Mac OS X Lion Server For DummiesLion Server for Dummies by John Rizzo
By John Rizzo

Learn how to install, setup, and manage Apple's Mac OS X 10.7 Server software. Support Mac and Windows clients for file sharing, email, and directory services; Create a shared network-based directory; Set up Profile Manager, configure security options, and more. Click here for more

Lion Server Tips and Reports

Working with Mac OS X 10.7 and

Updated March 5, 2012
On This Page:

If you’re using Leopard about any problems or tips.


TIPS and Reports

Lion Server drops Windows PDC functionality, reduces GUI configuration

Monday, July 25, 2011

Apple's new Lion Server reduces support for Windows clients while increasing support for iOS devices. It also moves away from graphical administration and towards command-line administration of more advanced settings......Read entire story here

Reader says Lion Server removal of Windows PDC an issue

Friday, August 5, 2011

Graziano Previato in Italy responded to our post "Lion Server Drops PDC functionality" to say that removing of the Primary Domain Controller is a problem for his network:

This is indeed a problem in our network, also if we have to face the most important one: the removal of the Mac OS X Server. From 1999 (yes, with Mac OS X 10.1.x...) we have a network with a Mac OS X Server running services to a group of iMac clients.

In 2004, to supply the request of Windows applications (and the Internet Explorer de-support by Microsoft), we have implemented a solution where Mac OS X act as a PDC for a terminal server cluster, mounting the same Windows home as the iMac.

Actually we are changing our configuration and is not really simple. Looking to the Mac OS X de-support policy done by Apple in 2010/2011, I don't know if our future clients will be iMac or other technologies.

Does the loss of PDC in Lion Server affect your plans for Mac servers or clients? If so .

Reader says Windows clients can't see Lion Server

Tuesday, August 9, 2011

Jose Babilonia upgrade to Lion Server dropped Windows clients:

After upgrading from Snow Leopard Server to Lion Server, our Mac clients work fine but Windows client can no longer connect after the upgrade.

I've you've seen this problem .

More on Windows clients not seeing Lion Server

Thursday, August 11, 2011

Douglas Ward has the problem of Windows clients not seeing Lion Server, and says the problem is limited to Open Directory (network-based user accounts), but does not have a solution:

I've been experiencing this issue, and testing it. Here's the rundown:

If you have a Lion Server, with both a local user, and an Open Directory user (aka sharing only, aka access user), create a share and set it to be shared for both Mac (AFP) and Windows (SMB), the following applies:

  • Macs can connect and authenticate via AFP and SMB as either user
  • Windows 7 can connect via SMB as the local user, but not the OD user

This is discussed in the thread on Apple's support forum. Some posters there are confusing local users with OD only users, and claim a solution, but testing shows that OD users can't authenticate from Windows 7. I suspect if has something to do with how the passwords are presented from Windows 7 and passed to the password server in Lion.

If you've seen this problem .

Extended attributes at root of Lion Server bug with Windows clients?

By John Rizzo

Friday, September 2, 2011

David Morgenstern of ZDnet reported in his blog that file sharing problems with Lion/Lion Server and Windows clients is a known bug. We've had readers report similar problems, and another is below. Morgenstern quotes a report that pins the problem on files with extended attributes.

This rang a bell. In cross-platform file sharing with SMB extended attributes are usually mapped to NTSF streams. Which readers may remember, is something you can turn off in Lion and Snow Leopard get SMB file sharing working. We have a report on how do turn off streams with Lion here, and with Snow Leopard here. The result is the same for both: edit the /etc/nsmb.conf file (or create one) and add the line streams=no......Read entire story here

TIP: Workaround for Windows clients not seeing Lion Server

Monday, October 17, 2011

Tim Wagner shared a workaround to the problem of Lion Server not being visible to Windows clients. Wagner's setup is with Active Directory:

I've been running into this problem from my Windows computers (Active Directory and other) in my Lion Magic Triangle setup. I believe that the Lion server is trying to serve the Windows clients in the Bonjour realm or something; if I add a new zone in DNS for (LionServerName).local and point it to the correct Lion server IP, Windows clients are able to browse the shares whereas before the FQDN [fully qualified domain name] did not work (and still does not work). However, I was always able to browse shares via the IP of the server (and even though the FQDN resolved to the correct IP of the Lion server, I still had to use the IP).

This isn't really a solution, but it is a workaround. The Apple techs I talked to said "Wait for 10.7.2.

We would point out that this issue was not on Apple's list of fixes for Mac OS X Server 10.7.2. If you've tried Wagner's workaround .

TIP: How to run PPTP VPN in Lion Server

Tuesday, August 9, 2011

Although Lion Server can run both IPsec and PPTP virtual private networks (VPN), Apple removed PPTP from the graphical user interface, now in the Server app. PPTP is still there, and can be accessed via the command line in Terminal. Apple's support document, Lion Server: Configuring and Enabling PPTP, describes how to access PPTP and configure it using text commands.

