ABOUT BENCH FORUMS PODCAST LOGIN REGISTER
PC Components
Smartphones & tablets
Systems
ENTERPRISE & IT
GUIDES
DEALS

In-Depth with Mac OS X Lion Server

 by Andrew Cunningham on August 2, 2011 8:00 AM EST
77 Comments | Add A Comment
77 Comments

VPN

There’s nothing that can make setting up VPN (Virtual Private Networking, which allows access to your network from other networks) truly simple, but Lion Server includes an L2TP VPN host that tries very hard - flip the switch, set a password, and determine what IP addresses will be used for connecting clients. By default, it takes 30 addresses from the high 200s, addresses that are unlikely to be in use on a small network. Make sure that your IP settings won’t conflict with addresses used by local clients.

If you need to provide PPTP VPN to your clients, you can also set this up via the Terminal (PPTP is hidden by default because, in short, it’s unencypted - Apple only wants you to use the more secure L2TP if possible. More about L2TP and PPTP can be found here).

You’ll also need to make sure that your router is configured to forward the correct ports - I can tell you that, according to Apple’s list of ports used by OS X, the VPN service uses UDP 500, UDP 1701, TCP 1723, and UDP 4500, and I can tell you that this site is a good resource to use if you’re new to port forwarding. You’re on your own for the rest.



From here, you can setup clients to connect manually, or save a mobile configuration profile that can be used by Lion and iOS clients. Both OS X and iOS have their own built-in VPN clients that can use these profiles, and any Windows client that supports L2TP (or PPTP, if it’s enabled) should be able to connect as well.

VPN is a service that can be very useful in multiple settings, whether you’re a business user who needs access to files or systems from home, or a home user who wants to be able to remote into their home computer from work or a public Wi-Fi hotspot. While it does take some intermediate skills to setup, Lion Server’s VPN solution is relatively simple and sufficiently functional to serve most purposes.
 

Web

 
Many services in Lion Server have been simplified or streamlined relative to their Snow Leopard Server counterparts, but of everything we’ve looked at so far, the Web service is the only one that has truly been changed for the worse.

Configurable only via Server.app, the Web service (which uses an Apache backend) allows you to create multiple websites with customizable domain names, port numbers, and access permissions, and you’re also given the option to choose where the files are stored on the server.

The bad news is that if you need to do anything more advanced than that, you have to leave the warm comfort of the GUI and dive straight into TextEdit editing of configuration files. From Lion Server’s Help file:

“Web service uses Apache server. You can customize Apache settings by editing configuration files or creating web app plist files.”

Hardly user-friendly.

This is a far cry from the Web service in Snow Leopard server, which gave you a GUI for enabling and disabling modules, setting up aliases, and other advanced functionality. Comparatively speaking, Web server in Lion seems mostly content to provide a backend for things like Wiki, Mail, iCal and Profile Manager without doing a whole lot by itself.

It’s frustrating to see Apple do this to one of its services, especially when (for example) the Mail service maintains both its simplified Server.app administration panel and its advanced Server Admin counterpart. Advanced controls for the Web service already existed in Server Admin prior to Lion, and keeping them would have required little extra work on Apple’s part. Now, if you make heavy use of the Web service in your organization, you’re going to have to tool around in Terminal to perform many advanced functions, which runs counter to the simplification present in most of the other services.
 

Wiki

The Wiki service is similarly simplified in Lion, at least as far as Server.app is concerned - you can turn it on/off and manage what users can make wikis, but that’s just about it.

The meat of the Wiki service is accessed via your web browser, where users with the appropriate permissions can both create personal wiki entries and create new general-use wikis.

I’m not a particularly authoritative source on wiki software, so I’m not really comfortable comparing the Wiki service in Lion Server to other Wiki products, but I can say that the Lion service seems to do the job reasonably well as long as you're not doing anything too advanced. The appeal for a small business is that Wiki is a simple-to-setup service that can host easily-edited internal documentation, or perhaps information and progress reports on ongoing projects, or maybe even meeting notes - the service is there to use, but as always your wiki is only as good as the information you put into it.

Podcast and Time Machine Server Admin Tools: DHCP, DNS, Firewall, NAT, and RADIUS
PRINT THIS ARTICLE
Comments Locked

77 Comments

View All Comments

  • ltcommanderdata - Tuesday, August 2, 2011 - link

    Given the shift in corporate policy from being Blackberry focused to adopting other smartphone platforms including iOS, I think most CTOs would take a look at OS X Server if only for the easier iOS device management features. I don't really see it replacing existing Windows servers though, particularly since Apple doesn't sell dedicated server class hardware anymore.

  • quakerotis - Tuesday, August 2, 2011 - link

    This is simply not true. OS X Server has been for us a very good performer, both in stability and ease of use. B3an, you must be speaking anecdotally because I am not a fanboy. There are many server technologies to choose from. this is one of the better ones.

  • diskrete - Tuesday, August 2, 2011 - link

    As an IT manager for a small company, I would definitely use Lion Server to manage Macs and iPhones.

    It in no way replaces existing Windows/Linux infrastructure. But recycling a Mac mini to use for managing Apple devices? Absolutely. It’s worth it just for the ability to create machine-based 802.1X profiles.

    IT today is not about standardizing on one platform, it’s about using the right tool for the job.

  • sligett - Thursday, August 4, 2011 - link

    Unix isn't a server platform anyone in their right mind would use?

    There are thousands upon thousands of small and medium businesses as well as schools that are hostage to expensive windows "experts" that have put a Windows server in their business. The client can't do a thing with the server without the expensive help of the expert. You don't see that as a viable market?

    So many people speak out on the Internet as though "I can't use this" is equivalent to "no one can use this".

  • erple2 - Thursday, August 4, 2011 - link

    To be fair, any infrastructure that's put in place by an "expert" tends to continue to have to be maintained by another expensive expert. Non-techies have problems with Macs just as much as non-techies have problems with Linux, or Windows machines.

    BTW, I've found that the mac "experts" that have put a mac server in their business are also very expensive to hire back for help.

    There are some very very nice manageability features that OSX Server buys you that aren't all that simple to implement by relative novices in other environments...

  • cwatt - Monday, September 26, 2011 - link

    Ha ha, you are really ignorant! I am currently rolling this out to a big organization and this article is a really big help.. BTW ... those inferior products are actually extremely good quality and very easily managed and a lot more secure than other platforms... You should not let your opinion get in the way of your judgment, you should make the best decision based on the environment not because you are a fanboy or you randomly hate really good products!

  • blueeyesm - Tuesday, August 2, 2011 - link

    I have to agree that managing iOS devices using OS X Server is probably their only ace in the hole. The rest of what this offering serves can be replicated/managed better under Linux. That being said, if Apple wanted to be really smart, they'd help their community devise methods in which to enhance a shopping experience, or other interacive experiences with an iOS or tablet device.

    That is, until cloud computing becomes the de facto standard and Apple ceases to offer a server or client to download, you just are expected to do everything via iTunes/iLife Cloud edition.

  • badjohny - Tuesday, August 2, 2011 - link

    With its drop in price, and ability to install on any mac, I would love to see apple take OSX server and shape it into a WHS for mac. It looks like all or many of those things are available in OSX server, but the ease and convenience of using a WHS is unreal. Push the Home server aspect of OSX server and really make a use for it in a standard home. itunes server edition, Apple TV media server, IOS update manager, Shared home calendars, email, and family based websites come to mind. These are all things that It can currently do, but they all need some "apple magic" to make them very powerful and at the same time very easy for anyone to setup. Apple could easy include a option in the setup of a mac to have it search your network for a server. If it finds one have it ask if you want to enable the features. They could even leverage the icloud system and have it linked by your itunes account. They all the data could sync through the icloud service. enter your apple ID and your client is setup to use your server instantly.

    They could even make a personal iCloud options. Every picture/video you take have it saved over to the server also.

    I understand that OSX server is a niche item in big business. Apple should admit defeat in enterprise setups and push server to a more person level. Have it compete with windows SBS and WHS but make it have the apple easy of use. They have a real product here, but like most home server options it seems to be more of a niche item.

  • Ratman6161 - Tuesday, August 2, 2011 - link

    Basically Apple does not make or sell server grade hardware. Sure, if you look on their online store you will find a version of the Mac Pro that calls itself a server and comes with OSX Server installed. But there are a variety of things about it that make it not enterprise ready and more suited to small business or home servers. If Apple really wanted to be in the enterprise market then what they would absolutely have to do is to allow it to run as a virtual machine on all the major virtualization platforms. For example where I work we are a VMWare shop and no server software is coming in our door that will not run on VMWare Esx server.

    Its my theory thought hat they have no intention or desire to compete in the enterprise server market. If they did, there would be no reason for a price drop as most businesses in that market place would not have blinked at the $499 price or even the $999 price - both are a drop in the bucket compared to all the other costs associated with a data center. No, the price drop to me definitely signals that its their intent to be in the small business and home server market.

  • HMTK - Wednesday, August 3, 2011 - link

    You're right, Apple does not have anything that could even remotely be called server hardware.

    There have been rumors that Mac OS can run as a vm on vSphere 5 (if you're ok with the licensing). If true you could run it on real servers and real SANs and use nice features like high availability. The only show stopper is probably licensing but I would think that is VMware were taking the trouble of making OS X run on their hypervisor they would have a deal with Apple.

    AFAIC Max OS X Server would be interesting only for managing iOS devices.
Copyright © 2024. All rights reserved.
BENCH
TOPICS
FOLLOW
ABOUT

Log in

Don't have an account? Sign up now