Welcome. Welcome to session 604. Today we're going to be talking a little bit about Mac OS X Server. In Steve's keynote presentation yesterday, he discussed a lot about Panther and some of the new features that we've introduced in the desktop. Today we're going to be talking about Mac OS X Server Panther, give you a little bit of an overview of what the product is, some of the new features that are in it.

We understand that many of you in the audience, some of you are using Mac OS X Server today. For others, this is the first chance you've had to take a look at the product. So we're going to kind of try and have a session here that can cover both audiences.

What we're doing is we're building a server operating system that is really innovative. It's really the easiest way to deploy open-source server solutions. As you'll see in this presentation, there's a lot of open-source software that we've taken built into the server operating system. But our goal here, again, is to make these open-source server solutions very easy to use.

So let's take a step back and look at what Apple's been doing in the past with our server products. In May of 2001, we introduced Mac OS X Server version 10.0. That was really the first new version in our server operating system line. And then in September, we came out with a new version that was the 10.1 version. And that was pretty similar to the previous product, just some performance improvements and stability improvements.

About this time last year at the developer conference, if any of you were here, we kind of let out a little secret that we were working on a new machine. We talked about a rack-mount server. And we announced that in June and shipped it shortly thereafter. So XServe was a major accomplishment for Apple and really marked a hallmark in our history of really going after the server marketplace. And then in September, just a couple months after, we introduced Mac OS X Server Jaguar, the version 10.2. And that was really a radical improvement for us with regards to the server operating system. A lot of performance improvements, many new features, a lot of new desktop management enhancements.

Again, earlier this year, moving forward to earlier this year in February, we updated the X Serves again. Came out with a brand new X Serve, an X Serve cluster node version, and then the wonderful X Serve RAID, which just has a massive amount of storage for an unbelievable price.

And then our next version, our next big server accomplishment that we're working on right now is Panther, or Panther Server. And Steve mentioned that's scheduled to be available later this year. Hopefully all of you have had a chance to take a look at the software that we distributed to you yesterday. In that packet there is a copy of Panther Server.

And I know from me talking to some of you in the audience that many of you have already installed it and been playing with it. So I encourage you to do that. There's a lot of new features in there, new enhancements that you won't find in the desktop. Thank you.

So really, what is Apple's server strategy? This was discussed a little bit in Bud Tribble's keynote presentation yesterday, but Apple's really striving to bring innovation to the data center. We think that there's a lot of innovative new technologies, simplifications that we can bring back to the data center. So what we're doing is, as we mentioned, we're building this industrial-strength server operating system.

We are leveraging the capabilities of the open-source groups. We're building upon the projects that they've provided for us. And we're also focusing on standards, and standards, as you know, is very key, because it doesn't lock you as a customer into one particular vendor. It allows you to pick the best solution for what you're deploying.

We're also trying to build a product that has a lot of different services built in. We want this product to be very flexible, fit into different environments. So there's a lot of different services in the product, everything from file and print services and internet and web, desktop management technologies, media streaming. There's a whole wealth of services that are built in. But again, our goal here is to really lower the cost of ownership. Lower the cost of ownership for our servers, but also for our desktop systems with our desktop management technologies that we've built into the product.

So what's new in Panther? Well, there's a wonderful array of new features, and this is just some of them. We've got a really new, improved Darwin core operating system, the BSD layer of the operating system. As you'll find in some of the presentations, there's a lot of new enhancements there. We've got a new automatic server setup feature, making it very easy to configure an entire rack of X Servers or just a single server, all from a configuration file. We'll be talking about that more later today in some of the other sessions.

We've listened to your feedback. We've improved our administration software, have a new server admin application. We've built in Samba 3. Apple's Mac OS X Server is really going to be the first commercial operating system to ship with Samba 3. And Samba 3 gives us a lot of new features, the ability to support PDCs so we can host Windows Home directories, have a single account for a login and authentication. Open Directory. We have a new version of Open Directory. Again, not only LDAP-based directory services, but also Kerberos for authentication. Single Sign-On goes along with Kerberos, so the user only has to enter a single password, and they can access other services on their network.

