The environment of today's organizations may include Mac and Windows PCs, making it much easier to work with them. This is not the case in the past. In 1995, I started working in a small ISP and service organization in Raleigh, North Carolina, where most employees use Mac and only a few run Windows. Only a small amount of interoperability was realized before I resigned in 1996. At that time, Mac was dependent on AppleTalk on the network, while Windows used TCP/IP as its default protocol. Apple just started to try TCP/IP ). In addition, Mac has a proprietary file sharing mechanism, while Windows uses a protocol called Server Message Block (SMB. The two are not compatible, so we have to isolate them in a separate network, mainly because of the communication capability of AppleTalk. The times have changed. You can not only put Mac into the Windows network infrastructure, but also integrate some operating system services. This article by Don Jones introduces connecting Mac and Windows. I will focus on how to implement interoperability between the two types of systems. The interoperability between Mac and Windows computers requires processing software and operating system services that implement the functions required by enterprises. It also assumes that the hardware belongs to the basic level to truly implement interoperability and often serves as a bridge between the two platforms with virtualization. Moving Mac from AppleTalk to TCP/IP is extremely important for achieving interoperability with Windows. You will learn later that moving to an Intel-based architecture is at least equally important.
Active Directory: Yes, that's right. See
Figure 1, You will see the test Active Directory domain installed in my home, and iMac is one of the members. Figure 1
Active Directory domain containing MacClick the image to view the big picture.) since the first launch of OS X, ISV has built a tool that can integrate Mac into Active Directory to some extent or vice versa, you can even push group policies to Mac clients ). OS X 2007 "Leopard" released in 10.5) directly integrates with some support, allowing you to easily add Mac to the Windows Active Directory domain. Mac uses the LDAP Directory of Apple in its own environment, that is, Open Directory. Although Open Directory and Active Directory use different architectures, adding Mac to directories means you can start to manage them centrally. You are likely to use the Active Directory infrastructure and can integrate Mac into Active Directory without much effort. To integrate Mac into Active Directory without using a third-party tool, you must have an Intel or PowerPC-based Mac running Mac OS X 10.5 or later. After starting the system and logging on to the system, open the Applications folder and browse to the Utilities folder. You will find a logically named Utility named Directory Utility and start it directly. If your Mac already has an Open Directory relationship, it is displayed here. Otherwise, you will see
Figure 2. Figure 2
Mac Directory UtilityClick the image to view the larger image) unlock the lock in the lower left corner, and then provide your management creden. Click the + symbol to add the directory. When the dialog box is displayed, select Active Directory.
Figure 3. Figure 3
Add an Active DirectoryYou can click an image to view the big picture. This is not much different from the Windows system's Active Directory adding experience, but it all appears on the same page, it does not seem to accept old-style creden。 (domain \ user ). Creden。 must be provided as a newer email@example.com. After the Directory is added, you can see the directories listed in Directory Utility.
Figure 4). Note that if you only add a few computers or want to use the GUI, Directory Utility is a quick way to complete this task. If you want to add several computers from the script or be more familiar with the TerminalMac command shell), you can also run dsconfigad, as shown in the following line ):
Active Directory on MacClick the image to view the large image.) Note that if you want to add a Mac to both Active Directory and Open Directory, we recommend that you add it to Active Directory each time, and then add it to Open Directory. Now you have added the system to Active Directory. What can you do? The only Mac email client that provides access to the local mail and calendar of Exchange, that is, Microsoft Entourage, is not as rich as Microsoft Outlook in listing directory properties. In addition to providing management functions, Directory Utility can also be found in the/Applications/Utilities folder). For more information about users, groups, and more Directory attributes, see
Figure 5). Figure 5
Directory Utility allows you to view attributes of users and groupsClick an image to view the large image. As described above, some applications can help you, even when managing Mac systems from the Group Policy itself-Mac is almost regarded as a Windows system. Take a look at applications such as ADmitMac or Centrify DirectControl. These are just a few examples.
