Opinion: Mac OS X Leopard Server Preview

When Apple unveiled the complete feature set of its next release of Mac OS X, known as Leopard or Mac OS X 10.5, it garnered a lot of impressive feedback for both its new features and redesigned user interface. Judging from Apple's various Leopard demonstrations, the new operating system appears to be well worth all the oohs and ahhs that it has won from commentators.

Likewise, its cousin -- Mac OS X Server 10.5, also known as Leopard Server -- sports an array of new features and technologies. Here's a look at some of the most interesting and impressive.

Simplified setup and server preferences

One of the most anticipated new features is a simplified interface designed for small businesses with few or no IT staffers requiring the power and features of a server platform. Typically, these companies cannot afford to hire a systems administrator or consultant to deploy and/or manage day-to-day operations. The simplified setup autoconfigures many of Mac OS X Server's technologies, including file and print services, and mail service -- either acting as a full-featured mail server or passing messages to an ISP's server.

Other features include collaborative Web services such as blogs and wikis, internal instant messaging, shared calendaring, VPN technology and Open Directory, Mac OS X's native directory service. The sheer number of traditionally complex tasks that Apple will allow users to bypass with this simplified setup is almost mind-boggling. Of course, for more savvy administrators and those who need specific configurations for services, Leopard Server also offers the traditional Mac OS X Server administration tools and options.

Beyond just making server setup easy, Apple claims that configuring access to the server will be equally simple. New client computers will automatically detect servers and configure access to them. Presumably, this will be accomplished with a combination of Apple's Bonjour zero-configuration networking technology -- to locate servers within a network or subnet -- and Open Directory, which already offers capabilities to manage and configure various operating system and application settings on Mac OS X clients.

In addition to a much-simplified setup process, Leopard Server will offer a new administration tool known as Server Preferences. The Server Preferences interface will be very similar to that of Mac OS X's System Preferences utility. It will include panes for basic tasks such as adding/editing user accounts, setting up and managing shared folders, and configuring available services. It will also provide options for setting up a firewall and backups using Apple's Time Machine, one of the major features of Leopard.

Judging from the screenshots that Apple has included on its Web site, Server Preferences does appear to provide users with an easy-to-navigate and easy-to-understand method for completing the most common server tasks. It appears, though, that this happens at the expense of the granularity and sophistication offered by more traditional administration tools.

As a whole, the simplified setup concept appears to be solid, though at this point it is difficult to assess exactly how well it will function in the real world. It is reasonable to assume that the basic setup and management tasks will function fairly well. On the other hand, troubleshooting and resolving server problems -- particularly issues in Open Directory, which can be tricky for even experienced administrators and often requires specialized command-line tools -- may be a different story altogether.

If Apple does pull off simplified setup as well as it promises, Mac OS X Server could open a whole new market for the company as a small- and home-office server that easily and intuitively supports both Mac and Windows clients. This is a market for which there are limited exceptional products, and most don't offer the scalability that Leopard Server will provide, with its ability to switch to more traditional server administration after a simplified setup.

Improved administration tools

Along with the new Server Preferences application, the more robust Server Admin and Workgroup Manager will be getting a makeover as well. These are tools to configure Mac OS X Server services, share points and accounts.

Both will offer tiered administration. Server Admin will also gain new tools for managing file-sharing and permission structures; it isn't clear whether these are being moved over from Workgroup Manager or not. Another new feature is the ability to organize servers into groups and "smart" groups that are generated dynamically based on specified criteria for easier administration.

For its part, Workgroup Manager will gain command-line administration capabilities for managed preferences. This is useful for administrators who are more comfortable managing servers from the command line, and it helps with preference management when administering a remote server via SSH. Hierarchical group management tools will also be part of Workgroup Manager. It also seems that additional managed-preferences options may be added to the current set, which hasn't changed much since managed preferences were originally introduced. Apple's Web site lists parental controls, Dashboard and Front Row as examples of managed preferences that can be set via command-line administration; none of them are currently available in Tiger's managed preferences model.

iCal Server

One of the things missing from Mac OS X Server's built-in features is a service for shared calendars. This functionality has been a staple of Microsoft's Exchange Server and Outlook client for years. Although Apple has provided both mail services and -- through Open Directory's LDAP interface -- the capability for centralized shared contacts, it hasn't provided a full network collaboration or personal information management tool. Leopard will fill that gap with a server designed to integrate with Mac OS X's iCal or any other CalDAV-compliant application. (Microsoft's Outlook doesn't meet this requirement, though an open-source connector for Outlook is in development.)

In another departure from Exchange, Apple is not merging its calendaring software with its messaging products, which include both mail services and the Jabber-based iChat Server. Instead, iCal Server will be a separate service, allowing administrators and users access to e-mail and calendaring independently of each other. Even so, public demonstrations of Leopard indicate that Apple will integrate its mail and iCal applications more closely in Leopard than in previous Mac OS X releases. It is unclear at this point whether other typical but not specifically calendar-related features, such as notes and to-dos, will be part of iCal Server.

