Server platform best used for mostly Mac environment

[unplugme71]

Joined a company that has about 300 Mac and 13 PC's. They want me to put in servers for the company to better manage the following:

DHCP, DNS
Directory Services (LDAP, OD, AD)
Software Updates (Mac and PC)
Group Policies
File Sharing

Using Windows AD would be the easiest for me as I have more experience than Linux, but NTFS can be a pain to share over SMB with Mac since it doesn't handle file forks well. A windows user could accidentally delete the extra files that appear that a Mac requires. How do mixed Mac and PC environments share files without any data loss?

 

[phrehdd]

Joined a company that has about 300 Mac and 13 PC's. They want me to put in servers for the company to better manage the following:

DHCP, DNS
Directory Services (LDAP, OD, AD)
Software Updates (Mac and PC)
Group Policies
File Sharing

Using Windows AD would be the easiest for me as I have more experience than Linux, but NTFS can be a pain to share over SMB with Mac since it doesn't handle file forks well. A windows user could accidentally delete the extra files that appear that a Mac requires. How do mixed Mac and PC environments share files without any data loss?

Go with the Windows Servers, and consider additional storage that will be controlled by the Windows network (NAS etc.). Also you can pretty much hide certain types of files if you know what you are doing or make certain suffixes unavailable to be deleted or modified.

I hate Windows but Apple dropped the ball big time on being a robust server and network which is a pity. People who try to use Apple's Servers as main servers have ended up very frustrated and rightfully so.

 

[rlkarren]

Yeap, I'll second that. Stay with Windows Servers. I'll also second additional storage controlled by Windows, i.e. NAS. Also, If I remember correctly, Apple has greatly improved NTFS over SMB and has worked well for me in my test environment.

Having used OS X Server for the last 6 years for exactly what you need to do, I am disappointed with Apple's progress, (or lack thereof), in the enterprise market.

In my environment I use a modified Magic Triangle setup... actually it's more of a Magic "V". And would probably work well for you in a mixed environment.

Windows Server with AD, DHCP and DNS
Mac OS X Server promoted to OD Master and also bound to AD
Clients bound to AD and OD, in that order.

All Users and Windows machines are managed by AD, Mac Clients are managed by OD. You can use either Profile manager or Workgroup Manager to manage OS X Clients. Shares can be managed from either OD or AD.

Anyway, there are an infinite number of ways you could setup management in a Dual directory setup. But I would definitely recommend the Windows Domain, and use a Mac Mini OS X server OD to manage the Mac machines.

 

[freejazz-man]

any good resources on how to do this?

I'm looking at deploying an entirely new domain soon.

it's going to be 99% macs with 1 or 2 PCs on it. Just looking for advice from people experienced in this

at university I deployed AD and Kerberos domains, not OD and we didn't do much in terms of integrating macs into either so I'm not positive on the best way to go about this.

 

[DJLC]

I'll definitely be interested to see how this works out for you...

I work for a charter school with two locations. Currently working to get them connected in a WAN. Next step will be to consolidate the currently independent domains. One location is all Win Server '08 AD, and the other is all OS X Lion OD on a 2009 Xserve.

 

[kakalaka]

I have quite the opposite opinion.

Macs were never fully compatible with windows servers - by reason.
If your plan is to install a new server that runs windows just because you are not familiar with OS X Server - it would mean you would ignore the essential needs of those 300 Macs users for your own comfort and for the few other (13) PCs. Doesn't it sound illogical?

Let me list just a few killing reasons why a windows server is 100% unsuitable for a mostly Mac environment:

1) you can't search for files by name and content on a Win server if mac clients are above 10.6.x (like 10.7.x and 10.8x) if those mac users are working with files they share with each other and are stored on a server - the lack of ability to search is the end of the world. You can't work without this.

2) of course there's a workaround - to install an additional software that will provide native AFP protocol/sharing to macs: ExtremeZ-IP but it's way too expensive and windows server itself is expensive too - just think how much your company would have to pay for client access licensees. You end up spending big money for a windows server that will not fit the needs of users, plus you would have to buy additional software (ExtremeZ-IP) to make it partially compatible) - at the same time you get unlimited client licensees with OS X server for the fraction of price. Microsoft's licensing fees are shameless robberies.

3) for Macs SMB/CIFS is slow compared to AFP when copying big files or browsing folders. With AFP you can reach the maximum 117-119MB/sec to and from the server (if there's a fast RAID 5 storage attached to it)
At the same time windows clients can connect over SMB to OS X server, works as expected and no major issues like above mentioned.

Macs where never compatible with windows server and never will be. the war between Apple and MS is the guarantee it will remain like this.

Mac Pro's running OS X Server and a fiber optic attached RAID storages like 'Promise' is the ideal for any company with mostly mac users - that's my experience as a Mac IT with over 15 years of experience in heterogenous environment.

 

[assembled]

@kakalaka can you do clustering on those mac pros ?


anyway, jokes aside...

I'm a big fan of Windows Severs for Mac clients, you can get HP rack servers, with nice things like hot swap power supplies, RAID boot drives, Lights Out cards built in.

With Apples move from resource forks to extended atributes, products such as ExtremeZ-IP and Dave/Admit Mac help bridge the gap, but I have several clients that just use SMB and are able to saturate a gigabit link to the desktop.

If only Apple hadn't deprecated NFS just as Microsoft brought out a very good NFS server...

Unfortunately, going the other way with Windows clients connecting to an Apple server is not so good, and there are no 3rd party products available to help bridge the gap.

For authentication, its a one horse race, Apple plays very nicely with Active Directory, which is about a decade in front of Open Directory in terms of functionality. Its still good to keep two mac mini servers for Open Directory, possibly with a Thunderbolt RAID or two for deploy studio

The other alternative is of course Linux, again you can run it on server hardware, and there is a very capable AFP stack in the form of netatalk.

In any event, you shouldn't just take the words of people on here, you should do some tests for yourself, and when you purchase, make sure that the vendor is supplying against your RFP, not from a shoppinglist, so that in the event of it not working as well as "advertised" you can go back to the vendor.

 

[unplugme71]

I appreciate all the help.

Most likely we will keep the data on the Mac server and use Windows AD and OD for authentication. This way the Windows servers can still be managed, but the data will be written/read from a Mac attached storage.

 

[freejazz-man]

where do you guys figure all this stuff out? is there a good forum for this or a book?

I'm about to get knee deep in it and want to read read read