Those of you who have taken the plunge into 10.7.3 on your server may have discovered (much to your dismay) that the VPN is broken.
There’s a support article on the Apple support site that will bring your VPN service back to life. Basically, you need to flip a bit on the system VPN account.
This applies to any server that was running VPN prior to the 10.7.3 update, which would be a great deal of us. The good news is… PPTP is now supposedly working. I primarily use L2TP, so I didn’t care so much about that one. But when L2TP was also broken after the 10.7.3 update, I was flummoxed.
If you have a Lion server behind a NAT router (for example, an Airport Extreme or Time Capsule) that is running a VPN service you may have difficulties connecting to it with Windows 7 using L2TP despite the correct setup.
I won’t go into the deep dive on this now, but just a total quick tip. You need to change the encapsulation parameters on Windows 7. Do that by setting a registry key:
There seems to be a great deal of misunderstanding around Apple’s “shared contacts” feature in Lion. If you spend some time searching the Apple Community forums and blogs, lots of folks are claiming that Apple has performed a feat of false advertising over this need.
Indeed, sharing contacts across an organization is a pretty big requirement. Not just do you want to share the contact info of the users in your directory, it would be more than beautiful if you could add shared contacts that everyone could search against.
I’ve published a screencast on how to do this. Here’s a hint: it involves a checkbox in your Lion server setup and some TLC with your Open Directory. Basically, you’ll make your Open Directory searchable by the Address Book Server and use the Directory Utility to put the shared contacts into your OD setup. It works like a charm and there’s no need to share a username and password amongst your users.
Sorry I spoiled the ending for you, but for details on this please watch the screencast. Comment below or contact me if you have any questions, comments or suggestions. I love to hear from folks!
Have any other heavy tips or requirements out of Mac OS X and you just can’t figure it out? Let me know and I’ll see if I can unravel it for you.
Quicktime Streaming Server is not supported on OS X Lion Server.
There are some changes to wikis and mailing list support as well. Here’s a paste from page 17/18 of the guide:
Understanding what can be reused
When you upgrade from Mac OS X Server v10.6 or later, virtually all existing data and settings remain available for use, but note the following:
NetBoot images created using Mac OS X Server v10.5 or later can be reused. NetBoot images created using earlier versions cannot be used.
When upgrading to Lion Server, the launch daemons (/System/Library/ LaunchDaemons) are replaced by the Lion Server version of these daemons.
Open Directory on Lion Server cannot be configured as a primary domain controller (PDC) or a backup domain controller (BDC) using the SMB service.
Lion Server does not support Print service, MySQL, Mobile Access, Tomcat, Axis, or QuickTime Streaming Server (QTSS).
Wiki-based mailing list and archives are not available in Lion Server.
If you are using Mail service with Mac OS X Server v10.6 and are performing the upgrade to Lion Server, make sure your mail data partitions and the mail database are accessible during the upgrade process. This automates the mail migration process and requires you to have no interaction.
I’m a little surprised that Mobile Access is also gone. They were pretty proud of that feature in Snow Leopard Server.
I did not use this site to live blog the WWDC keynote because frankly, other people did a fine job of it. I prefer to watch the keynote and let it simmer on my brain. I sprinkle it with a bit of flavor from the other blogs and information on the net.
Then I grab the products and I test it to death.
There’s a lot to like in today’s WWDC keynote. A lot. I wasn’t disappointed in the slightest. Apple has laid down the gauntlet on where they want to go. They’re going to the cloud and they’re creating the “post-PC” era groundwork.
I’ve seen many blogs call today’s announcements a “bloodbath.” In many respects, that’s accurate. If you work at RIM today you have to be thinking that your company’s lifespan just shortened a bit more. Apple is clearly listening to the consumers and learning from the jailbreak market, the Android devices and RIM. They are doing things the “Apple way” and that’s good.
This is, however, a blog about Apple in the Enterprise. I’m going to drop a few tidbits that I think are quite relevant.
Lion client is $29.99 and available from the Mac App Store only. I would assume there is a way to make an installer disk so you don’t have to download this over and over again. I would also assume there is a way to make this available to your Enterprise on a volume licensing-type of arrangement. I’ll be looking into this more.
Lion Server will cost an extra $49 on top of the $29 charge for Lion client. This is huge and will likely increase the install base of the server product.
iOS 5.0′s notification system, iMessage and other features are really huge.
What REALLY matters to the enterprises that I work for: S/MIME support in Mail. I’m so glad to see this. I’m cautiously optimistic that this will work well, but frankly, many folks have screwed PKI up so badly it may not matter.
iCloud is big, but it looks like some elements of iCloud are included in Lion Server so you can make your own private iCloud. I’ll also be looking into this more as time moves on.
MobileMe’s death sentence is interesting. It’s a rare admittance by Apple that something didn’t work. I’m glad to see they’re not afraid to stand up to the product’s failings (and victories) and learn from it. I’ve been looking for ways to migrate off of MobileMe for a while. I’ve only maintained a membership for the syncing of contacts and bookmarks and… well, to make sure I have it to test against in case customers need to know something about it.
Overall, it was a great keynote. Apple is doing fantastic things and I really look forward to delving into it even more. I’m sad that I’m not attending WWDC this year. It’s easily the biggest keynote since the introduction of the iPhone. Whenever there is a huge WWDC keynote like this I usually walk away from it exasperated. I stop and wonder, where in the hell can they take this now? this is already too good.
I know those folks are having a blast and loving life tonight… as am I. This is really quite exciting.
Looks like OS X Lion will include the server components baked into the client. Interesting and probably a very, very good move. Could this be a preparation for licensing the OS on more hardware that is not developed by Apple?
If you run your own Apple server then you’ll also (obviously) need to think about backing up whatever is on that server (user home directories, shares, mail data, websites, databases, etc.). For that purpose you could use Time Machine, but from my personal experience I’d have to say that Time Machine really won’t scale that well when your environment grows.
So, when that happens you have to look at the big toys out there and the “real” backup software. But which one?
Blabber back