Before you set up Messages service, you need to take care of several network items. Quite likely, your network already has some of these things.
Open Directory configuration
To authenticate users, Messages uses Open Directory, or another LDAP (Lightweight Directory Access Protocol) server bound to Messages Server. Messages Server doesn’t directly access the LDAP server. Messages users must have directory accounts in a directory domain. (See Chapter 5 for information on Open Directory.)
You also need an Open Directory master if you want to enable authentication with Kerberos or to use a Kerberos domain controller on another server. If you use the latter, the Kerberos realms of the controller and Messages Server must match.
If your Messages users are crossing a firewall to get to the server, you have to open some firewall ports. This is true for any service, but Messages requires a relatively large number of firewall ports to be open. (See Chapter 18 for more on firewalls.)
If you want Internet users to access Messages service on your server and you have a DSL, cable router, or other Internet router, you need to configure it for port forwarding.
DNS configuration for some situations
You may not need to do anything to your DNS server to support Messages service. But you could optionally add DNS records in two cases:
You’re enabling server-to-server ...