ABOUT BENCH FORUMS PODCAST LOGIN REGISTER
PC Components
Smartphones & tablets
Systems
ENTERPRISE & IT
GUIDES
DEALS

In-Depth with Mac OS X Lion Server

 by Andrew Cunningham on August 2, 2011 8:00 AM EST
77 Comments | Add A Comment
77 Comments

NetBoot

The NetBoot service is one of my personal favorites - using a mix of standard PXE boot technology and some of Apple’s own mumbo-jumbo, you can use it to serve up OS images to client Macs over the network. Its uses are diverse - you can boot up a simple operating system designed to deploy OS X images to multiple computers at once (I recommend the excellent, free DeployStudio for this sort of work), you can serve up a vanilla OS X install disk, or you can use the System Image Utility (another of the Server Admin Tools) to capture a pre-configured OS X environment that can be served to many clients at once - the latter is particularly useful in classrooms, computer labs, public-use kiosks, and anywhere with a lot of Macs that need to look and act the same, since getting a clean instance of the OS is as easy as rebooting the system.

There are three different types of NetBoot images: The first, called NetBoot, boots a Mac to an entirely server-hosted disk image where you can run apps and use the Mac pretty much as you normally would, though all user-created data is wiped out when the Mac is restarted. NetInstall can be used to make copies of OS X install media that are bootable from the network instead of discs or USB drives. The last, NetRestore, will copy the contents of an image to a Mac’s hard drive, making it easy to mass-deploy customized OS X images to multiple computers.

The actual setup and operation of the NetBoot service is basically identical to the way it was in Snow Leopard server (which looked a lot like Leopard’s implementation did, and so on). However, there are some inconveniences related to Lion’s dropping of support for Core Duo and Solo Macs if you’ve still got any hanging around - a bit of historical context will be useful here.

NetBoot dealt with the PPC-to-Intel transition by allowing administrators to choose what client architecture a particular image would boot - if you made one 10.4 NetBoot image for PowerPC systems and an equivalent image for Intel systems, you could set them both as the default images for their respective architectures, and offer the same services to all of your Macs regardless of architecture without incurring too much additional overhead.

10.5 made Universal images possible - these were simple times, because one image could boot basically all of your supported Macs (as long as you didn’t have any super-old G3s or G4s around), but you had to go back to the image-per-architecture model when 10.6 dropped support for PowerPC. It was a little extra work, but was totally doable.

As we discussed before, 10.7 drops support for the very earliest of the Intel Macs, but your Netboot architecture options remain the same - you can pick PowerPC, Intel, or Universal (for 10.5 images), but you can’t distinguish between supported and unsupported Intel Macs.

Granted, this problem will affect only a subset of Lion Server users - those who use NetBoot and need to support both the newest Macs (necessitating a recent 10.7 image, since as a rule OS X isn’t downgradeable) and a mix of older Macs - if this roughly describes your situation, begin devising workarounds now.

Using the System Image Utility


If you have several Macs on your network and are worried about Lion’s lack of restore media (and if, for some reason, you don’t want to make your own restore DVD or USB stick as we discussed in our Lion review), the NetBoot service provides you with one of the few supported methods for getting around it.

All you need to do is keep a copy of the Lion installer downloaded from the App Store. As long as you’ve got it stored somewhere on a drive that is readable by the computer, you can fire up the System Image Utility and see it listed as an image source.

Go ahead and create a basic NetInstall image of it, and save the resultant *.nbi folder to your server's \Library\NetBoot\NetBootSP0 folder, and then enable it in the Images tab in Server Admin (note that the NetBoot folder is only created once you choose to store images and client data on your hard drive in Server Admin, and that your images only become visible to clients when you’ve enabled NetBoot on your server’s Ethernet port).

Enabling ports and storage locations

Once everything is enabled, you should see your new NetBoot image as an option in the Startup Disk preference pane on your client Macs.

You can use the System Image Utility to make a NetBootable image of any OS X partition, as long as it’s running the same version of OS X as the Mac running the System Image Utility - Lion can make Lion boot images, Snow Leopard can make Snow Leopard boot images, and so on.

For the new MacBook Airs and Mac Minis without optical drives (and, one assumes, for many other models going forward), the NetBoot service provides the backbone of the new Internet Recovery feature - the only difference there is that you're NetBooting from one of Apple's servers instead of your own. NetBoot and Lion Server allow you to offer this functionality to all of your Macs.
 

Software Update

Software Update downloads every update in Apple’s catalog and allows you to serve them up to your users. This includes every product updated by Software Update: OS X (versions 10.5, 10.6, and 10.7 are supported), Final Cut, iLife, iWork, and various firmware updates included. With Final Cut and others making the transition to the App Store, it’s uncertain whether Software Update will continue to offer updates for these products. Another question is whether iOS updates will be offered via Software Update once over-the-air delta updates become the norm in iOS 5 - as usual, we’ll have to wait and see.

Why do this when your Macs could just talk to Apple’s servers? First and foremost, it can help you if you need to conserve Internet bandwidth: instead of having 20 computers download a 1GB update from Apple, you can have one computer download the 1GB update from Apple, and have 20 computers download the update from it. This is also usually faster than connecting to Apple’s server, especially over a modern gigabit network.

The other advantage is that you can choose exactly which updates to serve to your clients. If, for example, you know that 10.7.1 deletes user data, or that iTunes 10.5 is going to have problems that are fixed days later by iTunes 10.5.1, or that Safari 5.2 causes problems with some internal sites you depend on, you can uncheck those updates and elect only to serve them up after issues have been fixed.

All you have to do is point your client computers to your Software Update server. This is easily done via policies in Workgroup Manager or Profile Manager for managed Macs, or via some command line trickery for non-managed Macs. Downloading the entire update catalog does consume a fair amount of disk space, so make sure you've got a few dozen spare GB on your drive somewhere before turning the service on.
Server Admin Tools: DHCP, DNS, Firewall, NAT, and RADIUS Xgrid and Xgrid Admin
PRINT THIS ARTICLE
Comments Locked

77 Comments

View All Comments

  • ltcommanderdata - Tuesday, August 2, 2011 - link

    Given the shift in corporate policy from being Blackberry focused to adopting other smartphone platforms including iOS, I think most CTOs would take a look at OS X Server if only for the easier iOS device management features. I don't really see it replacing existing Windows servers though, particularly since Apple doesn't sell dedicated server class hardware anymore.

  • quakerotis - Tuesday, August 2, 2011 - link

    This is simply not true. OS X Server has been for us a very good performer, both in stability and ease of use. B3an, you must be speaking anecdotally because I am not a fanboy. There are many server technologies to choose from. this is one of the better ones.

  • diskrete - Tuesday, August 2, 2011 - link

    As an IT manager for a small company, I would definitely use Lion Server to manage Macs and iPhones.

    It in no way replaces existing Windows/Linux infrastructure. But recycling a Mac mini to use for managing Apple devices? Absolutely. It’s worth it just for the ability to create machine-based 802.1X profiles.

    IT today is not about standardizing on one platform, it’s about using the right tool for the job.

  • sligett - Thursday, August 4, 2011 - link

    Unix isn't a server platform anyone in their right mind would use?

    There are thousands upon thousands of small and medium businesses as well as schools that are hostage to expensive windows "experts" that have put a Windows server in their business. The client can't do a thing with the server without the expensive help of the expert. You don't see that as a viable market?

    So many people speak out on the Internet as though "I can't use this" is equivalent to "no one can use this".

  • erple2 - Thursday, August 4, 2011 - link

    To be fair, any infrastructure that's put in place by an "expert" tends to continue to have to be maintained by another expensive expert. Non-techies have problems with Macs just as much as non-techies have problems with Linux, or Windows machines.

    BTW, I've found that the mac "experts" that have put a mac server in their business are also very expensive to hire back for help.

    There are some very very nice manageability features that OSX Server buys you that aren't all that simple to implement by relative novices in other environments...

  • cwatt - Monday, September 26, 2011 - link

    Ha ha, you are really ignorant! I am currently rolling this out to a big organization and this article is a really big help.. BTW ... those inferior products are actually extremely good quality and very easily managed and a lot more secure than other platforms... You should not let your opinion get in the way of your judgment, you should make the best decision based on the environment not because you are a fanboy or you randomly hate really good products!

  • blueeyesm - Tuesday, August 2, 2011 - link

    I have to agree that managing iOS devices using OS X Server is probably their only ace in the hole. The rest of what this offering serves can be replicated/managed better under Linux. That being said, if Apple wanted to be really smart, they'd help their community devise methods in which to enhance a shopping experience, or other interacive experiences with an iOS or tablet device.

    That is, until cloud computing becomes the de facto standard and Apple ceases to offer a server or client to download, you just are expected to do everything via iTunes/iLife Cloud edition.

  • badjohny - Tuesday, August 2, 2011 - link

    With its drop in price, and ability to install on any mac, I would love to see apple take OSX server and shape it into a WHS for mac. It looks like all or many of those things are available in OSX server, but the ease and convenience of using a WHS is unreal. Push the Home server aspect of OSX server and really make a use for it in a standard home. itunes server edition, Apple TV media server, IOS update manager, Shared home calendars, email, and family based websites come to mind. These are all things that It can currently do, but they all need some "apple magic" to make them very powerful and at the same time very easy for anyone to setup. Apple could easy include a option in the setup of a mac to have it search your network for a server. If it finds one have it ask if you want to enable the features. They could even leverage the icloud system and have it linked by your itunes account. They all the data could sync through the icloud service. enter your apple ID and your client is setup to use your server instantly.

    They could even make a personal iCloud options. Every picture/video you take have it saved over to the server also.

    I understand that OSX server is a niche item in big business. Apple should admit defeat in enterprise setups and push server to a more person level. Have it compete with windows SBS and WHS but make it have the apple easy of use. They have a real product here, but like most home server options it seems to be more of a niche item.

  • Ratman6161 - Tuesday, August 2, 2011 - link

    Basically Apple does not make or sell server grade hardware. Sure, if you look on their online store you will find a version of the Mac Pro that calls itself a server and comes with OSX Server installed. But there are a variety of things about it that make it not enterprise ready and more suited to small business or home servers. If Apple really wanted to be in the enterprise market then what they would absolutely have to do is to allow it to run as a virtual machine on all the major virtualization platforms. For example where I work we are a VMWare shop and no server software is coming in our door that will not run on VMWare Esx server.

    Its my theory thought hat they have no intention or desire to compete in the enterprise server market. If they did, there would be no reason for a price drop as most businesses in that market place would not have blinked at the $499 price or even the $999 price - both are a drop in the bucket compared to all the other costs associated with a data center. No, the price drop to me definitely signals that its their intent to be in the small business and home server market.

  • HMTK - Wednesday, August 3, 2011 - link

    You're right, Apple does not have anything that could even remotely be called server hardware.

    There have been rumors that Mac OS can run as a vm on vSphere 5 (if you're ok with the licensing). If true you could run it on real servers and real SANs and use nice features like high availability. The only show stopper is probably licensing but I would think that is VMware were taking the trouble of making OS X run on their hypervisor they would have a deal with Apple.

    AFAIC Max OS X Server would be interesting only for managing iOS devices.
Copyright © 2024. All rights reserved.
BENCH
TOPICS
FOLLOW
ABOUT

Log in

Don't have an account? Sign up now