Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Large-Scale Mac Deployment?

kdawson posted more than 4 years ago | from the rolling-'em-out dept.

Networking 460

UncleRage writes "I've been asked to research and ultimately recommend a deployment procedure for Macs across a rather large network. I'm not a stranger to OS X; however, the last time I worked on deployment NetRestore was still king of the mountain. Considering the current options, what methodologies do admins adhere to? Given the current selection of tools available, what would you recommend when planning, prototyping, and rolling out a robust, modular deployment scenario? For the record, I'm not asking for a spoon-fed solution; I'm more interested in a discussion concerning the current tools and what may (or may not) have worked for you. There are a lot of options available for modular system deployment... what are your opinions?"

cancel ×

460 comments

make sure you have lots of lube (4, Funny)

Anonymous Coward | more than 4 years ago | (#29498183)

that is a whole lot of gay to be rolling out

Re:make sure you have lots of lube (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#29498207)

I hate you bastard trolls but, by god, this made me laugh.

Re:make sure you have lots of lube (-1, Offtopic)

rubycodez (864176) | more than 4 years ago | (#29498213)

oh gawd holy shit, funniest ac post ever!!

Re:make sure you have lots of lube (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#29498687)

Given the current selection of tools available, what would you recommend when planning, prototyping, and rolling out a robust, modular deployment scenario?

Well you're going to need lube, condoms, leather harnesses, gloves, cock rings and some banging techno. Moustache wax might be a good idea, too.

Re:make sure you have lots of lube (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#29498783)

mod this above 0 and win respect from metamodders when it comes up in the queue 18 months from now!

Re:make sure you have lots of lube (1)

The Yuckinator (898499) | more than 4 years ago | (#29498817)

18 months? I was meta-moderating front page stories last week.

Macs (-1, Troll)

sexconker (1179573) | more than 4 years ago | (#29498219)

Why?

Either go Windows or go Linux.
Macs are the worst of both worlds, plus they cost a hell of a lot more and have terribly unreliable hardware (but don't worry - your complaints will be ignored and any problems will be features!).

If I were the one who had to support the machines (software or hardware) I'd be fighting tooth and nail against it - to the point of where I'd say "It's me or the Macs".

Ever replace a backlight in a fucking Apple Cinema Display? That's 3 layers (and a thousand assorted screws and layers of tape) deeper than Apple's documentation (for certified technicians) goes.

Yeah, NetRestore is what we used I believe.
It works. Except when it doesn't. At least capacious portable hard drives come in the 2.5" size now. You'll be needing to use that method for the few machines that simply refuse to image over the net.

Re:Macs (4, Insightful)

Anonymous Coward | more than 4 years ago | (#29498267)

Guess what? It would be you, not the Macs. I'd have fired you for wasting the time needed to tear a display apart instead of sending it to the manufacturer to be repaired.

Re:Macs (3, Insightful)

Brian Gordon (987471) | more than 4 years ago | (#29498361)

Taking it apart yourself is worse than paying somebody else $400/hr to take it apart for you?

Re:Macs (4, Funny)

countertrolling (1585477) | more than 4 years ago | (#29498403)

400 dollars an hour?! What are you using? Lawyers? How does that work?

1) Monitor breaks
2) Sue Apple
3) Free monitor?

Re:Macs (3, Informative)

azav (469988) | more than 4 years ago | (#29498523)

Stupid post.

2 would never happen and would cost WAY more than 400 bucks in time alone.

Get Applecare and it's covered for 3 years. Ship it back to Apple while they fix it. That's what we do.

Re:Macs (0)

Anonymous Coward | more than 4 years ago | (#29498565)

Actually, the formula is:

1.) Monitor breaks
2.) ???
3.) Profit!

Re:Macs (0)

vux984 (928602) | more than 4 years ago | (#29498441)

I'd have fired you for wasting the time needed to tear a display apart instead of sending it to the manufacturer to be repaired.

Presumably if its that much more labor to repair, the repair center is going to charge you an arm and a leg for the repair too. (And replacing the hard drive on some Mac's is absurd... the old clamshell ibooks come to mind for example. Most repair centers were charging 150$ in labour, plus the cost of the drive. And if it was an Apple repair center, the drive was stupidly overpriced too... (Apple is the only company that charges you, for example, the full retail price of a $300 GB drive to upgrade a 100GB drive to a 200GB drive... ditto absurdities like that for RAM upgrades.)

And don't get me started on what it costs to connect a new powerbook to your average projecter. What apple charges for a Mini-displayport to DVI adapter is ludicrous.

Re:Macs (0)

Anonymous Coward | more than 4 years ago | (#29498779)

since when is $29 ludicrous? That's all the adapters cost.

Re:Macs (3, Funny)

NoYob (1630681) | more than 4 years ago | (#29498291)

....fucking Apple Cinema Display

Damn! Is there a video? I tried googling "apple cinema display fucking" and "apple cinema display porn" and nothing.

So, what was it fucking? The DVD drive? or the USB port?

Re:Macs (1)

sakdoctor (1087155) | more than 4 years ago | (#29498321)

Rule 35 on "apple cinema display"

Re:Macs (1)

rubycodez (864176) | more than 4 years ago | (#29498315)

there are softwares that only run well on Mac, and the two macs (four and six years old) at my house don't have hardware problems. businesses don't care about your backlight replacement struggles, they can 3 year applecare protection like God or was it Steve Jobs intended

Re:Macs (-1, Troll)

sexconker (1179573) | more than 4 years ago | (#29498499)

Applecare?

Our shop had in-house apple certified techs.
All replacement parts were free, and I believe next-day delivery.

They even admitted to problems.

You have 2 old macs that work.
Great.

I've seen them drop like flies compared to their PC (various brands) counterparts.

Re:Macs (0)

Anonymous Coward | more than 4 years ago | (#29498379)

Why would you be spending company time to replace a backlight when you should send it out to the manufacturer for replacement/repair?

Re:Macs (-1, Troll)

Anonymous Coward | more than 4 years ago | (#29498471)

I know you will get modded to hell but you're right. Especially about the reliability. Every single piece of Apple hardware I or anyone I know has owned, has broken at one point or another. Every single one, I'm not kidding.

Personally I would never buy anything Apple that I wanted to depend on or keep for any length of time.

I find it weird that all the Macs fans ignore this. Often they will tell me their Mac is in the shop or whatever... Yet they continue to buy Apple. Makes no sense.

Re:Macs (1)

samkass (174571) | more than 4 years ago | (#29498549)

You sound like a real pro. Do you have any actual advice?

Re:Macs (2, Insightful)

NiceGeek (126629) | more than 4 years ago | (#29498819)

"Ever replace a backlight in a fucking Apple Cinema Display? That's 3 layers (and a thousand assorted screws and layers of tape)"

Sounds like replacing a backlight in every LCD monitor that has ever existed.

Re:Macs (1, Interesting)

Anonymous Coward | more than 4 years ago | (#29498823)

I'm a bit lost on this post!

I work for a two year tech school and we have about 200 Macs and replace them every 4-5 years without many failures. We have alot more failures with our Dell systems and self built systems we use to have the IT Students build. They don't cost that much more, for the time we save with the macs with all the PC troubleshooting paying a little extra is worth it.

Sounds like you didn't understand the Mac platform enough!

Plus with todays Macs you can run Linux, Windows, and OS X on one machine if you choose to do so. We just purchased a bunch of iMacs for our telemarketing people because Dell couldn't match the price of what Apple gave them to us for and I expect we will have alot less failures. They will be running Windows only, but so far things have been running fine!

Large scale Apple managed LAN? (5, Insightful)

Anonymous Coward | more than 4 years ago | (#29498225)

Is there even such a thing in this world? Folks like to disparage Windows, but it really is the only OS built for very large enterprises. Linux solutions don't really compare to Windows solutions - there, I said it...

Re:Large scale Apple managed LAN? (5, Insightful)

norkakn (102380) | more than 4 years ago | (#29498387)

radmind ftw

Re:Large scale Apple managed LAN? (5, Interesting)

Brian Gordon (987471) | more than 4 years ago | (#29498399)

I preemptively beg mods not to bury this comment. We all know that Linux is great on hackers' workstations and on servers and in computing clusters, but not so great as a desktop system for average users.

Well large managed networks is two miles away in the distance on the scale of things Linux is awesome at. Active Directory, Exchange, Terminal Services... Windows really does have a very impressive offering in this area, while Linux stays behind the scenes and rarely faces the user.

Re:Large scale Apple managed LAN? (1, Insightful)

i.r.id10t (595143) | more than 4 years ago | (#29498671)

LDAP, thunderbird w/ lightning plugin (or openexchange, citadel or similar), XDMCP.. Updates? Your own local ubuntu/debian mirror w/ custom packages, etc. Lots of equivalents.

Re:Large scale Apple managed LAN? (3, Insightful)

genner (694963) | more than 4 years ago | (#29498719)

LDAP, thunderbird w/ lightning plugin (or openexchange, citadel or similar), XDMCP.. Updates? Your own local ubuntu/debian mirror w/ custom packages, etc. Lots of equivalents.

....and still no replacement for active directory.
This is really the only practical reason why windows is still on top.

Re:Large scale Apple managed LAN? (4, Insightful)

amirulbahr (1216502) | more than 4 years ago | (#29498751)

Active Directory

You can't be serious on this one. LDAP + Kerberos can easily take on that role plus some.

Exchange

Email is easy enough to offer but shared address books and calendaring may give Exchange the edge. No harm in deploying Exchange on the back-end and using Evolution or Thunderbird or web based Exchange on the front-end.

Terminal Services

This is the most outrageous of your claims. Linux, Solaris, *BSD all come up trumps in this. You've got X11, NX, VNC, and the most advanced thin client solution at the moment, Sun Ray [sun.com] .

Re:Large scale Apple managed LAN? (2, Interesting)

Frosty Piss (770223) | more than 4 years ago | (#29498833)

We all know that Linux is great on hackers' workstations and on servers and in computing clusters, but not so great as a desktop system for average users.

We do? Well, we're not really talking about Linux here, we're talking about Apple, which is a whole different ball game. But as to your Linux comments, people repeat these anecdotes so many times, they are taken as fact even though there is really not much to back them up. Recent Ubuntu and Red Hat offerings (and to a lessor extent SuSE and Mandriva) prove this tired anecdote to be essentially no longer true. Just because the Über Geeks use Debian, *BSD, or roll their own doesn't mean that's a true representation of the current state of consumer and enterprise desktop Linux.

Re:Large scale Apple managed LAN? (5, Informative)

thatkid_2002 (1529917) | more than 4 years ago | (#29498551)

Wrong! Novell Zenworks is on Linux too - so why can't you have a heterogeneous large scale Linux and Windows rollout? There is Zenworks for Mac but none of our customers (though there is quite a few Macs) use it. If you are going to roll out Novell stuff you may as well do Novell Groupwise while you are at it.

Novell solutions pwn Microsoft, sorry to say.

Re:Large scale Apple managed LAN? (1)

genner (694963) | more than 4 years ago | (#29498827)

Wrong! Novell Zenworks is on Linux too - so why can't you have a heterogeneous large scale Linux and Windows rollout? There is Zenworks for Mac but none of our customers (though there is quite a few Macs) use it. If you are going to roll out Novell stuff you may as well do Novell Groupwise while you are at it. Novell solutions pwn Microsoft, sorry to say.

This is the only real solution anyone has listed. The only downside is that both your microsoft and mac fanboy users will complain about having to use it.

Re:Large scale Apple managed LAN? (5, Funny)

DoofusOfDeath (636671) | more than 4 years ago | (#29498553)

Is there even such a thing in this world? Folks like to disparage Windows, but it really is the only OS built for very large enterprises.

Agreed. It's the only OS for seriously large botnets.

Re:Large scale Apple managed LAN? (-1)

Anonymous Coward | more than 4 years ago | (#29498587)

100% subjective post. Mod down.

Re:Large scale Apple managed LAN? (4, Informative)

Logic Bomb (122875) | more than 4 years ago | (#29498591)

There are many huge Mac deployments: universities, school districts with 1-to-1 laptop programs where every student gets a laptop, Google (thousands of Macs), the Fountainbleau hotel in Miami, and more. Apple gear isn't always used to manage everything: most of these sites are probably using Active Directory or some UNIX-based LDAP service for account management. But there are plenty of large Mac deployments out there.

Re:Large scale Apple managed LAN? (2, Insightful)

Daniel Dvorkin (106857) | more than 4 years ago | (#29498689)

Is there even such a thing in this world?

Yes. Next question?

Seriously, it's obvious from the story that there is, indeed, "such a thing in this world." Windows users love to accuse Mac and Linux users of fanaticism, but honestly, there's nothing more fanatical than a Windows drone who can say something like "[Windows] really is the only OS built for very large enterprises" and believe it.

Re:Large scale Apple managed LAN? (2, Informative)

Anonymous Coward | more than 4 years ago | (#29498767)

sorry I am not a winblows fanboi but if you actually believe Mac's are built for very large enterprises it is you taking fanatism to a new level. Linux Sure, but Mac's are a hodge podge of half arsed solutions that can be bound together with twine to work in an enterprise, as someone that supports them on a daily basis in an enterprise I can say without any doubt Mac's are NOT built with the enterprise in mind.

Re:Large scale Apple managed LAN? (1, Insightful)

Anonymous Coward | more than 4 years ago | (#29498743)

yeah, google is so small time.

Re:Large scale Apple managed LAN? (3, Insightful)

confused one (671304) | more than 4 years ago | (#29498753)

OS X is a certified Unix platform. Why is it hard to believe it's capable of being used as a large enterprise OS.

DeployStudio or LanREV (5, Informative)

Anonymous Coward | more than 4 years ago | (#29498233)

I have had great success out of both DeployStudio (http://deploystudio.com/) and LanREV (http://www.lanrev.com) in K-12 schools with 200+ machines.

Re:DeployStudio or LanREV (1, Insightful)

Anonymous Coward | more than 4 years ago | (#29498517)

I have had great success out of both DeployStudio (http://deploystudio.com/) and LanREV (http://www.lanrev.com) in K-12 schools with 200+ machines.

wow the only real answer this guy is gonna get...

Re:DeployStudio or LanREV (3, Informative)

scottdmontreal (1003416) | more than 4 years ago | (#29498625)

DeployStudio looks fantastic with it's multicasting capabilities, but the System Image Utility in Leopard Server is just so trusty I have a hard time looking at anything else. http://www.deploystudio.com/Home.html [deploystudio.com] You don't hear much about Leopard Server but it is by far the most promising aspect of the platform. It is the key to any large scale OSX network. I am a one man shop for 400 users. I'm sure that with a staff of three It could scale way up.

Re:DeployStudio or LanREV (1)

inKubus (199753) | more than 4 years ago | (#29498659)

I second LanREV, and they will have a Linux agent component in the next 6 months and a Linux server after that. Make sure all your desktop machines have the same administrative password (or groups of them do). Also make sure the firewall is turned off for SSH from your LanREV server. Then it'll scan subnets, SSH in and remotely install the agent. Then you have a lot of capabilities.

I do agree with the GP, this is really Microsoft's strength, AD+Kerberos+System Center/Forefront or whatever they call it now is really nice for managing workstations "automagically". There's still a lot of manual labor though, and I don't doubt it's possible on OS X with scripts and such (and I'll be attempting it later this year on a 85 node network) and OpenLDAP or OpenDirectory. LanREV seemed like a good middle stage to handle the deployments for now.

