Lion Server Set Up

[sojourner]

Setting up Mac Mini Lion Server. Already have an AEBS. Set up server to handle dns. Put server’s internal IP address in AEBS. In Network pane on server’s HD, set up dns entries with 127.0.0.1 and ISP IP address. Windows clients had trouble resolving dns on guest network. I know the solution is simple (because it stumped AppleCare Enterprise agents): this is the standard setup for your average business and most homes with OSX Server and AEBS. How do I set this up so that users inside and outside the network have no problem accessing services on the server, and that people can connect to internet via wifi, guest wifi and ethernet? Where on the internet can I find information on this?

[trevor]

Quote: Originally Posted by sojourner In Network pane on server’s HD, set up dns entries with 127.0.0.1 and ISP IP address.

I don't understand what you're saying. You may know this already, but 127.0.0.1 is localhost, in other words the IP address that any computer uses to reference itself. It's not the right IP to use for DNS.

Trevor

[agentx]

Firstly Lion Server is not very good and has a clunky work in progress feel as it was a transition from old ways to new. Please install Mountain Lion Server and install and setup from fresh if you can.

DNS is absolutely the single most important to get right before you configure anything else. So plan it and implement correctly from the beginning.

DO NOT SETUP YOUR INTERNAL DOMAIN NAME / DNS ZONE using the in built .local as this can cause issues in cross platform environments.
Use something like mycompany.lan or if you are doing Split Horizon DNS ( pretty complex) the. mycompany.com or any other TLD you own.

so you should end up with server.mycompnay.lan or as machine name.

You should be putting the fixed IP address of the Mini Server into the DNS on your AEBS DHCP settings.
i.e.. 192.168.XXX,XXX / 10.0.1.XXX depending on your range. This will point all the clients on your network to use the Mini server to resolve internal DNS names and it will also cache & forward queries to External DNS Servers giving internet access.


http://www.mountainlionserver.com

[agentx]

Always use a static address for server unless in a fully managed DHCP environment.

Do not let DHCP on AEBS give an address to the server ! Set manually.

Once you have setup DNS on server with zone, machine name, etc
System Prefs > Network > Ethernet
It should have 127.0.0.1 and then your 2 ISP DNS servers.

Then on AEBS in DHCP settings that get dished out to clients
IP address of server NOT 127.0.0.1 and the 2 ISP DNS servers

[sojourner]

Right now, Lion's what we got. I will definitely suggest upgrading; thanks for the tip.

The host name is server.mycompany.com, and the setup you describe is what I had. Well, I set up a DHCP reservation on AEBS for the server's IP address instead of setting DHCP manually on the server. But everything else was the same. And there was still the problem of Windows clients being unable to resolve DNS on the guest wifi network.

[agentx]

Lion is what you have got but for $50 it will save you $1000's in lost time.
I have been using X server since 10.2 and really know my stuff and have had a complete nightmare with 10.7 Server.......i have 1 server left out of about 30 on 10.7 and it just gives me grief.

[agentx]

Wow gone into split-horizon DNS this is advanced in many ways.

Are the client unable to resolve any address or your just your company website online ?

[agentx]

You also say Guest network ?

Do Clients on that network get a different IP address range from server ?
And i presume are isolated from your company network ?

If so they will not be able to resolve DNS as they cannot reach a DNS server to resolve names as more than likely they are getting the Mini as a DNS server and cannot reach it. They should be getting the ISP DNS servers so they can resolve DNS.

[sojourner]

I could hear your anguish and frustration regarding Lion Server from here. We'll get Mountain Lion Server. And thanks for beating that drum loudly. By the way, is it possible to get Mountain Lion Server without going thru the App Store? I'm leery of becoming a part of that and would like to avoid it if possible.

Oddly enough, the Mac clients on the same guest network (and yes, it's a different IP address range from the server and yes, clients on that network are isolated from the company network), have no problems resolving DNS. Only the Windows clients. And yes, the Windows clients are unable to resolve any address.

When I went into the Windows machines and changed their DNS settings, no problem. But how do I ensure that they will be able to walk in the door and join our network without having to fiddle with their settings? How can I set up my system so that the guest network uses the ISP's DNS settings? Simply having the AEBS with the server's IP address and ISP IP address didn't make a difference.

[agentx]

MAS (Mac App Store) is the only way to purchase OS and Server.app now and I advise setting up a generic AppleID for all purchasing. for your company ie. appleid@companyname.com (Can just be an alias email address forwarding to you). You can setup an account without a Credit card attached ( look up how to do this as Apple's dark patterns try to force you to do it depending on what route you take to create) and redeem gift card credit to your account for purchasing.

The AppleID/iCloud/iTunes/iOS management is whole topic on it own !

TBH It has been a while since i have used AEBS and only used in home situations not business networks so never tried to do anything complicated with them. I am unsure how all the underlying routing works. But I am pretty sure that if you take the Server IP address out of DHCP/DNS setting on AEBS then the guest company and guest network internet will work as expected.
But this does not solve the issue !

Overall I have a feeling that the AEBS will not do what you want. ie.
On company network DHCP assigns Internal Server IP and ISP DNS servers to clients
on Guest network only the ISP DNS servers get assigned to guest clients
It is a basic router with limited options. There is a Hacky way of doing it by using Virtual interfaces and utilising DHCP on server etc. but really this is opening a can of worms and on Lion even worse if you are not command line savvy.

I only use Mid>High End Security appliances/routers/WIFI access points/Switches etc at all my sites so we have all the right tools to "chop" up networks and provide fine grained control of access to resources within sites.

So what next ? or options......
1) Get a good business rated router that can do all you want in 1 box.
or
2) Add a WIFI access point to provide the Guest network. You would hard wire into AEBS and configure it to provide DHCP/DNS settings etc to just guest clients.

To get a feel of your requirements....
How many client computers and what are you going to use server for ?

[agentx]

and here you go....as i thought....
https://discussions.apple.com/thread...art=0&tstart=0

and even a link to the hacky way !

[sojourner]

Thanks for your assistance. A bunch of other issues came up and I was quite busy for awhile, hence the delay in replying.

I did see that link for the hacky way. I read it several times without understanding it much and ... my experience with servers wasn't great enough for me to feel comfortable giving that a go. If something went off, I wouldn't know what to fix or why.

They're going another way with the server, so that's off my plate for now. Thanks again for your very detailed help and explanation. Too bad AppleCare agents aren't as knowledgeable as you are.

I am curious about some good resources for understanding how to set up OS X Server. I'd like to work with it on my own time and understand how it works. Can you recommend any good resources for getting started? I'm an advanced Mac user, but beginner server admin. I did take a course, but I feel we only covered the surface of things, and the course was for Lion Server, not ML's OS X Server.

[agentx]

Well.....that is a tough one. As Apple are moving to yearly releases for OS there are not many books and when they eventually come out the next OS is on the table. 10.8 server is certainly good.....Lion was bad....and

So much of server related stuff is obtaining deep understanding of...
1) DNS & Network.
2) Directory services ( OpenDirectory and AD integration if needed)
3) File Services
4) Client machine management (MCX)
5) Deployment & Software patching ( Netboot, SUS, caching server)
6) Collaboration Services (Wiki, Cals, address book)
7) Mail & Web Services

One of the best resources is http://krypted.com he keeps things up to date and explains things concisely.
also http://www.wazmac.com/servers_network/index.htm will certainly help.

Other useful links
https://help.apple.com/advancedserveradmin/mac/10.8/

Bookwise not many choices but
Apple Pro Training Series: OS X Server Essentials: Using and Supporting OS X Server on Mountain Lion
Overall this is too basic for most mid level people, but a good starting point for beginners.

All the best.

[sojourner]

Cool. I already subscribe to krypted.com and I'll definitely check out the others. Thanks a lot for the tips.