OS X Server comes with FreeRADIUS pre-installed, but does not have any GUI interface for enabling or configuring it. This guide will walk you through, step-by-step, how to enable, configure, and test your RADIUS server. I’ll probably follow up with a separate guide on configuring various devices to work with the FreeRADIUS server you will be configuring here. Continue reading
This article will go over how to setup FTP File Sharing in 10.8 server. There are a few things that can trip you up if you are not careful, so if you are running into weird connection errors, read on. In previous versions of OS X Server, you were able to share out as many directories as you wanted – this is not so in 10.8. Instead, the FTP service allows administrators to share a single directory out. This directory can be any share that has previously been configured in the File Sharing service or a website configured in the Websites service.
The very basic setup of FTP is very simple. It consists of navigating to the FTP service, choosing a share point from the drop-down, and turning the toggle to “on”.
Once you have done this, you can test it from any other Mac by connecting via Terminal:
ftp <user>@<server> (e.g. ftp firstname.lastname@example.org)
You will then be prompted for the user password – if you are successfully able to connect, as indicated below, you have done everything perfectly and FTP is up and running. Obviously, you should test with various users to be sure it works with everyone that needs access (especially test OD users for reasons you will see below).
230 User josh logged in. Remote system type is UNIX. Using binary mode to transfer files.
However, as I mentioned, there are a few catches.
You may run into the following errors when trying to connect:
550 Can't change root. ftp: Login failed
This indicates that there is a problem with the FTP Share path. In order for FTP to connect successfully, there can be NO spaces in the directory path. This means if you are trying to share:
It is going to fail. To get this working you must rename “Shared Items” to something like “Shared_Items”. If that is not an option for whatever reason, you can create a symlink to Shared Items and place it in a path with no spaces (for example: /private/tmp). To do this you would use the “ln” command like so:
ln -s "/Shared Items/Server/Documents/Scans" /private/tmp/Scans
You would then just need to select the symlink as the destination for your share, rather than the file itself.
530 User josh may not use FTP. ftp: Login failed
With this error, you may have noticed that Local Users are able to connect while OD users are not able to. This is likely caused by the OD users being “service only” users. Part of the implications of making a user “Service Only” is that that user is not assigned a Login Shell (or more accurately, the login shell is set to false). In order to allow one of these users to login, you must assign them a valid login shell. To do this, follow these steps:
Open Server.app and navigate to Users
Locate the desired user and right-click then select Advanced Options
You will notice that Login Shell is set to:
Change this value to: