In depth with Apple's Snow Leopard Server
- 25 November, 2009 07:29
I've worked with various versions of Apple's Mac OS X Server for nearly a decade now. Each new release has brought major advances to the company's server software in terms of overall features, performance and ease of administration. The most recent iteration, version 10.6 - a.k.a. Snow Leopard Server - is no exception.
It offers a number of advances compared to Leopard Server (v. 10.5), which was released two years ago.
These changes include performance gains, improvements to several collaboration tools introduced in Leopard Server, enhanced simple administration for non-technical users and new features designed for mobile access and for supporting the iPhone.
And if those aren't reasons enough to be happy about the upgrade, the fact that Apple cut the price of its server OS in half, to $US499 -- and continues to make it available with no client access licenses -- makes it well-worth considering. It can serve nicely as either an upgrade from previous versions or as a replacement for other server platforms. In this article, I'll focus on the major additions and changes that Apple has made in version 10.6.
Clearing away administrative confusion
One of the features introduced in Leopard Server was a simplified administration tool called Server Preferences. Server Preferences was designed for workgroups or small businesses to manage some of the core services -- file sharing, e-mail accounts, Web hosting and other collaborative tools, and centralized backup using Apple's Time Machine -- available in Leopard Server.
This management happened from a simple utility that was designed along the same lines as Mac OS X's familiar System Preferences utility, but with Server Preferences, a user with only moderate technical skills could set up and easily manage a server without having to dig through the primary Mac OS X Server administrative tools.
Within Server Preferences in Leopard Server, Apple drew clear delineations between three different types of configuration:
* One for small businesses with no large infrastructure
* One where a server was installed for a specific department or project and where user accounts were imported from a larger directory system within the network (such as Microsoft's Active Directory or Apple's Open Directory)
* An advanced mode where experienced systems administrators had full access to Apple's GUI and command-line tools for managing each and every service available
However, there was no easy way to switch between the two simplified modes and the advanced mode. You could convert a server to advanced mode by launching one of the advanced admin tools, but once you did, you couldn't go back to the simpler Server Preferences.
This left a fair amount of confusion for IT departments setting up a departmental or workgroup server in a larger organization as well as for novice administrators wanting to implement additional services not supported by Server Preferences. The descriptions of the various modes were also a bit confusing to novice administrators.
Now, though, in Snow Leopard Server, the switching restriction has been removed, along with all language relating to the selection of one of the three modes that Leopard Server imposed.
Apple has retained Server Preferences, and it's largely unchanged from a user interface perspective. Snow Leopard Server has also retained the ability to import and augment records from a different directory system to support user access to services without requiring schema modifications on the larger existing directory system that is already in use within an organization.
The result: IT staff or consultants can now create more complex configurations for novice administrators while still supporting management in Server Preferences. For any small business or department of a larger business, this means they can have the best of both worlds -- either on their own if they have the know-how or with the occasional help of a systems administrator or consultant to do the more technical tasks.
Another set of features introduced in Leopard Server was a series of collaborative tools. Beyond the basic mail server and Jabber instant messaging service, Apple introduced a shared calendaring solution called iCal Server that was based on the open CalDAV standard and that supported other CalDAV clients beyond Apple's iCal. Other tools in Leopard Server included a wiki and blog server that allowed users to easily collaborate through a Web-based interface that can edit content, track changes and let users know when content impacting them is modified. It also makes tagging and searching for resources very simple.
All of these were great steps, but they still had a slightly less than polished look when Leopard Server first shipped. Many of these improved in stability and performance after the first couple of updates to Leopard Server.
In Snow Leopard Server, all of the collaborative tools have significantly matured and now live up to the promise that they offered in Leopard Server. Read on to learn more.
Revamped mail services
One of the big changes Apple made was to move its mail server to be based on the open-source Dovecot, which provides Unix/Linux mail servers with a broader range of features than Apple's previous mail software. New features include the ability to have more complex server-based filtering; this allows mail to be filtered into specific mailboxes by the server rather than a mail client, resulting in better client performance and sorting being applied regardless of the computer or device being used to access mail.
Another new feature is the use of vacation or out-of-office replies. Apple also improved the Webmail interface available to users; previous iterations relied on a very basic implementation of the common Squirrelmail tool.
Address Book Server
The biggest addition on the collaborative tools front is Address Book Server, to help share contacts and manage personal contacts using the relatively new CardDAV standard. This is a big improvement in many ways because previously the only option for shared contacts was through the use of LDAP. While LDAP was a viable solution if you needed to only retrieve contact information, it offered little in the way of editing contacts.
CardDAV is still somewhat of an emerging standard, with a limited number of clients that support it aside from Mac OS X's Address Book in Snow Leopard. Still, it is a step in the right direction and it shows that Apple is committed to developing collaborative tools that are based on open standards, as it did with iCal Server support.
Enhanced Calendar Server
Speaking of iCal Server, the shared calendaring got a number of updates in Snow Leopard Server. iCal Server in Leopard provided limited functionality for inviting multiple members to events. Also, it was difficult to access iCal Server from systems without CalDAV clients, including Apple's own iPhone.
iCal Server -- dubbed iCal Server 2 in Snow Leopard Server -- now has a better-performing and more streamlined user experience. Configuring clients to access the server is simpler. And features including invitations and viewing the availability of rooms, other resources and other users are both easier and more consistent.
Apple's also added support for the iPhone; this was a combination of both the iPhone OS 3 update released this summer, which introduced CalDAV support, as well as the server enhancements. Web-based access to calendars is also now possible with the revamped wiki server.
Another addition is the iCal Server Utility. This utility existed in a somewhat different form in Mac OS X Leopard as the Directory application. This application originally took the form of a central directory that all Leopard users could access. In that iteration, it offered the ability to look up users, contacts, locations and resources such as projectors, printers and even company cars. It also allowed users to create ad-hoc groups for collaboration.
As intriguing as Directory was, it was in no way cross-platform or accessible from the Web. Only Leopard users could access it; users of earlier Mac OS X versions as well as other platforms were out of luck. There was also a fair amount of work required when populating the data into Directory, which given a limited client base made it hard to fully justify the effort in most organizations.
Now, as iCal Server Utility, the tool is now aimed at server systems administrators and can be used only to populate resources and locations. Once these are populated using iCal Server Utility, users will be able to reserve rooms and other resources via iCal, any third-party CalDAV client or iCal Server's new Web interface. Users cannot add new rooms or resources through these tools, however; that task remains in the hands of systems administrators.
The somewhat scaled-back approach may seem like a step backwards from Directory's overarching vision. However, it is actually a positive step because for contacts, Apple has introduced Address Book Server, which is based on open standards and is supported by tools on additional platforms. This provides for much of the general use that Directory was intended to achieve and requires less effort.
Wiki Server finally comes of age
Apple's Wiki Server has finally matured as a central collaborative environment in Snow Leopard Server. Although it was a functional wiki and blog service before, the ability to have full access to a range of collaborative technologies -- including e-mail and shared calendaring in particular -- is a huge improvement. Access is through a Web interface. Wiki Server also serves as a functional wiki for projects and departments, and provides individual user blogs in a clean and generally easy-to-navigate interface.
A couple of specific points of improvement include enhanced search capability and integration with Apple's Quick Look. A technology that emerged on the Mac OS X desktop, Quick Look allows users to preview files without opening them or even needing an application capable of opening them.
The new Wiki Server includes Quick Look and functions largely like Quick Look does on the desktop. If a user attaches a file in any one of number of common formats -- including PDF, Microsoft Office and Apple's iWork and QuickTime -- all wiki users can preview the content without downloading it. This can be a great tool for tracking documents, viewing reference content and being sure what a document contains before downloading and working with it.
Easier Podcast Producer workflows
Another Leopard-introduced technology that has gotten an update is Podcast Producer. This is a way to create podcasts using Mac OS X Server. Podcast Producer allows an administrator to define completely automated workflows for users to generate podcasts.
In Snow Leopard Server, Podcast Producer has been updated and it now includes a new tool called Podcast Composer. Podcast Composer offers a quick and easy way to string together common operations needed between the step where a user records video and when it is made available as a podcast in one of varying formats. This can include things like copying the video to a server running Apples Xgrid clustering platform, formatting the video for specific devices, including company-specific watermarks or custom introductions and credits and generating the RSS feed for the completed podcast.
Much of the functionality in Podcast Producer existed in Leopard Server, but the interface for creating workflows has been dramatically transformed and simplified. It now resembles that of workflows that Mac users can create with the Automator tool and allows for quick and easy creation of multiple customized workflows.
iPhone support and push notifications
The iPhone gets some special attention in Snow Leopard Server in a few different ways. First and foremost, Apple's updated mail engine and iCal Server 2 now can send push notifications of new events or messages to iPhone users.
This is a pretty major step that Apple really needed to take. It allows the iPhone to be supported by Apple's own server platform and still maintain a lot of the features that previously would have required an Exchange Server.
Apple has also crafted a wiki template specifically for iPhone users. The "My Page" feature, as Apple has dubbed it, is formatted for easy viewing on the iPhone's mobile browser and lets users easily track additions of content specific to their job roles. iPhone users can also edit content.
Secure remote access without VPN
Moving away from collaborative tools, Snow Leopard Server introduces an alternative to VPNs for users who need to access internal resources securely from outside a network. Mobile Access Server, which makes its debut in Snow Leopard Server, allows you to create secure connections using a reverse SSL proxy. This allows users on unsecured networks like a public Wi-Fi hotspot or a mobile carrier's cell network to connect securely and to access several common internal services like Web-based intranets and wiki/blog sites as well as e-mail and other collaborative tools.
While these can be secured with SSL individually, having a single point of connection, and having single sign-on easily available and hosted by a server other than the servers storing the data, make the process both simpler and more secure. It also alleviates setting up VPN access -- which is, of course, still available -- especially if users need access to a limited number of services.
For remote users, you may still want to consider a VPN for access to a broader range of services.
Built-in NetRestore option for mass deployment
Apple has bundled the ability to do Apple Software Restore (ASR) deployments in System Image Utility. This is in addition to the existing NetBoot and NetInstall options. ASR deployments are typically preferable to NetBoot/NetInstall because they offer the option of using multicast system image deployment.
Multicast deployment allows a server to flood a network segment with a constant stream of data that all clients can access simultaneously -- as opposed to discrete one-to-one connections known as unicast. Multicast deployments can be significantly faster than unicast deployments through Apple's existing options.
Although this feature still requires you to rely on the ASR command-line tool for some operations, the NetRestore option allows you to easily boot a machine over the network -- removing the need for an alternate startup disk -- and proceed with the deployment.
Ability to force reset of managed clients
Apple's Managed Preferences environment allows administrators to use directory services to preset and configure almost any part of the Mac environment. This remains a powerful option, with a wide range of built-in choices for setting up and restricting the user environment based on individuals, group membership, which computer they are using or any combination of the three. As in the past two Apple Server OS releases, you can also add configurations for almost any third-party application as well.
One nice touch here is that Apple has added to the client version of Snow Leopard the ability to remotely refresh the settings of any given Mac. This allows you to ensure that if you make changes to a configuration, all Macs will immediately accept that change.
Easier client binding to directory servers
Apple has continued to simplify the process of joining Macs to a directory services system. Macs can now auto-detect available directory servers using Apple's Bonjour zero-configuration networking technology. This allows new Macs to automatically detect directory servers and present them to a user during the initial setup of a Snow Leopard Mac.
Finally, overall performance has been enhanced in Snow Leopard Server, even when running on low-power Macs -- as you might find with a small business server. Much of this boost comes from the same technologies implemented in the client version of Snow Leopard. These include 64-bit functionality, the new Grand Central Dispatch for efficiently using multiple processors and cores, and the OpenCL technology that allows a Mac or server to use graphics processing hardware for more general computing tasks.
Snow Leopard Server is a tremendous value. It offers a range of features that aid collaboration and mobility for small businesses through enterprises. The improvements in collaborative tools will probably be adopted in education, one of Apple's core markets. The simple licensing structure and lowered price are enough to make the platform competitive.
For organizations that already run in part or entirely on Mac OS X Server, this is a definite upgrade. With so many new technologies and under-the-hood changes, though, you'll definitely want to spend some time testing and getting to know the new face of Mac OS X Server before making the jump. For organizations running on other platforms, Snow Leopard Server's lower cost and the maturity of so many technologies originally introduced in Leopard Server make it a product to seriously think about, particularly for smaller organizations needing a simple yet powerful option.
Ryan Faas is a freelance writer and technology consultant specializing in Mac and multiplatform network issues. His most recent book is The iPhone for Work, published by Apress. You can find more information at www.ryanfaas.com and can e-mail Ryan at firstname.lastname@example.org.