Skip the navigation

What's new in Leopard Server

October 28, 2007 12:00 PM ET
For its part, Login can now automatically set the computer name displayed in the log-in window to that of a Mac's computer record. This is helpful for NetBoot and NetInstall clients, which might otherwise all display the same name, and for ensuring naming consistency across a network.

Also new in Login is an option for external accounts whose home directory resides on an external hard drive that users can carry with them, and the option for a Guest account. A new Access tab allows administrators to restrict which users and groups can log into a computer or all computers in a computer group. The ability to limit access was previously available for computer lists rather than for individual computers.

Also on the Access tab are choices for how multiple managed group settings are applied.

Out of this group of managed preferences, Mobility -- the preference that allows mobile accounts for computers that leave a network -- has gotten the most updates. Administrators can now choose more advanced options for how a user's local home folder on the mobile computer syncs with the user's network home folder. Home folders on mobile computers now support file-vault encryption, a tool for securing business data on mobile computers.

Administrators can also now define the location of the home folders on mobile computers or allow users to decide where their home folders will be stored -- including external drives, allowing the aforementioned external accounts. Finally, mobile accounts can now be set for automatic deletion after a period of inactivity -- again, a nice security touch.

updated mobility preferences

The updated mobility preferences. (Click for larger view.)

Enhanced directory services

Open Directory, the native directory service in Mac OS X, has gotten several major updates in Leopard Server as well as some significant under-the-hood changes for Leopard clients. The first of these server updates is two-tiered replication. This replaces the hub-and-spoke system of replication used in previous releases -- that's where a single Open Directory master issued updates to one or more replicas.

Note: The major under-the-hood change in Leopard is that Apple has retired the use of the outdated NetInfo technology as a mechanism for storing local user accounts and related information, and has replaced the NetInfo database with a series of property list (.plist files). We'll have more coverage of this in upcoming stories.

Two-tiered or cascading replication now allows for a single Open Directory master server to have up to 32 replicas that can each have up to 32 replicas of their own. This allows for richer replication topologies and increases performance of the Open Directory master, and as a result, the entire infrastructure in networks with large numbers of replicas. It also means that existing networks with more than 32 replicas will need to be redesigned.

Another important point is that all Open Directory servers within a network will need to be upgraded at the same time because replication between Leopard Server and Tiger Server is not supported.

Open Directory now supports cross-domain authorization. This allows an Open Directory master to be bound to another LDAP-based directory server, including Active Directory. The Open Directory master can then authorize access to services for users whose accounts reside in the directory system to which it is connected via Kerberos.

This feature allows for enhanced integration with other directory systems within a network, and allows Mac OS X Server to function as a middleman for directory services. This should permit simpler support for Mac OS X in a dual-platform network with Windows Server and Active Directory.

In fact, Active Directory support has been improved on both the client and server side of Leopard. Active Directory authentication now fully supports digital signing and all Windows 2003 Server security options. The process by which Mac OS X discovers Active Directory domain controllers has also been updated so that it behaves more like a Windows client when working with Active Directory site topologies.

In this story...

Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!