A complete end-to-end VPN solution. We have a VPN client in the desktop operating system and now a VPN server in Mac OS X Server. JBoss application servers for hosting J2EE-based applications. And then also the new Postfix mail server, having a really industrial-strength mail server finally on our server. So now I'd like to turn the presentation over to Greg Burns. Greg is the engineering manager for all of the Mac OS X Server project. And Greg will give you an overview of some of the features that are in Panther Server. Greg? Thank you, Eric. Thank you.

So now we're going to take a tour through some of the features in Panther Server, and specifically we're going to focus on some of the things that are new in this release, but we'll cover all of it, as Eric mentioned, for those of you who maybe are not so familiar with the product. And as many of you heard yesterday, underlying Mac OS X Server is a Unix foundation. It's based on open source, based on BSD, and it provides the scalability and the reliability you need for a competitive server platform.

We've upgraded this to BSD 5 in Panther Server, and with this we get a lot of improvements. One of them is we've improved performance in this release. We've improved the raw throughput, and in addition, we've added POSIX asynchronous I.O. support, which has been a popular request from our database developers. We've also enhanced the scalability of the file system. We now support up to 16 terabyte file systems. Journaling is something that was introduced for the server in HFS in an update for 10.2.

And we've now integrated that into HFS, and it is the default for all HFS in Mac OS X, journaling file system. And finally, another popular request, case sensitive HFS Plus for people that are sharing file systems out to Unix clients using XSERVs as NFS servers. Case sensitivity has been a very popular request, so you now have that as an option in the server.

With BSD networking also comes advanced features like IPv6 and IPsec, as well as multi-homing for hosting multiple web domains. For capable Ethernet interfaces, we support Gigabit JumboFrame support. And we also have IP over Firewire, which makes a great back-channel networking interface for IP failover. IP Failover provides high availability in the server. It allows you to set up a pair of servers that are clustered and can support failover. Each one can monitor the other and pick up its IP addresses and its services in case the other one fails and then relinquish them when the second server comes back online.

We also support automatic restart, which allows any service to be restarted should it fail. It also will restart the whole system in the event of a system hang. And finally, software RAID provides reliability and performance in the storage layer. And of course, there's hardware RAID as well from the XSERV RAID product line.

And for anybody that's familiar with Unix, of course, with BSD comes all the familiar networking and system administration tools, secure login through SSH, a variety of shells, all the BSD commands. It's very familiar to anybody that's administered a BSD or a Linux server, so you'll feel right at home.

Now we could stop there and just take all the open source foundation and throw the services on it, but we didn't. And we've put a lot of effort into making sure that it's all integrated and making sure that the management tools that we provide make the whole system very easy to set up and very easy to use. And so what we've done is we've added tools for automatic setup, automatic configuration. We've provided a wide suite of server management tools for ongoing day-to-day management, and we've provided directory management tools for the directory.

Automatic server setup allows you to take a server right out of the box and set it up very simply in a matter of seconds. You can take a server configuration for things like IP address, domain names, service setup, and you can save that into a file and put it on a portable device like a FireWire drive, an iPod, or a USB keychain drive.

And then when you take a server right out of the box, brand new, turn it on, plug it in to the network, you can just plug that drive into the server. It will recognize the configuration file and configure itself automatically in a matter of seconds. Now, that works great if you have one or two or three servers, but if you have a whole rack of servers, even just moving the drive around can get kind of cumbersome. So what we've also done is allow you to store this configuration out on the network.

So you can take a rack of servers that are brand new, never been touched, plug them into the network, turn them all on, and have them all grab their configuration directly and be up and running in a matter of seconds. So you can't get much simpler than that.

So let's move over to a quick demo here, and we'll have Eric come up and just do a quick demonstration to show you how simple this really is. Okay, so we're going to go to slide number one, or machine number one here. Normally when you set up the server, you have the setup assistant that comes up and walks you through configuring of the server.

What we've done is we've walked through that process, but saved all those settings into a file that I have here on this iPod. And so I'm going to take the iPod, and I'm going to plug it in here. And if all goes well, what Panther Server is going to do is it's going to see that this iPod is connected, that it mounts.

And in a couple seconds, we'll see a barber pole come up. It's going to configure the server and get the services up and running for that configuration, and then it's going to automatically restart the machine. So it's a little -- oh, someone stole their IP. I don't know the address. We didn't even know that.

But this configuration file, it sets it up, and it just automatically restarts, and then you're set to go. All right, thanks, Eric. So in your networks, you all have better control of your IP addresses than we do here at Moscone, but it is very simple. So let's move on back to the slides here.

