User Guide

ManualsBrandsApple ManualsOtherMAC OS X SERVER 10.5

Table Of Contents

System Imaging and Software Update Administration

Mac OS X Server

System Imaging and Software

Update Administration

For Version 10.5 Leopard

Summary of content (105 pages)

PAGE 1
Mac OS X Server System Imaging and Software Update Administration For Version 10.
PAGE 2
K Apple Inc. © 2007 Apple Inc. All rights reserved. The owner or authorized user of a valid copy of Mac OS X Server software may reproduce this publication for the purpose of learning to use such software. No part of this publication may be reproduced or transmitted for commercial purposes, such as selling copies of this publication or for providing paid-for support services. Apple, the Apple logo, AppleShare, AppleTalk, Mac, Macintosh, QuickTime, Xgrid, and Xserve are trademarks of Apple Inc.
PAGE 3
1 Preface 9 9 9 10 10 11 12 12 13 13 Part I Chapter 1 Contents About This Guide What’s New in System Imaging and Software Update What’s in This Guide Using This Guide Using Onscreen Help Mac OS X Server Administration Guides Viewing PDF Guides on Screen Printing PDF Guides Getting Documentation Updates Getting Additional Information System Imaging Administration 17 18 18 18 19 19 19 20 21 21 22 22 22 22 23 23 24 24 24 Understanding System Imaging Inside NetBoot Service Disk Images NetBoot Share Point
PAGE 4
25 25 4 System Image Utility Command-Line Tools Chapter 2 27 27 27 27 29 30 31 32 32 33 34 34 34 35 36 36 37 37 38 38 38 39 39 40 41 41 41 Creating NetBoot and NetInstall Images Using System Image Utility Creating Images Creating NetBoot Images Creating NetInstall Images Creating an Image from a Configured Computer Understanding Workflows Workflow Components Configuring the Customize Package Selection Action Configuring the Define Image Source Action Configuring the Add Packages and Post-Install Script
PAGE 5
49 49 50 50 51 51 52 52 53 53 54 55 55 Configuring Images Settings Configuring Filters Settings Configuring Logging Settings Starting NetBoot and Related Services Managing Images Enabling Images Choosing Where Images Are Stored Choosing Where Shadow Files Are Stored Using Images Stored on Remote Servers Specifying the Default Image Setting an Image for Diskless Booting Restricting NetBoot Clients by Filtering Addresses Setting Up NetBoot Service Across Subnets Chapter 4 57 57 57 58 58 59 Setting Up Clie
PAGE 6
Part II 6 Software Update Administration Chapter 7 75 75 76 76 76 77 77 77 77 77 78 78 78 79 79 Understanding Software Update Administration Inside the Software Update Process Overview Catalogs Installation Packages Staying Up-To-Date with the Apple Server Limiting User Bandwidth Revoked Files Software Update Package Format Log Files Information That Is Collected Tools for Managing Software Update Service Server Admin Workgroup Manager Command-Line Tools Chapter 8 81 81 82 82 83 83 83 84 84 84 85 85
PAGE 7
Chapter 10 Index 92 92 93 Removing Obsolete Software Updates Removing Updates from a Software Update Server Identifying Individual Software Update Files 95 95 95 95 95 Solving Software Update Service Problems General Tips If a Client Computer Can’t Access the Software Update server If the Software Update Server Won’t Sync with the Apple Server If Update Packages That the Software Update Server Lists Aren’t Visible to Client Computers 103 Contents 7
PAGE 8
Contents
PAGE 9
Preface About This Guide This guide describes how to configure and use NetBoot and NetInstall images within Mac OS X Server. It also describes the Software Update service you can set up using Mac OS X Server. Mac OS X Server v10.5 Leopard includes NetBoot service supporting NetBoot and NetInstall images and the improved System Image Utility—a stand-alone utility used to create Install and Boot images used with NetBoot service. Mac OS X Server v10.5 Leopard is Apple’s Software Update Server.
PAGE 10
Â Part II—Software Update Administration. The chapters in this part of the guide introduce you to the Software Update service and the applications and tools available for administering it. Note: Because Apple periodically releases new versions and updates to its software, images shown in this book may be different from what you see on your screen. Using This Guide The following list contains suggestions for using this guide: Â Read the guide in its entirety.
PAGE 11
Mac OS X Server Administration Guides Getting Started covers installation and setup for standard and workgroup configurations of Product Name. For advanced configurations, Server Administration covers planning, installation, setup, and general server administration. A suite of additional guides, listed below, covers advanced planning, setup, and management of individual services. You can get these guides in PDF format from the Mac OS X Server documentation website: www.apple.
PAGE 12
This guide ... tells you how to: Upgrading and Migrating Use data and service settings from an earlier version of Product Name or Windows NT. User Management Create and manage user accounts, groups, and computers. Set up managed preferences for Mac OS X clients. Web Technologies Administration Set up and manage web technologies, including web, blog, webmail, wiki, MySQL, PHP, Ruby on Rails, and WebDAV.
PAGE 13
Getting Documentation Updates Periodically, Apple posts revised help pages and new editions of guides. Some revised help pages update the latest editions of the guides. Â To view new onscreen help topics for a server application, make sure your server or administrator computer is connected to the Internet and click “Latest help topics” or “Staying current” in the main help page for the application. Â To download the latest guides in PDF format, go to the Mac OS X Server documentation website: www.apple.
PAGE 14
Preface About This Guide
PAGE 15
Part I: System Imaging Administration I The chapters in this part of the guide introduce you to system imaging and the applications and tools available for administering system imaging services.
PAGE 16
PAGE 17
1 Understanding System Imaging 1 This chapter describes how to start client computers using an operating system stored on a server and how to install software on client computers over the network. The NetBoot and NetInstall features of Mac OS X Server offer you alternatives for managing the operating system and application software that your Macintosh clients (or even other servers) require to start and do their work.
PAGE 18
You can set up multiple NetBoot or NetInstall images to suit the needs of different groups of clients or provide copies of the same image on multiple NetBoot servers to distribute the client startup load. NetBoot service can be used with NetBoot and NetInstall images along with Mac OS X client management services to provide a personalized work environment for each user. For information about client management services, see User Management.
PAGE 19
For example, if you decide to store images on three server disks, NetBoot service sets up three share points named NetBootSP0, NetBootSP1, and NetBootSP2. The share points for client shadow files are also created in /Library/NetBoot/ and are named NetBootClientsn. You can create and enable NetBootSPn and NetBootClientsn share points on other server volumes using the NetBoot service General settings in Server Admin. WARNING: Don’t rename a NetBoot share point or the volume it resides on.
PAGE 20
Allocation of Shadow Files for Mac OS X NetBoot Clients When a client computer starts from a Mac OS X NetBoot image, it creates shadow files on a server NetBootClientsn share point or, if no share point is available, on a drive local to the client. For information about changing this behavior, see “Choosing Where Shadow Files Are Stored” on page 52. NetBoot Image Folder When you create a Mac OS X NetBoot image with System Image Utility, the utility creates a NetBoot image folder whose name ends with “.
PAGE 21
Property List File The property list file (NBImageInfo.plist) stores image properties. The following table gives more information about the property list for Mac OS X image files. Property Type Description Architectures Array An array of strings of the architectures the image supports. BootFile String Name of boot file: booter. Index Integer 1–4095 indicates a local image unique to the server. 4096–65535 is a duplicate, identical image stored on multiple servers for load balancing.
PAGE 22
BootP Server NetBoot service uses a BootP server (bootpd) to provide necessary information to client computers when they try to start from an image on the server. If you have BootP clients on your network and they request an IP address from the NetBoot BootP server, this request will fail because the NetBoot BootP server doesn’t have addresses to offer.
PAGE 23
Security You can restrict access to NetBoot service on a case-by-case basis by listing the hardware addresses (also known as the Ethernet or MAC addresses) of computers that you want to permit or deny access to. The hardware address of a client computer is added to the NetBoot Filtering list when the client starts up using NetBoot and is, by default, enabled to use NetBoot service. You can specify other services. See “Restricting NetBoot Clients by Filtering Addresses” on page 55.
PAGE 24
Tools for Managing NetBoot Service The Server Admin and System Image Utility applications provide a graphical interface for managing NetBoot service in Mac OS X Server. In addition, you can manage NetBoot service from the command line by using Terminal. These applications are included with Mac OS X Server and can be installed on another computer with Mac OS X v10.5 or later, making that computer an administrator computer.
