Mac OS X Server Upgrading and Migrating For Version 10.
Apple Inc. © 2007 Apple Inc. All rights reserved. The owner or authorized user of a valid copy of Mac OS X Server software may reproduce this publication for the purpose of learning to use such software. No part of this publication may be reproduced or transmitted for commercial purposes, such as selling copies of this publication or for providing paid-for support services. Every effort has been made to make sure that the information in this manual is correct. Apple Inc.
1 Preface 5 5 6 6 6 8 8 8 9 Contents About This Guide What’s in This Guide Using This Guide Using Onscreen Help Mac OS X Server Administration Guides Viewing PDF Guides on Screen Printing PDF Guides Getting Documentation Updates Getting Additional Information Chapter 1 11 11 11 12 12 12 12 13 15 Before You Begin Servers from Which You Can Upgrade or Migrate Upgrading to v10.5 Migrating from a Pre-10.5 Version Server to v10.
48 48 55 Upgrading an Open Directory Master and Its Replicas Step-by-Step Instructions Upgrading Apache Web Server to v2.2 from v1.3 Chapter 5 57 57 58 59 60 Migrating from Mac OS X Server v10.3 Before You Begin Understanding What You Can Migrate Tools You Can Use Step-by-Step Instructions Chapter 6 75 75 75 76 77 Migrating from Mac OS X Server v10.
Preface About This Guide Use this guide when you want to move to Mac OS X Server v10.5 from a previous version of the server or to migrate Windows NT data to Mac OS X Server v10.5. Upgrading and Migrating contains instructions for reusing data and settings of previous server versions. There are two approaches: Â Perform an upgrade installation. This approach leaves all your data and settings in place and lets you reuse your existing server hardware for Mac OS X Server v10.5.
Using This Guide Using this guide is easy. Read Chapter 1 to make sure you understand your options. Then turn to the chapter that addresses your upgrade or migration scenario. You’ll find step-by-step instructions for preserving and reusing server data by using various tools and manual techniques. You’ll also find references to instructions and supplemental information in other guides in the server suite. The next page tells you about the documents in the suite and where to find them.
www.apple.com/server/documentation This guide ... tells you how to: Getting Started and Mac OS X Server Worksheet Install Mac OS X Server and set it up for the first time. Command-Line Administration Install, set up, and manage Mac OS X Server using UNIX commandline tools and configuration files. File Services Administration Share selected server volumes or folders among server clients using the AFP, NFS, FTP, and SMB protocols.
Viewing PDF Guides on Screen While reading the PDF version of a guide onscreen: Â Show bookmarks to see the guide’s outline, and click a bookmark to jump to the corresponding section. Â Search for a word or phrase to see a list of places where it appears in the document. Click a listed place to see the page where it occurs. Â Click a cross-reference to jump to the referenced section. Click a web link to visit the website in your browser.
Getting Additional Information For more information, consult these resources: Â Read Me documents—important updates and special information. Look for them on the server discs. Â Mac OS X Server website (www.apple.com/server/macosx)—gateway to extensive product and technology information. Â Mac OS X Server Support website (www.apple.com/support/macosxserver)—access to hundreds of articles from Apple’s support organization. Â Apple Training website (www.apple.
Preface About This Guide
1 Before You Begin 1 Take a few moments to become familiar with upgrade and migration options and requirements. If you’re using Mac OS X Server v10.3 or v10.4, you may not need to migrate server data to a different computer. You might be able to upgrade your server, a process that installs and sets up Mac OS X Server v10.5 on your existing server computer while preserving data and service settings.
Migrating from a Pre-10.5 Version Server to v10.5 Even if your existing server meets the minimum requirements for upgrading, you may want to migrate instead of upgrade. For example, you may be updating computers and decide that you want to reestablish your server environment on newer computers. Migrations from Mac OS X Server versions 10.4.10 or later, 10.3.9, and 10.2.8 are supported. When you migrate, you install and perform initial setup of Mac OS X Server v10.5 on a computer, restore files onto the v10.
System Accounts When you install Mac OS X Server, several user and group accounts are created in the local directory. These accounts are sometimes called system accounts because they’re used by the server system software. For a description of how predefined accounts are used, see User Management. You can’t change the names or IDs of system accounts, so when you migrate users and groups, don’t try to.
Name Short name UID Application Owner appowner 87 WindowServer windowserver 88 Unknown User unknown 99 Here are the predefined groups: Short name 14 Group ID nobody -2 nogroup -1 wheel 0 daemon 1 kmem 2 sys 3 tty 4 operator 5 mail 6 bin 7 staff 20 lp 26 postfix 27 postdrop 28 utmp 45 uucp 66 dialer 68 network 69 www 70 mysql 74 sshd 75 qtss 76 mailman 78 appserverusr 79 admin 80 appserveradm 81 clamav 82 amavisd 83 jabber 84 xgridcontr
Short name Group ID xgridagent 86 appowner 87 windowserver 88 accessibility 90 unknown 99 Applying a New Serial Number When upgrading to Mac OS X Server v10.5 from v10.4, you must configure your system to use a v10.5 serial number.
Chapter 1 Before You Begin
2 Upgrading Mac OS X Server v10.4 2 Use the instructions in this chapter to upgrade a v10.4.10 or later server to v10.5. You can upgrade computers with Mac OS X Server v10.4.10 or later that don’t require hard disk reformatting and that have:  An Intel or PowerPC G5 or G4 (867 MHz or faster) processor  At least 1 GB of RAM  At least 20 GB of disk space available Understanding What Can Be Reused When you upgrade from Mac OS X Server v10.4.
Upgrading an Open Directory Master and Its Replicas When the server you want to upgrade is an Open Directory master or replica, upgrade the master and then upgrade the replicas. To upgrade the master and its replicas: 1 Upgrade the master to v10.5 using the instructions in “Step-by-Step Instructions” on page 18. While you’re upgrading the master, client computers can’t connect to it for Open Directory services. Clients may experience a delay while automatically finding an Open Directory replica server.
Step 1: Update your server to v10.4.10 or later If necessary, use Software Update to update your server to v10.4.10 or later. Step 2: Save all service settings Use serveradmin or Server Admin to export all service settings for reference. Also, use System Profiler to generate a full profile of your system. Store the exported service settings and your server’s profile on a removable drive or another system.
5 Move through the Assistant’s panes, following the onscreen instructions. Your existing settings are displayed in the panes, but you can change them if you like. Enter a unique server software serial number for each server you upgrade. You’ll find the number printed on the materials provided with the server software package. If you have a site license, a registered owner name and organization must be entered exactly as specified by your Apple representative.
4 Identify the server you want to upgrade. If it’s on the local subnet, select it in the list. Otherwise, click “Server at IP Address” and enter an IP address in IPv4 format (000.000.000.000). 5 When prompted for a password, enter the old administrator password. 6 Proceed by following the onscreen instructions. 7 When the Volumes pane appears, select a target disk or volume (partition) and click Continue. During installation, progress information is displayed.
Print Service Settings To restore Print service settings, you must first recreate the original CUPS queues before importing the saved settings. For printers connected directly to the server via USB, the queues are created by CUPS when the printers are plugged in and turned on. However, for network printers, you must add the printers using either Server Admin > Print (for LPR or AppleTalk printers) or System Preferences > Print & Fax (for all printer types).
Secure Sockets Layer (SSL) Certificates Use Server Admin to import existing SSL certificates you want to continue to use for iChat, Open Directory, Mail, or Web services. To import an SSL certificate: 1 Open Server Admin. 2 Select the upgraded server in the list of computers and services. 3 Click Certificates. 4 Import the certificates you want to use.
If you have user accounts with crypt passwords and you don’t Kerberize them using the above command, you can use Workgroup Manager to upgrade to Open Directory passwords. To use Workgroup Manager, open the application and access the directory where the user account resides. Authenticate as domain administrator, then select a user with a crypt password. Click Advanced, choose Open Directory from the User Password Type pop-up menu, click Basic, specify a new password, and click Save.
NetBoot Images You can reuse NetBoot images created using versions 10.3 and 10.4 following the upgrade. To manage Netboot images, you use System Image Utility, which replaces Network Image Utility during the upgrade. The Open Directory Upgrade Log Information about upgrading the Open Directory LDAP server is stored in /Library/Logs/slapconfig.log. Web Service If you’ve modified /etc/httpd/workers.properties, reapply your changes to the version of the file that’s installed with Mac OS X Server v10.5.
Chapter 2 Upgrading Mac OS X Server v10.
3 Migrating from Mac OS X Server v10.4 3 Use the instructions in this chapter when you need to migrate data from a v10.4.10 or later server to a different computer running v10.5. You can migrate data from Mac OS X Server v10.4.10 or later computers that can’t or won’t be upgraded to v10.5 or later. Such computers may: Â Require hard disk reformatting or replacement with a newer computer.
To reestablish the master and its replicas: 1 Set up the v10.5 master. While you’re setting up the master, client computers can’t connect to the v10.4.10 or later master for Open Directory services. In addition, clients may experience a delay while automatically finding the nearest Open Directory replica server. You can eliminate this delay by changing the DHCP service to use the address of an Open Directory replica server if it provides clients with an LDAP server address. When the v10.
        NAT settings Print settings VPN settings User data, including home directories QuickTime Streaming Server files and folders QTSS Publisher files and folders User and group accounts iChat server settings Use serveradmin or Server Admin to export all service settings for reference. Store the exported service settings on a removable drive or another system.
Step-by-Step Instructions To move data from a Mac OS X Server v10.4.10 or later computer to a computer with Mac OS X Server v10.5 installed, follow the instructions in this section. 1 Export user and group information. 2 Create archive files of data and user export files. 3 Note current share points and privileges. Shared Folders user Read & Write Engineering userdata.tar Read & Write Designs group 2017 Read Only Documents Workgroup Manager database.tar 4 Copy archive files to new server.
Step 1: Export users and groups Use Workgroup Manager to export user and group accounts from a NetInfo or LDAPv3 directory into a character-delimited file that you can import into a directory for use with Mac OS X Server v10.5. To export users and groups: 1 In Workgroup Manager, click Accounts, then click the globe icon below the toolbar and choose the directory that you want to export accounts from. 2 Click the lock to authenticate as domain administrator (typically diradmin).
To create a tar archive, use the tar command in the Terminal application. The command’s -c flag creates an archive file in tar format. Use the -f flag to specify the archive file name. Use the -v (verbose) flag to view progress information as the command executes: tar -cvf /MyHFSVolume/Stuff.tar /MyHFSVolume/My\ Stuff The escape character (\ in the example above) indicates a space in the name. You can also use quotation marks to handle embedded spaces: tar -cvf /MyHFSVolume/Stuff.
where database is the name of the database containing the listed tables and tb1, tb2, and tb3 represent table names. To back up one or more databases, enter: mysqldump --databases db1 [db2 db3...] > backup-file.sql To back up all database on the system, enter: mysqldump --all-databases > backup-file.sql Additional instructions for database backup and restore can be found in the MySQL documentation at www.mysql.org.
FTP Configuration Files To migrate your FTP settings, save these configuration files: In this directory Save these files /Library/FTPServer/Configuration/ ftpaccess ftpconversions ftphosts ftpgroups ftpusers /Library/FTPServer/Messages/ banner.txt welcome.txt limit.txt LDAP Server Back up the LDAP server configuration information. To back up the Open Directory database, which includes LDAP server configuration: 1 In Server Admin, select Open Directory from the list of computers and services.
WebObjects Applications and Frameworks Save WebObjects applications and frameworks located in: Â /Library/WebObjects/ Â /System/Library/WebObjects/ Tomcat Data Save any Tomcat servlets you want to reuse. They’re in /Library/Tomcat/webapps/. If you’ve installed Axis independent of the version supplied with your server, save any Simple Object Access Protocol (SOAP) services. JBoss Applications Save JBoss applications located in /Library/JBoss/3.2/deploy/.
DHCP In Server Admin, select DHCP from the list of computers and services on the left, click Settings, and drag the button on the bottom-right to the Desktop. Dragging this button creates a file on the Desktop containing the DHCP service settings. Save this file. User Data Save any user data files or folders you want to reuse, especially home directory folders. QuickTime Streaming Server Files and Folders Save files and folders in /Library/QuickTimeStreaming/.
Step 5: Set up the home directory infrastructure Set up the destination for home directories you want to restore. The home directory location identified in imported user accounts must match the physical location of the restored home directories, including the share point location. For details on how to perform the steps in the following procedure, see User Management. To prepare the server to store home directories: 1 Create the folder you want to serve as the home directory share point, if required.
To import users and groups using Workgroup Manager: 1 Place the export files you created in Step 1 in a location accessible from your server. You can modify user accounts in an export file if you want to set passwords before importing users. For instructions, see User Management.
To use Workgroup Manager, open the application and access the directory where the user account resides. Authenticate as the Open Directory administrator (typically diradmin), then select a user with a crypt password. Click Advanced, choose Open Directory from the User Password Type pop-up menu, click Basic, specify a new password, and click Save. For more information about slapconfig, see its man page. Step 7: Relocate the following saved data files Place the files you saved from your v10.
Web Content Copy saved web content to the following locations and anywhere else you have placed web content on the server: Â /Library/WebServer/Documents/ Â /Library/WebServer/CGI-Executables/ MySQL Data Before importing backed up MySQL data, make sure that the MySQL service is active. You can activate the MySQL service using Server Admin or the serveradmin command.
8 Run the mail database upgradedb script: sudo -u cyrusimap /System/Library/ServerSetup/MigrationExtras/ 61_migrate_cyrus_db 9 Run the following command to insure that the index files for all mail accounts are in good working order: sudo /usr/bin/cyrus/bin/reconstruct –i 10 In Server Admin, start Mail service by clicking Mail, then click Start Mail. Webmail Data Place saved address books and preferences in /var/db/squirrelmail/data/.
To restore the NetBoot settings: 1 Open Server Admin and select NetBoot from the list of computers and services. 2 Choose Server > Import > Service Settings to import the NetBoot settings from the file you exported earlier (see “NetBoot Images” on page 34). 3 Review the NetBoot settings to make sure they were imported correctly. WebObjects Applications and Frameworks To migrate WebObjects: 1 Copy saved applications to /Library/WebObjects/Applications/. 2 Copy saved frameworks to /Library/Frameworks/.
IP Firewall Configuration To migrate the IP firewall configuration, restore the /etc/ipfilter folder. Open Server Admin and click Firewall to inspect the settings and make sure they are correct. NAT Restore the contents of /etc/nat/natd.plist. You can restore the v10.5 default settings for NAT (stored in /etc/natd/natd.plist.default) at any time by deleting the active configuration file (/etc/ nat/natd.plist).
VPN Restore the following:  /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist.  /Library/Keychains/System.keychain  /etc/racoon/psk.text If L2TP is set up and psk.text stores the IPsec shared secret, the shared secret may also be stored in com.apple.RemoteAccessServers.plist or System.keychain. Migrate the VPN MPPE Key user by using the vpnaddkeyagentuser command-line tool. For more information about this command, see its man page.
QTSS Publisher Files and Folders QTSS Publisher has been removed from Mac OS X Server v10.5. However, files created using the QTSS Publisher on v10.4 should continue to work on v10.5. Restore QTSS Publisher files and folders on Mac OS X Server v10.5.
iChat Server To migrate iChat server settings: 1 Restore the following folders:  /var/jabber/spool  /etc/jabber 2 Run the following script with root privileges: sudo execute "/System/Library/ServerSetup/MigrationExtras/ 58_jabbermigrator.pl The 58_jabbermigrator.pl script invokes three other scripts to migrate the iChat server settings. If needed, you can run these scripts individually to customize the migration. The scripts are documented and contain helpful information.
