Server admin beachballing like crazy

Similar Messages

• Remote Server Admin not working from outside of network for 1 server

  Our company recently changed ISPs and I had to change our two 10.4 server's IP addresses. We have a mail server (intel xserve) and a file/web server (quicksilver g4). Both servers have two network cards in them. The problem is two-fold:
  1- I can successfully manage the Xserve machine locally on our network and from my home. However, I can only manage the Quicksilver g4 server locally. Any kind of external access is not even acknowledged.
  2- I'm not sure if I missed any steps when changing IP addresses for these server-based computers. Also, I'm not sure if I correctly set our dns names to the correct IP address.
  For some background, this is the exact IP update process I used for each server:
  Quicksilver G4 (file/web server) - Installed network card #2 and configured it with the new Public IP in the "System Preferences/Network" panel. In Server Admin I set our website to use the new public IP address. (network card #2 has no firewall device in between it and the internet.)
  Then, I configured the default network card #1 to a static, yet private IP address that's behind our DLink firewall device with the rest of our network.
  Intel Xserve (e-mail server) - Network card #1 was the only one setup before our network change. It had a static, public IP address. When we changed ISPs, I configured network card #2 to the new static, public IP address supplied to us by the new ISP in the "System Preferences/Network" panel. This new IP address is where all email traffic currently gets pointed to. (All mail is successfully sent and delivered.) Until our former ISP gets shutdown, I still have network card #1 configured to the older static public IP address. After the old ISP is shut off, I plan on changing network card #1 to a static, private address.
  Any assistance would be greatly appreciated.
    Mac OS X (10.4.8)  

  What should I check in AD?  I am by no means an expert with AD.
  Yes, I am using the same client OS.
  I am talking about RDP over the internet, like from home to the office.  We have a static IP assigned to the router from ISP.  A static internal IP assigned to the server on the LAN.  And the router port forwards 3389 to the assigned IP. 
  It was working fine before we reinstalled Server 2012.  These are the steps I took when reinstalling:
  1. format drive and install OS
  2. rename the server
  3. install SQL server
  4. Install TFS and SharePoint
  5. Add Active Directory role and promote to Domain Controller
  6. Add domain users
  7. Enable remote access on the server and add users to remote access list

• Server Admin's proxy configuration... whacked? (Doesn't seem to work)

  I just upgraded to Apache2 so that I could, sensibly, use the Server Admin app to manage all my web sites. Previously, my various httpd conf files were too complicated and I had resorted to hand coding them.
  The good news is Server Admin and Apache2 are much closer to functional.
  One bit of bad news: I can't get the reverse proxies to work consistently. Once set up, I get the most peculiar mix of success and failure -- almost at random. For example, some URIs load; others don't; sometimes a page loads, but it's style sheet doesn't.
  What I want is simply this:
  */confluence (proxy to) localhost:8081/confluence
  Using hand-edited config files, I'd usually do something along these lines (and this works great, by the way, if I stick it into 0000any_80www.mydomain.com.conf:
  ProxyRequests Off
  ProxyPassReverse /confluence http://localhost:8081/confluence
  ProxyPass /confluence http://localhost:8081/confluence
  So, off to Server Admin to make this work. I tried checking "Enable Reverse Proxy" and specifying a Proxy Path of "/confluence" and a Worker URL of http://localhost:8081/confluence. This ended up created the following entry in my 0000_...conf file:
  <IfModule modproxybalancer.c>
  ProxyPass /confluence balancer://balancer-group/
  ProxyPassReverse /confluence balancer://balancer-group/
  <Proxy "balancer://balancer-group">
  BalancerMember http://localhost:8081/confluence
  </Proxy>
  </IfModule>
  I wasn't able to figure out what a Sticky Session Identifier, Route or Load Factor would be used for... so I left those blank. Perhaps that's why it's not working... sure would be nice if there was some help in Server Admin...
  Hm. Anyhow, Ok, looks alright. I'm not totally sure about the balancer bits (like why they are there), but I don't see why it wouldn't work. But... IT DOES NOT. I get totally inconsistent results. Some pages load, some don't. Sometimes I get some page assets, while others don't come through. Bah. However, if I get rid of the above, and simply put this in:
  ProxyRequests Off
  ProxyPassReverse /confluence http://localhost:8081/confluence
  ProxyPass /confluence http://localhost:8081/confluence
  It works great. Only problem is, anytime I edit a server configuration, Server Admin goes and deletes those lines! I think I've found a way around it though. I put the above lines into a "0000.proxy" file (in /etc/apache2/sites/0000.proxy) and now I've added this line:
  Include "/etc/apache2/sites/0000.proxy"
  At the bottom of my 0000_...conf file. So far, Server Admin hasn't deleted that line... and it seems to be working.
  BUT, I'd just LOVE it if someone could tell me how to make this work without hacking around in the command line! Very annoying -- and of course, my proxies are showing up in Server Admin, and I really wish that would work.

  Hi there
  For the benefit of anyone looking at this thread, what is meant here is that if you choose to open the help for RoboHelp, you have an abiliity to add a comment. That comment may be kept private or shared with others. If you elect to share it with others, it is generally added as a comment into the pages that provide the help. If approved, Adobe may amend the help topic to reflect the new information.
  @Jared - Was that information missing in your file? I thought when you elected to use this file that it was automatically populated with all available settings. And unfortunately (IMNSHO) the settings don't immediately reflect the settings in the dialog. (I think they should, as a starting point. At least, that's the behavior *I* expected the first time I played with the feature. I was admittedly taken aback when it didn't work that way.)
  Assuming the setting was missing, how did you manage to sort what setting should be added?
  Cheers... Rick
  Helpful and Handy Links
  RoboHelp Wish Form/Bug Reporting Form
  Begin learning RoboHelp HTML 7, 8 or 9 within the day!
  Adobe Certified RoboHelp HTML Training
  SorcerStone Blog
  RoboHelp eBooks

• SMTP chewing up bandwidth like crazy! Please help!

  I've got a crazy problem with a client's server. First, it's an xServe running 10.4.11 with all software updates. It's been in service as a WWW, Mail, FileMaker, FTP, AFP & Windows file server for several years now. Up until the other day, the machine ran without too many glitches.
  The other day, users started complaining that the Internet was really slow. After looking into it, I was able to conclude that SMTP was bogging down the connection. With SMTP off, repeated speed test resulted in about 6 Mbps consistently. When SMTP was fired back up, our speed test results would drop to 300 Kbps or less!!! If my math is correct, that means that SMTP alone was using more than 95% of our 6 Mbps of bandwidth!!!
  I found that if I stopped Mail service using Server Admin -- or if I issue "sudo killall smtp", the connection speed would go back up. Then over the course of an hour or so, enough SMTP daemons launch and eventually bog down the connection again.
  SMTP relay is OFF and I've confirmed that the server cannot be used as a relay. I've also confirmed it's not another machine on the network -- I literally unplugged the rest of the network so it was just me, my server, my router and my cable modem.
  I booted the server from my service drive and examined the hard disks with Disk Utility and then DiskWarrior. I found and repaired only a couple of very minor problems. I also ran repair permissions on the boot volume. I have tried turning off mail service and creating a new, fresh IMAP database and mail store just to eliminate those as a cause. I tried removing the blacklist servers from the config, but that had no effect either.
  When I look at the logs, nothing jumps out at me. Maybe because I'm not accustomed to looking at mail logs. Again, this problem is "all-of-the-sudden". Over the past several years, I would regularly connect to this server over the Internet for screen control with Remote Desktop and would get reasonably smooth performance. Now, SMTP has the Internet connection so jammed that I can barely connect with Remote Desktop (unless I kill off the SMTP processes first).
  Below, I've included the postfix config files (/etc/postfix/main.cf & /etc/postfix/master.cf) AND the last 50 entries in the mail.log file. Hopefully I've answered most questions and made it clear that this problem is extreme and all-of-the-sudden. NOTE: I've changed my client's domain to 'mydomain.com' to protect their privacy -- But i've altered no other information.
  Any suggestions??? I am at a total loss! If I install Mac OS X server, I create a lot of work for myself and the only reason I'm thinking of reinstalling is because I DON'T KNOW WHAT ELSE TO DO!!!
  */etc/postfix/main.cf*
  queue_directory = /private/var/spool/postfix
  command_directory = /usr/sbin
  daemon_directory = /usr/libexec/postfix
  mail_owner = postfix
  myhostname = mail.mydomain.com
  mydomain = mydomain.com
  unknown_local_recipient_reject_code = 550
  debug_peer_level = 2
  debugger_command =
  PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
  xxgdb $daemon_directory/$process_name $process_id & sleep 5
  sendmail_path = /usr/sbin/sendmail
  newaliases_path = /usr/bin/newaliases
  mailq_path = /usr/bin/mailq
  setgid_group = postdrop
  manpage_directory = /usr/share/man
  sample_directory = /usr/share/doc/postfix/examples
  readme_directory = /usr/share/doc/postfix
  inet_interfaces = all
  mynetworks_style = host
  mydomain_fallback = localhost
  myhostname = mail.mydomain.com
  mailbox_transport = cyrus
  enable_server_options = yes
  smtpd_sasl_auth_enable = yes
  smtpd_use_pw_server = yes
  smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,permit
  smtpd_pw_server_security_options = login,plain
  mynetworks = 127.0.0.1/32,10.0.0.0/24
  message_size_limit = 10485760
  content_filter = smtp-amavis:[127.0.0.1]:10024
  mydestination = $myhostname,localhost.$mydomain,server.mydomain.com,mail.mydomain.com,mydomain. com
  relayhost =
  virtual_transport = virtual
  virtual_mailbox_domains =
  owner_request_special = no
  recipient_delimiter = +
  alias_maps = hash:/etc/aliases
  smtpd_client_restrictions = permit_mynetworks permit
  maps_rbl_domains =
  */etc/postfix/master.cf*
  # service type private unpriv chroot wakeup maxproc command + args
  # (yes) (yes) (yes) (never) (100)
  # ==========================================================================
  smtp inet n - n - - smtpd
  #submission inet n - n - - smtpd
  # -o smtpd_etrn_restrictions=reject
  #smtps inet n - n - - smtpd
  # -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
  #submission inet n - n - - smtpd
  # -o smtpd_etrn_restrictions=reject
  # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
  #628 inet n - n - - qmqpd
  pickup fifo n - n 60 1 pickup
  cleanup unix n - n - 0 cleanup
  qmgr fifo n - n 300 1 qmgr
  #qmgr fifo n - n - 1 nqmgr
  #tlsmgr fifo - - n - 1 tlsmgr
  rewrite unix - - n - - trivial-rewrite
  bounce unix - - n - 0 bounce
  defer unix - - n - 0 bounce
  trace unix - - n - 0 bounce
  verify unix - - n - 1 verify
  flush unix n - n 1000? 0 flush
  proxymap unix - - n - - proxymap
  smtp unix - - n - - smtp
  relay unix - - n - - smtp
  # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
  showq unix n - n - - showq
  error unix - - n - - error
  local unix - n n - - local
  virtual unix - n n - - virtual
  lmtp unix - - n - - lmtp
  anvil unix - - n - 1 anvil
  # Interfaces to non-Postfix software. Be sure to examine the manual
  # pages of the non-Postfix software to find out what options it wants.
  # maildrop. See the Postfix MAILDROP_README file for details.
  maildrop unix - n n - - pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
  # The Cyrus deliver program has changed incompatibly, multiple times.
  old-cyrus unix - n n - - pipe
  flags=R user=cyrusimap argv=/cyrus/bin/deliver -e -m ${extension} ${user}
  # Cyrus 2.1.5 (Amos Gouaux)
  # Also specify in main.cf: cyrus_destination_recipient_limit=1
  cyrus unix - n n - 10 pipe
  user=cyrusimap argv=/usr/bin/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
  uucp unix - n n - - pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
  ifmail unix - n n - - pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
  bsmtp unix - n n - - pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient127.0.0.1:10025 inet n - y - - smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_client_restrictions=
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8
  -o smtpd_enforce_tls=no
  -o strict_rfc821_envelopes=yes
  -o smtpd_error_sleep_time=0
  -o smtpd_soft_error_limit=1001
  -o smtpd_hard_error_limit=1000
  -o receive_override_options=no_header_body_checks
  smtp-amavis unix - - y - 2 smtp
  -o smtp_data_done_timeout=1200
  -o smtp_send_xforward_command=yes
  -o disable_dns_lookups=yes
  127.0.0.1:10025 inet n - y - - smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_client_restrictions=
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8
  -o smtpd_enforce_tls=no
  -o strict_rfc821_envelopes=yes
  -o smtpd_error_sleep_time=0
  -o smtpd_soft_error_limit=1001
  -o smtpd_hard_error_limit=1000
  -o receive_override_options=no_header_body_checks
  *MAIL.LOG* (last 50 entries)
  Dec 6 13:44:44 server postfix/smtpd[20567]: NOQUEUE: reject: RCPT from unknown[87.203.98.69]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<a-93bf88c8a27b4>
  Dec 6 13:44:45 server postfix/smtpd[20567]: disconnect from unknown[87.203.98.69]
  Dec 6 13:44:46 server postfix/smtpd[19975]: warning: 201.79.139.138: hostname 20179139138.user.veloxzone.com.br verification failed: Host not found
  Dec 6 13:44:46 server postfix/smtpd[19975]: connect from unknown[201.79.139.138]
  Dec 6 13:44:46 server postfix/smtpd[19599]: connect from 83-221-93-216.dynamic.primacom.net[83.221.93.216]
  Dec 6 13:44:46 server postfix/smtpd[20568]: disconnect from unknown[86.55.5.226]
  Dec 6 13:44:46 server postfix/smtpd[19599]: NOQUEUE: reject: RCPT from 83-221-93-216.dynamic.primacom.net[83.221.93.216]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<83-221-93-216.dynamic.primacom.net>
  Dec 6 13:44:47 server postfix/smtpd[19975]: NOQUEUE: reject: RCPT from unknown[201.79.139.138]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<20179139138.user.veloxzone.com.br>
  Dec 6 13:44:47 server postfix/smtpd[19599]: disconnect from 83-221-93-216.dynamic.primacom.net[83.221.93.216]
  Dec 6 13:44:47 server postfix/smtpd[19975]: disconnect from unknown[201.79.139.138]
  Dec 6 13:44:48 server postfix/smtpd[20647]: connect from 82-43-177-165.cable.ubr06.nmal.blueyonder.co.uk[82.43.177.165]
  Dec 6 13:44:48 server postfix/smtpd[20647]: NOQUEUE: reject: RCPT from 82-43-177-165.cable.ubr06.nmal.blueyonder.co.uk[82.43.177.165]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<82-43-177-165.cable.ubr06.nmal.blueyonder.co.uk>
  Dec 6 13:44:49 server postfix/smtpd[20647]: disconnect from 82-43-177-165.cable.ubr06.nmal.blueyonder.co.uk[82.43.177.165]
  Dec 6 13:44:50 server postfix/smtpd[19955]: connect from i577a48a1.versanet.de[87.122.72.161]
  Dec 6 13:44:50 server postfix/smtpd[20558]: connect from cm-85-152-128-251.telecable.es[85.152.128.251]
  Dec 6 13:44:51 server postfix/smtpd[19955]: NOQUEUE: reject: RCPT from i577a48a1.versanet.de[87.122.72.161]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<i577A48A1.versanet.de>
  Dec 6 13:44:51 server postfix/smtpd[19955]: disconnect from i577a48a1.versanet.de[87.122.72.161]
  Dec 6 13:44:51 server postfix/smtpd[20558]: NOQUEUE: reject: RCPT from cm-85-152-128-251.telecable.es[85.152.128.251]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<cm-85-152-128-251.telecable.es>
  Dec 6 13:44:51 server postfix/smtpd[20558]: disconnect from cm-85-152-128-251.telecable.es[85.152.128.251]
  Dec 6 13:44:51 server postfix/smtpd[19984]: connect from i577b3c95.versanet.de[87.123.60.149]
  Dec 6 13:44:52 server postfix/smtpd[20567]: connect from 200150012106.static.corp.wayinternet.com.br[200.150.12.106]
  Dec 6 13:44:52 server postfix/smtpd[19984]: NOQUEUE: reject: RCPT from i577b3c95.versanet.de[87.123.60.149]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<i577B2F9F.versanet.de>
  Dec 6 13:44:52 server postfix/smtpd[19984]: disconnect from i577b3c95.versanet.de[87.123.60.149]
  Dec 6 13:44:53 server postfix/smtpd[20567]: NOQUEUE: reject: RCPT from 200150012106.static.corp.wayinternet.com.br[200.150.12.106]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<200150012106.static.corp.wayinternet.com.br>
  Dec 6 13:44:53 server postfix/smtpd[20567]: disconnect from 200150012106.static.corp.wayinternet.com.br[200.150.12.106]
  Dec 6 13:44:55 server postfix/smtpd[20645]: lost connection after EHLO from bxg170.internetdsl.tpnet.pl[83.18.240.170]
  Dec 6 13:44:55 server postfix/smtpd[20645]: disconnect from bxg170.internetdsl.tpnet.pl[83.18.240.170]
  Dec 6 13:44:55 server postfix/smtpd[20568]: connect from adsl-ull-76-151.41-151.net24.it[151.41.151.76]
  Dec 6 13:44:56 server postfix/smtpd[19599]: connect from bzq-84-108-155-86.cablep.bezeqint.net[84.108.155.86]
  Dec 6 13:44:56 server postfix/smtpd[19975]: connect from 77-253-243-29.adsl.inetia.pl[77.253.243.29]
  Dec 6 13:44:56 server postfix/smtpd[20568]: NOQUEUE: reject: RCPT from adsl-ull-76-151.41-151.net24.it[151.41.151.76]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<adsl-ull-31-139.41-151.net24.it>
  Dec 6 13:44:56 server postfix/smtpd[19599]: NOQUEUE: reject: RCPT from bzq-84-108-155-86.cablep.bezeqint.net[84.108.155.86]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<bzq-84-108-155-86.cablep.bezeqint.net>
  Dec 6 13:44:56 server postfix/smtpd[19599]: disconnect from bzq-84-108-155-86.cablep.bezeqint.net[84.108.155.86]
  Dec 6 13:44:56 server postfix/smtpd[20568]: disconnect from adsl-ull-76-151.41-151.net24.it[151.41.151.76]
  Dec 6 13:44:57 server postfix/smtpd[20646]: connect from host217-22-dynamic.27-79-r.retail.telecomitalia.it[79.27.22.217]
  Dec 6 13:44:57 server postfix/smtpd[20646]: lost connection after CONNECT from host217-22-dynamic.27-79-r.retail.telecomitalia.it[79.27.22.217]
  Dec 6 13:44:57 server postfix/smtpd[20646]: disconnect from host217-22-dynamic.27-79-r.retail.telecomitalia.it[79.27.22.217]
  Dec 6 13:44:57 server postfix/smtpd[19975]: NOQUEUE: reject: RCPT from 77-253-243-29.adsl.inetia.pl[77.253.243.29]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<77-253-243-29.adsl.inetia.pl>
  Dec 6 13:44:58 server postfix/smtpd[20647]: connect from unknown[72.54.61.253]
  Dec 6 13:44:58 server postfix/smtpd[20647]: NOQUEUE: reject: RCPT from unknown[72.54.61.253]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[72.54.61.253]>
  Dec 6 13:44:58 server postfix/smtpd[20647]: disconnect from unknown[72.54.61.253]
  Dec 6 13:44:58 server postfix/smtpd[19975]: disconnect from 77-253-243-29.adsl.inetia.pl[77.253.243.29]
  Dec 6 13:44:58 server postfix/smtpd[19955]: connect from p4fced3c6.dip.t-dialin.net[79.206.211.198]
  Dec 6 13:44:59 server postfix/smtpd[19955]: NOQUEUE: reject: RCPT from p4fced3c6.dip.t-dialin.net[79.206.211.198]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<p4FCED3C6.dip.t-dialin.net>
  Dec 6 13:44:59 server postfix/smtpd[19955]: disconnect from p4fced3c6.dip.t-dialin.net[79.206.211.198]
  Dec 6 13:45:00 server postfix/smtpd[19984]: connect from bxg170.internetdsl.tpnet.pl[83.18.240.170]
  Dec 6 13:45:00 server postfix/smtpd[20558]: connect from bl7-9-222.dsl.telepac.pt[85.240.9.222]
  Dec 6 13:45:01 server postfix/smtpd[20558]: NOQUEUE: reject: RCPT from bl7-9-222.dsl.telepac.pt[85.240.9.222]: 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<bl5-55-154.dsl.telepac.pt>
  Dec 6 13:45:01 server postfix/smtpd[20558]: disconnect from bl7-9-222.dsl.telepac.pt[85.240.9.222]
  Dec 6 13:45:01 server postfix/smtpd[20567]: connect from unknown[212.23.103.33]
  *ps -aux | grep "smtp"*
  postfix 20565 0.0 -0.1 29976 1368 ?? S 1:39PM 0:00.23 smtpd -n 127.0.0.1:10025 -t inet -u -c -o content_filter -o local_recipient_maps -o relay_recipient_maps -o smtpd_restriction_classes -o smtpd_client_restrictions -o s
  postfix 20645 0.0 -0.1 29976 1756 ?? S 1:43PM 0:00.24 smtpd -n smtp -t inet -u
  postfix 20647 0.0 -0.1 29976 1836 ?? S 1:43PM 0:00.23 smtpd -n smtp -t inet -u
  postfix 20682 0.0 -0.0 27468 624 ?? S 1:45PM 0:00.09 smtp -n smtp-amavis -t unix -u -c -o smtp_data_done_timeout 1200 -o smtp_send_xforward_command yes
  postfix 20737 0.0 -0.1 29976 1836 ?? S 1:47PM 0:00.24 smtpd -n smtp -t inet -u
  postfix 20806 0.0 -0.1 29976 1756 ?? S 1:48PM 0:00.22 smtpd -n smtp -t inet -u
  postfix 20860 0.0 -0.1 29976 1756 ?? S 1:50PM 0:00.16 smtpd -n smtp -t inet -u
  postfix 20861 0.0 -0.1 29976 1724 ?? S 1:50PM 0:00.10 smtpd -n smtp -t inet -u
  postfix 20864 0.0 -0.1 29976 1808 ?? S 1:50PM 0:00.11 smtpd -n smtp -t inet -u
  postfix 20912 0.0 -0.1 29976 1740 ?? S 1:52PM 0:00.12 smtpd -n smtp -t inet -u
  postfix 20914 0.0 -0.1 29976 1732 ?? S 1:52PM 0:00.11 smtpd -n smtp -t inet -u
  postfix 21009 0.0 -0.0 27468 812 ?? S 1:56PM 0:00.02 smtp -t unix -u
  postfix 21033 0.0 -0.1 29976 1736 ?? S 1:57PM 0:00.03 smtpd -n smtp -t inet -u
  postfix 21034 0.0 -0.1 29976 1740 ?? S 1:57PM 0:00.04 smtpd -n smtp -t inet -u
  admin 21036 0.0 -0.0 27376 420 p1 S+ 1:57PM 0:00.00 grep smtp

  Further investigation shows that after killing all the smtp (or otherwise restarting it) it works fine for a while then goes nuts launching SMTP and SMTPD processes.
  So if the connection is bogged down and SMTP is out of control, I issue:
  sudo killall "smtp"
  and the connection speed goes back to normal for a while and the output of
  ps -aux | grep "smtp"
  is as follows:
  [server:~] admin% ps -aux | grep "smtp"
  postfix 3219 0.2 -0.1 29856 1728 ?? S 6:55PM 0:00.11 smtpd -n smtp -t inet -u
  postfix 457 0.0 -0.2 29856 4708 ?? S 6:04PM 0:00.31 smtpd -n smtp -t inet -u
  postfix 467 0.0 -0.2 29856 4700 ?? S 6:04PM 0:00.28 smtpd -n smtp -t inet -u
  postfix 471 0.0 -0.2 29856 4700 ?? S 6:04PM 0:00.30 smtpd -n smtp -t inet -u
  postfix 476 0.0 -0.2 29856 4704 ?? S 6:04PM 0:00.27 smtpd -n smtp -t inet -u
  postfix 479 0.0 -0.2 29856 4708 ?? S 6:04PM 0:00.28 smtpd -n smtp -t inet -u
  postfix 480 0.0 -0.2 29856 4708 ?? S 6:04PM 0:00.30 smtpd -n smtp -t inet -u
  postfix 481 0.0 -0.2 29856 4708 ?? S 6:04PM 0:00.32 smtpd -n smtp -t inet -u
  postfix 2557 0.0 -0.1 29856 1744 ?? S 6:41PM 0:00.10 smtpd -n smtp -t inet -u
  postfix 2561 0.0 -0.1 29856 1760 ?? S 6:42PM 0:00.14 smtpd -n smtp -t inet -u
  postfix 2610 0.0 -0.1 29856 1728 ?? S 6:43PM 0:00.07 smtpd -n smtp -t inet -u
  postfix 3077 0.0 -0.1 29856 1748 ?? S 6:53PM 0:00.07 smtpd -n smtp -t inet -u
  postfix 3462 0.0 -0.1 29856 1336 ?? S 7:00PM 0:00.04 smtpd -n 127.0.0.1:10025 -t inet -u -c -o content_filter -o localrecipientmaps -o relayrecipientmaps -o smtpdrestrictionclasses -o smtpdclientrestrictions -o s
  postfix 3533 0.0 -0.1 29856 1740 ?? S 7:02PM 0:00.03 smtpd -n smtp -t inet -u
  postfix 3539 0.0 -0.1 29856 1752 ?? S 7:02PM 0:00.03 smtpd -n smtp -t inet -u
  postfix 3593 0.0 -0.0 27468 624 ?? S 7:03PM 0:00.01 smtp -n smtp-amavis -t unix -u -c -o smtpdata_donetimeout 1200 -o smtpsend_xforwardcommand yes
  admin 3603 0.0 -0.0 27376 420 p1 S+ 7:03PM 0:00.00 grep smtp
  [server:~] admin%
  ... but then after a while
  ps -aux | grep "smtp"
  yields:
  postfix 3462 0.5 -0.1 29856 1328 ?? S 7:00PM 0:00.03 smtpd -n 127.0.0.1:10025 -t inet -u -c -o content_filter -o localrecipientmaps -o relayrecipientmaps -o smtpdrestrictionclasses -o smtpdclientrestrictions -o s
  postfix 388 0.0 -0.2 29856 4700 ?? S 6:04PM 0:00.33 smtpd -n smtp -t inet -u
  postfix 457 0.0 -0.2 29856 4708 ?? S 6:04PM 0:00.30 smtpd -n smtp -t inet -u
  postfix 458 0.0 -0.2 29856 4708 ?? S 6:04PM 0:00.33 smtpd -n smtp -t inet -u
  postfix 467 0.0 -0.2 29856 4700 ?? S 6:04PM 0:00.27 smtpd -n smtp -t inet -u
  postfix 471 0.0 -0.2 29856 4704 ?? S 6:04PM 0:00.29 smtpd -n smtp -t inet -u
  postfix 476 0.0 -0.2 29856 4704 ?? S 6:04PM 0:00.27 smtpd -n smtp -t inet -u
  postfix 477 0.0 -0.2 29856 4708 ?? S 6:04PM 0:00.31 smtpd -n smtp -t inet -u
  postfix 479 0.0 -0.2 29856 4712 ?? S 6:04PM 0:00.26 smtpd -n smtp -t inet -u
  postfix 480 0.0 -0.2 29856 4704 ?? S 6:04PM 0:00.28 smtpd -n smtp -t inet -u
  postfix 481 0.0 -0.2 29856 4708 ?? S 6:04PM 0:00.31 smtpd -n smtp -t inet -u
  postfix 2249 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2250 0.0 -0.0 27468 808 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2251 0.0 -0.0 27468 792 ?? S 6:37PM 0:00.04 smtp -t unix -u
  postfix 2253 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2254 0.0 -0.0 27468 800 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2257 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.10 smtp -t unix -u
  postfix 2259 0.0 -0.0 27468 808 ?? S 6:37PM 0:00.08 smtp -t unix -u
  postfix 2261 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.04 smtp -t unix -u
  postfix 2263 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.05 smtp -t unix -u
  postfix 2264 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.05 smtp -t unix -u
  postfix 2265 0.0 -0.0 27468 800 ?? S 6:37PM 0:00.06 smtp -t unix -u
  postfix 2266 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2269 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2270 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.04 smtp -t unix -u
  postfix 2275 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.06 smtp -t unix -u
  postfix 2276 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.04 smtp -t unix -u
  postfix 2279 0.0 -0.0 27468 800 ?? S 6:37PM 0:00.08 smtp -t unix -u
  postfix 2280 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.05 smtp -t unix -u
  postfix 2281 0.0 -0.0 27468 800 ?? S 6:37PM 0:00.08 smtp -t unix -u
  postfix 2283 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2284 0.0 -0.0 27468 808 ?? S 6:37PM 0:00.03 smtp -t unix -u
  postfix 2286 0.0 -0.0 27468 792 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2287 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.06 smtp -t unix -u
  postfix 2289 0.0 -0.0 27468 792 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2290 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.05 smtp -t unix -u
  postfix 2291 0.0 -0.0 27468 792 ?? S 6:37PM 0:00.05 smtp -t unix -u
  postfix 2292 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2296 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.05 smtp -t unix -u
  postfix 2297 0.0 -0.0 27468 792 ?? S 6:37PM 0:00.06 smtp -t unix -u
  postfix 2299 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.06 smtp -t unix -u
  postfix 2300 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.12 smtp -t unix -u
