ABOUT BENCH FORUMS PODCAST LOGIN REGISTER
PC Components
Smartphones & tablets
Systems
ENTERPRISE & IT
GUIDES
DEALS

In-Depth with Mac OS X Lion Server

 by Andrew Cunningham on August 2, 2011 8:00 AM EST
77 Comments | Add A Comment
77 Comments

NetBoot

The NetBoot service is one of my personal favorites - using a mix of standard PXE boot technology and some of Apple’s own mumbo-jumbo, you can use it to serve up OS images to client Macs over the network. Its uses are diverse - you can boot up a simple operating system designed to deploy OS X images to multiple computers at once (I recommend the excellent, free DeployStudio for this sort of work), you can serve up a vanilla OS X install disk, or you can use the System Image Utility (another of the Server Admin Tools) to capture a pre-configured OS X environment that can be served to many clients at once - the latter is particularly useful in classrooms, computer labs, public-use kiosks, and anywhere with a lot of Macs that need to look and act the same, since getting a clean instance of the OS is as easy as rebooting the system.

There are three different types of NetBoot images: The first, called NetBoot, boots a Mac to an entirely server-hosted disk image where you can run apps and use the Mac pretty much as you normally would, though all user-created data is wiped out when the Mac is restarted. NetInstall can be used to make copies of OS X install media that are bootable from the network instead of discs or USB drives. The last, NetRestore, will copy the contents of an image to a Mac’s hard drive, making it easy to mass-deploy customized OS X images to multiple computers.

The actual setup and operation of the NetBoot service is basically identical to the way it was in Snow Leopard server (which looked a lot like Leopard’s implementation did, and so on). However, there are some inconveniences related to Lion’s dropping of support for Core Duo and Solo Macs if you’ve still got any hanging around - a bit of historical context will be useful here.

NetBoot dealt with the PPC-to-Intel transition by allowing administrators to choose what client architecture a particular image would boot - if you made one 10.4 NetBoot image for PowerPC systems and an equivalent image for Intel systems, you could set them both as the default images for their respective architectures, and offer the same services to all of your Macs regardless of architecture without incurring too much additional overhead.

10.5 made Universal images possible - these were simple times, because one image could boot basically all of your supported Macs (as long as you didn’t have any super-old G3s or G4s around), but you had to go back to the image-per-architecture model when 10.6 dropped support for PowerPC. It was a little extra work, but was totally doable.

As we discussed before, 10.7 drops support for the very earliest of the Intel Macs, but your Netboot architecture options remain the same - you can pick PowerPC, Intel, or Universal (for 10.5 images), but you can’t distinguish between supported and unsupported Intel Macs.

Granted, this problem will affect only a subset of Lion Server users - those who use NetBoot and need to support both the newest Macs (necessitating a recent 10.7 image, since as a rule OS X isn’t downgradeable) and a mix of older Macs - if this roughly describes your situation, begin devising workarounds now.

Using the System Image Utility


If you have several Macs on your network and are worried about Lion’s lack of restore media (and if, for some reason, you don’t want to make your own restore DVD or USB stick as we discussed in our Lion review), the NetBoot service provides you with one of the few supported methods for getting around it.

All you need to do is keep a copy of the Lion installer downloaded from the App Store. As long as you’ve got it stored somewhere on a drive that is readable by the computer, you can fire up the System Image Utility and see it listed as an image source.

Go ahead and create a basic NetInstall image of it, and save the resultant *.nbi folder to your server's \Library\NetBoot\NetBootSP0 folder, and then enable it in the Images tab in Server Admin (note that the NetBoot folder is only created once you choose to store images and client data on your hard drive in Server Admin, and that your images only become visible to clients when you’ve enabled NetBoot on your server’s Ethernet port).

Enabling ports and storage locations

Once everything is enabled, you should see your new NetBoot image as an option in the Startup Disk preference pane on your client Macs.

You can use the System Image Utility to make a NetBootable image of any OS X partition, as long as it’s running the same version of OS X as the Mac running the System Image Utility - Lion can make Lion boot images, Snow Leopard can make Snow Leopard boot images, and so on.

For the new MacBook Airs and Mac Minis without optical drives (and, one assumes, for many other models going forward), the NetBoot service provides the backbone of the new Internet Recovery feature - the only difference there is that you're NetBooting from one of Apple's servers instead of your own. NetBoot and Lion Server allow you to offer this functionality to all of your Macs.
 

Software Update

Software Update downloads every update in Apple’s catalog and allows you to serve them up to your users. This includes every product updated by Software Update: OS X (versions 10.5, 10.6, and 10.7 are supported), Final Cut, iLife, iWork, and various firmware updates included. With Final Cut and others making the transition to the App Store, it’s uncertain whether Software Update will continue to offer updates for these products. Another question is whether iOS updates will be offered via Software Update once over-the-air delta updates become the norm in iOS 5 - as usual, we’ll have to wait and see.

Why do this when your Macs could just talk to Apple’s servers? First and foremost, it can help you if you need to conserve Internet bandwidth: instead of having 20 computers download a 1GB update from Apple, you can have one computer download the 1GB update from Apple, and have 20 computers download the update from it. This is also usually faster than connecting to Apple’s server, especially over a modern gigabit network.

The other advantage is that you can choose exactly which updates to serve to your clients. If, for example, you know that 10.7.1 deletes user data, or that iTunes 10.5 is going to have problems that are fixed days later by iTunes 10.5.1, or that Safari 5.2 causes problems with some internal sites you depend on, you can uncheck those updates and elect only to serve them up after issues have been fixed.

All you have to do is point your client computers to your Software Update server. This is easily done via policies in Workgroup Manager or Profile Manager for managed Macs, or via some command line trickery for non-managed Macs. Downloading the entire update catalog does consume a fair amount of disk space, so make sure you've got a few dozen spare GB on your drive somewhere before turning the service on.
Server Admin Tools: DHCP, DNS, Firewall, NAT, and RADIUS Xgrid and Xgrid Admin
PRINT THIS ARTICLE
Comments Locked

77 Comments

View All Comments

  • Wizzdo - Wednesday, August 3, 2011 - link

    Lion's web server IS Apache. LOL.

  • jigglywiggly - Tuesday, August 2, 2011 - link

    I am too much of an elitist fag to succumb to this.
    I just installed my Debian GUI-less server today to replace my o'll ubuntu 10.04 LTS GUI server, got everyhting setup, mysql, apache, php, samba settings, everything gud to go with only 100 megs of ram usage.
    Sure it took much longer to setup, but I am an elitist fag

  • don_k - Wednesday, August 3, 2011 - link

    Since when is netboot unique to OSX server? Last I checked all *nix variants have had that ability for decades.

    But really, organisations concerned about the sticker price on their server software are not going to go get an apple 'server' for $1k when they can download an iso in 5min and get going are they?
    Not to mention the complete lack of necessary system tools (archiving, compiing especially) without installing macports or something.

    Call it like it is - 1k to manage all those damn pads and phones everyone in the company demands they are able to access the company intranet.

  • johnbouy - Wednesday, August 3, 2011 - link

    Time Machine took a big step backwards with Lion Server. In Snow Leopard Server you could allow time machine backups on individual share points. This allows you to partition a disk and set up individual partitions for specific Time Machine backups. I use this to control how much disk space is allocated for a backup. In Lion you get to nominate one share point/partition as the Time Machine backup storage point. Hence any client that backs up to the server uses the same disk space. A real step backwards!

    Another issue is that Server.app rewets .config files when started up so you potentially lose any changes you were forced to make due to the lousy Lion Web service interface.

  • digitalzombie - Wednesday, August 3, 2011 - link

    I like the idea but still... I wouldn't do it. Apparently they got desperate enough to offer it for 50 bucks. Good job for noticing that no one give a damn since Linux is free and both Linux and Window is established already. I still wouldn't give em my money when they tried to charge in the past an arm and a leg. Who the hell do they think they're going fool? The platform isn't the most active for server development tools. Linux got cloud all up in there and it's actively evolving in many area especially server. Don't even try to bring out that pathetic iCloud. It's not open so nothing is going to back that crap other than Apple, openstack have 50 vendors, big companies, backing that project up compare to iCloud. Apple probably won't ever be able to compete in the server sector but they can leverage their UI and simplicity for their user base, such as the gui sys admin tools described in this articles. They should just stick with consumer base products, trying to compete in the server space market is going to kill em.

  • matthi - Wednesday, August 3, 2011 - link

    On page 4 of this review, it says ".. our next entries are Accounts and Stats under the Status heading". 'Accounts' should be replaced with 'Alerts'.

  • slayernine - Wednesday, August 3, 2011 - link

    If only this was a review of Windows Server it might be useful. I have never met a fellow tech person/geek who uses any version of Apple Server products. (aside from one customer about 3 years ago who was curious about them).

    It is just the simple facts that apple products are know for a lack of an ability to upgrade, locked to features that Apple thinks you should have and a lack of price efficiency. Windows and Linux offer far superior server products that will run on pretty much any hardware that suits your needs and the only reason I can see there being a point to review this product is due to Apple padding your pockets.

  • Schafdog - Wednesday, August 3, 2011 - link

    I know that it seems like Apple (or Steve) has lost faith in the PC as a hub, but I would really love seeing a iTunes Server that multiple users can control using iOS devices playing on Airplay or iOS device itself.

    Some NAS is now getting this features, so I might drop the OS X Server for one of those instead.

  • sodi - Wednesday, August 3, 2011 - link

    What kind of crazy organization would use a Lion Server? At works, standard is a necessity. A Lion Server is just oddball.

  • Oscarcharliezulu - Thursday, August 4, 2011 - link

    This seems a bit like OSX Server Lite and Easy rather than a true upgrade to Snow Leopard Server. I wasPthinking of converting an older 'mini to Lion Server (to serve a small business which has MBPs and iMacs, but now I think getting a copy of Snow Leopard Server would be better if I could somehow get it cheap (yet legal).
Copyright © 2024. All rights reserved.
BENCH
TOPICS
FOLLOW
ABOUT

Log in

Don't have an account? Sign up now