4 Upgrading Mac OS X Server v10.3 4 Use the instructions in this chapter to upgrade a v10.3.9 server to v10.5. You can upgrade computers with Mac OS X Server v10.3.9 that don’t require hard disk reformatting and that have:  An Intel or PowerPC G5 or G4 (867 MHz or faster) processor  At least 1 GB of RAM  At least 20 GB of disk space available Understanding What Can Be Reused When you upgrade from Mac OS X Server v10.3.
Upgrading an Open Directory Master and Its Replicas When the server you want to upgrade is an Open Directory master or replica, upgrade the master and then upgrade the replicas. To upgrade the master and its replicas: 1 Upgrade the master to v10.5 following the instructions in “Step-by-Step Instructions” on page 48. While you’re upgrading the master, client computers can’t connect to it for Open Directory services.
Step 1: Update your server to v10.3.9 If necessary, use Software Update to update your server to v10.3.9. Step 2: Save all service settings Use serveradmin or Server Admin to export all service settings for reference. Also, use System Profiler to generate a full profile of your system. Store the exported service settings and your server’s profile on removable media or another system.
5 Move through the Assistant’s panes, following the onscreen instructions. Your existing settings are displayed in the panes, but you can change them if you like. Enter a unique server software serial number for each server you upgrade. You’ll find the number printed on the materials provided with the server software package. If you have a site license, a registered owner name and organization must be entered exactly as specified by your Apple representative.
4 Identify the server you want to upgrade. If it’s on the local subnet, select it in the list. Otherwise, click “Server at IP Address” and enter an IP address in IPv4 format (000.000.000.000). 5 When prompted for a password, enter the old administrator password. 6 Proceed by following the onscreen instructions. 7 When the Volumes pane appears, select a target disk or volume (partition) and click Continue. During installation, progress information is displayed.
Step 5: Make adjustments as needed after initial server setup Use Workgroup Manager, Server Admin, Terminal, and other applications to refine your server’s settings and take advantage of new v10.5 features. For an explanation of new and changed features, see the administration guide for individual services. Following are a few suggestions of particular interest. WebObjects Restore httpd.conf to the previous version (httpd.conf.AppleSaved), or include the following line in the new httpd.
For more information about importing, creating, and activating self-signed certificates, see iChat Service Administration, Mail Service Administration, Open Directory Administration, and Web Technologies Administration. Groups If you want groups to use new v10.5 features such as nesting and stricter membership checking, upgrade group records using Workgroup Manager. To upgrade a group record: 1 Open Workgroup Manager. 2 Open the directory that contains the groups of interest.
LDAP Schemas If you update the slapd.conf file when adding schema files, run the slaptest command. This command identifies the change for the new schema addition and makes it persistent in the database To run the slaptest command: 1 Back up the slapd.d directory (in /etc/openldap). 2 Run the following command to specify an alternative slapd.conf file: slaptest -f -F 3 Compare the old slapd.d directory with the new directory to determine which changes need to be made.
DNS When you select DNS in Server Admin for the first time after an upgrade, Server Admin prompts you whether to upgrade. If you click Don’t Upgrade, Server Admin leaves the DNS configuration files as they were before the v10.5 upgrade. DNS still runs, but you can’t make DNS configuration changes using Server Admin. If you need to make changes, you must edit the DNS configuration files. If you click Upgrade, Server Admin upgrades the configuration files to the v10.5 format.
Chapter 4 Upgrading Mac OS X Server v10.
5 Migrating from Mac OS X Server v10.3 5 Use the instructions in this chapter when you need to migrate data from a v10.3.9 server to a different computer running v10.5. You can migrate data from Mac OS X Server v10.3.9 computers that can’t or won’t be upgraded to v10.5 or later. Such computers may: Â Require hard disk reformatting or replacement with a newer computer.
To reestablish the master and its replicas: 1 Set up the v10.5 master. While you’re setting up the master, client computers can’t connect to the v10.3.9 master for Open Directory services. In addition, clients may experience a delay while automatically finding the nearest Open Directory replica server. You can eliminate this delay by changing the DHCP service to use the address of an Open Directory replica server if it provides clients with an LDAP server address. When the v10.
     VPN settings User data, including home directories QuickTime Streaming Server files and folders QTSS Publisher files and folders User and group accounts Use serveradmin or Server Admin to export all service settings for reference. Store the exported service settings on removable media or another system.
Step-by-Step Instructions To move data from a Mac OS X Server v10.3.9 computer to a computer with Mac OS X Server v10.5 installed, follow the instructions in this section. 1 Export user and group information. 2 Create archive files of data and user export files. 3 Note current share points and privileges. Shared Folders user Read & Write Engineering userdata.tar Read & Write Designs group 2017 Read Only Documents Workgroup Manager database.tar 4 Copy archive files to new server.
Step 1: Export users and groups Use Workgroup Manager to export user and group accounts from a NetInfo or LDAPv3 directory into a character-delimited file that you can import into a directory for use with Mac OS X Server v10.5. To export users and groups: 1 In Workgroup Manager, click Accounts, then click the globe icon below the toolbar and choose the directory that you want to export accounts from. 2 Click the lock to authenticate as domain administrator.
