searcher.. Then I went to try to set up email, I was totally excited, but I think I did a no no in the dns settings, and now, I cant even see them, I just get "Error Reading Settings" Of course I see things in the log that I should undo, but I cant access the DNS settings at all. Any ideas how I can get to the dns settings so I can undo my booboo? Now it has streched its error self into the file sharing, and I cant access those settings anymore either, so that means I cant set up other websites because I cant give permission to view those folders. I also just got another err saying "Multiple errors occured on this server while processing commands. Just exactly what the heck did I do? I must have REALLY SCREWED THIS THING UP! Also strangely Safari browser no longer acceses the web from the server computer. I THINK I KILLED IT.
    Any Ideas?
    Thanks I really appreciate any tips, I havent got to calendar or vpn, or any fun stuff yet.. Or maybe it might not be fun at all? hahahahahaa!
    Thanks

    I've gotten into this mess as well and Apple solved it for me.
    The Server should be able too lookup itself so running DNS is a good thing, actually the server sets up DNS at install time if it can't find a server to serve it's DNS so it can lookup itself.
    The main error in my case was that there wasn't a NS record pointing the machine itself and that there were some firewall rules preventing DNS lookups. Since there is no way to edit the firewall rules via GUI the engineer manually changed some stuff, but wasn't sure where the problem lies exactly, so he passed it on to another engineer.
    At this point I was already forced to switch to Google Apps for Business and my website was already running at GoDaddy, at much lesser costs and to much lesser frustration I might add.
    Let's face it, Apple has to deliver a better product with the old Server Admin back into place for those who want it for the extra control.
    My servers were running great with Lion (eventually), but Apple just had to remove Server Admin from OS X Server... #their_loss

  • Mountain Lion Server Profile Manager not accessible externally

    What do I need to be checking if I can't access our Mountain Lion server's Profile Manager externally.  From a test iPad on a carrier's 3G network, I get a "server not found" error when using http://fqdn/.  I can bring up the server page if I use https://publicipaddress. but not https://publicipaddress/profilemanager.  Apple tried accessing the server with the same findings.  We're a state agency behind tight firewall and security and we're told that all Profile manager needed ports are open...  Thanks.

    Nelson -
    Pretty much everything boiled down to DNS, firewalls and ports.  Unfortunately, I was never able to acertain which of the three items were causing this problem because we have a separate group who manages the network and firewall (plus a separate security team).  If I recall, once they focused on what it was I was trying to accomplish, most of the problems "magically" went away. 
    Is your reverse DNS working the way it's supposed to?  Ex:
    yourserver:~ login$ hostname
    yourserver.yourdomainname
    yourserver:~ login$ host yourserver.yourdomainname
    yourserver.yourdomainname has address 10.x.x.x
    yourserver:~ login$ host 10.x.x.x
    3.34.2.10.in-addr.arpa domain name pointer yourserver.yourdomainname
    yourserver:~ login$
    Also be sure to follow "burton11234's" posts.  https://discussions.apple.com/people/burton11234?view=overview

  • I'm trying to use Mountain Lion Server so my family can have separate logins via Screen Share to their iTunes.

    Using Mountain Lion Server so my family can have separate logins and connect via Screen Share.
    Works great, each has their own home directory and permissions are perfect.
    Now setting up iTunes for each with their own Library (not shared), thus keeping multiple Libraries.
    I get this;
    This Computer is already associated with an Apple ID.
    If you download past purchases with your Apple ID, you
    cannot auto-download past purchases with a different
    Apple ID for 90 days.
    What!
    So what it is on the same computer, they are completely separate Libraries never to be mixed.
    If this works, I only need to keep one computer up and running, instead of three.
    Each can do their syncing/backup and connect to the various Airplay/AppleTVs I have around the house.
    How do I fix this.
    Thanks

    Bottom line is you can't - easily.
    You need to make sure that you log out of the server each time otherwise the ID is running. To explain, if you had a laptop with different people using it, your solution works fine. Each time someone logs in, the iTunes ID is different so it works as you can only have one person using the laptop at any one time.
    Now, turning your problem inside-out, you want people to be able to log into iTunes concurrently to use their own version of the program with their own library. This does not seem to work and you get the conflicted ID error message. Even though iTunes is running under their own login ident, I have never been able to get this working reliably and was told that iTunes is NOT a network-aware application as it is designed to be single user.
    The way I got around this was to login as XYZ and to make sure that the ID was changed in iTunes accordingly. However, it did not always work so I gave up with the whole thing.

