ABOUT BENCH FORUMS PODCAST LOGIN REGISTER
PC Components
Smartphones & tablets
Systems
ENTERPRISE & IT
GUIDES
DEALS

In-Depth with Mac OS X Lion Server

 by Andrew Cunningham on August 2, 2011 8:00 AM EST
77 Comments | Add A Comment
77 Comments

VPN

There’s nothing that can make setting up VPN (Virtual Private Networking, which allows access to your network from other networks) truly simple, but Lion Server includes an L2TP VPN host that tries very hard - flip the switch, set a password, and determine what IP addresses will be used for connecting clients. By default, it takes 30 addresses from the high 200s, addresses that are unlikely to be in use on a small network. Make sure that your IP settings won’t conflict with addresses used by local clients.

If you need to provide PPTP VPN to your clients, you can also set this up via the Terminal (PPTP is hidden by default because, in short, it’s unencypted - Apple only wants you to use the more secure L2TP if possible. More about L2TP and PPTP can be found here).

You’ll also need to make sure that your router is configured to forward the correct ports - I can tell you that, according to Apple’s list of ports used by OS X, the VPN service uses UDP 500, UDP 1701, TCP 1723, and UDP 4500, and I can tell you that this site is a good resource to use if you’re new to port forwarding. You’re on your own for the rest.



From here, you can setup clients to connect manually, or save a mobile configuration profile that can be used by Lion and iOS clients. Both OS X and iOS have their own built-in VPN clients that can use these profiles, and any Windows client that supports L2TP (or PPTP, if it’s enabled) should be able to connect as well.

VPN is a service that can be very useful in multiple settings, whether you’re a business user who needs access to files or systems from home, or a home user who wants to be able to remote into their home computer from work or a public Wi-Fi hotspot. While it does take some intermediate skills to setup, Lion Server’s VPN solution is relatively simple and sufficiently functional to serve most purposes.
 

Web

 
Many services in Lion Server have been simplified or streamlined relative to their Snow Leopard Server counterparts, but of everything we’ve looked at so far, the Web service is the only one that has truly been changed for the worse.

Configurable only via Server.app, the Web service (which uses an Apache backend) allows you to create multiple websites with customizable domain names, port numbers, and access permissions, and you’re also given the option to choose where the files are stored on the server.

The bad news is that if you need to do anything more advanced than that, you have to leave the warm comfort of the GUI and dive straight into TextEdit editing of configuration files. From Lion Server’s Help file:

“Web service uses Apache server. You can customize Apache settings by editing configuration files or creating web app plist files.”

Hardly user-friendly.

This is a far cry from the Web service in Snow Leopard server, which gave you a GUI for enabling and disabling modules, setting up aliases, and other advanced functionality. Comparatively speaking, Web server in Lion seems mostly content to provide a backend for things like Wiki, Mail, iCal and Profile Manager without doing a whole lot by itself.

It’s frustrating to see Apple do this to one of its services, especially when (for example) the Mail service maintains both its simplified Server.app administration panel and its advanced Server Admin counterpart. Advanced controls for the Web service already existed in Server Admin prior to Lion, and keeping them would have required little extra work on Apple’s part. Now, if you make heavy use of the Web service in your organization, you’re going to have to tool around in Terminal to perform many advanced functions, which runs counter to the simplification present in most of the other services.
 

Wiki

The Wiki service is similarly simplified in Lion, at least as far as Server.app is concerned - you can turn it on/off and manage what users can make wikis, but that’s just about it.

The meat of the Wiki service is accessed via your web browser, where users with the appropriate permissions can both create personal wiki entries and create new general-use wikis.

I’m not a particularly authoritative source on wiki software, so I’m not really comfortable comparing the Wiki service in Lion Server to other Wiki products, but I can say that the Lion service seems to do the job reasonably well as long as you're not doing anything too advanced. The appeal for a small business is that Wiki is a simple-to-setup service that can host easily-edited internal documentation, or perhaps information and progress reports on ongoing projects, or maybe even meeting notes - the service is there to use, but as always your wiki is only as good as the information you put into it.

Podcast and Time Machine Server Admin Tools: DHCP, DNS, Firewall, NAT, and RADIUS
PRINT THIS ARTICLE
Comments Locked

77 Comments

View All Comments

  • Wizzdo - Wednesday, August 3, 2011 - link

    Lion's web server IS Apache. LOL.

  • jigglywiggly - Tuesday, August 2, 2011 - link

    I am too much of an elitist fag to succumb to this.
    I just installed my Debian GUI-less server today to replace my o'll ubuntu 10.04 LTS GUI server, got everyhting setup, mysql, apache, php, samba settings, everything gud to go with only 100 megs of ram usage.
    Sure it took much longer to setup, but I am an elitist fag

  • don_k - Wednesday, August 3, 2011 - link

    Since when is netboot unique to OSX server? Last I checked all *nix variants have had that ability for decades.

    But really, organisations concerned about the sticker price on their server software are not going to go get an apple 'server' for $1k when they can download an iso in 5min and get going are they?
    Not to mention the complete lack of necessary system tools (archiving, compiing especially) without installing macports or something.

    Call it like it is - 1k to manage all those damn pads and phones everyone in the company demands they are able to access the company intranet.

  • johnbouy - Wednesday, August 3, 2011 - link

    Time Machine took a big step backwards with Lion Server. In Snow Leopard Server you could allow time machine backups on individual share points. This allows you to partition a disk and set up individual partitions for specific Time Machine backups. I use this to control how much disk space is allocated for a backup. In Lion you get to nominate one share point/partition as the Time Machine backup storage point. Hence any client that backs up to the server uses the same disk space. A real step backwards!

    Another issue is that Server.app rewets .config files when started up so you potentially lose any changes you were forced to make due to the lousy Lion Web service interface.

  • digitalzombie - Wednesday, August 3, 2011 - link

    I like the idea but still... I wouldn't do it. Apparently they got desperate enough to offer it for 50 bucks. Good job for noticing that no one give a damn since Linux is free and both Linux and Window is established already. I still wouldn't give em my money when they tried to charge in the past an arm and a leg. Who the hell do they think they're going fool? The platform isn't the most active for server development tools. Linux got cloud all up in there and it's actively evolving in many area especially server. Don't even try to bring out that pathetic iCloud. It's not open so nothing is going to back that crap other than Apple, openstack have 50 vendors, big companies, backing that project up compare to iCloud. Apple probably won't ever be able to compete in the server sector but they can leverage their UI and simplicity for their user base, such as the gui sys admin tools described in this articles. They should just stick with consumer base products, trying to compete in the server space market is going to kill em.

  • matthi - Wednesday, August 3, 2011 - link

    On page 4 of this review, it says ".. our next entries are Accounts and Stats under the Status heading". 'Accounts' should be replaced with 'Alerts'.

  • slayernine - Wednesday, August 3, 2011 - link

    If only this was a review of Windows Server it might be useful. I have never met a fellow tech person/geek who uses any version of Apple Server products. (aside from one customer about 3 years ago who was curious about them).

    It is just the simple facts that apple products are know for a lack of an ability to upgrade, locked to features that Apple thinks you should have and a lack of price efficiency. Windows and Linux offer far superior server products that will run on pretty much any hardware that suits your needs and the only reason I can see there being a point to review this product is due to Apple padding your pockets.

  • Schafdog - Wednesday, August 3, 2011 - link

    I know that it seems like Apple (or Steve) has lost faith in the PC as a hub, but I would really love seeing a iTunes Server that multiple users can control using iOS devices playing on Airplay or iOS device itself.

    Some NAS is now getting this features, so I might drop the OS X Server for one of those instead.

  • sodi - Wednesday, August 3, 2011 - link

    What kind of crazy organization would use a Lion Server? At works, standard is a necessity. A Lion Server is just oddball.

  • Oscarcharliezulu - Thursday, August 4, 2011 - link

    This seems a bit like OSX Server Lite and Easy rather than a true upgrade to Snow Leopard Server. I wasPthinking of converting an older 'mini to Lion Server (to serve a small business which has MBPs and iMacs, but now I think getting a copy of Snow Leopard Server would be better if I could somehow get it cheap (yet legal).
Copyright © 2024. All rights reserved.
BENCH
TOPICS
FOLLOW
ABOUT

Log in

Don't have an account? Sign up now