IS it possible to setup a Mac server on a PC Network?

[Headexploding]

Hello - I'm new to a job and overstressed on day 3. I was wondering if anyone had run into major issues ( not samba stuff.. thats easy enough) setting up a MAC Server using the new snow leopard. I'm looking at it as a STABLE server with unlimited clients. There wont' be any program sharing going on.. essentially just logon management and file protection.
What I have now-- About 20 PC's ( ALL varieties -- Millienum(will be switching that to ubuntu most likely), XP, XP Media Center, Vista HOME, 7 Home and Pro. ) all on a peer to peer network. Obviously the HOME systems don't cooperate on the microsoft network.
Anyone have any ideas here? I need to control access to the "server based files" and be able to track loggins and passwords and have access to printers.
Microsofts blood sucking server is not even remotely close to being a option since they went to the per seat license AFTER you pay the thousand bucks for the crappy server software. Not to mention that I am not impressed with the entire active directory schema.
Well.
There it is..
Suggestions welcomed.

 

[thejadedmonkey]

Um... whomever hired you should fire you. Trying to put a square peg into a round hole is BAD idea.

Active domain is the best. period. Apple's OS X server is good, but not quite on the same level. Especially in mixed or PC environments. I'm curious, why haven't you tried upgrading the PC's to Windows 7, and a small business server?

It looks like SBS Essentials is less than the cost of a mac mini, sans hardware, and I'm pretty sure you could get SBS Plus hardware from Dell for under 2 grand (less than the cost of a powermac alone).

Quite honestly, you're looking at around $3k to upgrade all the PC's to Windows 7, buy a server, and use SBS, versus around $2.5 for a Mac Pro with OS X server, plus all the headache that comes with trying to run a mixed mac/PC and mixed Windows OS environment. It may be OK for home use, but not so much for an office that needs 100% reliability.

 

[chrismacguy]

Um... whomever hired you should fire you. Trying to put a square peg into a round hole is BAD idea.

Active domain is the best. period. Apple's OS X server is good, but not quite on the same level. Especially in mixed or PC environments. I'm curious, why haven't you tried upgrading the PC's to Windows 7, and a small business server?.

+1 - Windows SBS is easily the best solution for any PC Network (It also wont have issues that can appear on Mac OS X Server, file sharing etc can happily fall over, Ive had it happen and it isnt a good idea, especially not if your going to learn OS X Server from scratch/close-to-scratch)

 

[onecajun]

Servers

I do agree with trying to match things up, but for some unseen reason my mac servers have a higher transfer rate over the network than any of my windows servers ever did. I do also think servers running different operating system technologies would be more secure than ones running the same types as the production systems on the network.

 

[camiloken]

Of Course it can be done

Set up the Server as OD Master. Make some users with workgroup manager.
Setup the SMB Service to Primary Domain Controller.
On the client bind them on with the domain controller name and DirAdmin credentials. This only work on "Professional" versions of windows though.

Some windows client might need some security features removed for compatibility.

 

[GLS]

Set up the Server as OD Master. Make some users with workgroup manager.
Setup the SMB Service to Primary Domain Controller.
On the client bind them on with the domain controller name and DirAdmin credentials. This only work on "Professional" versions of windows though.

Some windows client might need some security features removed for compatibility.

This could take care of your needs....except your Home version of Windows you will need to do some handiwork.

Having said that, Active Directory is bitchin'. I administer over 1200 Windows desktops, and a dozen Windows servers. No way does Open Directory match what I can do with AD.

For you to come out and state that you are "not impressed with the entire active directory schema" says a lot about your abilities.

If costs are a concern, perhaps you need to look into setting up a Ubuntu server, and emulating a PDC. You will not have the capabilities of AD, but you will be able to audit/secure network shares, and setup print queues.

 

[onecajun]

Comment to GLS

Hey GLS, it is true I do not have any active directory experience, I do think that is the reason behind the lack of liking or (understanding). If your full time job is a network admin things are a little simpler. Some of us have 2 or more full time jobs so we can not be as experienced as a man that eats, sleeps, breethes active directory.

When everything is planned from the begining and things are purchased as a complete set everything works out the box. Walking in after the fact and making things work together that was not designed to work together is what most small to med size companys fight with.

 

[GLS]

Hey GLS, it is true I do not have any active directory experience, I do think that is the reason behind the lack of liking or (understanding). If your full time job is a network admin things are a little simpler. Some of us have 2 or more full time jobs so we can not be as experienced as a man that eats, sleeps, breethes active directory.

