This document outlines the steps required to create a multi-server infrastructure using Mac OS X Server 10.0.3 to 10.1.5. Before proceeding, you should review Chapters 1 to 4 of the Mac OS X Server Administrator's Guide and the "Understanding and Using NetInfo" whitepaper. These documents are available at the Mac OS X Server product page (http://www.apple.com/macosx/server/). Please read through this entire document carefully before attempting to configure your servers.
Introduction
In this example scenario, one of the servers (parent1.apple.com) will be the NetInfo parent, providing the user and group information for the other servers on the network. There will be three other servers that can each provide various services including file, print and Web. For now, we will focus on each of the three servers hosting the Home directories for the students of a high school.
In addition to spreading user Home directories across multiple servers (for performance reasons), it may be useful to have the users on a specific server divided into multiple share points. One example would be to have the users distributed as follows:
server1.apple.com has the home directories for students with names A to H
server2.apple.com has the home directories for students with names I to Q
server3.apple.com has the home directories for students with names R to Z
As represented by Figure 1, the admin distributes users in different share points, reducing the number of folders per share point. This action reduces complexity to the user and increases security. Each of these servers has four share points in which the user Home directories are located, based upon the student's class year.
Figure 1 Four share points per server, named by class year, distributed by student last name across three servers
Overview of Steps
Preparation
Setting up the parent (parent1.apple.com)
Create the parent domain on parent1
Back up the local NetInfo database
Import all users for a given share point into the network domain of parent1
Setting up the children (server1-server3.apple.com)
Set up and configure the child servers (server1-server3)
Set up the parent-child relationship for each server
Back up the local NetInfo database of child servers (server1-server3)
Import users into the local domain of server1
Restore the local NetInfo domain on each child server from the backup
What's Next
Having read through this overview, you should:
Step-by-Step Walkthrough
Preparation
The students using this multi-server network will have their Home directories distributed across three servers, so we need to divide the list containing all users into three smaller lists. There should be a list for users with last names starting with different letter ranges, such as A to H, I to Q, and R to Z. Each of these three will then be broken into four lists representing the students graduating in the years 2002, 2003, 2004 and 2005. If these lists still contain more than 4000 users each, then you should consider further dividing them so that you do not import more than 4000 users at a time. Creating share points by class also simplifies the task of removing the large batch of graduates each year.
With this arrangement, the network load should be evenly spread across servers 1 to 3 as students log in and access their documents. The server parent1 will handle all authentication (and could be used as a Macintosh Manager server if some of the clients are using Mac OS 8 or Mac OS 9).
These user lists now need to be put into the XML format described on page 308 of the Mac OS X Server Administrator's Guide. That can be done in a number of ways including merging the list (as a database) into a text document. Other utilities are also available from third parties to generate an XML import file from a tab delimited text file, such as Passenger or MM Helper.
Example of the minimum user info required for XML import:
Note: See page 308 of the Mac OS X Server Administrator's Guide for more detail.
Setting Up the Parent Server (parent1.apple.com)
Installing the Software:
Setting Up the Server:
Creating the NetInfo Parent Domain:
Backing up the Users & Groups:
Importing the first user list (students A to H, 2002):
Importing the next user list (students A to H, 2003):
Checkpoint: At this point, the Users & Groups list in the Server Admin should display the complete list of users in the path: /NetInfo/root. Home directories will be created in the following steps.
Setting Up the Child Servers (server1, server2 and server3)
Installing the Software:
Setting Up the Server:
Creating the NetInfo Child Domain:
Setting up the share points:
Backing up the Users & Groups:
Importing Users to Create the Home Directories
Importing the user lists:
Restoring the local NetInfo Domain from Backup:
Additional information
For information concerning possible NetInfo configurations involving Macintosh Manager, please see technical document 106454: "Macintosh Manager 2.0: Common Setup Strategies".
Introduction
In this example scenario, one of the servers (parent1.apple.com) will be the NetInfo parent, providing the user and group information for the other servers on the network. There will be three other servers that can each provide various services including file, print and Web. For now, we will focus on each of the three servers hosting the Home directories for the students of a high school.
In addition to spreading user Home directories across multiple servers (for performance reasons), it may be useful to have the users on a specific server divided into multiple share points. One example would be to have the users distributed as follows:
server1.apple.com has the home directories for students with names A to H
server2.apple.com has the home directories for students with names I to Q
server3.apple.com has the home directories for students with names R to Z
As represented by Figure 1, the admin distributes users in different share points, reducing the number of folders per share point. This action reduces complexity to the user and increases security. Each of these servers has four share points in which the user Home directories are located, based upon the student's class year.
Figure 1 Four share points per server, named by class year, distributed by student last name across three servers
Overview of Steps
Preparation
- Create an XML import list of users for each share point hosting user Home folders.
- Each list should contain only the users with Home folders in that share point.
- In this example, we will have 12 user import lists (three servers with four share points each).
- Put some thought into the user ID assignments since you can search on a range of user IDs with Server Admin.
Setting up the parent (parent1.apple.com)
- Install Mac OS X Server and complete the Setup Assistant.
Note: You may wish to create a startup partition (~5 GB) for the server OS, then use the rest of the drive space as the partition for storing the various share points. - Install any software updates for the server.
Create the parent domain on parent1
- Use NetInfo Domain Setup to create a parent domain.
- Restart the server. It is necessary to restart the server so that Directory Services will properly recognize the existence of the new parent domain.
Back up the local NetInfo database
- Use the the Terminal (/Applications/Utilities/) to back up the file "local.nidb".
Import all users for a given share point into the network domain of parent1
- Set the Home directory defaults for the parent domain (/NetInfo/root) to server1 and the appropriate share point (that is class_2002 for the seniors).
- Import the user list for that share point (AtoH-2002.xml, for server1's seniors).
- Repeat for the other three share points on server1, changing the Home directory defaults and importing the appropriate user list each time.
- Repeat for server2 and server3 with the user lists for each of their share points.
Setting up the children (server1-server3.apple.com)
Set up and configure the child servers (server1-server3)
- Install and run setup assistant
- Note: You may wish to create a startup partition (~5 GB) for the server OS, then use the rest of the drive space as the partition for storing the various share points. If the Users home directory share point is located on a volume other than the startup volume, the "home" attribute will not be correct in the user's record on the parent. You may work around this issue by modifying the "home" attribute of the user record to contain the appropriate path to the home directory sharepoint.
- Be extremely careful when entering networking data or turning off unused ports.
- Install any software updates for the servers.
- Create the share points (class_2002, class_2003, class_2004, class_2005).
Set up the parent-child relationship for each server
- Open NetInfo Domain Setup and authenticate as the Admin user.
- Set up server1, server2 and server3 as children of parent1.
Back up the local NetInfo database of child servers (server1-server3)
- Use the the Terminal (/Applications/Utilities/) to back up the file "local.nidb" on each child server.
Import users into the local domain of server1
- Set the Home directory defaults to local and select the appropriate share point for the first user list.
- Import the user list for that share point (AtoH-2002.xml, for server1's seniors). This step creates the actual Home directories within the share point.
- Repeat for the other three share points on server1, changing the Home directory defaults and importing the appropriate user list each time.
- Repeat the user import process on server2 and server3.
Restore the local NetInfo domain on each child server from the backup
- When the user imports are completed for all four share points on server1, the file "local.nidb" must be restored.
- Repeat the restore process at server2 and server3.
What's Next
Having read through this overview, you should:
- 1. Completely read through the rest of this document.
2. Place this example in the context of your networking environment.
3. If useful, follow through on the deployment steps listed below.
Step-by-Step Walkthrough
Preparation
The students using this multi-server network will have their Home directories distributed across three servers, so we need to divide the list containing all users into three smaller lists. There should be a list for users with last names starting with different letter ranges, such as A to H, I to Q, and R to Z. Each of these three will then be broken into four lists representing the students graduating in the years 2002, 2003, 2004 and 2005. If these lists still contain more than 4000 users each, then you should consider further dividing them so that you do not import more than 4000 users at a time. Creating share points by class also simplifies the task of removing the large batch of graduates each year.
With this arrangement, the network load should be evenly spread across servers 1 to 3 as students log in and access their documents. The server parent1 will handle all authentication (and could be used as a Macintosh Manager server if some of the clients are using Mac OS 8 or Mac OS 9).