So another area that we've improved in Panther Server is the administration tools. We've taken all of the administration tools and integrated them into a single app, which allows you to set up and monitor your services on a day-to-day basis. It runs as XML over HTTP, so you can monitor and configure your services remotely. You can configure and monitor multiple services from within the app. And one cool feature we've added in Panther Server is the ability to easily replicate configurations between servers.

So for instance, if you have a server configuration, like a file server or a web server, and you've set it up, and you want to replicate that across a bank of servers, you can now just take that configuration and drag it from one service to another, and it will automatically configure the second server, or the third, or the fourth. So it makes it very easy in a single step to configure multiple servers and to change your configurations across multiple servers on an ongoing basis. Again, very simple, a very cool feature that's new in Panther Server.

So again-- we'll have Eric come up, and we'll do a quick demo of Server Admin. ERIC SCHMIDT: OK. So we'll move to computer number two here. And so the Server Admin application, like I said, is a great new application that's in Panther Server. It allows you to take a look at all the services that you have running. So in this list here on the left, we have two servers that I'm connected to. I'm watching the servers, and I can connect through here. I can see their network traffic and the CPU usage and get some of the various information.

One of the really neat features-- this is the ability to actually take the settings from one service and apply that to another. So I'm actually going to open up a new server window here. And in this interface, I'm going to go to my Apple File Server, and I'm going to make some changes to the configuration. So I'm going to say, welcome to my server.

Server Rocks. And I can go in here and change, you know, configuration methods. You know, that's great. Any method. I can set it to only, you know, support 200 connections. I can hit save here. Oops. I can go, okay, we're going to go back. I can go to logging. I can set different logging options, even control different settings. Now, when I save this, I can take this configuration just by holding down this little checkbox, this checkbox. This is the check mark that we have here. I can drag that to another server in the list.

So over here, I'm dragging this to the other server, and it'll take that setting and apply that to this other server. So it's a really easy way of taking the services, the configuration that you have from one machine and applying it to other machines on your network. Thanks, Eric.

Lastly, Workgroup Manager allows you to manage the directory in Mac OS X Server. All of Mac OS X Server is based on directory system, open directory that underlies it. And all of the information about accounts, authentication, service configuration is stored in the directory. And Workgroup Manager lets you easily manage accounts, account settings, as well as preferences and other things that can be configured through the directory.

Eric Zelenkka, Greg Burns, Francois Jouaux Because Mac OS X Server is based on LDAP, this actually works with any LDAP v3 server, the one that comes with Mac OS X Server, as well as if you're using a third-party LDAP server for your environment, it'll work with those as well. Another new feature we've added for Panther Server is a directory inspector, which is a very cool feature for power users that actually allows you to go in and edit the raw records in the directory server. So it's not something you need on an everyday basis, but it's a powerful feature for people that need it.

So open directory is an area that we've made a lot of improvements in Panther Server. Open directory is Mac OS X's framework for accessing directory and authentication information. All of the services in the client and the server use open directory. And open directory allows us to integrate with the native services in Mac OS X Server, LDAP and Kerberos, as well as a variety of other services, NIS for Unix environments, Active Directory, NetInfo, BSD files. So you have a wide variety of choices for configuration and for storing directory and authentication information for your Mac OS X systems.

So in Mac OS X Server, we provide the services themselves. LDAP is now based on OpenLDAP, and Kerberos is based on MIT's Kerberos. And Kerberos provides us with single sign-on, which is new to Panther and Panther Server. This allows you to log in once securely at login time at the login window, and then access all of your services with a secure Kerberos ticket. So file services, email, you don't have to store passwords separately for each service now.

And also, for those of you that are familiar with Mac OS X Server, this also gives us authenticated automounts. So this is another important security improvement in Mac OS X Server. We know that not all of the services are going to be Kerberized, that some of you will always need to access legacy services that use standard password encryption. And so for that, we have Password Server, which provides legacy encryption methods.

So Single Server, Single Sidon is based on Kerberos. We are adopting MIT Kerberos for this. It's based on V5. We're not changing the Kerberos protocol in any way. And so because of that, our implementation, our server, our client can be used with any deployment of MIT Kerberos. So whether you choose to use Mac OS X as your KDC or whether you choose to use your own residing on another platform, our services will work. Now, of course, we provide KDC and Mac OS X Server to make it really simple out of the box to set up and configure and have a complete authentication and directory environment.

