I don't know if this would be of any use to anyone setting up, or considering setting up a mixed platform computer network, but I though I'd post how our network is set up incase it's of any help.
At the moment, we have a Windows 2000 domain controller with a small Citrix Metaframe XP server farm. This DC holds all user accounts for our school of 1500 students and 130 staff. All Windows XP machines, and Macs are bound/joined to Active Directory.
Home folders are stored on two Apple XServe RAID units - one for students and one for staff. These don't have to be Apple, but for us they are. They serve home folders by SMB to Windows clients, and AFP to our Macs. Although the Macs could be served over SMB too if you wanted a Windows home folder server.
We have a G5 X Serve server running Mac OS X Server 10.5 which is bound to Active Directory, and is also an Open Directory (Apple's AD) master. Our client's have this LDAP server in their authentication list so that they can pick up Managed Preferences. We have a set of managed preferences for Staff and a set for Students (two groups). Typically these are proxy settings, printers by room, login window text saying "Welcome to xxxxx" and reminding students that computer use is monitored. Any special machines which need specific preferences have them set under the computer account section of Workgroup Manager (WGM) - for example we have the bluetooth system preference available on art computers where students swap around some Wacom graphics tablets.
Printing is managed by MCX (Managed Client for X, or managed preferences). Printers are set up on a Windows 2003 server with printing services for Unix installed. Macs are set to print to LPR queues with an appropriate driver - either the manufacturers own or a free ppd from linuxprinting.org, often helpful to get Macs printing to older / crappy inkjets. This server also runs PaperCut NG so that we can limit student printing. Staff can only print by entering a PIN number so that their costs are charged to their department. The PaperCut client is a login item forced by MCX so it opens when kids log in.
To cut down network traffic on our 10.4 machines (which are 90% of our Macs), we use a local home folder setup. We have a script which copies a clean, custom home folder from a template when a student or staff member logs in, it then links the users Desktop, Documents and Pictures to their location on the network. This also lets us set up preferences for applications which cannot be managed by OS X Server. Our 10.5 machines with their cache redirection are pure network homes machines (equivalent to roaming profiles in Windows), where Dock settings, bookmarks and icon arrangements follow students from machine to machine.
We use a selection of write only folders on a shared server as 'drop boxes', so that kids can hand work in to teachers by dropping them in the teacher's folder.
We have a world read-writable folder on the hard disk of each Mac so that any students who wish to audio or video edit can do so reliably without choking the network, or writing 13GB DV files to our servers.
When students log in to Windows, they get the same deal - their Desktop and My Docs are mapped to the network. Printers are managed by a login script using 'con2prt'. This is the same for staff, too.
We also utilise our Citrix farm to provide access to Windows only software in a 'seamless' window. For example, students can log in to their Macs, then launch 'ChemSketch" which is a chemical structure drawing app. This will launch a Windows login box on their screen, they log in, then ChemSketch appears like it was a Mac app.....but it's running on a Windows terminal server. They can then copy and paste between the Mac OS and Windows enviroments.
We use NetBoot on another Mac server to host netinstall images. We have a 10.5 Intel image, a 10.4 Intel image and a 10.4 PPC image which can be remotely installed onto any of our Macs if they break. We then use Apple Remote Desktop to run a script on them to bind them to Active Directory after installation, as well as to install any software and help end users via remote control or text messaging. Our Mac machines range from 700MHz 'lampshade' iMac G4s, to 20" Core2Duo iMacs. There's even one 400MHz G4 left in a classroom which is still used, and no one complains it's slow!
We have an old G5 running 10.4 client and Web iPhoto Access - this allows us to share the school photo library to staff via iPhoto on the Mac, and via a web interface on Windows (or Mac!) - very handy when staff want to produce promo materials as all photos are tagged with keywords and are instantly searchable.
Mac laptops run portable home folders - meaning they sync in the background to be up to date with the user's network documents. Windows laptops use offline files if their hard disks are big enough to cope.
Antivirus is served from a Windows server to both platforms using Sophos Enterprise Manager. All clients auto update from this. We're also licensed to offer updating to staff members' home machines via our LEA's main Sophos server, which is nice.
Over the summer we're moving our AD server and Citrix servers to Server 2008, from Win 2000, as we need to support inter domain trusts so students can have access to our systems from home.
Oh, and we have around 450 machines in total. Plus some random Asus eeePCs.
That's how our system works in a nut shell. If you have any questions feel free to message me!
There are currently 1 users browsing this thread. (0 members and 1 guests)