[unisog] Re: MAC/PC Mixed Mode Envioronment

Derek Ethier derek.ethier at humber.ca
Tue Jan 11 02:24:01 GMT 2005


On Jan 8, 2005, at 10:01 AM, Troy Gauthier wrote:
> 1. Which Server solution should be used? Or should it be a
>combination W2K3/OSX Solution (since I'm pretty sure OSX can 
>readily use MS Active Directory).

We use Windows Server 2003 for pretty much everything.  The only problem I have
ever experienced with file storage is that Mac clients (particularly OSX, since
that is what I'm experienced with in this situation) cannot accurately
determine certain advanced ACL's set through Windows.  See the next comment for
more information.

> 2. Is there a common interface to manage the clients, 
>perhaps a 3rd party solution?

ADMitMac (www.thursby.com).  It's not that cheap, but it does make your life
easier.  It allows users to login using their AD credentials, you can mount
user's homespace, mount volumes off Windows shares (without File Services for
Macintosh installed on the server end).  As I mentioned above, and I do not
believe that it's the fault of ADMitMac, but the differences in how the OS
determines advanced ACL's as set by Windows (subfolders and files etc.) can
cause some weird annomalies, but so far, it's the only problem we have ever
experienced.

However, aside from that one downside, ADMitMac is in all of our managed labs
and we are trying to convince other departments of it's benefits (over cost).

> 3. Best practices to secure and maintain both os's in such an
> environment.

ADMitMac basically turns the Mac into a Windows machine where AD is concerned,
the only problem is that Group Policy etc. (obviously) doesn't apply so your
Mac admin's better know how to manage their desktops.  Certain protocols like
WINS need to be active in the environment for the login to work, and we have
run into some weird situations where OSX would not mount volumes with
misconfigured DHCP scopes.  All in all, accounts are managed through AD
(password expiry, password change is all detected on the clients through
ADMitMac) and you can set folder permissions equally for Windows and Mac
clients which makes security a little easier on the backend file storage.

Hope this helps.

d.




More information about the unisog mailing list