Another improvement we've made in Open Directory is to improve the scalability of the directory services. LDAP is now hosted on Berkeley DB for scalability. For those of you familiar with the server, in the past it was hosted on a NetInfo backend. We still have NetInfo in the system for those of you that want to use it for legacy support reasons, but for Mac OS X Server, Panther Server, and beyond, all of the default directory services are based on LDAP, on Open LDAP on Berkeley DB.

This gives us the capability of hot backup for greater availability and scalability to over 100,000 records per server. Of course, if you need more than that, you can also replicate your services. We provide replication locally that allows you to have greater availability or to have multiple servers serving the same directory information, and you can also replicate remotely for greater availability for remote sites.

And another thing we've done, again, to further improve the overall usability of the system out of the box, is to have a more secure system. The overall usability of the system out of the box is we've integrated the Kerberos KDC backend with password server and with the LDAP server so that all the replication happens simply and automatically out of the box.

You don't have to worry about wiring this up. It's all connected and integrated fully. And so with that, we'll bring up Eric just to show you how simple it is to set up Open Directory services in Panther Server. Okay, so we'll go back to computer number two here.

So on the screen, you'll see that we have an open directory service. Remember, it's the LDAP, the Kerberos, the Sassl password authentication server. So I can go and I can set a couple of different settings for this. First of all, I can see an overview of what's actually running on the system.

I can look at the logs and then make configuration changes. So this server is currently set up to be a standalone server. It's an isolated server. But I can promote it to be an open directory master. This is going to turn on the LDAP services and the Kerberos KDC, et cetera.

I can also have a replica on my network. A replica is a machine that's bound to the master. And I can also have this server connected to an existing directory system. So we've done a lot of work in the user interface here to really improve this, make it easy to understand. You can also go through and configure the different protocols, search bases, set up SSL authentication. And you can also define password policies for your network.

So if I wanted to say that all my passwords on the network have to be at least a certain number of characters long or differ from the last four passwords that you've used, I can make that change and impose that upon all the users in the network. All right. Thanks, Eric. Let's go back to presentation. So that's open directory two.

So one of the most popular services for any server, obviously, is workgroup services, file and print for the local intranet. And of course, we provide a wide variety of services there for both file and print. Looking specifically at the file sharing side, we provide native services for Mac clients, AFP, SMB Sys for Windows clients, and NFS for Unix.

We've improved the performance in this release. As before, we provide support for multiple protocols on any SharePoint so all clients can share the same data. All the authentication is unified through the LDAP backend with the same account information. And we have disk quota support so you can control the use of server resources.

We made some improvements to NFS in this release. One popular use of NFS in the server is to reshare the NFS volumes via AFP. NFS has some security compromises when you use that as a sharing method. And so a lot of people like to take a bank of X Serves and use them to reshare enterprise storage via AFP to their clients. And another area we've improved NFS is Greater performance and also improving the reliability in this release and adding NFS file locking support for data integrity.

We've added Samba 3 for Windows client support and integrated PDC or primary domain controller support directly into the server. So that's all configured directly out of the box very simply and easily through the administration tools. And what this means is now that when you log into a Windows client at the Windows login window, you can use the same authentication data from Mac OS X Server that's hosted in LDAP that your Mac clients use or that any other client uses.

You can share a home directory with your Mac client, whether you're accessing it from Windows or Mac, and you can host your roaming profiles on the server. That's all built into the system, and it's configured through the GUI. And finally, we've added Active Directory integration. This is native integration that's new to Panther for both client and server. And what this means is that there are no schema changes required in Active Directory to support Mac OS X.

It integrates with the Kerberos authentication and Active Directory. And for large installations that have multiple domains in their Active Directory forest, we support automatic multi-domain authentication. So it's all very simple to use, very simple to configure out of the box. And all of the services in Mac OS X Server can use Active Directory for storage of their directory accounts.

Another area that's important in workgroup services is workgroup management. We spend a lot of effort at Apple making Mac OS X very simple and easy to configure, easy to set up and use. And that's great if you have one system. But, you know, you might have more than one. You might have, you know, a hundred, a thousand. And then, you know, what do you do then? Well, we have a set of products in Mac OS X Server that make this very easy to manage. You can install systems on a large number of desktops on the network.

