Slashdot Mirror
Essential Mac OS X Server Administration
Michael Bartosh, President of 4am Media, Inc. (formally an Apple Systems Engineer), is a Mac OS X consultant and trainer specializing in cross-platform directory services integration. He is the main author of Mac OS X Server Administration, having written Parts I through VI. Ryan Faas is the Mac columnist for Computerworld and has extensive experience with integrating Macs in cross-platform networks and contributed Part VII, "Client Management," to this volume.
The authors divide the book into seven main parts covering server installation and management, a variety of services (directory, IP, file, security, and Internet) and client management. An appendix offers an extremely concise and clearly written introduction to directory services. Part I discusses planning and designing the server environment, installing and configuring the OS X Server, an overview of the server management tools, system administration and troubleshooting. Hardware (to XServe or not, supported architecture and performance bottleneck consideration), storage technologies (XServe RAID (Redundant Array of Inexpensive Disks), ATA (AT Attachment, IDE (Integrated Drive Electronics), SATA (Serial ATA), fibre channel, SCSI (Small Computer System Interface), FireWire/FireWire 800, various flavors of RAID), volume partitioning (best practices for maintaining different parts of the file system on different volumes) and particularly network infrastructure (performance, infrastructure and services). The latter is a critical consideration for cross-platform efficiency; basically, "playing nice" with existing and predominant OSes and platform-specific settings on network links.
The next chapter on installing and configuring Mac OS X Server walks the reader through the actual installation process for both the GUI and the command-line options. There are plenty of screen shots for the GUI install but the more attractive aspect of this section is for those administrators who are comfortable with the command-line. This is a terrific example of how the command-line provides far more granular control over installation and configuration options in comparison to the GUI process (if you want an excellent step-by-step introductory narration of the GUI installation then you can't do better than Schoun Regan and Kevin White's Mac OS X Server 10.3 Panther: Visual Quick-Pro Guide published by Peachpit). Bartosh and Faas also include descriptions of network install using Apple's NetBoot technology, ASR (Apple Software Restore) and radmind (remote administration daemon).
Chapter 3 continues with another well-documented section on server management tools: Workgroup Manager (creating users, groups and computer lists, managing the same, managing share points and the oft-ignored...because it's hidden in the application's preferences pane...Inspector), Server Admin (service managing, monitoring and configuration app) and Server Monitor (XServe specific hardware-monitoring app). Again, the best part of this chapter is the inclusion of both graphical and command-line equivalent tools: serveradmin; nicl (used to read data in NetInfo where the share record is stored); sshd, servermgrdhwmon (server management daemons); and a very brief nod to the directoryservice daemon (manages Open Directory) which is covered is more depth in the excellent Appendix.
Chapter 4 is titled, "System Administration" and is a very interesting aside that acts as a forum for author Bartosh's particular philosophies on the approaches and practices that make good bedfellows in a non-homogeneous network environment. Do not read "peculiar" here; Michael Bartosh takes an extremely sensible and ostensibly efficient approach to a difficult and sensitive topic. As Bartosh notes, "The Macintosh is...still a minority platform, and it makes little sense when working to gain acceptance somewhere to ask that organization to make fundamental infrastructure changes in order to support the Mac." His main points include: minimize intrusion into existing infrastructures; focus on the needs and business of your organization; default policy of denial (minimize access points); and minimize change, maximize stability. He also holds forth on software update methods, backup strategies, account management, failover, the diskspacemonitor daemon and watchdog for service monitoring. At the end of the day, this chapter provides an enlightening approach to combining a realistic set of principles with an appreciation of the compromises that must be made to ensure cooperation and success.
The final chapter of Part I involves strategies in troubleshooting Panther Server on a higher plane than merely going through the simple first step of repairing permissions. Again, Bartosh uses this chapter to introduce a more rigorous approach to analyzing and solving problems that often occur during the course of system administration. Bartosh details a structured approach to name resolution: lookupd with query and debug modes, fundamentals of LDAP and OS X directory services, forensic tools (strings, fs_usage, otool, ps, lsof, ktrace, kdump), network tools (netstat, tcpdump) and joiners/filters (grep, | (pipe symbol), awk).
Part II, "Directory Services," requires a thorough read of the Appendix ("Introduction to Directory Services"). Part II is composed of several chapters covering Open Directory Server: identification and authorization, and authentication and replication. This is a complicated topic but Bartosh explains the concepts with skill. He begins with management of Open Directory Server using Server Admin and quickly follows with an overview of roles (standalone, connected to a directory system, open directory replica or open directory master), best practices for creating administrator accounts and a detailed account of how to access an open directory domain.
Chapter 7 consists of an examination of LDAP (lightweight directory access protocol) basics and terminology; Apple's OpenLDAP including the use of Server Admin to manage OpenLDAP settings; a summary of the OpenLDAP server daemon, slapd, and the configuration file, slapd.conf; slapd troubleshooting, OpenLDAP utilities and tools (ldapadd/ldapmodify, ldapsearch and slapcat among others); a breakdown of LDAP data (identification data, authorization data and configuration data) in an Open Directory Master; an explanation of Apple's LDAP Schema and how to query LDAP services using ldapsearch at the command-line or LDaper from the GUI. Bartosh has a knack for taking a conversational tone in his approach to complex subjects: he is able to import the salient points of his extensive knowledge in a casual yet nontrivial manner.
Password Server and Kerberos are both handled in the next chapter. Bartosh provides a detailed treatment of PasswordService (SASL or Simple Authentication and Security Layer), a breakdown of the Password Server architecture (Password Server daemon, config file, main database, etc.), Password Server policies and new policies in Panther Server, use of public key cryptography and Password Server tools including pwpolicy, mkpassdb and NeST (NetInfo Setup Tool). Kerberos basics are fully explained with principal terms defined (realm, KDC, service ticket, TGT, encryption type, etc.) and a stepwise description of the Kerberos exchange mechanism. Also included is a general review of securing Kerberos using preauthentication. Following this is a specific treatment of MIT's Kerberos distribution within Mac OS X Server. Bartosh walks the reader through Kerberos configuration and Kerberizing Mac OS X Server services. He rounds out this chapter by bringing together the Kerberos and Password Server concepts (synchronization of Kerberos and Password Server authentication databases).
The final chapter in Part II involves replication architecture in Open Directory Server, design choices and best practices for deployment. The author uses both a GUI method (Server Admin's Open Directory Settings interface) and the command-line technique (slapconfig) in creating an Open Directory Replica and includes a detailed sequence of events that occur during the replication process. LDAP replication, Password Server replication and Kerberos replication are all discussed in-depth. Not surprisingly, client-side replica discovery is also dissected, including LDAP replica discovery, Password Server replica discovery and Kerberos replica discovery.
Part III is devoted to IP services and examines xinetd and Apple's DNS, DHCP and NAT services. Chapter 10, on xinetd, is very well written with a short history of the evolution of xinetd; configuration using the shell-script service; a description of xinetd architecture; and lists of general options for use with xinetd (id, passenv, port, redirect, groups, etc.), OS X specific options (mdns, session_create) and security-related options (log_on_failure, no_access, access_times, etc.).
DNS (Domain Name System) and the BIND (Berkeley Internet Name Domain) package are the topics of Chapter 11. Obviously an important but difficult concept to grasp but Bartosh does an exceptional job here. New to Panther is the ability to access DNS via a GUI tool and again it's done through the Server Admin interface. The author guides the reader through the process including looking at the DNS logs, the Activity pane and some minimal option settings (zones and logging). A thorough approach is also taken in analyzing the BIND package, the named daemon, the named.conf file, the tools available for troubleshooting (nslookup, dig and particularly host), and advanced configuration options (running named as an underprivileged user, establishing a domain-specific forwarder, change rooting, limiting zone transfers, and providing different host data using views).
The next chapter covers DHCP (Dynamic Host Configuration Protocol) and Apple's bootpd service. The author again provides GUI access instructions to the DHCP service, including screenshots of the various tabs (Overview, Log, Clients, Settings) and an explanation of available options. Troubleshooting, using the bootpd daemon and advanced command-line tools at one's disposal are also included: creating bootpd static bindings and using bootpd to supply other DHCP options (IP address of the NetInfo parent, the default URL to present in a Web browser, local POP3 server, local newsgroup servers, etc.).
