Four options to connect Macs to Windows 2003 file shares, pros and cons?

[HendersonD]

We are primarily a Novell shop at the moment but are contemplating a
move to Microsoft products and Active Driectory. This would include
file and print services as well as Exchange. We have 700 Windows XP
machines on campus and 400 Macs running MacOS 10.4.8.

There appears to be 4 options available to provide file services to the
Macs:

1. Microsoft's own File Services for Mac installed on a server. I
believe this supports only Apple Filing Protocol 2.2

2. AdmitMac - client installed on every Mac

3. ExtremeZIP - server install

4. MacServerIP - server install

Any comments on the pros/cons of the above choices? Any
recommendations?

If we do move to Microsoft products, I certainly want a Mac to startup,
come to the login screen, a user types in their credentials,
authentication to AD takes place, on the desktop or in the dock, the
persons home directory appears. They can save files in their directory
and if the product is available on the Windows side (Word, Excel,
Powerpoint) open it on a Windows machine.

Single sign on would be nice as well but I am not sure that is
possible. After logging in to AD, it would be nice that when they
launch Entourage, they are not hit with another login.

 

[William Smith]

My comments are inline with yours...

We are primarily a Novell shop at the moment but are contemplating a
move to Microsoft products and Active Driectory. This would include
file and print services as well as Exchange. We have 700 Windows XP
machines on campus and 400 Macs running MacOS 10.4.8.

There appears to be 4 options available to provide file services to the
Macs:

1. Microsoft's own File Services for Mac installed on a server. I
believe this supports only Apple Filing Protocol 2.2

Avoid this. It uses the old AFP 2.2 protocol and hasn't been updated in
years. This will not provide you long file name support and you may run
into problems due to the differing AFP versions.

2. AdmitMac - client installed on every Mac

A great product where you don't want to use AFP. ADMitMac uses SMB,
which means this is completely compatible with any Windows shares and
printers you create. You do not need to alter your file servers in any
way nor do you need to share an item twice (once for Macs and another
for Windows).

The downside to this product is price (although you can probably get a
good deal on 400 seats) and it requires installation on 400 clients as
opposed to much fewer servers.

3. ExtremeZIP - server install

Another great product, especially where you have Mac OS 9 and Mac OS X
clients sharing files. This uses the Mac's native file sharing protocol
(AFP) and is up-to-date with Mac OS X. Administering ExtremeZ-IP on your
file servers is probably the least administrative overhead.

The downside to this product are price (again, you'll get a deal on
multiple seats) and you must share Mac volumes in addition to any
Windows shares.

4. MacServerIP - server install

Nearly dead product. Support sucks. We moved our servers away from
MacServerIP to ExtremeZ-IP because MacServerIP had not been updated for
a while and we were unable to contact Cyan. We also found that version
8.0 did not transition smoothly to ExtremeZ-IP. MacServerIP had been
corrupting resource forks but this wasn't apparent until we removed the
product from our servers.

Any comments on the pros/cons of the above choices? Any
recommendations?

Thursby and Group Logic have great support and their products are well
documented. I'm biased toward ExtremeZ-IP simply because we use this in
our environment. Administering about a dozen file servers in our
environment running ExtremeZ-IP compared to 300 Macs running ADMitMac
makes more sense to me. You'll want to compare pricing; I bet
ExtremeZ-IP will be somewhat more expensive.

If we do move to Microsoft products, I certainly want a Mac to startup,
come to the login screen, a user types in their credentials,
authentication to AD takes place, on the desktop or in the dock, the
persons home directory appears. They can save files in their directory
and if the product is available on the Windows side (Word, Excel,
Powerpoint) open it on a Windows machine.

Single sign on would be nice as well but I am not sure that is
possible. After logging in to AD, it would be nice that when they
launch Entourage, they are not hit with another login.

Both ADMitMac and ExtremeZ-IP will support AD authentication, automatic
mounting of home directories and single sign-on via Kerberos. Neither
Entourage nor any other Mac email clients that I'm familiar with are
currently Kerberized. Office documents that are saved with the proper
file extensions (.doc, .xls, .ppt, etc.) will open in both Mac and
Windows versions of Office.

Hope this helps! bill

 

[HendersonD]

William,

Thanks for the great summary. We have to do some more investigation
work but if we do move to Microsoft products and AD, I do like the
server side ExtremeZIP better than having to install and administer 400
clients.

Right now we do straight IP printing. One of the things we would like
to implement is que based printing for two reasons:

1. I want my faculty and staff to easily be able to add there own
printers. For example, a faculty member takes their laptop to the
library and logs into our network (we have wireless everywhere). They
want to be able to print to the printer in the library. I want an easy
way where they can browse or hit a web page that lists all the printers
in the district. They double click on the library printer and it
installs with drivers pulled from the server. As similar scenario for
the Macs would be nice as well. Does windows que based printing allow
any of this?

2. I want to be able to get reports that show me what users printed
what lenght print job to which printers. In other words a great
overview of all the printing on campus.

Any ideas on the best methods (or products) to use to setup such a
print environment?

Dave

 

[William Smith]

William,

Thanks for the great summary. We have to do some more investigation
work but if we do move to Microsoft products and AD, I do like the
server side ExtremeZIP better than having to install and administer 400
clients.

Right now we do straight IP printing. One of the things we would like
to implement is que based printing for two reasons:

1. I want my faculty and staff to easily be able to add there own
printers. For example, a faculty member takes their laptop to the
library and logs into our network (we have wireless everywhere). They
want to be able to print to the printer in the library. I want an easy
way where they can browse or hit a web page that lists all the printers
in the district. They double click on the library printer and it
installs with drivers pulled from the server. As similar scenario for
the Macs would be nice as well. Does windows que based printing allow
any of this?

2. I want to be able to get reports that show me what users printed
what lenght print job to which printers. In other words a great
overview of all the printing on campus.

Any ideas on the best methods (or products) to use to setup such a
print environment?

Hi Dave!

With Windows Server's built-in Print Services for Macintosh you won't
get IP printing capabilities. It's only AppleTalk. This means you may
want to look for alternatives. Conveniently, Group Logic makes
ExtremeZ-IP Print Server as well and has an additional module for
accounting. We don't use this in our environment and I have no
experience with the product to be able to give you an opinion.

Windows Server does have the ability for Windows clients to connect with
a click of a link to a Windows print queue and when connected the
Windows client automatically uses the server's drivers and PPDs. Have a
look at the document referenced on this page on Microsoft's website
<http://www.microsoft.com/windowsserver2003/techinfo/overview/internetpri
nt.mspx>. I worked in an organization that did as the example mentioned
in the InternetPrint.doc file on this page and created custom web pages
with maps of our campus and locations of our printers. Windows users
only had to click a printer on the map to get connected. Unfortunately,
nothing quite exists yet to allow Macs to do the same thing. I suspect
Apple may some day incorporate this ability. Would be nice.

bill

 

[HendersonD]

I will take a look at the printing solution from Qlogic. All of my
newer printers (all HP) use Bonjour or multicast DNS to make themselves
visible to Macs. The problem is with multicast DNS you only see the
printers in your own subnet. Since my laptops when connected to
wireless are put in their own subnet, they do not see any of my
printers. A unified printing solution that either used building maps or
at least a way to drill down by double clicking on a building's name
and then get a list of printers would be nice.

Dave