For Exchange over the years, Mac connections to Exchange require Mac users to Access Exchange using POP3/SMTP or Internet Message Access Protocol (IMAP), or simply using Outlook Web Access. However, none of the above is comparable to the complete Exchange/Outlook experience. Microsoft Office 2004 and version 2008 for Mac provide comprehensive Exchange support through Entourage, which is the same as Mac OS X Mail, but lacks the local Calendar function. Although you do not have the comprehensive integration of Active Directory and address book functions, the experience of pushing emails, meeting requests, contacts, and calendars you enjoy is more comprehensive than accessing Exchange over the Internet. Entourage supports all the latest Microsoft Exchange versions. Note that Apple's default Web browser Safari only supports Outlook Web Access Light when connecting to Exchange through Web. Internet Explorer is the only browser that supports the full Outlook Web Access function ).
Network access protection if you are using Windows Server 2008 and are deploying network access protection (NAP ), note that Microsoft has granted its NAP architecture to the UNet and Avenda vendors to build clients for Mac and Linux.
OCS and Messenger are released with the latest version of the Messenger for Mac 7 Application to the version that was initially released with Microsoft Office 2008 for Mac, it also provides support for other MSN Messenger/Live Messenger users. In Windows organizations, it is equally important that it now supports access to Office Communications Server (OCS) implemented by enterprises.
Figure 6The on-screen snapshots in show the company region of the Messenger "Account", where you can specify the information used to connect to OCS. Figure 6
You can specify the information used to connect Messenger to OCSClick an image to view the larger image)
Connecting back to Windows Microsoft provides the Remote Desktop client version for Macintosh for a period of time. Microsoft released a very good new version of Remote Desktop Connection Client 2 last year), which allows Mac Connection back to Windows-or even to Windows Vista or Windows Server 2008.
Figure 7Displays Remote Desktop for Mac. This version supports drive, printer, and audio redirection, but lacks other device redirection. It also adds the function of establishing multiple connections at the same time. Figure 7
Connect Mac to WindowsClick an image to view the larger image)
Information permission management, as I mentioned in the "desktop Files" column in November 2008, Microsoft does not currently support access to information permission management (DRM) from Microsoft Office for Mac 2004 or 2008) for protected documents, see "unable to enable the document for the IRMS protection on the Office for Macintosh "). These versions enable the Office Open XML document-version 2008 to provide local support, while version 2004 provides local support after installing the latest update and format converter. However, neither of the two versions can directly open the IRMS-protected documents, and Mac itself does not have any way to interact with the IRMS-protected email. If a Mac user needs to be able to access the IRM-protected content, the quickest way is to use a virtualization technology for Mac and run Windows instances in the domain, this allows management and ease of integration with MNS. Windows systems will be equipped with enterprise-authorized copies of Office 2003 or Office 2007 and configured to work with MNS. The only complexity of this solution is that you now have to manage another Windows System in addition to Mac. Of course, this is one of the two sides of virtualization, that is, if it is not properly managed, Windows installation may spread out. In addition, you must learn how to use Office on Windows and Mac, which is also a potential challenge. In addition to virtualization, the only alternative is more difficult for end users and requires another Windows installation. You can use the Boot Camp volume, install Windows on it, and configure it according to the above method, but run it directly in the Boot Camp volume on Mac. We will discuss the Boot Camp in detail later ). Let's take a brief look at Boot Camp and virtualization on Mac. The premise for discussing Boot Camp and virtualization is to use Intel-based Macintosh. Traditional PowerPC-based Mac can only provide simulation through software simulation products such as Microsoft Virtual PC, but cannot provide real virtualization.
A common platform a few years ago, Apple moved from its PowerPC-based architecture to Intel x86, allowing commercial hardware to increase performance while reducing platform costs. For some people, it is equally important that Mac now has a platform with Windows, but Mac uses the extensible firmware interface (EFI) instead of the BIOS. In addition, they use the GUID Partition Table (GPT) partition type, instead of the 32-bit and 64-bit Windows Master Boot Record (MBR) partition type. The first batch of systems sold by Apple are all single-core and only x86. All Mac systems sold today have x64 processing capabilities and a dual-core processor-Delivering a satisfying experience when using virtualization software, provides an excellent experience when running Windows XP or Windows Vista with Aero locally through Boot Camp. By using EFI and GPT, the two are generally designed by Intel and adopted by the Intel Itanium 64-bit Processor Architecture ), apple largely avoids the traditional complexity of the BIOS architecture and implements a more flexible disk partitioning solution than Windows. MBR disks have many restrictions on the quantity, type, and size of the volume to be created. GPT has been specially designed to eliminate these limitations. Since it moved to the x86 architecture, it has developed around the programming community that enables Mac OS to run Windows XP. To achieve this, the complexity is quite obvious, because 32-bit Windows neither supports EFI nor GPT. Apple has created a simple utility called Boot Camp, which can be downloaded for trial use at first and is now included in Mac OS X 10.5. By providing BIOS simulation and the creative "Overwrite" partition format, the disk uses the matching MBR and GPT partition entries to partition), Windows can boot from its own volume, while Mac continues to stay on its own volume. Boot Camp is very easy to use; it can immediately repartition the disk and help install Windows. The only drawback of Boot Camp is that you must reboot the Mac to Windows and then reboot again to return the Mac to switch the operating system environment. In short, it works well-especially
Tech fans like TechNet, but I have to confess that the process is too difficult and I don't like it very much ).
