Much has been written about the recently released desktop version of Apple Computer’s newest operating system, Mac OS X 10.3, or Panther. I’m one of the many who think the Panther client software is rock-solid, has tremendous speed and utility advantages over its predecessor and is generally a better operating system than Windows XP.
But little has yet been said about Panther Server. Over the past week, I’ve given the new server operating system from Apple a detailed evaluation and have begun field testing. I am happy to say that it’s everything I had hoped for and more. This product is truly enterprise-ready, has many service and security improvements and should easily integrate into Mac-dominant or Windows-centric environments.
Over the next few weeks I’ll be looking at the various features of Panther Server, paying special attention to what works, what didn’t work before, and what may or may not work now. I plan to test QT Streaming, DHCP, NetBoot, VPN services and Windows domain hosting for XP clients and then show you how to make them work.
This week I’m going to show the operating system in general, identifying the new tools and structures and offering a closer look at the evolution of the user and share-management tool called Workgroup Manager.
The look of Panther
Panther server has the same great new look as the desktop version, as shown here in this screen shot of my test server.
The server-specific management tools are now separate from the other utilities, stored in a folder called Server that’s located in the Applications folder. Below you can see the various utilities offered by Apple with its server software. Included are tools for migrating from an AppleShare server, managing RAID hardware and the MySQL manager.
Notably absent are the Server Settings and Server Status tools, which have now been combined into the Server Admin tool. We’ll look at this tool more in my next column. Another useful addition is the QTSS Publisher tool, which simplifies the setup and management of the Quicktime streaming server. This tool offers a number of helpful features and can generate the HTML needed for connecting to the selected streaming clip.
Another tool is Server Monitor, which is designed only for monitoring the status of Xserve boxes. It would be nice if they could get it to work with regular desktops acting as servers, I can understand why Apple would be reluctant to endorse that sort of solution. They’d likely prefer customers buy an Xserve than a desktop machine.
Workgroup Manager is where user accounts are created, groups of users are managed, shares are set up and access rights assigned. One of the first noticeable changes in this tool is in the preferences area. My organization has more than 500 users, and they take a long time to list. For even larger enterprise accounts, the initial wait after launching this tool usually meant having time to get a cup of coffee. By limiting the search to requested records on start-up, that delay has been eliminated.
Moving on to the main body of the Workgroup Manager tool, corporate customers will find several security enhancements they can appreciate, including a simple on/off “switch” on the basic configuration tab. This can allow a systems administrator to instantly lock someone off his user account by denying a log-in — without having to change any account expiration or password settings.
I’m quite pleased to say that Apple has also delivered the account feature I was most interested in: a threshold for account lockout. Now, when a user enters his password incorrectly a predetermined number of times, the account is automatically denied log-in privileges.
It is also easier to identify an account that has been locked out, because the log-in button in the general tab will be unchecked when that threshold is triggered. (In case you’re reading this, Apple, for the next release I’d like to see a tab that pulls the user’s log-in information from the log files for easy correlation. But this is a great start.)
he other major improvement to the Workgroup Manager tool is the integration of netinfo directory editing services. The inspector tab allows an administrator to examine all of the attributes of a user’s account directly, and if there is corruption or some other custom information needed in the account, it can be added directly.
In support of the Panther server’s ability to emulate a Windows NT PDC and host a Windows domain, the Workgroup Manager has a tab dedicated to settings required to manage Windows log-ins, including the “share to drive” letter mappings specifying the log-in script and the location of the user’s home directory and profile. Though the home directory can be shared, I’d suggest that the profile be kept in a separate directory from the Apple profile. I’ll be taking a closer look at this in a few weeks and will report back in detail.
There are also many more options for managed desktops under Panther, including the ability to set start-up and shutdown times for my lab machines, and a roaming profile manager.
In the sharing tab, the options for share-mounting are more explicit, but otherwise they’re unchanged from Panther’s predecessor
So there you have a quick look at some of the changes and improvements in Panther Server. I suggest you get your own copy and begin experimenting to see how well it works and in the meantime I’ll continue to explore the features of this latest release and report back. Feel free to send me your questions, comments and curses. As always, I welcome your feedback to