Opinion: Mac OS X Leopard Server Preview

1 2 Page 2
Page 2 of 2

Both Spotlight and Bonjour will make their first enterprise-level appearances in Leopard Server. Spotlight Server will allow server volumes to be indexed in the same way that Mac OS X indexes local hard drives. Spotlight in Mac OS X Leopard will be able to forward search queries to Spotlight Server, transparently allowing users to have the same search capabilities and performance when working with mounted server volumes that they do with local drives. It will also index server volumes automatically, much like Spotlight already does, and it will integrate with and respect access-control lists and permissions set for share points, folders and files.

Apple hasn't released many details about Wide Area Bonjour, but it does promise to bring the self-discovery features of Bonjour to the entire network. Most likely, Wide-Area Bonjour will function similar to a WINS (Windows Internet Naming Service) server in a Windows network, providing a mechanism by which clients can query a server that maintains a list of available resources on each subnet and to which they can broadcast available resources. Whether this process will require manual configuration or be as self-configuring as Bonjour itself isn't clear. It also isn't clear how much control administrators will have over which resources are broadcast using Wide-Area Bonjour.

Open Directory 4

Open Directory, Mac OS X's native directory service, will get what seems to be a major upgrade. Details are scarce as to exactly what Open Directory 4 will feature, but Apple has said it will include better replication options (including cascading replication and support for replica sets), integration with RADIUS, cross-domain authentication and a new record type called "augment."

Apple engineers have reported that augment records will allow Macs in Active Directory environments to implement managed preferences -- and potentially other Open Directory- specific features -- without the need to extend the Active Directory schema. Exactly how this will be accomplished isn't clear, but it presents a huge coup for administrators who support Macs in an Active Directory environment. Integration with RADIUS is also a huge benefit; it will allow Open Directory accounts to be used to secure access to wireless networks.

Cross-domain authentication will make Open Directory more scalable and flexible by not needing a single monolithic domain to allow users from different locales or parts of an organization to be able to access various resources.

External accounts and a new generation of portable home directories

In Panther Server, Apple developed mobile accounts that can be used to store a copy of a user's network account on a local computer. In Tiger Server, a home directory can also be stored on a local computer. This offers a solution for portable Macs that leave a network and for users who must operate over a slow network connection to the server.

Leopard Server will offer another alternative -- accounts that have a home directory stored on removable drives such as external hard drives. This feature lets users carry a home directory with them from one computer to another, either to multiple computers in a school or office or even between home and work/school. External accounts can have managed preferences enforced on them and can use FileVault to secure the contents of the portable home directory associated with them.

The idea of removable home directories is a novel one. It combines the flexibility of mobile accounts and their use of portable home directories with the ease of a single home directory in the mode of a traditional, nonmobile Mac OS X network account. Somewhat ingenious, it does raise some questions about who is responsible for the data contained in the home directory, particularly if it is used with computers outside of an organization's network. It could also have security implications if the drive containing the home directory is lost or stolen -- and it may be costly and unwieldy to widely implement.

Not new, but improved

In addition to several new features in Leopard Server, many existing technologies are getting noteworthy updates. One is 64-bit processor support. While Mac OS X has offered 64-bit application support, Mac OS X Server has not done so, to ensure the stability and compatibility of 64-bit and 32-bit applications. Leopard Server will offer the ability to seamlessly run both 64- and 32-bit services and applications side by side, and many services, including mail and Web services, will be 64-bit.

Apple's NetBoot, which allows computers to boot from disk images hosted on a server instead of booting from a local hard disk, has been a powerful technology since the very beginning of Mac OS X Server. Its younger sibling NetInstall offers the ability to boot from a server and then deploy Mac OS X or updates to a Mac's local hard drive. This includes complete hard drive images with settings already configured and applications already installed.

Leopard Server promises to make the process of creating images and setting them up for network booting a much simpler two-step process. It will also offer the ability to deploy a dual-boot Mac/Windows environment using NetBoot or NetInstall and Apple's Boot Camp. Deploying Boot Camp remotely is currently a tricky process at best, though virtualization tools Parallels Desktop and VMware Fusion can easily be incorporated into NetBoot or NetInstall images.

File and print services have been updated for "dramatically improved performance" and scalability. NFS, often considered to be by far the least secure file service in Mac OS X Server, can now be secured using Kerberos. Also being introduced is AutoFS volume mounting, for increased scalability and performance when mounting and sharing networked storage.

IChat Server, Mac OS X's Server's Jabber-based instant messaging software, will get some welcome additions. Kerberos support is being added to allow secure access, via single sign-on, to iChat servers. Other options automatically generate buddy lists for users and store messages sent to offline users. Also, users can communicate with other iChat or Jabber servers within a network or on the Internet. (This feature can be enabled in Tiger Server by modifying the Jabberd configuration file).

Xgrid 2 introduces a new concept known as GridAnywhere, which allows Xgrid-enabled software to run on machines of your choice. This is true even if an Xgrid controller and agents haven't been configured for the software. Xgrid 2 also supports a tool known as Scoreboard for setting job priorities and assigning jobs to specific agents. Want to see more of what's in store in Leopard Server? Check out Apple's Leopard Server Sneak Peak.

Ryan Faas is a freelance writer and technology consultant specializing in Mac and multiplatform network issues. In addition to writing for Computerworld, he is a frequent contributor to InformIT.com. Ryan was also the co-author of O'Reilly's Essential Mac OS X Panther Server Administration. You can find more information about Ryan, his consulting services and recently published work at www.ryanfaas.com, and you can e-mail him at ryan@ryanfaas.com.

Copyright © 2007 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon