3. OSX in the Enterprise?

OSX in the Enterprise?

Education here - we are mainly a Windows shop, but we have about 100 Macs which students use in our Arts areas, and associated lecturers use Macs too. We use OSX Mavericks for all our Macs at this time. (Ok, I have one Yosemite Mac Mini in production as a guinea pig).

All Macs are bound to Active directory forests. A long time ago we extended our AD with Apple's additions (deprecated now I think) which makes things a lot easier as they are still honoured by Mavericks - things like 'apple-user-homeurl' for the server and share and apple-user-homequota for example.

We have two Apple XServes which we use one only as an AFP fileserver. We use AFP as when we were using Adobe CS4, apps would repeatedly crash when using SMB but would be rock solid using AFP. We use Creative Cloud now, and we are planning to migrate back to SMB hosted on Server 2012R2 (with de-dupe) in the future assuming Adobe software is now stable (Yosemite and later now default to using SMB3, so the OS is ready). Mavericks does support connecting to Windows DFS shares.

We use Apple's ARD management tool, however it's a bit clunky and gets easily confused in a DHCP environment, particularly as pretty much every Mac these days has wifi and potentially multiple IP addresses. This can be worked around by setting up smart groups based on serial number to manage rooms rather than dragging them into collections. Another problem with ARD is machines have to be on and responding when you send out packages or commands, otherwise they wont execute them. It is great however for classroom management.

I do have SCCM working for Mac management, but not really done anything with it apart from getting the clients installed and reporting in and testing that it works. This would potentially resolve software deployment issues.

Deployment is handled with DeployStudio which is really well put together. Imaging is really really simple and can be fired off remotely using ARD (assuming your machines are turned on...)

The best way to manage OSX for things like WiFi, printers etc. is via Apple's MDM solution 'Profile Manager' (bundled with OSX Server) - this makes it really easy to push out WiFi settings and certificates (protip: OSX wifi certificates are CaSe sEnSiTiVe) and printer settings. It will also manage all your iOSX devices, and integrated with AD so you can set for example, Exchange settings on a usergroup basis with variables which will apply to both OSX and iOS devices meaning that once set up, you assign devices to an individual and they all get the same mail settings etc.

/r/sysadmin Thread
Previous
Next

Recently removed from /r/sysadmin

I know of a crazy vulnerable Exchange server at my old work. What to do? Details inside. Intune Windows LAPS - Configuration Profile Applies Successfully, Yet Nothing Happens...Why? Woman starting in IT next month. Should I be worried or not? How to run a meaningful CyberSecurity Risk Workshop/Assesment Amazon Outage I don't know what I'm doing and I need help What's the point of using BitLocker with TPM instead of password when someone can always access your computer without entering a password on boot? How many of you despise IoT? Onboarding 1200 New Users - how to communicate passwords? Gen Z also doesn't understand desktops. after decades of boomers going "Y NO WORK U MAKE IT GO" it's really, really sad to think the new generation might do the same thing to all of us Modern SQL Express Backup Solution [GA] Employee claims she can't use Microsoft Windows for "Religious Reasons" So I got a "correctional talk" yesterday. Rant about new age "senior" IT "specialists" who don't know how to wipe their butt. Do you think remote work is slowly dying? Most companies seem to be pushing RTO, even big tech you folks think ?

More Random Comments

I've decided be annoyingly positive for 2 weeks. What do you think I'll find? Kamaitachi leaves CMLL to head back to NJPW Only you can prevent Massively Single Player Online Games (MSO's) If you could see any statistic about your life, what would you want to see most? Attractive men, how did you find out you were attractive? How to Set Up a VPN (and Why You Should) Me [29M] with my SO [29F]. Together 2 years, planning to get married. I'm starting to feel as if she's more in love with the idea of a wedding than with me, and am starting to have second thoughts. Does this show hold up to its music? Universities across the country have begun actively pushing polyamory on campus, encouraging students to be more “affirming” of non-monogamous relationships and instructing them to view polyamorous relationships as an acceptable lifestyle choice. "I don't believe in Evolution" is not them not believing it, it's them denying it. It's the same as a Climate change denier. [Video] Joe Rogan: "UFC should have no gloves, no wrist taping" (Joe Rogan Experience #790) Over online play, people use their anonymity to use racial, sexual, and any other type of slur to demean another player. I'm interested in obtaining first hand accounts of people who were on the receiving end of it. Could you share them? Mother's Day Mega Thread! BEC? Small Rant? Don't Want To Make Your Own Post? This Is The Place! Bears 2016 Season Outlook (Post Draft) Lawyers of Reddit, what is the most outrageous case someone has asked you to take?