How Mountain Lion Server Stacks Up To Windows Server [Feature]


Think OS X Server doesn't have equivalents to Active Directory and Exchange? Think again.
Think OS X Server doesn't have equivalents to Active Directory and Exchange? Think again.

Last week, I compared the costs of Mountain Lion Server with the licensing for Windows Server 2012 Essentials Edition. Both products are pretty clearly for the small business market. One of the big questions or concerns from readers centered around Microsoft’s Active Directory and Exchange. The assumption being that Apple didn’t provide anything similar.

That assumption, however, isn’t accurate. To clear up confusion, let’s take a look at what the core services and features in OS X Server actually offers and the audience that can best benefit from Mountain Lion Server – small businesses looking to set up a handful of services for a relatively small number of users.

Directory services – Let’s start with Active Directory and Apple’s longstanding equivalent, which is known as Open Directory. Open Directory is the native directory service in OS X. Like Active Directory, it is based on LDAP and it offers Kerberos authentication and single sign-on. Open Directory has its own schema that defines record types and attributes. Those records include users, groups, and computers. As in a Windows environment, those records can detail which workstations, services, and network resources a user can access. The schema also provides attributes for Mac client management, which is functionally similar to Windows Group Policies.

Open Directory uses the concept of domains a bit differently than Active Directory. Multiple domains are possible, but there isn’t a direct equivalent to an Active Directory forest. Macs can, however, join multiple domains. They can, in fact, join both an Open Directory domain hosted by OS X Server as well as an Active Directory domain – a process known as the magic triangle that allows Active Directory to provide user authentication and Open Directory to create a managed environment (often with far fewer issues than extending the Active Directory schema to support Apple-specific data).

Since Apple released Leopard Server nearly five years ago, Open Directory has provided another option. Using what Apple dubbed as augmented records, a Mac hosting an Open Directory domain can be joined to an Active Directory domain and can import records from that domain. Essentially this piggy backs those records with Apple-specific management and service data.

Also like Active Directory, Open Directory supports replication of directory data across multiple servers for fault tolerance, load balancing, and providing better performance to geographically remote offices. It’s replication options aren’t as robust as Active Directory, but are adequate for small to mid-size organizations.

Replication is one of the things I have no problem saying Microsoft does better in Active Directory. That’s true of the ability to tailor replication across networks and subnets to ensure the best possible response times and network load. It’s also true in terms multi-master replication across all the domain controllers in an organization. For large enterprise organizations, Active Directory is by far the better option.

Profile Manager – Open Directory has been the cornerstone of Mac management quite a while, but Apple does seem to be slowly moving from Open Directory to iOS-style configuration profiles and Mountain Lion Server’s Profile Manager feature. Those tools can provide the basic identity management and the majority of Mac client management capabilities. They also allow much simpler integration with Active Directory because client management is no longer dependent on a specific directory service. That ultimately is a good thing for small business that need a quick and inexpensive solution as well as for providing easy integration in Windows environments.

Exchange – Apple doesn’t provide a direct equivalent to Exchange. Instead Apple splits out the major functionality of Exchange – email, shared contacts, and shared calendars – into three separate services that can be configured for push notifications and accessed using Apple, third-party, and web-based tools. Unlike Exchange, those services are based on open standards.

For a business migrating to OS X Server from Exchange, however, the process is not easy. Largely that’s because Microsoft doesn’t make it easy (Microsoft has a vested interested in keeping organizations using Exchange). For businesses without an existing investment in Exchange, however, the process is relatively straightforward and cost-effective.

It’s also worth noting there are third-party options out there that provide a more Exchange-like environment running on a Mac server. Kerio Connect is generally considered one of the best such options.

Other Collaborative Tools – There are a range of collaborative tools that are important in business environments of any size. These include document and project management tools, private social networks, and other systems like internal chat and messaging. Apple’s primary collaborative solutions in Mountain Lion Server include a wiki and blog server that’s easy to get up and running. That system has the potential to function as a workplace social network. There are also more robust third-party options for project and customer management. Market Circle’s Daylite is one great example as is Kerio Workspace.

Web services – Beyond the wiki and blog system, Mountain Lion Server includes Apache and support for common web back-end web technologies like PHP as well as third-party content management systems like WordPress, Druple, and Moodle.

Databases – There are a range of different database options out there for Mac systems and servers. FileMaker is an excellent option for many small businesses because it meets many business needs while being relatively easy to learn. Even novice users can get up to speed quickly. There are a range of SQL options out there as well – most popular are options that are designed to work with Unix or Linux (OS X is Unix-based after) rather than options designed specifically for OS X.

I could go on about each and every service that’s available in Mountain Lion Server, but I think this covers the basic question of equivalent options to Windows Server. It is worth noting that, for larger organizations, OS X Server isn’t the option that it was a few years ago. As I’ve pointed out before, Apple’s decision to cancel the Xserve made it very clear that Apple will not compete in the enterprise server space. Instead, it is focusing its efforts on making Macs and iOS devices better corporate citizens to Windows enterprise technologies.

As a result of that decision, Apple has done a good job of focusing on the needs of small businesses with one or two dozen employees. Although there will still be some power under the hood, Mountain Lion Server’s biggest advances are in making those primary services a small business needs accessible to users who don’t have an extensive IT background. After all, those organizations aren’t likely to need a large Active Directory infrastructure. Likewise, they need just a handful of the services that major corporations require. That means that Mountain Lion Server can be an effective and inexpensive option for them.


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.