I should add that all the machines (server and clients) can log in to each other, via vnc, afp, ssh, etc., and they don't have trouble locating websites on the internet, etc. So it isn't that the machines can't somehow see each other. The server Open Directory just isn't responding to clients, even though server.app claims Open Directory is running.
Have you tried putting OpenDirectory into debug mode and looked at the logs to see what's happening? Have you tried making a query with ldapsearch or other such tool to see what results from a raw query of the server?
pts, you need to set up your clients to connect via VPN. You can't do what you want any other way that I know of ( which doesn't mean that there isn't another way :) ).
That way, open directory, DNS, etc will be just like they were connected locally and you're off and running.
Currently Being ModeratedAug 19, 2012 8:56 AM (in response to redshift82r)
pts, looks like you've got bigger problems if your DNS is not working nothing else will work properly either
Currently Being ModeratedAug 19, 2012 7:08 PM (in response to iToaster)
Yes, but none of this is clear in the documentation. Actually, I don't see ANY documentation for ML server, only Lion Server. Perhaps you know of something I don't about this?
Regarding DNS specifically not working in my case, It's awfully annoying that the server.app is so buggy with respect to this. A really useful program wouldn't say DNS was "on" unless it really was on.
Any specific thoughts about what might be going on, such that server.app says DNS is on, but it doesn't respond to any requests for DNS from outside?
Thanks for any suggestions you might have.
How do you know it's not on? You've not demonstrated one way or the other. All you've demonstrated is that you think client machines can't connect to either service. You've not done any of the leg work to really know what's going on. I see all sorts of supositions based on cursory, external observations. I'm sorry if this sounds terse, but it's a bit disingenous to blame the tools before you even know the details of what is happening.
Currently Being ModeratedAug 19, 2012 9:30 PM (in response to JaimeMagiera)
Well, of course, I don't know its not on. That's why I'm here asking questions. What I do know is that it isn't working as the limited documentation I can find (much of it not from apple) suggests it should. Sorry if I sound terse myself, but if Apple is going to release software that is supposed to make it easy to set things like this up, and make advertising claims like:
"OS X Server is perfect for a studio, business, hobbyist, or school. It’s so easy to set up, who needs an IT department?" http://www.apple.com/osx/server/
"Configuring OS X Server is almost as easy as configuring a desktop computer. Simply launch the Server app. An assistant walks you through the initial setup and helps verify network settings and define your administrator account. Next add users and groups and enable the network services you want to deliver to your organization." http://movies.apple.com/media/us/osx/2012/server/docs/OSXServer_Product_Overview .pdf
...then they are going to have to expect frustrations like mine.
Now, back to my problem (assuming you've made it this far): server.app says DNS is on. I've posted various things about what the configuration page on server.app says (not on this post, but my other one specifically about trying to get DNS to work). However, when I set an outside machine (not behind my server's firewall) to use my server (the one that server.app says DNS is running on) for DNS, it hangs and doesn't "work". I'm sure something may be working, but it isn't working as Apple's advertisements (and server.app itself) suggests. So it isn't "disingenious" for me to blame the tools. It literally says its on. It also isn't responding to clients, and there is nothing in the setup that would lead a reasonable person to expect that it shouldn't. Better documentation from Apple would help. Did you say you knew where that might be? I see this: https://help.apple.com/advancedserveradmin/mac/10.7/ but that is for 10.7, not 10.8. This is part of my frustration.
My guess is that OS X Server is not configured to allow outside (not behind the server's own firewall) queries about DNS. This, I'm sorry to say to all you much-more-IT-savy people than I, is not at all obvious to someone like myself, hence my questions here to you all. If there is some configuration file I need to edit, outside of server.app, by all means, tell me about it.
Finally, regarding your comment to check the logs, I will certainly do this when I get time (this isn't what I get paid to do, so I'm working on this while I can). However, I fully expect that I won't know what I'm looking at, or how to interpret it. This is why I've been trying to get some intuitive understanding of what is likely going on first, because staring at log messages tends to be unproductive if you don't really know what you are looking for.
In any case, I do appreciate those who have tried to give me hints about what might be the problem, as I work through all this. I'm sure you can understand the frustration of someone who put faith in Apple's advertising that it would be easy as pie.
Sorry pts but I agree with Jamie you can't expect osx server to have any control over anything outside of the LAN it's connected. To do that you would have to configure that yourself on whatever hardware is controlling your WAN access
Your lack of understanding is not apples yours or anyone else's fault. You can't blame the tools for your lack of understanding
Apples instructions are I suppose "easy as pie" as long as you stay inside the box as soon as you step outside you have to have a certain level of understanding how things work
I guess one mans pie is another's mans cardiac arrest
This forum is user to user no official apple presence
I would venture to say you need to explain clearly what your trying to do and what you have done
No one here has the time to go all Sherlock Holmes on posts and try to deduce what you're trying to achieve
I suppose a certain level of expertise is also expected in the server and enterprise forums 'cause we've had it pretty much all to ourselfs for years. Now those pesky soho server types are muscling in, the times they are a changin. I know I'm guilty of thinking the other guy knows what he's talking about 'cause I sure don't
So don't be to hard on us
pts, I'm sorry but you are being disingenuous to blame the software before you even know what the problem is. Note that the promotional materials say "almost as easy to configure as a desktop machine...". That's the basic confirugation. There is no guarantee that there won't be other things that need to be done. If you expect foundational services such as DNS to just "work", you will be in for a surprise. There are a lot of things that can be different on a machine, and on a network, that affect a service. As someone administering a server, your full time job or not, you'll have to get into the habit of cracking open on a log and, on occasion, the terminal.app. Consider it an opportunity to get good at Mac OS X Server administration. Back to the trouble shooting: It should only take you a few seconds to look at the server log, or run the "host" command from the terminal. These basic things could tell you a lot. Yes, you might have to google, or ask here what those things mean, but that's all part of the learning process. Feel free to post the result of those endeavors.
If you just change 10.7 into 10.8 you'll get: http://help.apple.com/advancedserveradmin/mac/10.8/
All the documentation in one place
Currently Being ModeratedAug 20, 2012 4:16 PM (in response to Mark23)
Doh! Thanks for pointing that out, Mark23. I find it bizzarre that Apple doesn't have this linked here:
Look under: Documentation
It takes you to 10.7
Regarding whether it is disingenious to blame software that claims to work when it doesn't, I guess we'll have to agree to disagree. I have no problems with people giving hints about what to look for, but I do have problems with people saying "look in the logs" and "Its more complicated than Apple said". All of this may be true, but it doesn't follow that the software is doing what it is supposed to do. It patently isn't.
Now on to looking at logs for... ??
I actually got some good help on another thread on here. Apparently server.app will not set up DNS access by outside the server. If the server is also serving an internal network, then requests from those machines will be allowed, but it won't, by default, respond to requests from the outside world. VPN seems to be the only way to go, unless I can figure out what configuration files need to be changed.
No, you continue to misunderstand. It's easy to configure the service. The issue is that there are a myriad of factors beyond Apple's control in terms of all the things in between the machine providing the service and the client. Also, there are a myriad of ways a server and client can be configured that would change the setup. It has nothing to do with Apple wrongly promoting something. If you think that having to look at logs is somehow indicative of a bad system, you completely misunderstand how server administration works. Again, you haven't proved it isn't working. You've done absolutely *none* of the things necessary to verify what the issue is. Nothing. Zero. Zilch. Can you prove that the poster was correct that you can't provide DNS outside your network? I challenge that claim and have proof. Here is a lookup from a (university) network to my completely separate personal business network running 10.8 Server. Works fine.
amber:~ jaimelm$ host amber
amber.geo.lsa.umich.edu has address 188.8.131.52
amber:~ jaimelm$ host node2.sensoryresearch.net 184.108.40.206
Using domain server:
node2.sensoryresearch.net has address 220.127.116.11
Please refrain from framing this as an issue of things not working properly until you've actually done your homework.
More Like This
- Retrieving data ...
- This solved my question - 10 points
- This helped me - 5 points