Planning (2, Funny)

NoYob (1630681) | more than 4 years ago | (#29498253)

You really don't need to do anything. See, with Macs being so user friendly, you just have the truck back up with skids of computers, plop them on folks' desks, and BINGO! everything is ready to go!

Man, I'd update your resume because they won't need you anymore. Or, insist that some MS products are still around because of ... of...email ...no...um...well, that's your problem.

Re:Planning (0, Troll)

Frosty Piss (770223) | more than 4 years ago | (#29498621)

Considering the current options, what methodologies do admins adhere to? Given the current selection of tools available, what would you recommend when planning, prototyping, and rolling out a robust, modular deployment scenario?

Just ask the random basement dwelling momma's boys at Slashdot, reformat their expert advice (using Open Office, of course), and start planning how to spend your pay raise!

Seriously, is this the place "professionals" seek such advice? Scarry.

Suggested reading: (5, Informative)

Anonymous Coward | more than 4 years ago | (#29498261)

Check out the following:

http://www.macenterprise.org/
http://www.deploystudio.com/Home.html
http://rsug.itd.umich.edu/software/radmind/

is there alternative to ASR? (1)

rubycodez (864176) | more than 4 years ago | (#29498263)

Now that NetRestore is going the way of the dodo, is there anything out there better that Apple Software Restore, it is pain in butt because another boot disk is needed, NetBoot sets without NetRestore more work

Have you looked at the features.. (3, Informative)

mewsenews (251487) | more than 4 years ago | (#29498271)

.. of OS X server [apple.com] ? It doesn't require client access licenses like Windows server versions do, and many of the services seem tailored to providing the best administration possible for an OS X network. I don't have any personal experience, but that's the first place I'd look if I had to admin an entirely OS X network.

Re:Have you looked at the features.. (1, Informative)

Knara (9377) | more than 4 years ago | (#29498329)

If the prices are what I remember they were back in 2002-2003, though, he's gonna need a lot of lube to absorb the premium he's gonna pay for the hardware.

Re:Have you looked at the features.. (0, Offtopic)

NoYob (1630681) | more than 4 years ago | (#29498505)

If the prices are what I remember they were back in 2002-2003, though, he's gonna need a lot of lube to absorb the premium he's gonna pay for the hardware.

Thanks! Between you and the guy above, I have this image of folks "gerbiling" with the Apple mice stuck in my head. *shudders*

Re:Have you looked at the features.. (0, Troll)

Brian Gordon (987471) | more than 4 years ago | (#29498533)

Yeah right, like anyone will buy a network operating system for a server based on shiny pictures and huge features like "mail server" and "calendar server".

It's like they think their regular starry-eyed customers are their target audience with that cute little website they're showing off.

Re:Have you looked at the features.. (3, Insightful)

molarmass192 (608071) | more than 4 years ago | (#29498691)

Spoken like someone who's obviously never seen, much less used, OS X Server. OS X server is built around standards based enterprise tools like Apache, LDAP, CalDAV, and IMAP. You know, ISP grade stuff like this:
http://www.apple.com/server/macosx/specs.html [apple.com]

What standards is your Windows Server / gaming platform, based on?

Re:Have you looked at the features.. (0)

Anonymous Coward | more than 4 years ago | (#29498821)

Wait till this poor chump sees the bill for parts - that's when you apple users really need to get busy with the lube, lets face it!

Good luck, you'll need it!

Re:Have you looked at the features.. (5, Insightful)

GigsVT (208848) | more than 4 years ago | (#29498831)

We have an OS X server.

It really does suck.

It's kind of like a crippled BSD server with weird management utilities and a lot of buggy modified utilities.

You might as well just use a normal Linux server, since all the same daemons are available, and much easier to manage.

Re:Have you looked at the features.. (5, Insightful)

raddan (519638) | more than 4 years ago | (#29498837)

The only problem with Mac OS X Server (and this is speaking from 10.3-10.4 experience; maybe 10.6 server is better) is that if Apple's grand vision for your network doesn't fit your own vision, then Mac OS X Server is next to useless. The problem is that Apple has preconfigured a number of built-in services, and changing them causes major headaches.

For instance, in 10.4, any change to the GUI would overwrite your /etc/smb.conf. What's worse is that Apple often runs old versions of this software. If, say, you want to go out and run the latest Samba, nothing is stopping you, but expect parts of Apple's system to break. Sure, I admit, lots of people go this route and have many workarounds for Apple's stuff, but for us, we figured: if we're going to do all this work to circumvent Apple's packaged stuff, why not just run Linux? So that's what we run on our backend now. We even run Netatalk, which has to be the simplest daemon I've ever configured-- it basically worked with PAM+winbind right out of the box, and so we're able to authenticate our AFP clients against AD, too.

If you're a very small shop, and you want a simple drop-in fileserver, Mac OS X will probably work for you. If you want a simple Open Directory, and don't have an existing directory system, Mac OS X will probably work for you. But get any more complex than that and you might as well use something else.

Hammers.. (-1, Troll)

Anrego (830717) | more than 4 years ago | (#29498279)

Lots and lots of hammers...

and fire :(

Options (4, Informative)

schmidt349 (690948) | more than 4 years ago | (#29498289)

You have two choices in general on the Mac side:

-- UNIX-y utilities, usually on the command line and a bit crufty in places, but free and nicely configurable
-- Mac-type utilities with marvelous interfaces that will probably set you back a nice chunk of change

When I was in the business, we used Carbon Copy Cloner, but g4u, Remote Desktop 3, or just plain old rsync are all pretty good bets depending on what type of imaging you're planning to do. CCC actually has one foot in both of the two camps I just described.

Of course, I even remember the crusty old days of Assimilator.

Apple Software Restore + Radmind + ARD (4, Informative)

raddan (519638) | more than 4 years ago | (#29498603)

Apple Software Restore, which comes "in the box". We set up a base machine, populate the /System/Library/User Templates/English.lproj/ and then make a disk image to our fileserver using ASR. Then, boot new machines in Target Disk Mode and deploy the image using your workstation.

We could probably come up with something clever using a boot partition, but this works fine for us. If you want to get fine-grained, have a look at Radmind [umich.edu] but keep in mind that Adobe apps will thwart your every attempt to manage them at that level.

All of the above are Free/free. We handle patching using Apple Remote Desktop (not free, but well worth the money). You can also configure your machines to authenticate against an Active Directory (like we do); if you're willing to modify your schema, you can even manage your installation from your MMC snap-ins like you can with Windows boxen.

Re:Options (1)

scottdmontreal (1003416) | more than 4 years ago | (#29498715)

Assimilator? That's cute, I used it too, but: People recalling their experiences from the 90's really prevents serious discussion for this platform. Those were the days, they are long gone now, NONE of that code remains, several times over, it has NOTHING to do with the computers as they stand now. Furthermore, nobody cares. I will give three months and then I will not want to hear about anything prior to 10.6. I bid you good day.

Re:Options (1)

GigsVT (208848) | more than 4 years ago | (#29498843)

Yeah except if you want rsync to preserve resource forks, you invoke the broken and shitty part of the code.

rsync -E runs out of memory on anything approaching a large data set, and it also considers the resource forks "dirty" every time you sync, so it's slow as hell too.

Genius bar? (1, Funny)

Anonymous Coward | more than 4 years ago | (#29498333)

Isn't this what the genius bar is for? Ask them. I'm sure they do this all the time.

Waste of energy (2, Informative)

MouseR (3264) | more than 4 years ago | (#29498335)

If you post on slashdot a question on the best way to deploy lots of Macs, all you'll get is trollish comments from pre-pubs.

Really. It's the car equivalent on asking how to adjust the stock Caliber SRT4 wastegates on a Honda Civic SI site.

For real answers, check out System X [vt.edu] . The hardware FAQ and history links will provide lots of useful info.

Re:Waste of energy (0)

Anonymous Coward | more than 4 years ago | (#29498429)

If you post on slashdot a question on the best way to deploy lots of Macs, all you'll get is trollish comments from pre-pubs.

1. Some are funny.

2. You forgot the karma whores who will:

  • a. State how you will have the ultimate network with Apple being UNIX based
  • b. State how the TCO will be lower than the Windows PC.
  • c. and some other stuff.

    3. After a long day of shit, watching folks get all indignant because they identify themselves with their choice of computers and OS (identity == Apple) is rather entertaining in a adolescent sort of way. I admit it. It's also the reason why I watch Mike Meyers films - Yeah baby!

    4. The same thing happens with all fanboys: Mac, Linux, BSD, WoW, EMacs/

    5. Mac users are gay.

Re:Waste of energy (1)

MouseR (3264) | more than 4 years ago | (#29498475)

5. Profit!

I see now.

Re:Waste of energy (1)

kpainter (901021) | more than 4 years ago | (#29498501)

a b c 3 4 5. New math?

Re:Waste of energy (0)

Anonymous Coward | more than 4 years ago | (#29498721)

a b c 3 4 5. New math?

Only in your little narrow skinner box.

Re:Waste of energy (1)

mschuyler (197441) | more than 4 years ago | (#29498483)

That's demonstrably untrue. At this point in this thread's life there are a couple of funny comments, a couple of 'don't do it' comments, and the rest are thoughtful and full of good information. There are inevitably trolls on every slashdot thread. So what? Thanks for the question!

Easy Steps (3, Informative)

Anonymous Coward | more than 4 years ago | (#29498337)

For initial deployment, Deploy Studio: http://www.deploystudio.com/

For authentication and settings management, use OpenDirectory.

For ongoing control and user support, use Remote Desktop (from Apple).

For a more advanced option, try Radmind to keep the Macs in sync: http://rsug.itd.umich.edu/software/radmind/

Virginia Tech (2, Interesting)

TitusC3v5 (608284) | more than 4 years ago | (#29498349)

I don't know anything about their deployment procedure, but here at Virginia Tech the Math Emporium [vt.edu] has over 500 macs set up for student access. The courses I've had there have been boring, but the actual setup of the place is pretty neat.

JAMF Casper (4, Informative)

cwgmpls (853876) | more than 4 years ago | (#29498367)

Check out the Mac management software from JAMF software [jamfsoftware.com] . It pretty much covers it all, from package management to image deployment to remote desktop to inventory. Used in many mac-based school districts and Universities.

We have a 300 Mac exclusive network (4, Interesting)

Tibor the Hun (143056) | more than 4 years ago | (#29498377)

First we build and test a good image on a machine for a couple of weeks.
Then we either use that image,if it was correct the first time, or build a new one from it if it required touching up.
We use Apple's free Disk Utility which comes free with all macs.

We then get about 10 - 15 firewire drives and copy that image on them. (You have to make sure the drives are bootable, you can actually deploy that same image onto the drive itself.)
Then we line up 10-15 machines and use again the Disk Utility to image them.
Depending on the size of the image, just about the time you have the next 10-15 unboxed and set up (very easy to do since they're all all-in-ones), the first batch is ready.
Works for us, but then again, our schedule is flexible and we can afford a couple of days of leisurely imaging.

Oh, yeah, and if you do have an image you can also work with Apple, they'll preload it on for you.

Re:We have a 300 Mac exclusive network (0)

Anonymous Coward | more than 4 years ago | (#29498419)

I should add, you can also deploy Windows with Fusion this way.

And Apple Discussion forums are also a great source of info.

you still have to do the firmware updates by hand (1)

Joe The Dragon (967727) | more than 4 years ago | (#29498647)

you still have to do the firmware updates by hand and with apple some time they are needed for a newer os / update to work.

Deploy Studio (1)

ddillman (267710) | more than 4 years ago | (#29498381)

DeployStudio [deploystudio.com] appears to be the anointed successor to the venerable and discontinued NetRestore from Mike Bombich. Mike personally recommended DeployStudio. Best thing about it is that it's cross-platform and will also image PXE-capable PCs with Linux or Windows or what have you.

Need more info.. (4, Informative)

engele (1049374) | more than 4 years ago | (#29498391)

Here is an excellent resource (at least last time I checked and it has been awhile, they used to be called macosxlabs.org). http://www.macenterprise.org/ [macenterprise.org] As far as tools, the built in tools are very good. A third party tool that can be very useful for bootable drive images is Carbon Copy Cloner. When you say large, do you mean hundreds or thousands, or less? It will definitely change things for you. I think that you will be surprised by both the ease of the transition, and the things that should be easy that are not. Really I don't know how we can help you unless you have specific areas where you are interested in learning solutions (and I don't say that to be a jerk, I'll try to answer questions where I can). How many servers? Directory Server? File Sharing? Exchange Server/POP/IMAP? Calendaring? Centralized home directories? Budget per user? Of course there are cool things that cost money and are not really needed, and hard things that are cheap but work well once set up etc. I would help more, but I don't know where to start... take a look at the link above, and ask questions as you get a better idea of he scope

Net Boot Based Installation and Monitoring (3, Informative)

Zerocool3001 (664976) | more than 4 years ago | (#29498397)

I like you, developed deployment for a mac based network (600 or so macs) back when command line ASR and netrestore were the best options. However, we also upgraded our deployment methods as Apple incorporated some of the technologies we used (cloning and automatic install options) into their server software. Today that particular piece of software is very well polished and does the job extremely well. The last time we did an installation (a few years ago) we used custom netboot images with automatic install options for different types of computers (lab, classroom, etc.) based on mac address. At the time we used a third party unix package manager or OS X called Radmind, but it proved to be more trouble than it was worth. However, Apple Remote desktop's package management and monitoring work very well and lets your do most of the upgrade install tasks you need to. In the end, the only per-machine work was setting up the machine to boot from the network by default.

Also, if you have the bandwidth, you can centralize your OS installs as server based images that are never installed on the thin clients. If you get it to work, it makes upgrades and deployment very easy.

If you want to discuss some of the problems we faced and our solutions, please feel free to contact me.

Re:Net Boot Based Installation and Monitoring (0)

Anonymous Coward | more than 4 years ago | (#29498619)

I don't know what the author considers large scale.

We tried netboot about 4 years ago for our 25 computer Mac lab. True, our network wasn't the best then, but netbook just took so damn long to boot up. 25 clients all competing for attention from one server. Chaos! Probably with our updated network netboot would work a lot better now, but we don't have a server set up as a netboot server anymore.

I just set up 64 MacBook Pros for two labs. It took more time to set up, but I used carbon copy cloner once I had a Mac ready to image. I have to individually configure each notebook to join our Active Directory (AD) domain.

I think that netboot of computers to an AD domain would be a nightmare and probably wouldn't work. Each computer needs its own AD ticket (or whatever you call it) for the domain. Please correct me if you know otherwise.

Once you have the computers set up though, remote desktop is your best friend. The best $299 (education discount) you will ever spend.

Make darn sure that your Mac computer to image is truly "a done deal". It is a pain to make a bunch of changes (the usual scenario of faculty asking for a lot of changes just before the semester starts).

Communication with the faculty/customers is the key to a successful deployment. You do not want to have to make a lot of changes after deploying the computers.

Resources (1, Informative)

Anonymous Coward | more than 4 years ago | (#29498401)

Check out Mike Bombich's stuff for some good tips: http://www.bombich.com/mactips/index.html

I also found the Apple support discussions to be useful http://discussions.apple.com/category.jspa?categoryID=96 and also this site http://www.afp548.com/

Good luck!

radmind (4, Informative)

norkakn (102380) | more than 4 years ago | (#29498407)

I used to run a network with hundreds of apples with radmind. We installed the initial images with NetRestore (multicast for the larger influxes), and upon reboot, the computers would download their radmind certificate from LDAP and install all of the software that it needed.

It takes more up front time to set up and configure radmind, but it works wonderfully for almost anything you want to do.

Re:radmind (2, Informative)

limako (45118) | more than 4 years ago | (#29498669)

A previous poster argued that you have to choose between unix-ey freeware and pricey, pointy-clicky commercial software, but radmind actually bridges that gap nicely. It is a free set of unix command-line utilites with several GUI applications that can bind it together on the client and server sides -- if you like that sort of thing. In my implementation, we use perl scripts to actually do most of the heavy lifting. Moreover, it's relatively to give end users more-or-less control over the rest of the system: you want a lab computer? Radmind can do that. You want a user's workstation? Radmind can do that too.

Radmind is effectively a tripwire: it builds transcripts about what has changed on the system and can either capture those changes as a package or apply changes to restore (or setup) a system to a known state.

The only downside of radmind is that to use it effectively, you really need in-depth knowledge about the MacOS. In order to build transcripts, you need to know which of the changed things are meaningful and which are noise. You need to understand how packages have the potential to create dependencies and conflict with one another -- and to make sure the packages get applied in the right order.

Deploy Studio (1)

StoopidMonkey (588264) | more than 4 years ago | (#29498409)

Deploy Studio is the one being hailed currently as the latest thing. I've found it to be a very useful tool. With a reasonable server and a decent switch, you should have no problems deploying all those Macs. After ASR, CCC, NetRestore Helper - been there done that. Deploy Studio tops them all.

DeployStudio (2, Informative)

howlatthemoon (718490) | more than 4 years ago | (#29498421)

We use DeployStudio, a freeware project http://www.deploystudio.com/ [deploystudio.com] . Support for DS is pretty from the community, or you can buy training, but if you want to go with a vendor product JAMF Casper suite makes a great product, that we did not think was outrageously expensive.

OS X Server + method of your choice (4, Informative)

bbk (33798) | more than 4 years ago | (#29498453)

Apple has a robust remote installation suite with OS X Server, which is darn cheap compared to most other commercial offerings.

10.6 includes a first party version of NetRestore (full system image deployment, similar to Ghost or Flash Archive on Solaris), but most people deploying across a large number of systems should roll their own images with packaged based tools like DeployStudio or InstaDMG:

http://www.deploystudio.com/ [deploystudio.com]
http://code.google.com/p/instadmg/ [google.com]

Some other good sites for finding info:
  http://www.afp548.com/ [afp548.com]
  http://www.macenterprise.org/ [macenterprise.org]

try serverfault (2, Insightful)

gbrandt (113294) | more than 4 years ago | (#29498465)

Try asking this on serverfault.com. Lots of advice can be found there.

shouldn't be that difficult (1)

postmortem (906676) | more than 4 years ago | (#29498491)

installing two macs in one place

Radmind (4, Informative)

profplump (309017) | more than 4 years ago | (#29498513)

It's been mentioned a couple of times, but mostly with -1 scores, so it's easy to miss: Radmind. It's a very powerful deployment tool with a totally transparent mechanism so you can tweak it to do *exactly* what you want in terms of mucking with files on the disk. I've seen people complain about it being hard to use, but I thought it was pretty straightforward -- install an app, run the change detector, tweak as desired (if at all), build an app image, deploy.

http://rsug.itd.umich.edu/software/radmind/ [umich.edu]

Deploy studio (0)

Anonymous Coward | more than 4 years ago | (#29498525)

We use deploy studio. It works great for us. Casper is another great tool but due t cut backs we went with the free software:)

Why ask on /.? Plenty of info elsewhere... (3, Informative)

Logic Bomb (122875) | more than 4 years ago | (#29498547)

Why on earth is this being asked on Slashdot? Head to afp548.com and macenterprise.org (particularly its mailing list). You'll find info on InstaDMG, DeployStudio, even Radmind.

Re:Why ask on /.? Plenty of info elsewhere... (3, Informative)

Toe, The (545098) | more than 4 years ago | (#29498777)

The above are good resources, but also check out the OS X Server list [apple.com] . It is a good, geeky community of people actively building and working on OS X Server networks.

Easy (1, Funny)

oldspewey (1303305) | more than 4 years ago | (#29498575)

Just hire yourself a bunch of guys in black turtleneck sweaters and the computers will basically install and configure themselves.

My opinion (0)

Anonymous Coward | more than 4 years ago | (#29498595)

would be to destroy all Macs.

Get a PC.

So... (2, Funny)

Kyn (539206) | more than 4 years ago | (#29498597)

This is a Big Mac deployment? Sounds like a job for my tummy!

Open Directory and Remote Desktop (3, Informative)

lymond01 (314120) | more than 4 years ago | (#29498605)

Open Directory [apple.com]
By centralizing information about users and network resources, directory services provide the infrastructure required for managing users, groups, and computers on your network. Directory services can benefit organizations with as few as 10 people and are essential for enterprise networks that have thousands of users. Deploying a directory server helps reduce administrative costs, improve security, and provide users with a more productive computing experience.