Chapter 13, NAT (Network Address Translation), is the final chapter in Part III and follows the established format of providing screenshots of the Server Admin access point for this service, along with architecture (including the natd daemon and the OS X packet filter, ipfw) and advanced configuration options (editing the natd.plist).
Files Services comprise Part IV and includes an overview of creating and managing share points, automounts and home directories; AFP (Apple file protocol) management; Windows file services via SMB (Server Message Block); FTP (File Transfer Protocol), network file system and print services. The services are familiarly managed through Server Admin and Bartosh provides details on each service: accessing each of the GUI tabs (Overview, Logs, Connections, Graphs and Settings) and options within as well as using the command-line equivalents. He consistently provides comprehensive information about each choice, their consequences and alternatives. He also offers interesting asides on the historical evolution of various options (default permissions behavior pre-10.2, for instance) that make the reader appreciate the complexity involved in the development of an innovative system such as OS X Server.
The permissions mapping section in Chapter 15 ("Apple Filing Protocol") has some very well-done representational examples of permissions mapping. Integration of AFP Services in Mac OS X into different shared directory domains is referenced to http://www.4am-media.com/sso/ (which was not available at the time of this writing). The recommended troubleshooting technique is AFP client logging and the author gives stepwise instructions on how to enable AFP client logging through the command-line.
Chapter 16, "Windows File Services" will, no doubt, be a focal point for many administrators. Over the long haul, successful integration of Mac OS X Server into a Windows environment will make or break the OS X Server platform. Apple included Samba in Mac OS X to smooth the way toward assimilating platforms in such a way that it's a fairly seamless experience for diverse clients. Configuration, logging, connections, etc., are viewed and configured through Server Admin with per-share options are managed using Workgroup Manager (share this item using SMB, allow SMB access, custom SMB name, default permissions, etc.). Password Server integration, useful command-line utilities (testparm and smbutil) are also described.
FTP (File Transfer Protocol) is covered in the next chapter in the same format as the other services: both GUI and command-line options; managing FTP using Workgroup Manager; architecture (xftpd, ftpaccess.default); securing FTP (using Kerberos, FTP tunneled over SSH and sftp). An added bonus is an extended section on advanced options when manually editing ftpaccess, ftpconversions, and ftphosts/ftpgroups/ftpusers.
Chapter 18 deals with NFS (Network File System) with some caveats as to the relative insecurity of the service model and UniqueID mismatch issues. NFS File locking, /etc/exports and NFS daemons (mountd, nfsd, rpc.lockd and rpc.statd) are introduced in due course.
Print services is the final topic of Part IV and Bartosh is fairly blunt about the inadequacies found here. Nevertheless, he presses on and covers the subject in much detail. In all honesty, Tiger Server provides vast improvements in this realm and while this Panther section is worthwhile for those interested in how it's peripherally handled in Panther, if you are relying on OS X Server as your primary print server...well, it may be time to upgrade to Tiger.
Part V consists of two chapters revolving around Security Services: Mac OS X Server Firewall and Virtual Private Networks. The firewall chapter begins with a general discourse on how network communications function, a comparison between packet-switched vs. circuit-switched networks, redefining "firewall" in terms of packet filters (ipfw) and a look at ipfw packet filter rules. Bartosh follows this up with a point-by-point, server-specific initialization of Apple's Firewall service. The GUI through Server Admin is set out along with using the Advanced pane to "deny" rules and using the command-line to configure ipfw in order to bypass issues involved with extreme sluggishness experienced when reloading rules. The chapter concludes with specifying rule order, configuration examples in scenario/action format, reporting and monitoring (using ipfw list, serveradmin status, sysctl and /var/log/system.log), and managing the firewall service.
Chapter 21 is a methodical explanation of VPN (Virtual Private Network) vs. other varieties of encrypted connections: SSL (Secure Socket Layer) and SSH (Secure SHell); VPN protocols: PPTP (Point to Point Tunneling Protocol), and L2TP over IPSec (based on the Internet Protocol Security suite). Configuring L2TP/IPSec (via the IPSec daemon, raccoon, and vpnd) and PPTP are more than adequately covered. Logging, client information, Internet Connect, Rendezvous (now known as Bonjour), subnets, and authentication are also included. There is a dearth of OS X VPN instruction/discussion in the wild so it's nice to see it finally included in some detail within the context of OS X Server.
"Internet Services" (Part VI) is dedicated to Mail and Web services and Application servers (Tomcat and JBoss). The section begins with an overview of mail protocols: SMTP (Simple Mail Transfer Protocol); POP (Post Office Protocol); and IMAP (Internet Mail Access Protocol) followed by global graphical management options in Server Admin. Also included here are WebMail via SquirrelMail (open source IMAP client), Workgroup Manager to manage per-user Mail Service options, Postfix (default Mail Transport Agent) as a replacement to Sendmail, and Cyrus (default Mail Delivery Agent). Several valuable additions to this section include: a discussion of migration from legacy or existing mail systems (amsmailtool), backup strategies (BRU by the Tolis group) and content filtering (ClamAV, SpamAssassin).
Apache is bundled into Mac OS X and OS X Server and, with the latter, is integrated with the server tools. All the usual settings are accessed through Server Admin: Overview, Logs, Graphs and Settings. General and site configuration are handled through the Settings tab: setting MIME (Multipurpose Internet Mail Extension) types, configuring the proxy server, adding and removing modules are all available here.
In Chapter 24, Application Servers, Bartosh walks the reader through a comprehensive setup of the Application Server and the configuration of JBoss and Tomcat. He gives a simple introduction to creating a simple JSP page as well as illustrating more complex application scenarios.
The final part of this book, "Client Management," was contributed by co-author Ryan Faas and stands on its own as an excellent accompaniment to Michael Bartosh's coverage of OS X Server in the previous sections. The reader enjoys a complete scope of managing preferences on OS X clients (for users, groups and computer lists), managing both Classic Mac OS X workstations and Windows clients, workstation deployment and using ARD (Apple Remote Desktop). Of outstanding value are: understanding how varying preferences interact, using the Home directory for preference management, mobile accounts preferences, using Mac Manager to manage Classic Mac OS Workstations (Mac Manager share points and folders, creating workgroups, defining workgroup printers, disabling login for a computer list, security options for computer lists and global settings), hosting a Windows domain (configuring Mac OS X Server as a Windows Domain Controller), home directory access from Windows clients, setting up user profiles for Windows users, using login scripts, and configuring member and standalone servers.
Chapter 28 covers "Workstation Deployment and Maintenance" and discusses types of disk images, NetBoot (share points and image folders, shadow files) and network issues with NetBoot (load balancing, NetBoot across subnets), creating Mac OS X NetBoot images using the Network Image Utility, configuring the NetBoot service from both the GUI and the command-line, NetInstall and Apple Software Restore (creating Classic ASR images using Disk Utility, applying ASR images using Disk Utility, the command-line and other tools (Carbon Copy Cloner). A real-world scenario that is covered here is the time consuming and deadly annoying task of maintaining software updates across networked client machines. Faas proffers a variety of server-based options: Apple Software Update, creating and using NetInstall images that contain package files, using application share points, putting application installers on the network, and using third-party software management tools such as NetOctopus (http://www.netopia.com) and Filewave (http://www.filewave.com) or, my personal favorite, the Open Source tool, Radmind (http://rsug.itd.umich.edu/software/radmind/).
The final chapter of "Essential Mac OS X Server Administration" describes an application not included with Panther Server: ARD (Apple Remote Desktop). A desktop management system integrated with VNC (Virtual Network Computing), ARD provides a full set of administrative tools that include custom software package installation, data reporting options (hardware, OS, installed software, etc.), workstation broadcasting, etc.
The book includes one appendix, "Introduction to Directory Services" (did I mention it was quite excellent?!).
As always, O'Reilly has published a well-designed book: despite the 800 plus pages, the book is perfectly balanced with a comfortable weight-to-size ratio, clean typography, appropriate and pithy asides, and a supple binding that allows the book to stay open when you want to follow along while at your keyboard.
Yes, Tiger Server (Mac OS X 10.4) has been released and no doubt authors Bartosh and Faas have already been hard at work on the second edition of this book. This in no way minimizes the impact this book should have on its intended audience. The evolution of any particular server product should be of vast interest to the professional systems administrator. Panther Server (Mac OS X 10.3), which is the focus of this book, will continue to be a presence in the Apple server-specific market for quite some time. Frankly, not every deployment site (from small businesses to vast educational institutions) will be able to upgrade to Tiger immediately nor will they all be eager to expend the time and additional dollars needed to invest in software, training and potentially new hardware. With the exception of Schoun Regan's Mac OS X Server 10.3 Panther: Visual Quick-Pro Guide (Peachpit, 2005), there is no other comprehensive documentation on OS X Server (Apple's documentation is clumsy and self-promoting). Essential Mac OS X Server Administration is an indispensable contribution to the education of the IT professional.
Mary Norbury-Glaser is IT Director at a University of Colorado Denver affiliate center. She has over 15 years experience in cross-platform systems administration. You can purchase Essential Mac OS X Panther Server Administration from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Good thing that this Panther server oriented book is out just in time for Tiger server... ;)
BlackNova Traders
I had a week long class at Apple with him as the instructor for Mac OS X Server/Mac OS X integration [back in the 10.2 days]. His knowledge of NeXT is excellent.
You are not root, go away.
Step 2. Reinstall OS X
.....
Step 3. Reinstall Linux
Step 4. Reinstall OS X
Step 5. Reinstall Linux
Step n. Computer explodes.
Step n + 1. Drink beer.
Measure once, cut twice
This text certainly seems to be comprehensive, covering a good volume of material, and the need for such a text shows the change that Apple have instituted in the individual components that make up OS X. A book covering the specific versions and kinks of open-source software supplied by default with the OS (Samba, JBoss, Apache etc..) may prove invaluable when faced with using more generic texts written towards more standard Linux versions, filesystem layouts and behaviours.
Business Voyeur
Actually, I've been happy with the Tiger server, except for one little glitch. Apple Remote Desktop seems to lock up my server to the point where the server would stop responding to ANY requests. Once that thing got turned off, I haven't rebooted it yet. I don't know, I feel that ARD 2.2 has more bugs in it than ARD 2.1 (which has been rock solid for me). To bad I can't downgrade in Tiger (ARD 2.2 comes in by default).
Other than that, it runs my Drupal powered weblog very well (on a 350mhz iMac no less, installation was a bitch due to the fact my iMac didn't have a DVD drive).
Parent will probably be modded troll but it's true. OSX is never going to perform as well in typical server roles due to limitations in its mach based kernel (ie: context switching).
is there a way to turn off Mac & Star Wars stories ? They seem to go hand in hand and I'm tired of both.
Review != description of content! Tell us what makes this book interesting, don't give us four screens full of detailed table of contents.
Media that can be recorded and distributed can be recorded and distributed.
-kfg
(Good Thing This Reviewer Explains All Acronyms in Parentheses)
I found that someone with OCR already posted the text in an eBay forum.
Here it is for free.
What is it that OSX Server has that Client doesn't? Is Client crippled in some way? I know just from looking at the Sharing control panel that I can do all these:
Personal File Sharing
Windows Sharing
Web Sharing
Remote Logic
FTP
Remote Desktop
Apple Events
Printer Sharing
Internet Connection Sharing
That ain't bad, so what can Server users do that's so great?
OMG! When did Disney do goatse?
Since the $500 you paid for Panther Server 10-client was about how much your computer was worth.
OSX servers are above average, but if you will notice, not many people/bussinesses use them.
Yeah, one word explanation for that: Exchange.
My company has been selling Microsoft SBS hand over fist for years, but during that time there was quite a lot of interest in OS X Server (even from clients with all Windows-based workstations), for two reasons: because of all the egg on Microsoft's face over security issues, and because the OS X Server licensing costs are so cheap and licensing is low-maintenance. You don't have to keep track of CALs if your business is growing-- throw down $1000, boom, unlimited CALs. The last time one of my company's clients got unlimited Microsoft CALs, it cost them around $25K.
So why doesn't OS X Server sell more? The dealbreaker is always the fact that it doesn't have something like Exchange. I've been screaming for Apple to make an Exchange killer for years. They've got most of the pieces already: iCal, Mail, Address Book... all that needs to be done is to tie them together into a single app, and on the server end add group calendaring and maybe a new mail protocol similar in function to MAPI (IME, using IMAP as an Exchange client in MS Entourage SUCKS, so I think Apple needs to go one better with their imagined product).
~Philly
I agree with this (and I don't necessarity agree
with the parent being a troll).
In the long term, the Mac hardware aught to
get Linux (or another FLOSS OS) installed
on it anyway for several good reasons:
- Apple will charge to upgrade it with more
shiny mac software;
- Mac hardware is well engineered,
reliable and will last a reasonable
amount of time (forever?);
- Dual booting is really annoying on server
class (always on) hardware.
- When Apple moves to Intel based hardware it
will cost them more continue to support older
hardware.
- Ubuntu installs very easily
- Linux is Free (both reasons).
So if the hardware works, why delay the
inevitable?
Paul - A happy owner of an iMac Mini running Ubuntu.
What's next? Windows Servers?
Performance is at that point only 1/10th of the Opteron and Xeon. We have tested this on Panther (10.3) and on Tiger (10.4.1), triple-checked every possible error and the result remains the same: something is terribly wrong with the MySQL server performance.
SPEC CPU 2000 Int numbers compiled with GCC show that the G5 reaches about 75% of the integer performance of an equally clocked Opteron. So, the purely integer performance is not the issue. The Opteron should be quite faster, but not 10 times faster.
We checked with the activity monitor, and the CPUs were indeed working hard: up to 185% CPU load on the MySQL process. Notice that the MySQL process consists of no less than 60 threads.
ignorance is bliss. googlefiberatx.com
Even though there are arguments that Mac OS X isn't the best OS suited to use as a server, it is quite a luxury to be able to use your desktop machine as a testing server (And have photoshop/dreamweaver sitting there as well). Even though the environment is fairly similar to that of Linux and the *BSD's, the slight differences help out in making any sort of web-based app just that more cross platform.
Lovely, indeed. Perhaps a good reason to pick up the book, if not just from the Library;
Dada Mail - Program, Art Project or Absurdity?
"Mac hardware is well engineered,
reliable and will last a reasonable
amount of time (forever?);"
Uh... Since when? Is this more "I heard it so it must be true" logic?
Most of the parts are PC equipment now days (soon to be 100%) and the few parts that are actually apple engineered are as poorly designed as dell equipment.
Our macs have the WORST defect rate of anything but the dells we have.
The only reason that people keep their equipment a long time is because it cost an arm and a leg and they need to get 2x the life out of it to make it worth while.
I would imagine the lack of something equivalent to Group Policy is also a bit of a damper as well.
It wasn't designed as a server OS because you've seen that in a few specific instances, thread creation times are slow? Give me a fucking break.
I know a lot of folks who run some pretty high performance/high load apps on OS X. I also talked to these guys:
http://www.psoug.org/rac_on_mac.html
Who have deployed 3 Oracle 10g RAC installations on Xserve G5's. They said in their testing that 10g on a dual 2.0 G5 was about 30% faster than on a dual Xeon 2.4 on Windows. Now that's not Linux (they hadn't done the direct comparo), but that shows that it's not completely unfit for server operation.
How can such a bigoted, intolerent view still be tolerated in our society. How, I ask you!?
-The Politically Correct Police
Factual statement pointing out shortcomings of Darwin for server use modded down by Apple fanboy.
Even though the parent was moderated flamebait, I'd have to concur with the overall sentiment given my experience dealing with both the Apple Server software and Apple the company while working with MacOS X Server for a client of mine who had had good experiences with MacOS in the past and thought that that experience would somehow translate into a good OS choice for web service. A client of mine bought one of the early dual G4 machines Apple offered and a copy of MacOS X Server. I think that Apple started selling this OS way too early, well before they were ready to support it in any serious way. The software was sorely underdocumented (and one shouldn't have to buy additional books to get documentation on the software one has already purchased) and Apple's employees were not responsive to problems. Apple leaves a lot to be desired when it comes to packaging. Keeping up with what's going on in Perl and Apache to fix bugs pertinant to the reason the server machine was brought in, for instance, is not easy when one has to compete with Apple's related packages thus risking Apple updates that don't install (or don't install correctly) because your installed software is more advanced than what Apple ships.
Also, I don't see why I would want to run a GUI on a machine that would run headless most of the time. Service records can either be generated automatically and sent somewhere else or I can ask for them when I need them from another machine. I'm just fine with ssh-ing into the server to get jobs done on the command line.
