Updated March 7, 2007: Update fixes the broken image. Note also that since writing this entry, I’ve completely given up using the admin. interface on the server; now I manually edit the zone files at /var/named.
One of the worst changes that Apple made to its suite of OS X Server administration tools is to that originally-named Server Admin application—more specifically—to the DNS (Bind) settings section.
Back in the Panther days (up through 10.3.9), when you added a record to map an IP address to a name, you had to choose which type of record it was; the interface had a pull-down list where you had to pick one. Was this new record an A, CNAME, MX, etc. record? It’s a simple enough question, especially given the raft of online information about each of these, and Bind/named DNS in general.
For some spurious reason, Apple decided to dumb-down their DNS administration interface such that it no longer makes any logical sense to someone who’s administered a previous version of their same software. You are no longer allowed to view your zone records individually; you cannot readily distinguish between A, CNAME or MX records from the list of machines in the zone. It now lumps everything together, and presents only a list of IP-to-name pairs for the A record only. Additional information (CNAME, MX) is hidden from you, and you have to double-click on a name to see if there’s additional information for that name. Peep:
This isn’t necessarily a huge deal if you’re the one who set shit up on the Panther box in the first place. You’ll know which “A” record to look at when the Tiger upgrade eats your original MX record (and all the other records, which will probably happen), and you start getting “mail for [workdomain.com] loops back to myself” bounces from the server.
What if you didn’t set up the Panther server? What if you inherited the server from a previous admin? Lucky you… you get to double-click on every A record until you find the one that should have the stupid little “This machine is a mail server for the zone” checkbox checked. Luckier you, the upgrade doesn’t preserve this setting—they’re all unchecked—and you’re completely fucked.
In either case (a. you set shit up originally, or b. you have to deal with someone else’s previous server configuration), you have only one option: Blow away anything in the “Machines” list that survived the upgrade, then manually re-enter all the records and restart the server.
This resolution process is an unfortunate circumstance of a poor upgrade execution, but the “easier” user interface serves only to exacerbate your pain as an admin.