Mac OS X Server Travails

Some quick notes on setting up a Mac OS X 10.3 (Panther) Server:

DHCP:
* Existing workstations which already have a lease from another DHCP server must be manually release/reserved, at least on some Windows. The alternative is to issue a non-conflicting set of addresses in the same subnet until the old addresses expire.

DNS:
* Don’t forget to put in the final periods in the name of the domains, the SOA record fields, the NS fields and the MX fields, etc.

FTP:
* To change the umask of the FTP server in 10.3, cd to /etc/xinetd.d, vi ftp, and add a -u0002 argument.
* Set up sharing points in Workgroup Manager. Set sharing values for each protocol.

SSL:
* Got a $39 SSL certificate from StarterSSL?
* When ordering certificate, use browser/SSL combo…Apache/Leam? (spelling?)
* Must turn off the Performance Cache to get SSL certificate installed.
* Must use 443 for the Port to conform — it’s not changed automatically.

Multihoming:
* Must duplicate the entry in Network control panel.
Only run AppleTalk on one of them.
Set the subnet on the duplicate to 255.255.255.255.

HTTP and HTTPS on same port:
* Must have duplicate entries in Workgroup Manager “Web” Settings “Sites”…one of HTTP/80 and one for HTTPS/443.
* Add a “redirect” from http at base address of protected web to send over to https.

Mail:
* Don’t run an open relay. Set up “Accept SMTP relays only from…”
* Filter junk mail. Currently using these filters:
sbl-xbl.spamhaus.org
combined.njabl.org

WebMail:
* Set First Hop.
* Set Folder Names.
* Set up “redirect” from http:…/WebMail to https:…/WebMail.

Windows:
* Running as Primary Domain Controller