Remote Desktop [apple.com]
Apple Remote Desktop is the best way to manage the Mac computers on your network. Distribute software, provide real-time online help to end users, create detailed software and hardware reports, and automate routine management tasks -- all without leaving your desk. Featuring Automator actions, Remote Spotlight search, and a new Dashboard widget*, Apple Remote Desktop 3 makes your job easier than ever.

* You'll notice Open Directory has no Dashboard widget. It's because it isn't uniquely Apple and therefore isn't polished to a blinding shine.

from experience (4, Informative)

v1 (525388) | more than 4 years ago | (#29498615)

You're likely to get some laptops in addition to desktops. Get yourself a large room, a dozen or more firewire cables, power strips together. Before the machines arrive, use a macbook pro or macbook (a laptop) to develop your base image. Install all software on it that is going to be on most of the machines. Test thoroughly. Be sure all your remote access is tested. (ARD/SSH)

Use netrestore to create the base image. When the computers arrive, copy the base image to a group of laptops, with netrestore app. The number varies depending on how many computers you are going to be imaging, the size of your base image, and how much help you have. 8-12 is typical if only one person is going to be restoring.

First thing you should do with machines out of the box is label them, have labels made up in advance. Then set them all up imaging over firewire, just get an assembly line going. You CAN do netrestore over the network, but it's been my experience it's less reliable. (machines randomly fail to restore, sometimes entire groups fail at an annoying 99% etc) Firewire is usually faster anyway since your fileserver or switch is very unlikely to be able to keep up with imaging a dozen at once. FW800 imaging is an amazing thing.

Once machines are imaged, there should be a folder of scripts sitting on each machine's local admin acct, one for each group of machines. The script will prompt for computer name and run. When run it will rename the computer and delete all the apps that should not be on that particular image. This can also be done by running the script remotely over apple remote desktop. If you don't have ARD, *get it now*. It will save you incredible amounts of time. Using this removal script method adds only a few minutes of time per image but you're doing them in parallel so its negligible, and saves you the major headache of managing a half dozen different base images.

As long as you made the image on a laptop, it should have full hardware support for the camera etc. Different images are required for PPC, but fortunately that's not a headache you have to worry about. (I did, PAIN)

Boot camp adds a level of complexity, requiring you to partition the hard drives before restoring to them, and then using something like Ghost or Acronis. One person can image between 40-80 machines in 8 hrs depending on how things go. Helps to have grunts to do the minor things like unpacking and delivery to stations. Find some carts so you can move machines several at a time. Inform the cleaning staff that you're going to have a mountain of packing material to dispose of. Keep 1 box for every 20 machines in case you need to box them up to send to a repair shop down the road.

If you insist on using netrestore over the network, be sure you have multicast enabled on the switches. It doesn't like crossing subnets but can be made to work.

Everything is based on ASR.......... (0)

Anonymous Coward | more than 4 years ago | (#29498729)

Everything is based off of Apple Software Restore just like PXE boot on Windows!

NetRestore is kinda included with Snow Leopard server now. You can make your images using the Built-in Disk Utility and Scan them for ASR and then use ASR to deploy the image. Apple has a couple of tools with OS X Server, but since Netrestore isn't being developed anymore I have switched to Deploy Studio, which is free. You also have InstaDMG now, but I don't fully like that solution, its probably nice for some, but I like having a complete image and pushing it out.

Having Apple Remote Desktop I think managing a lab of Macs is a heck of alot easier than Windows!!!

If you have the money to spend there are pay for solutions like http://www.jamfsoftware.com and http://www.enterprisedesktopalliance.com.

you know... (2, Informative)

buddyglass (925859) | more than 4 years ago | (#29498757)

If your installation is big enough, you could probably get some good advice from...an Apple technical sales rep.

Netboot not an option? (0)

Anonymous Coward | more than 4 years ago | (#29498765)

Is Netboot not an option? BYO Mac Server
http://www.instructables.com/id/Make-Your-Regular-Mac-a-NetBoot-Server!/
Not completely sure but I think you can netboot and have a persistent disk.

John

Enterprise Macs & iPhones (1)

dcray2000 (969850) | more than 4 years ago | (#29498781)

We're in the process of a POC with Macintosh computers right now as well. Our execs noted, "that we should test it as a competitive platform." A week later they were asking why they hadn't received their MacBooks and iPhones yet.

The I'm cooler than you exec mindset aside, the MacBook does have upsides. It's very stable, very powerful... and it looks nice. Our main goal was to integrate it with our Active Directory (multi-forest, multi-trust) infrastructure and get it loaded with all the applications a typical user might want. We used Centrify for the integration and it worked REALLY well for authorization and GPO control. Otherwise, we just loaded them up with Office and a chat client.

In the end this is all ridiculous because Macs are so expensive, but we already have several hundred so this excercise will help better integrate them.

Beware (0)

Anonymous Coward | more than 4 years ago | (#29498811)

This is a vast gay conspiracy!

Virtualization? (1)

GWBasic (900357) | more than 4 years ago | (#29498815)

Can you do virtualization with thin clients and Apple servers?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...