ICal Server will be available from both the simplified Server Preferences functions and the more advanced Server Admin tools. It will offer many of the typical features of a shared calendar tool, including the ability to track free/busy time, share more detailed calendar information with specific users, track attendees to events, and provide notes and location information about events. ICal will also be able to invite users to an event via e-mail, which again further illustrates the integration of Mail and iCal, as well as the Mac OS X Address Book application.

Like most Mac OS X Server features, iCal will be tightly integrated with Open Directory. This should allow iCal Server to be deployed within networks that are managed by other directory services, such as Microsoft's Active Directory. Since Mac OS X Server and all of its services do not require per-seat licensing, this could provide a low-cost and effective alternative to Exchange in a Windows or multiplatform environment.

Wikis, blogs and staff directories made easy

If iCal Server makes you think that Apple is taking a step in the direction of providing a collaborative work environment, then some of the other features will seem like an all-out sprint in that direction. Wikis have been around for some time, and many tech-savvy users are familiar with the concept of a collaborative Web space where members can read and edit content, and even view previous versions and revision histories.

Leopard Server will include wiki support, integrated with user and group accounts stored in Open Directory. It will also continue to support user blogs, which became a standard component in Panther Server. Although it is possible to install a number of wiki servers on Tiger Server, Leopard Server will offer the ability to have these wiki servers closely tied to Open Directory for access management. This includes setup through Server Preferences. Also, the operating system's support for group calendars will make the wiki servers easier to set up and manage and will provide users with a ready-to-use service.

But wikis and blogs aren't the only collaborative aids that Leopard Server will debut. A new Mac OS X application called Directory will harness directory services information in a way not seen on Mac OS X Server. It will give users a simple way to search for information about virtually any person, group or event within an organization.

Directory will contain personnel and departmental information, and links to wikis and blogs related to individuals or groups. Directory will also include details about events, equipment and even maps that show exactly where someone's office or a meeting is located. It will be interesting to see what tools Apple provides for developing building maps to be used in Directory.

Administrators will be able to not only disseminate information through Directory, but also to allow users to modify their own information and to set access rights to available information. In effect, there will be a single source for employees to access any needed information about their organizations, to locate and connect with go-to people about specific tasks, and to provide collaborative interaction and calendar access. Taken together, this could make Directory one of the most revolutionary advances in Leopard Server.

Leveraging distributed computing for quick and simple podcasting

Apple is no stranger to podcasting. The company offers easy access to an array of podcasts through the directory associated with the iTunes store, and it has made podcasting a tool for educators with iTunes U. So it seems almost natural that Leopard Server should include a mechanism to host podcasts.

But Apple is going further than providing users with access to simple podcast tools. Podcast Producer can actually automate the complete podcast production and distribution process, from recording through editing and encoding to generating a podcast's RSS feed and notifying users and the iTunes Podcast Directory of new episodes.

For faculty members in educational environments, as well as other content producers, this will be an amazing and revolutionary tool. Lecturers need not worry about editing or uploading files. They will be able to use a simple application to begin, pause and end recording of their presentations. Once they stop recording, their content is transferred to a server or Xgrid cluster that takes over the process from there.

Administrators define automated workflows in Podcast Producer that handle the tasks of preparing and distributing the recording as a podcast. By relying on Xgrid and high-speed shared file systems like NFS or Apple's Xsan, Podcast Producer can dramatically reduce the time it takes to add audio, video or graphics to the podcast and encode the finished multimedia content into an appropriate format for iPods and other devices. It even supports integration with QuickTime Streaming Server for delivering content in nonpodcast formats.

A complete end-to-end system that can leverage Xgrid and Xsan to do the heavy lifting of producing a podcast is impressive and will make Podcast Producer a great tool. However, the real power will lie in the simplicity that it offers end users, many of whom may want to produce podcasts but who are intimidated or uncomfortable with the technical aspects of doing so. By providing a one-click solution, Apple will unlock the doors to recording, archiving and disseminating content for anyone with the interest or need to do so; it will be a particular aid to educators.

Searching across the network -- Spotlight Server and Wide-Area Bonjour

In earlier Mac OS X releases, Apple began offering users features to make it easier to locate resources and files. Bonjour, Apple's zero-configuration networking technology, allows Macs to automatically discover network resources ranging from shared iTunes libraries to file services and network printers on a local subnet. More recently, Apple introduced Spotlight, a search utility that relies on index files to easily locate files and other items quickly. It uses a large array of potential attributes, including the text content of a file.

Both technologies include the ability for third-party developers to integrate the tools with their products. In the case of Spotlight, developers are actively encouraged to create plug-ins for Spotlight that allow searching based on attributes specific to their products.

Both Spotlight and Bonjour will make their first enterprise-level appearances in Leopard Server. Spotlight Server will allow server volumes to be indexed in the same way that Mac OS X indexes local hard drives. Spotlight in Mac OS X Leopard will be able to forward search queries to Spotlight Server, transparently allowing users to have the same search capabilities and performance when working with mounted server volumes that they do with local drives. It will also index server volumes automatically, much like Spotlight already does, and it will integrate with and respect access-control lists and permissions set for share points, folders and files.

Apple hasn't released many details about Wide Area Bonjour, but it does promise to bring the self-discovery features of Bonjour to the entire network. Most likely, Wide-Area Bonjour will function similar to a WINS (Windows Internet Naming Service) server in a Windows network, providing a mechanism by which clients can query a server that maintains a list of available resources on each subnet and to which they can broadcast available resources. Whether this process will require manual configuration or be as self-configuring as Bonjour itself isn't clear. It also isn't clear how much control administrators will have over which resources are broadcast using Wide-Area Bonjour.

Open Directory 4

Open Directory, Mac OS X's native directory service, will get what seems to be a major upgrade. Details are scarce as to exactly what Open Directory 4 will feature, but Apple has said it will include better replication options (including cascading replication and support for replica sets), integration with RADIUS, cross-domain authentication and a new record type called "augment."

Apple engineers have reported that augment records will allow Macs in Active Directory environments to implement managed preferences -- and potentially other Open Directory- specific features -- without the need to extend the Active Directory schema. Exactly how this will be accomplished isn't clear, but it presents a huge coup for administrators who support Macs in an Active Directory environment. Integration with RADIUS is also a huge benefit; it will allow Open Directory accounts to be used to secure access to wireless networks.

Cross-domain authentication will make Open Directory more scalable and flexible by not needing a single monolithic domain to allow users from different locales or parts of an organization to be able to access various resources.

External accounts and a new generation of portable home directories

In Panther Server, Apple developed mobile accounts that can be used to store a copy of a user's network account on a local computer. In Tiger Server, a home directory can also be stored on a local computer. This offers a solution for portable Macs that leave a network and for users who must operate over a slow network connection to the server.

Leopard Server will offer another alternative -- accounts that have a home directory stored on removable drives such as external hard drives. This feature lets users carry a home directory with them from one computer to another, either to multiple computers in a school or office or even between home and work/school. External accounts can have managed preferences enforced on them and can use FileVault to secure the contents of the portable home directory associated with them.

The idea of removable home directories is a novel one. It combines the flexibility of mobile accounts and their use of portable home directories with the ease of a single home directory in the mode of a traditional, nonmobile Mac OS X network account. Somewhat ingenious, it does raise some questions about who is responsible for the data contained in the home directory, particularly if it is used with computers outside of an organization's network. It could also have security implications if the drive containing the home directory is lost or stolen -- and it may be costly and unwieldy to widely implement.

Not new, but improved

In addition to several new features in Leopard Server, many existing technologies are getting noteworthy updates. One is 64-bit processor support. While Mac OS X has offered 64-bit application support, Mac OS X Server has not done so, to ensure the stability and compatibility of 64-bit and 32-bit applications. Leopard Server will offer the ability to seamlessly run both 64- and 32-bit services and applications side by side, and many services, including mail and Web services, will be 64-bit.

Apple's NetBoot, which allows computers to boot from disk images hosted on a server instead of booting from a local hard disk, has been a powerful technology since the very beginning of Mac OS X Server. Its younger sibling NetInstall offers the ability to boot from a server and then deploy Mac OS X or updates to a Mac's local hard drive. This includes complete hard drive images with settings already configured and applications already installed.

Leopard Server promises to make the process of creating images and setting them up for network booting a much simpler two-step process. It will also offer the ability to deploy a dual-boot Mac/Windows environment using NetBoot or NetInstall and Apple's Boot Camp. Deploying Boot Camp remotely is currently a tricky process at best, though virtualization tools Parallels Desktop and VMware Fusion can easily be incorporated into NetBoot or NetInstall images.

File and print services have been updated for "dramatically improved performance" and scalability. NFS, often considered to be by far the least secure file service in Mac OS X Server, can now be secured using Kerberos. Also being introduced is AutoFS volume mounting, for increased scalability and performance when mounting and sharing networked storage.

IChat Server, Mac OS X's Server's Jabber-based instant messaging software, will get some welcome additions. Kerberos support is being added to allow secure access, via single sign-on, to iChat servers. Other options automatically generate buddy lists for users and store messages sent to offline users. Also, users can communicate with other iChat or Jabber servers within a network or on the Internet. (This feature can be enabled in Tiger Server by modifying the Jabberd configuration file).

Xgrid 2 introduces a new concept known as GridAnywhere, which allows Xgrid-enabled software to run on machines of your choice. This is true even if an Xgrid controller and agents haven't been configured for the software. Xgrid 2 also supports a tool known as Scoreboard for setting job priorities and assigning jobs to specific agents. Want to see more of what's in store in Leopard Server? Check out Apple's Leopard Server Sneak Peak.

Ryan Faas is a freelance writer and technology consultant specializing in Mac and multiplatform network issues. In addition to writing for Computerworld, he is a frequent contributor to InformIT.com. Ryan was also the co-author of O'Reilly's Essential Mac OS X Panther Server Administration. You can find more information about Ryan, his consulting services and recently published work at www.ryanfaas.com, and you can e-mail him at ryan@ryanfaas.com.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies