There’s an increasing number of people who are are considering purchasing or have purchased a Macintosh computer for use in a Windows Server environment. While Macintosh PCs are known for their reliability and ease of use, often they do not seamlessly integrate into a Windows dominated environment.
This post aims to inform people who wish to go down this path and provide information they require to ensure that this investment will work in your current environment. We will point out what we feel are the 5 most important points relating to Client/Server interactivity in a business environment.
Email:
Previously, Microsoft Exchange (email) integration between Macs and Windows Server was less than perfect in that many of the features that Windows users enjoy have been missing in Entourage and MacMail, although, now with the advent of Outlook for Mac 2011, full Exchange server integration with Macs has been promised. There are a few caveats with Outlook 2011 which may be a deal breaker for some people:
- Server infrastructure must be running Exchange 2007 SP1 Rollup 7 or greater
- Your environment must support HTTP/RPC or Outlook Anywhere
- There are known bugs with Outlook 2011 for Mac in relation to synchronisation speeds. Refer to the references section[1] for further discussion.
File Sharing:
Computers communicate with each other using rules known as protocols. These protocols allow you to browse the internet, read your email, and open and edit files stored on a server. Macintosh computers prior to OS X 10.7 (Lion) commonly communicated with Windows systems via the SMB (Server Message Block) Protocol, also known as CIFS (Common Internet File System). This technology was originally developed by IBM and heavily modified by Microsoft to become what is known today on Windows PCs as the NetBeui and later Netbios over TCP protocol.
While SMB has sufficed in the past, it has not been without its share of difficulties, typically regarding authentication problems and file size limits. Your typical Windows Server environment may not have the workarounds implemented that address these issues.
With the advent of Server 2008 R2, things have been complicated more due to the fact that Microsoft have tightened the security model of their server operating systems and Macs do not yet support newer Windows based protocols such NTLMv2 or SMB2.
Please check with your IT department or System administrator to confirm if your server is configured to allow file sharing with Macs.Refer to the references section[2] for more information regarding these bugs and workarounds.
As of OS X 10.7 (Lion), SMB is no longer in use and has been replaced by their own proprietary implementation of SMB. This addresses most of the issues noted above, however some bugs are present in this new system, mostly in regard to performance. Refer to the references[3] section for more information.
Printing:
Printers utilise different “Print Engines” to print the information sent to them by computers.
Many of the less expensive printers are known as GDI (Graphics Device Interface) or “Host Based Printers”. What this means is that the document to be printed is processed by the host computer and that data is then sent to the printer. The immediate drawback of this technology is that these printers will generally only work on a Windows based PC.
Other printers utilise multiple print engines such as PCL (Printer Command Language) and PS (Postscript).
Many PCL and PS printers have Macintosh drivers available for them, however GDI printers are usually incompatible with Macs. Please check with your printer manufacturer to ensure your printer is compatible.
Security:
We’ll be breaking this section down into two parts: Security vulnerabilities and Security protocols.
Security vulnerabilities:
Security is surrounded by myth due to a general lack of understanding. The most touted among these is that Macs and Linux PCs being more secure than Windows.
This is simply not true. In fact, Windows has a comparable number of inherent vulnerabilities to Mac OS[4]. This is highlighted for the sole reason that for many people, this is the driving argument for purchasing a Mac. Secunia (A leading international security company) release a yearly report that analyses security data over the last 6 years.
Bear in mind that any computer is vulnerable to external attacks if care is not taken regarding your Internet and Email habits. While it is true that there are less developed tools to take advantage of vulnerabilities that affect non-Windows based PCs.
This is important to note as many Mac and Linux users are less diligent with their security because of this belief.
Security protocols:
This section relates to how Macs interact with a Windows based infrastructure. Typically, there are no issues on this subject provided the Mac can be bound to Active Directory. This is a process that workstations undergo so that the Windows server trusts the computer. All Windows PCs undergo this process as well.
If the Mac is not bound to Active Directory, then you may be prompted multiple times during your session to enter your domain username and password. If any issues do arise, they may well be related to the issues mentioned in the File Sharing section.
From an administrative/IT point of view, binding a Mac to Active Directory does little more than enable trust between client and server so that the Mac can access shared network resources and obey user account policies. Many of Active Directory’s management abilities cannot be applied to Macs without implementing third party software[5], without which can make managing Macintosh computers difficult in a large environment.
Applications:
Application compatibility is an important factor to consider when purchasing new PCs for the office. Some applications, especially older or specialty applications may not have a Macintosh client available. The most common workaround for this is to install the application in question onto a Windows based Terminal Server, also known as RDS (Remote Desktop Services) and use a Macintosh RDP client, such as MS RDP, CorD or iTap to access the application. It is important to be certain that any application you intend to install on a Terminal Server is licensed for Terminal Server use. Breaching licensing terms of software can carry hefty penalties and/or legal action. Application licenses are usually non-transferable between platforms and will require additional license purchases.
Author: Trevor Boon.
References and Further Reading:
[1] Outlook 2011 for Mac Tips and Reports
[2] Troubleshooting File Sharing Issues with With Mac OS X and Windows
[3] Lion and File Sharing Tips and Reports
[4] Secunia Yearly Report 2011 (Requires filling out form to download)
[5] IT’s guide to managing Macs in the OS X Lion era