  • Unable to add/remove users in Mountain Lion Server (Options are greyed out)

    For some reason, im unable to add/remove users in Mountain Lion server. The + and - are greyed out. It seems like something is wrong with the permissons because it looks like it cant write the the Ldav3 file (although that may be speculation). Does anyone have any advice for me? I URGENTLY need to add users.
    Maybe theres a way to restore default permssions for the boot drive (if that in fact is the issue). Hopefully there is a way that I can fix this while leaving all users, groups, their permissions and shares intact.

    Anything interesting and relevent in the server logs?
    Anything interesting in the server alerts?
    Since it's far and away the most common cause of problems with OS X Server and with distributed authentication (Open Directory is entirely based on network encryption and digital certificates and on responses from your local DNS server(s)), verify your local DNS configuration is working and requires no changes with the following Terminal.app (Applications > Utilities) harmless, diagnostic command:
    sudo changeip -checkhostname
    sudo requires an administrative password.  You might get a one-time warning about the sudo, and that can safely be ignored.  The command will display some details, and indicate whether the local configuration appears valid and no changes are required, or further diagnostics for (most) common errors that can arise.

  • Regarding mountain lion server: clients experience intermittent service connections. the server system log has the following error- Client handshake failed (6):113: Server not accepting client connections (any ideas???)

    regarding mountain lion server: clients experience intermittent service connections. the server system log has the following error- Client handshake failed (6):113: Server not accepting client connections. any suggestions would be greatly appreciated - thank you

    Hi Jason
    I was getting the same behavior after Apple support had me delete some plist files to get Airplay going. I was also getting the following error:
    the error occurred while processing a command of type 'writesettings' in the plug-in 'server vpn'
    I went into ~/Library/Preferences/ and /Library/Preferences/ and deleted every plist contating the word server. I had to re-set up my server (meaning walk through some intial steps) but all of my settings were still there after that and everything started working again.
    Just a thought, obviously try at your own risk but it worked for me.
    Kellen

  • How To Set Up Mountain Lion Server/Point DNS to Mac Mini Server

    Hello, First of all I have no experience with setting up servers whatsoever. Below is what I have
    - Mac Mini with Mountain Lion Server
    - Time Capsule as my router
    - Comcast as my service provider
    My goal is to set up my MacMini as a sharepoint for files and other data with my other partners.
    - I have purchased a domaine name from NetworkSolutions. Does this mean that they are my DNS hosting as well? Not really sure. My biggest question is how to point my DNS to my mac mini server correctly.
    1. How do you point the DNS to my mac mini server.
    2. I've read somewhere to use the IP address from my mac mini server. The only IP address I see is from my Time Capsule (router). I know what my public IP adress is but I am not sure if that's the one to use. I think once I figure this DNS thing I can figure out the rest.
    Thanks - Need lots of help.

    Here's a detailed write-up on setting up internal (private) DNS on OS X Server, and no, you're probably not going to be setting up external DNS on your servers.  Your public DNS service will be hosted on and served from the Network Solutions DNS servers.

  • Upgrading to Mountain Lion server and all services breaks down...

