This week I finish up with my T3's for Apple with Advanced Server Administration. This class is focused primarily on running the ADDIE process (Analyze, Design, Develop, Implement, and Evaluate) throughout the IT infrastructure of a company, and build it up using both the GUI and Command Line tools. Because it is assumed that you have been learning the GUI tools up to this point (this is the capstone course), it primarily focuses on the command line tools available to the Mac.
I'm not sure when we will offer the class at the U, as much depends on other training offerings and any additional infrastructure we would need, but I already have a lot of people interested in this class. Most of them are Linux administrators who are going to be supporting the Apple platform, and want to do so with SSH (just as they would with Linux). I already have a list of people who would love to take that class.
Anyway, it all hinges on whether or not I'm judged "good enough" to train. Partly judged by my peers, partly judged by the Master Trainer, my fate rests in their hands. At this point, however, I'm less concerned. I'm rather more concerned with how my family is doing back home. I'm literally counting the days until I fly out. But I will miss the Chicago area.
Anyway, more details on the classes I attended during this trip sometime next week. I'll give a teaser for the classes, and give you my opinion of the materials and flow of the class.
Showing posts with label Leopard. Show all posts
Showing posts with label Leopard. Show all posts
Monday, July 14, 2008
Tuesday, July 01, 2008
Mac OS X Deployment 10.5 T3: Review
As promised, here is my review for the Mac OS X Deployment 10.5 T3 that I attended this last week.
First, the location. Of course I'm biased, but I have always loved Chicago, and as such enjoyed the trip Villa Park and Oakbrook Terrace. The hotel was nice, and the location of the training facility was fairly easy to get to. The only problem: no sidewalks. It makes it difficult to walk when you don't have sidewalks, and there isn't enough room to walk on the street (without getting hit). Other than that, the location was nothing to complain about.
The materials: There are quite a lot of material for this class, and I was a little concerned that it would be impossible to fit it all into a 2 day training. Luckily, that was the thought of the course developers as well, and as such the training was extended to 3 days. That fits in perfectly with my training schedule I have planned for the University, so I didn't complain.
The Subject Matter: There was still a lot that I wanted to cover but couldn't in the class, mostly those focusing around the command line. But then, there is a separate class for that, which I will be attending in two weeks. ^_^ But those important topics, such as deploying through the command line, and imaging through the command line, were covered in depth. Also planning, scaling, and third party utilities for managing a deployment option was well covered.
One really nice thing I liked about the class was a mandate for the student to immediately apply what they have learned to a real world situation. They do this through a Deployment planning sheet, which the trainer should have printed out for each student. We didn't have it, but it was made available to us in PDF form, and there is a link that comes with the learning materials to PeachPit's website for the same PDF. Once the form is filled out, the last chapter talks about real world solutions in many large companies, school districts, and training centers, and gives the student time to go through their document to see what they find useful, and what they don't need, in their deployment of OS X.
The Requirements: It is essential the student have a command of both the Mac OS X GUI and have command line experience before starting this course. Basically, students would need to have completed at least the Server Essentials course, and be able to manage a UNIX command line experience. Why? Because at the beginning of the course you are just expected to set up your computers with little assistance from the book. At this point, it is expected that the student knows already how to set up a brand new install of Mac OS X.
The command line experience would be more along the lines of familiar with syntax of commands. Most, if not all, of the commands used are Mac OS X Utilities and not your typical UNIX commands, yet the syntax is the same and therefore the student needs to be familiar with that syntax. There may be some situations when troubleshooting is necessary, and as such the student will need to know how to get to the man pages.
Something else that would be important before taking this class is having troubleshooting knowledge, and an understanding of what you are being prepared to learn. This way if something doesn't quite work they way it's written in the book, you can step outside of the given examples and find alternatives. That's part of learning, something that many students I have had in the past didn't quite understand. It requires reading/studying ahead of time, asking questions, and being attentive.
The Pace: Unlike both Support and Server Essentials where we pend a lot of time trying to catch the class up after some really long first setup exercises, this class is paced just right for the materials. We as a training class (of 10 trainers) finished with plenty of time on the last day to cover some topics more in depth, and that was with us doing the majority of the optional exercises. So with a typical class at this level, the pacing will be such that students will have some time to play with some configuration, or perhaps have a long lunch as a thank you for coming to the class.
Overall, it is the best designed Apple training course I have attended so far. The materials are well designed, the pace is just right (low to medium cognitive load), and the course talks well to adult students (through Constructivist methods). This is a class that may not run often here in Utah, but will most likely be a well attended class when it does. It is by far my most favorite class to date. ^_^
Also, I'd like to say thanks to everyone that attended, because they gave me some very welcomed constructive criticism, and the Master Trainer was a great host. If only the Cubs could have won all three games I was there, rather than just one of the two. Oh well, there is always next time.
First, the location. Of course I'm biased, but I have always loved Chicago, and as such enjoyed the trip Villa Park and Oakbrook Terrace. The hotel was nice, and the location of the training facility was fairly easy to get to. The only problem: no sidewalks. It makes it difficult to walk when you don't have sidewalks, and there isn't enough room to walk on the street (without getting hit). Other than that, the location was nothing to complain about.
The materials: There are quite a lot of material for this class, and I was a little concerned that it would be impossible to fit it all into a 2 day training. Luckily, that was the thought of the course developers as well, and as such the training was extended to 3 days. That fits in perfectly with my training schedule I have planned for the University, so I didn't complain.
The Subject Matter: There was still a lot that I wanted to cover but couldn't in the class, mostly those focusing around the command line. But then, there is a separate class for that, which I will be attending in two weeks. ^_^ But those important topics, such as deploying through the command line, and imaging through the command line, were covered in depth. Also planning, scaling, and third party utilities for managing a deployment option was well covered.
One really nice thing I liked about the class was a mandate for the student to immediately apply what they have learned to a real world situation. They do this through a Deployment planning sheet, which the trainer should have printed out for each student. We didn't have it, but it was made available to us in PDF form, and there is a link that comes with the learning materials to PeachPit's website for the same PDF. Once the form is filled out, the last chapter talks about real world solutions in many large companies, school districts, and training centers, and gives the student time to go through their document to see what they find useful, and what they don't need, in their deployment of OS X.
The Requirements: It is essential the student have a command of both the Mac OS X GUI and have command line experience before starting this course. Basically, students would need to have completed at least the Server Essentials course, and be able to manage a UNIX command line experience. Why? Because at the beginning of the course you are just expected to set up your computers with little assistance from the book. At this point, it is expected that the student knows already how to set up a brand new install of Mac OS X.
The command line experience would be more along the lines of familiar with syntax of commands. Most, if not all, of the commands used are Mac OS X Utilities and not your typical UNIX commands, yet the syntax is the same and therefore the student needs to be familiar with that syntax. There may be some situations when troubleshooting is necessary, and as such the student will need to know how to get to the man pages.
Something else that would be important before taking this class is having troubleshooting knowledge, and an understanding of what you are being prepared to learn. This way if something doesn't quite work they way it's written in the book, you can step outside of the given examples and find alternatives. That's part of learning, something that many students I have had in the past didn't quite understand. It requires reading/studying ahead of time, asking questions, and being attentive.
The Pace: Unlike both Support and Server Essentials where we pend a lot of time trying to catch the class up after some really long first setup exercises, this class is paced just right for the materials. We as a training class (of 10 trainers) finished with plenty of time on the last day to cover some topics more in depth, and that was with us doing the majority of the optional exercises. So with a typical class at this level, the pacing will be such that students will have some time to play with some configuration, or perhaps have a long lunch as a thank you for coming to the class.
Overall, it is the best designed Apple training course I have attended so far. The materials are well designed, the pace is just right (low to medium cognitive load), and the course talks well to adult students (through Constructivist methods). This is a class that may not run often here in Utah, but will most likely be a well attended class when it does. It is by far my most favorite class to date. ^_^
Also, I'd like to say thanks to everyone that attended, because they gave me some very welcomed constructive criticism, and the Master Trainer was a great host. If only the Cubs could have won all three games I was there, rather than just one of the two. Oh well, there is always next time.
Monday, March 17, 2008
Kerberos Issues with Open Directory 10.5? Here is a Sure-Fire Fix
I thought I would post this, as we had a similar situation within our class with this issue. At times, when you try to start Kerberos in Mac OS X 10.5 Server, the domain gives you trouble. The first thing you should do is check the host name with changeip, and determine the issue with your DNS. Then, you can fix your Kerberos issues with the following steps as found here on Apple's documents page:
1. Fix Your DNS: This is necessary, otherwise steps below will not work.
2. Fix your /etc/hosts file: Best done in Terminal. Run sudo bash and authenticate to get to root, and then run vi /etc/hosts. Once in there, add your server's IP Address and fully qualified domain name, like this: 10.1.0.1 mainserver.pretendco.com
3. Set your Host Name: This can be done as root with the following command: scutil --set HostName mainserver.pretendco.com. Replace the Mainserver entry with your own domain name in this step, and all subsequent steps you see.
4. Initialize Kerberos: This requires three steps (and being logged in as root):
slapconfig -kerberize diradmin MAINSERVER.PRETENDCO.COM (diradmin would be the directory admin login name)
sso_util configure -r MAINSERVER.PRETENDCO.COM -f /LDAPv3/127.0.0.1 -a diradmin -p diradmin_password -v 1 all (replace diradmin and diradmin_password with your directory admin and password)
sso_util configure -r MAINSERVER.PRETENDCO.COM -f /LDAPv3/127.0.0.1 -a diradmin -p diradmin_password -v 1 ldap
Once you finish these steps, reboot the machine, and check your Server Admin utility. You should see that you have all your services running on your Open Directory Master.
Even with this trouble, Kerberos seems really simple to set up with a Mac server. I've never tried it on a Linux server, but from the expressions on some friend's faces when I suggest it, it doesn't seem to be very simple. I'm not sure how it's implemented in Active Directory either, though I do know it's just as frustrating when it doesn't work.
1. Fix Your DNS: This is necessary, otherwise steps below will not work.
2. Fix your /etc/hosts file: Best done in Terminal. Run sudo bash and authenticate to get to root, and then run vi /etc/hosts. Once in there, add your server's IP Address and fully qualified domain name, like this: 10.1.0.1 mainserver.pretendco.com
3. Set your Host Name: This can be done as root with the following command: scutil --set HostName mainserver.pretendco.com. Replace the Mainserver entry with your own domain name in this step, and all subsequent steps you see.
4. Initialize Kerberos: This requires three steps (and being logged in as root):
slapconfig -kerberize diradmin MAINSERVER.PRETENDCO.COM (diradmin would be the directory admin login name)
sso_util configure -r MAINSERVER.PRETENDCO.COM -f /LDAPv3/127.0.0.1 -a diradmin -p diradmin_password -v 1 all (replace diradmin and diradmin_password with your directory admin and password)
sso_util configure -r MAINSERVER.PRETENDCO.COM -f /LDAPv3/127.0.0.1 -a diradmin -p diradmin_password -v 1 ldap
Once you finish these steps, reboot the machine, and check your Server Admin utility. You should see that you have all your services running on your Open Directory Master.
Even with this trouble, Kerberos seems really simple to set up with a Mac server. I've never tried it on a Linux server, but from the expressions on some friend's faces when I suggest it, it doesn't seem to be very simple. I'm not sure how it's implemented in Active Directory either, though I do know it's just as frustrating when it doesn't work.
Thursday, December 20, 2007
Apple Training V: The Final Impressions
Now that I have things pretty much under control back home, I promised that I would post my impressions on the Apple Training upgrade to 10.5 that I attended for the past two weeks.
The Design
Overall, the design actually follows some instructional design techniques, unlike the Tiger materials. The student, as they progress through the course, must utilize the techniques, steps, and knowledge they had acquired in previous chapters. Building upon the previous material the students are reinforced in that material, and are not treated as mindless children that can't learn. Constructivist theories at the heart of it, which makes me happy. THe command line is no longer separate from the individual events that the commands apply to, but rather you learn the command line all through the book. Finally, the training becomes professional, and therefore something I am proud to offer at the University.
The Materials
The materials are being published through PeachPit, though the student kits will only be available to an Apple Authorized Training Center. They are very well done, with bits of the lecture in with the slide presentations. They no longer follow the Reference book, which has additional assignments should someone want to continue on with their learning in another direction. The only thing that I currently see wrong is having a place for notes, should the instructor choose to cover a specific topic in more detail. Other than that, it will be professionally bound, and cost less than the workbooks that were available from Apple. ^_^ Good news for any Apple Authorized Training Center.
The Test
now that I have taken both tests, I can say that the tests are written a little better than the previous test, though I took the longer version than will be available for everyone else. The test will be designed to have someone sit for 2 hours (mine was designed for someone to sit for 2.5 hours), and instead of killing all the easy questions, both easy and hard questions will be removed from the test. This way the test results will be generally higher, and passing will also need to be higher. For now, it will still be multiple choice, but they are looking into some real application and development along that front. What I would like to see is a practical sit-down test, similar to Red Hat's exams, which no one can just memorize an answer without learning something. Apple Training would like to see it as well, so it's good to see that we are on the same page. ^_^
The Staff
Apple Training has gone through a lot of changes recently, with most of the staff being laid off. This comes from a common belief that the Macintosh platform is so easy to use, there shouldn't need to be any training for it (i.e., the Apple Executives that don't want to pay for a Training Department). Unfortunately, this is the way many companies are moving, and leads us into a longer rant about the importance of training, and the quick decisions to axe training in corporate environments to save money. Anyway, those that are left are really the cream of the crop, and being led by someone that really has a fantastic vision for the direction training should go.
Final Thoughts
My trip to Austin was bumpy, my trip back was agitated. I had more bad experiences in Austin than I have had in just about any other city, but all in all I liked it. I'm actually making a plan to head down to San Antonio in a couple of years, as we plan a trip to Oklahoma to visit some family. So it wasn't the worst experience I have ever had in traveling (that would be the time I was in JFK and a baggage car rammed into our plane, delaying us 5 hours). All in all, it was productive, and this Spring we can start with the 10.5 materials. In the meantime, I am going to see if it's possible to set up a testing environment for the Macintosh that will let me grade someone on the progress they have setting up a machine, both at the Computer and Server level.
