Slashdot Mirror
Large-Scale Mac Deployment?
UncleRage writes "I've been asked to research and ultimately recommend a deployment procedure for Macs across a rather large network. I'm not a stranger to OS X; however, the last time I worked on deployment NetRestore was still king of the mountain. Considering the current options, what methodologies do admins adhere to? Given the current selection of tools available, what would you recommend when planning, prototyping, and rolling out a robust, modular deployment scenario? For the record, I'm not asking for a spoon-fed solution; I'm more interested in a discussion concerning the current tools and what may (or may not) have worked for you. There are a lot of options available for modular system deployment... what are your opinions?"
that is a whole lot of gay to be rolling out
Is there even such a thing in this world? Folks like to disparage Windows, but it really is the only OS built for very large enterprises. Linux solutions don't really compare to Windows solutions - there, I said it...
I have had great success out of both DeployStudio (http://deploystudio.com/) and LanREV (http://www.lanrev.com) in K-12 schools with 200+ machines.
Man, I'd update your resume because they won't need you anymore. Or, insist that some MS products are still around because of ... of...email ...no...um...well, that's your problem.
It's NOT me! It's the meds! I'm on 1000mg of Fukitol.
Check out the following:
http://www.macenterprise.org/
http://www.deploystudio.com/Home.html
http://rsug.itd.umich.edu/software/radmind/
Now that NetRestore is going the way of the dodo, is there anything out there better that Apple Software Restore, it is pain in butt because another boot disk is needed, NetBoot sets without NetRestore more work
Guess what? It would be you, not the Macs. I'd have fired you for wasting the time needed to tear a display apart instead of sending it to the manufacturer to be repaired.
.. of OS X server? It doesn't require client access licenses like Windows server versions do, and many of the services seem tailored to providing the best administration possible for an OS X network. I don't have any personal experience, but that's the first place I'd look if I had to admin an entirely OS X network.
You have two choices in general on the Mac side:
-- UNIX-y utilities, usually on the command line and a bit crufty in places, but free and nicely configurable
-- Mac-type utilities with marvelous interfaces that will probably set you back a nice chunk of change
When I was in the business, we used Carbon Copy Cloner, but g4u, Remote Desktop 3, or just plain old rsync are all pretty good bets depending on what type of imaging you're planning to do. CCC actually has one foot in both of the two camps I just described.
Of course, I even remember the crusty old days of Assimilator.
....fucking Apple Cinema Display
Damn! Is there a video? I tried googling "apple cinema display fucking" and "apple cinema display porn" and nothing.
So, what was it fucking? The DVD drive? or the USB port?
It's NOT me! It's the meds! I'm on 1000mg of Fukitol.
there are softwares that only run well on Mac, and the two macs (four and six years old) at my house don't have hardware problems. businesses don't care about your backlight replacement struggles, they can 3 year applecare protection like God or was it Steve Jobs intended
Rule 35 on "apple cinema display"
Isn't this what the genius bar is for? Ask them. I'm sure they do this all the time.
If you post on slashdot a question on the best way to deploy lots of Macs, all you'll get is trollish comments from pre-pubs.
Really. It's the car equivalent on asking how to adjust the stock Caliber SRT4 wastegates on a Honda Civic SI site.
For real answers, check out System X. The hardware FAQ and history links will provide lots of useful info.
For initial deployment, Deploy Studio: http://www.deploystudio.com/
For authentication and settings management, use OpenDirectory.
For ongoing control and user support, use Remote Desktop (from Apple).
For a more advanced option, try Radmind to keep the Macs in sync: http://rsug.itd.umich.edu/software/radmind/
I don't know anything about their deployment procedure, but here at Virginia Tech the Math Emporium has over 500 macs set up for student access. The courses I've had there have been boring, but the actual setup of the place is pretty neat.
And the masses cried out, "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0!"
Taking it apart yourself is worse than paying somebody else $400/hr to take it apart for you?
Check out the Mac management software from JAMF software. It pretty much covers it all, from package management to image deployment to remote desktop to inventory. Used in many mac-based school districts and Universities.
First we build and test a good image on a machine for a couple of weeks.
Then we either use that image,if it was correct the first time, or build a new one from it if it required touching up.
We use Apple's free Disk Utility which comes free with all macs.
We then get about 10 - 15 firewire drives and copy that image on them. (You have to make sure the drives are bootable, you can actually deploy that same image onto the drive itself.)
Then we line up 10-15 machines and use again the Disk Utility to image them.
Depending on the size of the image, just about the time you have the next 10-15 unboxed and set up (very easy to do since they're all all-in-ones), the first batch is ready.
Works for us, but then again, our schedule is flexible and we can afford a couple of days of leisurely imaging.
Oh, yeah, and if you do have an image you can also work with Apple, they'll preload it on for you.
If you don't know what AltaVista is (was), get off my lawn.
Why would you be spending company time to replace a backlight when you should send it out to the manufacturer for replacement/repair?
DeployStudio appears to be the anointed successor to the venerable and discontinued NetRestore from Mike Bombich. Mike personally recommended DeployStudio. Best thing about it is that it's cross-platform and will also image PXE-capable PCs with Linux or Windows or what have you.
Little girls, like butterflies, need no excuse. -- L. Long
Here is an excellent resource (at least last time I checked and it has been awhile, they used to be called macosxlabs.org). http://www.macenterprise.org/ As far as tools, the built in tools are very good. A third party tool that can be very useful for bootable drive images is Carbon Copy Cloner. When you say large, do you mean hundreds or thousands, or less? It will definitely change things for you. I think that you will be surprised by both the ease of the transition, and the things that should be easy that are not. Really I don't know how we can help you unless you have specific areas where you are interested in learning solutions (and I don't say that to be a jerk, I'll try to answer questions where I can). How many servers? Directory Server? File Sharing? Exchange Server/POP/IMAP? Calendaring? Centralized home directories? Budget per user? Of course there are cool things that cost money and are not really needed, and hard things that are cheap but work well once set up etc. I would help more, but I don't know where to start... take a look at the link above, and ask questions as you get a better idea of he scope
I like you, developed deployment for a mac based network (600 or so macs) back when command line ASR and netrestore were the best options. However, we also upgraded our deployment methods as Apple incorporated some of the technologies we used (cloning and automatic install options) into their server software. Today that particular piece of software is very well polished and does the job extremely well. The last time we did an installation (a few years ago) we used custom netboot images with automatic install options for different types of computers (lab, classroom, etc.) based on mac address. At the time we used a third party unix package manager or OS X called Radmind, but it proved to be more trouble than it was worth. However, Apple Remote desktop's package management and monitoring work very well and lets your do most of the upgrade install tasks you need to. In the end, the only per-machine work was setting up the machine to boot from the network by default.
Also, if you have the bandwidth, you can centralize your OS installs as server based images that are never installed on the thin clients. If you get it to work, it makes upgrades and deployment very easy.
If you want to discuss some of the problems we faced and our solutions, please feel free to contact me.
Science will save us. The question is, will it destroy us first?
Check out Mike Bombich's stuff for some good tips: http://www.bombich.com/mactips/index.html
I also found the Apple support discussions to be useful http://discussions.apple.com/category.jspa?categoryID=96 and also this site http://www.afp548.com/
Good luck!
400 dollars an hour?! What are you using? Lawyers? How does that work?
1) Monitor breaks
2) Sue Apple
3) Free monitor?
For justice, we must go to Don Corleone
I used to run a network with hundreds of apples with radmind. We installed the initial images with NetRestore (multicast for the larger influxes), and upon reboot, the computers would download their radmind certificate from LDAP and install all of the software that it needed.
It takes more up front time to set up and configure radmind, but it works wonderfully for almost anything you want to do.
Deploy Studio is the one being hailed currently as the latest thing. I've found it to be a very useful tool. With a reasonable server and a decent switch, you should have no problems deploying all those Macs. After ASR, CCC, NetRestore Helper - been there done that. Deploy Studio tops them all.
We use DeployStudio, a freeware project http://www.deploystudio.com/ . Support for DS is pretty from the community, or you can buy training, but if you want to go with a vendor product JAMF Casper suite makes a great product, that we did not think was outrageously expensive.
I'd have fired you for wasting the time needed to tear a display apart instead of sending it to the manufacturer to be repaired.
Presumably if its that much more labor to repair, the repair center is going to charge you an arm and a leg for the repair too. (And replacing the hard drive on some Mac's is absurd... the old clamshell ibooks come to mind for example. Most repair centers were charging 150$ in labour, plus the cost of the drive. And if it was an Apple repair center, the drive was stupidly overpriced too... (Apple is the only company that charges you, for example, the full retail price of a $300 GB drive to upgrade a 100GB drive to a 200GB drive... ditto absurdities like that for RAM upgrades.)
And don't get me started on what it costs to connect a new powerbook to your average projecter. What apple charges for a Mini-displayport to DVI adapter is ludicrous.
Apple has a robust remote installation suite with OS X Server, which is darn cheap compared to most other commercial offerings.
10.6 includes a first party version of NetRestore (full system image deployment, similar to Ghost or Flash Archive on Solaris), but most people deploying across a large number of systems should roll their own images with packaged based tools like DeployStudio or InstaDMG:
http://www.deploystudio.com/
http://code.google.com/p/instadmg/
Some other good sites for finding info:
http://www.afp548.com/
http://www.macenterprise.org/
Try asking this on serverfault.com. Lots of advice can be found there.
installing two macs in one place
It's been mentioned a couple of times, but mostly with -1 scores, so it's easy to miss: Radmind. It's a very powerful deployment tool with a totally transparent mechanism so you can tweak it to do *exactly* what you want in terms of mucking with files on the disk. I've seen people complain about it being hard to use, but I thought it was pretty straightforward -- install an app, run the change detector, tweak as desired (if at all), build an app image, deploy.
http://rsug.itd.umich.edu/software/radmind/
Stupid post.
2 would never happen and would cost WAY more than 400 bucks in time alone.
Get Applecare and it's covered for 3 years. Ship it back to Apple while they fix it. That's what we do.
- Zav - Imagine a Beowulf cluster of insensitive clods...
We use deploy studio. It works great for us. Casper is another great tool but due t cut backs we went with the free software:)
Why on earth is this being asked on Slashdot? Head to afp548.com and macenterprise.org (particularly its mailing list). You'll find info on InstaDMG, DeployStudio, even Radmind.
You sound like a real pro. Do you have any actual advice?
E pluribus unum
Actually, the formula is:
1.) Monitor breaks
2.) ???
3.) Profit!
Just hire yourself a bunch of guys in black turtleneck sweaters and the computers will basically install and configure themselves.
If libertarians are so opposed to effective government, why don't they all move to Somalia?
would be to destroy all Macs.
Get a PC.
This is a Big Mac deployment? Sounds like a job for my tummy!
Apple Software Restore, which comes "in the box". We set up a base machine, populate the /System/Library/User Templates/English.lproj/ and then make a disk image to our fileserver using ASR. Then, boot new machines in Target Disk Mode and deploy the image using your workstation.
We could probably come up with something clever using a boot partition, but this works fine for us. If you want to get fine-grained, have a look at Radmind but keep in mind that Adobe apps will thwart your every attempt to manage them at that level.
All of the above are Free/free. We handle patching using Apple Remote Desktop (not free, but well worth the money). You can also configure your machines to authenticate against an Active Directory (like we do); if you're willing to modify your schema, you can even manage your installation from your MMC snap-ins like you can with Windows boxen.
