Enterprise IT • 49:19
This session covers how to migrate large groups of Mac OS 9 or Windows users to Mac OS X. Topics covered include user migration strategies for Mac OS 9 environments, Windows desktop conversion, and migration of Windows Servers to Mac OS X Server.
Speakers: JD Mankovsky, Gabe Benveniste, Eric Clements
Unlisted on Apple Developer site
Transcript
This transcript was generated using Whisper, it has known transcription errors. We are working on an improved version.
Good morning. How's everyone doing? So you've all got your coffee and your donuts? Any donuts this morning? No, not yet? They'll be coming, I'm sure. They'll have all the sugar you need by the end of the day. So we're here to talk about desktop and server migration to Mac OS X. My name is JD Mankovsky. I'm the consulting engineer for US Business and Federal for the US. So what does that mean? It means that I live in a hotel.
I know a lot of the flight attendants by their first name. And so I spent about 60% of my time in front of customers, and I know quite a few of you, basically understanding your needs as far as features for, as an example, for Panther right now, but for any future releases of our operating system.
So I spent a lot of time with enterprise accounts, understanding what they need from Apple. And then I spent about 30% to 40% of my time back in Cupertino with our product marketing and engineering folks and making sure that we actually build the products you need. So that's kind of my role for Apple.
And so, you know, basically what I'm going to do today is kind of give you an overview of some of the tools and best practices that, you know, our customers are using today to migrate to Mac OS X. And then, you know, with Panther, there's a lot of new features that we think will fit the needs of the enterprise. And what I mean by enterprise is, you know, business, federal, you know, I consider education enterprise as well.
So if there's education people in here, when I mention enterprise, it does include higher ed, of course, and K-12. And so we're going to talk about some of those tools that are going to be made available to you soon by the end of the year with Panther and Panther Server.
And as you've seen in the past year, a lot of our developers are as well migrating to Mac OS X and porting their apps to Mac OS X. And we'll talk about that in a second. But basically, 2000. 2003 is the year to move from 9 to 10. So for those of you who haven't done this yet, this is really the year to do this.
And we'll try and illustrate and show you some of the best practices in a second. So the first thing I wanted to do is, like we did last year at the developer conference, I just wanted to have fun with Keynote. That's all. I like the bouncing feature. It's kind of cool. So this is another cool feature keynote.
But basically, last year, we put Mac OS 9 to rest from the developer side, and this year, we're putting Mac OS 9 to rest from the customer perspective. And again, classic is still gonna be here, but as you know, the G5 and all the new machines are not booting Mac OS 9, and so this is the time, this is the year to migrate to 10. So what are you gonna learn? Well, when I go and meet with customers, what they ask me quite often is, give us the ammunition, give us the reasons why we should go to Mac OS X.
And so that'll be my first point, is try to give you the top 10 reasons that, I think and our customers feel like are good reasons to migrate from Mac OS 9 to Mac OS X, as well as migrating from Windows to Mac OS X, because that's another thing that we'll talk about today.
And we'll also have a special guest from Pixar, who is actually going to talk about how they migrated their Macs from OS 9 to OS X. And they did some really, really cool stuff, and Gabe will actually show that in a few minutes. And then we'll talk a little bit about the Windows side, because again, you know, we started with the Switcher campaign on the consumer side.
But I feel like with Panther and Panther Server, we have a really good shot to actually go beyond the consumer and beyond the creative groups and actually replace some Windows desktops and some Windows servers with Mac OS X and Mac OS X Server. And to do this, we'll actually show you some really cool demos today with Eric Clement, who will show you actually some pretty interesting integration demos.
So what are the top 10 reasons to move to OS X? And again, this is feedback that I've got from customers that have migrated to Mac OS X already. So the number one bullet that I would think of is security, right? Mac OS X's foundation, when we built, when we designed Mac OS X, it was built around, you know, a very robust Core OS, but security was built in, not bolted on, like some of the other operating systems out there.
So my first point is, you know, security built in, not bolted on. And you can see that this year with Kerberos. You can see we're pushing pretty heavily Kerberos. Some other things that we haven't talked about is smart card support. So we have smart card support in Mac OS X.
And so, you know, you can also look at that. That's a pretty interesting roadmap as far as we have a lot of demand from our federal groups on smart cards, but we think this can apply as well to the business and to the enterprise where they could very easily put in a smart card reader, a USB smart card reader, put it in, and basically type in a pin number and get, instead of having the logging prompt and having to remember their name and password, they can actually do that with a smart card and with a pin number.
Stability. Mac OS X is a much more stable OS than Mac OS 9. And you've all experienced that already. I mean, even though an application can quit, and it does happen, and I'm sure you've seen that today or this week if you've played with the betas of Panther, right, or the WWDC build.
So it is much more stable than Mac OS 9, and the beauty of it is it can force quit an application, and it doesn't bring the whole system down. Directory integration, that's something that I've heard a lot about throughout all those meetings with accounts, is they really want us to fit in and integrate with their back-end directory, and that means LDAP integration, it means active directory integration as well.
[Transcript missing]
Robust Unix-based foundation. So yes, Mac OS X is a very robust Unix OS. But what I discovered with our customers is when we talked to the Mac groups, now we're also as well talking to the Unix group. And we've got those people pretty much switched over as well, right? Those Unix people had a Windows computer and they had a Unix box, right? They had a Unix computer to run their email and run the productivity suite like Office, you know, Word, Excel, and so forth.
And now they've basically replaced their Windows computer and their Unix workstation with a Mac OS X box, right? And so... You should get, if you're a Mac IT person, you should get with your Unix people and get to know them and actually really work together as a group to support the Macs and to support the Unix stations that you have in your environment.
And that's also the fact that the Mac OS X is Unix also makes it easier to find people that can manage and help support those Macs. Is anyone with, you know, a Solaris background or a Linux background can actually now help support the Macs. It's very, it's much easier for them to do that than to learn Mac OS 9, believe me. Software developers have transitioned to X. Great examples from Adobe, from Microsoft. I mean, they make phenomenal applications.
And so they have transitioned to X. And that's one more reason to move to Mac OS X from your perspective. And then licensing costs. That's something that I hear a lot about. A lot of complaints from customers is that licensing costs for Microsoft are pretty expensive. And we think we have a, you know, pretty good solution with our maintenance agreements that we have in place today.
So let's talk about some general migration guidelines. If you haven't migrated to Mac OS X yet, what are some of the key things that you should look at before starting that migration? Well, the first one is plan your directory strategy, right? What I mean by directory strategy, I mean picking the right backend authentication method.
And we like standards, right? Mac OS X is all based around open standards. And so if you haven't planned, if you haven't looked at a directory, a central directory strategy, we highly recommend you look at LDAP-based solutions, right? And those could be from Sun, they can be from Novell. I mean, eDirectory is a phenomenal solution from a directory perspective. It could be from IBM. It can be from Apple, using our new open LDAP-based LDAP replication server.
So, you know, Active Directory is an interesting, you know, it's a product from Microsoft. It's not quite standards-based, right? It's kind of a mixture of LDAP, Kerberos, plus some other things. So we like standards. And so if you haven't looked at it, look at an LDAP-based solution if you can. If you've gone AD, we understand and we'll fit in.
Plan your desktop management. So again, using workgroup management, make sure that you create and you set up your OS X servers with your workgroup management, and you've defined that and created your groups and basically done all the work in advance before deploying workgroup management, and that you've actually tested that in a small environment. 50 users, 10 to 50 users is a good number to actually deploy this and test that before you go throughout to your hundreds of Mac users.
Get certified, right? We have a wonderful certification program. That's something that our customers have been requesting for years, and it's really, really important. I mean, I've been using Mac OS since 1984. I know Mac OS 9. I know every extension, but Mac OS X is a different beast. There's a lot of potential, right, in this operating system, a lot of potential, and by getting certified, we'll give you a lot of that.
Those tips and a lot of that really interesting knowledge that the trainers have, because a lot of them come from a Unix background. And they can really help you get jump-started, and it's really important that you get certified for X before starting this Mac OS X migration and deployment. So this is the website. Check it out.
Sign up for AppleCare support. We have a pretty nice AppleCare server software support. It's not the $9.99. The $9.99, that's really for hardware. It's in the $5,000 range, and that includes very high-level support from Unix people who can actually help you write scripts and do some pretty interesting stuff. So we have those plans in place to support enterprise-level customers.
Get familiar with the new Apple tools, right? So today you're familiar with Carbon Copy Cloner, phenomenal tool. Net Restore is another one that's really cool. In Panther timeframe, we have a new version of Disk Utility. We have a new version of the Network Image Utility, which is basically, which takes a lot of the Carbon Copy Cloner features and integrates it in this tool.
And then we have, of course, Apple Remote Desktop, which is a phenomenal product. I mean, I go and meet with customers on the PC side, and the comparable solutions are worth thousands of dollars. And here you can get Apple Remote Desktop for $1,000 for unlimited client seats. And that's just a phenomenal product. And that's one admin, by the way.
So we got some really good tools from Apple that can achieve a lot of that management for a pretty attractive price point. And by the way, disk copy, if you're using disk copy today, that's actually part of disk utility in Panther. So don't look for the disk copy utility application. It's now embedded into disk utility.
So those are the three tools that we just talked about. So we're going to first start with the 9 to Mac OS X migration. And so what I wanted to do first is kind of give you a quick basic implementation. And what I mean by basic implementation is basically a three-step process. I've summarized it into a three-step process to migrate from 9 to Mac OS X.
And by the way, this applies to Jaguar as well. So the Mac OS 9 to migration, the first thing that users can do is they can use Sherlock 2, if you remember Sherlock 2, in Mac OS 9, and they can find the user's files on the hard drive. They find their files on the local hard drive.
You can do some of the advanced search capabilities to do that. Of course, you can write a little Apple script that does that automatically. The second thing is, again, if you've planned your directory and your desktop management properly, it probably means the user now has... a Mac OS X home directory waiting for him, right? So over AFP, you can connect to that user's home directory, and he would have, you know, his document folder, his picture folder, his movie folder. And he can then, from his OS 9 desktop, copy all those files over to his virtual Mac OS X home directory that's waiting for him.
And then the third step is basically, as an admin, you've created a custom image, right? Using the new tools or using Carburetor, you can copy and clone it. You've created your Jaguar image, and you've added all your applications that you use on a regular basis. You've built that image, and you're now ready to deploy it on that desktop, right? And so in 10.3, we have a new feature in Disk Utility.
So again, you could boot from a CD, go to the Restore tab, put in the HTTP URL where that custom image is located, and basically restore the machine. And when the user comes in, you can see that the machine is now ready to deploy. And when the user comes in, and he's at the login window, all he would have to do is put in his name and password and get to those files that he just copied over when he was still on Mac OS 9.
And you can do that with NetRestore, again, today, with one of Mike Bombich's tools to achieve the same thing if you want to migrate from 9 to Jaguar today. So what I'd like to do now is actually introduce Gabe Benveniste from Pixar. And they've done a phenomenal migration deployment from 9 to 10. And Gabe is going to talk to you about that. Thank you.
How's everybody doing today? I hope you went and saw Finding Nemo last night upstairs. A lot of fun. So my name is Gabe Benveniste. I'm an admin at Pixar Animation Studios. And I'm going to talk to you today about how we moved 500 of our Macs from OS 9 to OS X, about how we were able to utilize the Unix foundation that OS X has to easily integrate with our infrastructure, and how we were able to take advantage of how scriptable the operating system is. So we were able to use tools like Python and Apple Script to really streamline our whole migration process.
The first thing we did is we created our standard image using Carbon Copy Cloner with--our standard image is called the POX, which is short for Pixar's OS X. POX consists of a latest version of Mac OS X. We did a custom install and left out the localization files. We installed a standard set of applications that all of our users get, things like Office, LaunchBar as a utility that we found the users really responded well to.
We also made specific network and machine configurations. We disabled the accounts pref pane so that we had control over the creation of accounts. We disabled software update so that we can control what software and when gets updated on the machine. We also modified the user template home directory.
And this is a really cool tip because you can go and change what new home directories will look like by going to System Library, User Templates, English.lproj. You can change things like how the default browser is set up, where the dock is placed, what apps are in the dock. It's really, really great. So if you change that template, whenever you make a new user, it'll have those changes.
The second thing we did is we made a FileMaker database for planning and tracking our migration. The user goes and they fill out a web form specifying what apps they need outside of the standard base, what printers they need configured, what peripherals they may have set up, and once that form is submitted, are scheduled for a migration. And when that time comes, the admin goes and grabs their machine, takes it to our lab, and boots it up into OS 9.
They make sure that the data is in the correct place, either in the documents folder or on their desktop. And the user was told on the migration page to put their data there. We then restart the machine off of a FireWire drive running OS 9 and run this really cool Python script we made called Rollout. What stage one of Rollout does is it scans the OS 9 machine for data matching a certain criteria. It copies that data to the FireWire drive into a folder resembling a home directory.
Once that's done, we take the FireWire drive and we boot the new machine off of it, and we wrote an AppleScript Studio program called Epoxy. That's a front end for Apple Software Store, or ASR. What it does is on launch, it goes and checks a web server to get the path to the latest version of our pox. It then poxes the new machine. The admin can enter their email address if they want to be notified when it's done and can set the machine to restart automatically.
If the machine is new, it doesn't have an LDAP record, and so we made another AppleScript Studio application called HostMaker to take care of that. It allows the admin to enter the new machine name and the primary user's name. It then goes and looks up the user's name in LDAP, gets their information, where they sit, what department they're in, checks System Profiler for the machine's serial number and MAC address, combines that information, and creates a new host record.
Once the LDAP information is up to date and the machine's been poxed, the admin runs another program we made in AppleScript Studio called Configurator. On launch, Configurator goes and pulls down the machine's IP and the machine name using the serial number it got from System Profiler. It then automatically sets that information in the machine, and then the admin sets what backup settings are going to be used for the machine. And once the admin selects that, the backup team is notified.
The default user information was also pulled down automatically on launch. The admin can specify whether or not the user has administrative privileges, can also specify what mailing list to add the users to. By default, when we build out an OS X machine, we add the user to an OS X announced mailing list so that they'll get updated automatically if we need to send out messages. The admin can also download the user's picture from our intranet and set it as their login icon automatically.
If the admin wants to create additional users, all they have to do is type in another login. That information is pulled from LDAP. All they have to do is press "Create." Once all the users are created, we run stage two of our Python script rollout, which takes the data off of the FireWire drive and puts it into the newly created home directories.
Once a user is created, the admin logs in as that user and runs another AppleScript Studio application we made called PrefMaker. What PrefMaker does is it automatically configures Mail.app for the user based on their name and login that it gets from the local net info database. It also imports their stickies and bookmarks automatically. And once that's done, the machine's ready to be deployed. Thank you.
The admin takes it to the user's desk, sets it up, powers it on, and launches another AppleScript Studio application we made called TGIF. TGIF copies a shortcut to Welcome to OS X at Pixar to the user's desktop, launches a web page, and leaves it up for them when the user comes in.
Cleans up anything like clears the recent bookmarks, empties the trash, just makes the machine really just ready for the user when they get in. It also synchronizes the LDAP passwords to the local net info passwords so that the users have the right account information. It also deletes their keychain. and it also timestamps our migration record for that machine to complete so we can see how long it took to do each migration so we can look for ways to streamline it and kind of identify bottlenecks that may exist.
As you can see, because of OS X's Unix Foundation, we were really able to integrate our tools with our infrastructure and really leverage that power. And we were also able to use things like Python and AppleScript to really just streamline the whole process. And with these tools, we minimize data entry, which not only takes a lot of time, but also helps prevent machines from being misconfigured. And we were also able to really maximize on time savings.
I mean, not only was our process extremely fast, but now from box to desk on a new user, we can have a machine ready for them in under 15 minutes. And we can also, now that we have OS X out there on all our machines, we can build new tools to really assist with our daily administrative tasks and really just make everything a lot easier so we can focus on bigger tasks as opposed to taking care of little things. So that was our migration process. Thanks, man.
So now we're going to talk about migrating Windows clients to Mac OS X Panther. So why migrate from Windows clients? This is pretty easy. Yeah, that's pretty hard, isn't it? So the first bullet again is security, right? I've been to some pretty interesting accounts, very large enterprise accounts, and they're like, "Oh my God, we just got the latest Microsoft patch." And they apply the latest Microsoft patch, and what does it do? It opens a whole bunch of other holes into their network. And they're not very happy. And they're like, "Man, every time you come, "we have this problem applying "those Microsoft security patches." Like, hmm, isn't that strange? Stability.
We know Mac OS X is a very stable operating system, and some would say more stable than Windows. I would agree with that. Ease of use. Mac OS X is very easy to use. We've seen a lot of people move from Windows, even on the consumer side, to Mac OS X, and it's been very easy to migrate, and they've been very happy as far as using X. Save money on licensing costs. That's always interesting.
Less need to apply security in virus patches. Very interesting story here. Very, very, very large account. And when the Code Red virus hit, you know, of course, all their servers went down. And they were actually using Power Books to find the Windows 2000 servers that were affected by the virus, which is pretty funny. So they were running around with titaniums to find the servers and to shut down the servers. And that was all done using Power Books. So that was pretty interesting.
LDAP and Active Directory Connectivity. Now that we have that, you'll see in the demo, the process is pretty streamlined to actually move a Windows desktop user over to a Macintosh. And then, by the way, we also have Office. And as you saw in Bud Tribble's presentation on Monday, we should be getting a very good exchange client from Microsoft in the very near future.
And so, again, for those of you who have a big exchange infrastructure, you should definitely talk to your Microsoft rep to get on the beta and actually test that in your environment. There's actually an email address that got sent for you to request to be part of the beta. Thank you.
And then Java, right? I mean, Java is a phenomenal cross-platform development environment to actually make sure that both your Mac and your Windows users can actually use the tools that you develop as an IT environment. And we have some phenomenal new developer tools with Xcode that really simplify the whole process.
And as you saw with Gabe, I mean, they wrote some phenomenal AppleScript Studio front-end applications in a matter of, you know, days. And so you should really look at that. You should really look at AppleScript Studio. And if you were at the session yesterday, the migrating Unix to Mac OS X, you saw Mike Bombit just write a few applications very, very quickly and putting a very nice AppleScript Studio front-end. And so you should definitely look at that.
Some of the third-party solutions for migration to migrate a Windows desktop over. A really good one from Little Machines allows you to migrate your Outlook email database over to Mail, over to Entourage. You can pick one or the other. I think from a Windows perspective, it's much easier to migrate a Windows user from Outlook to Entourage than Outlook to Mail. That's just what I've noticed. Address book and iCal, of course, possibly. And then if you want to move the entire user's home directory over from a Mac to a PC, there's also a pretty good solution from Move to Mac from Dettos software.
So this is a very interesting one, is Windows 2000 migration to Panther Server. And that's something that's been really dear to my heart because I deal with a lot of large accounts and they're like, man, those cows are just killing us, right? The price, the pricing, and I met this customer about, what is it, about 16 months ago, and he has 1,000 Windows NT servers and Windows 2000 servers. And they're like... We would really like to migrate those servers over to the Mac.
I mean, he's the CIO of the company, and he loves Macs, but he says, I've got to make the right decision for the company, right? I mean, I'm not going to migrate if it doesn't fit what we require. And we've deployed Active Directory, and it took us two years to migrate to AD, and we're not going to any other directory.
You've got to work with us. And we've done that, and that's the reason why we've done such a phenomenal job in Panther and in Panther Server to actually achieve that, and we'll talk about that in a second. So why migrate from Windows Servers? Well, security, right, number one. It seems like security's coming back pretty often here. Ease of administration, again, security.
Our perspective from the IT side is people should not be spending a lot of time troubleshooting and fixing desktop computers. They should be spending time thinking of what's the next big thing, right? What's the next big thing that can help my end users get their job done faster and really streamline that process? And that's what we do inside of Apple. I mean, our IT group doesn't spend a lot of time troubleshooting desktops on a regular basis.
I mean, they built the point-of-sale system for the Apple Store, right? They built the Apple Music Store, right? All running on XSERVs and XSERV RAID storage. So that's what our IT group spends their time on, not fixing desktop computers and having to manage servers. I mean, when you put a server in place, you shouldn't spend a lot of time troubleshooting that. It should be install and forget. Unlimited client access licensing, that's a big one. And when we announced the XServe, we had a lot of calls from IT shops saying, hey, this is a phenomenal product, right? I mean, $4,000 with unlimited licensing, we're very interested in this.
And this is a pretty big one, is when Panther ships and Panther Server, we'll be able to host your Windows home directories on our hardware. So basically, we'll show that in a graphic in a second, but basically you can have an XServe, an XServe RAID host your Windows home directories on our hardware.
And that's a fraction of the cost. And again, that fits right into the need of that customer that I mentioned who has 1,000 Windows Servers and wants to get rid of them, or actually at least bring them down to a manageable number running Mac OS X servers. Again, if you haven't deployed AD, I want to emphasize the fact that you should be really looking at LDAP solutions, either from Apple or from third-party vendors.
We have a built-in PDC now with Mac OS X with Panther Server. So thanks to Samba and the work of the Samba team, we now have Samba 3, which has built-in PDC support. Thank you. We have Active Directory Integration, which we'll show in a second. And we have a scalable mail server. That's the other thing that people are looking at is exchange is nice.
But we think we have a pretty good scalable solution now with Cyrus Mail and Postfix and Panther, and you should really look at that. and again, it's all based on standards, which is another huge added value. And then we also have JBoss support built in for your J2E deployments. And over 40% of the enterprise accounts out there actually deploy using J2E.
Some of the migration solutions to migrate from Windows NT. We have DAS technology. They actually have a tool to help you migrate from Windows NT to Mac OS X Server. And then, again, with Panther Server, what you will be able to do is with the Active Directory plugin and Samba 3, you can now deploy XSERVs and XSERV RAIDs and basically host your Windows users' home directories and Windows files on our hardware and save a lot of money.
And then the last point I wanted to make is I've seen a lot of people deploy ActiveX-based web solutions, and that's not a good thing. This is totally non-standard, non-W3C compliant. And so there's some really interesting solutions from Strion that actually helps you migrate off of ActiveX into a Java world and helps you migrate ASP web servers. and ActiveX websites to more of a standard.
So what I think is going to hit a home run in Panther Server with people that have deployed Active Directory is this right here, where basically you buy an XServe and an XServe RAID, and you have your Macs, you have your Windows desktops, and basically the Windows user can log in, authenticate against Active Directory because they've deployed Active Directory and they're not going back, right? But they can still work on the file server side and save a lot of money and not have to deploy those 1,000 Windows servers, really consolidate that with XServe and XServe RAID. And so what I'd like to do is bring up Eric Clements, the Open Directory engineer, to actually illustrate some of that today with you. Eric? Thanks, JD.
Before we get started, let's describe what we've got up here. We've got a Windows laptop running Windows 2000. We've got a Windows 2000 server that's running AD, of course. You can't show AD if you don't have an AD server. And also a Mac running Panther. First, we'll start at the Windows 2000 client. Thank you. Obviously, we're at the login screen. I'm going to log in as my account here. Pretty typical environment you're used to. Oh, looks like my virus is out of the data. I need to update that.
So you can see here, I've signed in, and actually, you can see my network home directory, because I've got a network home directory programmed. This is running on a Windows 2000 server, of course. I've got some files. I've been working on my desktop. I don't really save the network, because I'm not used to saving the network. So let me copy these files up to my network.
That was pretty quick there. So I'm kind of done here. And it shows the fact that we signed into Windows 2000. Let's switch over to demo machine number two, please. Thank you. So this is the Panther client we're actually running and actually already programmed into Active Directory. When you have the user list, of course, it says an Other button.
I recommend changing that as you deploy. So one thing we did with the AD plugin is we can actually sign in in a familiar form. You notice I signed in with a short name there, but some of you actually sign in with an email address. You can do that.
Now this is going to take a little bit. This is the first time I've signed in to the computer. As you've seen on a Windows 1000 client a lot of times, when you first sign in the first time, it's creating your local account, doing all your profile settings, all those kind of things. We're doing something similar, creating a local home directory, caching the user so you're ready to log in offline.
Here we are on the path to client. You can see my home directory is actually mounted on the desktop here off that SharePoint. You can see those demo files that I copied over a little while ago. I can copy those off if I wanted to, leave them on the network, work with them on the network directly.
So it's a very familiar environment that you would have seen on a PC. One of the things that we want to highlight here is I've also programmed it to look at AD for the address book. If you go to the address book, you'll see a directories tab, and actually directory services. I know JD's in here somewhere. There he is.
So I can actually drag him over to my address book, click on the address book, and now I've got his complete information, his phone number, cell phone, whatever's been programmed into the active directory. So it's a very handy feature. And, of course, I can continue to search for other users. I can search for myself for the first time. And if I try to drag that over... and actually notice this, I've already got a V card because this is the first time I signed in, we generate one automatically. I can just merge that.
So I can go to my V card. Now I've got a fully populated V card with my information out of the directory. So it's very handy as you send out emails with the mail application. So let me go to how this is all configured. If you go to the local hard drive here, go to Applications. Go to Utilities. You'll see the Structural Access application. So this is what your admins would do the first time. This does require administrative access to the computer, so I will assign it with an admin account so I can look at this.
You'll see the Active Directory tab. I can pull that down so I'm actually bound to the DeForest and the domain. Now, one thing, for those of you who are going to try this, you do need to use the fully qualified DNS name of the domain. You can't use the AD.
Some people have already tried the plugin, I heard, and they couldn't get it to work because they typed in the short name. We're completely based on DNS, no RPC, so we can't locate domains automatically based on that. I'm going to send the advanced options. You've got the multi-domain authentication, caching. As I said, the caching was turned on, so it had to do that caching.
To actually authenticate, I actually did a custom search path here. This allows me to plug into multiple directories. Say I had an LDAP server and an Active Directory, I can actually program both of those directories in there to authenticate against. So it's a very nice feature. For the address book, I actually do the same thing on the Contacts tab.
Add Active Directory on the search path for the contacts. So that's kind of what it takes to actually configure for Active Directory. Now, the other thing we've done is we've actually got an XServe that actually has the plugin already installed. So let me connect to that XServe also. Thank you.
and his project for naming a password. Type in the same name that I used, same password. Actually connect to a shared volume. So this is an AFP server. had already covered files up. So I can actually drag files from my Windows 2000 server straight over to an AFP server.
So now I've got all my files on the AFP server using Active Directory in all the cases here, signing into the next server over Apple File Protocol and signing into the Windows 2000 server. Give you a little example of the tools here. I can actually manage the users on that server remotely. We have used-- give you some tools with the XServe. One in particular we call Work Group Manager.
So you can see a list of AD users. And if you look at the top here, it's the Active Directory AD domain. So I can click on my user. I can click on JD, other test users, et cetera, admin users. Now what we actually want to show is something-- the actual true integration here. We've actually got Remote Desktop on this client. There is a Remote Desktop client for Windows Terminal Services for the Mac. So let me go and connect over to the Windows 2000 server. I've got the users and groups computers up. Now I can actually create a new user.
something you're very familiar with doing on the Windows side. And I can actually go over here and do a refresh. And you see customer one already showed up. So it's completely integrated with the directory. I can actually edit some users if I wanted to, but you can probably do most of the administration from the Windows side.
The other thing I want to highlight here is we actually got a user, JD, happens to be on the workbook. You'll notice... His account is set to change his password on his next logon. So that's something we really want to show. So let me get out of-- There's a minor bug with remote desktop on Panther. So we sign out.
I'm going to try signing with JD. So you can see my new cached account is already set up. In fact, I could log in with that real quick if I wanted to. And notice the login will be a lot faster than it was a minute ago, because everything's already been done.
Now, it is still verifying against the network. So it is still making sure your password's in sync. But let me log in as JD. This open-ass password's expired, so it wants me to change my password. This is, unfortunately, a bug in the current seed, so even though it prompts you to change it, it won't let you change it.
[Transcript missing]
So in summary, what did you see? Well, we had a Windows user running on his Windows computer, and we've now moved this Windows user over to Mac, and basically all his files that were in his home directory are now on his Mac.
[Transcript missing]
It's about enterprise solutions. And we have some phenomenal third-party solutions that are out there, phenomenal enterprise solutions. I mean, Apple runs SAP as an example, right? So we have a phenomenal SAP Java GUI for the Macintosh, but we have a whole bunch of really phenomenal third-party enterprise solutions on the Mac.
And as time goes by, we'll get more and more. I mean, this is a phenomenal solution, right? The XServe at $4,000 and the XServe RAID for $11,000. No one can come close to this, right? This is like the airport base station three years ago when we basically shipped the first wireless solution for $300, and everyone else was $1,000.
The storage solution, no one can come close to what we have. And when we go and talk to developers, it really resonates, right? They don't want to spend, they don't want to have to convince the customer to basically buy very expensive servers. They want to sell their software solution, right? They don't want to fight for the hardware.
And here, basically, you've got a $5,000 server that can do as well as a very expensive server from other vendors and do the same thing. And that's why we're getting solutions like Oracle and Sybase and basically SAP clients and Tivoli clients and web methods over to the Macintosh. Because those developers are actually seeing that same vision that we have around the enterprise.
And so what I'd like to do in summary is basically tell you that we've worked really hard, the engineers have worked really, really hard to make sure that Panther and Panther Server are built with your enterprise requirements in mind. And as you saw with the demo, we think we're coming really close to that. And so we really want your feedback as well. I'll have my email address up there as well. But the other thing I wanted to leave you with is pick your directory strategy wisely.
If you have a large amount of Macs and a small amount of PCs, Windows desktops, you definitely should not move to AD. You should look at our solution or third-party LDAP solutions. If you have a mix and you haven't deployed a directory solution, you should really look at standard-based solutions. Meta directories are also a great thing to look at. So again, deploy solutions and deploy technologies based around open standards, around Java. Don't deploy.
Don't deploy anything around ActiveX and some of those proprietary solutions. It's a nightmare to move off of them afterwards. Let us know how we can help deploy more Macs in your enterprise. Again, that's really very key. We'd love to help you do this. And we want your feedback.
So again, I'll have my email address in a second. We'd love to help you. As a roadmap... Some of the sessions that are pretty interesting this afternoon, deploying XServe. There's a feedback forum on the enterprise. There's network security best practices. So again, we talked a lot about security today, but there's a really good session on Friday.
AppleScript for sysadmins. Again, that relates to what Gabe showed you today with AppleScript Studio. Sal Segoian is going to do a phenomenal job. He's just a phenomenal presenter. And then deploying XServe RAID. Alex Grossman, the XServe RAID product manager, will actually show you how to actually scale the XServe RAID from one XServe RAID to 20, 30 terabytes. And he'll show you that on Friday at 3.30.
Who to contact? Myself, very simple email address, jd.apple.com. And Skip Levins, slevins.apple.com. And so for more information, there's some good documentation. I mean, again, the Mac OS X Server documentation, if you're not familiar with X Server, you can download the manual for free. It's right off our website. And the schema modifications and some of the security APIs are as well up there.