The Design
Overall, the design actually follows some instructional design techniques, unlike the Tiger materials. The student, as they progress through the course, must utilize the techniques, steps, and knowledge they had acquired in previous chapters. Building upon the previous material the students are reinforced in that material, and are not treated as mindless children that can't learn. Constructivist theories at the heart of it, which makes me happy. THe command line is no longer separate from the individual events that the commands apply to, but rather you learn the command line all through the book. Finally, the training becomes professional, and therefore something I am proud to offer at the University.
The Materials
The materials are being published through PeachPit, though the student kits will only be available to an Apple Authorized Training Center. They are very well done, with bits of the lecture in with the slide presentations. They no longer follow the Reference book, which has additional assignments should someone want to continue on with their learning in another direction. The only thing that I currently see wrong is having a place for notes, should the instructor choose to cover a specific topic in more detail. Other than that, it will be professionally bound, and cost less than the workbooks that were available from Apple. ^_^ Good news for any Apple Authorized Training Center.
The Test
now that I have taken both tests, I can say that the tests are written a little better than the previous test, though I took the longer version than will be available for everyone else. The test will be designed to have someone sit for 2 hours (mine was designed for someone to sit for 2.5 hours), and instead of killing all the easy questions, both easy and hard questions will be removed from the test. This way the test results will be generally higher, and passing will also need to be higher. For now, it will still be multiple choice, but they are looking into some real application and development along that front. What I would like to see is a practical sit-down test, similar to Red Hat's exams, which no one can just memorize an answer without learning something. Apple Training would like to see it as well, so it's good to see that we are on the same page. ^_^
The Staff
Apple Training has gone through a lot of changes recently, with most of the staff being laid off. This comes from a common belief that the Macintosh platform is so easy to use, there shouldn't need to be any training for it (i.e., the Apple Executives that don't want to pay for a Training Department). Unfortunately, this is the way many companies are moving, and leads us into a longer rant about the importance of training, and the quick decisions to axe training in corporate environments to save money. Anyway, those that are left are really the cream of the crop, and being led by someone that really has a fantastic vision for the direction training should go.
Final Thoughts
My trip to Austin was bumpy, my trip back was agitated. I had more bad experiences in Austin than I have had in just about any other city, but all in all I liked it. I'm actually making a plan to head down to San Antonio in a couple of years, as we plan a trip to Oklahoma to visit some family. So it wasn't the worst experience I have ever had in traveling (that would be the time I was in JFK and a baggage car rammed into our plane, delaying us 5 hours). All in all, it was productive, and this Spring we can start with the 10.5 materials. In the meantime, I am going to see if it's possible to set up a testing environment for the Macintosh that will let me grade someone on the progress they have setting up a machine, both at the Computer and Server level.
Friday, December 07, 2007
Apple Training II: Support Essentials Impressions
I just finished the first week of Leopard Training for Support Essentials. It was an interesting ride, and there is a lot that I like about it, and some that I'm not too happy with.
What I Liked
I have to hand it to Apple: When they contract to people to write their training materials, they do a good job. The three instructors that we had all wrote the materials in the Student Workbook, and the workbook now looks like it is worth the money you pay for it.
The course does eliminate the need for a key chapter that was my most popular when I taught the class: The Command Line. Now, instead of having a single chapter, we introduce it bit by bit, integrating it with each of the chapters. So now instead of just getting a quick look at how to play with the command line, you are using it actively in each chapter.
How is this better? Well, for those that are looking to integrate a quick remote method of troubleshooting on the Mac and don't want to bother with the bandwidth required for a VNC connection, they can quickly perform pretty telling troubleshooting tasks. In fact, I would say that more Command Line content is included in this course than in the previous course.
Other great things are the lack of Apple Remote Desktop (yay!), more focus on the core open source technologies available, and a focus on BootCamp (which is now integrated into Leopard). It's also nice to be able to repartition your drive, live, with Disk Utility without having to use a third-party application. Sure, linux could do that for years, but with Windows and previous versions of Mac you would need a third party app to get it done.
What I Didn't Like
The weakest point in the Apple training is perhaps the testing. It always has been, because there has never been a bank of questions, just one set of questions for each time you take the test. So, it's not a real evaluation of your knowledge. It's also problematic because in order to compensate, they provide obscure questions that require a constant study of the reference material instead of practical application. But then, it is a multiple choice test, and what else can you do?
The good news is that it's possible that new testing methods could be on it's way. I'm hoping for a more Flash-based virtual environment that will simulate the experience. Another possibility would be to have the training centers set up a physical exam, much the same way as RedHat exams, and allow the instructor/training center to deliver it. Of course it runs into consistency issues (from one AATC to another), but that is another topic all together.
Other than that, it was a good training situation. We got a quick peek at the future new exams that are coming down the pipe, and I'm really impressed with them. Finally, it feels like Apple is getting some real quality back into their training materials.
I'm really excited for next week, when we go over Server Essentials!
What I Liked
I have to hand it to Apple: When they contract to people to write their training materials, they do a good job. The three instructors that we had all wrote the materials in the Student Workbook, and the workbook now looks like it is worth the money you pay for it.
The course does eliminate the need for a key chapter that was my most popular when I taught the class: The Command Line. Now, instead of having a single chapter, we introduce it bit by bit, integrating it with each of the chapters. So now instead of just getting a quick look at how to play with the command line, you are using it actively in each chapter.
How is this better? Well, for those that are looking to integrate a quick remote method of troubleshooting on the Mac and don't want to bother with the bandwidth required for a VNC connection, they can quickly perform pretty telling troubleshooting tasks. In fact, I would say that more Command Line content is included in this course than in the previous course.
Other great things are the lack of Apple Remote Desktop (yay!), more focus on the core open source technologies available, and a focus on BootCamp (which is now integrated into Leopard). It's also nice to be able to repartition your drive, live, with Disk Utility without having to use a third-party application. Sure, linux could do that for years, but with Windows and previous versions of Mac you would need a third party app to get it done.
What I Didn't Like
The weakest point in the Apple training is perhaps the testing. It always has been, because there has never been a bank of questions, just one set of questions for each time you take the test. So, it's not a real evaluation of your knowledge. It's also problematic because in order to compensate, they provide obscure questions that require a constant study of the reference material instead of practical application. But then, it is a multiple choice test, and what else can you do?
The good news is that it's possible that new testing methods could be on it's way. I'm hoping for a more Flash-based virtual environment that will simulate the experience. Another possibility would be to have the training centers set up a physical exam, much the same way as RedHat exams, and allow the instructor/training center to deliver it. Of course it runs into consistency issues (from one AATC to another), but that is another topic all together.
Other than that, it was a good training situation. We got a quick peek at the future new exams that are coming down the pipe, and I'm really impressed with them. Finally, it feels like Apple is getting some real quality back into their training materials.
I'm really excited for next week, when we go over Server Essentials!
Friday, November 30, 2007
Leopard and the Secure NFS Share
One of the benefits of being an Apple Certified Trainer is that I get neat updates from the Apple training staff regarding all aspects of the OS. Today, I got an update from Apple on the UNIX compliant status of Leopard from their site here. While I knew that 64-bit processing was a big thing for Apple in general, and I knew that the new Terminal was a sweet deal, I didn't know they had made a change to NFS, namely to make it Kerberized.
For those of you not familiar with the NFS (Network File System), you may not know why the change to NFS is so important. Sure, single sign on is a great thing in principle, but what's the big deal, right? Well, let's take you through the world of NFS.
NFS is a UNIX native file sharing protocol used to quickly share files back and forth. What makes it so quick? There is no user name and password authentication. Authentication is done through the UNIX UID. This is great in a Directory-specified network where everyone has their own unique ID, but what if you are logging onto the file share from your locally authenticated machine? Chances are you are logging in from a UID assigned to your local machine that will be assigned to another user. Take this scenario:
Tech A creates his server, and shares his files with NFS. His first account he creates is the Administrator account, which was assigned the UID of 501 (standard Admin UID for Apple, by the way). He then creates various other accounts, starting at UID 1025 and going up.
Marketing Director A gets a new machine and creates their first account, which is again an Admin account for that machine and also assigned the UID of 501. They then connect to the file server Tech A created with their account. They don't have to worry about authentication, because NFS authenticates from the UID. In this case, the Marketing Director has Admin access to the file server. Problem? Yes, most definitely. Also considering that anyone that creates a local account on their machine, be they a director or lowly janitor.
Apple had seen this coming, and in Tiger Server made it possible to map all NFS connections to the nobody user, and make all access read only. That did some good, but still lacked the benefits and security of authentication.
Now enter Kerberos. Because of the Ticket system that it utilizes, and the fact that authentication is not necessary once the KDC has authenticated the user on the network, there is no speed reduction in authenticating through Kerberos for an NFS file share. It also adds just one more service that is Kerberized for a Mac OS X Server. I am hard-pressed to think of one service that is not Kerberized with the new Leopard install. This, and the fact that starting a Kerberos KDC is so easy to do with Mac OS X Server makes it a good choice with small to medium-sized businesses.
So, in the end, NFS has finally come full circle. Created initially as a method to quickly transfer files for server-level processing (i.e., imaging and thin-client use), it now has the ability of secure authentication though Kerberos. Of course, if you don't want to use Kerberos, you can still use AFP, SMB, or Kerberized FTP for your file sharing needs. ^_^
For those of you not familiar with the NFS (Network File System), you may not know why the change to NFS is so important. Sure, single sign on is a great thing in principle, but what's the big deal, right? Well, let's take you through the world of NFS.
NFS is a UNIX native file sharing protocol used to quickly share files back and forth. What makes it so quick? There is no user name and password authentication. Authentication is done through the UNIX UID. This is great in a Directory-specified network where everyone has their own unique ID, but what if you are logging onto the file share from your locally authenticated machine? Chances are you are logging in from a UID assigned to your local machine that will be assigned to another user. Take this scenario:
Tech A creates his server, and shares his files with NFS. His first account he creates is the Administrator account, which was assigned the UID of 501 (standard Admin UID for Apple, by the way). He then creates various other accounts, starting at UID 1025 and going up.
Marketing Director A gets a new machine and creates their first account, which is again an Admin account for that machine and also assigned the UID of 501. They then connect to the file server Tech A created with their account. They don't have to worry about authentication, because NFS authenticates from the UID. In this case, the Marketing Director has Admin access to the file server. Problem? Yes, most definitely. Also considering that anyone that creates a local account on their machine, be they a director or lowly janitor.
Apple had seen this coming, and in Tiger Server made it possible to map all NFS connections to the nobody user, and make all access read only. That did some good, but still lacked the benefits and security of authentication.
Now enter Kerberos. Because of the Ticket system that it utilizes, and the fact that authentication is not necessary once the KDC has authenticated the user on the network, there is no speed reduction in authenticating through Kerberos for an NFS file share. It also adds just one more service that is Kerberized for a Mac OS X Server. I am hard-pressed to think of one service that is not Kerberized with the new Leopard install. This, and the fact that starting a Kerberos KDC is so easy to do with Mac OS X Server makes it a good choice with small to medium-sized businesses.
So, in the end, NFS has finally come full circle. Created initially as a method to quickly transfer files for server-level processing (i.e., imaging and thin-client use), it now has the ability of secure authentication though Kerberos. Of course, if you don't want to use Kerberos, you can still use AFP, SMB, or Kerberized FTP for your file sharing needs. ^_^
Friday, November 16, 2007
Triboot Saga Continues: Mac 10.5, Windows XP, and Fedora 8 on a MacBook Pro
For those couple people that have been following my blog for a while (thank you both!), you will probably remember me posting my woes and eventual triumphs regarding tribooting a MacBook Pro. I was trying to install a total lab image that would allow any instructor to teach a given class on their chosen platform without worrying about lab restrictions. It took a week, beating my head against a brick wall, and a lot of forum/blog readings to do it, but I finally managed to complete my mission.
If you remember, I also tried to use Fedora 7, but failed to get it to install properly. I then installed Ubuntu, which managed to install with a lot less coaxing than Fedora 7. Of course, the Linux classes that the University of Utah will be offering for credit (starting this spring! Two registered already! ^_^) will be focusing on either Red Hat or SuSE. Well, technically we could probably get away with Ubuntu, but I want the experience to be as close to the real thing as possible. That means getting Fedora to work.
The Download, Partitioning, Mac and Windows Install
I managed to find several repositories of the DVD iso for both i386 and x86_64 releases, so I downloaded them both. The final FTP mirror I used was located here on campus, so I was able to download both at about 7 minutes each (I love being at the U!). I then followed all the steps I outlined in September for the inital Mac 10.5 and Windows install. Yes, I am still using XP, if only because Vista isn't being used in our labs (and if our network guys have their say, it never will).
Fedora 8 x86_64 Install
I started the Fedora install by testing the disk. After the fiasco that was my Mac 10.5 upgrade, I'm playing it safe. ^_^ I then started the basic installation process. From what I remember of 7, Fedora 8 has a much more streamlined install process, more like Ubuntu Feisty. I was really impressed! I walked through the process, set up a partition as ext3 for Fedora, and then selected the software.
Then, I got worried. It not only didn't ask me what bootloader I wanted, but it didn't ask me where I wanted to install it. Bugger! Would I have to reinstall Windows, and compile Grub on my own? I really didn't want to do that, because it would be a mess. Well, we would just have to see. I started to sweat, worried that I would be in for another huge project that I had hoped would only take me a couple of hours.
I finished the install, and then rebooted the machine. Refit came up with all three images, which was a good thing (that didn't work with Fedora 7). Then I selected Windows. I would know if Grub had messed with the Windows MBR if it came up as I tried to boot. The screen went blank, my heart raced.. and Windows booted! I was thrilled!
I then rebooted to get into Fedora. The setup was beautiful, the boot clean. The desktop looks a lot like a cross between Tiger and Leopard, with a splash of Windows in there. Happy that the installation worked well enough for a Lab machine, I turned the machine off. Is everything working? I have no idea. Does everything need to work? Not at all! This isn't a machine that needs to run audio content, play games, or chat via the internet. This machine is meant to be a test environment for students to learn about the core OS.
Maybe, if time allows (after updating all the machines to both 10.5 and Fedora) I am interested in getting the Fedora install working at 100%, I will do that. But for now, I give a huge Kudos to the Fedora team for creating a boot installer that installs Grub on the destination Root partition, instead of the MBR for Windows. ^_^
If you remember, I also tried to use Fedora 7, but failed to get it to install properly. I then installed Ubuntu, which managed to install with a lot less coaxing than Fedora 7. Of course, the Linux classes that the University of Utah will be offering for credit (starting this spring! Two registered already! ^_^) will be focusing on either Red Hat or SuSE. Well, technically we could probably get away with Ubuntu, but I want the experience to be as close to the real thing as possible. That means getting Fedora to work.
The Download, Partitioning, Mac and Windows Install
I managed to find several repositories of the DVD iso for both i386 and x86_64 releases, so I downloaded them both. The final FTP mirror I used was located here on campus, so I was able to download both at about 7 minutes each (I love being at the U!). I then followed all the steps I outlined in September for the inital Mac 10.5 and Windows install. Yes, I am still using XP, if only because Vista isn't being used in our labs (and if our network guys have their say, it never will).
Fedora 8 x86_64 Install
I started the Fedora install by testing the disk. After the fiasco that was my Mac 10.5 upgrade, I'm playing it safe. ^_^ I then started the basic installation process. From what I remember of 7, Fedora 8 has a much more streamlined install process, more like Ubuntu Feisty. I was really impressed! I walked through the process, set up a partition as ext3 for Fedora, and then selected the software.
Then, I got worried. It not only didn't ask me what bootloader I wanted, but it didn't ask me where I wanted to install it. Bugger! Would I have to reinstall Windows, and compile Grub on my own? I really didn't want to do that, because it would be a mess. Well, we would just have to see. I started to sweat, worried that I would be in for another huge project that I had hoped would only take me a couple of hours.
I finished the install, and then rebooted the machine. Refit came up with all three images, which was a good thing (that didn't work with Fedora 7). Then I selected Windows. I would know if Grub had messed with the Windows MBR if it came up as I tried to boot. The screen went blank, my heart raced.. and Windows booted! I was thrilled!
I then rebooted to get into Fedora. The setup was beautiful, the boot clean. The desktop looks a lot like a cross between Tiger and Leopard, with a splash of Windows in there. Happy that the installation worked well enough for a Lab machine, I turned the machine off. Is everything working? I have no idea. Does everything need to work? Not at all! This isn't a machine that needs to run audio content, play games, or chat via the internet. This machine is meant to be a test environment for students to learn about the core OS.
Maybe, if time allows (after updating all the machines to both 10.5 and Fedora) I am interested in getting the Fedora install working at 100%, I will do that. But for now, I give a huge Kudos to the Fedora team for creating a boot installer that installs Grub on the destination Root partition, instead of the MBR for Windows. ^_^
Wednesday, November 07, 2007
The Adventures of Leopard: Upgrading 3 machines to 10.5
Well, I finally got the Leopard upgrade, and I was really excited! The system works great, and I'm really excited to be using leopard (I've missed my virtual desktops!). But the upgrade wasn't all candy and roses. Let me spin my tale of woe, heartbreak, anxiety, and final triumph.
The Powerbook G4
I first installed the upgrade on a Powerbook G4 because I was impatient. This old machine has been my pride and joy for years, works like a horse, and takes a beating like an old Model T Ford. Well, at least it did before I updated. ^_^ My son has had this habit of finding something on a chair or bed, and pulling it off. The one time I forgot to leave the computer bag on the floor, he pulled it off the bed for me.
The fall must have done something to the drive, because when Leopard tried to upgrade, it couldn't read the drive. I no longer could read it in Target Disk Mode either. So, I ended up running a full install. Most everything was already backed up (except for the second draft of my book, but it was crap anyway), so I didn't lose anything important.
The install was clean, cleared out a lot of libraries of failed attempts by me to compile things, and I came up with the leopard setup wizard. It is an easier setup than Tiger, but only because it doesn't ask you as many questions.
The Mac Pro
The Mac Pro was a different situation all together. This is my work machine, and when I tried to install the update, the disk I had was bad. So I got just so far, and it died on me. No longer able to boot, but the files staying in tact, I tried another install disc from our IT guys. The install failed again, but why I don't know, and so I tried a third time. This time it finished, and started logging into the GUI. I was excited, until I saw the login window: no accounts. My entire NetInfo directory of two accounts was completely gone.
Not wanting to believe it, I booted up into the install DVD again, and tried to change the password. It let me, so I thought I could try booting again. No go, it still didn't have any users. Argh! I was afraid I would have to do a full install, and this time the IT guys took the disk back. So, I tried some things in the Command Line. After all, it's based on BSD, right?
Well, the only way to add a user that I could see was to add them in Open Directory. To do that, I needed access to the command dscl. I booted up into Single User Mode, and gave it a try. It wouldn't run without a particular library setting executed first. It even told me the command to run. So I did, and it still didn't work. Argh! What was going on? I was worried I would have to run a full install on the machine.
The next day, I checked online again, looking for anything that would give me some sort of access to the machine. Then I came across two articles, Here, explaining the issue I was experiencing, and here, outlining how to add a new user.
Now, I tried the first fix, but the original user was completely gone. My guess is that when it was importing the new account information from NetInfo (no longer used in Leopard) to the LDAP system in Open Directory, the system failed. The original NetInfo information was still there, but wasn't imported properly. So, I needed to create a new account.
Once the new account was created, it worked like a charm! Because I had to search for the fix for two days, here are the steps that I took, should anyone else need to perform the same fix:
1. Restart in Single User mode (hold Command-S during startup)
2. At the prompt, type: mount -uw /
3. Press Return
4. Type:
launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
Press Return
5. Create a new entry in the local (/) domain under the category /users.
dscl . -create /Users/[username]
6. Create and set the shell property to bash.
dscl . -create /Users/[username] UserShell /bin/bash
7. Create and set the user’s full name.
dscl . -create /Users/[username] RealName "Real Name"
8. Create and set the user’s ID.
dscl . -create /Users/[username] UniqueID 501 (default System Admin for Mac OS X)
9. Create and set the user’s group ID property.
dscl . -create /Users/[username] PrimaryGroupID 1000
10. Create and set the user home directory.
dscl . -create /Users/[username] NFSHomeDirectory /Users/[username]
11. Set the password.
dscl . -passwd /Users/[username] PASSWORD
or
passwd [username]
12. If you would like Dr. Harris to be able to perform administrative functions:
dscl . -append /Groups/admin GroupMembership [username]
This worked just fine for me. Hopefully it would be helpful to someone else, if nothing else then to find it easier. ^_^
The iMac
My wife's computer worked without a hitch, which was good because I didn't have time to back up everything, just the images. I was hurt, because her machine didn't have a problem. What's wrong with me? ^_^
Anyway, I hope this helps those of you upgrading to Leopard, and have trouble with missing accounts.
