Mobile Access Server setup
1. I want to manage this DMZ server from a different internal 10.6.1 Server inside my network. I have turned on Remote Management on the DMZ server, but cannot connect from Server Admin on the internal server to the DMZ server. I need to be able to manage both servers from one Server Admin console. I also need to be able to screen share the DMZ server for access ONLY from the internal server. How do I accomplish this?
2. My internal 10.6.1 server is my Open Directory Master already, and working nicely. But to use Mobile Access Server and reverse proxy services back to the internal server, I need the DMZ server to be aware of my existing directory inside. Would I want to make the DMZ server an Open Directory Replica, or should I use the middle option for Open Directory types called "Connect to another directory"? Obviously, I know that it should NOT be another master.
3. I have purchased and implemented a wildcard cert on my internal 10.6.1 server to use for TLS, HTTPS, etc. I have also told the Open Directory Master to use ssl for the LDAP piece of it (there's a GUI option for that). Figured I might as well secure everything I can a bit more since I purchased the cert. What effect will this have on Question 2 above? Will I need to open a different port for instance on the firewall for LDAP over SSL? Or any issues with creating a Replica or "connect to another OD server" on the OD server in the DMZ to get it to connect to the internal OD Master?
Thanks for all the help here.
MacPro 2008 3.2GHz 8-core,32GB RAM,4x1TB in a hardware RAID5, Dual 8800GT's, Mac OS X (10.6.1), Snow Leopard Server