To create a tar archive, use the tar command in the Terminal application. The command’s -c flag creates an archive file in tar format. Use the -f flag to specify the archive file name. Use the -v (verbose) flag to view progress information as the command executes: tar -cvf /MyHFSVolume/Stuff.tar /MyHFSVolume/My\ Stuff The escape character (\ in the example above) indicates a space in the name. You can also use quotation marks to handle embedded spaces: tar -cvf /MyHFSVolume/Stuff.
where database is the name of the database containing the listed tables and tb1, tb2, and tb3 represent table names. To back up one or more databases, enter: mysqldump --databases db1 [db2 db3...] > backup-file.sql To back up all database on the system, enter: mysqldump --all-databases > backup-file.sql Additional instructions for database backup and restore can be found in the MySQL documentation at www.mysql.org.
FTP Configuration Files To migrate your FTP settings, save these configuration files: In this directory Save these files /Library/FTPServer/Configuration/ ftpaccess ftpconversions ftphosts ftpgroups ftpusers /Library/FTPServer/Messages/ banner.txt welcome.txt limit.txt AFP Save /Library/Preferences/com.apple.AppleFileServer.plist. NetBoot Images You can migrate NetBoot images created using Mac OS X Server v10.3. Save the .
NAT Save the contents of /etc/nat/natd.plist. Print Use the serveradmin settings the migration process. print command to save print settings before you start serveradmin settings print > exported_print_settings Also, record the names and IDs of the CUPS queues for later use. VPN Copy:  /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist  /Library/Keychains/System.keychain  /etc/racoon/psk.text If L2TP is set up and psk.
To transfer tar files or disk images using FTP: 1 Use Server Admin on the new server to start FTP service. 2 Set up sharing for a folder into which you’ll place files you transfer from the v10.3 computer. 3 From the v10.3 server, use FTP service to copy the tar files or disk images to the v10.5 computer. 4 On the v10.5 computer, double-click a tar file to extract its contents or double-click a disk image to mount it.
For more information about passwords of users originally created with Mac OS X Server v10.1.5 or earlier, see Open Directory Administration. For more information about dsimport and a description of Workgroup Manager export format, see Command-Line Administration. To import users and groups using Workgroup Manager: 1 Place the export files you created in Step 1 in a location accessible from your server. You can modify user accounts in an export file if you want to set passwords before importing users.
If you have user accounts with crypt passwords and you don’t Kerberize them using the above command, you can use Workgroup Manager to use an Open Directory password. To use Workgroup Manager, open the application and access the directory where the user account resides. Authenticate as domain administrator, then select a user with a crypt password. Click Advanced, choose Open Directory from the User Password Type pop-up menu, click Basic, specify a new password, and click Save.
MySQL Data Before importing backed up MySQL data, make sure that the MySQL service is active. You can activate the MySQL service using Server Admin or the serveradmin command. To activate the MySQL service using the serveradmin command, enter: serveradmin start mysql To import database backups enter: mysql < backup-file.sql To import data into databases that require privileged access, run mysql with the -and -p options: user=root mysql --user=root -p < backup-file.
10 In Server Admin, start Mail service by clicking Mail, then click Start Mail. Webmail Data Place saved address books and preferences in /var/db/squirrelmail/data/. FTP Configuration Files Copy saved FTP configuration files to: Â /Library/FTPServer/Configuration/ Â /Library/FTPServer/Messages/ AFP Configuration To migrate the AFP configuration, restore /Library/Preferences/ com.apple.AppleFileServer.plist. NetBoot Images Copy the .
4 (Optional) If you didn’t have Java 1.4.2 installed on your v10.3 server, manually update WebObjects application projects by opening each project in Xcode; then, in the Expert View for the main target’s settings, change the property value for JAVA_VM to java. These projects must be manually updated to use the version of the Java Virtual Machine (JVM) included with Mac OS X Server v10.5. Important: Mac OS X Server v10.5 includes WebObjects 5.4, which requires Java 1.5 to be installed.
Print Service Settings To restore Print service settings, you must first recreate the original CUPS queues before importing the saved settings. In the case of printers connected directly to the server via USB, the queues are created by CUPS when the printers are plugged in and turned on. However, for network printers, you must add the printers using either Server Admin > Print (for LPR or AppleTalk printers) or System Preferences > Print & Fax (for all printer types).
 If you click Upgrade, Server Admin upgrades the configuration files to the v10.5 format. After that, you can use Server Admin to make DNS configuration changes. DHCP Settings To migrate the DHCP configuration: 1 Open Server Admin and select DHCP from the list of computers and services. 2 Choose Server > Import > Service Settings to import the DHCP settings from the file you exported earlier (see “DHCP” on page 65).
3 For media playlists, verify that the folder /Library/Application Support/Apple/QTSS Publisher/Libraries/Media/ contains the media files listed in the .playlist files. 4 For MP3 playlists, verify that the folder /Library/Application Support/Apple/QTSS Publisher/Libraries/MP3/ contains the media files listed in the .playlist files. 5 For every playlist, update its .config file so that paths point to the new playlist folder in /Library/QuickTimeStreaming/Playlists.
6 Migrating from Mac OS X Server v10.2 6 Use the instructions in this chapter when you need to migrate data from a v10.2.8 server to a different computer running v10.5. You can migrate data from Mac OS X Server v10.2.8 computers that can’t or won’t be upgraded to v10.5 or later. Such computers may: Â Require hard disk reformatting or replacement with a newer computer.