The Powerbook G4
I first installed the upgrade on a Powerbook G4 because I was impatient. This old machine has been my pride and joy for years, works like a horse, and takes a beating like an old Model T Ford. Well, at least it did before I updated. ^_^ My son has had this habit of finding something on a chair or bed, and pulling it off. The one time I forgot to leave the computer bag on the floor, he pulled it off the bed for me.
The fall must have done something to the drive, because when Leopard tried to upgrade, it couldn't read the drive. I no longer could read it in Target Disk Mode either. So, I ended up running a full install. Most everything was already backed up (except for the second draft of my book, but it was crap anyway), so I didn't lose anything important.
The install was clean, cleared out a lot of libraries of failed attempts by me to compile things, and I came up with the leopard setup wizard. It is an easier setup than Tiger, but only because it doesn't ask you as many questions.
The Mac Pro
The Mac Pro was a different situation all together. This is my work machine, and when I tried to install the update, the disk I had was bad. So I got just so far, and it died on me. No longer able to boot, but the files staying in tact, I tried another install disc from our IT guys. The install failed again, but why I don't know, and so I tried a third time. This time it finished, and started logging into the GUI. I was excited, until I saw the login window: no accounts. My entire NetInfo directory of two accounts was completely gone.
Not wanting to believe it, I booted up into the install DVD again, and tried to change the password. It let me, so I thought I could try booting again. No go, it still didn't have any users. Argh! I was afraid I would have to do a full install, and this time the IT guys took the disk back. So, I tried some things in the Command Line. After all, it's based on BSD, right?
Well, the only way to add a user that I could see was to add them in Open Directory. To do that, I needed access to the command dscl. I booted up into Single User Mode, and gave it a try. It wouldn't run without a particular library setting executed first. It even told me the command to run. So I did, and it still didn't work. Argh! What was going on? I was worried I would have to run a full install on the machine.
The next day, I checked online again, looking for anything that would give me some sort of access to the machine. Then I came across two articles, Here, explaining the issue I was experiencing, and here, outlining how to add a new user.
Now, I tried the first fix, but the original user was completely gone. My guess is that when it was importing the new account information from NetInfo (no longer used in Leopard) to the LDAP system in Open Directory, the system failed. The original NetInfo information was still there, but wasn't imported properly. So, I needed to create a new account.
Once the new account was created, it worked like a charm! Because I had to search for the fix for two days, here are the steps that I took, should anyone else need to perform the same fix:
1. Restart in Single User mode (hold Command-S during startup)
2. At the prompt, type: mount -uw /
3. Press Return
4. Type:
launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
Press Return
5. Create a new entry in the local (/) domain under the category /users.
dscl . -create /Users/[username]
6. Create and set the shell property to bash.
dscl . -create /Users/[username] UserShell /bin/bash
7. Create and set the user’s full name.
dscl . -create /Users/[username] RealName "Real Name"
8. Create and set the user’s ID.
dscl . -create /Users/[username] UniqueID 501 (default System Admin for Mac OS X)
9. Create and set the user’s group ID property.
dscl . -create /Users/[username] PrimaryGroupID 1000
10. Create and set the user home directory.
dscl . -create /Users/[username] NFSHomeDirectory /Users/[username]
11. Set the password.
dscl . -passwd /Users/[username] PASSWORD
or
passwd [username]
12. If you would like Dr. Harris to be able to perform administrative functions:
dscl . -append /Groups/admin GroupMembership [username]
This worked just fine for me. Hopefully it would be helpful to someone else, if nothing else then to find it easier. ^_^
The iMac
My wife's computer worked without a hitch, which was good because I didn't have time to back up everything, just the images. I was hurt, because her machine didn't have a problem. What's wrong with me? ^_^
Anyway, I hope this helps those of you upgrading to Leopard, and have trouble with missing accounts.
Thursday, October 18, 2007
Big News from Apple: Leopard Release and iPhone SDK
This week has been exciting with regards to Apple. They announced the release date of Mac OS X v.10.5 "Leopard", and the iPhone SDK for open and accepted developers.
Leopard
I have been a proponent of Leopard for a long time, because the cool features within Leopard (and Leopard Server) have had me drooling. Not because they are anything new, but because many of the open source programs that are out there have a easy way to manage them. It also means that I get more training for the Apple Certification classes that are coming up in the Spring. All I can say is I can't wait to start playing with the OS once it's released. ^_^
iPhone SDK
Yes, Steve Jobs and his group finally saw the light based on the outcry of the iPhone 1.1.1 update that killed a lot of hacked iPhones. iPhone users want an Apple PDA, not just a phone with a new interface. Now, just as I had hoped, after the iPod Touch was released, the iPhone will be opened with an SDK to developers that are issued a specific key (probably, anyway).
The only problem I would have with it is: what are the criteria for the key? There are currently a lot of developers using the Jailbreak hack and SDK that was developed by hackers out there at the iPhone Dev Wiki. Will they be eligible for the key? Will it be handled the way the Widget program was handled, allowing just about anyone to develop as long as the software is virus free? I hope so. It would make life that much easier for the current developers, and will basically incorporate all the cool apps that already exist.
February will be an exciting time for Apple, if they do it right. Let's hope they do.
Leopard
I have been a proponent of Leopard for a long time, because the cool features within Leopard (and Leopard Server) have had me drooling. Not because they are anything new, but because many of the open source programs that are out there have a easy way to manage them. It also means that I get more training for the Apple Certification classes that are coming up in the Spring. All I can say is I can't wait to start playing with the OS once it's released. ^_^
iPhone SDK
Yes, Steve Jobs and his group finally saw the light based on the outcry of the iPhone 1.1.1 update that killed a lot of hacked iPhones. iPhone users want an Apple PDA, not just a phone with a new interface. Now, just as I had hoped, after the iPod Touch was released, the iPhone will be opened with an SDK to developers that are issued a specific key (probably, anyway).
The only problem I would have with it is: what are the criteria for the key? There are currently a lot of developers using the Jailbreak hack and SDK that was developed by hackers out there at the iPhone Dev Wiki. Will they be eligible for the key? Will it be handled the way the Widget program was handled, allowing just about anyone to develop as long as the software is virus free? I hope so. It would make life that much easier for the current developers, and will basically incorporate all the cool apps that already exist.
February will be an exciting time for Apple, if they do it right. Let's hope they do.
Friday, April 13, 2007
Friday Round Up: Leopard Delay, Apple TV, Building with Cob
Today I want to focus on the readers. Yes, all 3 of you. ^_^ I've been checking my hits from Google Analytics, and I've noticed an increase in page views and hits from all over the world. Most of the hits come from those searching on Google, but I have some regular hits as well. For those that keep coming back, I thank you!
There are two major subjects that represent the interest in my page: Apple, and building with cob. Well, today I'm going to cover both in my Friday Round Up.
Leopard Delay
As many of you have heard, Leopard has been delayed in its release. Much to my disappointment, and to the disappointment of others, the new operating system and server services that it offers are not going to be out on the Market until October, 2007.
How does this impact me personally? Well, I will be unable to set up a Team Server until October, which is a little disappointing, but I can handle it. It also sets back my training series offering considerably, so it looks like I will not be offering any additional classes until Summer or Fall of 2008. That is a problem, as many of my clients are looking forward to more Directory Service training, as well as future Xsan training. Ah, well, more time to read up on the Tiger services, I suppose, and get Kerberos working correctly.
Apple TV
I recently finished going through my taxes, and much to my relief, we will be getting a nice return. This means we can get an Apple TV, as well as take care of some other household maintenance (part of which will be covered in the next section). So, I finally get to start some hacks of my own (hopefully without having to remove the hard drive).
For those of you who have heard of the Apple TV, but were wondering why I would be interested in such a narrowly limited device, there are a number of reasons:
1. All my content is ripped through Handbrake, Which is an open source tool for ripping content into an MP4 format from a DVD. Why rip your content from a DVD? Because if you have a young child in your household, you realize how delicate your DVD's are, and how hard it is to keep them out of their hands.
2. It gets its content from iTunes, which is where I keep all my content anyway. It will also stream its content from up to 5 computers, be they Apple or Windows machines. Right now I'm searching for a replacement for the TV, as most shows have become to vulgar, crass, and mind-numbing for my taste. This way I can watch TV on my own terms without having to pay for On Demand material from Comcast. I am also looking for a solution for my parents, and the simplicity of this device makes it perfect for them.
3. I don't want to stop at just watching current shows. I would like to eventually provide plugins for additional formats, and even plug in a USB TV device to turn the little device into a DVR. While this is not currently native to the Apple TV platform, it is possible as outlined at Apple TV Hacks. There are several hacks here that I would be happy to try, given the opportunity.
4. It's nice because it also has audio control, therefore removing the need for a media center to control the audio. This is significant, because I have a beautiful floor stereo that once belonged to my grandfather, and it has the most magnificent sound! I had used it in the past as the audio output for my DVD's, and now I want to use it again as the audio output for everything.
5. Once I have safely installed one for content, I want to try installing various versions of OS X on it, to see if I can get a decent client system out of it, or even a decent server. A $300.00 server running my Directory Services would be nice, particularly since I don't need a lot of power to run a home Directory system running 802.11n speeds. ^_^
So, once I purchase the Apple TV, look for some updates. ^_^
Building With Cob Update
The weather is starting to dry out now, as we get closer to Summer, and with the tax return coming, I will be able to lay the foundation for the cob greenhouse, and possibly even build the entire structure within a couple weeks! That's exciting, because not only do I get to work with cob, but I also get to work on the hydroponic system that I want to build. Finally, everything is starting to come together in that area. Of course, that means I will need to make some special trips to get a citrus tree, but I can handle that. ^_^
I will be laying the foundation initially with gravel, which will also be the floor of the greenhouse (to allow for easy drainage). It will also be built up for the patio surrounding the greenhouse, which will be a perfect place for the grill and two benches. I'll see if I can't get a shot from the roof so that you can see how I am going to be placing everything. Yay! I get to show off my lack of Photoshop Skills!
So, that's the news from the week. I should have some pictures up by Monday evening, if you are interested in the cob building project, and I hope to have made some test adobe bricks to show off as well.
There are two major subjects that represent the interest in my page: Apple, and building with cob. Well, today I'm going to cover both in my Friday Round Up.
Leopard Delay
As many of you have heard, Leopard has been delayed in its release. Much to my disappointment, and to the disappointment of others, the new operating system and server services that it offers are not going to be out on the Market until October, 2007.
How does this impact me personally? Well, I will be unable to set up a Team Server until October, which is a little disappointing, but I can handle it. It also sets back my training series offering considerably, so it looks like I will not be offering any additional classes until Summer or Fall of 2008. That is a problem, as many of my clients are looking forward to more Directory Service training, as well as future Xsan training. Ah, well, more time to read up on the Tiger services, I suppose, and get Kerberos working correctly.
Apple TV
I recently finished going through my taxes, and much to my relief, we will be getting a nice return. This means we can get an Apple TV, as well as take care of some other household maintenance (part of which will be covered in the next section). So, I finally get to start some hacks of my own (hopefully without having to remove the hard drive).
For those of you who have heard of the Apple TV, but were wondering why I would be interested in such a narrowly limited device, there are a number of reasons:
1. All my content is ripped through Handbrake, Which is an open source tool for ripping content into an MP4 format from a DVD. Why rip your content from a DVD? Because if you have a young child in your household, you realize how delicate your DVD's are, and how hard it is to keep them out of their hands.
2. It gets its content from iTunes, which is where I keep all my content anyway. It will also stream its content from up to 5 computers, be they Apple or Windows machines. Right now I'm searching for a replacement for the TV, as most shows have become to vulgar, crass, and mind-numbing for my taste. This way I can watch TV on my own terms without having to pay for On Demand material from Comcast. I am also looking for a solution for my parents, and the simplicity of this device makes it perfect for them.
3. I don't want to stop at just watching current shows. I would like to eventually provide plugins for additional formats, and even plug in a USB TV device to turn the little device into a DVR. While this is not currently native to the Apple TV platform, it is possible as outlined at Apple TV Hacks. There are several hacks here that I would be happy to try, given the opportunity.
4. It's nice because it also has audio control, therefore removing the need for a media center to control the audio. This is significant, because I have a beautiful floor stereo that once belonged to my grandfather, and it has the most magnificent sound! I had used it in the past as the audio output for my DVD's, and now I want to use it again as the audio output for everything.
5. Once I have safely installed one for content, I want to try installing various versions of OS X on it, to see if I can get a decent client system out of it, or even a decent server. A $300.00 server running my Directory Services would be nice, particularly since I don't need a lot of power to run a home Directory system running 802.11n speeds. ^_^
So, once I purchase the Apple TV, look for some updates. ^_^
Building With Cob Update
The weather is starting to dry out now, as we get closer to Summer, and with the tax return coming, I will be able to lay the foundation for the cob greenhouse, and possibly even build the entire structure within a couple weeks! That's exciting, because not only do I get to work with cob, but I also get to work on the hydroponic system that I want to build. Finally, everything is starting to come together in that area. Of course, that means I will need to make some special trips to get a citrus tree, but I can handle that. ^_^
I will be laying the foundation initially with gravel, which will also be the floor of the greenhouse (to allow for easy drainage). It will also be built up for the patio surrounding the greenhouse, which will be a perfect place for the grill and two benches. I'll see if I can't get a shot from the roof so that you can see how I am going to be placing everything. Yay! I get to show off my lack of Photoshop Skills!
So, that's the news from the week. I should have some pictures up by Monday evening, if you are interested in the cob building project, and I hope to have made some test adobe bricks to show off as well.
Tuesday, March 27, 2007
Mac OS X Server 10.5: A Nice Setup
June is coming up rather quickly, and that means that the World Wide Developers Conference for Apple is coming as well. Now, while I don't usually get excited about trade shows, this one is different: Mac OS X 10.5 is said to be announced. There are a lot of reasons to get excited about 10.5, but I want to focus on the Server. That, in my opinion is more important than the client upgrades.
But what's so great about 10.5? 10.4 already has a great Directory service, integrated with Kerberos, and has a lot of functionality that can be easily implemented within the service itself. It also supports SMB, AFP, NFS, and FTP natively, allowing for easy file storage both within the network and outside of the DMZ. So what makes the new implementation so exciting for me?
Well, it's best described by John C. Welch from InformationWeek. In his article Inside Apple's Leopard Server OS, he gives an outline based on Apple's own information about their new implementation of server. Here is how it boils down for me:
iCal Server
One of the best products that Apple could have implemented was an iCal server. Not only does it allow for resource and calendar sharing, but it provides the information as part of an open standard set by CalConnect, which pushes for open standards within a calendaring server. It also allows for server clustering out of the box, so there is no additional fees to set up a Calendar server. Add that to no per client fees, and easy setup, and you have one powerful tool in your hand. Once we get the latest upgrade to 10.5, we already plan on setting up a test server with the iCal system running.
Wiki Server
I haven't jumped on the Wiki bandwagon as of yet as far as collaboration, since I don't need to collaborate much in my current position. I did work with a type of Wiki at eBay for an internal knowledge base and document server, but it wasn't anything fancy. But, because the server can be integrated with iCal Server, it can provide details about requirements on a specific date. This would be invaluable for Technology classes, because you can link an existing class requirement entry in the Wiki with the class date. Now the support staff know exactly what needs to be supplied for the class based on a single entry. I could see a lot of educational institutions utilizing this method for their support staff.
iChat Server 2
This new implementation of iChat allows for a hookup to other Jabber services (like Google Talk) without actually signing into Google Talk. It also is rumored to have Kerberos support built in, so single sign-on is more of a reality with a chat service. Why is this significant? Because setting up a single sign on environment is really a pain if everything doesn't integrate with it. So, because chat can be very important, Kerberos integration without special back-end coding makes the internal iChat server that much more attractive.
Mail
The Mail server in OS X 10.4 is fairly standard, but 10.5 gives you clustering at no extra charge. While I don't think I'll set up another mail server anytime soon (at least until the Utopia project comes to my area), it's something that I may consider in the near future.
Open Directory 4
Ever since I have started working with Mac servers, I have been very impressed with Apple's implementation of a Directory system. Open Directory integrates well with Active Directory, eDirectory, or any other LDAP implementation. It also allows for a lot of control over access.
But the big news that I like is RADIUS integration with Open Directory. So now, for the price of an Xserve, you could easily set up your own dial-up network connection, integrate services through Kerberos, and provide an excellent connection setup. This also would go for Wireless or Wired networks, which would require some sort of authentication for access. Having worked in that field not too long ago, I think this is perhaps one of the most powerful tools that Apple could have provided.
So what does this all mean? It means that Apple has made it easier for me to implement a well built network in my own home without high-cost software. But why Apple? All these tools are available through Open Source technologies on Linux, right? Well, as much as I like Linux (and I really do, don't get me wrong) and it's enterprise level tools, I'm too lazy to set it all up. Even if it were all through RPM or DEB installs, it would still take a lot of set up time, which I really don't want to invest. Using the Apple tools, I can set up the minimum requirements for these powerful tools in a short amount of time, and then they will just work.
But if I wanted to do a real enterprise setup, I probably wouldn't use the Apple servers as my primary system. Not that it isn't robust enough, but I could do it cheaper with Linux and Blade servers, and higher the support staff to manage the system. Apple allows me to manage the system myself, which is ideal for a small business anyway. One support person, or even a support consultant, can set up your system that looks and acts very professional, without having to have them on staff full time.
But what's so great about 10.5? 10.4 already has a great Directory service, integrated with Kerberos, and has a lot of functionality that can be easily implemented within the service itself. It also supports SMB, AFP, NFS, and FTP natively, allowing for easy file storage both within the network and outside of the DMZ. So what makes the new implementation so exciting for me?
Well, it's best described by John C. Welch from InformationWeek. In his article Inside Apple's Leopard Server OS, he gives an outline based on Apple's own information about their new implementation of server. Here is how it boils down for me:
iCal Server
One of the best products that Apple could have implemented was an iCal server. Not only does it allow for resource and calendar sharing, but it provides the information as part of an open standard set by CalConnect, which pushes for open standards within a calendaring server. It also allows for server clustering out of the box, so there is no additional fees to set up a Calendar server. Add that to no per client fees, and easy setup, and you have one powerful tool in your hand. Once we get the latest upgrade to 10.5, we already plan on setting up a test server with the iCal system running.
Wiki Server
I haven't jumped on the Wiki bandwagon as of yet as far as collaboration, since I don't need to collaborate much in my current position. I did work with a type of Wiki at eBay for an internal knowledge base and document server, but it wasn't anything fancy. But, because the server can be integrated with iCal Server, it can provide details about requirements on a specific date. This would be invaluable for Technology classes, because you can link an existing class requirement entry in the Wiki with the class date. Now the support staff know exactly what needs to be supplied for the class based on a single entry. I could see a lot of educational institutions utilizing this method for their support staff.
iChat Server 2
This new implementation of iChat allows for a hookup to other Jabber services (like Google Talk) without actually signing into Google Talk. It also is rumored to have Kerberos support built in, so single sign-on is more of a reality with a chat service. Why is this significant? Because setting up a single sign on environment is really a pain if everything doesn't integrate with it. So, because chat can be very important, Kerberos integration without special back-end coding makes the internal iChat server that much more attractive.
The Mail server in OS X 10.4 is fairly standard, but 10.5 gives you clustering at no extra charge. While I don't think I'll set up another mail server anytime soon (at least until the Utopia project comes to my area), it's something that I may consider in the near future.
Open Directory 4
Ever since I have started working with Mac servers, I have been very impressed with Apple's implementation of a Directory system. Open Directory integrates well with Active Directory, eDirectory, or any other LDAP implementation. It also allows for a lot of control over access.
But the big news that I like is RADIUS integration with Open Directory. So now, for the price of an Xserve, you could easily set up your own dial-up network connection, integrate services through Kerberos, and provide an excellent connection setup. This also would go for Wireless or Wired networks, which would require some sort of authentication for access. Having worked in that field not too long ago, I think this is perhaps one of the most powerful tools that Apple could have provided.
So what does this all mean? It means that Apple has made it easier for me to implement a well built network in my own home without high-cost software. But why Apple? All these tools are available through Open Source technologies on Linux, right? Well, as much as I like Linux (and I really do, don't get me wrong) and it's enterprise level tools, I'm too lazy to set it all up. Even if it were all through RPM or DEB installs, it would still take a lot of set up time, which I really don't want to invest. Using the Apple tools, I can set up the minimum requirements for these powerful tools in a short amount of time, and then they will just work.
But if I wanted to do a real enterprise setup, I probably wouldn't use the Apple servers as my primary system. Not that it isn't robust enough, but I could do it cheaper with Linux and Blade servers, and higher the support staff to manage the system. Apple allows me to manage the system myself, which is ideal for a small business anyway. One support person, or even a support consultant, can set up your system that looks and acts very professional, without having to have them on staff full time.
Subscribe to:
Posts (Atom)