How to navigate the shifting sands of macOS Server

Apple's been moving to deprecate a variety of services it once supported and has now posted a Service Migration Guide for users. Here's what's important and what you should do now as you eye a migration.

macos server

Earlier this year, the fate of macOS Server was thrown up in the air after Apple announced it would be deprecating virtually all of the components of what had been a robust solution for the SMB market. Now, Apple has posted a Service Migration Guide PDF on its support site, a 43-page document that details the services Apple will no longer support. Essentially, it's a guide to moving off macOS Server, with directions for moving to open-source alternatives that can run on the same hardware as macOS Server.

In many cases, the transition should be relatively painless, as macOS Server (and macOS as a platform) have largely implemented core services using these open-source components. So installing the "pure" version of these platforms - and migrating data to them - can be an easy process. There are, however, services that were created and maintained by Apple as part of the open-source community, and there's no guarantee those tools will be supported down the road.

With that in mind, here's what macOS Server users need to know to do a successful migration.

Consider alternatives to Apple's suggested strategy

Even though Apple is providing a migration guide to specific open-source solutions for macOS Server components, there's no reason to limit yourself to these options alone. The guide serves mainly to move users away from macOS Server as efficiently as possible. You should use this opportunity to revisit the macOS Server components used in your organization. In many cases, there are other services - many of them cloud-based - that make more sense for your needs rather than sticking with the services in Apple's guide.

It's also important to consider that if you move to an alternative, you may still want to use the steps suggested by Apple as a way to de-Appleize the services during the migration. As noted earlier, the services Apple suggests are industry standard open-source solutions.

Apple's suggestions for 10 service migrations

Apple's guide includes migration instructions and advice for 10 services. For the specific migration steps, you can refer to the guide itself. But I do have advice and options for each of these services (beyond Apple's suggestions).

DNS: DNS in macOS Server has always been powered by the Unix bind solution. In many cases, DNS services are likely running as part of your network infrastructure rather than running on macOS Server. Therefore, this shouldn't be an issue in many situations. If you are running DNS at a small business or for a department within a larger company, you'll want to examine whether you actually need DNS and why. If you're a small business, a better option is typically to rely on your Internet provider. If you have a need for internal DNS, you should determine whether you can accomplish this through a router or similar appliance. Similarly, if you're running a department-specific server or services, you can speak to the network management group about hosting your records. If none of these options exist, then it may be that running your own DNS is really your best option. You can follow Apple's instructions for moving to bind without macOS Server's interface or look to other server platforms that offer DNS.

DHCP: Like DNS, DHCP is typically a part of your infrastructure. For small businesses, DHCP is provided automatically by wired and wireless routers; relying on these is probably your best option. You may want to explore the small business router options on the market if you need more flexibility than what's provided by consumer solutions. An example would be the need to define static routes or static IP configurations. Departmental servers providing DHCP are almost universally served by decommissioning the service and relying on the enterprise-wide infrastructure. One exception: if you're providing DHCP for the purpose of NetInstall (because NetInstall requires DHCP.) This is discussed in Apple's Migration Guide.

VPN: VPN is also something that's often part of the overall network infrastructure. Because VPN allows secure remote connectivity, its management should be left to the larger networking group of an enterprise. For small businesses, many small office/home office (SOHO) routers provide VPN options. If you rely on public cloud services, you may not even have a need for remote access since documents, resources and services can be accessed equally well and securely regardless of whether you're connecting from home or the office.

Radius Wi-Fi authentication and Apple Wi-Fi devices: Radius authentication allows users to authenticate to Wi-Fi networks using a network user account rather than just a network password. This greatly enhances security and should be implemented if possible. Again, this is something that falls under network management purview in an enterprise environment and should be left to network pros. For small businesses, it may be easier to simply configure multiple user accounts on a SOHO router, particularly if there are only a handful of users. For small businesses that have been using macOS Server to manage Apple's AirPort line of routers, which the company has stopped selling, you can shift to Apple's AirPort Utility app for macOS and/or iOS.

NetInstall: NetInstall is a powerful deployment option because Macs boot from a network server and then install a fresh copy of macOS, various applications and needed configuration data - including the configuration of various services. Apple has already removed NetInstall support on recent MacBook Pro models and appears set to do so on all future Macs. This means that a completely different deployment solution will be needed, a challenge I'll discuss later. Apple does provide information on maintaining NetInstall functionality, included required services, in its guide.

Websites: In my opinion, websites should simply be migrated off macOS Server. If you're a small business that needs a web presence, you're best served by an outside web host. In addition to tackling the deprecation of macOS Server, this will almost certainly provide you with more reliable service and, potentially, better design and support services. If you want to maintain the equivalent of a company or department intranet, you can consider a range of cloud options that are on the market. One exception is if you need a web service to integrate Apple's Profile Manager. In that case - you guess it - refer to Apple's guidance.