  postfix 2301 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2304 0.0 -0.0 27468 812 ?? S 6:37PM 0:00.12 smtp -t unix -u
  postfix 2305 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.05 smtp -t unix -u
  postfix 2307 0.0 -0.0 27468 808 ?? S 6:37PM 0:00.11 smtp -t unix -u
  postfix 2308 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2309 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.05 smtp -t unix -u
  postfix 2310 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.08 smtp -t unix -u
  postfix 2311 0.0 -0.0 27468 812 ?? S 6:37PM 0:00.10 smtp -t unix -u
  postfix 2315 0.0 -0.0 27468 808 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2316 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2317 0.0 -0.0 27468 796 ?? S 6:37PM 0:00.05 smtp -t unix -u
  postfix 2320 0.0 -0.0 27468 788 ?? S 6:37PM 0:00.06 smtp -t unix -u
  postfix 2321 0.0 -0.0 27468 800 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2322 0.0 -0.0 27468 800 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2323 0.0 -0.0 27468 792 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2324 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2325 0.0 -0.0 27468 800 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2329 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2330 0.0 -0.0 27468 808 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2331 0.0 -0.0 27468 792 ?? S 6:37PM 0:00.06 smtp -t unix -u
  postfix 2333 0.0 -0.0 27468 800 ?? S 6:37PM 0:00.10 smtp -t unix -u
  postfix 2340 0.0 -0.0 27468 800 ?? S 6:37PM 0:00.11 smtp -t unix -u
  postfix 2343 0.0 -0.0 27468 808 ?? S 6:37PM 0:00.08 smtp -t unix -u
  postfix 2344 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.14 smtp -t unix -u
  postfix 2345 0.0 -0.0 27468 804 ?? S 6:37PM 0:00.07 smtp -t unix -u
  postfix 2347 0.0 -0.0 27468 808 ?? S 6:37PM 0:00.09 smtp -t unix -u
  postfix 2557 0.0 -0.1 29856 1736 ?? S 6:41PM 0:00.09 smtpd -n smtp -t inet -u
  postfix 2561 0.0 -0.1 29856 1752 ?? S 6:42PM 0:00.12 smtpd -n smtp -t inet -u
  postfix 2610 0.0 -0.1 29856 1720 ?? S 6:43PM 0:00.07 smtpd -n smtp -t inet -u
  postfix 3077 0.0 -0.1 29856 1728 ?? S 6:53PM 0:00.05 smtpd -n smtp -t inet -u
  postfix 3102 0.0 -0.0 27468 808 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3103 0.0 -0.0 27468 804 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3104 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3105 0.0 -0.0 27468 804 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3106 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3107 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3108 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.02 smtp -t unix -u
  postfix 3109 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3110 0.0 -0.0 27468 816 ?? S 6:53PM 0:00.02 smtp -t unix -u
  postfix 3111 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.02 smtp -t unix -u
  postfix 3112 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.02 smtp -t unix -u
  postfix 3113 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3114 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.04 smtp -t unix -u
  postfix 3115 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3116 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3117 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3118 0.0 -0.0 27468 804 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3119 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3120 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3121 0.0 -0.0 27468 808 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3122 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.02 smtp -t unix -u
  postfix 3123 0.0 -0.0 27468 812 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3124 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3125 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3126 0.0 -0.0 27468 812 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3127 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3128 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3129 0.0 -0.0 27468 816 ?? S 6:53PM 0:00.04 smtp -t unix -u
  postfix 3130 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3131 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3132 0.0 -0.0 27468 820 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3133 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3134 0.0 -0.0 27468 816 ?? S 6:53PM 0:00.04 smtp -t unix -u
  postfix 3135 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3136 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3137 0.0 -0.0 27468 808 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3138 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.02 smtp -t unix -u
  postfix 3139 0.0 -0.0 27468 812 ?? S 6:53PM 0:00.04 smtp -t unix -u
  postfix 3140 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3141 0.0 -0.0 27468 808 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3142 0.0 -0.0 27468 796 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3143 0.0 -0.0 27468 800 ?? S 6:53PM 0:00.04 smtp -t unix -u
  postfix 3144 0.0 -0.0 27468 808 ?? S 6:53PM 0:00.03 smtp -t unix -u
  postfix 3219 0.0 -0.1 29856 1724 ?? S 6:55PM 0:00.05 smtpd -n smtp -t inet -u
  postfix 3460 0.0 -0.0 27468 620 ?? S 7:00PM 0:00.01 smtp -n smtp-amavis -t unix -u -c -o smtpdata_donetimeout 1200 -o smtpsend_xforwardcommand yes
  admin 3468 0.0 -0.0 27376 420 p1 S+ 7:00PM 0:00.00 grep smtp
  ... and it's when this is going on that the internet connection is bogged down.

• How do I create a virtual directory in Snow Leopard Server Admin program?

  Hi, how do you use the server admin program in snow leopard server to create an apache virtual directory? I can't see it in the applet anywhere. Thank you.

  Well this is what I thought too but I don't think I'm doing something right. I have a default website on port 80 and I created a second site on the same port. They are two different websites. One is the initial one that comes stock with the osx. The second one I created.
  When I browse to my server I get the second site. How can I get the default to be the one that points to the mail, wiki, calendar stuff, while my second domain is something totally different.
  http://myserver (should be the default stuff like mail.)
  http://myserver/mysecondsite (should be my other stuff.)
  The problem is that when I go to http://myserver it is going to http://myserver/mysecondsite
  What am I doing wrong? Thank you.

• Creating Open Directory Replica fails with Server Admin Error Value 1127

  Hallo,
  I have seen a lot of similar threads here and they were helpful up to a certain point, but in the end, they did not solve my problem.
  Currently, it comes down to this. The Server Admin Error message ist really meaningless and I could not find a single for the error value on the whole wide web. As such, I switched to the command line versions of the tools involved to geht more meaningful results. It worked. Specifically, creating a replica of an openldap master means using slapconfig.
  When executing
  slapconfig -createreplica master.ourdomain.com diradmin
  as root on the prospective replica machine, I get the following error message:
  ssh command failed with status 127
  That command is not allowed with the root account via public key authentication.
  That makes perfect sense to me, but how is it meant to work then?
  Executing slapconfig as admin tells me that this tool is to be executed as root. On the other hand, root login via ssh is not allowed in Mac OS X by default, which seems fine to me. I even changed /etc/sshd_config on the Open Directory Master machine to "PermitRootLogin yes". However, neither reloading ssh using launchctl nor restarting the whole server made this setting operational. Trying to login from command line as root still tells me:
  root login is not permitted to this machine via public key authentication.
  While this is the current state where I need help urgently, I changed some other things before. I tell about to exclude these issues as possible reason of failure. I got this message for quite a while:
  Replica Setup failed : This machine does not have a valid computer name
  I was sure, this machine meant the target machine, the open directory master, because the domain had changed there once before I had taken over responsibility as an admin in this environment. And in fact, changeip disguised an issue there. The command proposed by changeip to fix the situation did not seem appropriate because this machine is multihomed with a public and a private IP adress. Proper name resolution is available for both interfaces including reverse lookup. I dont like this setup, but it was the only way to get mail service running smoothly. Running changeip on the machine itself using these arguments
  changeip /LDAPv3/127.0.0.1 internalIP internalIP old.ours.com current.ours.com
  reported success in updating password server, open directory, both interfaces, hostconfig (which in fact did not change) and samba. It reported an issue with kadmin which is related to Kerberos (we dont use Kerberos yet).
  Changing the hostname of the server using changeip did not solve the issue. I then found the hint to check with scutil. This showed that the Hostname was not set on the prospective replica machine. (A question aside: in how many place is the hostname stored? The traditional /etc/hostname has gone, but seems to be replaces with several other configuration files and databases. I cant see this as an advantage). Setting the hostname using scutil worked fine. However, it did not solve the problem either. At least, slapconfig now started to complain about not being able to log in as root instead of failing from the start.
  I also checked all log files on bboth machines that might have to do with openldap, as there are /var/log/slapd.log, /var/log/system.log and /Library/Log/slapconfig.log. I also checked the log of th layer on top of openldap which is /Library/Log/DirectoryService.server.log. None of them revealed anything noticeable beside a lot of of entries that I have googled in the last few hours and which all dont seem to be associated with the problem in question.
  I will take a break now, but I have to fix this until tomorrow and I hope to get the ultimate hint from you, dear reader.
  Thanks and bye, Christian Völker

  ssh command failed with status 127
  That command is not allowed with the root account via public key authentication.
  Initial OD replication takes place via 'ssh'. If you have 'sshd' configured on the OD Master to authenticate with public keys then the OD replica will not be able to communicate with the OD Master via 'ssh'. You must configure the OD Master to use 'ssh' with password authentication and root login enabled.
  Demote the replica back to standalone. Stop any services that you may have running on the primary network interface. Then stop any services that you may have running on the secondary network interface. In the 'Network' System Prefpane remove the IP number from the secondary interface then deactivate the secondary network interface.
  Assign the private IP address and hostname that you wish to use for the replica to the primary network interface. Assign the 'public' IP number to the secondary interface. Check the DNS to see that the IP address and hostname for the primary network interface resolve both forward and reverse for the hostname of the replica that you have chosen. If it does not, fix your DNS before proceeding.
  In the 'Sharing' System Prefpane, change the name of the machine to the hostname (server.domain.tld) of the replica that you have chosen. Then use 'changeip -checkhostname' to see if the IP/hostname matches. Fix it if it doesn't.
  Then configure the /etc/sshd_config file on the OD master like this:
  \# Authentication:
  PermitRootLogin yes
  PasswordAuthentication yes
  PubkeyAuthentication no
  and the /etc/ssh_config file on the OD replica like this:
  PasswordAuthentication yes
  PubkeyAuthentication no
  Then from the OD replica as the 'root' user issue:
  slapconfig -createreplica <ODMasterIPorFQDN> <diradmin user>
  Make sure that the 'diradmin' user's password contains only alpha-numeric characters -no 'option-characters' or symbols, change it first if it does. Once the process completes, reactivate the secondary interface for the 'public' IP and check the configuration of services that will be using that IP, then start your other services. Secure the 'ssh' service on both machines to disable password authentication and 'root' logins.

• Lion server VPN + Server Admin Tools 10.7

  Hi,
  I followed this guide http://macminicolo.net/lionservervpn to try to set up VPN on my lion mac mini server.
  I also used Server Admin Tools 10.7 as instructed in the guide.
  After completing the steps in the guide, I cannot get VPN to work, plus I have extra problems as below:
  my mini cannot connected to the Internet or local network shares. I found under "Network" setting there was extra VLan created by the system automatically showing as "System Test--Connection error". After I delete this extra connection and revert my Ethernet to its original settings I can connect to the Internet again.
  Server Admin Tools 10.7 seem to retains all its settings from the guide on NAT, Firewall etc. doesn't matter if I had removed the current server and created a new server in the left pane. Is there anyway I can restore the Server Admin Tools to its programme defaults? I suspect these settings are affecting my networks and I cannot get rid of them completely. 
  Would VPN still work if I just set it up in the server app? I haven't been able to get it work this way. I also want to find out is your guide for using the VPN to connect to the Internet off the server as a way to bypass restrictions? Do I have to set it up this way as the guide if I just to want to set up a VPN for simple fireshareing?
  What did this command in the guide do to my mini? I was hopping if I cannot get VPN to work, then I should at least reverse the effects of this command. How do I undo this command please? "sudo serveradmin settings vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index:0 = "192.168.2.1"

  Thanks BrianFL. This helps hugely. Yes, I just to set up a simple filesharing VPN not the kind of VPN that bypass Internet censorship. I use ethernet connection directly from my router yes.
  1. I just need to use the server app to set up a VPN and port forwarding. That is it?
  2. The setting I have made according to the guide with Server Admin Tools seems never going away, even after I deleted the server that has all the settings inside Server Admin Tools. Upon creating a new server inside Server Admin Tools, the new server inherits all the settings from the one I just deleted. Any idea how I can restore to Server Admin Tools's defaults settings?
  3. Even VNC (I use RealVNC) on the mini stopped working after I made changes according to the guide and deleted all the changes I can find. What is the address format for lion's build in VNC (192.168.0.100:5800?) like? I forgot how it is.
  Thanks so much!

• Share point in server admin not working correctly... I think

  I suspect that the share point in server admin is not working correctly. In workgroup manager when I click on a user and then click on the "home" tab, under the full path field I see a file path of:
  afp://server.mydomain.com/Users
  However if I go to Server Admin -> AFP -> Share Points then click on the Users share and then click on the share point tab below, enable auto mount is disabled. How can this be possible? I thought for a directory to show up in home in workgroup manager it had to be set as an auto mount. Has something possibly corrupted? And what?

  Here's a bit more information about our setup and our experiences with Apple's CUPS implementation:
  On the server, all printer queues are set up with only lpr and ipp sharing enabled with the PPD setting for each printer set to Generic Postscript. We found that setting the PPD to the printer specific one on the server caused problems when clients tried to use printer specific options, like paper tray selection, etc.. The selection would be undone, apparently because the driver on the server would override the previous settings. Using Generic Postscript allows the client PPD settings to go through unmodified. Our printers are general a mix of HP LaserJets and some Sharp Copiers.
  All clients use lpd to the server queues with the printers' actual PPDs configured. Using ipp is superior in that printer feedback (jams, out of toner, etc) makes it back to the clients, but ipp only works when the client, the server, and the printer are on the same network. If the ipp client is not on the same network, the client spooler immediately goes into a paused state and the print job is stuck on the client.
  Using lpd to the server queues works reliably, but there is no feedback to the client. Jobs disappear from the client queue and go to the server, appearing to the user as a successful print. If the printer is down, there's nothing they can see or do about it.

• Print Queue Management via Server Admin not working

  We have Xserves (10.5.8) running the Print Service for queue management to our printers. Clients print through the server just fine.
  When the printer jams or is otherwise paused, print jobs pile up in the queue as expected. The queue can be seen and managed by logging into the server, going to Server Preferences/Print & Fax and selecting the print queue.
  However, when the queue for the paused printer is viewed within Server Admin/Print, the queue shows as empty and therefore can't be managed. We want to use Server Admin for this function because:
  1) Server Admin can be run remotely on a workstation, so no login to the server required.
  2) We can assign Print Service management rights to select non-admins so they can manage the queues.
  Any ideas on why Server Admin fails to show spooled jobs? Is it working for anyone else?
  I am using Server Admin version 10.5.3 which are the latest available that comes with Server Admin Tools 10.5.7. We had been running 10.5.7 on the Xserve and it didn't work then either.

  Here's a bit more information about our setup and our experiences with Apple's CUPS implementation:
  On the server, all printer queues are set up with only lpr and ipp sharing enabled with the PPD setting for each printer set to Generic Postscript. We found that setting the PPD to the printer specific one on the server caused problems when clients tried to use printer specific options, like paper tray selection, etc.. The selection would be undone, apparently because the driver on the server would override the previous settings. Using Generic Postscript allows the client PPD settings to go through unmodified. Our printers are general a mix of HP LaserJets and some Sharp Copiers.
  All clients use lpd to the server queues with the printers' actual PPDs configured. Using ipp is superior in that printer feedback (jams, out of toner, etc) makes it back to the clients, but ipp only works when the client, the server, and the printer are on the same network. If the ipp client is not on the same network, the client spooler immediately goes into a paused state and the print job is stuck on the client.
  Using lpd to the server queues works reliably, but there is no feedback to the client. Jobs disappear from the client queue and go to the server, appearing to the user as a successful print. If the printer is down, there's nothing they can see or do about it.

• Server Admin not drawing graphs

  I have a fresh install of Leopard that will not display the graphs in Server Admin on the server. I can see the graphs if viewing from my laptop or other machine, but not from the server itself. It gets a few errors like ...
  ... [0x0-0x1b01b].com.apple.ServerAdmin[1734]: * ERROR: -[GRAxes computeLayout]:1124 - plotRect height = 0.000000 <= 0.0 *
  ... [0x0-0x1b01b].com.apple.ServerAdmin[1734]: * ERROR: -[GRChartView computeLayout]:1194 - Layout for overlay axes (0x6826d30) failed. *
  The hardware is a Xserve, 2 x 2.0GHz PPC G5 with 2.0 GB RAM.
  Any help is appreciated as this is an annoying feature.