PAGE 25
System Image Utility System Image Utility is a tool you use to create and customize NetBoot and NetInstall images. With System Image Utility, you can: Â Create NetBoot images that can be booted to the Finder. Â Create NetInstall images from a DVD or existing Mac OS X partition. Â Assemble a workflow that creates customized NetBoot and NetInstall images. For instructions on using System Image Utility, see Chapter 2. System Image Utility is installed in /Applications/Server/.
PAGE 26
Chapter 1 Understanding System Imaging
PAGE 27
2 Creating NetBoot and NetInstall Images 2 This chapter provides instructions for preparing NetBoot or NetInstall images you can use with NetBoot service. You can set up multiple NetBoot or NetInstall images to suit the needs of different groups of clients or to provide copies of the same image on multiple servers to distribute the client startup load. Using NetBoot service, you can provide a personalized work environment for each client computer user.
PAGE 28
You can also assemble a workflow to create a NetBoot image that permits advanced customization of your images. For more information, see “Understanding Workflows” on page 31. Note: You must purchase a Mac OS X user license for each client that starts from a NetBoot or NetInstall disk image. To create a NetBoot image: 1 Log in as an administrator user. 2 Open System Image Utility (in the /Applications/Server/ folder). 3 In the left sidebar select the image source.
PAGE 29
To save the image somewhere else, choose a location from the Where pop-up menu or click the triangle next to the Save As field and navigate to a folder. 11 Click Save and authenticate if prompted. Important: Do not attempt to edit content in the image destination folder while the image is being created. Creating NetInstall Images Use System Image Utility to create a NetInstall image that you can use to install software on client computers over the network.
PAGE 30
NetBoot service must be configured on a network port and Server Admin must be set to serve images from a volume for this option to appear in the pop-up menu. For more information, see “Setting Up NetBoot Service” on page 48. To save the image somewhere else, choose a location from the Where pop-up menu or click the triangle next to the Save As field and navigate to a folder. 10 Click Save and authenticate if prompted.
PAGE 31
Clients can’t see the description information. 9 If the image will be served from more than oner server, select the checkbox below the description field. This option generates an index ID for NetBoot server load balancing. 10 For NetBoot images, if your source volume is a Mac OS X Installation DVD, enter a user name, short name, and password (in the Password and Verify fields) for the administrator account in Create Administrator Account. You can log in to a booted client using this account.
PAGE 32
Â Workflows that create custom NetBoot images assemble a bootable image from installation DVDs or from an installed OS volume. This is an image that could be directly installed onto a target volume using the asr command-line tool or you can use NetBoot. Each action performs a single task, such as customizing a software package or adding a user account. Instead of being a do-it-all tool, an action is purpose-designed to perform a single task well.
PAGE 33
To configure the Customize Package Selection workflow action: 1 From your System Image Utility workflow, select the Customize Package Selection action in the Automator Library and drag it into position in your workflow. 2 Enable or disable the installation of software packages using the Visible column. Select the checkbox in the Visible column to enable the software package. If enabled, the user can install the package from your image during installation.
PAGE 34
Configuring the Add Packages and Post-Install Scripts Action Use this action to add installer packages and post-install scripts to a NetInstall image. Post-install scripts provide the ability to customize each computer you deploy an image on. This action is only valid when creating a NetInstall image.
PAGE 35
2 Select from the following options to apply system configuration settings to your NetInstall image. If you want to copy the directory services configuration from the computer you are creating the image from, select “Apply directory services settings from this machine to all clients.
PAGE 36
6 In the Index field, enter an Image ID: Â To create an image that is unique to this server, choose an ID in the range 1–4095. Â To create one of several identical images to be stored on different servers for load balancing, use an ID in the range 4096–65535. Multiple images of the same type with the same ID in this range are listed as a single image in a client’s Startup Disk preferences pane.
PAGE 37
To remove MAC addresses from the list, select the item to remove and click the Delete (–) button. 3 To restrict image access, choose Allow or Deny for each MAC address. Configuring the Filter Computer Models Action Use this action to limit the computer models that a Mac OS X image can be installed on. Only selected computer models have access to the image. This action is only valid when creating NetInstall images.
PAGE 38
7 Set the size of the volume by choosing one of the following. Choose “Percentage of available disk” from the Size pop-up menu and enter a percentage. Select Minimum and enter the smallest size in GB for the volume (minimum size is only available if using percentage). Choose “Absolute size” from the Size pop-up menu and enter the size in GB. 8 To prevent the information from being updated when the disk is partitioned, select “Locked for editing.
PAGE 39
Removing Workflows You can remove workflows from the System Image Utility. To remove a workflow from System Image Utility: 1 Log in as an administrator user and open System Image Utility. 2 In the left sidebar click the triangle next to Workflows. The list of workflows appears. 3 Select the workflow you want to remove and click File > Remove Workflow. The workflow is removed from the System Image Utility but is not deleted from your computer.
PAGE 40
8 From the Automator Library, choose additional actions that your customized image requires and drag them into the Workflow pane. Assemble the actions in the order you like, configuring each action as you go. For more information on configuring the actions, see “Workflow Components” on page 32. 9 Drag the Create Image action to the end of your worklflow. This action is required at the end of image workflows. See “Configuring the Create Image Action” on page 35. 10 Save the workflow by clicking Save.
PAGE 41
About Packages To add application software or other files at image creation (instead of installing applications or files on the image source volume before you create the image), you must group the applications or files in a special file known as a package. A package is a collection of compressed files and related information used to install software onto a computer. The contents of a package are contained in a single file, which has the .pkg extension.
PAGE 42
Chapter 2 Creating NetBoot and NetInstall Images
PAGE 43
3 Setting Up NetBoot Service 3 This chapter describes how to set up NetBoot service to make boot and installation images available to clients. Use Server Admin to configure the NetBoot service in conjunction with System Image Utility to create and edit images. Setup Overview Here is an overview of the basic steps for setting up NetBoot service.
PAGE 44
To create application packages that you can add to an image, use PackageMaker. Application software packages can be installed by themselves or with Mac OS X system software. See “Creating Packages” on page 41. Step 3: Set up DHCP NetBoot requires that you have a DHCP server running on the local server or on another server on the network. Make sure you have a range of IP addresses sufficient to accommodate the number of clients that will use NetBoot at the same time.
PAGE 45
Before Setting Up NetBoot Service Before you set up NetBoot service, review the following considerations and requirements. What You Must Know Before you set up NetBoot on your server, make yourself familiar with your network configuration, including the DHCP services it provides. Be sure you meet the following requirements: Â You’re the server administrator. Â You’re familiar with network setup. Â You know the DHCP configuration.
PAGE 46
Network Hardware Requirements The type of network connections you must use depends on the number of clients you expect to boot over the network: Â 100-Mbit Ethernet (for booting fewer than 10 clients) Â 100-Mbit switched Ethernet (for booting 10–50 clients) Â Gigabit Ethernet (for booting more than 50 clients) These are estimates for the number of clients supported.
PAGE 47
Â Hard disk capacity and number of images: Boot and installation images occupy hard disk space on server volumes, depending on the size and configuration of the system image and the number of images being stored. Images can be distributed across multiple volumes or multiple servers. For more information, see “Performance and Load Balancing” on page 64.
PAGE 48
Turning NetBoot Service On Before you can configure NetBoot settings, you must turn NetBoot service on in Server Admin. To turn NetBoot service on: 1 Open Server Admin and connect to the server. 2 Click Settings. 3 Click Services. 4 Click the NetBoot checkbox. 5 Click Save. Setting Up NetBoot Service You set up NetBoot service by configuring the following four groups of settings on the Settings pane for NetBoot service in Server Admin. Â General.
PAGE 49
6 In the Images column, click the checkbox to choose where to store images. 7 In the Client Data column, click the checkbox for each local disk volume where you want to store shadow files used by Mac OS X diskless clients. 8 Click Save. Configuring Images Settings You can use the Images settings to enable images and select the default image. To configure NetBoot Images settings: 1 Open Server Admin and connect to the server. 2 Click the triangle to the left of the server. The list of services appears.
PAGE 50
6 Select “Allow only clients listed below (deny others)” or “Deny only clients listed below (allow others).” 7 Use the Add (+) button to enter the canonical or noncanonical form of a hardware address to the filter list, or use the Delete (–) button to remove a MAC address from the filter list. To look up a MAC address, enter the client’s DNS name or IP address in the Host Name field and click Search.