Wiki: The Wiki service in macOS Server never gained a lot of traction, which is a shame because it was a great internal collaboration option for small businesses. Technology, however, is different than it was when Apple introduced this service in Leopard server. There are a wide range of collaboration and internal social media services available now, each with its own advantages, including Slack, Workplace by FaceBook, Cisco Spark, Hipchat, Ryver and several others.

Calendar and Contacts: Although there are specific packages for shared calendars and contacts on the market (including those suggested in the Apple guide), the reality is that this functionality should be tied to your email service and provide a single interface for users wherever possible. Outlook, probably the most used email option in business, ties email, contacts and calendars together for good reason - they are closely related to each other. If your business is already using Exchange for mail, it will offer these services. If you opt for a cloud-based email solution, be it through Google G-Suite, Office 365 or some other provider, these services will be provided. Your best bet is to simply consider the servers as an extension of email.

FTP: In todays mobile and cloud-first world, there isn't really a need for FTP service in the vast majority or organization. Like other file-sharing options, FTP's use case has been taken over by cloud storage that can be accessed in multiple ways (and with collaboration embedded into their services).

Software Update: Apple has deprecated the Software Update Service in macOS Server and suggests that updates now be managed by third-party MDM services. This is a logical approach and makes the need to host a local update server obsolete. That said, caching frequently accessed updates, apps and content locally still has value because local content can download faster - and it doesn't put any pressure on your Internet connection. For that reason, Apple is maintaining the macOS Caching service but moved it from macOS Server into macOS High Sierra and later OS releases.

Other services that should be part of a migration strategy

Email: As I noted earlier, email is typically provided organization-wide in larger businesses. That can mean an on-premise mail server or a cloud offering. In either case, it is more efficient and effective for small businesses now hosting their own mail service to look at cloud options. The management is typically simpler and the server more secure and reliable than running an on-premise mail service for just a handful of users.

Messaging: This is another service Apple has offered in macOS Server (via the open source jabber platform) that many organizations haven't implemented. Messages is, of course, a powerful way for employees to connect in real-time throughout the day. There are, however, a number of alternatives that also tie into third-party collaboration options like those mentioned in the wiki discussion above. Cloud collaboration services essentially replicates internal messaging.

Firewall: Although macOS Server offers a firewall that can protect the server and help protect clients, this should be implemented across the board by network and security specialists. That goes for small businesses, which can take advantage of the capabilities built into SOHO routers and other network protection solutions tailored to the market.

File sharing: It goes without saying that cloud storage has largely supplanted a local file server for convenience, security and reliability. Cloud storage also integrates with other cloud services to provide a unified whole for sharing and collaborating on content. One issue - which companies in this arena as well as others such as mobile management - have begun to address is tracking where documents are stored in the cloud when multiple services are in active use - either as officially sanctioned services or those implemented by so-called shadow IT operators.

Deployment: Deployment is an area where Apple is really rewriting the traditional IT playbook. For decades now, local deployment solutions like NetInstall have allowed Mac administrators to easily deploy upgrades, roll out new Macs, and provide updates. Over the past five or so years, however, Apple has been moving to an MDM-focused model for deployments, particularly when paired with the company's Device Enrollment Program (DEP) and Apple Business Manager, which allows company-purchased devices to be linked to corporate EMM software out of the gate. As a result, devices are configured with apps, settings and accounts without direct IT involvement. This model, which Apple debuted on iOS is much simpler for IT and Apple is now focusing on it for Macs, which rely on the same MDM framework as iOS and tvOS devices. Transitioning to this model may take time and effort, and non-Apple options such as JAMF Pro and JAMF Now, are great options to consider.

Backups: One advantage to going all-in on the cloud is that cloud services sync key business data automatically and then have their own fault-tolerance and recovery solutions. So local backups aren't as crucial as they once were. That doesn't mean backups shouldn't be considered a priority, but it does mean that this consideration needs to be part of a larger discussion across departments. Small businesses can choose between maintaining a local backup using network attached storage (NAS) or plugging a storage drive into a router and implementing backups locally to that device - along with developing a strategy for backing it up. There are also cloud backup options from companies that specifically target Mac business backups.

Final thoughts

Although challenging for some Apple-focused IT professionals, Apple's move away from macOS Server can be a positive experience for many organizations. Many businesses of all sizes can achieve a good deal of functionality with other solutions. Apple acknowledged this up front when it announced in February that it was deprecating these services, offering up the following disclaimer:

"As hosted services have become widespread - and the need to keep software up to date is more important than ever - Apple is making some changes to macOS Server...."

It's clear the company sees the cloud and an enterprise mobility approach as the bet way forward for many of its business customers, even if that means those customers rely on other third-party solutions. The opportunity to truly evaluate the options available is important to take seriously and it's well worth the time to do so thoughtfully and pro-actively. Apple's guide serves as a smart blueprint for maintaining services while allowing them to promnptly starting looking at the appropriate next steps.

Copyright © 2018 IDG Communications, Inc.

Bing’s AI chatbot came to work for me. I had to fire it.
Shop Tech Products at Amazon