  Hi
  I see the same "error" messages in every leopard server install I've done - and I've done a fair few - regardless of what hardware was used. Graphs draw fine for me.
  Tony

• Server admin tool's help file broken ?

  Hi,
  SL Server 10.6.4
  I'm trying to open the help file of the server admin tool but it seems to be broken : 100% CPU, beachball. The same occurs with the file included in the standalone bundle (see http://support.apple.com/downloads/ServerAdmin_Tools_106) installed on a SL 10.6.4 client.
  Anybody having the problem too ? Any idea ?
  Thanks

  Hi,
  SL Server 10.6.4
  I'm trying to open the help file of the server admin tool but it seems to be broken : 100% CPU, beachball. The same occurs with the file included in the standalone bundle (see http://support.apple.com/downloads/ServerAdmin_Tools_106) installed on a SL 10.6.4 client.
  Anybody having the problem too ? Any idea ?
  Thanks

• Problem in Server Admin: cpu and network graphs not updated or empty after lion server update

  Hi!
  Just for archive purpouses because i've already solved that!
  After upgrading from OSX Server 10.7 to 10.7.1 my CPU and Network graphs in Server Admin stop being updated.
  In 24h the graphs where blank (disk usage graph seem to keep working).
  First i read about "what is the application responsible for this"; it's called ServerPerfLog, and you can see if it's running that way:
       # ps ax | grep ServerPerf
  If you don't see anything else than your own "grep", that means that no application is running, no data is being collected.
       41324 s000  R+     0:00.00 grep ServerPerf
  A positive response for this (meaning that the service is running) should be something like that (2 lines: your grep and the service app itself):
       94   ??  Ss     0:04.71 /usr/libexec/ServerPerfLog
       41344 s000  R+     0:00.00 grep ServerPerf
  Later i read about "where is the config file for this service app", and you can find it here:
       /System/Library/LaunchDaemons/com.apple.ServerPerfLog.plist
  If you edit this config file, check that the "Key > Disabled" is set to "False"
       # vi /System/Library/LaunchDaemons/com.apple.ServerPerfLog.plist
          <key>Disabled</key>
          <false/>
  After that, i try to launch the service that updates this graphs again, by hand, performing the following command:
       # sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.ServerPerfLog.plist
  And the service got launch!!! yeeeepa!! i see a first update in graph data.
  Also the "ps" query reply that the service was running!!
  The bad things came a day after, when i saw that the graphs stop again....
  I check if the service was running executing again the "ps" command, and that show me that the service was stopped again; no ServerPerfLog process was running.
  But r e l a x, because the process hang because of a permissions problem.
  You should know, I run "Repair permissions" within "Disk Utilities" over the running system disk, eeee... voila!
  I hope that helps someone to get his fancy graphs back!
  Regards,
  t

  You are God like!!! Wooo hooo! Thanks bud!

• Server Admin keeps dispaying error "The service has encountered an error."

  All the services in the Server Admin function are continuously displaying the following error message:
  The service has encountered an error.
  Try to refresh the view (servername.local/servicename). (kNetworkError)
  I press OK and the message disappears, but I have to go through every service to remove this message, and then it just reappears a little later. But it doesn't seem to affect the operation of the server, but I'm concerned that this is disguising a future problem and would like to get rid of this occurring. I have searched the forums and found nobody to help me. Please can anyone help me?
  Message was edited by: Viking Marauder

  Thanks guys, it seems this is a feature of the operating system and Apple have not bothered to find a solution, maybe because you're not supposed to leave the server admin open for long periods of time. A little disappointing, however it does not seems to be causing any other problems with the server as it is running perfectly well.
  Thanks to everyone for your input, I'll close this issue now, and as Jamie Curmi stated this may be resolved in the next release of the OS.

• Server Admin Doesn't show info for Software Update Service

  In server admin, under the settings and available updates, I see a list of available updates, but they are labelled with the hash code for the update, not the name, and the info panel doesn't show any information like it should. We have our corporate firewall configured to allow connections to the server apple uses for this service so that we can get the updates. Any suggestions?

  That option is only available after upgrading to iOS 5. It appears you have a 2nd generation unit, which can not be upgraded beyond iOS 4.2.1.

• Server Admin cannot update any mail settings on nearly fresh 10.4 server

  I can no longer use the Server Admin application to change settings under Mail (and I need to make some changes - would like to change logging settings and require authentication for SMTP). I made some initial settings with no problems, but now it chokes...
  For example, I click on Mail, Settings, Advanced... and then try to click the box to require Kerberos Authentication for SMTP-- everything is normal until I hit SAVE. Then there is a delay of 10 or 15 seconds, followed by the error message:
  "A connection with a server or service was lost. Try to disconnect from XServe.local and then reconnect, or contact your network administrator."
  At this point the mail indicator is red, not green... after clearing the message the changes I've made to settings appear intact, but if I quit server admin the truth comes out... I'm asked would I like to save changes, if I say yes the error will repeat-- I have to quit without saving. Relaunching Server Admin reveals that indeed the changes have not been made.
  I've heard of this type of problem when hand editing config files, but I've not done that with any mail-related files (I made two minor changes to a http config file a while ago, otherwise it's all been through Server Admin).
  Is there any way to reset the mail-related files so that Server Admin will return to life, or do I have to reformat the drive and reinstall OS X 10.4.4 hoping it doesn't happen again?
  By the way, the problem started a few days ago, and the upgrade to 10.4.4 didn't magically cure it.

  I'm having the same problem (and updating to 10.4.5 did not fix it either).
  In my case, it takes 30 seconds for the "A connection with a server or service was lost." to come up; I have a lot of mailing lists, and was wondering if it was some sort of timeout value on the server admin server end. (I hope that Server Admin doesn't write out every mailing list's membership every time you change any Mail setting!)
  You can make some changes using the serveradmin command line tool. For example, I noticed this problem when trying to turn on log-rolling.
  First, to find the appropriate command:
  sudo serveradmin settings mail > mailsettings
  I grepped for "log":
  grep "log" mailsettings | grep -v mailman
  (grep -v mailman drops any mailman settings, such as all of the users where "log" appears in their e-mail address)
  And found:
  mail:postfix:logrolling_daysenabled = no
  I then ran the command:
  sudo serveradmin settings mail:postfix:logrolling_daysenabled = yes
  to turn log rolling on. Quitting Server Admin and getting back into it showed that logrolling_daysenabled was enabled.
  So that might be a temporary solution for simple changes.
  In my case, this is a very fresh server: purchased and put into play over a period of three weeks. It worked until I copied the mailing lists over, but a small number of mailing lists copied did not trigger the error. This is what leads me to believe there is some kind of timeout happening.
  Jerry