[dreness]

I would use WebDAV instead of AFP. WebDAV is intended to provide writable access to web content areas. As WebDAV is implimented in an apache module, that’s one less extra service you need to run. Also, because all the WebDAV filesystem access is abstracted through the ‘www’ user, WebDAV has a MUCH more flexible permissions architecture. You may specify as many users or groups (local or shared) that you wish, and are not limited by the standard unix permisisons model of only three permissions categories (owner, group, other).

WebDAV volumes can be mounted via ‘Connect To Server’ just like afp volumes can.

-Andre

[dreness]

Seriously, shell out the $40 for the dedicated network appliance that does NAT. Using NAT in OS X Server works (including the port mapping; I have done it many times), but it’s simply a much worse solution than a dedicated appliance.

For what it’s worth, I totally understand your frustration that apple seems to have stopped short on the NAT implimentation. In my view, the NAT documentation should include a great big caveat: The time you will spend wailing against it, figuring out firewall rules to let NAT’d clients properly access external services (the server docs don’t touch this issue), and the downtime your network will experience due to reboots, etc… that is all worth more than $40 in almost every case. I applaud your desire to get it working, but… sometimes the cheap and easy way is also the best way

[Author]

Posts