[Anonymous]

I finally figured out how to correct the problem. For whatever reason, in ‘Directory Access’ the LDAPv3 configuration did not have the ‘Use DHCP supplied LDAP server’ box checked. As soon as I checked it, it was fine. However, I have no idea why it was unchecked or how it got that way.

[Anonymous]

I’ve made a discovery that might or might not be relevent and might or might not give someone a clue. I opened ‘Netinfo Manager’ on a machine that has the “Other” icon and one that doesn’t. Under ‘config’ the one with the icon has mcx_cache while the one that doesn’t has ‘AppleServer’.

It this just another symptom like the missing “Other” icon, is this the core problem or is it irrelvent? TIA.

[Anonymous]

I found the solution. First a site that discussed a Windows 2000 server running a L2TP VPN server (MS built-in) behind a MS ISA proxy firewall and then a guy at Apples OS X Server discussion list that had it up and running.

I now let UDP ports 500, 1701 and 4500 through a firewall to the OS X server on the LAN. So I guess NAT-T is the default. No need for settings letting ESP (protocol 50) through.

It seems Apples VPN server is rather similar to/compatible with MS (MS-CHAPv2 and stuff)?

I haven’t tried Windows 2000/XP clients yet though.

The best part of the L2TP VPN solution is that you get an IP from the remote LAN range.

[Anonymous]

Sorry the link is:

http://developer.apple.com/server/fighting_spam.html

without the period at the end

Thanks again,

S

[Anonymous]

have you looked into using AFS?

go to http://www.openafs.org for more.

[Anonymous]

Hi Chris,

A couple thoughts.

While chatting with a high end Unix guru – former Sun employee – about options to ensure 24/7 uptime for FileMaker Server, he mentioned that with OS X it was possible to set up a second server as an IP failover box. The failover box would sit idle until the first was not responding, then it would assume the IP of the first. You would need a Unix guru to configure it as far as I know….. but the point is that even if you went Unix/Linux, the configuration would be very similar on a Mac OS X box.

And you would still have to work out how to keep both FM Server boxes synced so the data was correct on the failover box if (when) the time comes. Maybe an NAS like an Xserve RAID connected to both the primary and failover boxes, so the same data is available no matter what???

At MacWorld back in Jan., I spoke breifly with a guy from http://www.lakeviewtech.com/technology/index.asp . Check the bottom two products: clusters and echostream.

Looks like what you need. Not sure how it works, frankly, but at the time they had demos on CDs, so you could check it out. Claimed to allow server replication anywhere on a WAN, which is nice. You could have the failover box right next to you.

Have not had time to pursue this, so if you do, please post back, good or bad. Wanna say the cost was like $3000, which seemed reasonable for what it is *supposed* to do.

Good luck.

[Anonymous]

Thanks for the reply and I certainly understand your frustration but what did you find?

[Anonymous]

I wrote a PHP web-app that uses our Open Directory system.

Apparently, everything worked fine. Users that have Open Directory passwords are able to authenticate without any problems.

[Anonymous]

This took me 6 hours to configure this sh**!! For the same conclusion has yours. I tried nearly anything with the config file and nothing change! Anomy for me = “another open source useless perl script with no real docs”!!Disapointing and frustrating to take 2 days for this thing and see things not mention on the web site. I did researched (and 3 days later / 8 hours each of searching and testing) for another solution less complicated. I found something interesting better than Anomy or Avavis and work all directly with procmail. I have nothing against AFP548 but I found many infos wrong about how configure things like procmail. Nobody say nothing, how can we figure out? This make the difference between work and never work. 😡

[quote:045f5fba1a=”Anonymous”]I have just configued Anomy Sanitizer and it seems to be working. However, it is also doing some things I don’t like. The documentation I have found is not very clear on how to configure for the message body. It seems to be focused on attachments instead.

Here is the crux of the problem. Much of the mail received uses various fonts and colors within the message. Unfortunately, all that formatting is ‘mangled’ so what shows up is imbedded junk like:

We need job descriptions for 0000,0000,FFFFevery different position in your department (including your own).

How can I change the configuration to correct this? TIA.[/quote:045f5fba1a]

[Anonymous]

Why do you need so much cards.

In my opinion this is how it should be set.

Your internet connection goes into your built-in port. It is en0. It has the IP adress your IPS gave you or if you connect via ppoe a floating one.

Your card should share via en0, and have an IP range of 192.168.0.2 to whavever ( ex 192.168.255,255 about 65000 users) the number of users on your network.

But remember that an adress behind a NAT is not visible from outside your private network. To do that you need a fixed IP to serve pages to the outside world. This is why a router or NAT is more secure than just a machine plugged on the internet.

Hope this help.

[Anonymous]

If you wish to do it the hard way look at the [url=http://developer.apple.com/documentation/Networking/Conceptual/Open_Directory/]Open Directory APIs[/url] (look at dsDoDirNodeAuth)
You could also use PAM (which eventually wends it’s way to the PW server)
You should aviod the getpwent() style calls

Leland

[Anonymous]

Thanks.

[Anonymous]

Thanks again but that did not help. I do question what you mean by “add an IMAP administrator account.” I added it via the Workgroup Admin tool. Should it instead be added to /etc/password? Does it need to be set up in a specific group or with some other parameter(s)?

[Anonymous]

If I understand correctly, mail is delivered to PostFix, handed to amavisd, and then given back to PostFix.

The file main.cf includes information on how to deliver the mail to amavisd:
[code:1:da0f596794]content_filter=smtp-amavis:[127.0.0.1]:10024[/code:1:da0f596794]
The file amavisd.conf tells Amavis to listen on the correct port:
[code:1:da0f596794]$inet_socket_port = 10024;[/code:1:da0f596794]
The file master.cf tells PostFix to listen for responses on a different port:
[code:1:da0f596794]127.0.0.1:10025 inet n – y – – smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
[/code:1:da0f596794]
Check master.cf to be sure that you copied the information correctly. You can test that port with the following command:
[code:1:da0f596794]# telnet localhost 10025[/code:1:da0f596794]
The server should respond with:
[code:1:da0f596794]Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 mta1.domain.com ESMTP
[/code:1:da0f596794]
press ctrl-], then type ‘quit’ to quit

Hope this gets you going again.

Carl

[Anonymous]

Oh! I didn’t know it wouldn’t work out of the box. Thanks.

[Author]

Posts