Sharepoints: We’re Not Alone Any More
17 July 2002
Amid the hoopla of all the new features of Mac OS X 10.2 at the 2002 MacWorld New York keynote, Apple quietly released a couple of whitepapers on the new version of Mac OS X Server 10.2. I’m always amazed at how little they play this product up at MacWorld, especially since there has been so much improvement to it in the last year. With the glimpse that we have so far, this is going to be a sizable upgrade. I certainly don’t mind showing a bias towards Mac OS X Server here at afp548.com, but I really am all a-tingle over these specs.
What follows is a quick tour of some of the highlights of this upcoming release. Note all of these observations are based on the information that Apple has made publicly available on its website. I have not used this product yet, nor has it been finalized, so take all comments with the appropriately large grain of salt. However, even with the crystal ball still a bit cloudy, the themes of this upcoming release paint a very, very bright future for Mac OS X Server.
Directory Services
This is definitely the single biggest change in Server 10.2. Apple has created the “Open Directory” system, which puts an LDAP v3 front end onto NetInfo. This opens up a world of possibilities. Now authentication—both upstream and downstream—between a Mac OS X Server and UNIX, Linux, Windows and other Mac OS X machines becomes incredibly easy. The connection is SSL-encrypted and very extensible. You can now load up your directory server with passwords, home directory locations, network resources, addresses and just about anything else that you want. Your mail application should be able to get e-mail addresses from this. Your file servers will authenticate clients against it. You can specify minimum password length and force the users to change passwords on a regular basis. Life will be good. Apple seems to have done an incredible job with integrating this functionality into the entirety of the server product. Kerberos also seems to be supported throughout.
File Services
AppleShare and FTP are getting significantly updated. AppleShare can now run encrypted over SSH, although you’ve been able to do that for a while now with Vapor (we haven’t seen a royalty check yet, either). Clients that go to sleep will be automatically reconnected when they wake up. NFS mounts on the server can be re-shared over AppleShare. This is huge for shops with a heavy UNIX back end. FTP gets a significant overhaul, with support for resuming interrupted downloads and better control over what sharepoints users can see. Plus a lot of creature comforts, like easier control of the FTP banners, have been added. On the client side, 10.2 will support native Finder connections to FTP servers, and we just released an article on how to use ftp from the command line. Oh, well! For any sharepoint, you can now explicitly control what protocols can be used to connect. It is no longer all or nothing. You can also set different names for the sharepoint based upon the protocol being used.
Print Services
Printers can be shared out over AppleTalk. Better queue controls and per user quotas are also nice improvements. It is as yet unclear whether you can assign multiple printers to a queue. Also, there is no mention of what CUPS (Common Unix Printing System) features Apple has added since they licensed the technology a few months ago. CUPS has the potential to create PostScript queues for non-PostScript printers in addition to a slew of other features.
NetBoot
You can now keep up to 25 different—yes, different—NetBoot images per Server. This is huge. Just imagine your own personal NetBoot image complete with iTunes library and Civilization III able to be “installed” on any machine on your network just by rebooting it. Of course you can also now standardize on a dozen different standard configurations for your network and be able to use them all over NetBoot. This is the bomb for computer labs. NetBoot images can be hosted on any NFS-capable server on your network, too.
NetInstall
NetInstall also has a 25 image limit per Server. I believe, although it is not explicitly stated, that a Mac OS X 10.2 Server is limited to 25 total NetBoot or NetInstall images. This technology is new to Mac OS X and allows an administrator to create an image—either a full operating system or just a minor upgrade—that is then automatically installed on all of the designated client machines automatically. You can even go so far as upgrading Mac OS 9 machines to Mac OS X 10.2 using this system. All unattended. Wow. You don’t need to figure out the Software Update hack anymore to run your own software update service.
Workgroup Manager
MacManager for Mac OS X. This looks to be a beautiful system. A tool that brings Mac OS X full bore into the realm of managed enterprise operating systems. With this you can maintain very granular control over your Mac OS X client machines. Right down to forcing the dock to stay at the bottom instead of the sides. Much like MacManager, permissions can be based upon the user, the workgroup that the user is in, or the machine itself. There is also a system in place to handle which permissions trump the others when they conflict. Workgroup Manager greatly facilitates the use of network home folders and custom tailoring the available network resources that a user has access to. Also included are home directory disk quotas. Need I say more. Schools and other managed environments can march confidently into an all Mac OS X future now.
There isn’t much information on the new version of the Apple Mail Server in the product literature. It is mentioned that APOP passwords are supported and that IMAP over SSL is also included. Both of these are nice additions. Given the major advances that the other parts have received in comparison though, I hope the mail server got more than this. Better support for multiple domains comes to mind, but I’ll let this slide in light of the other improvements. Also the site mentions that Squirrelmail will be included as a Webmail system. If you haven’t noticed from our articles, Squirrelmail is certainly a favorite here at AFP548.com and we applaud Apple’s use of existing technology instead of rewriting the wheel. Although the nice Aqua graphics on the .mac webmail would also have been a nice touch.
In addition to the above changes the remote administration tools have been overhauled. Logging and keeping track of Server usage seems to be much easier. And the icons look really nice, too.
I must admit, I’m pretty jazzed about this update, and I haven’t even seen it in the flesh. Granted, it does seem like Apple has bitten off quite a bit with this upgrade, and I am sure that there will be some rough patches at first, but the direction that they are headed is good. We always knew that Mac OS X Server had the potential to “rule the rack” and now it seems that we have some substance to back that boast up.