 User data, including home directories  QuickTime Streaming Server files and directories  User and group accounts Use serveradmin or Server Admin to export service settings for reference. Store the exported service settings on removable media or another system. Note: One way to save service settings in Server Admin is to select the service from the list of computers and services on the left, click Settings, and drag the button on the bottom-right to the Desktop.
Step-by-Step Instructions To move data from a Mac OS X Server v10.2.8 computer to a computer with Mac OS X Server v10.5 installed, follow the instructions in this section. 1 Export user and group information. 2 Create archive files of data and user export files. 3 Note current share points and privileges. Shared Folders user Read & Write Engineering userdata.tar Read & Write Designs group 2017 Read Only Documents Workgroup Manager database.tar 4 Copy archive files to new server.
Step 1: Export users and groups Use Workgroup Manager to export user and group accounts from a NetInfo or LDAPv3 directory into a character-delimited file that you can import into a directory for use with Mac OS X Server v10.5. To export users and groups: 1 In Workgroup Manager, click Accounts, then click the globe icon below the toolbar and choose the directory that you want to export accounts from. 2 Click the lock to authenticate as domain administrator.
To create a tar archive, use the tar command in the Terminal application. The command’s -c flag creates an archive file in tar format. Use the -f flag to specify the archive file name. Use the -v (verbose) flag to view progress information as the command executes: tar -cvf /MyHFSVolume/Stuff.tar /MyHFSVolume/My\ Stuff The escape character (\ in the example above) indicates a space in the name. You can also use quotation marks to handle embedded spaces: tar -cvf /MyHFSVolume/Stuff.
FTP Configuration Files To migrate your FTP settings, save these configuration files: In this directory Save these files /Library/FTPServer/Configuration/ ftpaccess ftpconversions ftphosts ftpgroups ftpusers /Library/FTPServer/Messages/ banner.txt welcome.txt limit.txt WebObjects Applications and Frameworks Save WebObjects applications and frameworks located in: Â /Library/WebObjects/ Â /System/Library/WebObjects/ Tomcat Data Save any Tomcat servlets you want to reuse.
DNS Save the file /etc/named.conf and the directory /var/named/ and all its contents. DHCP In Server Admin, select DHCP from the list of computers and services on the left, click Settings, and drag the button on the bottom-right to the Desktop. Dragging this button creates a file on the Desktop containing the DHCP service settings. Save this file. User Data Save any user data files or folders you want to reuse, especially home directory folders.
To prepare the server to store home directories: 1 Create the folder you want to serve as the home directory share point, if required. You can use the predefined /Users folder, if you like. 2 Open Server Admin on the server where you want home directories to reside. 3 Click File Sharing to set up a share point for the home directories. If user accounts will reside in a shared Open Directory directory, create a dynamically automounted AFP or NFS share point for the home directories.
3 Click the globe icon in the toolbar to open the directory where you want to import accounts. 4 Click the lock to authenticate as domain administrator. 5 Choose Server > Import, select the import file, and specify import options. If you’re using a preset, make sure you specify the preset. 6 Click Import. 7 If you want groups to use new v10.5 features, upgrade groups using Workgroup Manager.
A new httpd.conf file is created and a sites directory is created. 7 If you’ve modified /etc/httpd/workers.properties, reapply your changes to the version of the file that’s installed with server v10.5. The v10.5 workers.properties file has a new entry for Blog service. 8 In Server Admin, start Web service. Web Content Copy saved web content to: Â /Library/WebServer/Documents/ Â /Library/WebServer/CGI-Executables/ Mail Database To migrate the mail database: 1 Make sure that v10.5 Mail service isn’t running.
 /Library/FTPServer/Configuration/  /Library/FTPServer/Messages/ WebObjects Applications and Frameworks To migrate WebObjects: 1 Copy saved applications to /Library/WebObjects/Applications/. 2 Copy saved frameworks to /Library/Frameworks/. 3 Add the following line to the new httpd.conf file: Include /System/Library/WebObjects/Adaptors/Apache/apache.conf Note: JavaMonitor and WebObjects Task Daemon (wotaskd) services are now managed by launchd and can be accessed through Server Admin.
7 In the Terminal application, run the following command from the directory where the firewallconfig file resides: sudo niload -r /config/IPFilters . < firewallconfig 8 Enter the following command: sudo /System/Library/ServerSetup/MigrationExtras/50_ipfwconfigmigrator Running this script creates a /etc/ipfilter folder with all necessary files for the migration. 9 On the Mac OS X Server v10.5 server, open Server Admin and make sure Firewall service isn’t running.
QuickTime Streaming Server Files and Folders Follow instructions in QuickTime Streaming and Broadcasting Administration to reuse files and folders saved from /Library/QuickTimeStreaming/. Step 8: Set up share points and privileges Recreate the share points and privileges as required. To create a share point and set privileges: 1 Open Server Admin and click File Sharing. 2 Click Volumes and select the volume or folder you want to share. 3 Click Share. 4 Click Permissions to set up access privileges.
Chapter 6 Migrating from Mac OS X Server v10.
7 Migrating to Mac OS X Server from Windows NT 7 This chapter contains instructions for transferring data and settings from a Windows NT server to a computer running Mac OS X Server v10.5. This chapter includes the following sections: Â “Before You Begin” on page 89 describes the prerequisite tasks you must perform before you start the migration process. Â “Understanding What You Can Migrate” on page 90 describes what you can migrate from a Windows NT server to a Mac OS X Server v10.5 computer.