These user lists now need to be put into the XML format described on page 308 of the Mac OS X Server Administrator's Guide. That can be done in a number of ways including merging the list (as a database) into a text document. Other utilities are also available from third parties to generate an XML import file from a tab delimited text file, such as Passenger or MM Helper.
Example of the minimum user info required for XML import:
- <user
- loginEnabled = "canLogin"
isAdminUser = "notAdmin"
uid = "2001"
gid = "2003"
shell = "" >
<nameList>
- <name
- text = "user2001" />
- text = "Test User 2001" />
<pass
- format = "clearText"
text = "test2001" />
Note: See page 308 of the Mac OS X Server Administrator's Guide for more detail.
Setting Up the Parent Server (parent1.apple.com)
Installing the Software:
- 1. Start up your server from the Mac OS X Server CD.
2. Use Disk Utility to partition the drive (optional).
3. Install the server OS onto the desired startup partition of the drive.
4. After installation completes, restart the server.
Setting Up the Server:
- 1. Complete the Setup Assistant.
2. Be careful when entering the networking information, and verify that it is correct.
3. Restart the server.
4. If your server install CD was version 10.0.3 or 10.0.4, install the Mac OS X Server 10.1 Update.
5. Restart the server.
Creating the NetInfo Parent Domain:
- 1. At the Login Window, log in as the Admin user.
2. Open NetInfo Domain Setup on parent1.apple.com.
3. Click the lock.
4. Authenticate with the Admin password. A second dialog appears requiring authentication with the root user's password.
5. Authenticate with the root user's password.
Figure 2 Setting as a NetInfo parent
6. Choose "is a NetInfo Parent" from the "This machine" pop-up menu (Figure 2).
7. The field below it should be set to "Static Address".
8. Enter parent1's IP address into the NetInfo Parent Address field, if it isn't already
9. The NetInfo Server Tag should be already set to "network".
10. Save and click OK.
11. Wait for it to finish, usually between one and three minutes.
12. Quit NetInfo Domain Setup.
13. Restart the server.
Backing up the Users & Groups:
- 1. Open the Terminal (/Applications/Utilities/).
2. Execute this command as the root user:
cp -r local.nidb/ local.nidb.bak
Importing the first user list (students A to H, 2002):
- 1. Open Server Admin
2. Click the General tab.
3. Click Users & Groups and select Home Directory Defaults, then /NetInfo/root from the submenu (Figure 3). This sets a default Home directory location for users imported into the NetInfo parent domain (with the tag "network").
Figure 3 Server Admin
4. Click the Custom radio button.
5. In the first field, enter the domain name of server1 (which will host students A to H).
6. In the second field, type "class_2002" for the class_2002 share point on server1 (Figure 4).
7. Click Save and close the window.
Figure 4 Setting the Home directory preference
8. Click Users & Groups again, select Import and then /NetInfo/root from the submenu.
9. Select the XML import file for the first batch of users (AtoH-2002.xml).
10. After the import finishes, check the import log file created for any issues.
Checkpoint: If the first group of users contained over 2000 users, you should restart the server before continuing. This will ensure maximum import speed. The time required to import users can vary substantially depending upon the hardware configuration of the server and the number of group memberships being assigned to users via the XML import. You should expect to see at least 1000 users/hour and could see several times that performance.
Importing the next user list (students A to H, 2003):
- 1. Click on Users & Groups, select Home Directory Defaults, then /NetInfo/root from the submenu.
2. Click the Custom radio button.
3. In the first field, type in the IP address of server1 (which will host students A-H).
4. In the second field, type in "class_2003" for the class_2003 share point on server1.
5. Click Save and close the window.
6. Click Users & Groups again, select Import and then /NetInfo/root from the submenu.
7. Select the XML import file for the second batch of users (AtoH-2003.xml).
8. After the import, check the import log file looking for any issues.
Checkpoint: If the first and second user lists combined total is over 3000 users, you should restart the server before continuing. This will ensure maximum import speed.
9. To import the remaining user lists for server1, repeat Steps 1 to 8 of this section for students A to H in the classes of 2004 and 2005. Just be sure to change the share point name in Step 4 to match the list you are importing in Step 7.
