Categories
macOS Server

Synology NAS as a macOS Server replacement

Apple discontinued the macOS Server product on April 22, 2022. The last remaining services were the Profile Manager and Open Directory. Profile Manager was Apple’s reference MDM server. It configures security controls and other settings on Apple devices. Open Directory was Apple’s version of OpenLDAP. It provided a staff directory, used for authentication and user…

Categories
macOS macOS Server Security

YubiKey smart card login with Open Directory

Yubico sells Mac-compatible USB authentication keys for two-factor authentication. Its YubiKeys support a slew of authentication mechanisms. I just started working with their FIPS-validated key for one of my clients. Yubico’s FIPS keys appear to be functionally equivalent to their YubiKey 4 series. (Yubico is currently selling the 5 series for those customers without a need for…

Categories
macOS Server

Upcoming macOS Server changes

  On January 24, Apple announced that fundamental changes are coming to macOS Server in the spring 2018. The following services will be deprecated: Calendar, Contacts, DHCP, DNS, Mail, Messages, NetInstall, VPN, Websites, Wiki. In an unspecified future release, these services will be removed. It appears that Profile Manager, Open Directory, and Xsan will remain.…

Categories
Applications macOS Server

Mac calendar share vs. delegate

If you’re using the Mac’s native calendar application with certain CalDAV servers (such as the service that comes with MacOS Server), end users can share and delegate their calendars. Here are the differences between these options: Sharing a calendar allows you to give users either read or read/write access to your calendar. A calendar can…

Categories
macOS Server Security

Alternatives to Profile Manager for Macs

  Apple’s Profile Manager is an example of a Mobile Device Management (MDM) system. Despite the “mobile” designation, many MDM systems can manage desktop computers. The Profile Manager is no exception. It can be used to centrally configure and lock down Macs, iPhones, iPads, and Apple TVs. While there are a huge number of MDM vendors for iOS devices,…

Categories
macOS Server

Portable home directories with Sierra

  Apple published two articles about the state of portable home directories in Sierra: a knowledge base article about mobile user accounts and an institutional preparation guide for iOS 10 and Sierra. The takeaway is that portable home directories are no longer supported on Sierra. This means that a network home and its accompanying local home will no…

Categories
macOS Server

OS X Server – NetInstall

  When you’re responsible for rolling out tens or hundreds of Macs in your company, an automated build process is necessary. Could you imagine having to configure each machine individually, and manually installing your company’s software packages? This might be practical in a small company, but it’s a huge drain of resources in a mid-sized…

Categories
macOS Server Networking

VPN on OS X Server

Telecommuting has become a viable option for employees of many large companies thanks to the availability of remote access technologies. You might have heard of some of these technologies – VPN, remote desktop, VNC, and IPsec, to name a few. What you may not realize is that you can leverage these technologies for your small…

Categories
macOS Server

OS X Server – Profile Manager

The “killer app” for the OS X Server is the Profile Manager. Apple bundles this mobile device management (MDM) service with the $50 Lion Server. It’s truly an unbelievable deal. Not only does the Profile Manager manage your iOS devices, but it can also manage Macs using the same administrative tools. While there are many…

Categories
macOS Server

OS X Server – Wiki

Did you know your business can run its own wiki? A wiki is a collaborative web site, where users can easily create web pages filled with content. Documents, pictures, tables, and links to other pages can all be added without any technical knowledge. Additionally, security permissions can be applied so that only certain users can…