+ Post New Thread
Results 1 to 14 of 14
Mac Thread, Networking a set of Mac - Do's and Don't in Technical; I've finally had to give in and get 7 Imacs for our Music Tech Department! What are the basic do's ...
  1. #1

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351

    Networking a set of Mac - Do's and Don't

    I've finally had to give in and get 7 Imacs for our Music Tech Department!

    What are the basic do's and don'ts with them when it comes to networking these?

    They have requested something along the lines of what they have for the current XP machines in which they simply have internet access (which means they need to login) and connections to there Nas drive which the Music Tech guys have.

    How do you setup on a Mac so that it maps the drive on login etc

  2. #2

    3s-gtech's Avatar
    Join Date
    Mar 2009
    Location
    Wales
    Posts
    3,104
    Thank Post
    161
    Thanked 655 Times in 588 Posts
    Rep Power
    169
    If it's bound to AD, it'll auto connect their home area on the network - whatever's specified in the user dialog box. As for other mapped drives, it's a little more involved but not difficult, just involves setting scripts as login items.

  3. Thanks to 3s-gtech from:


  4. #3
    AntonioRocco's Avatar
    Join Date
    Oct 2008
    Location
    South Yorkshire
    Posts
    270
    Thank Post
    11
    Thanked 114 Times in 95 Posts
    Rep Power
    41
    Hi

    Apple Menu > System Preferences > Accounts Login Options. Click the Join button. Key in the domain name. You should be prompted for an account name and password that has authority for the AD Domain - eg: yourdomain.com. For that amount of Macs you can use any AD Users' account details.

    Some Do's

    1) Make sure all Macs have unique names - Apple Menu > System Preferences > Sharing > Computer Name.

    2) Make sure all Macs are referencing the same NTP Server - Apple Menu > System Preferences > Date & Time > Date & Time. Key in the DC's IP Address assuming the DC is your NTP Server?

    3) Disable Automatic login and keep the default local administrator's name and password secret. Even from the Teachers. Apple Menu > System Preferences > Accounts > Login Options. The relevant setting should be fairly obvious.

    4) Change the default Ageing level for Reverse DNS entries to 1 or 2 days.

    5) Try and follow Microsoft's Best Practices. For example try and keep OUs to no more than 3 deep. Try and keep the container/folder structure fairly flat.

    Some Dont's

    1) If you don't want User's home containers to be created locally access the Directory Utility. /System/Library/CoreServices. Click on the Active Directory plug-in and select the Show Advanced Options disclosure triangle. De-select the option.

    2) If you're using .local as the .TLD for your internal domain you will have login issues. If your DNS and DHCP Services are configured correctly you hopefully won't see that many problems? Having said that expect some random and intermittent problems anyway. The .local suffix is reserved for Bonjour/Rendezvous Services which can't be switched off.

    3) Once bound to your Domain Users will have full access to browsing the Network - you can't stop this. If your AD environment is not locked down with appropriate permissions or the macs are not in their own VLAN or subnet, you may find any user having complete and unrestricted access to just about every share/pc you've configured.

    Other Useful Pointers

    1) There are no GPOs (apart from the password policy) that can be applied to Users logging onto a Mac - not without a Mac Server, altering the AD Schema or specialist and potentially expensive 3rd-Party help.

    2) Once Macs are introduced into any AD environment they will inevitably find every flaw and weakness like nothing else.

    3) Don't attempt to make Macs behave like a PC because they won't.

    4) You can't deploy Mac applications from a PC

    5) No matter what anyone tells you there are currently no viruses/exploits for the platform

    6) Macs are fundamentally UNIX boxes so you can't log in without the existence of or the ability to create a home folder. The container/folder must have the shortname of the desired user - eg: Any Body (long name) anybody (short name) - set. That container must also allow that user read/write permission.

    7) Avoid overly strict Quotas. 1GB should be enough for what you appear to require?

    The above is not an exhaustive list but should help?


    Antonio Rocco (ACSA)
    Last edited by AntonioRocco; 11th July 2011 at 08:39 PM.

  5. 5 Thanks to AntonioRocco:

    bodminman (11th July 2011), glennda (11th July 2011), m25man (11th July 2011), Roberto (12th July 2011), Rozzer (14th July 2011)

  6. #4
    bodminman's Avatar
    Join Date
    Apr 2007
    Location
    Sunny Suffolk
    Posts
    1,210
    Thank Post
    791
    Thanked 232 Times in 123 Posts
    Blog Entries
    1
    Rep Power
    91
    Nice pointers Antonio, thanks.

  7. #5

    featured_spectre's Avatar
    Join Date
    Nov 2008
    Posts
    12,504
    Thank Post
    1,684
    Thanked 2,054 Times in 1,491 Posts
    Blog Entries
    2
    Rep Power
    464
    Whilst I disagree with pointer 5 on the useful pointers part, the rest is pretty much around advice, and very well put. Have some rep (when I get on my laptop I will do it)

  8. #6
    bodminman's Avatar
    Join Date
    Apr 2007
    Location
    Sunny Suffolk
    Posts
    1,210
    Thank Post
    791
    Thanked 232 Times in 123 Posts
    Blog Entries
    1
    Rep Power
    91
    With regards to point 5 though, would I be correct in saying that there are no self propagating virus/malware as on a Mac these would require some type of user input for them to work.

  9. #7
    Jamo's Avatar
    Join Date
    Jan 2009
    Posts
    1,365
    Thank Post
    66
    Thanked 178 Times in 150 Posts
    Rep Power
    62
    One strange thing I have noticed is that if you redirect the users home directories to your Windows shares that if you havent already created the folders in My docs (Desktop, Libraries etc) then OSx doesn't give the user permission to read back the files in some of the dirs (namely the desktop folder). We get students able to save work and then not move / copy it at all! Very odd!

  10. #8
    round2it's Avatar
    Join Date
    May 2009
    Location
    UK
    Posts
    1,084
    Thank Post
    255
    Thanked 161 Times in 116 Posts
    Rep Power
    41
    Quote Originally Posted by Jamo View Post
    One strange thing I have noticed is that if you redirect the users home directories to your Windows shares that if you havent already created the folders in My docs (Desktop, Libraries etc) then OSx doesn't give the user permission to read back the files in some of the dirs (namely the desktop folder). We get students able to save work and then not move / copy it at all! Very odd!
    that will explain why my system would not allow imovie and a few other programs to run when i used the users home directory to store files

  11. #9
    Jamo's Avatar
    Join Date
    Jan 2009
    Posts
    1,365
    Thank Post
    66
    Thanked 178 Times in 150 Posts
    Rep Power
    62
    Yeah iPhoto is also weird as it won't let you save the iMovie files to an NTFS partition you need to run it with ALT-click so you can select a non default location!!!!

  12. #10

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351
    @AntonioRocco

    Core thats one hell of a post! Thanks - hopefully i will get a chance to play with them more! but at the moment i haven't got much time!

    If i have any problems i'll post back!

    cheers fellas!

    oh and you such an apple fan with point 5!!

  13. #11

    Join Date
    Sep 2008
    Location
    England
    Posts
    278
    Thank Post
    6
    Thanked 70 Times in 62 Posts
    Rep Power
    53
    I've yet to hear a good reason not to put antivirus/anti-malware software on a mac. I think if they have access to windows shares, and users can use memory sticks/email on the macs, it should be installed.

    Many schools will have site licenses for it anyway - I think all london schools are licensed for sophos, arn't they? So there shouldn't be a cost argument.

    We haven't had any performance complaints that we can attribute to antivirus in our media and music departments. It should also help minimise any panic when someone does come out with a significant virus or trojan for mac.

    I don't think (self-propagating) viruses are the only thing to be concerned about either. There is other malware that will be filtered out, and there is the potential for a malicious user to try something nasty.

  14. #12

    featured_spectre's Avatar
    Join Date
    Nov 2008
    Posts
    12,504
    Thank Post
    1,684
    Thanked 2,054 Times in 1,491 Posts
    Blog Entries
    2
    Rep Power
    464
    If you are attached to the London Grid for Learning you are site licensed for Sophos for either PC or Mac

  15. #13
    AntonioRocco's Avatar
    Join Date
    Oct 2008
    Location
    South Yorkshire
    Posts
    270
    Thank Post
    11
    Thanked 114 Times in 95 Posts
    Rep Power
    41
    @bodminman

    Yes.

    @glennda

    You're more than welcome!

    Actually I'm not an Apple fan. Apart from being an ACSA (Apple Certified Systems Administrator) I'm also an MCSA (Microsoft Certified Systems Administrator). I can see the merits and de-merits of both platforms. Both have their strengths and weaknesses. I think the phrase 'Horses for Courses' could be applied although I have to question why you 'need' macs in a mature AD environment? Surely the units you already have are more than capable of being used to produce musical content as well as anything else deemed to be a mac's sole preserve?

    If it was me I would have asked what compelling reason does the school need to purchase macs? Looking nice would not be a compelling reason in my view. Having said that my own view is the platform stacks up pretty well when compared like for like. No doubt others will have their own opinions (rightly so) - usually based around costs and/or lack of understanding.

    Point 5 was always going to be a moot point for those that look at things with a firm - but jaundiced - 'Windows' eye. However the point is well made. There are currently no viruses, malware or any other kind of nastyware for the platform. How you tackle this fact is entirely up to you. If you're installing Anti-Virus software on a Mac it's not to protect the Mac. If your PCs already have up-to-date A/V installed what would be the point? At best all it gives you is another layer of defence for your PCs. Which is as good a reason as any I suppose?

    In 30 years of using computers of one kind or another, PC, Mac, Honeywell, Sun etc I've never installed any A/V software and I've never had a Virus.

    There are no mac applications AFAIK that are expressly designed to work with networked accounts. The fact that some of them do or sort of do, is a bonus. As ever YMMV.

    HTH?

    Antonio Rocco (ACSA)
    Last edited by AntonioRocco; 12th July 2011 at 12:59 AM.

  16. #14

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351
    Quote Originally Posted by AntonioRocco View Post
    @bodminman

    Yes.

    @glennda

    You're more than welcome!

    Actually I'm not an Apple fan. Apart from being an ACSA (Apple Certified Systems Administrator) I'm also an MCSA (Microsoft Certified Systems Administrator). I can see the merits and de-merits of both platforms. Both have their strengths and weaknesses. I think the phrase 'Horses for Courses' could be applied although I have to question why you 'need' macs in a mature AD environment? Surely the units you already have are more than capable of being used to produce musical content as well as anything else deemed to be a mac's sole preserve?

    If it was me I would have asked what compelling reason does the school need to purchase macs? Looking nice would not be a compelling reason in my view. Having said that my own view is the platform stacks up pretty well when compared like for like. No doubt others will have their own opinions (rightly so) - usually based around costs and/or lack of understanding.

    Point 5 was always going to be a moot point for those that look at things with a firm - but jaundiced - 'Windows' eye. However the point is well made. There are currently no viruses, malware or any other kind of nastyware for the platform. How you tackle this fact is entirely up to you. If you're installing Anti-Virus software on a Mac it's not to protect the Mac. If your PCs already have up-to-date A/V installed what would be the point? At best all it gives you is another layer of defence for your PCs. Which is as good a reason as any I suppose?

    In 30 years of using computers of one kind or another, PC, Mac, Honeywell, Sun etc I've never installed any A/V software and I've never had a Virus.

    There are no mac applications AFAIK that are expressly designed to work with networked accounts. The fact that some of them do or sort of do, is a bonus. As ever YMMV.

    HTH?

    Antonio Rocco (ACSA)
    TBH i'm not 100% sure why we had to get mac's! but we did not pay for them it has come with a building fund for our Music Tech Department. plus a local school got some so we must have some!

    Plus I hate windows just as much as i hate macs! Linux all the way!



SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 7
    Last Post: 13th June 2011, 04:54 PM
  2. Replies: 4
    Last Post: 20th May 2011, 07:30 PM
  3. Mac/Windows Networking NAS, X Server, Win 2008 ? Advise please
    By Shorty in forum Network and Classroom Management
    Replies: 0
    Last Post: 10th May 2011, 04:31 PM
  4. [For Sale] Promethean 32 set Activote Set (Brand New)
    By lgfl_it_guy in forum Classified Adverts
    Replies: 20
    Last Post: 8th February 2009, 12:41 PM
  5. Replies: 5
    Last Post: 15th November 2008, 06:23 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •