PDA

View Full Version : Macs Play Well with Others: Macworld Attracts Enterprise Con...


MacBytes
Jan 14, 2005, 03:20 PM
Category: Apple Hardware
Link: Macs Play Well with Others: Macworld Attracts Enterprise Connectivity (http://www.macbytes.com/link.php?sid=20050114162002)
Posted on MacBytes.com (http://www.macbytes.com)

Approved by Mudbug

24C
Jan 14, 2005, 04:06 PM
"2005 Year of HD"...what about "2005 Year of Enterprise"

PS Anybody read Andreas Pfeiffer piece off this eWeek page? Not too bad.

winmacguy
Jan 15, 2005, 01:31 AM
From what I understand there are only 2 simple things keeping Apple out of the enterprise market.
1 Administrator passwords do not go inactive after 30 days (Win NT has this feature) Meaning an old adminitrator can still use an old password to gain access to a system.
2 No file auditing capabilities for administrators in OSX, meaning an administrator can not track users who have been in and accessed files on the network by time /date and amount of times file was/were accessed.Win NT does this. If Apple was to put these two functions on the OS it would be accepted into enterprises with "bells and whistles".

Kagetenshi
Jan 15, 2005, 12:38 PM
Regarding admin passwords, that's what disabling the account is for.

~J

winmacguy
Jan 15, 2005, 03:04 PM
Regarding admin passwords, that's what disabling the account is for.

~J The only reason I say it is because our IT admin at work who told me about it said it was one of the faults with OSX. He has been with OSX since 2000 and was using NeXT Step prior to that. It was also something that the company he was working for at the time wanted but Apple would only do as a proprietary solution. It was the one thing that stopped the company purchasing 300 Macs for their offices in an enterprise situation.

solvs
Jan 17, 2005, 12:33 AM
Could've sworn there was a third party software that did this. I know my Mom's school had this on their OS 9 Macs. Maybe there's a script or feature in Tiger than would work.

shamino
Jan 17, 2005, 02:28 PM
1 Administrator passwords do not go inactive after 30 days (Win NT has this feature) Meaning an old adminitrator can still use an old password to gain access to a system.
There may not be a direct GUI interface to this in MacOS (I don't have the server edition at home), but that doesn't mean you can't do this.

MacOS X, like most other Unixes these days, uses PAM (Pluggable Authentication Modules). If there isn't already a module that lets you configure passwords this way, it would be trivial to download and compile an open source module (say, from Linux of FreeBSD) to provide this.

This sounds like the complaint either came from someone that doesn't understand the system very well, or from someone looking for an excuse to reject the platform.
2 No file auditing capabilities for administrators in OSX, meaning an administrator can not track users who have been in and accessed files on the network by time /date and amount of times file was/were accessed.Win NT does this. If Apple was to put these two functions on the OS it would be accepted into enterprises with "bells and whistles".
Again, even if there is no bundled GUI way to configure this (it's not in the workstation version, but that doesn't mean it's not in the server version), the system does have a BSD environment under the covers. This kind of feature could be easily downloaded and installed.

FWIW, there was a feature that my company needs that prevented us from going with an Xserve/Xserve RAID file server. That's snapshotting. Where the system automatically takes a snapshot of the entire file system on a periodic basis (every few hours with our configuration), and doing it in a way that doesn't waste a ton of disk space. Network Appliance does this with their servers, which is why we use them. Most other vendors (including Apple) do not. And as far as I know, this isn't something you can quickly add on, since a key component of it (copy-on-write disk blocks) must be implemented in the file system driver itself.