Reader has problem with Lion Server and network scanner

Thursday, August 11, 2011

Jaap Schokkenbroek reports a problem with a with a network scanner after upgrading from Snow Leopard Server to Lion Server:

I've got a simple HP Officejet Pro 7780 which could scan to a network volume 'scans' on the server. After the update to Lion Server the HP isn't able to log-in anymore, very anoying. I made a new user on the server, I made a new sharepoint etc etc but no go. Other Mac's (10.6 though) can log-in with the smb://ip-adres routine...

If you've seen this problem .

MCX Prefs Proxy Settings don't apply on Safari 5 on Lion clients

Monday, December 5, 2011

Gerardo Michelli in Argentina reports a problem with Lion Server and Lion clients. The Managed Preferences settings (MCX) for Safari 5 clients don't stick, though making changes on the local machine do work:

We have a Magic Triangle with Lion Server OD and AD. We have an issue with the MCX Preferences proxy settings, which apply to Clients with Safari on Snow Leopard but not apply to Clients with Safari on Lion.

All other apps that require proxy (iTunes, MacAppStore, Firefox, Google Chrome) work fine, but Safari does not surf. If I insert the settings manually via System Preferences locally, it works fine.

It seems like Safari on Lion doesn't read the /Library/ManagedPreferences/%User%/ file. But if we make a change in MCX Safari Settings (Like HomePage) on /Library/ManagedPreferences/%User%/, this settings works fine.

If you've seen this problem

Big Lion Server 10.7.3 Update adds config features

Thursday, February 2, 2012

Along with yesterday's Lion client update, Apple released Mac OS X Server 10.7.3, a significant update that not only fixes dozens of bugs, some of which we have reported, but also adds new settings, user interface items, and new administrative features. Some of these features were available in Snow Leopard Server and earlier but were stripped out of Lion Server. Apple also released Server Admin Tools 10.7.3, which includes Server Admin and Workgroup Manager.

The 10.7.3 update fixes several bugs seen with Windows clients accessing Lion Server SMB shares, including saving files to Windows 7, opening files with Microsoft Office 2003, and creating new folders in Windows Vista. It also fixes another bug we've reported dealing with copying a file that has extended attributes......Read entire story here

TIP: workaround for Lion Server 10.7.3 Profile Manager bug

Monday, February 13, 2012

Apple has posted a tech article describing with a command line fix for a problem with Lion Server 10.7.3 and Profile Manager. The article is entitled "Server app unable to display Profile Manager settings after updating to Lion Server v10.7.3." The fix is to edit the following configuration file: /usr/share/devicemgr/backend/app/models/interface_knob_set.rb with changes described in the article.

If you've seen this problem

Google encryption fills holes in Lion Server encryption

Monday, February 27, 2012

Last week Google said Apple's Lion Server disk encryption isn't good enough for enterprise and provided its own open source add-on. Google released Cauliflower Vest, an open source tool specifically for automating the enabling of FileVault 2 encryption in enterprise settings for Lion Server and its clients. At its open source blog, Google described why Lion Server's disk encryption inadequate for enterprise:

While the new FileVault 2 offering is very well suited to consumers, some enterprises may equire additional features that are not provided out of the box. For example, FileVault 2 encryption is initiated voluntarily by users, lacks enforcement, and, by default, escrows recovery keys to Apple's central server. It also relies on individual Apple IDs, which cannot be managed as a group......Read entire story here

TIP: Changing Lion Server's data storage location

Monday, March 5, 2012

When Mac OS X Server 10.7 first shipped, you could not change the location of the data store for multiple services, including email, Address Book, iCal, and the Wiki. There were stored on the boot drive or partition, which is not ideal for performance, security, or storage space if you have a large number of users.

With Mac OS X Server 10.7.2, Apple added a provision in the Server app to let you copy the data store to a new location. Here's how to access it in the Server app:

  1. Choose the server's name under the Hardware heading in the sidebar.
  2. Click the Settings tab.
  3. In the Service Data line, click the Edit button.
  4. Select the volume you want to store the data.

A copy of the data will be placed in a Library folder on the drive or partition you select. The data on the boot partition remains but won't be updated.

Run Windows apps directly in Mac OS X without Windows

CrossOver XI runs Windows apps on a Mac--without Windows or Boot Camp
Installs Windows apps directly in Mac OS X with 1 click. Office, Outlook support, Quicken, ActiveX in Internet Explorer and more, launched directly from the Finder -- just as if they were Mac apps.
Runs games, too, including Left4Dead, Warcraft, Steam, Spore, and others on your Mac.

Starts at only $40 (and no need to buy Windows!) Free trial from CodeWeavers.
Click here for more.

Other MacWindows Departments

| Product Solutions | Reports and Tips | News Archives |
MacWindows Home |

| Top of Page |

This site created and maintained by
Copyright 2011-2012 John Rizzo. All rights reserved.