When everything is planned from the begining and things are purchased as a complete set everything works out the box. Walking in after the fact and making things work together that was not designed to work together is what most small to med size companys fight with.

Don't want to hear it. I've been at my current job a little over a year. My preceding job, I was the first IT admin they had...and I had to build the entire infrastructure from ground up...with no training, help, etc. My only mandate upon hiring at my current job was to "fix our network". My predecessors had no clue about a AD environment....and was doing peer to peer among all the desktops. Plus, I've had my hands tied financially so I've not been able to put together what the business needs....I'm able to take what they have, and better integrate it. In short, I inherited not only a Windows/Mac environment that was as dysfunctional as could be (no network segmentation....just one giant DHCP pool among a dozen sites all interconnected with 100 MB fiber that was choked down...and oh yeah, only FOUR T-1 lines for everything for internet access).

Point being....you are not the only admin who has inherited a mess of a network and been tasked with cleaning things up. But for you to come out and crap on AD (and then admitting you have no experience with it) speaks volumes. Never, ever in your chosen line of work disparage a technology, software, or hardware selection because it doesn't happen to be your personal choice. You will find in time that with what you are ultimately wanting to do with the Windows desktops, AD is the way to go.

And finally....I've never had the opportunity to purchase everything from the beginning "out of the box". A true network administrator will take inventory what they have, assess the situation, and repurpose/rebuild/rearrange to get their situation under control...then start adding the pieces necessary.

If all it took was money, then anyone could be a network admin...right?

 

[onecajun]

Rant central

WOW, ur a true ranter!!!! I did admit to not understanding active directory, I'll point out 1 more thing and I'll let you get back to running windows update for your active directory machines. How long does it take you to reload a server? at least a few hours....I can reload my macs in less than 20 minutes including the servers, patches, security settings... its so simple...trully my full time job is not a system administrator so the allocation of time I have is tiny; all I can say is hats off to you.

I really thought I was giving you a complement.

 

[GLS]

WOW, ur a true ranter!!!! I did admit to not understanding active directory, I'll point out 1 more thing and I'll let you get back to running windows update for your active directory machines. How long does it take you to reload a server? at least a few hours....I can reload my macs in less than 20 minutes including the servers, patches, security settings... its so simple...trully my full time job is not a system administrator so the allocation of time I have is tiny; all I can say is hats off to you.

I really thought I was giving you a complement.

Other than hardware failure, why would you reload a server? Even a Mac server?

My last job...I had several Windows 2003 servers....that had never been reloaded. Since I have left, they have not been touched, either. One of the servers was a print server (no AD functions) that had well over two years of runtime...only reason it was shut down was a replacement of the UPS.

IF I had to reload a server...it only takes a bit (Acronis imaging of server..just boot off of cd, restore, and go on your way). Similar to CCC on a Mac.

While architecturally speaking, a Windows Server is essentially the same as a XP, Vista, or 7 box....reloading it isn't as necessary as it is with a Windows desktop, due to the amount of software one installs on a Windows desktop, plus other things (web browsing, etc) that isn't done on a server. And I do not know of any business that can spare the downtime necessary on a server to do such a thing.

Actually, you don't "run" Windows Update on the servers...you set up a SUS server, and the servers get updated automatically....I haven't manually run an update on a Windows server in a loooong time.

And thanks for the complement.

 

[onecajun]

....

GLS, Glad u accepted ur complement.....When in doubt I always reload fixes 90% of my issues...Hats off to a hardcore windows system admin!!!

 

[chrismacguy]

While architecturally speaking, a Windows Server is essentially the same as a XP, Vista, or 7 box....reloading it isn't as necessary as it is with a Windows desktop, due to the amount of software one installs on a Windows desktop, plus other things (web browsing, etc) that isn't done on a server. And I do not know of any business that can spare the downtime necessary on a server to do such a thing.

Actually, you don't "run" Windows Update on the servers...you set up a SUS server, and the servers get updated automatically....I haven't manually run an update on a Windows server in a loooong time.

It also helps Microsoft put a lot of effort into the core of Server 2003 and 2008, so they do, in Windows environments, work a lot better, and have a much more stable core than anything before Windows 7 (Vista had the base and then ruined it at a higher level) than anything before (Boy has Active Directory matured, and it is definitely better then Open Directory in any all Windows Environment) - Also, well done on fixing the network (Im lucky none of the networks Ive helped to manage have managed to get quite so diabolical). Personally I have a Mac Server (OS 10.4) and a PC Server (2008 Standard) and each handles their own clients (PC does Windows File and Print Sharing, with the Mac handling Mac File, Mac Print and Personal Web Sharing).

 

[logandzwon]

This is the craziest thread I've seen on here.

Getting back OT;
Windows 7 can not join pure OD domains. In short, Samba3 speaks an ancient version of CIFS, Windows 7 refuses to. There is a workaround but you end up with absolutely no group policies or anything.

You can set-up the, "golden tri-angle," however you still need an MS domain controller and a per-seat license for every user.

 

[dyn]

Actually, you don't "run" Windows Update on the servers...you set up a SUS server, and the servers get updated automatically....I haven't manually run an update on a Windows server in a loooong time.

If there is one thing you absolutely do not want it would be just this. SUS is a very beautiful thing because you as an admin control which updates get installed. In that regard it is the same thing as manually installing updates. The only difference is that you can do this for any number of machines (servers, clients). You absolutely do not want Microsoft (or anyone else) to automatically update your machines because things will break and you won't have any safety nets. In other words, one faulty update and you've got to work overtime to get things fixed. Microsoft has pushed out such faulty updates a couple of times the most known being Windows Search 4. People started to complain about really slow machines which can be quite hard to investigate (slowness is subjective). Updates from AVG and Kaspersky have screwed up systems in such a way they needed to be restored (from image, backup or by completely reinstalling them).

Since servers are the most delicate part of the entire system nearly all sysadmins install updates manually on those machines and they do it on scheduled maintenance times.

More ontopic: Active Directory is not a very good solution because it too has a lot of problems that make you want to pull your hair out or even jump in front of a train. Clients ignoring policies, things not getting synced, clients not wanting to join the domain, clients losing the domain, lots of weird dns problems (which can be resolved by something as easy as disconnecting the dns from ad), etc. etc. The point is, AD is just about the best thing you can get. There is no way around it.

No matter what you choose (OD or AD) learn how to script (bashscripting, perl, batch files and/or kixtart) because that is THE sysadmin tool. Quite a lot of things can be done by scripting, you don't always need policies and sometimes there simply isn't a policy you can use so scripting is the only option. This becomes even more important in mixed environments.

What you need to do now is do an inventory. Check what they are using now, what they need it for, etc. and then look at what you might need. If you can upgrade to Ubuntu this will require a different setup than if Windows is a necessity. Next thing is to think about how you're going to do all this and plan it. Budget-wise it might be a better idea to do things in small iterations.

To summarise: master the basics of sysadminning because that is what you need right now.

 

[locust76]

I do agree with trying to match things up, but for some unseen reason my mac servers have a higher transfer rate over the network than any of my windows servers ever did.

There are a lot of things that factor in to "transfer rate over the network," and the operating system is not one of them. I have a Windows Home Server running on a tiny little Atom processor that can max out it's gigabit ethernet connection when transferring data.

I do also think servers running different operating system technologies would be more secure than ones running the same types as the production systems on the network.

Well, if your clients cannot exchange data with your servers, then they will definitely be more secure.

 

[rwdds]

THE ANSWER TO YOUR QUESTION IS YES!
I have been running a Mac based network using a (it's laughable) base Intel Mac Mini as the server. PC's connect automatically to the LAN as long as they have been mapped. It was a little difficult to get the PC's connected in the early days, about 7 years ago. The network is extremely stable and rarely crashes.

BTW, we run a multiuser database specifically designed with identical client software on the PC's & Macs. Additionally, the PC's operate a sophisticated dental digital Xray package, reading/writing the digital files to the Mini server all day long withhout a hiccup.

Most importantly, I am not an IT professional, just an end user/small business administrator who needed a solution...

 

[Tailpike1153]

THE ANSWER TO YOUR QUESTION IS YES!
I have been running a Mac based network using a (it's laughable) base Intel Mac Mini as the server. PC's connect automatically to the LAN as long as they have been mapped. It was a little difficult to get the PC's connected in the early days, about 7 years ago. The network is extremely stable and rarely crashes.

BTW, we run a multiuser database specifically designed with identical client software on the PC's & Macs. Additionally, the PC's operate a sophisticated dental digital Xray package, reading/writing the digital files to the Mini server all day long withhout a hiccup.

Most importantly, I am not an IT professional, just an end user/small business administrator who needed a solution...

Thank you for your post. We tend to get off track in these threads.