Understanding What You Can Migrate The instructions in “Step-by-Step Instructions” on page 97 describe how to reuse the following data from a Windows NT server with a Mac OS X Server PDC:  User and group accounts  Records for computers that are members of the NT domain  Users’ personal files from My Documents folders and home directory folders  Roaming user profiles To migrate user, group, and computer records, you must have a Mac OS X Server system that is or can be an Open Directory master.
Other users for whom you set up Mac OS X Server accounts can also use these services. In addition, Mac OS X Server can provide Windows Internet Naming Service (WINS) and Windows domain browsing across subnets for migrated and new Windows users. Mac OS X Server can provide additional services to Windows, Mac OS X, and UNIX users, including Mail, Web, Blog, iChat (Jabber), VPN, DHCP, DNS, and NAT. For details, see the Mac OS X Server setup and administration guides described in the Preface.
Migrating Users, Groups, and Computers to a Mac OS X Server PDC Mac OS X Server includes a command-line tool, ntdomainmigration.sh, that: Â Sets up Mac OS X Server as a PDC. Â Extracts user and group information and uses it to create Mac OS X Server user and group accounts. Â Extracts computer information and uses it to add Windows computers to the Mac OS X Server Windows Computers list, making them members of the Mac OS X Server PDC domain.
When setting up Mac OS X Server as a PDC, make sure your network doesn’t have another PDC with the same domain name. The network can have multiple Open Directory masters, but only one PDC. Providing Home Directories and Roaming User Profiles Migrated users can continue using their existing home directories unless the home directories are located on the Windows NT server that you’re taking out of service.
User accounts defined on Mac OS X Server can be used to authenticate access to shared network folders via the Windows standard protocol for file service, Server Message Block. Windows users access shared folders on Mac OS X Server by using normal procedures such as mapping a network drive. User accounts in the Mac OS X Server PDC (the server’s LDAP directory) can be used to access the PDC server’s shared folders, if any.
Providing Print Service Mac OS X Server Print service helps you set up a managed printing environment on your network. You can share PostScript-compatible printers by setting up print queues for them on a server. When a user prints to a shared queue, the print job waits on the server until the printer is available or until established scheduling criteria are met.
DNS can also be used as a fallback mechanism for name resolution by Windows workstations. Windows workstations initially try to discover the PDC via NetBIOS, so DNS is not required for Mac OS X Server to provide a PDC or other services to Windows users. However, Windows clients will fall back to DNS name resolution if they can’t discover a server name via NetBIOS. As a result, having DNS properly configured and enabled can be beneficial to Windows users.
Tools for Providing Windows Access to Print Service To provide Windows access to print service, you can use:  Server Admin, to configure print queues for Windows access and print quota enforcement  The Add Printer wizard on each Windows workstation, to add print queues as printers  Workgroup Manager, to set print quotas for users (optional) Step-by-Step Instructions This section describes how to migrate to Mac OS X Server v10.5 from Windows NT.
The following diagram summarizes the steps for migrating users, groups, and computers. The diagram is followed by detailed instructions. 1 Set up an Open Directory master. 2 Have users copy files from old home directories. 3 Migrate user, group, and computer records. Windows NT server 4 Set up the home directory infrastructure. 5 Transfer login scripts. Mac OS X Server 6 Have users transfer files to new home directories. Windows clients 7 Have users log out to save profile settings.
To make Mac OS X Server an Open Directory master: 1 If Mac OS X Server will use an existing DNS service, configure your network’s DNS service to resolve the server’s name and IP address and to resolve a reverse-lookup of the server’s IP address to the server’s name. 2 Install the Mac OS X Server v10.5 software if it isn’t installed yet. For installation instructions, see Getting Started. If the Mac OS X Server software is already installed, go to step 4.
 If the Overview pane says Kerberos is stopped, start it. Click Settings, click General, then click Kerberize and authenticate when prompted. For detailed instructions on starting Kerberos after setting up an Open Directory master, see Open Directory Administration. Kerberos won’t start if the server isn’t configured to use a DNS server that resolves the server’s fully qualified DNS name and resolves a reverse-lookup of the server’s IP address.
To migrate users, groups, and computers, and make Mac OS X Server a PDC: 1 Configure Mac OS X Server to use your network’s existing WINS server or to provide WINS service by doing the following: Open Server Admin, connect to the server, and select SMB in the list of computers and services. Click Settings, then click Advanced, and do one of the following: Â If your network has an existing WINS server, select “Register with WINS server” and enter the IP address or DNS name of the WINS server.
5 After ntdomainmigration.sh finishes, you can save a migration log by choosing File > Save Text As. After you enter the three passwords, ntdomainmigration.sh outputs information about the user, group, and computer records it migrates. When the tool finishes, the message “Successfully Migrated Domain” appears. This is the information you can save as a migration log. If errors occur during migration, ntdomainmigration.sh records them in the system log.
Step 4: Set up the home directory infrastructure If users had home directories on the Windows NT server that you took out of service, you must set up Mac OS X Server home directories for them. You can also set up Mac OS X Server home directories for other migrated users. A user’s home directory mounts when a user logs in with a Mac OS X Server user account. The home directory is mapped to a network drive, and you can specify the drive letter for each user.
To set up a share point for Windows users’ home directories: 1 Open Server Admin and select an existing share point, or set up a new share point for home directories: Â To use an existing share point, connect Server Admin to the server where the share point resides, click File Sharing, click Share Points, and select the share point.
4 If the share point will be used for Mac OS X home directories as well as Windows home directories, set up the share point to mount automatically on client computers: With the share point selected in Server Admin, click Share Point, click “Enable Automount,” make the necessary configurations, click OK, and then click Save. For more information about configuring the automount for the share point, see File Services Administration.
 To specify a different SMB share point, enter a UNC path that includes the share point: \\servername\sharename\usershortname Replace sharename with substitute the name of the share point.  The default drive letter is H. Windows uses the drive letter to identify the mounted home directory. 4 If the Path field isn’t blank, make sure the specified share point contains a folder for the user’s home directory.
6 In Workgroup Manager, select each Windows PDC user account and make sure the location of the user’s login script is correctly specified in the Windows pane. The Login Script field should contain the relative path to a login script located in /etc/netlogon/. For example, if you’ve copied a script named setup.bat into /etc/netlogon/, the Login Script field should contain setup.bat.
Migrating Windows File Service Use the instructions in this section to transfer the contents of network folders on a Windows NT server to share points on Mac OS X Server systems. You set up Mac OS X Server file service by designating folders on the server as share points and putting files for Windows users into the share point folders. You can set ACLs and standard UNIX privileges to control the kind of access users have to share points and folders.
To create an SMB share point and control access to it: 1 Open Server Admin, connect to the server that will host the share point, and click File Sharing. 2 If you want, set ACL permissions for the new share point or folders in it. 3 Click Volumes and select the volume you want to share. If you want to create a folder to use as a share point, click Browse, click New Folder, enter the folder name, and click Create. Note: Don’t use a slash (/) in the name of a folder or volume you plan to share.
13 To prevent FTP access to the new share point, click FTP and deselect “Share this item using FTP.” 14 To prevent NFS access to the new share point, click NFS and deselect “Export this item and its contents to.” 15 Click OK. 16 Make sure the SMB service is running: Open Server Admin, select SMB from list of computers and services, and click Overview. If the SMB service is stopped, click Start SMB.
Step 4: Users can map networked drives to share points Windows users can now connect to Mac OS X Server share points, which they see as network folders, and map network drives to these share points. For basic instructions on mapping a network drive, see the onscreen help in Windows. The user’s login name and password are used by default to authenticate the connection to a Mac OS X Server share point.
Step 1: Set up SMB print queues in Mac OS X Server Use Server Admin to create queues on the server for network PostScript printers, make the queues available to Windows users, and start print service on the server. To set up a shared print queue for SMB access: 1 In Server Admin, select Print in the list of computers and services. 2 Click Queues.
10 If Print service is stopped, click Start Print in or choose Server > Start Service. Step 2: Windows clients can connect to Mac OS X Server print queues Windows users can now add connections to Mac OS X Server print queues by using the Add Printer wizard. On a Windows XP computer, adding a connection to a print queue requires logging in with a user account that’s a member of the computer’s Administrators group.
To enforce quotas for a print queue: 1 In Server Admin, select Print in the list of computers and services. 2 Click Queues. 3 Select a queue in the list. 4 Select “Enforce quotas for this queue.” 5 Click Save.
A access ACLs 24, 53, 110 SMB share points 108, 110, 111 See also LDAP; permissions; SOAP accounts. See groups; users; Workgroup Manager ACLs (access control lists) 24, 53, 110 admin group 13 administrator, privileges of 13 AFP (Apple Filing Protocol) service v10.3 migration 64, 70 v10.4 migration 34, 41 Apache server v10.3 upgrade 55 v10.4 upgrade 17, 25 Apple Filing Protocol service. See AFP archiving v10.2 migration 78, 81 v10.3 migration 61, 65 v10.
E email. See mail service exporting server settings 19 users and groups 29, 31, 59, 61, 78 See also importing F files locking of 94 relocation of 39, 68, 83 transfer of Window user 107 See also archiving file services, Windows NT migration 93, 96, 108 See also AFP; FTP; share points; SMB/CIFS file sharing v10.2 migration 82 v10.3 migration 66, 74 v10.4 migration 37 Windows NT migration 93 See also share points File Transfer Protocol. See FTP firewall service v10.2 migration 80, 85 v10.
migration vs. upgrading 5, 6, 11, 12, 13 MySQL v10.3 migration 62 v10.4 migration 32, 40, 69 N NAT (Network Address Translation) v10.3 migration 65, 71 v10.4 migration 35, 43 NetBIOS 96 NetBoot service v10.3 migration 64, 70 v10.3 upgrade 47, 54 v10.4 migration 34, 41 v10.4 upgrade 17, 25 Network Address Translation. See NAT network services. See DHCP; DNS; firewall service; IP addresses; NAT; VPN NTdomainmigration.sh script 92, 96, 97, 100 NT Domain services.
serial number 15 testing 46, 74, 87 See also under version setup procedures. See configuration; installation shared files. See file sharing share points v10.2 migration 81, 87 v10.3 migration 65, 74 v10.4 migration 36, 46 and Windows users 93, 94, 103, 108, 110, 111 Simple Object Access Protocol. See SOAP slaptest tool 24, 54 SMB/CIFS (Server Message Block/Common Internet File System) protocol service v10.4 migration 34, 41 Windows NT migration 94, 95, 108, 111 SOAP (Simple Object Access Protocol) v10.