You can set them up. You can configure them and manage them on a day-to-day basis. These are workgroup management services in Mac OS X Server. It's all directory-based, so all of this system configuration is stored in the directory. We provide services that allow you to control preferences, to set preferences on these systems, to control their use of resources both on the system and on the network. And we provide tools to allow network installation and setup of these systems.

Something that's new in Panther Server also is the ability to do this on mobile systems. So if you have mobile computers, Power Books, iBooks, you can manage their accounts. You can manage the authentication information, the account information, and all of the preferences and everything else that you set through the directory. And that will be synchronized automatically when your system comes onto the network. And so even mobile computers now can be managed using these tools.

And finally, two tools for installing and managing images on the network, NetBoot and NetInstall. NetBoot obviously allows you to boot a system, a desktop, or a server over the network. And two things that we've added in Panther Server are the ability to NetBoot over HTTP as well as NFS, and also the ability to do a fully diskless NetBoot, which is very handy if you have an image of network diagnostic tools where you want to debug a problem. You can NetBoot completely independently of any disk that's running remotely or locally on the desktop.

For network install, this allows you to install systems over the network using Netboot. And you can use it to distribute software images, distribute software updates. And we've made a couple improvements to this in Panther Server. One is we've redesigned the tool that you use to create the images, the network image utility, to make it simpler to use and add a lot more options to it, more powerful.

And another option that we've added-- it's been a big request-- is the ability to do full image installs. So now you can take a volume that hosts system software, has applications installed, it's fully configured, and you can clone that and do network installs of system or volume images, as well as packages or clean system installs.

So that covers the workgroup services built into Mac OS X Server. So now what I'm going to do is I'm going to bring Chris LeCroy and then Francois Jouaux up on stage. And they're going to talk more about some of the services that allow you to host web services as well as network services in Mac OS X Server. So Chris? Looks great.

All right, so internet networking services. We've seen a bunch of the directory services and file services. Mac OS X Server also includes a good number of internet network services. So let me start that off. The first one is media streaming. So Mac OS X Server has always included QuickTime Streaming Server, which is an extremely powerful media streaming server.

It's like Extremely powerful for streaming on the LAN. You can do extremely high quality across the LAN. It supports multicast. You can send extremely high bitrate content over your network using multicast. It supports MPEG-4, all the QuickTime content, MP3. It's compatible with Windows and Macintosh players. It's also a server that is powerful enough to be used for streaming across the internet.

So a lot of the big content distribution networks that you see, including the ones that Apple uses, are using QuickTime streaming server as their streaming server for serving MPEG-4 and QuickTime content. And then with the advent of 802.11 and a PowerBook in the QuickTime broadcaster application, you can actually have a completely mobile solution. So you can actually take a PowerBook wirelessly, walk around the room. Stream broadcast, send it up to a server, and stream that out over the internet. We've seen that done quite a few times.

So new with Panther Server is QuickTime Streaming Server 5. It's got all the same features that it's always had. It has no license fees. We don't charge per stream. Supports Mac, Windows, and Linux clients. It supports Linux clients through its MPEG-4 compatibility. And it supports Instant On technology, which basically eliminates all of the buffering messages you would see normally when you're streaming. It starts up as fast as if it's playing locally on a good broadband connection.

Skip protection, which is our technology for guaranteeing quality of service across the internet. As we know, there are always blips in the internet. Skip protection is the technology that basically eliminates those blips when you're watching content. And the servers perform extremely well. They can, off of a single machine, stream up to 4,000 concurrent streams. And if you want to do more than that, it's really just a matter of buying a few more experts.

Also new with Panther Server is QTSS Publisher. So this is a new application that provides a way to remotely manage your QuickTime content. For putting up on the internet. So it automatically takes care of things like hinting or preparing it for the web servers. It'll automatically create web galleries. It's tightly integrated with the Apache web server on Mac OS X Server. It has all of the UI for creating playlists, managing the order of playlists, scheduling playlists, and doing all of those things.

MP3 playlists as well as QuickTime content playlists. It allows you to edit annotations. And behind the scenes, all of this is happening with some Unix tools that we wrote for Panther Server. So you can now, from the command line, do things like hint movies, change annotations, all of that from the shell, if that's the way you'd like to do things.

