OS X Server going to give me my first ulcer

[Les Kern]

I have 25 Xserves running 10.4 and 10.5 using LDAP and Open Directory with 2600 clients, and have been running the same thing for over 5 years. I have had almost no issues at all, and none related to the problems encountered here that I've been reading about. One day I wanted to have a separate OD server for a specific group of users, and after the OS was installed, set it up and had the clients connected in less than 15 minutes.
Using Apple servers has been a GODSEND... without the ease of setup and robustness of the system I would have had a heart attack long ago. I can't afford to have any downtime, and a few of these boxes have been running nonstop for years.
Call me lucky? Nah, it's inherent in the system.
Call a third party in to help you.

 

[pezza]

I have 25 Xserves running 10.4 and 10.5 using LDAP and Open Directory with 2600 clients, and have been running the same thing for over 5 years. I have had almost no issues at all, and none related to the problems encountered here that I've been reading about. One day I wanted to have a separate OD server for a specific group of users, and after the OS was installed, set it up and had the clients connected in less than 15 minutes.
Using Apple servers has been a GODSEND... without the ease of setup and robustness of the system I would have had a heart attack long ago. I can't afford to have any downtime, and a few of these boxes have been running nonstop for years.
Call me lucky? Nah, it's inherent in the system.
Call a third party in to help you.

Buy that gentlemen a beer!

I've been looking after 10 xserves for the last two years across 10 sites connected by a VPN. Reliable servers start with a correct install and setup. Get it right and these boxes are fantastic, get it wrong and you will pay the penalty. DNS DNS DNS, as already has been stated, DNS must be working correctly, for OD/LDAP etc to function as expected.

Software bugs are another issue, and yes there are some annoying ones introduced with Leopard Server, lets hope that Apple address them, but that is why we run a test server to check for all these issues before we deploy in a production environment.

Xserve and Mac OSX Server are great products in my experience, that are highly under-rated.

 

[Sayer]

There is no try, do, or do not

Apple never claims you don't need to touch the CLI to get OS X server working, they claim that you can do a lot of mundane things like turning services on, setting up user account info, in a nice GUI instead of in a Terminal.

Having studied for the OS X Server Admin test (and thus having all kinds of for-pay documentation) you do need to know a fair bit about Unixy server stuff to use OS X Server as a server (for example Open Directory still requires lots of arcane LDAP configuration parameters to get it to work for clients).

Having set up postfix on a non-OSX Server install, by hand, with numerous incorrect "tutorials" sometimes it is easier to know what you are doing before trying to do it. That way you can just dig in to a config file and read STDERR and see what is happening, and then try and fix it.

And if a server could manage time on its own there would be no need for publicly accessible atomic clock NTP servers. Electronics are not 100% precise, or even precise to 4 decimals when it comes to timing. Correcting for timer drift is expected in our imperfect universe, so use a public atomic clock for a master NTP server, and set clients to use your OS X NTP (or just give in and use public NTP for everything).

Finally the old adage applies: Garbage in, garbage out. If you configure something wrong, even in a GUI, it won't *magically* work for you. There should be a certification just for getting DNS/Bind working properly on your own.

 

[Les Kern]

.... for example Open Directory still requires lots of arcane LDAP configuration parameters to get it to work for clients.

You mean that annoying "Start Service" button? Because that's all I do.

Finally the old adage applies: Garbage in, garbage out. If you configure something wrong, even in a GUI, it won't *magically* work for you. There should be a certification just for getting DNS/Bind working properly on your own.

Man, You got that right. I was running for years and discovered the DNS was set up slightly wrong. And I'm supposed to know what I'm doing! But on it's most basic level, it's pretty easy to set up.