Configuring an xserve for use as an LSA Installation Server: This assumes the instructions in "xserve-setup-instructions.txt" have been used. Create the relevant NetInfo databases and domains (see separate Netinfo-Domains.txt document) Using "Server Setup" utility: In the Network Tab, configure the Firewall (DOCUMENTATION STILL NEEDS TO BE WRITTEN ON THIS TOPIC) Create the file structure on the DataDisk disk. (look at another server like serval.lsa.umich.edu - I won't go into detail here because hopefully this will happen as an automatic replication thing later) Using "Workgroup Manager": Create any accounts of those who will have permission to install in the "Local" Netinfo domain. For consistency, please use their UM UIDs and usernames. Create a group in the "Local" Netinfo domain: Name: LSA Installers Short name: lsa-installers Group ID: ????? (SHOULD THIS BE SET TO SOMETHING CONSISTENT?) Members: add anyone that should be doing installs into this group Click the "Sharing" icon to define the Shares Delete all existing shares (Public, Users, Groups, Macintosh Manager) Create two share points for the following: DataDisk->Install->Group->Generic DataDisk->Install->LSA With the following properties: General: Share this item and its contents Owner: root Read & Write Group: lsa-installers Read Only Everyone: None Click the button to "Copy these privileges to enclosed items) Click the "Save" button at the bottom Protocols Apple File Settings: Share this item using AFP UNCHECK "Allow AFP guest access" Windows File Settings, FTP, NFS: UNCHECK "Share this item using ..." UNCHECK "Allow ... guest access" Click the "Save" button at the bottom Automount Ensure that the "Automount this item to clients in domain" is unchecked If department specific loads (we'll use Physics as an example) are in use, you'll also need to create a group for that department (eg. physics-installers), and define a share point for DataDisk->Install->Group->Physics with the same configuration except setting the Group as physics-installers under the General tab in sharing. Using a terminal (ssh) session: By default, Apple File Sharing doesn't let an admin mount an individual share point, but rather only whole disks. To fix this, from a terminal session on the server, issue the following sudo niutil -createprop . /config/AppleFileServer admin_gets_sp 1 Verify it was set with: niutil -read . /config/AppleFileServer | grep admin Using the "Server Settings" application: Stop Apple File Service if it's running. Configure Apple File Service - Start Apple File Service on system startup - UNCHECK Enable browsing with Network Service Location - UNCHECK Enable Guest access - CHECK Enable secure connections - CHECK Enable Access log - CHECK Enable Error log Start Apple File Sharing At this point there should only be "1 Running" service visible in Server Setup Install the rsyncX package on each server - this is probably most easily done via AppleRemoteDesktop Copy the packages from one machine to the other: (see the separate document "rsync-commands.txt" for examples on this) Installing the Netboot image: on the new machine, sudo mkdir /Library/NetBoot (then rsync the NetBootSP0 directory - see the rsync-commands.txt file) run 'Server Settings' utility and connect to the new server in the 'NetBoot' tab, check the 'Dynamic' box for built-in Ethernet (or whatever the appropriate device is) in the 'Image' tab, ensure that the image is Enabled and Default wait a few minutes run 'Workgroup Manager', in Sharing, check to be sure that the following two shares were created. If they weren't, you can add them - they live in /Library/NetBoot NetBootSP0 is shared with the following attributes set: AFP: share, no guest Windows: no sharing, no guest FTP: no sharing, no guest NFS: export this item, remove any computers from the list, uncheck 'Map ___ to nobody', check read-only. NetBootClients0 is shared, but only for AFP, and no guest or NFS access back in 'Server Settings', you should see the NFS file service running