Tips for a smooth migration to Windows Server?

[DEMinSoCAL]

I have a client who has a handful (6) of Mac Pro machines running mostly Adobe CC and have been connected to a Mac server (Mac Mini running Sierra and Mac Server app) for a number of years. Lately, nothing but issues with users losing access to their own files and not being able to open each others files.

Permissions on the files seemingly change on-the-fly, and when someone suddenly gets "can't open file because it's already open or not accessible" type messages, we go in and refresh the permissions and most of the time that fixes it. But, we're wasting a ton of time doing this. So...

We started looking at replacing the aging Mac "server" with a Windows server. Since Apple is losing interest in anything "Server", it seems it's destined to disappear. I've setup a "test" Windows Server 2016 and shared out a volume and connected the Mac clients to it over SMB, and they did some testing and it seemed to work OK, with no permissions issues.

So, once I make the switch, I'm wondering if anyone might have been down this road and have any tips to help ease the transition? It seems we will have issues with CC files because the many parts of the CC project will be at a new path, so the users will have to re-link the objects again. I saw that Apple even stores the protocol used as part of the file path, such that if a file is at afp://ourserver/clientfiles, even with the same server name and path, it will not find the file at smb://ourserver/clientfiles. We found this out when testing the SMB protocol on the Mac clients on the Mac server.

I wondered about putting Apple File Protocol software on the Windows server (Acronis Files Connect) but is SMB as bad as Acronis makes it sound? Their software is crazy expensive, so it's not really an option for a small shop.

If anyone has been down this path and has any suggestions or advice, it's greatly appreciated.

Thanks.

 

[belvdr]

You could also consider deploying Linux, as Red Hat Enterprise Linux 7 (or the free version CentOS 7), as you could deploy AFP without additional cost. Of course, you need a Linux skillset to properly manage it.

I have found SMB/CIFS to be slow on the Mac connecting to various Windows Server versions, from 2008 R2 to 2012 R2. I have not tested with 2016, but I don't have much hope. I tried many different solutions from various blog posts, but none have fixed it.

 

[DJLC]

In general, I find local file shares to be a giant PITA no matter what.

At my full-time job — we've largely transitioned over to Windows Server for everything. I keep our Xserve around for Bonjour printer sharing / advertising, but that's about it. We have file shares that we migrated from the Xserve, and our users are able to access those from their Macs without issue. I set the permissions when I migrated the files two years ago, and I haven't touched them since. Granted, we very rarely use these file shares anymore as we've migrated our mission-critical documents to Google Drive and other cloud apps.

At one of my part-times — we transitioned them from a Windows-based environment to all Mac. At first we kept the Windows Server around for their office "DataShare." Buuuuut at some point the fancy RAID card in it crapped itself, and we ended up getting rid of it. Their DataShare now lives on one of their Mac Mini workstations (without Server.app), and all the other Macs just connect to that. We allow remote access from their two satellite offices by (improperly) using the same Apple ID on them w/ Back to My Mac enabled on the DataShare Mini. We don't often see permissions issues, but I can't tell you how many times I've switched from AFP to SMB and back. Seems like one or the other breaks with every macOS update. Right now they're using AFP; ask me again in a week if that's still true!

TL;DR Make sure your Windows permissions are golden, and you shouldn't have to touch it again. Windows Server is reliable in all the ways macOS Server isn't. You might have some occasional hiccups with SMB, I'm not gonna lie. But that PROBABLY doesn't make Acronis' software worth it. YMMV.

 

[DEMinSoCAL]

thanks all for the info. We had a last minute revelation and have postponed (probably cancelled) the upgrade. While doing some reading regarding AFP on Windows, I happened upon some info by Adobe that they officially do not support using CC apps over a network and working off a file server (which is ridiculous in 2018). A call to their support, they also acknowledged it was an issue they are working on. Also, SMB seems to be less than reliable on Macs, regardless of whether the target is an Mac server or a Windows server.

Therefore, there isn't really any gain to be had by switching to a Windows server at this time. We're sticking with Mac server and ensuring everyone is using AFP.

 

[hobowankenobi]

We still have our Mac Servers running 10.12, but I have rolled out a Synology NAS (Linux based OS) that has been really good so far: In service about 6 months.

SMB, AFP, plus tons of other features that easily beats the Mac server. I prefer the options and management compared to Win Server....though I have not run a Win Server newer than 2008 SP2. No licensing hassles, nice choice of free and paid app/services, including back ups, and a modern file system.

I also have been impressed with their RAID management and expansion options, and multiple NICs. Very compelling.

Oh, and Adobe has never supported working on a server....and likely never will. Too many variables with networks, OSes, transfer protocols, etc.

Having said that, folks have been doing it (unsupported) since at lease CS4 that I have seen and supported.

 

[DEMinSoCAL]

We still have our Mac Servers running 10.12, but I have rolled out a Synology NAS (Linux based OS) that has been really good so far: In service about 6 months.

SMB, AFP, plus tons of other features that easily beats the Mac server. I prefer the options and management compared to Win Server....though I have not run a Win Server newer than 2008 SP2. No licensing hassles, nice choice of free and paid app/services, including back ups, and a modern file system.

I also have been impressed with their RAID management and expansion options, and multiple NICs. Very compelling.

Oh, and Adobe has never supported working on a server....and likely never will. Too many variables with networks, OSes, transfer protocols, etc.

Having said that, folks have been doing it (unsupported) since at lease CS4 that I have seen and supported.

Looks like a nice alternative to a server (in some circumstances). I'll look into it. Certain feature packs would be necessary. Are they affordable or do they turn a $1000 NAS into a $3000 device?

 

[hobowankenobi]

The majority of packages are free. I am not running any paid packages.

Some require a paid account by the provider....such as Glacier backup would require an AWS account and associated cost of cloud storage. Most of the essentials (for most folks) are free.

Oh, and I should add that while there is a bit of a learning curve (like any new platform or interface) to configure user permissions, I have had zero problems once I got them sorted out....unlike MacOS Server, which has been persnickety about permissions—especially inheritance—since....forever. One of the features we used was the drop box folders (write only). I had to experiment a bit, but was able to replicate that feature and it works both with AFP and SMB. This has been the only real permissions hurdle so far.

Another nice feature: Each share can have it's on trash can, and when any user deletes any file they have access to, it goes to that trash can. They can be configured so that only the admin can empty the trash, or that they are automatically emptied after 30 days. A nice layer of defense against accidental user deletions.

Lot's of little feature like that have made me a convert.

I think my only gripe so far is that Synology seems to aggressively release some software, and early releases are too often buggy or lacking features. The good news is, seems like they are actively patching and updating, so simply not being an early adopter is the easiest way to avoid issues.

I have not used this feature yet (running, but no extensive testing), but the Drive package, which provides DropBox/OneDrive/GoogleDrive-like file syncing features via an installed client might be a good option for the shared/served Adobe files. The downside would be like all syncing services, besides having versioned copies on the server, they get pushed down to clients....requiring local space.

The really nice thing is, unlike a Mac or Win box, you get AFP, SMB, NFS, WebDAV, and Drive right out of the box. The downside is, it may take some time and testing to really decide which service to standardize on.

 

[hobowankenobi]

Adding more info for anybody that follows along:

Using both AFP and SMB for share access, and overall SMB behaves better. I see this as a good thing, as Apple AFP is going away, and Apple no longer recommends using it.

All our machines that have shares mounted are 10.12 or later, and Finder seems more responsive, not to mention folder icons are all there when using SMB:

minus sign on folders that users don't have access to
down arrow on write only (drop box) folders

AFP connection to the same shares behaves as expected, but folder icons are not there. My hunch is it is a limitation or versioning issue of netatalk.

Planning to roll forward with SMB, webDAV, and Drive connections, and only use AFP as a backup for any legacy needs.

 

[DEMinSoCAL]

Adding more info for anybody that follows along:

Using both AFP and SMB for share access, and overall SMB behaves better. I see this as a good thing, as Apple AFP is going away, and Apple no longer recommends using it.

All our machines that have shares mounted are 10.12 or later, and Finder seems more responsive, not to mention folder icons are all there when using SMB:

minus sign on folders that users don't have access to
down arrow on write only (drop box) folders

AFP connection to the same shares behaves as expected, but folder icons are not there. My hunch is it is a limitation or versioning issue of netatalk.

Planning to roll forward with SMB, webDAV, and Drive connections, and only use AFP as a backup for any legacy needs.

Thanks for the additional information. So you are saying that your experience has been that with the Synology device you are not having inheritance permission issues AND your Mac Clients are using SMB? So is the issues we have now with AFP and SMB on a Sierra macOS server are due to macOS and going the Synology route would alleviate those issues?

 

[hobowankenobi]

Thanks for the additional information. So you are saying that your experience has been that with the Synology device you are not having inheritance permission issues AND your Mac Clients are using SMB? So is the issues we have now with AFP and SMB on a Sierra macOS server are due to macOS and going the Synology route would alleviate those issues?

So far, no inheritance issues, as were so common over the years on Mac Server OS.

Using both AFP and SMB, and both work, but SMB seems to be better: better Finder interface for users, with correct icons and better dialogs.

I don't want to reverse engineer, rig, mod, or otherwise mess with the server or clients unless abloslutely necessary; testing to find the best out-of-the-box config, and SMB is winning.

One exception: testing as a Time Machine backup destination for clients, and AFP seems perfect so far, while SMB has been glitchy. Not done any serious troubleshooting...again, just trying to use with as little config work as possible, with the idea that there will be less to maintain, troubleshoot, or port to another box down the road.

Custom solutions/configs are typically last choice.

Current config:

 

[DEMinSoCAL]

So far, no inheritance issues, as were so common over the years on Mac Server OS.

Using both AFP and SMB, and both work, but SMB seems to be better: better Finder interface for users, with correct icons and better dialogs.

I don't want to reverse engineer, rig, mod, or otherwise mess with the server or clients unless abloslutely necessary; testing to find the best out-of-the-box config, and SMB is winning.

One exception: testing as a Time Machine backup destination for clients, and AFP seems perfect so far, while SMB has been glitchy. Not done any serious troubleshooting...again, just trying to use with as little config work as possible, with the idea that there will be less to maintain, troubleshoot, or port to another box down the road.

Custom solutions/configs are typically last choice.

Are your Mac clients on High Sierra?

 

[hobowankenobi]

Are your Mac clients on High Sierra?

Mostly 10.12, but some 10.13 now. Most moving up to 10.13 in the next couple months...testing now, no issues so far.

 

[satcomer]

Mostly 10.12, but some 10.13 now. Most moving up to 10.13 in the next couple months...testing now, no issues so far.

Be wary the 32 bit older applications will not run natively anymore!

 

[chrfr]

Be wary the 32 bit older applications will not run natively anymore!

32 bit apps run fine, and natively, in 10.13.4. What you're saying is not correct.

 

[hobowankenobi]

Be wary the 32 bit older applications will not run natively anymore!

Been doing testing on a handful of machines for months, zero issues so far.

 

[Geeky Chimp]

Mostly 10.12, but some 10.13 now. Most moving up to 10.13 in the next couple months...testing now, no issues so far.

I’m guessing you don’t have users that open multiple PDFs in the same window then. Opening 100 ish PDFs, which many of our users do frequently, now opens each one in a separate Preview window which is useless, with no option to change that behaviour. Worked fine in Sierra.
[doublepost=1527929324][/doublepost]

thanks all for the info. We had a last minute revelation and have postponed (probably cancelled) the upgrade. While doing some reading regarding AFP on Windows, I happened upon some info by Adobe that they officially do not support using CC apps over a network and working off a file server (which is ridiculous in 2018). A call to their support, they also acknowledged it was an issue they are working on. Also, SMB seems to be less than reliable on Macs, regardless of whether the target is an Mac server or a Windows server.

Therefore, there isn't really any gain to be had by switching to a Windows server at this time. We're sticking with Mac server and ensuring everyone is using AFP.

IMHO I’d stick with macOS Server and AFP . We migrated away from Windows Server several years ago to macOS Server (or OSX Server as it was then). For SME macOS Server (even 5.6) provides the services required, either integrated into the OS or via Server App.

 

[hobowankenobi]

I’m guessing you don’t have users that open multiple PDFs in the same window then. Opening 100 ish PDFs, which many of our users do frequently, now opens each one in a separate Preview window which is useless, with no option to change that behaviour. Worked fine in Sierra.

100s? Nope.

A dozen...tops.

Everyone has Adobe CC installed, and Acrobat opens tabs by default, have not see n any issues.