What's new in Leopard Server
Also new in Login is an option for external accounts whose home directory resides on an external hard drive that users can carry with them, and the option for a Guest account. A new Access tab allows administrators to restrict which users and groups can log into a computer or all computers in a computer group. The ability to limit access was previously available for computer lists rather than for individual computers.
Also on the Access tab are choices for how multiple managed group settings are applied.
Out of this group of managed preferences, Mobility -- the preference that allows mobile accounts for computers that leave a network -- has gotten the most updates. Administrators can now choose more advanced options for how a user's local home folder on the mobile computer syncs with the user's network home folder. Home folders on mobile computers now support file-vault encryption, a tool for securing business data on mobile computers.
Administrators can also now define the location of the home folders on mobile computers or allow users to decide where their home folders will be stored -- including external drives, allowing the aforementioned external accounts. Finally, mobile accounts can now be set for automatic deletion after a period of inactivity -- again, a nice security touch.
The updated mobility preferences. (Click for larger view.)
Enhanced directory services
Open Directory, the native directory service in Mac OS X, has gotten several major updates in Leopard Server as well as some significant under-the-hood changes for Leopard clients. The first of these server updates is two-tiered replication. This replaces the hub-and-spoke system of replication used in previous releases -- that's where a single Open Directory master issued updates to one or more replicas.
Note: The major under-the-hood change in Leopard is that Apple has retired the use of the outdated NetInfo technology as a mechanism for storing local user accounts and related information, and has replaced the NetInfo database with a series of property list (.plist files). We'll have more coverage of this in upcoming stories.
Two-tiered or cascading replication now allows for a single Open Directory master server to have up to 32 replicas that can each have up to 32 replicas of their own. This allows for richer replication topologies and increases performance of the Open Directory master, and as a result, the entire infrastructure in networks with large numbers of replicas. It also means that existing networks with more than 32 replicas will need to be redesigned.
Another important point is that all Open Directory servers within a network will need to be upgraded at the same time because replication between Leopard Server and Tiger Server is not supported.
Open Directory now supports cross-domain authorization. This allows an Open Directory master to be bound to another LDAP-based directory server, including Active Directory. The Open Directory master can then authorize access to services for users whose accounts reside in the directory system to which it is connected via Kerberos.
This feature allows for enhanced integration with other directory systems within a network, and allows Mac OS X Server to function as a middleman for directory services. This should permit simpler support for Mac OS X in a dual-platform network with Windows Server and Active Directory.
In fact, Active Directory support has been improved on both the client and server side of Leopard. Active Directory authentication now fully supports digital signing and all Windows 2003 Server security options. The process by which Mac OS X discovers Active Directory domain controllers has also been updated so that it behaves more like a Windows client when working with Active Directory site topologies.
In this story...
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Piecing Together the Business Intelligence Puzzle Business intelligence (BI) technology collects and analyzes company data, delivering relevant information to corporate decision-makers in an effort to produce favorable outcomes.
- Harness IT -- An Introduction to Business Intelligence Solutions Learn the key selection criteria required to provide your organization with the capability to address structured data, unstructured data and mobile demands so...
- Business Intelligence Shows its Smarts Today's Business Intelligence (BI) tools provide a new way to think about data with self-service capabilities and user-friendly analytics that can be used...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- Testimonial: Cystic Fibrosis Trust Peter Hawkins, the Head of IT for Cystic Fibrosis Trust, discusses the role CommVault's Simpana software platform plays in improving the company's information... All Data Center White Papers | Webcasts