I don't have any statistics to offer on how much more slowly things ran under MacOS X, but I found their cutesy front-end apps to be inadequate or just plain wrong, so I ended up spending a lot of time working on things that I wouldn't have had to with another OS (GNU/Linux or OpenBSD, to name a couple free software systems); I ended up being slower to work because of the needless work I had to do. All of this for a proprietary system that costs considerable money in the first place.
Digital Citizen
with no other details (at least RAM and RAID settings). Besides, dual Xeon 2.4 is OLD tech from any angle (clock speed, core, chipset, you name it) - it's also really silly to compare it to a 2.0GHz G5; why not a 2x 2.0GHz Xeon if they're into showcasing old server hardware?. And 30% is embarrassingly small a difference to be talking about in this case.
Who the fuck would be dumb enough to use a Linux as a server?
Oh, wait...
- Kerberos domain server (and support for all the various services to authenticate using this)
- Jboss / tomcat (I've never used it though)
- MySQL (also I don't use this)
- Firewall
- Bind DNS
- DHCP server
- And, the Shiny Happy GUI tools are *networked* so you can tweak all the above services on any of the headless machines in your cluster
- The hardware monitor / alert tools are also networked and can send you quite a lot of emails if something gets too hot.
- If you happen to have an Xserve then you also get console-on-serial support.
- In tiger there is some kind of Xgrid manager as well... I've not looked at this in much detail though.
I believe that clock is from the eighties.
We already have something just as powerful, and much easier to use:
r oupmanagement.html
http://www.apple.com/server/macosx/features/workg
On Apple Input Peripherals: They're okay, I guess, but I was really hoping for a one-key keyboard and a 109-button mouse
Remember this one?
I don't want to start a holy war here, but what's up with you Mac fanatics? I'm sitting here at my freelance gig in front of my Dual 2Ghz G5, and it's taking 20 minutes to commit these 3 SQL transactions to my weblog InnoDB database. I mean, on my single Xeon, which by all rights should be half as fast, this operation would take 3 ticks. If that.
In addition, during these commits, Nestcape will not work.
etc etc etc
Don't blame me, I voted for Baltar.
OMG! When did Disney do goatse?
When they thought they could make a buck or two by doing it.
Is hello.jpg in the public domain?
If you're going to run Linux on it, why not just buy x86 hardware? The X-serves also lack features that some people might find important like dual power supplies.
Agreed. FWIW though, Entourage 2004 uses DAV, not IMAP. Josh
No, and even if you do turn off stories from the Apple section, Slashdot will still make sure that you end up reading its Apple© Slashvertisements(TM).
Is it a story about another mp3 player? Look to the submission having the comment "It isn't an Apple branded one, lame." tagged on. The story has a bunch of mp3s? You can tie the Apple products into the title, such as "Listen To The Universe On Your iPod." New small PC case or something simular to an iProduct? You get the comment like "lame, they are all now copying Apple and cashing in on their success" even if products that have had those features have existed for years before Apple did it.
Besides never going to this site again, there is no avoiding the Apple© Slashvertisements(TM).
You took the job after the choice was made, why were you wasting the client's time criticizing the vendor's way of doing things?
The vendor is always wrong. Never fight with the vendor, plan around instead. That's true of Solaris, RedHat, Apple, IBM, any vendor. (Microsoft, you can't work around, so you just plan on not building anything you haven't confirmed already works on their software. But they aren't a real vendor, they don't sell, they only lease.)
First check out whether it can be done with the stock install. If it can't, absolutely do not upgrade the stock software, because you want the vendor to take the heat on system-wide upgrades. Let Apple's updater do its job.
If you use perl in some custom application, install perl for your application separately. Do not use the system install of perl for your application. (This is good advice on many systems that include perl because they have system tools that rely on it.)
By using a separate install of perl for your application, you allow yourself to control the update schedule independently of the vendor. You also control the modules installed this way.
You probably think that's a waste of space, and it is, but it's least wasteful than trying to balance all the versioning issues. If you look at the way Java apps get installed, with xalan in this jar and that jar and the other war, and your ide can see four or eight different installs of xalan, and you wonder what's going on. But right now, it's cheaper to not bother trying to figure out whether already installed version X will work when you developed with version W.9.
Ah, nice. I didn't realise Apple had finally developed something like this.
x86 is still x86, even if the libraries are different.
Check out Kerio Mail Server. It is rock Solid.
So why doesn't OS X Server sell more? The dealbreaker is always the fact that it doesn't have something like Exchange. I've been screaming for Apple to make an Exchange killer for years. They've got most of the pieces already: iCal, Mail, Address Book... all that needs to be done is to tie them together into a single app, and on the server end add group calendaring and maybe a new mail protocol similar in function to MAPI (IME, using IMAP as an Exchange client in MS Entourage SUCKS, so I think Apple needs to go one better with their imagined product).
...
Agreed. Although I think they may be working on it in the background. Because I've found it quite interesting that PHP iCalendar (http://phpicalendar.net/) has gone offline voluntarily until further notice. Not a huge deal, but
Your Windows PC is my other computer.
This is actually true.
The XNU kernel has some serious performance limitations, and on a box that's going to be getting heavy usage I'd definately want linux/ppc instead.
On the other hand, not all servers are under heavy load, and the OSX Server package makes a lot of stuff relatively easy to setup and administer (particularly for the inexperienced admin,) so both have their place.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
Multi-tier enterprise development in Javascript
Writing readable code in Brainfuck
Windows 98 Server Administration and Security
...Yes, and they are PISSED that you keep calling them 'pussies'.
This useless space for sale, inquire at front desk.
PHP iCalendar went down because it was compromised. It won't go back up until a specific person has time to make sure it is safe to do so.
I'm one of the previously quite active, now kind of lurker, PHP iCalendar developers. No conspiracy here.
I would actually request that they do not turn iCal, Mail, Address Book, etc. into a single application. I absolutely hate that about Lotus Notes. Thing is, they all work together already. There's no reason for them to be in a single application.
;D
Opening iCalendar files in Mail puts them into iCal. Scheduling something in iCal allows you to send out invitations to the people identified in your Address Book via Mail. Address Book will connect to a central LDAP machine for accounts.
It isn't complete yet though. If you delete an entry in iCal, the original sender of the invitation is not notified. There's no way to use iCal or Mail to send back a response indicating acceptance of an invitation. Partially because you cannot yet assign an attendance status to the list of people. And you cannot check against other people's calendars to find free/busy time because there is no group calendaring mechanism.
Note to Apple: want to hire me?
Now i see why there are very less posts for this article ;-)
moderating hint for moderators: underrated
Sure, that's just what they want you to think...
...and it's already paid off. (migrating from 10.2 to 10.3 mail server-server...)
However, I do have a few beefs with it:
1. Errors. There are misplaced words and sentences that make no sense all over the book. In the short time I've had the book; I've come across at least 20 errors. (I've reported some to O'Reilly already. I just haven't had the time to do more.)
2. Depth/Lack of diagrams. A picture is worth 1,000 words, right? Well, where the hell are all of the diagrams? The VPN section needs a little bit more help -- maybe a picture or two -- to make it better.
3. While I've only read through the section once, the whole part on setting up an Open Directory master is a bit confusing, especially when the author writes about the different passwords. To his credit, he did include a diagram; however, the text is this section is a bit awkward.
> Ah, nice. I didn't realise Apple had finally developed something like this.
Apple "finally" developed it about 3 years ago when they released Jaguar.
Heh:
$ nslookup x.x.x.x
Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing.
-- often wrong; never in doubt
FWIW though, Entourage 2004 uses DAV, not IMAP.
Whatever it uses, IMHO it's infinitely inferior to Outlook 2001's MAPI support. I don't know what the Mac Business Unit people were thinking on that one. Furthermore, the fact that Entourage still doesn't do everything that Outlook 2001 does (out-of-office assistant control and fully-functional public folders, to name two still MIA features) is shameful.
I really try not to wear the tinfoil hat, but sometimes I can't help but wonder if it's being done deliberately to keep the Mac platform at bay in corporate environments. Mac Office is a very lucrative product for Microsoft-- it's not like they can't afford to throw lots of money and programmers at making Entourage a top-notch Exchange client with full Outlook 2001 feature parity ASAFP.
~Philly