A Leopard Server Wish List

Friday Dec 21st 2007 by John Welch
Share:

Mac OS X 10.5 may be a big improvement over 10.4, but it's far from perfect.

Having had a chance to really test Mac OS X 10.5 Leopard Server, I'm still impressed. I still think it's the best server release Apple has ever had, especially from the SMB point of view. However, like every bit of software ever released anywhere, it's not perfect, and there are some things I'd like to see improved or fixed.

Discuss this article in the ServerWatch discussion forum

Unsure About an Acronym or Term?
Search the ServerWatch Glossary
 

Eliminate the Install Silos

One of the cool things Apple did with Mac OS X 10.5 Server is make setting it up simpler for those with simple needs, i.e. the "Workgroup" setup. The problem is the setup types are fairly siloed. For example, if you use the Workgroup setup because you want some really cool features, like importing Active Directory users for augment records or ease of setting up iCal Server, you're unable to get to any features outside of what you get in Server Preferences. If you attach to the server in Server Admin, and you say you want to now use it in "Advanced" mode, you can't use Server Preferences with it. No big deal, right? Well, it is if you want to create more augmented users because in "Advanced" mode you have to use Workgroup Manager for user management, and Workgroup Manager can't import Active Directory users to create augment records.

If you install simple, you can go advanced, but you can't go back. If you install advanced, you can't use any of the simple features. In my world "Advanced" doesn't mean "more crippled than simple." Sure, you can create augment records manually, but why? This is silly. Even worse, to even see augmented users, you have to enable "Show All Records" in the preferences and then manually find the "augments" entry, to even see them. "Advanced" should not be synonymous with "make it harder than it needs to be."

Eliminate "Almost" Setting Up Services

As a few people know, I'm a big fan of SNMP, and in Mac OS X 10.5, and Mac OS X 10.5 Server, SNMP got a huge update. But still, to set it up on server, the only thing you can do with Server Admin is to turn it on. To configure it, you're deep into snmpconf and the .conf files. Really, it's not hard to put a decent user interface on this. If Apple was smart, it could lead the way toward encouraging the use of SNMPv3, which allows for encryption and "real" authentication. NTP setup? On/off. No way to set any options. Same thing with SSH.

Make Directory a Bit Less Restrictive

The Directory application: Great way to set up groups, resources and more in Mac OS X 10.5 Server. However, if you have more than 500 people or groups in your directory service, well, good luck browsing that list. Directory will not display all records if there are more than 500 entries in what you're displaying. You can't even manually select it.

John C. Welch is a Unix/Open Systems Administrator for Kansas City Life Insurance, and a regular speaker at Macworld Expo on IT issues.

This article was originally published on Datamation.

Continued: iCal server, Groupware services

More Flexibility and Ease of Use for External Directory Users in iCal Server

iCal server is a neat product, but if you have users hosted with other directory services, such as Active Directory, or eDirectory, there's some silly pain there. For example, you have Kerberos v5 to authenticate for external directory users, but that's not all that clear. When setting up access, even in iCal for external directory users, even though the standard default port for iCal server is 8008, if you don't manually put that in the URL string, you can't connect, and the error message looks more like a Kerberos message than a wrong port message. Oh, and if there's a way to get delegation to work in iCal between Open Directory and Augment users, I've yet to figure it out.

Discuss this article in the ServerWatch discussion forum

Unsure About an Acronym or Term?
Search the ServerWatch Glossary
 

An OWA Layer for Groupware Services

Yes, I know, Apple isn't here to push Windows software. Except for Safari ... or iTunes. But honestly, the state of CalDAV clients on Windows sucks. Point blank. There are some plugins for Outlook in work, but that's an annoying solution to manage and support if you have a lot of Windows boxes. A better idea that would make using Mac OS X 10.5 Server easier in heterogeneous shops would be an Outlook Web Access, or OWA layer for Mac OS X 10.5 Server's groupware. That way, you would just point Outlook 2003 or later, or Entourage at a single URL, and as far as their concerned, it's just an odd version of Exchange. No software to install or manage, no plugin interactions to support. It's a "Win" for everyone (pun fully intended).

Still Too Hard to Visualize and Create Open Directory Structures

One of the biggest complaints with Apple's tools is that actual directory management with them is really tedious compared to other directory services. For example, with Active Directory, I can easily view all my containers (CNs), and organizational units (OUs), as a single tree. If I want to create a container or OU, it's a single right click operation. If I want to move users in and out of structures, dead simple. With Apple's tools, you can't really view your overall directory structure at all. Creating OUs is especially tedious, but even creating CNs isn't as easy as it should be. Moving items around the directory is counterintuitive for the native structures Apple users, and for custom OUs or CNs, it's even worse. This is a serious problem for Open Directory, especially in situations where it has to go up against better implementations like Active Directory and eDirectory.

Overall, Mac OS X 10.5 Server is a big improvement, but it's not completely done yet.

John C. Welch is a Unix/Open Systems Administrator for Kansas City Life Insurance, and a regular speaker at Macworld Expo on IT issues.

This article was originally published on Datamation.

Share:
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved