The desktop/laptop market is most certainly dominated by Microsoft Windows as it has been for many years now. This is especially true amongst business users as the overwhelming majority of business applications run on Microsoft Windows. However, the market share for Apple’s Mac OS is on the rise, and has been for the last 5-10 years. In the last year alone, Apple’s market share has grown nearly 30% and currently stands at 10.9% (Source: Ars Technica) And while Microsoft rules in the business world, Apple has always enjoyed a strong following amongst educational institutions.
Apple provides a robust suite of utilities in their iLife programs that many students use to create DVD’s, presentations, photo projects, web sites, etc. When students graduate and begin their careers, many will need to understand Microsoft Windows based applications as well in order to be competitive in the job market. So many schools are beginning to use mixed environments of both Macintosh and Windows based PC’s in their curriculum. This gives the student a good mix of both systems and better prepares them to be ready for whatever computing platform they may find themselves using when they start their career.
While this mix of computing is wonderful for students, it can wreak havoc on the technology administrators who have to maintain the computing systems. In many cases you find institutions that have separate usernames and passwords for both platforms and have varying capabilities in terms of desktop and user management. This type of scenario is a system administrator’s worst nightmare as they lose the ability to properly maintain the computing environment. So what is the answer? For many, Active Directory and Open Directory Integration.
Active Directory (AD) and Open Directory (OD) are two separate directory services based on the Lightweight Directory Access Protocol. Both are responsible for storing user account information, computer account information, information regarding shared files and folders on servers, management settings for desktops, etc. AD is the directory service utilized by Microsoft Windows based servers while OD is utilized by Apple Mac OS Servers. In the past they were used separately which meant having your Windows computers and users tied into AD while your Mac OS computers and users were tied into OD. And since the two systems are incapable of synchronizing user account information, this meant two accounts for all users that utilize both systems. That has all changed in the last few years as work has been done to allow the two systems to integrate with one another making the job of the system administrator much easier.
So how does it all work? Generally speaking you would have at least one Microsoft Windows Active Directory server and one Mac OS X Open Directory Server. The Mac OS X server would be bound to the Windows AD server, and all Mac OS X clients are then bound to both directory services. Once setup and configured properly, this allows for seamless usage of the systems in your environment by the end users. A student can go to their Intro to Business class and login to a Microsoft Windows computer to run applications like Microsoft Office, QuickBooks, etc. and then go to Intro to Web Design the next hour and login to an Apple Mac OS X computer using the same account to run applications like Adobe InDesign, iLife, etc, making their life much easier!
What about the system administrator though? How does this benefit them? Well for starters they have half the accounts to manage! All user accounts are stored in Active Directory so no account management is necessary in Open Directory. This also makes setting up file shares and home drives much easier. Since the same accounts can be used on both Windows and Mac OS X computers, file shares and permissions only have to be setup once. The user can then access his or her files regardless of what operating system they are using. This also allows for the most thorough desktop management capabilities possible. The system administrator can utilize Group Policies to manage various aspects of the Microsoft Windows computers such as access to system settings, ability to install applications, etc. Likewise, they can utilize Managed Preferences in Open Directory to control the same types of settings on the Apple Mac OS computers. The end result is an environment in which both of the major computing platforms can be utilized seamlessly with minimal impact on the users or the system administrators.
Setting up this type of environment definitely requires planning and a thorough understanding of both Active Directory and Open Directory, but if the system administrator is willing to put in a little bit of time gaining an understanding of how to integrate these two technologies, Windows and Mac OS can most certainly co-exist peacefully in your environment.
Justin is a Lead Solutions Analyst at Infrastructure Technology Solutions, and blogs (from his Mac) at www.iowatechtalk.com