Open Directory
By centralizing information about users and network resources, directory services provide the infrastructure required for managing users, groups, and computers on your network. Directory services can benefit organizations with as few as 10 people and are essential for enterprise networks that have thousands of users. Deploying a directory server helps reduce administrative costs, improve security, and provide users with a more productive computing experience.
Remote Desktop
Apple Remote Desktop is the best way to manage the Mac computers on your network. Distribute software, provide real-time online help to end users, create detailed software and hardware reports, and automate routine management tasks -- all without leaving your desk. Featuring Automator actions, Remote Spotlight search, and a new Dashboard widget*, Apple Remote Desktop 3 makes your job easier than ever.
* You'll notice Open Directory has no Dashboard widget. It's because it isn't uniquely Apple and therefore isn't polished to a blinding shine.
You're likely to get some laptops in addition to desktops. Get yourself a large room, a dozen or more firewire cables, power strips together. Before the machines arrive, use a macbook pro or macbook (a laptop) to develop your base image. Install all software on it that is going to be on most of the machines. Test thoroughly. Be sure all your remote access is tested. (ARD/SSH)
Use netrestore to create the base image. When the computers arrive, copy the base image to a group of laptops, with netrestore app. The number varies depending on how many computers you are going to be imaging, the size of your base image, and how much help you have. 8-12 is typical if only one person is going to be restoring.
First thing you should do with machines out of the box is label them, have labels made up in advance. Then set them all up imaging over firewire, just get an assembly line going. You CAN do netrestore over the network, but it's been my experience it's less reliable. (machines randomly fail to restore, sometimes entire groups fail at an annoying 99% etc) Firewire is usually faster anyway since your fileserver or switch is very unlikely to be able to keep up with imaging a dozen at once. FW800 imaging is an amazing thing.
Once machines are imaged, there should be a folder of scripts sitting on each machine's local admin acct, one for each group of machines. The script will prompt for computer name and run. When run it will rename the computer and delete all the apps that should not be on that particular image. This can also be done by running the script remotely over apple remote desktop. If you don't have ARD, *get it now*. It will save you incredible amounts of time. Using this removal script method adds only a few minutes of time per image but you're doing them in parallel so its negligible, and saves you the major headache of managing a half dozen different base images.
As long as you made the image on a laptop, it should have full hardware support for the camera etc. Different images are required for PPC, but fortunately that's not a headache you have to worry about. (I did, PAIN)
Boot camp adds a level of complexity, requiring you to partition the hard drives before restoring to them, and then using something like Ghost or Acronis. One person can image between 40-80 machines in 8 hrs depending on how things go. Helps to have grunts to do the minor things like unpacking and delivery to stations. Find some carts so you can move machines several at a time. Inform the cleaning staff that you're going to have a mountain of packing material to dispose of. Keep 1 box for every 20 machines in case you need to box them up to send to a repair shop down the road.
If you insist on using netrestore over the network, be sure you have multicast enabled on the switches. It doesn't like crossing subnets but can be made to work.
I work for the Department of Redundancy Department.
you still have to do the firmware updates by hand and with apple some time they are needed for a newer os / update to work.
Everything is based off of Apple Software Restore just like PXE boot on Windows!
NetRestore is kinda included with Snow Leopard server now. You can make your images using the Built-in Disk Utility and Scan them for ASR and then use ASR to deploy the image. Apple has a couple of tools with OS X Server, but since Netrestore isn't being developed anymore I have switched to Deploy Studio, which is free. You also have InstaDMG now, but I don't fully like that solution, its probably nice for some, but I like having a complete image and pushing it out.
Having Apple Remote Desktop I think managing a lab of Macs is a heck of alot easier than Windows!!!
If you have the money to spend there are pay for solutions like http://www.jamfsoftware.com and http://www.enterprisedesktopalliance.com.
If your installation is big enough, you could probably get some good advice from...an Apple technical sales rep.
Is Netboot not an option? BYO Mac Server
http://www.instructables.com/id/Make-Your-Regular-Mac-a-NetBoot-Server!/
Not completely sure but I think you can netboot and have a persistent disk.
John
since when is $29 ludicrous? That's all the adapters cost.
We're in the process of a POC with Macintosh computers right now as well. Our execs noted, "that we should test it as a competitive platform." A week later they were asking why they hadn't received their MacBooks and iPhones yet.
The I'm cooler than you exec mindset aside, the MacBook does have upsides. It's very stable, very powerful... and it looks nice. Our main goal was to integrate it with our Active Directory (multi-forest, multi-trust) infrastructure and get it loaded with all the applications a typical user might want. We used Centrify for the integration and it worked REALLY well for authorization and GPO control. Otherwise, we just loaded them up with Office and a chat client.
In the end this is all ridiculous because Macs are so expensive, but we already have several hundred so this excercise will help better integrate them.
This is a vast gay conspiracy!
Can you do virtualization with thin clients and Apple servers?
No, I will not work for your startup
"Ever replace a backlight in a fucking Apple Cinema Display? That's 3 layers (and a thousand assorted screws and layers of tape)"
Sounds like replacing a backlight in every LCD monitor that has ever existed.
I'm a bit lost on this post!
I work for a two year tech school and we have about 200 Macs and replace them every 4-5 years without many failures. We have alot more failures with our Dell systems and self built systems we use to have the IT Students build. They don't cost that much more, for the time we save with the macs with all the PC troubleshooting paying a little extra is worth it.
Sounds like you didn't understand the Mac platform enough!
Plus with todays Macs you can run Linux, Windows, and OS X on one machine if you choose to do so. We just purchased a bunch of iMacs for our telemarketing people because Dell couldn't match the price of what Apple gave them to us for and I expect we will have alot less failures. They will be running Windows only, but so far things have been running fine!
It was mentioned once up above, but I've gotta recommend DeployStudio. After using a stock NetInstall setup for a few years and getting tired of stuff breaking, I gave it a try -- a hurdle or two at the start, but then holy crap is it ever a million times better. Waaayy more flexibility, no need to create actual NetBoot images based on entire masters (just a tiny boot-only image, then it grabs the rest off a sharepoint), and wwaaaaayyy faster. I was doing six simultaneous 16GB eMac images on a 100mbit network in about 15 minutes, which would have taken like a day and a half with NetInstall.
Oh, the fail.
also with boot camp windows part will need alot of images for differnt hardware.
http://www.dealextreme.com/products.dx/category.312~search.mini%20displayport
Because it should be much cheaper, like a lot of their hardware?
Oops, I can't ruin the Mac "Experience©"
I worked at a school district for some time with a significant Mac deployment. We used Mike Bombich's software extensively, and especially for deployment, his NetBoot utility.
It does take a little bit of configuration on the server-side to start, but it looks like some other posters have already linked to tutorials for setting that up. MB has a utility to create a net-bootable-image that can used to image that machine with your choice of disk images (we had different images for different architectures, and different software packages), or can be automated to pick an image automatically.
His NetBoot software also has the ability to run a shell script to complete configuration settings that may need to be done on a per-machine basis (setting the computer network name for example).
For running updates, and modifying settings after the initial imaging, Apple's remote desktop is actually very useful. Although the feature set is limited, it DOES allow for the execution of shell commands from the Remote Desktop interface, which makes upgrading or changing settings on a large number of machines fairly easy.
Ship it back to Apple while they deny that it's a manufacturing defect, but agree to repair it out of the goodness of their heart.
That's what the rest of the world does.
No you. Look up the damn rule. He can't find any and is asking for it to be made.
Then don't buy it from Apple. Third party adapters are cheaper and work just fine.
The hardware is more reliable than most OEMs unless you got burned by iMac G5s with bad caps, but that wasn't really Apple's fault. A lot of OEMs got hit by those damned caps.
You should have just mailed in the damn Cinema Display. Service providers (at least non-Apple owned providers) can't replace anything on them but the power brick these days. Just mail it in and let the repair depot monkeys figure it out. I would never want to replace an LCD backlight (which isn't exactly a user-accessible part on ANY display) if it could ever be helped.
quite correct, had he found some that would have been Rule 34
And I've seen a lot more PCs dropping like flies than Macs. Granted, some models are worse than others. First-generation Macbooks were pretty bad. Inverters, hard drives, optical drives, top cases, logic boards, ugh. However, let me give you an example. A nearby university employs ONE full-time Mac tech for all the 700-800 Macs on campus. They employ 6 or 7 full time guys to handle the 2100 or so Windows boxes. Do the math.
I work as a Mac tech. Yes, all replacement parts are free under warranty (with a few excpetions) and everything is overnighted if Apple has it in stock. Quite frankly, it sounds like you dealt with a bad batch, because the numbers from many, many sources flat-out contradict your conclusion.
I managed a deployment of roughly 800 Macs across the campus of a large university using Radmind. I've also managed the campus Linux, Solaris and OpenBSD kerberos servers, web servers and file servers with the same software. Radmind's learning curve is a little steeper at first, but it's one of the most flexible deployment options out there once you get the hang of it.
Radmind's not really a competitor with tools like NetRestore. When used correctly, NetRestore is great for total reimaging of deployed hardware: nothing beats a block-copy installation for speed. Where NetRestore falls down is when dealing with deployment entropy. After imaging, the machine is in an unknown state ("post-image"), and the only way to be sure all machines are in the same state is to blow away the entire disk and reimage, usually at a cost of gigabytes of bandwidth per machine.
This is where Radmind excels. It's basically a tripwire with software deployment and roll back, all based on the differences between what should be installed and what's actually on the disk. The core utility, fsdiff, looks at all files and directories designated as managed by the administrator and generates a list of differences. You can capture those changes as a loadset and upload them to the Radmind server for deployment to other machines, or you can undo any changes detected by fsdiff and restore the client to a known good state.
The great thing about this method of management is that there's minimal bandwidth used. If fsdiff detects no changes on the filesystem, there's no reason to download anything: your system is in a known good state. On the other hand, it makes deploying Apple's system and security updates pretty damn easy. Grab the updater from Apple's website, install, and run the Radmind tools to capture the changes. Store the changes on the server, add the new loadset to your machines' profile (command file), and let your clients pull down the changes.
The Radmind community is very helpful. Most questions to the mailing list (hosted on SF.net, Google groups mirror here) are answered very quickly, and people are eager to share details about local setups and scripting solutions. A typical setup for a Radmind-managed Mac OS X client usually involves a few possible methods for initiating updates, most of which involve iHook as the UI:
Since we relied on students to help run our labs, we also deployed a special, unprivileged local user account, whom the students could log in as. This also triggered a Radmind update. And of course you can trigger updates over ssh (which works well in combination with something like pdsh).
We combined Radmind with NetBoot for rapid, consistent deployments. Once the hardware was in place and on the network, we netbooted, used ASR to install a minimum and relatively recent system, and let Radmind bring everything up to date, including per-host license files and location specific software.
Radmind's not perfect. It manages at the file level. If you want something to manage, say, config files on a line-by-line basis, Radmind isn't going to fit the bill (yet). Generally speaking, though, Radmind manages Mac OS X with ease. Once you've got Radmind managing your Macs, you'll find you have a lot of extra time to do interesting things instead of troubleshooting problems brought on by stale deployments.
The Radmind wiki is a decent place to start looking. Good luck.
And I've known people that have owned Macs for 3+ years and never had a problem. I've owned several myself that never had an issue. My first-generation 17" Intel iMac is probably the most reliable computer I've ever owned. Never once went to the shop in two years. My 24" aluminum served me well for over a year without a need for the shop until I replaced it with a Hackintosh. Also, Apple service is usually very, very good. Bring it in, get it repaired under warranty. Very little fuss. I've heard many horror stories about a lot of other OEMs and attempts to get warranty coverage. My sister owned a Dell that broke down within the warranty. They didn't fix it because they claimed that she had cancelled her warranty. I'm not fucking kidding.
Do I know what Steve Jobs dick tastes like?
Well, do ya....punk?
I know you will get modded to hell but you're right. Especially about the reliability. Every single piece of Apple hardware I or anyone I know has owned, has broken at one point or another. Every single one
Every single bit of electronic hardware from any manufacturer will eventually break. What's your point? Industry and consumer surveys of thousands of consumers show Apple hardware to be superior to other brands like Dell, Lenovo and HP in terms of reliability and customer satisfaction. Those are hard numbers, not personal anecdotes.
My personal anecdotes are can be summarized as: Apple is the only computer I've owned or used over the last 30 years that did not experience a hardware failure. The others Dell, Gateway, IBM, Lenovo, HP, Televideo, Corona, IMSAI, Vector Graphics, SOL and some white boxes all had one or more failures. Often they occurred within the first year- power supplies and hard drives mostly. Does that prove anything? Maybe it's because I don't keep a computer more than 5 years. Who knows? Come to think of it no one I know who owns an Apple has experienced one failing - except a bluetooth keyboard. Maybe they're hiding their Apple nightmares from me to spare my feelings.
Very often, people confuse simple with simplistic. The nuance is lost on most. - Clement Mok
Large scale deployment for the Mac seems like a good fit for terminal services. I know this is a foreign word in the Mac community, but it's an option. And I am sure the big whigs who write the checks would love to keep some of that old hardware around. So instead of scraping the current hardware, do it on the cheap with a Mac terminal server with the added benefit of managing only a few servers ie. Aqua Connect Terminal Server.
And there is some reason you would be forced to purchase the adapter from Apple? Buy it from the web and save yourself 6 dollars? Just a thought.
Mac hardware is no more expensive than any PC Manufacturer selling comparable hardware. I'm not talking about wholesalers, but actual PC manufacturer's like Dell, HP, Lenovo, Sony, etc. You won't find any real differences in price other than small variance or sale prices. The only difference being no shovelware pre-installed on your new Mac, and no need for aftermarket firewall or anti-virus.
http://www.monoprice.com/products/subdepartment.asp?c_id=102&cp_id=10246&cs_id=1024603
http://www.monoprice.com/products/subdepartment.asp?c_id=102&cp_id=10246&cs_id=1024604
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
Rule 35: If no porn is found at the moment, it will be made.
Source
As someone still using his 1999 Powermac G4... I agree... No failure of anything. And in 10 years it was off only for the 2 month needed to ship it from europ to japan when I moved.
Sure I upgraded the HD, the old one is now external in a USB box. I put more ram and a proc upgrade card. All the old parts are still working and stored somewhere. I would not even expect this life expectancy from a car.
Then don't buy it from Apple. Third party adapters are cheaper and work just fine.
For the first several months after the launch of the mini-displayport powerbooks the Apple one was the only one available.
Even now, finding a 3rd party adapter in a store is almost impossible. Sure you can get them online fairly reasonably NOW, but that's about it, and it doesn't do you any good if you need one 'today'.
And even at 3rd party prices its an added hidden cost to Macs, not to mention a hassle having to carry around a stupid adaptor everywhere you go because nobody on the planet will ever have one. I mean seriously, when was the last time you needed to do a presentation and there was a mini-displayport cable hanging off the projector or big screen monitor ready to plug into your mac? It just doesn't happen.
I work at an all-Mac school district, with my school having 300 Macs alone. We have 8 laptop carts with 30 MacBooks each, 2 computer labs with roughly 20 iMacs each, 1 laptop or workstation for each staff and faculty, and we're piloting a 1:1 laptop program with about 30 students enrolled in the program. Here is a list of what I use to get the job done:
1 Server with OS X Server (preferably 10.6.)
1 24 port gigabit switch
NetRestore (you don't need this if you have 10.6 Server.)
Apple Remote Desktop Software
It's straight forward, there are lots of very easy to follow guides online. You can pick this up even if you know nothing about Macs at all. Basically you set up your server for NetBoot. Your clients will boot off the server, then block copy an image to their HDD. You can do this via NetRestore Helper which makes a simple-to-use GUI, or, if you have 10.6 Server, all of NetRestore's functionality is now apart of 10.6's NetBoot utility. You can also do it via CLI.
You can use shell scripts to automate tasks. They can be set to run before the computer is imaged (partitioning the HDD, for example) or after it has been imaged (setting the sharing name, joining a domain, setting up printers, or installing additional software.)
Apple Remote Desktop will allow you remotely manage each computer. You can do asset management, updates, software installs, etc. Coupled with ARD Server on the Server itself, you can automate these tasks. Similar to Active Directory.
If your organization has invested in LANDesk and/or Altiris, both will take advantage of an OS X Server and streamline the process. You'll be able to do all the aforementioned via both LANDesk and Altiris; they basically just relay commands to the OS X Server. Both integrate the process pretty well. I don't know about Norton Ghost.
If you're using Multicast IP and have a gigabit switch, you can image batches of 20 computers (or more, depending on the switch) in 30 minute intervals. This varies depending on how big your images are, of course. Target Disk Mode via FireWire is a great way to image 1 off machines or to get data off failing hardware. Prep time for such a set up is about 2 hours (power, ethernet, setup, etc.)
Also, remember that's it's UNIX. You can do everything I just mentioned via command line if you're a keyboard junkie.
Here're some indispensable links to help you get started:
http://www.bombich.com/
http://www.macenterprise.org/
http://www.wazmac.com/
Keep in mind that the hardware is more expensive, but I've found the support to be a lot easier than Windows. Cost savings is in the support of the machines. There are also no client access license fees if bound to OS X Server directly instead of ActiveDirectory.
2007 Shuttle PC, dead after one year (just out of warantee)
Custom PC tower, 5 years, finally fails to make it past post last week.
2006 Mac Mini - still rocking on.
Most of our corporate machines are towers or standard desktops, internals never upgraded since purchase. A fleet of 2009 minis would be fine for these, and iMacs for reception (or senior managers).
Savings: no AV software, easier deployment of apps and policies, dont require MS Active directory or client CALs to manage them - however, not knowing month to month what hardware is going to come available from Apple would suck. Windows apps could be easily delivered using citrix or teminal server for those that need it.
Ever tried to manage 100 notebooks and backup personal data? Howabout encryption software - finally available with bitlocker if you get Vista Pro or premium - but then system folders encrypted too, a pain to manage. I liek just the encrypted home folders - which can also be mounted from an OS X server - and replicated for laptops.
Also how about common accessories like power adapters for 100 laptops and a single OS image that will work for everything?
If you can break the MS monopoly then there are savings to be made up to a certain scale.
However I will admit managing more than 1000 of these puppies could be challenging and I havent seen much that would help except maybe Zenworks from Novell - but then eDirectory is not cheap, but again savings from requiring fewer people to manage everything and fewer servers required.
For a bulk deployment I'd also look at splitting home off from the boot drive, and have a spare boot image with minimum required apps on every Mac, and script an RSync to keep it fresh from a single image.
I wish I had mod points ... I never thought I'd see the day when I had cause to regret not keeping a Slashdot account.
Now very popular for OSX management, Radmind was originally intended for managing large scale Solaris and Linux server farms. Radmind operates in the Unix Way: There's a small collection of CLI programs, each of which does its job well. You can use them in the "usual" way that the authors originally conceived -- there's even a nice shell script that comes with it -- or you can get creative to solve your special problem. (Or your special filesystems management problem, at least.)
Do you care to provide these sources then ? I'm curious
And there is some reason you would be forced to purchase the adapter from Apple?...
Mac hardware is no more expensive than any PC Manufacturer selling comparable hardware.
Hello! Do you see the disconnect. If Mac hardware was "no more expensive" than anyone elses, why would I need to avoid buying the adaptor from Apple? Hint: Because Apple Hardware IS MORE EXPENSIVE. Sure the base hardware is about the same price, but the Apple adapters, keyboards, mice, routers, monitors, warranty... is all a complete rip off.
The only difference being no shovelware pre-installed on your new Mac, and no need for aftermarket firewall or anti-virus.
I've never felt the need for more than firewall built into Windows. And my antivirus is provided for free by my ISP. And its only a matter of time before Macs need some resident anti-malware to protect mac users.
I've also never had to buy an adapter, OEM or 3rd party to attach my windows units into my TV or projectors. But I am the not-so-proud owner of a mini-display-port to DVI adapter, a mini-display-port to VGA adaptor, a mini-dvi to full size dvi adaptor, and a mini-dvi to VGA adaptor.
And my windows machines aren't pre-loaded with shovelware either. The big OEMs like to fill them with shovelware, but you can get them without buy staying away from their budget consumer crap.
All that said, I like Mac hardware, and even own quite a bit of it, but even as a Mac user I find I'm constantly appalled at their pricing. It was cheaper for me to buy my last laptop with 1GB RAM, get it home, pull it out and throw it away, and replace it with 4GB of 3rd party ram than it was to pay for 2GB of RAM from apple. That's right 4GB of [good brand name] 3rd party RAM cost LESS than a 1GB upgrade from apple. (Actually i didn't throw away the 1GB I pulled out, but I might as well have, because I'm not using it.)
I work in a mixed Windows/Linux/Mac environment.
The "hdiutil" command can be used for mounting .dmg files, and "installer" command can be used for installing .pkg files from them.
# hdiutil attach /software/ActivePerl-5.8.8.817-darwin-8.5.0-gcc-257965.dmg
# installer -pkg ActivePerl-5.8.pkg -target /
OSX 10.5 got rid of the NetInfo database (and associated niload/nidump commands) for storing automount information, and now honors an /etc/fstab file, and autofs config files.
DeployStudio. Nuff said. Deployed 120 macs, imaged, in a day. =)
I'm assuming the people asking you to do this don't plan on actually doing any work so it won't matter, take your time.
1. All deployers should don turtle necks
2. Deployers must act smug while promising the world
3. Now lock down everything...and I mean EVERYTHING that you don't explicitly approve or might not approve or might conceivably hamper possible earnings
4. Delay all deployments and roll out machines in a slow trickle
5. Did I mention that you should act smug
6. If problems are reported, deny, deny, deny them and blame it on misuse by the users
7. ????
8. Profit!!!
Think different.
These posts express my own personal views, not those of my employer
Lenovo makes a slightly fatter laptop with a VGA port. If you really hate adapters, that's probably the way to go. Personally, I don't find the size or cost of the adapters to be burdensome. They go in the side pocket of my laptop bag and I forget about them until I need them. As a plus, the DisplayPort can run a big honking monitor that the VGA connector is completely unsuitable for.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
. . . then replace EVERYTHING every 3 years!
It must be fun to have money.
First question: How large is large? 100? 1,000? 10,000? Also: How many admins? How much do they get paid? How well are they trained? Who trains them? You can have some really smart ($$$$) people running good network-based tools (from Apple or others) or you can have some average ($$) people running desktop to desktop with hard drives to do backups, re-images, and restores. The more clients you have, the more it's worth it to have better-trained, more expensive admins doing as much as possible remotely.
Also, if it's an existing network, do the Macs need any Mac-specific servers/services? Or will they just be hooking into existing email, file, and print servers?
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
I run a small network of Macs hanging off an Xserve. I use OpenDirectory to administer the accounts. I have Linux boxes getting their home directories and user authentication information from the Xserve as well. The standard Mac OS X Server tools are actually really easy to use, and you can setup client configurations on a couple of archetype client machines and then easily mirror those configurations on your Mac clients with the System Image Utility. Configuring PAM on the Linux machines to use OpenDirectory is pretty simple (it's just LDAP) and the Xserve can export filesystems as NFS shares as well as AFS (Apple, not Andrew, File System).
My only complaint is that I've found it damn near impossible to get OpenDirectory to play together with the ActiveDirectory that our University uses for the rest of its IT infrastructure. As a result, I have to duplicate a lot of services in OpenDirectory that I would rather forward on to the ActiveDirectory servers.
If you have the funds, I'd recommend getting one of the disk arrays to have on the Xserve with a fiber channel connection. The Xserve is a 1U unit, so you can only fit three harddrives in it.
Once you've got everything installed, I hear Filewave can be useful in deploying packages and keeping config files synced. I've also heard of headaches with the same product, so your mileage will certainly vary.
Indeed.
There may be a couple reasons to run OS X Server, but the only one I can think of off the top of my head is if you need AFP. Apple's AFP implementation is not without problems, but there are a lot fewer of them than with any 3rd party AFP implementation I've looked at.
Otherwise it's pretty miserable, and may God only help you if it doesn't work, which it won't in some non-trivial sense. Then it's back to the command line tools, which may or may not be the utilities and config files you expect, and may or may not do what you expect, and for which documentation may or (more likely) may not exist, so that the settings created by such may or may not be clobbered the first time you forget not to start the GUI tools.
As far as I can tell OS X Server is an optimal solution for almost no one: it's not braindead simple, and if you're smart enough to figure out how to make it work you're probably also smart enough to realize it would be easier to accomplish the same thing with BSD and a lot less heartache. At least aside from running AFP.
You might want to read the Rule he is invoking, which is for when there is NO rule 34 application, like in this case. And how fucking sad is it that I actually knew what the hell rule 35 was before I Googled? Damn I gotta stop spending so much time on the net. My GF is right, I'm becoming a fricking net vampire. I'll take completely useless Internet Trivia for $200 Alex.
ACs don't waste your time replying, your posts are never seen by me.
There is a terminal server for the Mac, Aquaconnect (www.aquaconnect.net) that allows you to put more than 100 users on an XServe and use netstations for $100/each. You ony have to administer accounts on the 1 Mac.
Fight Spammers!
Don't get iMacs (and I mean the current intel based one), The failure rate of our current batches (3 different purchases over 1 and a 1/2 years IIRC) is huge. About 80% of the LCD Panels have been replaced and the HDD are at about 15-20%. Good software but crap hardware, buy lenovo's and get linux.
First check with Apple.
Second check with Daniel Eran Dilger on Roughly drafted.com
3 companies that I have worked at recently as a consultant that have large numbers of Macs are Motorola, Cisco, and Oracle. Their best Architects who i work with love Macs. Also the FBI and CIA use them quite extensively. Universities of course.
Always amusing to see the kiddies who think everyone must use Windows.
Lenovo makes a slightly fatter laptop with a VGA port. If you really hate adapters, that's probably the way to go. Personally, I don't find the size or cost of the adapters to be burdensome.
Most laptops still have a standard VGA port. Although HDMI is becoming common now. And they usually COME WITH a VGA adaptor, so its not an annoying upgrade you have to buy.
As a plus, the DisplayPort can run a big honking monitor that the VGA connector is completely unsuitable for.
So can HDMI, which is much better supported than 'mini-displayport'.
And the real kicker about Apple's mini-display port: I actually HAVE a 'big honking monitor'; its even got a displayport input.
You know what I can't get: a mini-displayport to displayport adaptor. I use a mini-displayport to hdmi adaptor because no one makes a mini-displayport to displayport adaptor.
(Of course, now some helpful /.er will find some obscure website that sells one, but that's beside the point. Apple doesn't make one, and newegg and ncix and apower, and the other major online vendors I frequent don't carry one. I'm sure it probably exists somewhere, but that's beside the point.)
A new PowerBook hmm? It's clear you're well informed on the subject of Apple computers, given that a "new" PowerBook has to be at LEAST 3 years old at this point.
If you are looking for a way to copy/clone drives in an efficient manner, recently I used the application Clonezilla and burned it to disks and set up an imaging server on a local network with 8 machines at a time. Depending on your network capabilities this could work very well. We burned through 130 Macbook Pros in about 2 days and they required very little setup afterwards.
Clonezilla also works for PCs so if you are on a network using both OSs then you are set to go.
Sorry for the crowd flaming off to Linux and Windows.
As for your Q, start with Mac OS X Server.
Then get Lanrev,
Then get Deep Freeze.
There are a couple of decent white papers from Apple on deployment, do a quick search.
Yes, but with Apple Remote Desktop, "by hand" does not mean being physically in front of each machine. You can sit in an office, and go through the motions out on the floor, or in another building, on each system if you have to.
Yeah, VNC is also available, but ARD does seem to work well with Macs, and enough so that it is worth the cost.
For application deployment and management post-imaging, check out Filewave as an alternative to Radmind and Casper that others have mentioned. It works great with large scale deployments (even Adobe products), and can also works with Windows as well. Basically, it gives you the ability to add, modify, and remove any file on the HD over the network on all your machines.
Frankly, I'm ignoring the majority of comments on /. about this because, well, the few that I did see seem to be leaning towards the Apple is Overpriced/Evil/Worthless/NotAsGoodAsSomeOtherOS angle, which doesn't seem to be too helpful.
So, here's a real-world solution that's worked for me so far:
I started by subscribing to the Leopard Server Quick Tour podcast ( http://tinyurl.com/ccwqup ) -- It's only highlights and a bit of detail to get going, but worth watching.
Then I started collecting some of the OSX Server Admin manuals from Apple ( http://tinyurl.com/l336ux but there are others ). The most helpful so far have been Server_Administration_v10.5.pdf and Open_Directory_Admin_v10.5_3rd_Ed.pdf
I wasn't given a budget to go directly to a live Enterprise deployment and take advantage of Apple's fee-based solutions specialists. Instead, it's a learn as I go development first then staged deployment. So, I started with a refurbished Mac Mini ($450) and a 10-user license of OSX 10.5 Leopard Server found on Amazon for $250 -- the upgrade to unlimited users (which we'll need eventually) is only $250 more at the moment.
I'm currently getting my Macs working with the OSX Open Directory server then I'll get Open Directory to talk with Active Directory. Once that's sorted out, it's on to the Apple NetBoot for remote deployments of new machines and users.
Naturally, YMMV.
The guy said Mac deployments, not Win, Lin, other. Macs.
Solution: MacOS X Server. Easy. Manage 100's of Macs, clone, deploy, inventory, update, remote access, etc. Unlimited clients. Supports Win & Lin clients too if you have to integrate. Mail, calendar, authentication, many other services. Lots of 3rd party Mac tools out there too.
I have been watching the FreeIPA project closely because I think that it is a great Open Source setup - it puts everything in one package ala Active Directory. It is still missing a few plugins but V2 will be pretty awesome all the same.
V1 has some Mac OSX support as detailed here - http://freeipa.org/page/ConfiguringMacintoshClients
I am surprised that not many people have heard of FreeIPA in general.
I do this for the federal government, after coming from a university environment where I grew up with the Mac from the bad ol' days of the late 90s through Apple's phoneix-like rise from those ashes into the titan it is now. Truth be told, not much has changed.
For mass deployments, I'm about to look into Casper, but NOTHING I've seen or heard about beats netboot/netrestore -- and mind you, I live and breathe Mac. I use PCs to manage Remedy tickets, and that's it. The ability to create a master image, upload it to a server, restart a machine with the n key pressed and have it image itself was and is nothing short of magical, and it's the deployment solution I'm moving toward for the portion of the Treasury Department network I control (if I die, money will cease to be printed). Unless Casper can top that, netinstall + n is still my deployment solution of choice, and one that the folks where I used to work are still trying to replicate three years later. There's nothing faster or more foolproof.
Prototyping is just as easy. I deal with everything from banknote designers (pull out a bill. Isn't it pretty? My designers drew all that stuff on their Macs) to executive management, and though they use their machines differently, they all have the same baseline needs -- a rock solid configuration that's hardened to IT Security's exacting (if evolving) standards, and Office to handle collaboration. My base image is a hardened installation of Leopard with fully-patched Office. That's standard across all machines. This base image is what I run in regular user mode on my personal production machine so I will know firsthand exactly what the user experiences from day to day. I customize the default user environment on the standard image to suit _my_ tastes and allow the users to tweak and refine that environment as they see fit. I learned years ago that this is the best approach for standardizing a user's desktop because I know how to work around the various quirks of OS X that can become annoying after using it for an extended period of time, and they usually haven't been on Macs long enough to have figured these things out. The more experienced of my newest users typically bristle at this since to a person they always think their approach/way of configuring the Finder/desktop is THE way to have their machines work, but I usually don't hear a peep from them after a week or two of working in my environment. The biggest compliment to me is when I cease to get trouble tickets from my bitchiest users because they find that I've already anticipated and addressed their most obvious complaints in the standard image.
On top of the standard image, I install applications specific to the machine's role. The designers, for instance, get Adobe CS 4 and additional design-focused applications such as Quark and a font manager. My video people get Final Cut Studio. My engravers get the same package as the designers. My method of choice for deploying to these disparate groups lately has been to install the specialized applications on the standard image and create secondary images applicable to specific groups. Banknote design machines, for example, have their own special image and the video production machines have an image all their own. This simplifies things mightily because all I have to know when I want to deploy a new workstation (or repair a broken one) is where it's going. Oh, this is a replacement banknote machine? Put the banknote image on it. Copy the _user folder_ -- and nothing else -- from the old machine, create an account on the new machine, point it at the old user folder, and voila. Completely new hardware, and the user has no idea anything's changed. I've upgraded users from Tiger-running G5s to Leopard-running 8 core Mac Pros, and the only difference they noticed was the machine was "a lot faster." And the Apple menu's a different color. That's the power of Mac OS X.
Security, as I'm sure you well know, is not an issue on the Mac, but given the sensitivity of what my users do, I
Also how about common accessories like power adapters for 100 laptops
Our D400's, D520's, D600's, D610's, D620's, D630's, D800's, and D820's all have the same power adapter, as do the docking stations they all dock in (in fact, ONE docking station model works for all of the laptops).
and a single OS image that will work for everything?
We have two images. One for lab/classroom use, and one for faculty/staff use. Both work on *every* model PC we have. That includes the Lattitudes listed above, and includes Optiplex GX240, GX260, GX270, GX280, GX620, 745, 755, and 760's (in the case of the 760's, that'd include both the SFF and standard mid-tower models), in addition to an HP 2140 (I think that's correct) netbook.
If our ePO server is correct (and it's not, it's under-reporting because not every machine is directly managed by our department, and it doesn't include the servers which are running a different AV solution), that's just under 2300 machines on a single campus.
easier deployment of apps and policies
Being as I'm not exactly well versed on the OSX side of things, you'll have to describe what you mean here. AD and GroupPolicy take care of any policies we want to enforce on our workstations, and SMS takes care of software deployment ("self installs/on demand" installs via "Add/Remove Programs", or automatically forced installs where the client has no choice).
Howabout encryption software
TrueCrypt. OSS/Free. Rather easy to use, from what I've been forced to experience by my employer (who requires *all* employee systems to be fully encrypted with it).
However I will admit managing more than 1000 of these puppies could be challenging
I'm glad to see you admit this. According to our campus "Mac Expert" (who is rather far from that description in my eyes), every machine is hand-installed/configured (as far as software goes), and other than the units that go into a lab, they're all slightly different, and *all* software requires her touch. NONE of it can be installed post-image/deployment for whatever reason, and shockingly, she has emphatically stated that she can't even see the utility in doing so! She refuses to use MS Entourage (being as we have an Exchange server) and insists "Mail" is 'better and easier', but thus far has refused to answer my inquiry as to HOW it's 'better and easier'. This stubborn refusal only results in the Apple folks on campus having reduced functionality.
From what I've experienced watching her work, I really don't understand how she has the time to manage just 100 of them, let alone the few hundred that exist on our campus.
I do agree with you that the CAL crap with MS is stupid. In my opinion, it really only serves the purpose of raking in cash for MS. The uselessness of it is evidenced by the fact that the servers will work with as many clients as you throw at it *without* adding the CAL's. Beyond a cash conduit that leads directly to Redmond, I see absolutely no purpose to them. If MS hosted/operated/OWNED all the servers being connected to, I could understand, but since they *don't* host/operate/own any of our hardware, I don't see how they can get away with that shit.
Bah -- I've rambled on long enough. Ta!
bork bork bork!
So here you go. Far too much conceptual information about a process I suspect almost no one here knows beyond the few that already mentioned it. Enjoy.
So the best I can do is telling you how I do it for about 400 Mac's, and the tools I use. I basically use two OS-X 10.6 servers that host NetBoot images and Radmind, and then Apple Remote Desktop (ARD) on a client to control events occurring on all the clients be they booted locally or NetBooted.
I'll also be up front, if you are not computer savvy, and don't want to be, do not touch Radmind with the idea of using it to deploy anything beyond software to an already existing deployment. Stick with an image based package. If however you are computer savvy, can get around a command line, and need to support an unlimited number of *nix machines, especially in a lab, Radmind is an incredibly strong tool.
I solely use Radmind for both OS deployment and software updates because it's a delta based package and tripwire system which you don't need to rebuild over time unless an administrator makes horrible mistakes without a backup. If I really needed an image, I would have Radmind generate that build for me and then use 10.5/10.6's NetBoot/NetInstall creation tool on the results.
I do not use NetRestore, NetInstall, or any other deployment tools for OS-X. It is a waste of time to constantly rebuild and maintain various images over time vs a delta based deployment system, especially when I'm the only one supporting the image. It may take *slightly* longer to deploy than a sector based image, but the amount of effort placed on the administrator in the long term significantly decreases. Sure, learning Radmind might take a whole lot of time and effort, but the more random and variously configured machines you need to support are, the more attractive it becomes to spend time learning how to use it beyond a software package deployment tool. Heck, the right people behind it could probably support thousands of *nix servers without much of any effort.
You can also reverse the use of Radmind over time to maintain just software packages by making a negative transcript targeting just ".". If you do that, and make sure clients don't see the overall OS level packages, you can update software only without updating the OS at its core.
So radmind has a set of tools that come with it, and I'm only going to mention the most critical of them. One scans a computer for changes. Two other apps takes that scan and either uses it to upload data to a server, or to use the knowledge on the server to 'cause' changes to the client. Another downloads the command lists from the server, and those command lists have knowledge of all the "package" transcripts that actually define almost every file on the computer. Using them all in combination in scripts by someone that knows how to manipulate the results are what can make Radmind powerful.
Up front there are negatives and positives about Radmind:
Negatives:
It can be very complicated.
A lot of the documentation is poor, though it's better today than when I started using it.
Simple mistakes in a transcript can suddenly prevent the client-side app from functioning. Discovering why can sometimes be very difficult. (especially if it's a nested command file level issue that only gives you "Input/Output error" when lapply crashes.)
It only supports network compression, which frankly is worthless. No file-based compression during capture.
Almost any error in a delta file will break process of updating/deploying machines. It really requires you have someone learn it in and out.
The default method of deploying images to massive numbers of machines that may need different builds is unwieldy. There are ways around some of this.
The GUI console in OS-X once you have several hundred transcripts is annoying to use, and creating and using subfolders for transcripts or command files will seriously screw your deployment life up.
It has no GUI on anything except OS
If you need to deploy, maintain, and manage a medium to large number of Macs in an enterprise environment, Casper Suite by JAMF Software is the way to go. Hands down the most comprehensive suite out there for Macs.
Puppet.
http://reductivelabs.com/trac/puppet/
A new PowerBook hmm? It's clear you're well informed on the subject of Apple computers, given that a "new" PowerBook has to be at LEAST 3 years old at this point.
s/ Powerbook, Macbook Pro.
Same difference. Are you going to check my grammar and spelling too?
Somehow I work as a mac tech and I see a lot more PC dropping seems to say the least contradictory.
Surely if you fix macs you would see more faulty macs than PC's? Either that or you dont earn much...
By your own admission it *WAS* a hidden cost to Macs. Now that you *CAN* find them 3rd party, you're whining about the past.
+++OK ATH
I also have a good friend who works as the only tech for a company with 400 Macs.
He also fills in as the Asterisk server deployment guy, and takes care of all phone system "stuff" in his spare time, as well as the "router/networking" guy (he wisely chose Cisco, not because it's necessarily better, for the back room, but because he can get support on things he's not sure of with a simple call to the TAC... and all this time, he's not spent dicking with all the things it takes an entire team of IT people to screw around with at a Windows shop... means he gets all three jobs done quite well.
Granted, he's not cheap. He makes nice coin, but there's only one of him. A fleet of Macs, a couple of XServes... a little Google Calendar for shared calendaring needs... (Yeah, Mac sucks at that out of the box)... and he sleeps at night.
The ROI on human resources costs is impressive. This would scare the bejeezus out of empire-building IT managers, if their companies only knew to measure them against a shop like this... not too many of them around to compare against, I suppose.
+++OK ATH
The Most recent survey of product reliability I saw put mac's in third place. I see many more faulty macs than I do quality pc machines.
anecdotal evidence is not worth the bits it is written on.
I service a school that has 10 - 15 cira 98 imacs still useable; there isn't a pc in the school that is older than 5 years. Admittedly we are in the seaside tropics but that hasn't stopped the macs.
Semi-automatic amateur armchair Australian philosopher; conjecture ready at any moment...
We run around 2000-3000 macs in our organization across 60+ sites, currently switching to Windows 7. For deployment we have a MacOS X server at each major site running file services as well as NetBoot/NetRestore (from bombich.com), this means staff with broken or outdated machines in the field can re-image when required. All machines are imaged here using Netboot, asset tagged and shipped out. We can remote into them later to add accounts etc. They all authenticate back to our Open Directory server, we just set them up as Mobile Accounts without the syncing turned on. :)
Our Open Directory server and mail server (all Apple 10.5 based) are starting to creak a bit now with the 1400+ users, with mail going down several times a week, and the slapd daemon maxing out all CPU cores intermittently when making changes in Workgroup Manager. Could just be something damaged in our Open Directory, but in any case when you get to this size the mac system starts to struggle.
I'd probably set a limit of 500-1000 machines for it to run happily
And neither of these solutions answer the OP's question. Open Directory is user management, not deployment. Remote Desktop can do deployment, but it kind of sucks at that (as someone who used it full time for two years), and the machines already have to be deployed and added to an ARD master server to make it at all useful. The OP wants to use tools like multicast ASR. Multicast ASR just blasts out machine images over a network broadcast, so you don't get any performance degradation by adding more clients. We've done 64 machines at once, over gigabit ethernet, and it took 10-15 minutes per machine for a fairly hefty image (OS X/iLife/Office/etc). The only trick is if a machine misses a portion of the broadcast, in since they are just passively listening, they have to wait for that portion of the broadcast to come around again, but if you tune things right that is rare. You could, as long as you had decent switches, definitely push multicast ASR way beyond 64 machines. Multicast ASR is what Apple themselves use at the factory btw.
Our current favourite - Deploy Studio - http://www.deploystudio.com
Found this when googling for "mini displayport to displayport", took me all of two minutes.
That said, it would make sense for Apple to manufacture their own adapters...
/Mikael
Greylisting is to SMTP as NAT is to IPv4
Oh man!
These days Mac is just a x86 PC in a nice box. Wipe the disk, install Windows and deploy AD. Lather, rinse, repeat.
Sheesh.
"Blah blah blah." - [citation needed]
Thank you you helpful /.er. I predicted you'd come alone.
But do they ship it to Canada, and how much will they nail me for shipping? I never doubted they existed, but I've found it a royal pain to get one.
I've overseen the management of ~600 macs running an SOE for the last 9 years.
We use
AD for authentication
OSX servers for the applicaton of the mac equiverlent of Group policy settings
and Radia to deploy software (now called HP openview something arrather)
We have not been happy with Radia since HP bought it a few years ago, so after a review of products last year we are now moving to Casper (the friendly ghost) from JAMF
see http://www.jamfsoftware.com/ for more info, it works fine
Where I work, every Mac outlasts 2.4 PCs and the end user generally replaces their home PC with a Mac within a year. They couldn't be happier.
Radmind can be good.
InstaDMG from AFP548 is a great way to build SOE images from a collection of packages.
DeployStudio is a great way to get the images on a hard drive.
NetBoot/NetRestore is also a good way to get an image on a drive.
If you really like tinkering, you can tweak the supplied Mac OS X installer, and modify the list of packages it knows about. Using Adobe's enterprise deployment toolkit, for instance, you can package up CS4 with serialisation, and have the installer call these packages after it's installed the bare OS, but this is a lot of work.
I still use tools like the Enterprise Deployment Toolkit, but use the packages it creates in an InstaDMG workflow.
For the server - Mac OS X Server is good as a general solution and (not having tried Snow Leopard server in any kind of heavy-duty deployment) I use Kerio Mail Server as a general groupware solution - it's as close to a drop-in replacement for Exchange as you'll get on the Mac platform, and as well as serving IMAP and CalDAV clients really well, it can also serve Outlook.
Storage and backup is really critical - there's Apple's rebadged Promise RAID units if you want everything to be all Apple, and there are some good third-party alternatives. Backup to tape is pretty important with any kind of serious server deployment - I use LTO libraries wherever possible...
Specialist Mac support for creative pros, Melbourne
I have never experienced repair service as bad as Apple.
I have Applecare, which I think is incredibly expensive, but it's lucky I do because the GPU on my laptop has broken for the second time in 2 years. Being the GPU that's broken it's pretty obvious what is wrong so I figure I'll just take it into the Apple store and drop it off. Oh No! It doesn't work that way. You have to book in with one of their "Genius" technicians to have a look at it. Unfortunately they are all booked out for the next 3 days with people who can't work out how to use their mouse. So that's the first delay to getting anything repaired by them.
So finally my laptop is taken to be fixed and they tell me, "Yes there is a problem, we have to replace the motherboard". Which is fair enough. That was over 3 weeks ago now and I still have no word on when it will be done. They quoted me 30 days to fix it. 30 DAYS!!
That is NOT acceptable. During this time I am unable to do any work at all. The equivalent Dell warranty is cheaper, and their service is light years ahead of Apple. That is something that should be causing Apple massive amounts of shame, and yet in the 12 months between services absolutely nothing has been changed.
The Most recent survey of product reliability I saw put mac's in third place. I see many more faulty macs than I do quality pc machines.
anecdotal evidence is not worth the bits it is written on.
Your second point is the same one I was making. My personal experience is that Macs are very reliable relative to all PCs so his assertion that they were unreliable based solely on his personal perception was a troll. He should have backed it up.
Macs are a great consumer and niche machine. I think the valid knocks against them in the enterprise relate to their manageability in large scale deployments. I was hoping to see whether or not any of that has changed. Even if the tools have improved, I wonder about Apple's willingness to support the kind of slow changing dull uniformity in hardware that the managers of corporate PCs like to see.
As for your first point, please cIte your sources. Some I found are:
Apple # 1 http://www.pcmag.com/article2/0,2817,2352798,00.asp Apple # 2 http://www.rescuecom.com/RESCUECOM269.html Apple # 2 (tied) in reliability and # 1 in satisfaction http://www.consumerreports.org/cro/electronics-computers/computers-internet/computers/laptop-ratings/brand-reliability.htm
Very often, people confuse simple with simplistic. The nuance is lost on most. - Clement Mok
We had anti-virus on all our 100+ Macs as a courtesy to all the Windows users we sent stuff too. Mixing Intel and PPC is obviously a maintenance nightmare nowadays, and mixing different versions of OS X on the same OS X Server causes all sorts of permissions issues.
The parts are. I upgraded my wife's Imac's memory from 2 to 4 gigs; the Mac-store boys would have charged me THREE times the price of what that memory costs ordinarily. Same stuff. Same access times. No milspec or something; same thing. I honestly don't know if they ever wonder why knowledgeable people just buy their stuff and disappear (even though they wouldn't let me leave the store with my box initially, without me leaving them my email address, another gripe of mine).
Religion is what happens when nature strikes and groupthink goes wrong.
but then system folders encrypted too, a pain to manage. I liek just the encrypted home folders
I like that... if it's more work, and has to be carefully managed, then it's somehow... better. I'm struggling to see how simply ticking a checkbox apparently causes you pain. Actually... it's not even that much work! In practice, all deployments will have the Bitlocker step simply run as a script after the image is deployed to the machine. No checkbox ticking, hands off, zero effort after the first one is done.
Not to mention that Windows does have per-folder (even per-file) encryption, it's called EFS. That's also just a checkbox away.
Of course, since you're a competent admin, you should full well know that the reason Bitlocker encrypts the whole disk is to avoid information leakage through channels such as the pagefile, hyberfil, and memory dumps. Right? You also know that file-level encryption often leaks confidential information through file names, such as "HR - Termination notice for the IT admin.doc".
1) likely you will deploy AV software. Macs are NOT immune to mailware and spyware, and there are some viruses out there. No, penetration normally is not a major issue, but anything downloaded and run by a user can quickly infecta a machine. Besides, compliance and security policy likely won;t give you a choice depending on your industry. The real expense in corporate security is in server based AV anyway, workstations are $15-20 cals...
2) you do need a directory server of some kind. also, you do need asset tracking and software inventory.
3) apple has a business division, and can provide consistant hardware to you. Besides, they only change 2-3 times a year, and the software allways works (as long as you don't make major leaps in the OS).
4) Apple's remote management suite is not cheap.
There is no contest in life for which the unprepared have the advantage.
For freebies InstaDMG http://www.afp548.com/article.php?story=20090812091929480 and DeployStudio http://www.deploystudio.com/Home.html with Radmind (if you need it). For pro stuff try Jamf http://www.jamfsoftware.com/. Join the system-imaging list with Apple. The people on there are far less 'flamey' than on the OSX server list and will be able to advise you on the different tools, their experiences etc and really are helpful.
I work for a large greeting card company ... probably the only brand name you could guess in 3 guesses. At one time, we were supposedly the largest Mac deployment under one roof (others may have had more, but not at one single location), not sure if somebody hasn't beaten us out. I think we are about 4,000 machines now.
We also have PCs, and just about 2 of every other platform at least (as if IT management thinks we're Noah's ark and we have to save the dying AS400s or something from some flood), so we also have Active Directory, etc.
We bind Macs to AD, but use our own home-grown package management and inventory system (kind of like an SMS/SCCM for Macs) that uses SSH & FTP. We also use Timbuktu for remote management. It's very do-able. We've been doing it for years, long before Microsoft's tools were even available (the AD integration is recent since 10.4 - tiger).
Managed Preferences. These can be immensely powerful within a Macintosh OS X deployment to set up system preferences according to groupings set up in Open Directory. Making sure everyone has the same and/or appropriate preferences can make life much simpler. This is particularly handy with Network Home Directories to automatically create directories on the local disk and set up links to these local directories in the Network Home Directory.
I would suggest not running Network Home Directories in an enterprise deployment unless you can be sure that your network is bulletproof (multiple links between server and distribution switch), your servers are beefy and able to handle the number of users on Network Home Directories, and that people log off so that you can reboot servers for system updates. I have not run them with 10.6 servers and clients, but somewhere in the midst of the 10.5 series, there needed to be some major intervention to get things running with some usability.
I also can't say enough good things about Apple Remote Desktop. It is a fantastic Swiss army knife of a tool to monitor, update, maintain, and inventory machines in your deployment.
I just imaged/deployed ~4000 MacBooks using DeployStudio (free). Image was created using JamF's Composer (~$90) to create individual software packages, which were layered onto an OS X base, to create an image. I built a bench that holds 108 machines, with power (four circuits) and 1GB network on it's own subnet. There are two xserves, one hosting data, the other running DS. Apple Remote Desktop (ARD) is used to set the machines to netboot (we've passworded firmware), and I built a custom file to import all the relevant settings (groups, names, etc.) into DS (this was the tricky part). The only other 'secret' to remember - the image is multicast, but netboot is not. Boot twelve machines at a time, wait for the DS screen to come up on all of them, then boot the next dozen. Set a ten minute delay on imaging, and you'll have all ~100 booted when ASR starts. I was running ~2hr from putting the first machine on the table, to putting the last one away, imaging ~400 machines a day. I'm still figuring out how to handle ongoing issues, but one-off re-imaging at our schools is happening from firewire drives using NetRestore. Don't know if this answers the OPs questions, as this is a single location, with all machines moving to me, not spread out on the WAN, and all my machines are MacBooks, but this worked here. I hope to get this whole experience documented soon, but it's time I haven't had yet - riding herd on ~4000 MacBooks is, ahem, time consuming ;-)
You'll need to have a Mac OS X Server with Open Directory (LDAP + Kerberos) to either replace or augment whatever directory system you currently have. Apple Remote Desktop is a great timesaver, get to know it, it's very powerful. Workgroup Manager and this guide http://www.connect.spps.org/sites/38f534c3-3e8e-4fef-97e3-37342aa65865/uploads/tandtleo.pdf will save you a lot of time trying to set up desktop environments for your users. You can literally have all settings hands-off pre-configured for all your Mac's.
For deployment, you can use DeployStudio, it's great, it's free, it will deploy Windows (PC) machines and Mac's with all types of operating systems, it has workflows and scripts.
For image creation/updates you can use InstaDMG, again another great, free tool for deploying Mac's. With Mac's (unlike Windows) you only have to keep 1 image and you can deploy it on any machine.
There are other paid and free tools but with the above you can at least get started.
Custom electronics and digital signage for your business: www.evcircuits.com
elfprince13 might not, but since you ask, I'll be happy to oblige. :)
"Its" means "belonging to it;" "It's" means "it is."
Macs, not Mac's.
(Wow! You managed to get apostrophes wrong both ways. As Dave Barry once wrote, an apostrophe doesn't mean, "Look out! Here comes an 's'!")
Projector, not -er. However, you get it right in a later post. You spell adapter both ways, too (in the same post, no less); either is allowed, but most people pick one and stick with it.
I'm sure I could find more if I felt like it.
You save only 59 seconds over 8 miles by going 75 instead of 65. Do you really have to pass that guy? Do the Math!
I manage 100 Macs here, some of which are deployed 300+ miles away. We use FileWave to deploy applications to them, and maintain file integrity of those applications. In the latest release of FileWave, you can also deploy Mac OS X to workstations, as long as they have the FileWave client running.
We'll be upgrading all of our Macs simultaneously to 10.6 using this, while not losing any data from the home folders, because you can exclude folders you don't want it to stomp while imaging the machine. Also, since your apps and your OS are coming from the same place, rebuilds are done in a matter of minutes, since it can just checksum the files that it puts there instead of recopying every file - it just copies what needs to be changed, and deletes what isn't supposed to be there.
www.filewave.com. It's not a free software, but it's worth every penny.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
I use DeployStudio for my mac rollouts. I had one of the Apple engineers
from Apple Canada visit my site and he showed it to me. It was exactly
what we were looking for. It runs over NFS on one of my Xserve servers.
It is fantastic.
http://www.deploystudio.com/Home.html
It works very well and can image the new machines very quickly, even
in times where only a 100mb connection is available.
I highly recommend it to you.
Cheers,
We use it here to image over 200 Macs. Netboot a deploy studio image -> put image on destination drive -> reboot -> done.
It's easy to install, easy to use, and reliable.
-ted
I'm a small-time Mac admin with about 60 machines under my care. Apple Remote Desktop is a requirement. You NEED to have it. Another bit of advice is not to use Mac OS X Server for anything but Netbooting install and utilities images. It sucks at literally everything else. One of my big regrets is advocating an all-Mac approach at my place of employment. It worked out great for the employees, but the next time I'm going Linux and/or Windows for servers. For Backup, Retrospect, Time Machine, and Carbon Copy Cloner have all served me well in different ways. It's also handy to have copies of Data Rescue and Disk Warrior around for those unhappy hard drives. Oh, and for VPN, forget Apple's VPN daemon (which doesn't even work with Bonjour), go for ShareTool, it's amazing, and even non-technical people can be trained to use it effectively.
A little rudeness and disrespect can elevate a meaningless interaction to a battle of wills
Though it isn't perfect we use DeployStudio across 1000+ machines at our school and it works great. We use it to automatically name computers and bind them to our Open Directory Domain.
It has also worked well for about 150 dual boot machines. If you set up a configure a machine with Boot Camp and install Windows, DeployStudio can create a Windows image from that Mac. DeployStudio can then lay down both a Mac and Windows image. We do have to finish configuring the Windows install manually but it greatly speeds up the dual boot restores for us.
The deployment of Macs in enterprise and large business has been interesting. Seven years ago, there were a few Macs in IT at most places I worked. Four years ago, Macs outnumbered PCs at many IT and engineering shops, especially in the security field where I was working at the time. Today, I'm doing some contract work for a huge organization, where one department has over 2,000 desktops and there are hundreds of departments. They didn't even ask before hiring me if I had access to a Mac and they rely upon several Mac only programs for day to day business. Everyone I've worked in IT (with exception of one new manager) has a Mac laptop as their primary machine.
I know a lot of the transition has been in specific fields and my experiences do not represent the market as a whole, but the transition has been quite drastic. It gives me some hope for a truly competitive desktop OS market and for related markets. Some day maybe we'll get past MS and technology can rapidly advance again.
By your own admission it *WAS* a hidden cost to Macs. Now that you *CAN* find them 3rd party, you're whining about the past.
Its still a hidden cost, its just less now.
Plus the whole selling argument Apple makes for getting a Mac is to avoid stupid technical hassles. This is a stupid technical hassle that wastes tons of time -- that's a cost too. I can't count how often Mac users have to go scurrying about because they forgot the adapter in their car or office or at home. Nor can I count how often I've huddled around some dimwits 13" or 15" screen to watch a presentation in a conference room with a projector sitting right next to it.
LOL, as if nothing on a PC has ever "wasted your time"?
ROFLMAO... you're funny.
There's nothing "hidden" about it. The plug is on the side of the machine. Want to plug into it, get the right cable.
Not flippin' hard.
Now... for your real root-cause problem... hiring non-dimwits might be something your company is poor at, but I can't help you there.
+++OK ATH
This comes from the same store but is mini displayport on one end and displayport on the other. http://estore.circuitassembly.com/products/Mini-Displayport-to-Displayport-Adapter-Cable.html
On the right side of the screen it lets you choose between US dollar, Canadian Dollar, Australian Dollar, British Pound, and Euro.
Using their shipping calculator I see a shipping cost of $11.77 Canadian. I would not call the process a royal pain, but the hardest part was finding Canada in the long list of countries they ship to.
If you do not like there shipping prices just order more from them, since they are using priority mail flat rate for three of the options you can ship up to 70 pounds for the same price as long as it fits without modifying the box or envelope.
Point your "Mac Expert" to this /. article. She might learn a thing or twho.
1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.
LOL, as if nothing on a PC has ever "wasted your time"?
I never claimed or implied that.
There's nothing "hidden" about it.
Its hidden in that its not part of the advertised price and its not included with the laptop.
The plug is on the side of the machine. Want to plug into it, get the right cable.
And if you have nearly any windows laptop, the 'right cable' is probably already hanging off the projector or monitor.
Now... for your real root-cause problem... hiring non-dimwits might be something your company is poor at, but I can't help you there.
Right, lets shift the blame from apple not using a standard connector to the users for not carrying an adapter everywhere they go. That makes lots of sense. Millions of users all over have to buy and carry around little expensive easy to forget/lose adaptors to satisfy Steve Job's vanity. Hell I don't even object to them using mini-displayport to give you an option to drive big displays. But there is simply no reason the laptop couldn't have ALSO had a VGA port in addition to the mini displayport, and saved legions of people carrying around these stupid little dongles everywhere they go. (And the VGA port would have gotten FAR more use than the mini-displayport.)
How far would you defend this? If Apple used a nonstandard combo usb/firewire port connector and required everyone to buy and carry around a bunch of adapters would you defend that too? And blame the users every time they wanted to plug in a mouse or scanner or printer but didn't have their bag of USB-AppleFirewire/USB and Firewire-AppleFirewire/USB adapters on hand?
Sorry, I'm only going to fault people a little for forgetting something that should have been built into the device in the first place. The real blame lies with the manufacturer.
Awe... awe... AWE!
Your mac expert is certainly not one, and I am sorry for you. When I was managing hundreds of macs, I used radmind, and I could have easily scaled it to tens of thousands. (given appropriate funding)
'She refuses to use MS Entourage' She is actually correct there, but only because Entourage has this nasty habit on OSX of trashing its own database. *shakes fist*. We pushed people to mail because we did not have an exchange server, and we were sick of supporting it.
Radmind is definitely its own thing, and it would scare most people, as it asks a lot of the user. For small (up to 100-200 maybe) computers, apple remote desktop and a task server would work fairly well. It is a lot closer to SMS, and it is all graphical.
Apple's group policy like thing in open directory is rather good, but it doesn't do all the things that group policy does. It also does a lot of stuff that group policy cannot, so I really don't know if one could be called better.
The name "Apple Cinema Display" kinda demonstrates that all Macs are good for is watching and making movies.
my team recently had to install an Xserve. I'm glad it was the only one, the rack-mount kit was out of the dark ages, it was pretty primitive. We'd naively expected Apple to have looked at other manufacturers and learned something. Ok, with practise it would have been quicker, but it took far longer than it should have done.
In contrast, we have older Dell 2950 servers and the newer R710 model, the former were quite easy to rackmount - simply snap the rails in - but the latter are even easier. Two of us racked up 36 fully-loaded servers including unboxing in a few hours, it'd have taken far far longer had we been using Xserves. Actually, no it wouldn't, we'd have simply used shelves or something.
Also, we can slide the Dells out on their rails, with the cable management arm ensuring the server remains powered-up and connected, unlike the Apple machine.
I don't know if this has been suggested already, but here goes nothing: Setup a BSD shell script for installing the software. That's what I did a few months ago for about 50 or so in a business. In the shell script, I embedded an executable to download a common package from a Linux SFTP server. Once the software install was completed, I only had to click "OK" to exit the install of MS Mac Office 2008. (Aren't corporate licenses great?!) Just a thought... --Taobeastie
You all must be retarded.Why would I take advice from someone who cant read a parent post past Apple. The Parent has a legitimate question and all you tards can do is flame? Get a life.
PC video card makers started switching to DVI... not on laptops, but on desktops I don't "blame" them for doing it. I just bought the correct cable for my monitor. Whooop-deee-doo.
The machines are sold clearly stating what connectors are on them. It's not like it's a big secret. Reading the specs a smart person goes, "Hmm... I think I'll need an adapter for that" and orders one, IF... they're going to hook to monitors that don't follow that standard. (Apple monitors do, of course.)
I have little remorse for your story that requires the world's smallest violin.
Been working in the industry for over 20 years now... and have a bag full of cables, adapters, and crap collected over that time.
You asked "how far I would defend it"? Probably to the end of time. At one time even USB was "non-standard" too, and finding a USB to DB9 serial adapter was a $40 proposition, but ... guess what... when my company handed me a laptop with no DB-9's on it, I requisitioned an adapter for working on routers, switches, Sun boxes, whatever...
Having the right tools for the job is part of doing the job. That's not "shifting blame" that's a fact.
Need to do a presentation from a Mac, your staff or whoever your story is about (probably made up) are so dumb they don't know what connector they have on their own machines? Give me a break. No professional tasked with giving a presentation shows up with a laptop and a dumb stare when asked how they're going to plug into the projector.
If they're that dense, well.. . I probably don't want to be sitting through their presentation anyway. It probably lacks any real content.
You just want to argue on Slashdot that Apple is "evil" because someone tasked with doing a job (a presentation) didn't know anything about their own hardware, nor how to hook it to a projector?
That's a pretty irrational and lame argument, considering connector and cabling standards have continually changed... oh let's see, for my entire adult life working on computers.
Drop the Apple chip from your shoulder. These oh-so-difficult cabling changes are piss-ant compared to the more important things.
If an Apple machine isn't right for you, fine. So be it. But when you start to rationalize it in public because of a $20 connector/cable... that's pretty funny, man.
I got some Centronics Parallel cables here if you need 'em. A number of different connector types too, both the large and the DB-25 based ones. Oh, and a few serial mice, if you have any machines that still use those.
Get over it. Cables is cables. Yawn.
+++OK ATH
http://www.reghardware.co.uk/2009/08/19/asus_tops_reliability_test/
It works, each day every day
I've been doing Dual boot deployments with it since Jan
I've got full (easy to write) scripts on each side (OSX and XP) that name the machines, add them to AD (in the right OU even) and install sophos and some other network software
at any time, any machine on my campus is 5 minutes from having a full image deployed on it
Its allowed me to empower the teachers to fix 90% of issues with lab computers for me
(Hold N key while hitting power button)
I've had good luck dealing with 600 Macs using JAMF Casper.
when my company handed me a laptop with no DB-9's on it, I requisitioned an adapter for working on routers, switches, Sun boxes, whatever...
There is a big difference between being handed a laptop that doesn't have a connector that's being phased out (DB9) in favor of connectors that were already in HEAVY use as its replacement (USB) and what Apple has done.
Get over it. Cables is cables. Yawn.
Needing to obtain and use an adapter on a portable device in EVERY possible use case for a connector is a design flaw. That USB port you got a DB9 adapter for was genuinely useful as a USB port, there were actually plenty of USB devices out there you might want to use. A mini-displayport is useless. There is virtually nothing that plugs into it without an adaptor.
And I'm ever so sorry this 'bores' you. And I'm happy that you are willing to wander around with a bag of assorted adapters everywhere you go. But I'm not, and I shouldn't have to. The device should come with useful ports. If I need an adaptor to hook up to something unusual or legacy, that's fine, but when I need an adaptor to hook up to ANYTHING at all that is retarded.
I would suggest looking into Jamf software company and their "Casper Suite." (http://www.jamfsoftware.com/) At my internship that's what we used to deploy about 600+ MacBooks last summer. It all went very smoothly. It's also very handy for having to perform remote updates/fixes of sorts to a specific group of computers and also handy for much else.
NetRestore for base install and FileWave for custom speced deployment. They together is magic!
there are some viruses out there.
Ummmâ¦what viruses?
BTW...I agree with your assertion just before that statement. Mac are not immune to malware or spyware. But getting it onto the system is the challenge and has not yet been done with any large success. However, what virus, in the wild, are you talking about?
You should read your own source a bit better. While not number 1 in this study (first I've seen in a long time that Apple did not come in number1...btw), they came in number 2. Not the third place you state in our original post.
Here is the first paragraph and sentence for the link you provided:
"Asus laptops were the most reliable notebook computers during Q2, US repair specialist has claimed. Apple came second, Lenovo third."
You wrote;
show Apple hardware to be superior to other brands like Dell, Lenovo and HP in terms of reliability and customer satisfaction. Those are hard numbers, not personal anecdotes.
And I provided details showing that was not necessarily so.
Seond or third, meh, they still are not first as you claimed.
First, neither I, nor the poster that originally responded to you made the claim that Apple was number one. What he did was correctly state that there are numerous studies that show Apple to be number one in reliability and customer support by numerous organizations. And, he even posted some of the links.
You posted one link with a specific study to just laptops from an organization I've never heard of (but it might be a great one) that showed Apple at number two, not the number three you claimed. So your attention to accurate facts and your lack of concern for accuracy (and the follow-up comment seems to support) diminish your comments value. Since you don't care about accuracy your accuracy and thus your comments are dubious.
But I thank you for the one link that showed Apple not being number one, one time, in a limited study. It does support your claim that Apple is not necessarily number one.
Keep trying to change it. The media event by all the manufacturers for the mini-DVI port was today... lots of KVM's, etc... all about to hit the market. Cables/connectors they keep a-changin'. Keep whining about it. It'll surely save you.
+++OK ATH
The media event by all the manufacturers for the mini-DVI port was today.
Oh hurray!! I'll finally be able to attach a last generation mac to something without an adapter.
Cables/connectors they keep a-changin'.
They surely do, but I've said it before and I'll say it again, a laptop should work with the majority of the stuff that's out there today without adapters. If they want to put bleeding edge ports on it too, that's fine, but not at the expense of just working with everything people already have. It doesn't take a genius to see that's a stupid move.
Keep whining about it. It'll surely save you.
Keep lugging your bag of spare parts and dongles around. Nothing says 'it just works' like a bag of accessories.
And I really love that the macbook air fits in an envelope... wow... and you can put that envelope will fit nicely in this briefcase that contains all the accessories you'll need to actually attach anything to it... I exaggerate of course, but the point stands.
Though now commonly included with Malware, Trojans and worms used ot be considered viruses. There's a lot of malware out there as well that although its not selfreplicating, still performs virus-like activity. Since the internet itself is not the replication platform, I do not considder a virus to now also require it's own selfreplication systems, so long as it SPREADS.
You are correct however, As of Sept 2, 2009, there is still not a single, ITW, confirmed executable, self replicating VIRUS (by the official definition) for the OS X platform. Not one! (Ever!)
That does NOT mean there are not thousands of Macs infected with bots and trojans causing havock, stealing identities, and more. There IS a Mac based botnet cloud, and there are ample numbers of identity theives targeting mac users.
There are approx 200 known infections for the OS X platform, very few are in the wild, and all require the user to download and exectute something, be directed to a maliciosly created website, or provide keychain passords. Somre require disabling default-on securtity settings (or enabling of the root account).
You can go on quite easily without AV software at all on a Mac, as an individual user who is careful about where and how they surf, and if you stay away from all illegal downloads, and never open attachments in e-mail that were not created by the person sending it.
In a corporate network, I can NOT trust my users to not BRING an infection into my systems, as i can not completely prevent them from downloading, surfing, and using portable media without reducing their ability to work (many users this can be done for, but not ALL of them). Though you're 100 times safer using a Mac in a network than a PC for $20-40 a workstation, and virtually no slowdown (as opposed to resource hodding PC antivirus), considdering the 3-4 year TCO of the machine likely exceeding $5K, an AV client is a very tiny cost for the added assurance.
There are a number of holes in OS X, and far more in 3rd party code added to it, including Java, Flash, and more. It's not impossible to crack. With a user base of tens of millions, and knowing as a hacker less than 5% use any kind of protection, Macs may very soon become a very real target. I'd prefer to be ready.
There is no contest in life for which the unprepared have the advantage.
No, the point doesn't really stand.
My IBM laptop requires a USB to serial to get my work done, and batteries on any laptop don't last long enough for a serious day's work, so you carry a power supply everywhere.
You're now reaching -- going to the MacBook Air which is something that's known to be a specialized machine, not meant to be a primary laptop (if you ask me -- I sure as hell don't own one). Only executive prima-donnas use the Air, or any other underpowered "extra" laptop... it's an overblown Netbook. When did we start talking about the Air?
Everyone who travels for business carries adapters and cables galore with their "normal" laptop. In the Apple line, that'd be the MacBook and MacBook Pro, not the Air.
You're still just on your anti-Apple head-trip that makes no sense when viewed from the viewpoint that all laptops require additional "stuff" in your bag.
A single 2" long cable/adapter to hook to a projector, is diddly compared to the power supply, the USB to serial (if you're a tech and doing any serious work on infrastructure), etc.
Keep trying. I've seen this "it must be bad because it's Apple" BS before. It's not rational, and never will be.
The rest of the world is pragmatic and realizes that you bring the tools you need for the job, and one odd-ball connector today, will be tomorrow's "standard". Who cares?
You carry an additional 2-3 lbs of stuff (including power supply) to run any laptop to do anything. Whoooop-dee-doo.
Go to a 17" MacBook Pro or a very large PC-style laptop with a giant heavy battery, you MIGHT get away from the power supply requirement... for ONE day. Anything past day one, you're screwed.
So having a bag with a power supply, and a 2" long adapter for a Mac... you're talkin' what, 5 oz. of weight and virtually no space? Most people carry an Ethernet cable, maybe a modem cable (if they're staying places that are without broadband), maybe a MiFi or a wireless data card/USB dongle all of which are for mobile connectivity, and maybe even other stuff. The only people who don't, aren't traveling. They're college kids walking to class.
You're very convinced you're right, but you're not. There never was any real substance to your argument. A single additional adapter to use a new port type is no big deal. Never was.
+++OK ATH
You're very convinced you're right, but you're not. There never was any real substance to your argument. A single additional adapter to use a new port type is no big deal. Never was.
The difference between a USB port to serial adapter and a mini-display-port-to-whatever adapter is that you don't actually need an adaptor for the usb port to be useful. You might need one for what you do, and that's fine, but most people don't need an adaptor to use that port most of the time.
The same simply doesn't apply to mini-displayport. Everyone needs an adatper all the time.
That is just stupid. You can defend it all you like, but its still stupid.
Bwahah... yes it IS stupid! You're finally catching on!
You use one adapter as a crutch to hate Apple products. ROFLMAO!
Everyone needs adapters because the industry hasn't gotten mini-displayport on projectors yet... they will. Then you'll need an adapter for a machine that has VGA... time marches on.
You can't POSSIBLY make the argument that a DB connector for VGA was ever a TECHNICALLY better connector for laptops either... all those pins unprotected in the male half, etc.
Apple decided to ENGINEER their product instead of conform to mediocre connectors. Moving forward. The fact that the rest of the industry hasn't caught up to yet, isn't their problem. They will.
+++OK ATH
You're finally catching on!
Too bad you aren't.
You use one adapter as a crutch to hate Apple products. ROFLMAO!
I don't hate apple products. I have and use apple products. There are things I don't like about them, but that's true of all products. Any particular this escapes you? Or are you just an idiot apple fanboi who can't accept any criticism of their company? Someone who thinks that the only way anyone could have even the slightest criticism for their products must be a raving irrational lunatic fanboi... i.e. someone just like you.
You can't POSSIBLY make the argument that a DB connector for VGA was ever a TECHNICALLY better connector for laptops either... all those pins unprotected in the male half, etc.
The "technically better connector"? What is the point of a technically better connector if you need the inferior one to actually connect to anything. You think having an adapter with that inferior connector in a bag or hanging out the side of your laptop on a dongle is some how the technically superior solution?
The fact that the rest of the industry hasn't caught up to yet, isn't their problem. They will.
Fine. And when they do, THEN put a mini-display port adaptor on the laptops. Putting the bleeding edge connector on the laptop (which by definition is expected to be dragged around and attached to various things on arrival) before there is anything to connect it to is putting the cart before the horse. Let the mini display ports show up on the monitors and projectors first, and include an adapter to vga with THEM.
That way laptop owners don't have to carry a bag of adapters around with them.
Of course, I don't expect this very simple logic to penetrate.
Oh, whippin' out the fanboi... I'm so impressed. There's the usual non-rational argument! Wheee.
Hahaha... I criticize them all the time. Your argument, in case you've forgotten, was that no one should buy Apple laptops. Now you say you own them. WTF? You enjoying your circular conversation with yourself?
As far as the connector goes, someone has to "go first". Projectors aren't EVER going to "lead the way" on a change... haha... you're funny.
And Apple released monitors THE DAY THEY RELEASED THE LAPTOPS... so monitors aren't the problem...
Sheesh. Simple logic, is right. Simple-mindedly stuck on "OMG! This laptop needs an adapter! The sky is falling! The sky is falling!"
You're entertaining. Should we keep this up until say, Christmas or so, when some OTHER new connector comes out for people to whine about? LOL!
+++OK ATH
Your argument, in case you've forgotten, was that no one should buy Apple laptops.
Nope. I was criticizing Apple pricing on upgrades as outrageous, including and especially these adapters. I still like the Apple product overall, its quality, etc. I like OSX. I think the Magsafe power adapter thing is a good idea. etc. But I dislike Apple's upgrade pricing, as well as all the adapters it requires, and their pricing of those adapters. If you took that to mean I was arguing nobody should ever buy an apple laptop ... well... at this point I'm not surprised, you haven't comprehended anything else either.
And Apple released monitors THE DAY THEY RELEASED THE LAPTOPS... so monitors aren't the problem...
They aren't a problem anymore? Do you know anyone that has one? How about compared to the number of monitors, projectors, and hdtvs that people are using that do not have one? The fact that a SINGLE product from a SINGLE manufacturer exists doesn't make the problem just "go away". It doesn't "go away" until odds are good that the device in front of me that I'll need to connect to supports the connector.
And furthermore, according to the apple site, those monitors don't actually come with the mini-displayport cable you'd actually need to attach them to your laptop. So even if you bought a new apple laptop AND a new apple monitor you'd STILL have to buy a mini-displayport cable separately to actually use it.
I can forgive a throw-away consumer printer for not coming with a $5 usb cable; you can you use the one from your previous throwaway printer... but even that annoys me. But for a supposedly premium monitor not coming with a cable that nobody already has, that is required to use the monitor? Care to explain how that is anything but a ploy to squeeze few more dollars onto the sale with an overpriced cable and/or adapter.
If Apple wants to go with bleeding edge connectors, that's fine. They should have included the common connector as well so that most people could use the device without an adaptor. And at the very least the adapter should be included with the laptop.
You're entertaining. Should we keep this up until say, Christmas or so, when some OTHER new connector comes out for people to whine about? LOL!
I hear USB3 ports are backwards compatible, and that USB3 devices can be plugged into USB2 ports (running at usb2 speeds of course). My hats off to real ENGINEERS. At least somebody gets it.
So you're convinced that hanging on to connectors created 10 or more years ago on laptops is a good engineering design call?
Here's some light reading on the topic for ya.
http://www.roughlydrafted.com/2008/10/21/apple-and-the-mini-displayport/
Written in October of 2008, even. Not Apple's fault if other manufacturers can't be "bothered" to move beyond the original VGA connector based on a DB-15.
The only thing PC engineers "get" is that people like you want an almost two-decades old connector instead of innovation that might cost $10 in cables? Is that the point?
Oh yeah, that article ends with three or four advertisements for places that sell cables... cheaper than Apple's.
Back to yawning. Keep trying.
+++OK ATH
So you're convinced that hanging on to connectors created 10 or more years ago on laptops is a good engineering design call?
They are a good design call until more people than not don't NEED it.
Here's some light reading on the topic for ya.
I have nothing against displayport. I have nothing against the progress it represents. You seem to think I somehow dislike displayport or progress in general. That couldn't be further from the truth. All 3 monitors on my desk are hooked up via DVI. And my newest one supports both displayport and hdmi as well, so it should be forward compatible with my next video card too.
But it ALSO has a VGA port, which has proven useful on many occasions. And its good to have that legacy option, because despite the fact that its 'obsolete' its still MASSIVELY IN USE. And that's on a stationery device that never goes anywhere, where having an adapter or two isn't actually inconvenient, nor apt to be left behind or misplaced. Virtually all monitors and projectors you encounter right now take VGA and will have a VGA cable hanging off them ready to plug into your laptop... so yes that is the most sensible port to put on the laptop.
If they want to add displayport too, that's awesome.
Oh yeah, that article ends with three or four advertisements for places that sell cables... cheaper than Apple's.
Glad to see you are coming around to my original argument then. That Apple grossly overcharges for them.
Anyone can suggest a near identical "Offline Files" feature found since Windows XP in Mac?
Thanks
Get my e-mail after a captcha test in: http://tinymailt