beautypg.com

Using encryption with setup data files, How a server searches for saved setup data files – Apple Mac OS X Server (Version 10.6 Snow Leopard) User Manual

Page 118

background image

Using Encryption with Setup Data Files

Saved setup data can be encrypted for extra security. Before a server sets itself up
using encrypted setup data, it must have access to the passphrase used when the data
was encrypted.

For interactive setup, the passphrase is entered using Server Assistant during setup.

If you want to store the password for non-interactive setup, the file containing the
passphrase file should be named the same as the saved setup data. Put the text file
containing the passphrase in the same folder as the corresponding auto setup profile
but with a “.pass” extension.

How a Server Searches for Saved Setup Data Files

A new server sets itself up using saved setup data it finds while using the following
search sequence. When the server finds saved setup data that matches the criteria
described, it stops searching and uses the data to set itself up.

It looks on all volumes for a folder at the root named “Auto Server Setup,” starting at

Â

the start volume and then searching the rest alphabetically.
Mounted share points are also searched, so any automounted or manually mounted
share point can contain the auto setup files. For example, you can use

automount

or

mount_afp

via the command-line to mount a share point while the server is waiting

for setup.
It searches through “Auto Server Setup” folders, looking for a file with the extension

Â

“.plist”. There is no naming convention for the plist.
The plist file must contain the key “VersionNumber” with value “4” or it will be
ignored.
It evaluates all profile plists found to evaluate the most specific match.

Â

Most-specific to least-specific criteria are:

Hardware serial number

Â

MAC address

Â

IP address

Â

DNS name (fully qualified)

Â

Computer name

Â

None of the above

Â

If a saved setup data profile contains multiple network connection services, Server
Assistant tries to match hardware (MAC) addresses. Failing that, it tries to match
interface (BSD port) names. If a profile has multiple conditions, it applies to a computer
that satisfies any of them.

118

Chapter 6

Initial Server Setup

See also other documents in the category Apple Software: