Tiger Server Install Instructions #Panther Server Install Instructions # #Install Panther Server off the CDs # - boot normally and select the install CD from the StartupDisk Preference Pane # - once the installer appears, run Disk Utility from the Installer pull-down # menu if you need to modify any RAID configurations before the install # CLI for partitioning 1 drive: diskutil partitionDisk /dev/disk1 2 GPTFormat "Journaled HFS+" OSDisk 20G "Journaled HFS+" DataDisk 1G # - After selecting the drive to install, hit the 'Options' button, and select # 'Erase and Install' not upgrade. # - On the next screen, hit the 'Customize' button, and remove any foreign #language # components # - Begin the install #Once the install is complete, the following will appear: #Welcome: click continue #Language: select English #Keyboard: select US Serial Number: enter the serial number for this installation of OSX Server Register the server as LSA / University of Michigan Administrator Account: Name: macroot Short Name: macroot Password: (not included in this document) Verify: retype the same password #Network Names: # Host Name: Type the fully-qualified host name (foo.lsa.umich.edu) # Computer Name: Type the same fully-qualified host name # Rendezvous Name: Type the same fully-qualified host name. It probably # will autofill this with a hyphen-separated name instead of period # separated - this is OK. Network Interfaces: The only box that should remain checked is TCP/IP for Built-in Ethernet TCP/IP Connection: Configure: Manually IP Address: (set appropriately) Subnet Mask: (set appropriately) Router: (set appropriately) DNS Servers: 141.211.211.180 141.211.144.17 141.211.125.17 Search Domains: (leave blank) Directory Usage: Standalone Server Services: (leave all unchecked - we'll configure them later) Time Zone: Select 'Detroit - USA' Network Time: Use a network time server (check this box) NTP Server: ntp.itd.umich.edu Confirm Settings: (click Apply) ...wait for the server while it's being configured Restart when prompted #GUI METHOD (CLI method is below): #The LoginWindow should appear. In my installation, it would not accept # user 'macroot' with its password, so instead I logged in with: # username 'root' and macroot's password #Software update should appear... update if appropriate, reboot if required #After the reboot, login and run software update again. Update if # appropriate, reboot if required. # (you need to run software update multiple times because certain # updates will only show up once you've installed other updates) #Since 'macroot's account wouldn't let me in, go into workgroup manager, # and change macroot's password type (under Advanced) to # 'Shadow Password' and enter macroot's password when prompted. # Then click 'Save' #macroot should now be able to login (check to be sure) #Go into System Preferences->Sharing # Select 'Apple Remote Desktop' and click 'Access Privileges' # Enable 'macroot' and select all privileges # Click 'OK' # Click 'Show status in menu bar' # Click 'Start' #Log out # (since ARD is now running, you can do anything else you need to do # remotely either with the server admin tools from a Panther desktop # machine, or with ARD from any machine) CLI METHOD: ssh macroot@newservername # Install all required software updates softwareupdate -i -r reboot ssh macroot@newservername # Enable ARD #'/System/Library/CoreServices/ARD Agent.app/Contents/Resources/kickstart' -activate -configure -access -on -users macroot -privs -all -restart -agent -menu ### The following is currently UNTESTED sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users macroot -privs -all -restart -agent -menu KERBEROS SECURITY SETTING: If you want to require a password to ssh to the server even if Kerberos is configured and a host principal is present, you must add the following lines to the /etc/sshd_config file: # Disable automatic login if you have a kerberos ticket GssapiAuthentication no #ENABLE OUTGOING MAIL #We want hardware warnings to be able to get off the box, so we need to #enable outgoing mail. #In 'Server Admin.app', select Mail, then Settings #In the 'General' pane, have ONLY 'Enable SMTP' checked #In the 'Filters' pane, only accept SMTP relays from 127.0.0.1/32 #Click 'Save', and 'Start Service' (you may have to click start a few times) ----------------------------------------------- Install K2Client.mpkg (for software and hardware inventory purposes)