QuickTime Broadcaster is a product we shipped about a year ago. It allows you to take any FireWire camera, plug it in, and do a broadcast from your computer. It supports all of the QuickTime codecs, and of course, it supports the standard MPEG-4. It's got a... A bit of functionality we call reliable transport. And what that is, is a guarantee that the stream from the broadcaster to the server is going to be a solid stream.

And that's really important, because if you lose packets between the broadcaster and the server, every single client sees that loss. So we've got a way to guarantee that all the packets get there. It supports unicast and multicast as well. And it delivers ISO-compliant streams. So those are MPEG-4 streams to any standard player. So it'll play on Linux for any player that supports the standard ISO MPEG-4 player.

So networking services. Got both some old stuff and some new stuff in Panther. I shouldn't say old, I mean it was available in Jaguar's server. I'm going to go through both of those. We have an entire slew of networking services. I'm not going to go through all of these. DNS, DHCP, we've got a network time server, firewall. We've added VPN, which is new, authentication. And it's all standard. So you can connect Macintoshes, you can connect Windows machines, Linux machines. It's all completely standard. We don't believe in proprietary technologies where we can help it.

So, dynamic host configuration. We've had DHCP in Jaguar's server. We've added a couple of things to the Panther server. DHCP, as you know, provides automatic doling out of addresses. We've added the ability to specify LDAP directories for those machines. We've also added the ability in the UI to bind a specific Ethernet address to the IP address of any machine. So, you've got machines that want to have a permanent IP address but have it served up via DHCP. You can do that now through our admin application. And, of course, you can control IP address ranges, the lease times, and network routing, things like that.

Next, some networking, network routing technologies. So we've had NAT on the desktop for Mac OS X Server. We've now moved that functionality into the server. So in the server admin, you can now configure NAT. We've also added a VPN server, and that's all configurable in the new server admin as well. It works with all standards. It also works with Windows technologies so that you can use things like MS-CHAP and PPTP as well as L2TP.

So DNS. So we've bumped the version of Bind up to nine. So good, like that. So you're going to get dynamic DNS, things like that. And as everyone knows, it's the most widely deployed DNS server on the internet. For those of you who really like to configure Bind files, your job security is kind of limited now, because we've added UI to the admin.

And if you get a chance to look at it, it's actually pretty slick. I think we did a good job on the UI on this one. And Firewall. This isn't new, but we have redone the UI on this. It's really simple to set up kind of basic rules.

It's using the standard Berkeley IPFW. We also have some UI that will allow the more advanced people to set up basically any rule that IPFW can handle. Something we didn't have in the past, all of the configuration for Firewall was actually stored up in a NetInfo database. We've moved that down into a config file. Although you can do everything in the UI, if you need to SSH into a machine, if you're on a non-Macintosh machine, you can always get in there and change those configurations that way. And next is mail services.

So Mac OS X Server. Prior to Panther, we had a proprietary mail server. It was a standard server. It supported all of the normal internet standards. We also had a web mail server through Squirrel Mail. It allows connectivity because it's all standard to any platform that supports standard mail. We've made a couple of changes. We no longer have a proprietary mail server. We've moved to Postfix for the MTA.

And we did that for a lot of reasons. It scales well. It's very secure. It was written by a security expert. It's easy to configure in terms of the configuration files. If you've ever seen send mail configuration, you know what I'm talking about. And then we've all, for IMAP and POP, we've moved to Cyrus, and there were a few reasons for doing that, too.

So Cyrus is a proven IMAP server. It supports clustering, so it's easy to scale it. You can configure it to work with multiple machines. And it also supports the ability to store your mail for different accounts on any variety of machines. So if you want to segment up your email users to different back-end stores, you can do that, and it's not a problem at all with Cyrus.

And we are, of course, Kerberizing it, so it'll work properly with single sign-on. And it also will support, we will support SSL on our mail servers. So on top of mailing lists... With the mail server we had in the past, in Jaguar, it had a feature that would allow you to take any group in the directory and treat that as a mailing list. Well, we're losing that because of the new mail servers, but what we've decided to do to kind of replace that functionality is to add a real mailing list server. So we've added the Mailman mailing list server.

Mailman's extremely powerful. It's actually the one, if you go to lists.apple.com, it's the one Apple uses for its mailing lists for the public. We've built some UI into the server admin to actually create mailing lists in the admin. Mailman, as you know, has web-based tools as well, so for your end users, they can go in and they can change their options if they want digest mode. If they don't want digest mode, they can go to a web page and set all of that stuff up. It supports all kinds of features, such as mailed-in-mail-to-news gateways, bounce handling, spam prevention, and it's also got email-based administration commands, as most good mailing lists do.

Webmail. So we have revved the version of webmail that we're using in Panther Server. Webmail is a standards-based webmail package written in PHP. There are some really good things about it. One is that it's pure HTML. It's not using any JavaScript. It's compatible with basically any browser, so you don't have to worry about compatibility there. Works with any SMTP or IMAP mail server. I see no reason why you would need to use it with anything other than the Panther server.

Supports MIME encoding. Address books now, which is new. We didn't have that in the prior version. Folder manipulation. You can host this mail via SSL, so you can have completely secure mail over the web. And we've gone, the version that we've moved up to now supports Japanese, so we've got Japanese support for Squirrel Mill.

And Eric's going to come up and demo some mail for you. Okay, so we'll go back to computer number two here. And our mail server in the PostMix mail server is a really great mail server, so we're really happy to provide a really good user interface for it. So here in the user interface, the administrator can go in, they can enable and disable SMTP, set up their IMAP, even have messages sent to Postmaster at apple.com or whatever.

I can go in and I can configure the mailing list, as Chris showed, in the user interface here. You can enable them. I can add new ones to it. I can set up filters. Spam prevention is very key, very important. This user interface here allows us to have a real rich set of spam filtering options. And then also, control many log levels. And then the last screen here allows you to configure the authentication options in some of the hosts.

So this is really important if you are in secure environments or you want to use Kerberos only for your authentication. Nice feature down here is the ability to use SSL. So I can say, you have to use SSL, or I can use SSL if it's available, or I can require SSL. So if you want to implement secure email on your network, you can do that and enforce it in requirement for all your clients. Great.

Thanks, Eric. So back to the slides. - Do you have slides? So next is web services. In Panther Server, we're once again including the Apache web server. We have performance-optimized Apache web server. We're able to do far more connections than a typical Apache web server would be able to do. It's even a little faster in Panther. We ship 1.3 as the default web server, and that's actually the one that you'd be configuring when you're in the server admin. But we do include 2.0, so people who do want to use that, it's there. You can use it.

Part of the problem we've seen is that the adoption hasn't really happened yet. There are a lot of modules that haven't been ported over to 2.0 yet, and so Apache 1.3 is what we decided to stick with for Panther. We greatly improved the administration interface. You may have seen Bud Tribble demo a little bit of it yesterday. It's really, really easy to set up sites and realms and things like that now.

We've included WebDAV for web publishing. We have bumped the version of MySQL to 4.0, so for those of you waiting for that, that's there. The server has all kinds of support for server-side scripting architectures, SSI, Perl, Ruby, PHP. We're changing the build style of PHP, so we're actually including more of the development functions that people needed in our PHP module. So that'll be good for development. developers. So basically taking all of these things-- I don't know if you guys can read all of that.

Mac OS X Server basically has everything needed to create three-tier websites or entire websites on Mac OS X Server. We include a bunch of stuff to do your own thing. If you've got third-party products, you can grab as well 4D, Oracle. So it's a great development platform for web development. And Francois is going to come up and talk to you a little bit more about those technologies. Thanks. Thanks.

Okay, to wake up the audience, let's have a little show of hands. How many sysadmins are among us today? How many developers sitting in for sysadmins? Also, these people must be a little way above our head right now. And for them, it's time to take out your notebooks and to remember the few slides that are going to come up. So in Mac OS X Server, we are leveraging the best standards and the best technologies to bring you the best application servers.

But first, there is Java. Java has evolved as an OS on top of the OS. Nowadays, application servers are huge, multi-threaded beasts. They are all implemented in Java. They spawn thousands of simultaneous threads. They open and close thousands of I/O connections. And they necessitate an enterprise-grade Java VM underneath them. That's what we are providing with a JDK 1.4 and a JDK 1.3 implementation. Now the big news today is JBoss. JBoss is very popular out there. It is popular for three reasons. It's free, it's free, and it's free.

How do you bundle free software and do not show up as a freeloader? You add value. And we believe we are adding tremendous value on top of JBoss. The real three reasons for JBoss being popular are its unbeatable quality for the price, I'm going to improve. The next one is its perceived ease of use. And the third one is its modular design.

It is perceived ease of use, but as Marc Fleury, the JBoss founder, says, they are pushing the envelope at the container level, which means that they are not really investing in the deployment ease of use. Developers love JBoss. Deployers hate it. If you're a sysadmin, to use JBoss, you'll have to speak XML in your dreams.

Now, this is going to be a dream come true. We are introducing tools to enable you to deploy JBoss easily on Mac OS X Server. Our goal is to make Mac OS X Server the best platform to deploy J2EE applications. We are doing this in three steps. First, JBoss is integrated in the server admin plugin.

Second, there is a JBoss deployment tool that lets you take J2E applications from IDEs and package them, talking to the JBoss server, prepackage them to deploy them. And third, there is a JBoss management console that lets you manage the JBoss server, start and stop services, look at its statistics, and so on, and manage the lifecycle of your applications.

Now, this is all nice, but where is the modular design? I'm going to give you a few examples of services that we are bundling with JBoss. The first one is Tomcat. So you're all familiar with Tomcat. We've been shipping it for a while. We're revving the version to 4.1.x because it's always evolving. And we integrated it in JBoss. So now Tomcat lives inside JBoss and can be managed by the same tools that I talked about in the previous slides. And the servlet on GSP applications can be prepackaged by the deployment tool.

The WebObjects application server. WebObjects has been improved and will be shipped as version 5.2.2 with a much better J2EE packaging process. You now have true WAR packaging for WebObjects and also true GNDI configuration for WebObjects. Another example is, again from Apache, it's the Axis Web Service project. We're bringing version 1.1, and it is integrated, it benefits from JBoss, and also is leveraged by WebObjects for our direct web services solution. This will be session 6.24, I believe, on Friday. So these are all but a few examples of services that are bundled with JBoss, and they enabled us to bring to Mac OS X Server the best in J2EE application deployment.

So as you can see, whether you're hosting a single website or whether you have a sophisticated three-tier Java application architecture, Mac OS X Server has all of the services that you need built right in. Finally, last but not least, documentation. So we currently ship Mac OS X Server with two manuals, and we've got lots of requests to improve that, and so we've answered those requests. And we are going to be upping that count to 12 manuals in this release.

We'll have over 1,000 pages of online help, and we've added or updated over 100 man pages to better document the Unix underpinnings of Mac OS X Server. So we've really made some big improvements there. So to wrap it all up, so Mac OS X Server is built on a strong Unix foundation. We have a broad array of services. These are some of the highlights. They won't even all fit on one slide.

But we've taken all of those. We've integrated them. We've put administration tools on top of them to make it easy to set up and use and manage on a day-to-day basis. And for Panther Server, the items up in blue are services that have either been added or had major enhancements in this release. So BSD5, automatic setup, major improvements to the management tools, Open Directory 2, Samba 3, VPN, Postfix mail server, JBoss application server. So we've made a lot of changes in Panther Server, and it's going to be a great product.

So we also have a lot of sessions that are coming up here if you want to learn more. This gives you an overview of the product, kind of lets you know what's in Mac OS X Server. There's an in-depth session that's coming up after this over in the marina that's going to go into more detail about APIs and underpinnings of the server if you want more information. We have sessions on authentication and directory services this afternoon and tomorrow.

And for those of you that are interested in desktop management, we have sessions on those tomorrow and Thursday that will tell you more about the services and also for developers tell you about building applications that work well in those environments. Now, one thing, if you're interested in giving us feedback, we have a feedback forum today. It's at 5 o'clock.

But unfortunately, due to scheduling conflicts, it's also at the same time as the authentication session. So we hope you'll come to one of those. Either come to the authentication session to learn about authentication or come to the feedback forum where we'll be there to answer your questions or take your feedback.

But we hope to see you at one of those. Tomorrow, we have a, well, sorry. Actually, there are several WebObject sessions going on throughout the conference, but here are a few that we've called out of major interest. But check your books for the others, as well as several sessions on QuickTime streaming as well.

So if you have any more questions, you'd like to contact somebody, Skip Levins in developer relations or Eric Zelenk in product marketing are the contacts for Mac OS X Server. And with that, I'd like to bring the speakers back up on stage. We have a bit of time for Q&A. If anybody has any questions, please step up to the mic and we'll take your questions.