    Hi!
    I have, after endless hours of scanning logs and .plist and other files' content and permission settings found why Mountain Lion Server.app in some cases doesn't seem to be able to take control over all service, stating it can't read or write its own setting files etc.
    As a Swede I of course run a system set in the Swedish language. Mountain Lion can't upgrade a Swedish system, only fore languages are accepted !!!
    See Migration Logs!
    //Excerpt from the Mail Migration log:
    Begin Mail Migration: Thu Aug  2 19:34:24 2012
    purge: 0
    sourceRoot: /Library/Server/Previous
    sourceType: System
    sourceVersion: 10.7.4
    targetRoot: /
    language: sv
    Did not supply a valid language for the --language parameter, needs to be one of [en | fr | de | ja]
    As you can see, it can only upgrade in English, French, German and Japanese system language. With no inital warnings the system crashes and causes a true mess half the way through its installation when you start Server.app.
    Solution:
    Throw Server.app in the trash or move it outside the Application folder, to force the computer to realized "its not a server". It can take half a minute or so for the system to realize it is no longer a server. You will see a sign.
    Change the language setting to English in your system preferences and restart your computer. Move back Server.app from the trash (or where you put it) and start Server.app, thereby initiating a new Servers installation. I was happy to find that all mail accounts etc was found again. I thought for several hours they where lost.
    The various sites hosted by the server did however not appear in their correct new location (when I tryed this). I had to manually move them from the "Previous" folder in /Library/Server/Previous/Library/Server/Web/Data/Sites/   to    /Library/Server/Web/Data/Sites/
    I hope this helps anyone out there....
    Cheers!
    Stefan

    Please explain.... when are you stoped from upgrading?
    I haven't actually had problems with the actual OS upgrade it is when you launch Server.app the first time everything goes to f-n h....
    Server.app should reconfigure and move around a lot of files and it does, but not succeeding doing it correctly. Many services can't read their config files and have them in two places. I trying to figure out which ones are being used. Somethime both locations are used but only parts of the settings in the files !?!?
    I am soon giving up...

  • How can I set up a mail alias in Mountain Lion Server?

    Hi, newbie to Mountain Lion Server here.
    I've set up mail for domain a.com and a virtual domain b.com
    User a receives mail just fine at [email protected] and [email protected], now I wanted to receive mail for [email protected] as an alias, which I understood after reading the posts here is done by going to 'advanced options' of user a and setting b in the alias field.
    But sending a mail to [email protected] bounces with a "550 5.1.1 <[email protected]>: Recipient address rejected: User unknown in virtual alias table".
    However sending a mail to [email protected] does work, so I'm wondering what I'm doing wrong.

    Hi, it's a late response, I know, but I had same problem just now and in my searching for an answer I found your question. ...better yet, I also found the answer - simply make a user alias including the virtual domain, like for instance if you want alias c to receive mails from both a.com and b.com, you should make two aliases:
    c, [email protected]
    where the first alias defaults to a.com as the default domain and the second explicitly specified the virtual domain.
    Cheers

  • Configuring postfix on Mountain Lion Server

    I'm trying to upgrade from Snow Leopard Server to Mountain Lion Server and did an install of Mountain Lion Server on top of a working instance of Snow Leopard Server.  The "crippled" GUI on Mountain Lion Server is forcing me into using terminal to configure Postfix to handle incoming email.
    I would like to configure Postfix to only accept email that is forwarded from a gmail business account.  The public email address is [email protected] which is received by Google Mail, goes through their spam filters and then is auto-forwarded to  [email protected]
    The server WAN domain is nonpublic.com  The ip address is 96.231.165.126
    The server LAN is nonpublic.local  The ip address is 10.6.18.201
    The server is a MacMini running Mountain Lion Server 10.6.8 hostname server so the FQDN is server.public.com.
    The network on the MacMini is configured to handle both LAN and WAN traffic through the 1GB physical ethernet port which plugs into a CISCO 3750 switch.  The external traffic to the WAN flows through the switch as tagged packets.  The LAN traffic is not tagged.  The VLAN connection is running 802.1q
    When an email is sent through the WAN to [email protected] the Postfix SMTP log shows:
    Jun  7 19:29:22 server.public.com postfix/smtpd[42181]: connect from cisco.public.com[96.231.165.123]
    Jun  7 19:29:22 server.public.com postfix/smtpd[42181]: disconnect from cisco.public.com[96.231.165.123]
    I can send emails from a client on the LAN through this server with no problems.  The incoming mail server can connect to the machine via the Cisco router/switch but Postfix just shows "cisco" as the connection (that's the router's DNS name) and provides no more info.  I suspect Postfix possibly doesn't like the 802.1q connection and drops the SMTP request to connect on port 25.
    I have turned on "debug" logging in Postfix, but that is all that appears in the SMTP log file
    I've spent most of the week reading through everything I can find on how to install and configure postfix on Mountain Lion Server and work around the cripled GUI in the "server" application.  I'm barely OK using Terminal and not familiar at all with configuring Postfix directling editing the config file.
    What is the best approach to configure Postfix to allow SMTP connections from the outside to deliver incoming email that is forwarded from gmail.com?
    I did find an "aliases" file in /etc/postfix/aliases but I'm not sure how to add the aliases and if adding aliases with a text editor is going to cause the "server" app problems and if the changes will be lost when the machine is restarted.
    Any help would be appreciated.

    MrHoffman, thank you for your response to my challenge to get the new test server working.  This is a migration from Snow Leopard Server to Mountain Lion Server.
    Here is the "checkhostname" test results:
    blue:~ admin$ sudo changeip -checkhostname
    Password:
    Primary address     = 96.231.165.211
    Current HostName    = blue.pderby.com
    DNS HostName        = blue.pderby.com
    The names match. There is nothing to change.
    dirserv:success = "success"
    blue:~ admin$
    Here is the response from postconf -n
    blue:~ admin$ postconf -n
    biff = no
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    daemon_directory = /usr/libexec/postfix
    data_directory = /var/lib/postfix
    debug_peer_level = 2
    debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5
    dovecot_destination_recipient_limit = 1
    html_directory = /usr/share/doc/postfix/html
    imap_submit_cred_file = /Library/Server/Mail/Config/postfix/submit.cred
    inet_interfaces = loopback-only
    inet_protocols = all
    mail_owner = _postfix
    mailbox_size_limit = 0
    mailq_path = /usr/bin/mailq
    manpage_directory = /usr/share/man
    message_size_limit = 10485760
    mydomain_fallback = localhost
    newaliases_path = /usr/bin/newaliases
    queue_directory = /Library/Server/Mail/Data/spool
    readme_directory = /usr/share/doc/postfix
    recipient_delimiter = +
    sample_directory = /usr/share/doc/postfix/examples
    sendmail_path = /usr/sbin/sendmail
    setgid_group = _postdrop
    smtpd_tls_ciphers = medium
    smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL
    tls_random_source = dev:/dev/urandom
    unknown_local_recipient_reject_code = 550
    use_sacl_cache = yes
    blue:~ admin$
    I agree that I should change the LAN domain from .local to something like .internal or whatever.   I've been running with .local for 5 years  on snow leopard server and never had any problems so that was a low priority.
    I hope I'm just not seeing some obvious setting in main.cf

  • Smooth transition from Mountain Lion Server to Mavericks Server 3.0!!

    After an new OS release that are always complaints about installation and configuration problems. First comers to using any new software tool provide valuable feedback we generally hope will help improve the new product. It's how things have worked since the first 6503 Apple II's and 8086 IBM PC's.
    I've been using and upgrading PC's since THOSE DINOSAURS! And I can't remember EVER having an OS upgrade go as smoothly as my recent upgrade from Mountain Lion Server (OS X 10.8.5 w. Server 2.2.2) to Mavericks Server 3.0.
    I chose to do a clean Mavericks install on a clean partition created on a 1 TB disk that was upgraded into my trusty MacBook. I used the DiskmakerX app to create a Mavericks installation USB drive. When the screen came up with the option to import users, programs & files (took a pass on email) from the Mountain Lion Server partition, I let it run overnight to transpose everything of value into the clean Mavericks installation.
    The next morning the only program that wasn't PERFECTLY installed and configured on Mavericks was Server 2.2.2. I deleted it and bought/installed Server 3.0. After Server 3.0's setup ran that only thing I had to do manually was start Postgres! My domain setting, DNS, all my web applications that were set up on Mountain Lion Server were all GOOD TO GO again on Mavericks Server!
    I'm disclosing this here, publicly because it was a BIG PAIN to install and deploy all my websites using Mountain Lion's server app. To say the easy transposition into Server 3.0 was an unexpected and pleasant surprise amounts to massive understatement.
    Now I'm going to describe two small anomolies I've noticed in either Mavericks or Server 3.0 that other users might want to be on the lookout for. They're not fatal. But they might be "habringers" suggesting underlying problems in either the new OS or the new Server's internals.
    The toolbar icon for TimeMachine doesn't "spin" when it backs up. It's not a big deal. But it's convenient to see the circle around the clock whirling so we know when TIme Machine is backing up.
    Mavericks Server isn't reporting newly upgraded apps as available under the Updates Tab of the Server's Software Updates subsystem. It might be inconsequential. But with a new OS version it never hurts to let the developers know about the "little things" that don't apparently work.
    Kudos to the Maverick's developers for releasing an OS X version that's THIS CLEAN. And hugs to Apple's management for making it a free download upgrade for developers!!!
    Full disclosue: I don't now and never have worked for Apple. but I do own a few shares of Apple stock that we purchased many years ago at $14.00 / share. I'm not a big shareholder. But based on my recent seamless upgrades to Mavericks and iIOS 7, I'm a happy one who's not likely to sell any time soon.
    If Apple can do for ALL THEIR HARDWARE AND SOFTWARE PRODUCTS what they seem to have done for OS X and iOS, they've got at least a fighting chance to recover from their losses after their stock peaked at about $700.00 /share.
    Keep up the good work!
    Dr. Bob Blomeyer

    After an new OS release that are always complaints about installation and configuration problems. First comers to using any new software tool provide valuable feedback we generally hope will help improve the new product. It's how things have worked since the first 6503 Apple II's and 8086 IBM PC's.
    I've been using and upgrading PC's since THOSE DINOSAURS! And I can't remember EVER having an OS upgrade go as smoothly as my recent upgrade from Mountain Lion Server (OS X 10.8.5 w. Server 2.2.2) to Mavericks Server 3.0.
    I chose to do a clean Mavericks install on a clean partition created on a 1 TB disk that was upgraded into my trusty MacBook. I used the DiskmakerX app to create a Mavericks installation USB drive. When the screen came up with the option to import users, programs & files (took a pass on email) from the Mountain Lion Server partition, I let it run overnight to transpose everything of value into the clean Mavericks installation.
    The next morning the only program that wasn't PERFECTLY installed and configured on Mavericks was Server 2.2.2. I deleted it and bought/installed Server 3.0. After Server 3.0's setup ran that only thing I had to do manually was start Postgres! My domain setting, DNS, all my web applications that were set up on Mountain Lion Server were all GOOD TO GO again on Mavericks Server!
    I'm disclosing this here, publicly because it was a BIG PAIN to install and deploy all my websites using Mountain Lion's server app. To say the easy transposition into Server 3.0 was an unexpected and pleasant surprise amounts to massive understatement.
    Now I'm going to describe two small anomolies I've noticed in either Mavericks or Server 3.0 that other users might want to be on the lookout for. They're not fatal. But they might be "habringers" suggesting underlying problems in either the new OS or the new Server's internals.
    The toolbar icon for TimeMachine doesn't "spin" when it backs up. It's not a big deal. But it's convenient to see the circle around the clock whirling so we know when TIme Machine is backing up.
    Mavericks Server isn't reporting newly upgraded apps as available under the Updates Tab of the Server's Software Updates subsystem. It might be inconsequential. But with a new OS version it never hurts to let the developers know about the "little things" that don't apparently work.
    Kudos to the Maverick's developers for releasing an OS X version that's THIS CLEAN. And hugs to Apple's management for making it a free download upgrade for developers!!!
    Full disclosue: I don't now and never have worked for Apple. but I do own a few shares of Apple stock that we purchased many years ago at $14.00 / share. I'm not a big shareholder. But based on my recent seamless upgrades to Mavericks and iIOS 7, I'm a happy one who's not likely to sell any time soon.
    If Apple can do for ALL THEIR HARDWARE AND SOFTWARE PRODUCTS what they seem to have done for OS X and iOS, they've got at least a fighting chance to recover from their losses after their stock peaked at about $700.00 /share.
    Keep up the good work!
    Dr. Bob Blomeyer