10. To import the user lists for server2 and server3, repeat the steps used for server1's users. Put students I to Q on server2 and students R to Z on server 3.
Checkpoint: At this point, the Users & Groups list in the Server Admin should display the complete list of users in the path: /NetInfo/root. Home directories will be created in the following steps.
Setting Up the Child Servers (server1, server2 and server3)
Installing the Software:
- 1. Start up all three servers from the Mac OS X Server CD.
2. Use Disk Utility to partition their drives (optional).
3. Install the server OS onto the desired startup partitions of the drives.
4. After installation completes, restart the servers.
Setting Up the Server:
- 1. Complete the Setup Assistant for each server.
2. Be careful when entering the networking information, and verify that it is correct.
3. Restart the servers.
4. If you installed version 10.0.3 or 10.0.4, install the Mac OS X Server 10.1 Update.
5. Restart the servers.
Creating the NetInfo Child Domain:
- 1. At the Login Window of server1.apple.com, log in as the Admin user.
2. Open NetInfo Domain Setup.
3. Click the lock.
4. Authenticate with the Admin password. A second dialog appears requiring authentication with the root user's password.
5. Authenticate with the root user's password.
Figure 5 Setting as a NetInfo Child
6. Choose "connect to a NetInfo Parent" from the "This machine" pop-up menu (Figure 5).
7. The field below it should be set to "Static Address".
8. Enter parent1's IP address into the NetInfo Parent Address field, if it isn't already.
9. The NetInfo Server Tag should be already set to "network".
10. Save and click OK.
11. Quit NetInfo Domain Setup.
12. Repeat Steps 1 to 11 of this section for server2 and server3.
Setting up the share points:
- 1. At server1, log in as the Admin user.
2. Open the disk or partition where you intend to store the user Home directories.
3. Create the folders to be used as the server's share points (class_2002 to class_2005, as represented in Figure 1).
4. Open Server Admin and log in as the Admin user.
5. Click the General Tab.
6. Click Sharing and select Set Sharing Attributes.
7. Navigate to the "class_2002" folder, select it, and click Choose.
Figure 6 Choosing a share point for sharing attributes
8. Click to select the "Share this item and its contents" checkbox.
Figure 7 Setting sharing attributes (privileges)
9. Save and close the window.
10. Repeat Steps 4 to 9 of this section to set attributes for share points class_2003, class_2004, and class_2005.
11. Repeat Steps 1 to 10 of this section for server2 and server3.
Backing up the Users & Groups:
- 1. Open the Terminal (/Applications/Utilities/).
2. Execute this command as the root user:
cp -r local.nidb/ local.nidb.bak
3. Repeat Steps 1 and 2 for server2 and server3.
Importing Users to Create the Home Directories
Importing the user lists:
- 1. At server1, open Server Admin.
2. Click the General tab.
3. Click Users & Groups and select Home Directory Defaults.
Figure 8 Preparing to import users for a share point
4. Click the Local radio button (Figure 8).
5. Choose the "class_2002" share point from the pop-up menu.
6. Click Save and close the window.
7. Click Users & Groups again and select Import, then /NetInfo/root/server1 from the submenu.
8. Select the XML import file for the first batch of users (AtoH-2002.xml).
9. After the import finishes, check the import log file created for any issues.
Checkpoint: If the first group contained over 2000 users, you should restart the server before continuing. This will ensure maximum import speed.
10. Repeat Steps 3 to 10 of this section for students A to H of class_2003, class_2004, and class_2005.
11. Repeat Steps 1 to 10 of this section for each of server2 and server3, being sure to match the corresponding users lists and share points (students I to Q on server2, and students R to Z on server3).
Restoring the local NetInfo Domain from Backup:
- 1. Open the Terminal (/Applications/Utilities/).
2. Execute these commands as the root user:
rm -r local.nidb
mv local.nidb.bak local.nidb
3. Restart the server.
4. Repeat Steps 1 to 3 of this section for server2 and server3.
Additional information
For information concerning possible NetInfo configurations involving Macintosh Manager, please see technical document 106454: "Macintosh Manager 2.0: Common Setup Strategies".