PAGE 51
3 If you’ll be booting diskless Mac OS X clients, start AFP service by selecting AFP in the Servers list and clicking the Start Service button (below the Servers list). 4 If your server is providing DHCP service, make sure the DHCP service is configured and running; otherwise, DHCP service must be supplied by another server on your network. If your NetBoot server is also supplying DHCP service, you might get better performance if you configure your server as a gateway.
PAGE 52
Choosing Where Images Are Stored You can use Server Admin to choose volumes to use for storing NetBoot and NetInstall images. WARNING: Don’t rename a NetBoot share point or the volume it resides on. Don’t use Server Admin to stop sharing for a NetBoot share point unless you first deselect the share point for images and shadow files. To choose volumes for storing image files: 1 Open Server Admin and connect to the server. 2 Click the triangle to the left of the server. The list of services appears.
PAGE 53
6 Click Save. From the Command Line You can also specify a volume to store shadow files on by using the serveradmin command in Terminal. For more information, see the system image chapter of Command-Line Administration. Using Images Stored on Remote Servers You can store NetBoot or NetInstall images on separate remote servers other than the NetBoot server. You must copy the images from the NetBoot server to the remote server and then configure the remote server to use the images.
PAGE 54
To specify the default boot image: 1 Open Server Admin and connect to the server. 2 Click the triangle to the left of the server. The list of services appears. 3 From the expanded Servers list, select NetBoot. 4 Click Settings, then click Images. 5 In the Default column, click the checkbox next to the image. You can select separate default images for Intel-based and PowerPC-based Macintosh computers. The architecture column shows the image type. Mac OS X v10.
PAGE 55
Restricting NetBoot Clients by Filtering Addresses The filtering feature of NetBoot service lets you restrict access to the service based on the client’s Ethernet hardware (MAC) address. A client’s hardware address is added to the filter list the first time it starts from an image on the server and is permitted access by default, so it is usually not necessary to enter hardware addresses manually. To restrict client access to NetBoot service: 1 Open Server Admin and connect to the server.
PAGE 56
Chapter 3 Setting Up NetBoot Service
PAGE 57
4 Setting Up Clients to Use NetBoot and NetInstall Images 4 This chapter describes how to set up client computers to start or install software from images on a server. After the NetBoot service and images are configured on the server, you must set up the client computers to access and use the images. Setting Up Diskless Clients NetBoot service enables you to configure client computers without locally installed operating systems or even without installed disk drives.
PAGE 58
Selecting a NetInstall Image If your computer is running Mac OS X v10.2 or later, you use Startup Disk preferences to select a NetInstall image. To select an NetInstall image from Mac OS X: 1 In System Preferences, select Startup Disk. 2 Select the network volume you want to start the computer with. 3 Click Restart. The NetBoot icon appears, the computer starts from the selected image, and the installer runs.
PAGE 59
Changing How NetBoot Clients Allocate Shadow Files By default, a Mac OS X NetBoot client places its shadow files in a NetBootClientsn share point on the server. If no such share point is available, the client tries to store its shadow files on a local hard disk. For Mac OS X v10.3 and later images set for diskless booting, you can change this behavior by using a text editor to specify a value for the NETBOOT_SHADOW variable in the image /etc/hostconfig file.
PAGE 60
Chapter 4 Setting Up Clients to Use NetBoot and NetInstall Images
PAGE 61
5 Managing NetBoot Service 5 This chapter describes daily tasks you perform to keep NetBoot service running efficiently, and includes information about load balancing across multiple volumes on a server or across multiple servers. You can manage NetBoot service using Server Admin. Server Admin enables you to verify the overall status of the connection, to review logs, to control clients, and to manage boot and installation images.
PAGE 62
Â To stop service to a client, click Settings, click Filters, select Enable NetBoot Filtering, choose “Deny only clients listed below,” and add the client’s hardware address to the list. From the Command Line You can also stop NetBoot service or disable images using the serveradmin command in Terminal. For more information, see the system image chapter of Command-Line Administration. Disabling a Boot or Installation Image Disabling an image prevents client computers from starting using the image.
PAGE 63
Viewing a List of NetBoot Connections You can use Server Admin to see a list of clients that are booted from the server. NetInstall clients display install progress information. To view the NetBoot connections list: 1 Open Server Admin and connect to the server. 2 Click the triangle to the left of the server. The list of services appears. 3 From the expanded Servers list, select NetBoot. 4 Click Connections. 5 To update the list, click the Refresh button (below the Servers list).
