The Servers in Lion Server that Help You Manage Your Network and Devices - dummies

The Servers in Lion Server that Help You Manage Your Network and Devices

By John Rizzo

Lion Server is made up of more than two dozen servers. Here’s a quick look at services available to help you manage the network and the devices on it.


Directory services

Mac OS X Server uses the standards-based Open Directory to store and manage the user account info used for all the services. You can connect the server to other directory services on the network, including Active Directory. Directory services supports the LDAP, Kerberos, and SASL standards.

Internet gateway and network services

Mac OS X Server can act as an Internet gateway, providing the computers on the network with access to the Internet while protecting the network from intruders. You can get these services in other ways, but Mac OS X Server has them if you need them. These services are

  • Domain name server (DNS): It translates a domain name, such as, from an IP address. DNS service is required somewhere on the network for just about all network services.

  • Network address translation (NAT): A gateway between your private network and the public Internet. NAT allows you to have a single IP address from your Internet service provider but have all your computers connected to the Internet.

  • Dynamic Host Configuration Protocol (DHCP) server: Assigns the local (private) IP addresses to your computers when you’re using a NAT gateway.

  • Firewall: Mac OS X Server comes with a firewall to protect your server from intruders.

  • Virtual private network (VPN) service: A secure method of enabling people to access your network and server via the Internet from home or on the road.

Profile service for iOS and Mac OS X

Lion adds a new service called Profile Manager for creating and distributing profiles that can automatically set up iOS devices (iPads, iPod touches, and iPhones) as well as Macs. A profile can contain basic network settings and those for mail, calendar, and contacts.

It can also contain rules for passwords, as well as restrictions on what a user is allowed to do on the network. You can distribute profiles to devices via e-mail or have users download them from a self-service web page. You can also have Lion’s Push Notification service automatically deliver updates to configuration profiles on devices.

Software update server

You can restrict what software updates get installed on client Macs, as well as when they get installed so that you can test updates first. The client Macs get the updates from the server instead of downloading them individually.


NetInstall lets you install Mac OS X upgrades on users’ Macs, requiring that their updates come from Mac OS X Server and not directly from the Internet. Because Mac OS X updates can sometimes cause incompatibilities with older software, you can test an upgrade before rolling it out on all the client Macs at the same time.

NetInstall also lets you restore, from the server, a customized Mac OS X configuration to Macs that need it.


NetBoot enables Mac clients to boot up from the server instead of from their own hard drives.

The NetBoot server can use a single disk image to boot multiple Macs. This process prevents the boot system from being altered or tampered with and makes sure that every system boots in exactly the same configuration. NetBoot also lets you update the system software of all the Macs at one time, simply by updating the disk image on the server.

Spotlight Server

Spotlight Server is a search feature that lets you find a file almost instantaneously without bogging down server performance. Spotlight Server does this by indexing the content of the files. This server also provides advanced search features, including Boolean logic and the use of quoted phrases, and stores search criteria in the form of Smart Folders.