Apple on enterprise deployments pt 1 (cont.)

Now, that I have had more time to think about it, I would like to point out the pros and cons of Apple enterprise products.  The first thing that comes to mind when I think of what is lacking in OS X Server and enterprise set ups is printing services.  OS X Server really does not have any good printing services at all.  There are third party, and of course if you have any other integrated directory services running like AD or ED you can try to use their printing products as well. ARD Admin is awesome, but limiting and it likes to crash from time to time.  Which is why I wrote this ARD Uninstaller Script on my webpage, to help those that run into the same issues as I have.  The problem I have with ARD Admin is that there is no way to input a default username and password for authenticating to client machines.  For example, if you take the time to set up a  specific local account for ARD admin access, and you want every machine to use it, you have no way of making that automated.  Also, if you scan large subnets or many VLANs and try to observe several machines at once it is prone to crash.  Then again I have yet to find a VNC type applicaiton that doesn't have it's flaws, or performs slow. If you want to compare Apple to Micrsoft there are a lot of simularities on both products.  Microsoft has been in the game longer and may offer some more robust solutions, but Apple has kept the business model of an all-in-one solution.  You do get built in calendar services, wikis, web blogs, etc included in OS X Server.  You get all of that with OS X Server and there is no need to purchase special license or learn different methods of set up on your servers.  Each server is identical in installation and running services, it is up to the Administrator to decide what to run, and how to implelement it. Work Group Manager is something I have struggled with these past two years running our 1:1 macbook deployment.  The application definitely has some fralities in it, and it definitely needs improvement.  I tried letting WGM assign UIDs to accounts I was importing/creating and had lots of issues with it, so I ended up assigning UID blocks to certain user groups.   This allows me to set the UID range each group gets, and instead of allowing WGM to assign the UID I did.  Which gets around WGM generating a negative UID number for users.  When that happens the User account is not usable at all. I guess the bottom line I am trying to get across when running Apple products for your enterprise network is that there is no easy button.  There is no instant configurations, and there will be problems.  Apple does work hard on hiding all that stuff from the end user experience.  So, people get the conception that Apple products, "just work," which is true they do in many cases.  However, running back end OS X Server and trying to manage and maintain thousands upon thousands of clients is no easy task, and there is no easy way to just do everything from one click buttons.  Apple does have three different ways you can install OS X Server.  Simple, Workgroup, or advanced.   I see where Apple was going with this, and they wanted to make it easy.  Which I think was a mistake on their part.  It gives people a certain "blanketed" sense of security that they can one click configure anything they need to.   Which is never the case in most parts.  You should always learn the product to what it's potential is in my professional opinion.  Apple tries to market it as you don't need to be an expert to run OS X Server.  That is true, but you should also know what you are doing.  When I search sites and forums for answers to problems I have, I come across questions from time to time where someone set up a simple server and can't configure a service.   Not realizing that simple servers don't run every service and they assume lots of things too.   That can be a security risk.  So, if you are considering using Apple products for your enterprise deployment, go ahead and read a book, take a class, and learn the product.   It isn't that hard but it will take time to learn.  I still learn new things every day myself, and keep adding them to my tool belt of knowledge.