Apple Mac OS X Server (Version 10.6 Snow Leopard) User Manual

Page 135

background image

Chapter 7

Ongoing System Management


Changing the DNS name of the directory server requires that all bound machines be
rebound to the new directory name and address.

If you have set up a Kerberos environment, the Kerberos realm does not change when
the hostname is changed.

Changing the IP address of the Firewall can significantly alter the effectiveness of the
service. In Mac OS X Server v10.6, IP firewall rules are stored and referenced as address
groups. A change to the IP address of the firewall server might prevent traffic to the
address groups from being routed, and therefore none of the specific firewall rules
would be applied.

Check all firewall rules when changing the IP address of the firewall server.

Mobile Access (Proxy Services)
Most proxy services should remain relatively unaffected by a change to IP address or
domain name. If you have edited the manually to
have the proxy server connect to itself for some service by some other address than
the link-local address ( or localhost), you must change it manually again.

However, proxy services are affected if the IP address or DNS name of the destination
servers changes. If you change a proxied services’ name or address, you must
reconfigure Proxy Service.

If you configured an HTTP Secure Proxy virtual host, you must delete and re-create the
proxy mappings of any proxied servers.

NAT should not be affected by a change to the server’s IP address or DNS name.
All clients behind the NAT server still have contact with the NAT router by the internal
IP address. If you made manual modifications to the NAT service configuration files,
make sure those changes are compatible with the new IP address or DNS name.

NetBoot does not require reconfiguration after changing the IP address or DNS name.
However, all clients that use it must reselect the server after the changes.

If you change the RADIUS server IP address, you might need to check or reconfigure
the IP addresses of the associated base stations. Additionally, if you’re using SSL
certificates, you must regenerate or repurchase the certificates. You must use Server
Admin to import the new certificates, and then configure the service’s new certificate.