Series: Mac OS X System Administration Reference
By Schoun P. Regan
848 pages, $53.99
- What the Book is About
- This book is a technical guide
providing information on OS X and OS X Server's technical architecture. It teaches
the reader how to install, configure and administer Macintosh OS X clients and Macintosh
OS X Servers. It also guides you through joining an Active Directory network. Along
with sections on Security Administration and Networking and File Services. This book
is designed to compliment Apple's Directory Services Integration, Administration
for Client and Server, and Security and Best Practices training courses, and is part
of the Apple Training Series. The book takes you through 29 lessons with a review
of what you have learned at the end of each lesson. As well as a short quiz. The
accumulated answers will give you an idea of what it takes to pass the Apple Certification
Exam for Help Desk Specialist, Technical Coordinator and System Administrator.
- Target Audience
- The level of this book is
intermediate to advanced. This is not light bed-time reading or even a weekend novel.
Most people will never read it from front to back. It will be used more as a guide
to troubleshooting or a reference for particular configuration assistance. Most readers
will already have a basic understanding of the topics covered and will be looking
for clarification or more in-depth knowledge.
- What to Expect
- The book begins with a section
on Directory Services Administration covered in eleven lessons.
Lesson 1 is Understanding Directory Services; this lesson explains the benefits and
features of directory services in Mac OS X version 10.4. You will learn the how
directory services provide common data to multiple services. Basically directory
services allows user information to be stored in one database and accessed by multiple
computers bound to that directory. Apples implementation of directory services is
called Open Directory.
Lesson 2 is Accessing Local Directory Services; this lesson explains how Mac OS X
accesses directory data stored on the computer, how to configure Mac OS X for local
data access, and how to manipulate local directory data. Local directory service
info is stored in a NetInfo database (NetInfo was also used on OS X Server prior
Lesson 3 is Accessing Mac OS X Server Directory Services; this lesson shows you how
to access an LDAP database. Panther Server introduced a directory service called
LDAP to Mac OS X networks, LDAP is an industry standard way of accessing data from
within a directory used by Unix and Windows clients using Active Directory.
Lesson 4 is Integrating Mac OS X with Third-Party Directory Services; this lesson
will explain how to configure Mac OS X to retrieve data from networks using an already
established infrastructure using Network Information Service, Active Directory and
NetInfo using third-party LDAP plug-ins.
Lesson 5 is Integrating Mac OS X with Active Directory; this lesson goes more in-depth
into configuring Mac OS X to access the same directory records as the Windows computers
on an Active Directory network.
Lesson 6 is Kerberos Fundamentals; this lesson show how Kerberos works and how to
integrate Mac OS X computers with Kerberos. Kerberos provides authentication and
secure, single sign-on service for network services.
Lesson 7 is Hosting OpenLDAP; this lesson will show you how to configure Mac OS X
Server to provide the directory service LDAP, how to import and manage the directory
data and how to fine tune the server for performance and security.
Lesson 8 is Providing Single Sign-on Authentication; this lesson is on how to use
Apple's tools to simplify the configuration of Kerberos and Password Server to provide
single sign-on authentication.
Lesson 9 is Integrating with Kerberos; this lesson covers how to integrate Mac OS
X and Mac OS X Server with an already established Kerberos infrastructure.
Lesson 10 is Replication; this lesson is how to configure a Mac OS X Server to act
as an Open Directory Replica. An Open Directory Replica provides a backup of the
Open Directory Master through replication of the LDAP, Password Server and Kerberos
data using synchronization.
Lesson 11 is Planning and Deploying Directory Services; this lesson shows you how
to evaluate your needs and determine how many, if any, replica servers are need.
How to plan for deploying networked user accounts for a mix of Mac OS X and Windows
computers. And gives you an understanding of the security precautions you should
take when setting up a directory service.
The second section is all about Security Administration and covered in ten lessons.
Lesson 12 is a Mac OS X Security Overview; this lesson will help you understand the
purpose of the components of the Mac OS X security architecture.
Lesson 13 is Securing the Local System; the lesson introduces the four layers of
Mac OS X local security. Physical security; if a person has physical access to the
computer they can eventually bypass any firmware or OS-based protection. Open Firmware
security controls the boot process unless this is secured with and Open Firmware
password a person can use alternate boot methods (CD/DVD, Target mode, etc) to bypass
normal access controls. Password-based user authentication; if a person can steal
or guess passwords the can gain access by impersonation. User account-based access
controls; Access controls are file permissions and administrative access regulations.
If these are not set properly a user can access files they should be locked out of
and they also may be able to reset user passwords or modify Open Firmware security
Lesson 14 is Optimizing Data Confidentially; in this lesson you work with several
security techniques to ensure that only intended recipients see the data you want
Lesson 15 is Mobility Security Concerns; this lesson discusses security risks associated
with mobile technology and how to implement Mac OS X security features for these
Lesson 16 is Secure Network Connections; in this lesson you learn how to prevent
attackers from breaching your network.
Lesson 17 is Secure Authentication; this lesson explains the authentication process.
Authentication is the process of proving your identity.
Lesson 18 is Secure Network Configuration; this lesson teaches you methods for implementing
a secure network design, including NAT, VONs and Firewalls.
Lesson 19 is Mail Security; this lesson discusses how to secure your email and how
to reduce spam and virus email.
Lesson 20 is Web Security; this lesson covers ways to configure Safari's security
features, how to setup a secure website using SSL and how to setup a proxy server
to block selected sites.
Lesson 21 is Maintenance, Intrusion Detection and Auditing; this lesson will show
you what files to watch for modification, how to detect malicious software, and how
to use virus protection software.
The third section is Networking and File Services covered in eight lessons.
Lesson 22 is Unmanaged Networking; this lesson shows you how AppleTalk and now Bonjour
allows you to create a network without performing any configuration.
Lesson 23 is IP Network Services; in this lesson, you'll learn how to configure a
Mac OS X computer to connect to a managed network and how DHCP and IP services work
in Mac OS X.
Lesson 24 is mac OS X Network Architecture; this lesson takes you into the nitty
gritty aspects of Mac OS X to better understand how networking works.
Lesson 25 is Resolving Network System Issues; in this lesson you learn the Mac OS
X utilities and command-line tools to monitor network activity, which will help you
troubleshoot network connections, printing and directory services issues.
Lesson 26 is Maintaining Local Volumes and Files; this lesson describes the advantages
and disadvantages of HFS+ and UFS formatted volumes and how to use various tools
to determine and monitor disk space usage.
Lesson 27 is File Permissions and Flags; in this lesson you learn how to use the
command-line to set additional file permissions and locks. Also how to find and clear
locked files. Also how to use Disk Utility to repair permissions.
Lesson 28 is Network File Services; this last two lessons focus on file sharing in
Mac OS X. In this lesson you learn how to turn on and off the three file-sharing
services provided in Mac OS X, Apple File Protocol, Server Message Block and File
Lesson 29 is Mounting Remote File Systems; this lesson discusses the mechanics behind
each of the three file-sharing services. You will also learn how to automount shared
volumes on startup or login. And how to use the command-line interface to mount an
unmount volumes and troubleshoot mounts.
The final section is a "vi" Reference and a Basic Command-Line Reference
("vi" is a command-line editor commonly used to edit flat text files).
The Basic Command-Line reference covers the most commonly used commands out of the
hundreds of commands that can be used by administrators in the command-line interface.
- In my position I am often
called upon to troubleshoot issues involving configurations that were setup long
before I got involved. This book gave me a starting point to help resolve these issues.
Prior to reading this book I had a working knowledge of some areas and almost no
knowledge of some networking features and functions administered by others. With
the help of this book, I felt confident enough to take the first exam required to
become an Apple Certified System Administrator. I passed the Mac OS X Support Essentials
v10.4 Exam last week and hope the knowledge I am gaining reading the more advanced
topics will result in success when taking the Mac OS X Server Essentials v10.4 Exam
Since my plan was to take at least two of the Apple Certification exams this summer,
I was pleased at the way this book is organized into 29 lessons with review and quizzes.
This layout also makes it easy to look for specific answers without having to read
through hundreds of pages of information. Any one of the three sections in this book
is worth having in your library. To have all three of them in one book is a bonus.
- Mac Guild Grade
- A+ (Awesome)
- Final Words
- Author Schoun Regan has a
clear and precise way of writing without losing the reader in mindless geek babble.
While some of the topics are clearly more advanced than the average user will ever
need, Schoun approaches them in a way that gives you a basic understanding at a glance
and an in-depth look with further reading. I think this book is a must have for anyone
serious about administering or troubleshooting Mac OS X in a network environment.