Apple - my love hate relationship.

As much as I love Apple products, their success in the consumer product field with the iPhone and the iPad has shifted them away from the enterprise, higher education and professional user base that they once competed in. That's what has led me to become a refugee from MacOS X Server. In its Lion incarnation, Apple has really moved away from the tools they once developed to administer Server. While they are still provided as a separate download; the management tools in Server now betray a dumbing down that makes it fit for the $40 they charge for it nowadays.

Lion Server has proven to be buggy, not that Apple had ever fully sorted out their server tools fully. Having used it since Panther Server I witnessed the evolution in the tools and the change in the open source software they offered in each iteration. The real problem I believe is the half baked GUI tools that Apple offered to manage the underlying programs. The ones which are notorious in my hands are the BIND DNS service and the LDAP Open Directory service. The tools for these two and especially DNS are so bad that any false move can destroy a working server and require a re-install. That happened to me at least a handful of times and the Open Directory service is also on the flakey side, developing authentication bugs with its keychain binding or Kerberos or something that makes authentication increasingly frustrating as it accumulates whatever stuff it does that makes it fall over. The problem is that these installs are non standard and unless you do it day in and day out, figuring out problems is difficult to impossible and the easiest thing is to re-install.

The pivotal point for me was the inability of Apple to incorporate the ZFS file system into Snow Leopard. Something happened around then that obviously led to the plug being pulled on that project. It was at that point that Apple lost the way as far as its professional and enterprise future went in my opinion. It has been downhill since.

When I started with Solaris 11 things were very daunting indeed. While I was comfortable with the terminal and unix Solaris does things differently to other brands of unix. At first it was difficult to grasp the sense in this. Just trying to setup a working network interface and static IP seemed like a black art. Google helped as usual, but it wasn't until I found the ultimate resource "Oracle Solaris 11 Library" (http://docs.oracle.com/cd/E23824_01/) that life managing Solaris improved dramatically.

The key was to take it slow and learn what you wanted to do next in some detail before doing it. Another key was to work in zones - sandboxes if you like which you could either keep or discard without ruining your base install. The versatility of this one feature should be enough to move any serious unix lover over to Solaris in my opinion.

I'll update my experiences further as I explore further. My setup is almost to the point that things are complete. Today I moved over my entire mail service to a new zone I'd been setting up for the past week. It now implements a fully protected postfix service using the postscreen service with its deep testing. This promises to reduce spam even further than with amavisd and Spam Assassin. I look forward to sharing my setup and results down the track.   I'm also able to now use the Dovecot  Pigeonhole plugin that provides sieve services. The initial mail server setup I was using were simply pre-compiled packages from OpenCSW and unfortunately they don't provide the sieve service as part of their packages.

That was the incentive for me to move to my own compiled binaries and the journey has been tough but very rewarding. Again, I'll share my setup in due course.