Wednesday, April 25, 2012

How to set up Lion Server via Screen Sharing (VNC)

We just set up our first Mac mini with Lion (Mac OS X 10.7) Server preinstalled. Being a server, it will have no keyboard, mouse, or screen attached to it. We needed to go through its initial configuration remotely.
Apple theoretically makes this easy for you. If you download their Server Admin Tools 10.7, it has a feature which will let you configure the server over the network.
Which is great if you happen to be running Mac OS X 10.7, but I still haven’t installed Lion on my chronically-short-of-space MacBook Air 11″, and Snow Leopard won’t run the newest Lion Server Admin Tools. Joy. I just wanted to remote control the server via Screen Sharing without having to fuss with the Admin Tools.
Well, Apple sure doesn’t tell you how to do that, so it was time to dig in and puzzle it out. Like so many things, it’s fairly easy once you know how, but I haven’t yet seen this info all in once place. So here it is.
1. Figure out the Mac mini’s IP address. Most routers, including AirPorts, have a DHCP log which shows what IP addresses are assigned to what computers. Find the Ethernet ID on the Mac mini box or the exterior of the computer itself, and match it to the list of MAC (network ID, not Macintosh) addresses in your router’s DHCP log.
2. In Lion Server’s freshly started state, the Screen Sharing service isn’t running, but SSH is. Type:
ssh root@ip.address
(where “ip.address” is the ip address of the mini). If it asks you about whether it’s ok to connect, answer yes. When prompted for password, enter the entire serial number (not just the first eight digits, for those familiar with earlier server software), in all caps. It’s also on both the box and the Mac mini itself.
3. Now you have to start the screen sharing service, as explained in this Apple knowledge base article(this command is bullet point 1). Type:
/System/Library/CoreServices/RemoteManagement/ -activate -configure -access -on -restart -agent -privs -all
After a few seconds it should say ARDAgent is running.
4. Now you should be able to type vnc://ip.address into Safari (again, where “ip.address” is the mini’s IP address) and Screen Sharing will ask you to log in. Leave the user name empty, and enter the entire serial number of the Mac mini (all caps).
5. You should now have control of the mini as though you had a screen, keyboard and mouse attached. After you go through the server setup process, you’ll be on the Lion desktop.
6. At this point, even though you’re still remote controlling the mini, you will not be able to log in again. (I found this out the hard way.) Remote Login (SSH) is turned off. Screen Sharing (VNC) is still enabled, but you can no longer log in with the serial number, and the administrator user you created does not have permission to access the Remote Management service.
7. So the first thing you should do is go to System Preferences, and click on Remote Management. (By default All Users is selected, but you can change it to just the administrator if you don’t want other users to have screen sharing access.) Then click on Options, and ensure that the “Observe” and “Control” checkboxes are set. Now try logging in from another Mac, if possible, to make sure it works.
8. You may also want to also temporarily install a free web-based remote control service, such as LogMeIn, as a fallback, because not being able to log back in means you have to find a screeen, display, and keyboard to plug into.
That’s the whole thing — not too bad. It would be nice if Apple made this kind of install easier, but then there wouldn’t be the satisfaction of figuring it out.
Update: Just found this blog post, which lays out a very similar process. The major difference in Lion Server appears to be that the entire serial number of the computer is required, not just the first eight digits.
Update: Expanded step 6 for clarity.