Congratulations! You’ve successfully set up Mac OS X Server, the world’s easiest-to-use server operating system, and you’re now ready to use many of the exciting services that it has to offer. To enhance the security, accessibility, and overall usefulness of your new server, there are a few additional changes you should make to your network, and this document will help you getstarted. These items may require changes to components of your network such as routers and other servers. If you don’t have access to these components, contact the person who’s responsible for them.
Users and Groups
Some of the services running on your server require users to enter a user name and password to access them. Use the Users pane and Groups pane of Server Preferences to create accountsand manage the users and groups who access your server. For detailed instructions, search Server Preferences Help for “managing accounts.” Certain tools for managing your users, groups, and other resources, such as Workgroup Manager and iCal Server Utility, enable you to log in using your directory administrator. Your directory administrator has the user name “diradmin”, and its password is the sameas the admin user you created during setup.
Your server is connected to the Internet through a NAT device, such as a network router, which may prevent some users who are outside your immediate network from accessing services. If you don’t want to provide access to users outside your immediate network, you can skip this step. To allow access to all users, including thoseoutside your immediate network, you need to configure port forwarding on your NAT device. To do this, use your device’s configuration software, which usually consists of several webpages at an address such as http://192.168.1.1 or http://192.168.1.254. Using Safari, you go to the configuration website, and then navigate to the webpage with settings for “Port Range Forwarding,” “Port Mapping,” “FirewallSettings,” or “Virtual Server.” In some cases, you can select standard services such as web or VPN and specify that each be forwarded to your server’s IP address. In other cases, you must enter port numbers for services and enter your server’s IP address for each one. For specific information about configuring your NAT device, see its documentation. The ports to forward for many of your servicesare listed below. Some NAT devices may ask you to specify TCP or UDP for each port, while other devices don’t. For a list of ports for additional services, search Server Admin help for “TCP and UDP port reference,” or see http://support.apple.com/kb/TS1629 Description Apple File Service (AFP) ARD - Remote Management HTTP - web service HTTP - web service alternate HTTPS - secure web service via SSLiCal Server iCal Server - SSL iChat Server iChat Server - file transfer proxy iChat Server - server-to-server iChat Server - SSL Mail - IMAP Mail - IMAP SSL Mail - POP3 Mail - POP3 SSL Mail - SMTP legacy SSL submission Mail - SMTP standard Mail - SMTP submission SMB/CIFS - Windows file service SSH - Secure Shell 548 3283, 5900 80 8080 443 8008 8443 5222 7777 5269 5223 143 993 110 995 465 25 587161 22 Ports TCP TCP, UDP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP, UDP TCP, UDP TCP TCP, UDP TCP TCP TCP, UDP Protocols
The domain name servers you’re using don’t have an entry for the domain CristianDNS.private, and therefore your clients won’t be able to access your server using the name CristianDNS.private. To fix this, purchase your domain name through your ISP or froma public domain name registrar, and ask them to configure the domain to point to your server. If your server only needs to be accessed by clients on the your local network (IP subnet), your server can provide the necessary domain name resolution. In order for your clients to use your server for name resolution, you need to configure your server’s DNS service to provide DNS forwarding, and then...