In-Depth with Mac OS X Lion Server
by Andrew Cunningham on August 2, 2011 8:00 AM ESTVPN
There’s nothing that can make setting up VPN (Virtual Private Networking, which allows access to your network from other networks) truly simple, but Lion Server includes an L2TP VPN host that tries very hard - flip the switch, set a password, and determine what IP addresses will be used for connecting clients. By default, it takes 30 addresses from the high 200s, addresses that are unlikely to be in use on a small network. Make sure that your IP settings won’t conflict with addresses used by local clients.
You’ll also need to make sure that your router is configured to forward the correct ports - I can tell you that, according to Apple’s list of ports used by OS X, the VPN service uses UDP 500, UDP 1701, TCP 1723, and UDP 4500, and I can tell you that this site is a good resource to use if you’re new to port forwarding. You’re on your own for the rest.
From here, you can setup clients to connect manually, or save a mobile configuration profile that can be used by Lion and iOS clients. Both OS X and iOS have their own built-in VPN clients that can use these profiles, and any Windows client that supports L2TP (or PPTP, if it’s enabled) should be able to connect as well.
VPN is a service that can be very useful in multiple settings, whether you’re a business user who needs access to files or systems from home, or a home user who wants to be able to remote into their home computer from work or a public Wi-Fi hotspot. While it does take some intermediate skills to setup, Lion Server’s VPN solution is relatively simple and sufficiently functional to serve most purposes.
Web
Configurable only via Server.app, the Web service (which uses an Apache backend) allows you to create multiple websites with customizable domain names, port numbers, and access permissions, and you’re also given the option to choose where the files are stored on the server.
“Web service uses Apache server. You can customize Apache settings by editing configuration files or creating web app plist files.”
Hardly user-friendly.
This is a far cry from the Web service in Snow Leopard server, which gave you a GUI for enabling and disabling modules, setting up aliases, and other advanced functionality. Comparatively speaking, Web server in Lion seems mostly content to provide a backend for things like Wiki, Mail, iCal and Profile Manager without doing a whole lot by itself.
It’s frustrating to see Apple do this to one of its services, especially when (for example) the Mail service maintains both its simplified Server.app administration panel and its advanced Server Admin counterpart. Advanced controls for the Web service already existed in Server Admin prior to Lion, and keeping them would have required little extra work on Apple’s part. Now, if you make heavy use of the Web service in your organization, you’re going to have to tool around in Terminal to perform many advanced functions, which runs counter to the simplification present in most of the other services.
Wiki
The Wiki service is similarly simplified in Lion, at least as far as Server.app is concerned - you can turn it on/off and manage what users can make wikis, but that’s just about it.
The meat of the Wiki service is accessed via your web browser, where users with the appropriate permissions can both create personal wiki entries and create new general-use wikis.
I’m not a particularly authoritative source on wiki software, so I’m not really comfortable comparing the Wiki service in Lion Server to other Wiki products, but I can say that the Lion service seems to do the job reasonably well as long as you're not doing anything too advanced. The appeal for a small business is that Wiki is a simple-to-setup service that can host easily-edited internal documentation, or perhaps information and progress reports on ongoing projects, or maybe even meeting notes - the service is there to use, but as always your wiki is only as good as the information you put into it.
Facebook
Twitter
RSS
77 Comments
View All Comments
ex2bot - Friday, August 5, 2011 - link
Upgrading OS X is not much of a pain, as Repo says. Plus, it's practical to skip at least every other upgrade. So, upgrading every four years (2 + 2) at $60 isn't a big deal and the improvements are worth it.I especially appreciate Expose', Time Machine, Spotlight, and Quick Look and use them regularly And every Mac user has benefitted from Quartz GL (uses 3d graphics card to speed up screen draws).. There have been myriad "invisible" or subtle improvements as well. See Apple's "Mac OS X" section for details.
Four years between OS upgrades is not bad, as I said. Longhorn was supposed to come out about 4 or 5 years after XP. Microsoft just had eyes bigger than its stomach and it was delayed. But Windows 7 was worth the wait. Especially features like the display compositor + aesthetically pleasing UI + improved security (and no more yellow speech bubbles popping up all the time)
Ex2bot
Automated System Process
ex2bot - Friday, August 5, 2011 - link
BTW, Expose's successor is called "Mission Control."Sahrin - Tuesday, August 2, 2011 - link
a reduction in advertising, if you guys are going to do all these paid reviews for Apple.Johnmcl7 - Tuesday, August 2, 2011 - link
It's getting a bit of a joke these days that anything with the Apple badge will get a news article, preview, in depth review the moment it's out dwarfing everything else which barely seems to get a look-in. I get that Anand likes Apple stuff and if I don't I should go elsewhere but I like the non-Apple reviews when they do occasionally get published.John
ex2bot - Friday, August 5, 2011 - link
It's no joke. Check Anand's mailbox some time*.Ex2bot
*Crazies, please don't mess with his mailbox.
ex2bot - Friday, August 5, 2011 - link
I know for a fact that Apple employees stuff money into Anand's mailbox*. Lots and lots of money. They use $20s and $50s straight from Jobs' car, who burns them to light his cigs.Ex2bot
Currency Calculating Mac Fanbot
* Anand, I don't really believe this. I was kidding, as I'm sure you've figured out. Actually, I'm sure they are $100s, not $20s and $50s. After all, he's a Billionaire.
the_engineer - Tuesday, August 2, 2011 - link
Thanks for this great in-depth look at Lion Servers new & continued functionality, I learned a lot reading this. However, I'm still very confused at where XSAN fits into the picture. As a storage power-user I've used software Linux raid, semi-hardware windows raid (Intel, Highpoint), and I've lately dabbled into ZFS because it seems like it's really got everything I could ever want as far as straight storage capabilities are concerned (I'm running a raidz6 with 6 750GB drives currently running on Nexenta). I'd really like to put Lion Server on a mac and install a generic SATA card and add 6 3TB hard drives and do a great big raid5 in a mac pro, but am very confused as to whether or not this will work. I was very hopeful that Lion Server would integrate 'software' RAID5 or similar functionality, but it's not clear anywhere whether it does this or not. Simply put, Do I still need to buy a dedicated raid5 card to have a redundant array of inexpensive disks on a mac or am I missing something still?-Looking for a great user experience AND a ton of redundant storage
HMTK - Wednesday, August 3, 2011 - link
Why not set up a NAS with iSCSI or NFS ?the_engineer - Wednesday, August 3, 2011 - link
LONG story short, geting a deidciated NAS box means spending more money than ought to be necessary at this point (I have an i7 desktop and a core2 desktop, both capable of running Lion, Windows, FreeBSD, you name it... Just fine, as well as plenty of vanilla SATA ports & cards available). I'm Trying to weigh all purely software options available to me, with ZFS/BSD sitting on top of the heap for storage features but OSX sitting on top of the heap from a usability standpoint. The longer I look at it the more likely I am to end up running one huge 20-drive ZFS based NAS under FreeBSD but was trying to avoid getting to this point.HMTK - Wednesday, August 3, 2011 - link
If you put it on the network you can access it with all decent OS's. I've got a little HP mini proliant just for that.