PAGE 64
Viewing the NetBoot Service Log You can use Server Admin to view a log containing diagnostic information. To view NetBoot service log: 1 Open Server Admin and connect to the server. 2 Click the triangle to the left of the server. The list of services appears. 3 From the expanded Servers list, select NetBoot. 4 Click Log, then use the Filter field below the log to search for specific entries. From the Command Line You can see the log by viewing the contents of the log file in Terminal.
PAGE 65
To distribute an image across servers: 1 Locate the image file on the server where the original image is stored. 2 If the image index ID is 4095 or lower, recreate the image and modify the index ID using the Create Image action in a workflow, then assign the image an index ID in the range 4096–65535. For more information, see “Assembling Workflows” on page 38. The image ID can be changed from Server Admin by double-clicking the Image ID field and entering the new ID.
PAGE 66
8 Open Terminal and use the scp secure copy tool to copy the image to the NetBootSPn share points on the other volumes. For example: $ scp /Library/NetBoot/NetBootSP0/image.nbi [admin_name]@[ip_address]:/ Volumes/Drive2/Library/NetBoot/NetBootSP1 where [admin_name] is an admin login and [ip_address] is the correct IP address for that server. You are prompted for the password of the admin login you supply.
PAGE 67
Distributing Shadow Files Clients starting up from Mac OS X diskless images store temporary (shadow) files on the server. By default, NetBoot for Mac OS X clients creates a share point for client shadow files on the server boot volume. (You can change this behavior. See “Choosing Where Shadow Files Are Stored” on page 52.) You can use Server Admin to see this share point and to add others. The share points are named NetBootClientsn where n is the share point number.
PAGE 68
Chapter 5 Managing NetBoot Service
PAGE 69
6 Solving System Imaging Problems 6 This chapter provides solutions for common problems you might encounter while working with NetBoot and NetInstall. This chapter contains solutions to common system imaging problems. General Tips Â Make sure a DHCP service is available on your network. It can be provided by the Mac OS X Server DHCP service or another server. Â Make sure required services are started on the server. See “Network Service Requirements” on page 46.
PAGE 70
If You Want to Change the Image Name You can’t edit the name of an image with System Image Utility after you create it. However, there are other ways to change the name, as follows. Changing the Name of an Uncompressed Image This section describes how to change the name of an uncompressed image that you created using System Image Utility. To change the name of an uncompressed image: 1 Mount the image in Finder by opening the .nbi folder containing the image and double-clicking it.
PAGE 71
10 Open a Terminal window and enter the following to rename the image: $ sudo diskutil rename /Volumes/image new_name Replace image with the name of the image you want to rename and new_name with the new name of the image. 11 When prompted, enter your administrator password. The name of the image changes. 12 Unmount the image. 13 Remount the image to verify that the image has been renamed. 14 Unmount the image. 15 Remove the original image from the .nbi folder and store it somewhere else.
PAGE 72
Chapter 6 Solving System Imaging Problems
PAGE 73
Part II: Software Update Administration II The chapters in this part of the guide introduce you to the Software Update service and the applications and tools available for administering the Software Update service.
PAGE 74
PAGE 75
7 Understanding Software Update Administration 7 This chapter describes how to use Software Update service to update Apple software on your network. Software Update service offers you ways to manage Macintosh software updates from Apple on your network. In an uncontrolled environment, users might connect to Apple Software Update servers at any time and update your client computers with software that is not approved by your IT group.
PAGE 76
Overview The process that starts Software Update service is SoftwareUpdateServer. When you start Software Update service, it contacts Apple’s Software Update server and requests a list of available software to download locally. You can choose to copy (store packages locally) and enable (make the packages available to users) any of the files presented in the list. You can also limit user bandwidth for updates and choose to automatically copy and enable newer updates from the Apple server.
PAGE 77
Staying Up-To-Date with the Apple Server To keep your service synchronized with the most current information, your Software Update server must always remain in contact with the Apple server. The Software Update service regularly checks with an Apple Software Update server to update usage information and send lists of newly available software to the updates catalog on your server as they become available.
PAGE 78
Information That Is Collected The Apple Software Update server collects the following information from client Software Update servers: Â Language Â Type Â Browser Tools for Managing Software Update Service The Workgroup Manager and Server Admin applications provide a graphical interface for managing Software Update service in Mac OS X Server. In addition, you can manage Software Update service from the command line by using Terminal.
