About the Lion Server v10.7.3 Update
This software updates Lion Server v10.7, v10.7.1, and v10.7.2 to version 10.7.3. It is recommended for all Lion Server users.
Read before installing
- Do not interrupt the installation process. If a power outage or other interruption occurs during installation, use the standalone installer (see below) from Apple Support Downloads to update.
There are three ways to update to Lion Server v10.7.3:
- Use Software Update
- Install from a standalone installer
- Install on a remote server via Server Admin or the 'softwareupdate' command-line utility
Software Update installation
Choose Software Update from the Apple () menu. Because some updates are prerequisites for others, you may need to use Software Update more than once to obtain all available updates. When Software Updates states "Your software is up to date," you can be sure that all available updates have been installed.
If you want to download and manually install the update, an installer is available from Apple Support Downloads. This a useful option if you need to update multiple computers but only want to download the update once. Read how to verify the authenticity of manually downloaded Apple Software Updates.
If you need to install the update on a remote server, you can do so using the Server Admin application or this command line tool:
The Lion Server v10.7.3 Update includes several enhancements to the Server app interface.
File Sharing pane
- Displays the number of users connected via AFP or SMB, and provides a new Connected Users tab which displayed details about these connections: Client IP address and connection type for AFP and SMB connections, and user name and idle time for AFP connections.
- The new Connected Users tab also provides the ability to disconnect specific users who are connected via AFP, with the option to include a message, and the ability to send a message to connected AFP users without disconnecting them.
- Adds the option to create a Greeting that will be displayed to users who connect to the server via AFP.
- Provides the option to enable VPN over PPTP and save a PPTP configuration profile for distribution to clients. When PPTP is enabled, PPTP clients share the same address range as L2TP clients. For more information about configuring PPTP VPN, see this article.
- Provides the ability to set DNS server addresses and search domain names to VPN clients.
Adds several new configuration options including the abilities to:
- edit a site's domain name after creation.
- choose a different SSL certificate for each site.
- map multiple domain names to a single site.
- configure redirects and aliases.
- specify custom index files.
- use .htaccess files by checking the "Allow all overrides" box.
Additional Server app improvements
- Improves reliability of the servermgrd process, resolving an issue which could prevent Server app or Server Admin from connecting to a server.
- Improves the response of Web, Wiki, Profile Manager, Push Notifications and SMB services to changing the server's hostname.
- Improves log searching and filtering.
- Improves support for using different certificates for IMAP/POP and SMTP in Mail service.
This update also includes the following improvements to other Lion Server components.
Fixes issues for Windows users accessing files on a Lion Server SMB share:
- copying a file with certain extended attributes
- saving files in Windows 7
- opening files with Microsoft Office 2003
- creating new folders in Windows Vista
- Allows an administrator to enable auto-acceptance for users. For details, see this article.
- New webmail accounts will have default address in the form firstname.lastname@example.org instead of email@example.com.
- Ensures the creation of default folders (Sent, Drafts, Junk, Trash) for webmail users. For more information, see this article.
- Improves authenticated binding to Open Directory servers in Directory Utility. (This is also included in the OS X Lion v10.7.3 Update (client).)
- Improves reliability of setting up Open Directory replicas.
- Podcast Publisher can now publish podcasts to a Lion Server bound to Active Directory. Note: You must still connect to the server using a local or Open Directory account.
- Improves responsiveness of the web admin interface when enrolling 100 or more devices.
- Improves creation of Mac OS X 802.1X payloads.
- Adds two new settings for iOS Mail and Exchange payloads: The ability to prevent messages from being moved out of an account, and the ability to prevent any app other than Mail from using the account.
- Adds the option to allow a user to create an external home folder in a Mac OS X Mobility payload.
- Improves importing iOS apps.
- Fixes an issue using the %email% variable in a payload.
- When creating a profile for manual download, username is no longer required for CardDAV or CalDAV payloads.
- Allows setting the Mac OS X Dock magnification in a payload.
Web Password Reset
- Now supports Internet Explorer 9.
- Supports editing from an iPad running iOS 5 or later.
- Supports adding Active Directory groups to wiki permissions list.
- Provides support for an administrator-specified custom tag, protocol and inline style whitelist, which can be created manually and saved as /etc/collabd/filter_whitelist.plist.
- Fixes an issue that prevented wiki logins when the server is set to a fractional time zone (a time zone which differs from UCT by 30 or 45 minutes).
- Fixes an issue in Lion Server v10.7.2 that prevented guest access to wiki calendars.
(These fixes are also included in the OS X Lion v10.7.3 Update.)
- Fixes an issue that could cause data loss on filesystems hosted by StorNext FS version 4.2 controllers, when changing the capitalization within a file name.
- Improves reliability and stability of Xsan volumes.
- Improves reliability of uncached data access in applications such as Final Cut Pro.
(These fixes are in the Lion Server v10.7.3 update. There are additional fixes in the Server Admin Tools v10.7.3 update.)
- Can enable "allow zone transfer" for more than one DNS zone.
- Allows creation of a secondary reverse DNS zone.
- No longer overwrites changes to the smtpd_helo_restrictions setting in the postfix main.cf file.
Additional improvements are documented in other articles: