Introduction
In the beginning was the command line. You can automate anything and everything in Mac OS X, but knowledge of the command line will be required to fully automate your deployment and integrate Mac OS X in the enterprise while maintaining a low total cost of ownership. This isn't to say you can't integrate Mac OS X into a large organization en masse without using the command line — you can.However, from automation to troubleshooting, opening up a terminal window will be key to keeping your sanity, if only from time to time. But don't fear the terminal, and know that the fundamental tasks required and the fundamental methodologies with Windows deployments are the same as with Mac OS X.
If you are reading this book, then you are likely charged with integrating Macs into your environment, whether kicking and screaming (which we hope this book will change) or as the sponsor. The message that you take away from this book is hopefully that you can do anything you want to with Mac OS X, from deploying 10,000 machines overnight to building a petabyte worth of storage to house all sorts of data for your Macs, provided you are not averse to learning a little bit of command line to achieve your goals. The power and flexibility of Mac OS X along with the best of the open source community is right at your fingertips to help along the way.
The first question many in IT ask when told about the need to use the command line is, "But isn't Mac OS X supposed to be easy to use." It is. But we're not talking about just using the Mac. We're talking about building and managing a complicated IT infrastructure, which at some point requires staff that is tooled with the mastery of the internals of each platform for which they are tasked as the steward. As such, the more you learn about internals, the more you learn about the basics, the more you can automate, the more you learn about what goes on under the hood, the more you can master management en masse, and, ultimately, the more appropriately you will be able to address issues and concerns on an enterprise-wide scale as they arise. To take this a step further, the more you learn about managing a second platform (no matter what the platform is), the better you will be at managing others. But drastic reduction in Total Cost of Ownership is possible with OS X compared to other platforms for a variety of reasons. And since users are typically happier on a Mac, who wouldn't want a happier user base combined with lower recurring costs.
Paradigm Shifts
Just as when enterprise computing was young, you will need to rethink some of your strategies to accommodate for a wider variety of platforms, resulting in a paradigm shift of sorts. But luckily you are not alone, and the jump is not as bad as many seem to think. There are a number of resources to help you through the process. From web sites to books, from Apple engineers to third-party providers/channel partners, from e-mail lists to user groups, you are not on an island. And while it is not fully open source, the Mac platform is a largely community-driven affair. One of our contributions to that community is this book, where we take on the lofty task of bridging the gap between your enterprise and your Mac.
The fundamentals of designing a Mac-based enterprise are the same as with any other platform — the specifics are not. In any enterprise organization you will need to perform a mass deployment, whether all at once or a refresh cycle performed on an ongoing basis. Every enterprise will also need centralized servers that provide a number of services to hosts on the network, including directory services, shared storage, groupware, and application servers. But the software that provides the needs of an enterprise is often different with the Mac than with other platforms. This isn't to say that the functionality of solutions already in use in many organizations cannot be extended to cover Mac OS X. But in some cases it is going to garner a higher return on investment to prop up an entire infrastructure to support the Mac while in others you are best to leave your existing solutions in place and extend them to the Mac.
Mac OS X is a standards-compliant operating system — to a point. Given the support of a number of standards, Mac OS X can be integrated into a primarily Microsoft environment. This includes support for Active Directory, Exchange support (either through Entourage or natively with ActiveSync), DFS, SMB/CIFS, and NFS. Many Microsoft-centric solutions will work out of the box. But when compared to the features available to Windows-based users, you may find yourself frustrated with integrating systems on a large scale. Users may also be frustrated with certain features that are missing when moving from Mac to Windows. Ultimately some of these features can even result in needing to purchase a third-party solution, deploying a thin client-based solution, or using virtualization solutions to ease the pain of integration, be it temporarily or permanently.
None of these obstacles are insurmountable. Through each release of Mac OS X, the system has become more and more enterprise friendly. And with each subsequent release you can expect that trend to continue. But don't expect to be able to do business as usual; expect to slightly alter your way of thinking to a more open model of computing. That shift toward openness, once you get right down to it, will make the process far easier and far more rewarding and in the end will lead you to a new paradigm in how you deal with enterprise computing.
Measure Twice, Cut Once
This likely goes without saying, but here goes: Before you deploy and integrate on a large scale, test. Before you test, plan. The more you plan, the less work you will ultimately have to do. What do you need to plan for? In our experience, it all starts with directory services. This is why the very first chapter of the book jumps into directory services, and from there we cover further integration in the same order that most organizations build out that infrastructure. It varies between environments, but if you go through each chapter and take into account the technologies introduced, then you will be able to plan more holistically.
Mac OS X is a great platform and suitable for a bevy of uses, but not the right fit for providing a number of network services. Therefore, throughout the book you will find information for integrating with existing infrastructure that may or may not be more suitable given your shift in platforms (however extensive that shift may be). Aside from infrastructure, the Mac systems you are planning to deploy and support require users to be productive on them, something they may not be able to do within the confines of Mac OS X. The book ends with virtualization and thin client solutions that can be leveraged to provide services that otherwise would not be available to the Mac platform.
Application Availability
While the book covers virtualization, the best deployments are going to be those that don't require any applications to be virtualized. If your organization has invested in leveraging a consumer model — a mixture of using cloud services and migrating client-based software into intranets — then the Mac is more likely going to be able to take on your software with ease. But if you are using a number of proprietary products that do not come with a Mac OS X client, then you may need to use some form of virtualization to bridge the gap.
Long term, though, you need a plan to migrate to applications that are cross platform in order to keep the costs for your Mac OS X clients at a minimum. There are a number of sites available to help you find software for the Mac, most notably versiontracker.com. But there will be times when the Mac software is not as advanced or well kept as the Windows versions. This can lead to frustration from end users who possibly once championed the platform. In this case you may have to virtualize the software or an entire operating system in order to achieve parity. But this is where testing on a per-group basis will become key to planning your deployment.
When testing, make sure each user in your pilot thoroughly tests each piece of software. Find the biggest power users in a group and ask them to be your testers. Their voices will often be heard the loudest when things don't go well. But if you can keep them involved in the process and communicate with them along the way, once you achieve success you will often have the best proponent you could ask for.
How This Book Is Organized
Sandwiched between chapters on directory services and virtualization there are a variety of other topics that have been near and dear to organizations big and small as they grapple with integrating Mac OS X. These topics have been broken down into a number of chapters, each playing a critical role and requiring specialized planning. A summary of the chapters, aimed at guiding your planning and deployment:
Chapter 1 - Directory Services is a critical aspect of Mac OS X integration. In this chapter we cover how to set up a directory services environment using Open Directory, Apple's own directory service solution. Whether you are an Active Directory environment, eDirectory, or some other variant of a supported directory service, you will need to become acquainted with the fundamentals of implementing Open Directory. Additionally, Open Directory can be leveraged to work with Active Directory, providing a compelling framework for policy management.
Chapter 2 - Directory Services Clients are as critical as directory services themselves. In this chapter, the focus is on how to configure the directory services client from the command line, allowing you to deploy complex and automated binding scripts. The script examples provided with Chapter 2 will, at a minimum, help to get any mass deployment of Mac OS X in motion, saving a considerable amount of time and giving a glance into best practices that can be applied to further automation topics that will arise throughout the book.
Chapter 3 - Active Directory deserves a dedicated chapter. Why? The binding process, while part of the directory services framework, is considerably different than that of the other directory services modules. The third-party solutions, requirements, roadblocks to a successful integration, and the methodology are just that different from the other directory services modules. These differences should show the considerable amount of development taken on by Apple in order to provide such a feature-rich Active Directory solution.
Chapter 4 - Storage is a requirement for any business. Sure, some pundits say that eventually storage will all be in the cloud, but it's not yet. And you need to automatically mount, log into, and configure storage in such a way that your Mac clients can connect to it, use it for home directories, synchronize it, and even share it out themselves if need be.
Chapter 5 - Messaging and Groupware mean productivity. In this chapter we look at the options for typing your Mac OS X clients into shared groupware services hosted on Microsoft Exchange and Mac OS X Server. We also look into implementing groupware-oriented policies in the environment and automatically configuring groupware applications as part of your deployment process.
Chapter 6 - Mass Deployment. Whether it's imaging, deploying the image, or automating the tasks that enable you to be closer and closer to the one-touch image, this chapter is all about providing a step-by-step process to accomplishing these tasks. However, over the past few years a number of solutions have emerged to make mass deployment infinitely easier for administrators. Therefore, of the tasks we follow through the steps, we will use a different solution for each, allowing you to see a spectrum of options.
Chapter 7 - Mac OS X has a rich Client Management framework. In this chapter we look at local and directory services-based deployments of policies and explore the options for extending existing solutions to cover client management.
Chapter 8 - By Automating Administrative Tasks, you as an IT professional (or the manager of an IT professional) will be freed up to take on enhancing how your business interacts with technology (or you'll learn to fish, sleep nights, etc.). In this chapter we take a deep look into scripting and other forms of automation. This is where mastery of the command can become absolutely critical.
Chapter 9 - iPhones are cool. They're popular and gaining a considerable footprint in the enterprise space, given the penchant for synchronizing with Microsoft Exchange and the robust Objective-C development platform. But how do you deploy and manage thousands of the things? And while you're doing that, how do you use the features for connecting to standard enterprise application sets? In this chapter we help you get there and introduce you to some tools and techniques to ease the burden.
Chapter 10 - Virtualization. You just can't do everything on the Mac that you can do in Windows XP, Windows 7, Linux, or any other operating systems you can think of. Therefore, we give you a whole chapter of virtualization and thin client best practices and deployment techniques to ease the burden of your now doubled operating system footprint if you embark on this convoluted journey.
Chaos Theory
There is no magic bullet for your deployment. Most environments are going to be different in some way, shape, or form from every other environment out there. But provided there is industry-standard infrastructure (and most vendors have long since moved into providing industry standards) then rest assured that there is some way to make your Mac clients integrate fairly seamlessly into the enterprise. Therefore, while we don't have a magic bullet to offer, we do have a plethora of options for a given situation, options you can use to cut costs, reduce required human capital, and free up IT staff for creating value to businesses rather than living in the IT cost center.