 |
| - |
by Brian Reichow
November 15, 2006
One of the biggest steps forward in user management is the network home directory (Mac OS X Server 10.2/10.3/10.4/10.5) and the portable home directory (Mac OS X Server 10.4/10.5). If you aren't taking advantage of this fundamental advance, you're missing out on one of the most important technologies of the last six years.
In a default Mac OS X environment, each user's home folder is contained on his/her Mac's hard drive. In a network home/portable home directory scenario, these user folders reside on a central server instead of exclusively being on individual computers. If it's all you've ever known, local homes don't seem so bad, but they actually create a lot of needless work. To illustrate, let's compare the practical differences between local homes and network/portable homes.
With standard Mac OS X local home folders... Significant time required to migrate a user from one machine to another Users are more or less tied to a specific machine Additional client backup software requirements Inconvenient to temporarily jump to a different machine
Any time a user is assigned a different machine (new or otherwise), you must copy their entire user folder from the old machine to the
new one. While Apple's Migration Assistant makes this process relatively straightforward, it still takes a considerable amount of time,
multiplied by the number of users and machines involved.
Any time a machine requires service or is otherwise out of action, the user is
inconvenienced because he/she must work on another machine that is not set up exactly like their preferred work
environment. The user's email, preferences, web browser bookmarks, music, and files saved on their desktop or inside
their user folder are not available, nor are any user customizations or special fonts.
Backing up user folders requires 3rd-party backup client software as well as the the effort to manage it. You must leave the client
machines turned on and not let them go to sleep. The backup process is quite slow, since it takes place over the network. Backup of laptop
users' home folders by nature must occur during the work day when they're around; since most of them work via WiFi/AirPort, the backup
slows down the wireless network while it's executing, affecting the productivity of all other wireless users.
If a non-laptop user borrows a laptop for out-of-office work, he/she will have to work in a largely foreign user environment and must
remember to copy over every last thing needed while out of the office, plus copy them back upon returning to the office.
In an environment with a Mac OS X Server, it is possible to shift user folders from being on individual machines to instead residing centrally on the server. By doing so...
Lead, and it will follow
Any user can go to any machine with the same software packages, log in as themselves, and work as if they were at their regular
machine. Preferences, email, files, desktop contents, etc. follow wherever the user goes.
Deployment time reduced dramatically
Deployment of a new machine is as simple as installing all necessary software (or imaging it with the "standard" setup) and then logging
in. The entire user folder of the
then-logged in user is automatically copied over to the new machine, as well as synchronized on a regular basis back to the
server. In practice, this reduces the time required to deploy a new machine from 4-6 hours down to 2-4 hours simply because no manual copying of user data is required.
The time required can even go below one hour with the use of system imaging.
Faster backup of user data
Since all user data is synchronized to the file server instead of strictly being on individual machines, it is quickly and easily backed
up without the use of any client software. Also, if the server is set up with redundant data storage (a RAID of some kind), user data is
in a safer place than a desktop Mac's hard drive.
The magic of one password for everything
When a user logs in to a machine, he/she is also logging in to the file server. Instead of having to provide a user name and password
each time the user logs in to something else on the server (file shares, protected web sites, etc.), the server already knows who you are
and these services allow you to connect automatically. This process, where a single password entered just once is the key to all services,
is known as single sign-on.
Automation vs. hands-on
It is possible to define a default user environment, including application preferences, dock contents, and so forth. This avoids the
need to set dozens of client-side preferences for a new user by hand, a process in which it is easy to miss or forget steps. This system,
known broadly as managed client preferences or simply just MCX, also allows administrators to establish and enforce various computer-,
user-, and group-level policies and preferences.
Self-service
End users can change their password without administrator involvement.
Jumping to another machine? Easy
Non-laptop users can easily "jump" to a laptop, say, to work on a project over a
weekend, while also taking their preferred work environment along with them. Assuming the same applications are available on both, the
user experience should be pretty much identical.
|
If you're interested in hearing more about leveraging network and portable homes in your organization, contact us. We've been doing
network home directories for six years, and have it down to a science. |