Monday, July 25, 2011

Lion Server alternative to Windows or Google docs?

It was time to install a Lion Server after Apple released their latest OS. What were the results?

1. Lion server configuration
The standard configuration of Lion server is pretty simple. However some knowledge of networks is necessary to set it up. Somebody with no network knowledge could get lost. But to be honest I yet did find any server software easy to install, without basic network knowledge.
It is pretty easy to configure the server in a local network because there is no need for things like DNS or SLL certificate. However it gets much more complicated if the server should serve as a web server. Two things are important to have done before configuring the server.
A) have all DNS settings ready.
B) have already all necessary SSL certificates ready. SSL encryption certificates can cost between $30 and $2000 or more. It is a good idea to bing for the correct certificate, not everybody needs to have all in one certificates. If you have a lot of sub domains then you can use one certificate with wildcard.
If you install a Lion web server without SSL then it will get tricky to install the clients. A really positive part is that Lion allows you to apply for the CSR via Lion GUI.

2. Help/Support and usability
The configuration is very easy but not always intuitive and the manual is very poor. Apple seem not take enough time to write comprehensive manuals but at least they look good. Sometimes it is just not clear why a form asks for for domain and host name. It would be nice to get some explanation what the difference is between host and domain name. Apple help texts are far less extensive than Microsoft help. There, Apple can clearly learn from Microsoft. As an example when I installed recently Dynamics CRM, Microsoft did send with the disc tons of documents for installation, migration, configuration etc. And everything which I could not find in Word, I could find at Microsoft online. Apple forums and online help is not very good, but I guess it is, because the price tag is much smaller.
But other parts of the installation were simple good explained and just one click away. Lio Server install is half horrible to understand and half so easy a caveman could do it. This is weird.

3. Profile Manager
Lion allows to remote configure clients networks and connections to servers using the Profile Manager. for the software distribution and settings for clients is Apple Remote Desktop responsible, which is unfortunate not a part of Lion server and costs extra.
Profile Manager is not a thick client app, it is unfortunately a web app which works only good with Safari. And it takes forever because you don't call the client from server, you have to open safari on the client to connect to the server to make the connection. A company with 200 clients will take a while, maybe remote desktop would be able to do this. You can use the Profile manager from the server to push changes as soon the first install on client side was done.
What does the Profile Manager configure?
Global Address-book connection
email settings
ICal settings
And some other client settings.

Really cool is, that the power is now in the hand again of the IT guy. He can, if he is really in a bad mood, delete the clients with one easy click.
The wipe button is everywhere on almost each page of the profile manager and can be easily hit by accident.
The client configuration is not always intuitive. Sometimes the system asks for an alternative password but still i have to find out what the reason is to have an alternative password. Did not find anything documented.

4. VPN or not
Lion offers Encrypted connection without VPN for the clients. I can't recommend to do so, it is surely easier without VPN but I might not trust the security. In our company all enterprise apps are only accessible via VPN. But for some parts like a global address book no VPN is much better experience for the user. Most of our sales people even don't know how to switch VPN on.

5. Functions
File Sharing, iCal Server, Wiki and address book work like a champ. It is very easy to attach files to appointments which allows to get opened through iCal over other computers. This is almost like a mini document management with CRM. iChat and Podcasting are as well good company functions. However I had no time to test and don't know if iChat allows to add people outside from the company.

The mail server is horrible to use. Don't try to create email addresses or to create aliases. This works so easy in Windows but very user unfriendly in Lion. However the build in Anti Spam and Anti Virus softwares are pre configured. A big plus.

6. Why using a Lion Server?
Lion is a great server for companies which are too small to move their servers into the cloud but on the other hand don't want to spend $50.000 or more on MS Software licenses. The Lion server offers much more than google docs and and google mail combined and is more likely similar to MS Windows Server with exchange and SharePoint and communicator but as I mentioned before much cheaper. But the really big advantage of the Lion server in comparison to Microsoft is the integration of iphone and iPad. Lion server does make sense, In a time where companies are moving more and more to iPhone as company phones. The integration of address book, iCal and mail is just great. Exchange is maybe more scalable than Lion however Apple does not yet try to attack large cooperations like the government or Siemens. However if Google is able to sell to the government google mail and google docs then Apple will be able too.
I can see for large companies parts moved to lion like file server which is much more stable than windows file server and much easier to support.
Of course the integration of Office, SharePoint and Dynamics products is much more sophisticated than Pages with Lion Wiki, but we all know that even SharePoint with Office integration is not working perfect and a company needs to have very expensive license (Volume license) to do so, otherwise you can only read office documents in the web browser but you can't edit them in the browser through SharePoint.

7. problems and solutions

A) Lion installation
The installation went wrong, because I have been not in the mood to wait for my DNS and SSL certificate. I got it without running, but have been never sure, if it is s clean install or not.
I decided to restart the server and to try the CmD-R recovery mode. In one of the help texts I did read that best practice is to delete HD and then reinstall. I have been almost certain my recovery mode reinstall will not work. But to be honest it rocked. The recovery GUI is very nicely done and very intuitive. The recovery mode will guide you (after deleting the HD) to the main menu which hosts the button for the lion install. The computer downloads again the OS from Internet and when it is done the OS is installed including all server components. After this I could configure the system as the computer would have come just right out of the factory. I created a new user and was ready to rock.

7) Remote access
I decided to install on my MacBook Pro the remote control for my server, after Lion install number two and a few cups of coffee (black no sugar).
however the tool was tricky and I accidentally installed a complete Lion server on my notebook. Of course you can keep the server software offline and use your notebook as just a client, however it is nothing we want to have on a client computer.
But how to get Lion Server off without messing up my notebook? Of course time machine.
First i copied the TM backup to a local HD which took a while because it was 300GB of data to a USB hard drive. Time for another coffee.
After this I started with CmD-R again the lion recovery mode and activated the recovery of the computer from the backup I made.
It got late, so went to bed. The next morning I found my MacBook Pro automagically (funny cool word) in the same state as before I accidentally installed the lion server on it. This was cool.
Not only (as I wrote) is the New Lion OS easy to install (of course easier than Lion server) but to restore a OS over the Ethernet through TM is absolutely great and almost not easy to beat.

Most of this article is provided from a friend of mine in Germany who recently converted to Apple. Since then he bought more Apple devices than I ever owned. Right now he is working on some secret iPhone app (he does not want to tell me what) which, I am sure, will be great.

  1. Thanks for the post, I am in the process of setting up a Lion Server for a Photography School here in Iceland. This information will be of great help.

  2. Great. Please let me know how it went. I would like to blog about it.