Solved

Lion server private vs. internet host name

Posted on 2012-03-25
4
994 Views
Last Modified: 2012-04-04
im setting up a lion server as a file server, mail server, ical, address book, and wiki server.  I'll also be running as an open directory master, serving a mix of approx 15 desktops/laptops.

am i better off setting it with a private network name, such as server.mycompany.private, or with an internet routable name, such as server.mycompany.com?

Are there security concerns for its host name as internet routable?

ideally i'd like the laptops to access ical / address book / wiki / mail outside of the local network, not sure if the host name matters for that, and also not sure if the routable name represents a significant security threat.

thank you
0
Comment
Question by:kaplancomputers
  • 2
4 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 37764016
You should use internal and then use the mail server configuration to specify the external domain that it will be using and masquerade if you want it to reflect the external name in the headers.
As long as your external domain points to your public IP and your outside router is configured to pass the appropriate traffic to your internal server and you internal server's firewall if any is configured to allow that traffic and the user has  the correct username/password to provide you should be set.
0
 
LVL 13

Accepted Solution

by:
maximus5328 earned 500 total points
ID: 37768952
There is no security concerns in giving the server a .com name. However, you shouldn't use server.mycompany.com for different reason. After you set up DNS on the server - and you should in order for Open Directory to work properly - the server will become authoritative for mycompany.com zone. This can potentially become a problem (ex. the stations on your network will not be able to access mycompany.com website).
That said, you can go with either server.mycompany.private or something like server.office.mycompany.com - in either case you will configure the gateway firewall to allow access to server from remote clients.
0
 

Author Comment

by:kaplancomputers
ID: 37769082
Maximus, thx very much for your comments. Does using a .private address complicate remote users that want to use the iCal or address book services from the lion server?

Can they still use those services outside of the local network with a .private?
0
 
LVL 13

Expert Comment

by:maximus5328
ID: 37771828
I think, with .private you will be able to connect to the server from outside using port forwarding on the gateway. You will definitely be able to connect using VPN.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The /etc/authorization file in Mac OS X 10.x can be used to control access to the various panes of the System Preferences amongst other things. It’s used by some of us Mac Sys Admin’s to give Standard Users access to System Prefs panes that only adm…
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now