PAGE 79
Workgroup Manager The Workgroup Manager application provides comprehensive management of clients of Mac OS X Server. You use Workgroup Manager to set preferences by user, group, or computer to access your Software Update server. For more information about how to configure managed preferences for the Software Update server, see User Management. For basic information about using Workgroup Manager, see User Management.
PAGE 80
Chapter 7 Understanding Software Update Administration
PAGE 81
8 Setting Up the Software Update Service 8 This chapter provides instructions for setting up the Software Update service on your network for Mac OS X v10.5 clients. You use the Software Update service in Server Admin to provide local software updates to client computers. Setup Overview Here is an overview of the basic steps for configuring your Software Update server. This includes setting up the Software Update service, configuring client computer access to the server, and testing.
PAGE 82
Step 3: Configure the Software Update server Decide how you want to copy and enable software updates from Apple: automatically or manually. Set the maximum bandwidth you want a single computer to use when downloading update packages from your server. See “Setting Up Software Update” on page 86. Step 4: Start the Software Update service Your server synchronizes with the Apple Software Update server by requesting a catalog of available updates.
PAGE 83
Client Computer Requirements Macintosh computers running Mac OS X v10.4 or later that are networked to a server running Mac OS X Server v10.4 or later can use the Software Update service to update Apple software. Network Hardware Requirements The type of network connections to use depends on the number of clients you expect to serve software updates to: Â To provide regular updates to fewer than 10 clients, use 100-Mbit Ethernet.
PAGE 84
Before Setting Up Software Update Before you set up Software Update, consider the following topics. Consider Which Software Update Packages to Offer Before you set up the Software Update service, consider whether to provide all or only part of Apple’s software updates. Your client computers might run application software that requires a specific version of Apple software for the application to operate correctly.
PAGE 85
To delete the software update folder in Terminal: $ sudo rm -rf /usr/share/swupd/html To move the software update folder in Terminal (to save downloaded updates): $ mv /usr/share/swupd/html /new_storage_location Replace new_storage_location with the location you want the folder moved to. To create a symbolic link in Terminal: $ ln -s /new_storage_location /usr/share/swupd/html Replace new_storage_location with the path to where you want to store downloaded software updates.
PAGE 86
Setting Up Software Update You set up the Software Update service by configuring the following groups of settings on the Settings pane for Software Update in Server Admin. Â General. This sets information about automatically copying and enabling updates, purging obsolete updates, and limiting user bandwidth. Â Updates. This lists available updates and provides date, name, version, and size information for each. The following sections describe the tasks for configuring these settings.
PAGE 87
Configuring Updates Settings You can use Updates settings to refresh the software update catalog, to copy and enable individual updates, and to view specific update information. To configure Updates settings: 1 Open Server Admin and connect to the server. 2 Click the triangle to the left of the server. The list of services appears. 3 From the expanded Servers list, select Software Update. 4 Click Settings, then click Updates. 5 Click Update List to refresh the list of available software updates.
PAGE 88
Pointing Unmanaged Clients to a Software Update Server Use the defaults command in Terminal to point unmanaged client computers to a specific Software Update server: To point unmanaged clients to a specific software update server: 1 Open Terminal on the unmanaged client. 2 Enter the following command: $ defaults write com.apple.SoftwareUpdate CatalogURL URL Replace URL with the URL of the Software Update server. For example: http://su.domain_name.
PAGE 89
9 Managing the Software Update Service 9 This chapter describes how to perform day-to-day management tasks for a Software Update server after the server is configured and running. The following sections show how to manually refresh the updates catalog from the Apple server, check the status of the Software Update service, stop the service, and control the software updates cataloged and distributed by the service.
PAGE 90
Checking the Status of the Software Update Service Use Server Admin to check the status of the Software Update service. To check Software Update service status: 1 Open Server Admin and connect to the server. 2 Click the triangle to the left of the server. The list of services appears. 3 From the expanded Servers list, select Software Update.
PAGE 91
Automatically Copying and Enabling Updates from Apple Use Server Admin to copy and enable software updates automatically from Apple. To automatically copy software updates and enable them for download: 1 Open Server Admin and connect to the server. 2 Click the triangle to the left of the server. The list of services appears. 3 From the expanded Servers list, select Software Update. 4 Click Settings, then click General.
PAGE 92
Removing Obsolete Software Updates Use Server Admin to remove obsolete software updates from the update catalog. You can configure the Software Update service to automatically purge obsolete updates. To purge obsolete software updates: 1 Open Server Admin and connect to the server. 2 Click the triangle to the left of the server. The list of services appears. 3 From the expanded Servers list, select Software Update. 4 Click Settings, then click General.
PAGE 93
4 When prompted, enter your administrator password. Identifying Individual Software Update Files All software updates are stored in the /usr/share/swupd/html/ folder. Sometimes you may want to locate a specific software update file. Each software update that is copied to the server is stored with product ID numbers for a file name. To make sure that you are selecting the correct software update file, correlate the file name (product ID) with the software update product ID in Server Admin.
PAGE 94
Chapter 9 Managing the Software Update Service
PAGE 95
10 Solving Software Update Service Problems 10 This chapter provides solutions for common problems you might encounter while working with Software Update. This section contains solutions to common Software Update problems. General Tips Â Make sure required services are installed. Â Make sure the Software Update packages you enable are meant for the client accessing them. Â If you detect poor response from the Software Update server, check the network load.
PAGE 96
Chapter 10 Solving Software Update Service Problems
PAGE 97
Glossary Glossary AFP Apple Filing Protocol. A client/server protocol used by Apple file service to share files and network services. AFP uses TCP/IP and other protocols to support communication between computers on a network. address A number or other identifier that uniquely identifies a computer on a network, a block of data stored on a disk, or a location in a computer’s memory. See also IP address, MAC address. administrator A user with server or directory domain administration privileges.
PAGE 98
DHCP Dynamic Host Configuration Protocol. A protocol used to dynamically distribute IP addresses to client computers. Each time a client computer starts up, the protocol looks for a DHCP server and then requests an IP address from the DHCP server it finds. The DHCP server checks for an available IP address and sends it to the client computer along with a lease period—the length of time the client computer may use the address. directory See folder.
PAGE 99
group A collection of users who have similar needs. Groups simplify the administration of shared resources. host Another name for a server. host name A unique name for a computer, historically referred to as the UNIX hostname. Internet A set of interconnected computer networks communicating through a common protocol (TCP/IP). The Internet is the most extensive publicly accessible system of interconnected computer networks in the world. Internet Protocol See IP. IP Internet Protocol. Also known as IPv4.
PAGE 100
network interface Your computer’s hardware connection to a network. This includes (but isn’t limited to) Ethernet connections, AirPort cards, and FireWire connections. NFS Network File System. A client/server protocol that uses Internet Protocol (IP) to allow remote users to access files as though they were local. NFS can export shared volumes to computers based on IP address, and also support single sign-on (SSO) authentication through Kerberos.
PAGE 101
QuickTime A set of Macintosh system extensions or a Windows dynamic-link library that supports the composition and playing of movies. QuickTime Streaming Server See QTSS. server A computer that provides services (such as file service, mail service, or web service) to other computers or network devices. Server Message Block See SMB. share point A folder, hard disk (or hard disk partition), or optical disc that’s accessible over the network.
PAGE 102
Glossary
PAGE 103
A access and client management 57, 81, 83 load balancing 66 path for client 22 restricting NetBoot 36, 37, 49, 50, 55 restricting Software Update 75, 84, 85 Add Packages and Post-Install Scripts action 34 Add User Account action 34 AFP (Apple Filing Protocol) service 46 AirPort wireless network 46 Apple Filing Protocol service.
PAGE 104
F files boot 22 Software Update storage 84 file services 46 See also share points Filter Clients by MAC Address action 36 Filter Computer Model action 37 filters, NetBoot 49, 55 folders, NetBoot image 20 G groups, setup 18, 81, 83, 85 H hardware requirements 45, 46, 83 hdiutil tool 31 help, using 10 host name, local 35 HTTP (Hypertext Transfer Protocol) 46 I images.
PAGE 105
serial number, server 47 Server Admin 18, 24, 78 serveradmin tool 48 servers discovery of 21, 55 images on remote 53 load balancing 28, 29, 31, 36, 64, 65, 66 NetBoot 19 Software Update 83, 88 setup procedures.