macOS Server overview

Table of Contents

macOS Server overview

This is a near-verbatim selective offline (from VN's POV) copy of macOS Server's help.

This is normally accessed only through the Help Viewer on a Mac with the correct version of the app, which means doing it over Apple Remote Desktop and in an unflexible window that neither can adjust properly to get the most use of the screen real estate (allowing to enlarge the text without cramping it) nor gets out of the way obscuring other things and isn't affected by "regular" keyboard navigation. Using a proxy server we found the address of the remote content (https://help.apple.com/serverapp/mac/5.4/) and we've been making our own copy of articles as we come across them to have them available on the inevitable moment comes when Apple shuts down those servers.

You are welcome to use this copy for your own needs. Unlike Apple's website, you should be able to use a site-ripping app to make your own localized copy or you can reach out to us and we'll send you our files. Apple, obviously, is the author of this, so if you are or keep your servers in a country with abusive copyright law, this should used only for documentation/learning/backup, not for commercial purposes, so you don't get in trouble if Apple petty sues…like they do.

macOS Server overview

Set up macOS Server

macOS Server requirements
Ports
  * Services and ports
  * Port mapping for network and server protection
  * Router port mapping
Disk preparation
Install macOS Server
Set up an administrator computer
After you set up your server

Manage server access

Server access overview
Close the Server app connections
Specify access by users and networks
  * Create custom network access definitions
  * Define service access by users
  * Define service access by network
  * Edit custom access
  * Edit custom network access rules
About the adaptive firewall
Secure your server
  * Security best practices
  * Reduce the use of administrator accounts
  * About single sign-on
  * Use certificates
  *   * About certificates
  *   * Manage certificates
  *   * Create a self-signed certificate
  *   * Obtain a trusted certificate
  *   * Use an SSL certificate
  *   * Import a certificate identity
  *   * Replace certificates
  *   * Create a password file in Terminal
  *   * Change the certificate for servermgrd
  * SSH key authentication
  *   * About key-based SSH authentication
  *   * Generate a key pair for SSH authentication
  *   * Key-based SSH script sample
Allow remote access to your server
About the web proxy

Manage your server

Monitoring tools
  * Disk monitoring tools
  * Network monitoring tools
Start or stop a service
Manage server data
  * Manage server storage
  * Store service data on a different disk
  * Understand the data store for Calendar and Contacts services
Monitor server status and reachability
  * Check server status
  * View Internet reachability details
  * Disable reachability tests
  * View server logs
  * Monitor server stats
  * View server information
Manage names and IP addresses
  * Use the right name for your server
  * Find or change your server’s name
  * Find or change your server’s IP address
  * Find or change your server’s host name
Manage alerts
  * Add alert recipients
  * Track server alerts
Manage your server remotely
Manage push notification
  * About push notification
  * Enable push notification service
  * Change a push certificate’s Apple ID
  * Renew a push notification certificate
  * Revoke push notification connection permission
Connect to remote computers
  * Control remote computers with SSH
  * Apple Remote Desktop
Use command-line tools
  * About the command-line environment
  * Command-line tools used in macOS Server administration
  * Commands requiring root or administrator privileges
  * Administration from a non-Mac computer

Distribute profiles

About Profile Manager
Navigate Profile Manager
Enable mobile device management

Work with users and groups

Accounts overview
  * About user accounts
  * About administrator accounts
About tools for client management
Work with the users or groups pane
  * Sort the list of users or groups
  * Change a user’s or group’s name
  * Change a user’s or group’s picture
  * Manage keywords and notes
  * Manage templates
  * Import users and groups from a file
  * Export users and groups to a file
Manage users
  * Create a user account
  * Delete a user account
  * Change a user’s account settings
  * Change a user’s group membership
  * Work with user passwords
  *   * Compose a password
  *   * Set the password policy
  *   * Reset a user’s password
  *   * Update the password for the Open Directory administrator
  * Manually control user access to services
  * Grant access to users from another network account server
  * View system and administrator accounts
Manage groups
  * Create a group
  * Delete a group
  * Add or remove group members
  * Choose group services
  * Make all group members Messages buddies
  * Set up a group file sharing folder
  * Grant access to a group from another network account server
Work with network account servers
  * Connect to another network account server
  * Host network accounts
  * Provide Open Directory service
  * About Open Directory
  *   * Open Directory and directory services
  *   * Uses of directory data
  *   * Inside a directory domain
  *   * Local and shared directory domains
  *   * Open Directory search policies
  * Open Directory guidelines
  *   * Open Directory planning
  *   * Improve directory service performance
  *   * Open Directory security
  *   * Manage Open Directory services
  * Manage Open Directory
  *   * Join an existing directory domain
  *   * Archive and restore Open Directory data
  * About authentication
  *   * Single sign-on authentication
  *   * Kerberos principal and realm
  *   * Kerberize services with an Active Directory server

Host websites

About Websites service
Publish a website
Advanced website settings
  * Web service overview
  *   * Work with Apache
  *   * Work with web apps
  * Manage Web service
  *   * Make websites and wikis more secure
  *   * Secure web content on case-insensitive file systems
  *   * Let users change their password
  *   * Use PHP or Python
  *   * Restore the default web configuration
  *   * Tune web service performance
  *   * View web service logs
  * Apache web modules overview
  *   * About Apache web modules
  *   * About Mac-specific web modules
  *   * About open source component modules

Set up collaboration services

Set up Mail service
  * Before you set up Mail service
  * Initial configuration of Mail service
  * Provide mail service
  * Mail server domain name
  * Configure DNS for Mail service
  * Mail overview
  *   * Mail service architecture
  *   * Mail Transfer Agent (MTA)
  *   * Filter mail before delivery
  *   * Local delivery agent (LDA)
  *   * Mail user agent (MUA)
  *   * Where mail is stored
  *   * Use network services with Mail service
  * Manage Mail service
  *   * Secure Mail service with SSL
  *   * Configure mail client apps
  *   * Mail relay
  * Manage junk mail
  *   * Limit spam and viruses
  *   * Junk mail and virus filtering options
  *   * Manage greylist filtering
  *   * Prevent mail server spoofing
  * Troubleshoot Mail problems
  *   * Improve performance
  *   * Configure additional Mail service support for 8-bit MIME
Set up Calendar service
  * Provide calendar service
  * CalDAV client requirements
  * Calendar proxies and delegates
  * Add a Calendar Server account to the Calendar app
  * Create a calendar using the Calendar app
  * Enable email invitations
  * Delete calendar resources and locations
Set up Contacts service
  * Provide centralized contact service
  * Client apps
Set up Messages service
  * About Messages service
  * Provide Messages service
  * Save message transcripts
  * Allow Messages buddies from other servers
Set up Wiki service
  * Wiki service overview
  * Host wikis

Set up infrastructure services

DHCP

About DHCP service

Provide IP addresses with \DHCP Configure a client to obtain an IP \address Modify DHCP client \settings Modify DHCP network \settings \DNS About \DNS About DNS \service DNS \zones DNS record \types Bonjour and link-local \addressing Set up a namespace behind a NAT \gateway Network load distribution (round robin) Host several Internet services with a single IP \address Host multiple domains on the same \server Set up \DNS Before you set up DNS \service Overview of DNS \setup Set up DNS \service Secure \DNS About DNS \spoofing Use zone transfers to defend against server \mining Defend against DNS service \profiling \VPN About \VPN About VPN \security Set up \VPN Provide secure remote access with \VPN Provide VPN service through an Internet \router Manage AirPort port mapping and Wi-Fi \login Install macOS over the \network NetInstall \overview About NetInstall \service NetInstall \requirements About System Image \Utility Provide NetInstall \service Set up system \images Create NetBoot \images Create NetInstall \images Create NetRestore \images Create an image from a configured \computer Use System Image Utility \workflows About \workflows Assemble \workflows Add \workflows Remove \workflows Assemble an image \workflow Use Automator to run a \workflow Set up NetInstall \clients Set up diskless \clients Start up using the N \key Start up from a NetBoot or NetInstall \image Image multiple clients using the multicast asr \command Change how NetBoot clients allocate shadow \files Manage NetInstall \service Performance and load \balancing Distribute NetBoot images across \servers Distribute NetBoot images across server disk \drives Distribute shadow \files Provide NetInstall service across \subnets Manage \images Balance NetBoot image \access If you want to change the image \name Solve problems with \NetBoot Host software \updates Software Update \overview About the Software Update \server Considerations and \requirements Provide Software Update \service Manage software \updates Redirect servers to your Software Update \server Point clients to a Software Update \server General solutions to Software Update problems 

DHCP
  * About DHCP service
  * Provide IP addresses with DHCP
  * Configure a client to obtain an IP address
  * Modify DHCP client settings
  * Modify DHCP network settings
DNS
  * About DNS
  *   * About DNS service
  *   * DNS zones
  *   * DNS record types
  *   * Bonjour and link-local addressing
  *   * Set up a namespace behind a NAT gateway
  *   * Network load distribution (round robin)
  *   * Host several Internet services with a single IP address
  *   * Host multiple domains on the same server
  * Set up DNS
  *   * Before you set up DNS service
  *   * Overview of DNS setup
  *   * Set up DNS service
  * Secure DNS
  *   * About DNS spoofing
  *   * Use zone transfers to defend against server mining
  *   * Defend against DNS service profiling
VPN
  * About VPN
  * About VPN security
  * Set up VPN
  *   * Provide secure remote access with VPN
  *   * Provide VPN service through an Internet router
Manage AirPort port mapping and Wi-Fi login
Install macOS over the network
  * NetInstall overview
  *   * About NetInstall service
  *   * NetInstall requirements
  *   * About System Image Utility
  * Provide NetInstall service
  * Set up system images
  *   * Create NetBoot images
  *   * Create NetInstall images
  *   * Create NetRestore images
  *   * Create an image from a configured computer
  * Use System Image Utility workflows
  *   * About workflows
  *   * Assemble workflows
  *   * Add workflows
  *   * Remove workflows
  *   * Assemble an image workflow
  *   * Use Automator to run a workflow
  * Set up NetInstall clients
  *   * Set up diskless clients
  *   * Start up using the N key
  *   * Start up from a NetBoot or NetInstall image
  *   * Image multiple clients using the multicast asr command
  *   * Change how NetBoot clients allocate shadow files
  * Manage NetInstall service
  *   * Performance and load balancing
  *   * Distribute NetBoot images across servers
  *   * Distribute NetBoot images across server disk drives
  *   * Distribute shadow files
  *   * Provide NetInstall service across subnets
  * Manage images
  *   * Balance NetBoot image access
  *   * If you want to change the image name
  * Solve problems with NetBoot
Host software updates
  * Software Update overview
  *   * About the Software Update server
  *   * Considerations and requirements
  * Provide Software Update service
  * Manage software updates
  *   * Redirect servers to your Software Update server
  *   * Point clients to a Software Update server
  * General solutions to Software Update problems

Manage your server’s network settings

  • How name changes affect infrastructure services
  • * How IP address or host name changes affect infrastructure services
  • * How IP address or host name changes affect collaboration services
  • * How IP address or host name changes affect mail services
  • * How IP address or host name changes affect web and wiki services
  • Combine Ethernet ports
  • * About the Link Aggregation Control Protocol (LACP)
  • * Set up link aggregation
  • * Monitor link aggregation status
  • Virtual local area networks (VLANs)
  • * VLAN overview
  • * Set up a VLAN

Troubleshooting

If users can’t access a service over the Internet

Remove macOS Server

macOS Server overview

With macOS Server, small organizations and workgroups without an IT department can take full advantage of the benefits of a server. A nontechnical user can easily set up and manage macOS Server for a group. Other users in the group can automatically configure computers using macOS and iOS devices such as iPhone, iPad, and iPod touch to get services from macOS Server.

Users and groups

Each person who wants services from macOS Server needs a user account.