  • Error configuring services from Snow Leopard Server to Mountain Lion Server

    I am trying to upgrade a Snow Leopard Server Mac Mini to Mountain Lion Server.
    We have two Mac Mini servers at our office (production and backup) so I migrated the everything from our production server to the backup using the migration assistant when setting up the backup computer.
    I now have the backup at home trying to upgrade it to Mountain Lion Server.  I have downloaded and installed Mountain Lion as well as the Server App version 2.2.  I basically followed the simple directions found in the Apple documentation.
    I started the server app and it got to the part where it said "Upgrading services".  After running for a few minutes, I get a window that states "An error occurred while configuring your server."  It also sayd "The following actions failed or were not attempted:" with a red dot next to "Upgrading services".  The other three items:  "Authenticating to local directory", "Reading directory configuration" and "Authenticating to local directory services" have gray dots so I'm sure they were not even attempted.
    Our Snow Leopard server is setup for SMB file sharing, LDAP services, FTP, Web, DNS, DHCP.
    Can someone point me to where I can figure out what exactly is failing?  Are there specific log files I need to look into?
    Thanks

    Have EXACTLY the same issue - also tried reinstalling mountain lion server fresh and still had the same problem...

  • OSX Mountain Lion Server - how do you uninstall this including services

    Hi All,
    Sorry if the question has been asked before.
    I have Mountain Lion 10.8.5 and installed OSX Mountain Lion Server (2.2.2) and run into a couple of issues after installed successfully.
    * I no longer can add users and groups.
    * Open Directory fails to connect.
    So I read some forums and uninstalled the server by trashing it, deleting /Libaray/Server, empty trash and reboot. But when I reinstalled the server it renabled all the services that I had previously and still not able to add users and groups. Open Directory fails to connect "not able to load replica" So I try to create a new OD and get an error the server is already a Network Server.
    So basicaly I want to start from scratch and need some assistance how to get rid of OSX Server.
    Thanks
    Sahid

    Wipe the disk, and reinstall OS X.  (Not fun, of course.  I just created a bootable USB disk for this purpose, and nuked an errant server configuration.  A "target practice" server used for testing purposes had gone awry, and needed to be wholly reset.  So I know what you're going through.  Visit here or here for some instructions.)
    FWIW, usual trigger for problems with OS X Server on a NAT'd network is bad DNS.  That step gets skipped, or folks think they can refer to ISP or off-LAN DNS servers, and problems ensue.  OS X Server needs LAN-local DNS when NAT is in use.

Maybe you are looking for

  • Problem with posting free goods delivery

    I need some help, when I'm posting the goods issue in VL02N I'm receiving following error: <i>Item   Material           Description                                   Delivery qty UoM Batch                                                              

  • User Exit which triggers after creation of purchasing group

    Hi all.   We are creating purchasing group by using the FOLLWOING PATH       SPRO->MATERIAL MANAGEMENT->PURCHASING->CREATING PURCHASING GROUP. Our issue is whenever new purchasing group is created I need to track this and send this new purchasing gro

  • How do I configure a basic LDAP to work with OPS Center?

    I have Solaris 11 and have configured it a few ways with LDAP. The last setup I used Directory server with a proxy then added LDAP configs. I am having problem getting the clients working correctly but first I need to know if I can just configure LDA

  • Nightmare with iPhone update! Help!

    I changed mobile provider today, which resulted in me having to do an update in order to get my phone unlocked! I've avoided updates for fear of losing data up to now! I did a sync and backup but when it came to the 6 update I realised that instead o

  • My iphone was glitching and suddenly it turns off? what do i do?

    hello. i recently turned on my iphone and it started to glitch out, being really slow and i turned it off to see if maybe it would cool down and when i when to go turn i back on the back light is on but no visual? and ive tried resetting it.. what do