Flashcards in Mac OS X Server 10.9 Deck (136)
What steps are involved with turning on the Profile Manager service?
You can just click the On/Off switch in the Server app Profile Manager pane to turn on the Profile Manager service, but to enable device management (also known as Mobile Device Management), click the Configure button next to Device Management, select a valid SSL certificate, and specify a verified Apple ID to obtain an Apple Push Notification service certificate.
What steps are involved with specifying that you want to sign your configuration profiles?
In the Server app Profile Manager pane, select the “Sign configuration profiles” option, and choose a valid code signing certificate. Then when you create profiles with the Profile Manager web app, they’re automatically signed.
What three components comprise Profile Manager?
The Profile Manager includes the Profile Manager web app, the user portal, and the optional device management (Mobile Device Management) service.
At what levels can clients be managed?
Users, user groups, devices, and device groups.
Name at least three ways a profile can be delivered.
User Portal, email, web page, or manual delivery. The mobile device management capabilities of Profile Manager can also push profiles to enrolled devices.
What service does push notification rely on?
Apple Push Notification service (APNs).
How is a profile removed from an OS X computer? From an iOS device?
In OS X 10.7 Lion and later, the profiles are managed in the Profiles preferences. On an iOS device, navigate to Settings/ General/Profiles to view and remove installed profiles.
How can you view the contents of a profile?
Any text editor. The text contained in the profile is either straight XML or XML with some binary data if signed.
Name three file sharing protocols supported by the OS X Server File Sharing pane and their principal target clients.
AFP for Macs with OS X earlier than Mavericks, SMB for OS X Mavericks and Windows clients, and WebDAV for iOS devices are three file sharing protocols supported by OS X Server.
What is one concern with using the FTP service?
Normally the network traffic is not encrypted for authenticating to the FTP service with user name and password.
How does OS X Server support browsing for Windows clients?
OS X Server uses NetBIOS to advertise its presence to Windows clients; Windows users see the server in their Network Neighborhood or Network Places.
How do you enable guest access to a share point?
Edit a share point and select the “Allow guest users to access this share” checkbox.
Where can you quickly view how many AFP and SMB connections there currently are to your server?
The Connected Users tab displays the number of AFP and SMB connections; you may need to choose View > Refresh (or press Command-R) to refresh the number.
How can you configure a share point to be accessible to an app on an iOS device?
Edit a share point and select the “Share over WebDAV” checkbox.
Where would you find information about AFP service errors?
The Logs pane of the Console app displays the AFP Error log, which displays the contents of the log file: /Library/Logs/ AppleFileService/AppleFileServiceError.Log.
How can you create a new share point?
In the File Sharing list of share points, click Add (+) and either select an existing folder or create a new folder and select the new folder.
What file sharing protocols are enabled by default for a share point you just created?
AFP and SMB are enabled by default for a new share point.
Do you need to start the Websites service in order to provide WebDAV service?
No, the Websites service doesn’t need to be running in order for you to offer File Sharing services via WebDAV (of course, the File Sharing service must be running).
When does an ACE for a folder’s ACL get propagated to items in the folder?
An ACE of a folder’s ACL is propagated to a new item that’s created in that folder, or copied into that folder from another volume, if the inheritance options for the ACE apply. Also, an administrator can select a folder in the Storage pane of the Server app, choose Propagate Permissions from the Action (gear icon) pop-up menu, select the Access Control List checkbox, and click OK. Finally, if you use the File Sharing pane to modify a share point’s POSIX permissions or ACL, the ACL will be automatically propagated.
What permissions can you choose for an ACE in the File Sharing pane of the Server app?
When you edit an ACE in the File Sharing pane of the Server app, you can choose Read & Write, Read, or Write.
What permissions can you specify for an ACE in the permissions dialog of the Storage pane of the Server app?
When you edit an ACE in the Storage pane of the Server app, you can select checkboxes for 13 kinds of permissions. The categories include Administration, Read, and Write.
In the permissions dialog of the Storage pane in the Server app, what four rules for inheritance can you apply to an ACE?
Apply to this folder; Apply to child folders; Apply to child files; and Apply to all descendants.
How do you remove an inherited ACE?
In the Storage pane of the Server app, navigate to the item that has an ACL, click the Action (gear icon) pop-up menu, choose Edit Permissions, click the Action (gear icon) pop-up menu, and choose Remove Inherited Entries.
What might it mean if you see a GUID rather than a user name in an ACL?
If you see a GUID instead of a user name in an ACL, it could mean that you removed a user or a group from your server, and the ACE is displaying that user’s or group’s GUID because it cannot map the GUID to a user or a group.
What are the advantages of using NetBoot?
Because NetBoot unifies and centralizes the system software that NetBoot clients use, software configuration and maintenance are reduced to a minimum. A single change to a NetBoot image propagates to all client computers on the next startup. NetBoot also decouples the system software from the computer, decreasing potential time invested in software troubleshooting.
What are three ways to configure the network startup disk?
A client can select a network disk image via the Startup pane within System Preferences; hold down the N key at startup to use the default NetInstall image,; or use the Option key to enter the Startup Manager.
Which network protocols are used during the NetInstall startup sequence? What components are delivered over each of these protocols?
NetInstall makes use of DHCP, TFTP, NFS, and HTTP during the NetInstall client startup sequence. DHCP provides the IP address, TFTP delivers the boot ROM (“booter”) file, and NFS or HTTP is used to deliver the network disk image.
What is a NetBoot shadow file?
Because the NetBoot boot image is read-only, anything that the client computer writes to the volume is cached in the shadow file. This allows a user to make changes to the boot volume, including setting preferences and storing files; however, when the computer is restarted, all changes are erased.
What are the major differences between NetBoot, NetInstall, and NetRestore images?
NetBoot allows multiple computers to boot into the same environment. NetInstall provides a convenient way to install operating systems and packages onto multiple computers. NetRestore provides a way to clone an existing image to multiple computers.