A user account lets a person authenticate to services, controls which services the person can use, and specifies the person’s group membership. Your server may have its own users and groups that you add using the Server app. You can configure your server to allow users from a network account server (Open Directory or LDAP server) in your organization. Instead of having its own users or importing them, your server can be configured to access users and groups residing on your organization’s network account server.

For instructions, see Create a user account and Create a group.

Services of macOS High Sierra

macOS High Sierra contains the following services, which were previously part of macOS Server. If you were using these services in macOS Server 5.3, refer to the links below to continue managing these services in macOS High Sierra.


Caching service provides caching of software distributed by Apple through the Internet. For more information, see About content caching.

File Sharing
File sharing service lets users store and share folders and files on your Mac. For more information, see Use File Sharing to share files.

Time Machine
Time Machine service lets users back up their Mac computers on your Mac. For more information, see Use a shared folder with Time Machine.

Services of macOS Server

macOS Server can provide services to Mac, Windows, and UNIX computers, and to iOS devices such as iPhone, iPad, and iPod touch. You use the Server app to turn on the services you want to provide, customize service settings, and turn off services you don’t need.


Calendar
Calendar service provides shared calendars, so users can check each other’s availability, book conference rooms, and schedule meetings and events.

Provide calendar service

Contacts
Contacts service provides centralized contact information.

Provide centralized contact service

DHCP
DHCP service provides IP addresses for other computers.

Provide IP addresses with DHCP

DNS
DNS service provides domain names for other computers.

Set up DNS service

Mail
Mail service lets users send and receive email on your local network and the Internet using any email app.

Provide mail service

Messages
Messages service lets users collaborate by chatting and sharing information.

Provide Messages service

NetInstall
NetInstall lets you manage the installation of macOS onto multiple computers.

Provide NetInstall service

Open Directory
Open Directory service helps you integrate your server with an existing directory services implementation.

Provide Open Directory service

Profile Manager
Profile Manager service lets you manage mobile devices and distribute configuration profiles that set up users’ Mac computers and iOS devices to use your server.

About Profile Manager

Software Update
Software Update service lets you host and manage which Apple-provided software updates are available to computers in your organization.

Provide Software Update service

VPN
VPN service gives users secure remote access to your server and network over the Internet.

Provide secure remote access with VPN

Websites
Websites service lets you publish custom websites.

Publish a website

Wiki
Wiki service lets users share information using wikis, blogs, and web calendars.

Host wikis

Xsan
Xsan service lets you create a shared storage area network (SAN) on your local network.

Share files with Xsan

Server tools

You use a few different tools to change service settings, check status, and perform other server administration tasks on Mac computers using macOS Server.

The Server app is the primary tool you use to:

  • * * Manage users and groupsManage users and groups* Manage users and groupsManage users and groups
  • * * Monitor server statusMonitor server status* Monitor server statusMonitor server status
  • * * Start, stop, and customize servicesStart, stop, and customize services* Start, stop, and customize servicesStart, stop, and customize services
  • * * View and change system, network, and storage settingsView and change system, network, and storage settings* View and change system, network, and storage settingsView and change system, network, and storage settings
  • * * Manage an AirPort deviceManage an AirPort device* Manage an AirPort deviceManage an AirPort device

The apps described below are available from the Tools menu in the Server app. They help you manage other more advanced functions of your server.


Directory Utility
Configure advanced connections to directory servers.

Screen Sharing
Observe and control your server from another computer on the network.

System Image Utility
Create NetBoot, NetInstall, and NetRestore images for Mac computers.

For more information about these apps, open the app and use the Help menu.

Many management and setup features of macOS Server are also available from the command line using the /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin tool. For information about the serveradmin tool, see its man page.

More resources


macOS Server website (www.apple.com/macos/server/)

View extensive product and technology information.

macOS Server Support website (support.apple.com/macos/server)

Access hundreds of articles from Apple’s support organization.

Apple Discussions website (discussions.apple.com)

Share questions, knowledge, and advice with other administrators.


en/other/macosserver.txt · Last modified: 2023/04/11 02:44