If a user has an application that needs to access the actual hardware of the computer, such as an application that occupies a large amount of graphic resources or a peripheral device connected through FireWire, the Boot Camp may be exactly what he needs. However, virtualization provides almost the same experience, but there are some restrictions. The biggest problem with Boot Camp may be their local configuration. Windows cannot access volumes in the Mac HFS + format, while Macs cannot write volumes in the NTFS format, although they can be read. I would like to spend some time introducing two free utilities and a commercial product that can make Boot Camp even easier to use. The free rEFIt utility allows you to use Mac and create Boot configurations that are more flexible than the BootCamp single volume solution. Only one Windows instance can be installed through Boot Camp ). With rEFIt, I can implement triple Boot on the Macintosh: Install Mac OS X first), install Windows XP with Boot Camp), and install Windows Vista Ultimate with rEFIt ). Exercise caution when using rEFIt. Read the relevant documentation)-this tool is very powerful and may damage the system if used improperly. Another free tool is the NTFS-3G utility that not only allows Mac OS X reading, but also allows writing to volumes in NTFS format. Finally, as far as I know, MacDrive 7 $49.95/system) is the only way to read and write the Windows volume guided by Boot Camp into the volume in Mac OS X HFS + format.
Virtualization although Connectix sells simulation and virtualization tools to Microsoft's companies) and develops Virtual PC products for Mac, this product is actually a simulation product, not a virtualization product. In fact, it simulates the x86 Instruction Set on a PowerPC-based computer. Although the results are feasible, the speed does not meet the daily needs. Currently, Microsoft's Virtual PC product is only applicable to earlier versions of Mac Based on PowerPC. However, since Apple moved to the x86 architecture in line with the trend, at least three completely different virtualization products have been provided for Mac. Some even provide GPU simulation, allowing more applications that occupy a large amount of graphics resources or, more specifically, Games) run on Mac-and have the same or similar performance as running on physical hardware. The main Mac virtualization products are VMware Fusion and Parallels Desktop for Mac. These two products not only allow you to Boot through Boot Camp, but also allow you to Boot the same Boot Camp partition with both advantages) and implement the "Transparent" mode, in this mode, applications running on Windows virtual machines actually look like running on Mac. They also support drag and drop between Mac and Windows virtual machines. Please note that the virtualized IRMS client may avoid IRMS protection-it is relatively easy to execute screen capture on Windows VMS running on Mac. However, as I mentioned in the "desktop Files" column in November 2008, you can only play a role after you encounter a "simulated Vulnerability". Malicious users can easily perform this operation on virtual machines, note This. Of course, if you can provide users with the same ease-of-use experience as Windows users for Mac or any other platform, that would be even better. However, some tools, such as Sert, SQL Server application, or Microsoft.. In addition, any application that requires high-end GPU or DirectX 10 must be installed on Windows running through Boot Camp to run. When you have users who need to use Mac, virtualization provides the best bridge for Windows-only applications.
To sum up, with the introduction of Intel x86-based architecture, a large number of applications and powerful virtualization/local boot solutions can be used on the local machine, implementing Mac/Windows platforms is easier than ever before. For Mac users in an organization, they must be isolated from a separate network and cannot share files with Windows computers simply.
dsconfigad –f –a computername –domain yourforest .yourdomain.tld –u domainaccount –p domainpassword –lu localadminaccount –lp localadminpassword