1-888-310-4540 (main) / 1-888-707-6150 (support) info@spkaa.com
Select Page

Macs in a Corporate IT Environment

­Macs running OS X have been around for quite some time, but only recently have they gained enough traction with our customers at SPK to be used as their day to day desktop environment.  Historically, IT organizations have been reluctant to embrace this change.  This reluctance is understandable — there are many questions that need to be considered before your users make the switch:

  • Do native Mac applications meet the business needs?
  • How can users access legacy applications?
  • How can IT organizations ensure that a user’s machine conforms to corporate policy (i.e. security requirements, systems management, remote support, automated patching, etc.)
  • What types of inter-operability issues exist, if any?
  • What is the cost?  Not only in terms of hardware costs, but also in terms of IT support and user productivity?

Unless you can dedicate a significant amount of time and energy, it can be really difficult to understand the true impact these things may have on a particular environment.  One of our customers was fortunate enough to ease into the transition — whereas a larger organization might have more dependencies, this customer is quite small and the majority of work consists of server-side development.  Regardless, the standard Windows / Office combo was the status quo and a few decided that it was time to make the transition.  What was the result?  Let me share my experience.

AD Integration

AD integration provides for several purposes in a PC environment, the most common of which is SSO.  Sign in once into the OS, and you gain password-less access to your network shares, wireless (802.1x), and even your corporate web applications (via NTLM).

Using the Directory Utility on a Mac running Lion, I was successfully able to join the existing Windows 2003 Server domain.  Connecting to SMB shares via the Finder worked seamlessly, without prompting for credentials.  Unfortunately, the 802.1x capability of the network stack in Lion didn’t allow for seamless wireless authentication out of the box.  I’ve read that by possibly creating an 802.1x profile with the iPhone Configuration Utility, this might be possible.  Otherwise, entering in the credentials manually worked sufficiently.

Networking

Aside from the 802.1x issue, the wireless adapter on the 2012 Mac Pro exhibited a much more serious problem.  The Mac would associate and authenticate with the existing Cisco Aironet 1200 access point successfully, but it would disconnect at random times.  It would disconnect frequently enough to impact the user, and a hardwired connection was the only solution.  We looked at several different possibilities — was it the A band radio causing the issue?  Was it more sensitive to noise than the PCs had previously been?   In the end, we couldn’t pinpoint the exact issue, but coincidentally, it was time to upgrade the aging Aironet 1200 to an N based 1142 model instead.  Since the upgrade, the Mac’s wireless connections have been rock solid.

Another important networking requirement is VPN.  The endpoint in this situation was a Cisco ASA 5510.  Using the Mac’s native VPN client, IPsec connections from the Internet into corporate have also been working well with no known issues.

Desktop Applications   

Microsoft Office is a staple on almost any PC in the workplace.  You could argue that any difference between Office for Windows and Office for Mac wouldn’t necessarily impact say, an engineer or software developer.  However, an Excel guru in this customer’s finance team struggled to make the transition.  The two versions were significant enough to severely impact his productivity.  The keyboard shortcuts were completely different, the menus were different, there was no VBA macro support, and certain 3rd party plugins that were installed on his PC were not available for the Mac.

Outlook 2011 for the Mac also does not support a MAPI connection to the existing Exchange 2003 server.  IMAP had to be used instead, so some of the calendaring and contact sync features were lost.

Lastly, Office 2011 for Mac applications had an odd incompatibility with smb:// shares.  A user would browse to an existing document on a shared folder, edit it, but could not save it back to the share.  We’re awaiting an Office patch, since Office 2008 for Mac does not exhibit this behavior.

Adobe Acrobat is another common application.  Adobe does not make a Standard Edition of Acrobat X, so be prepared to purchase the more expensive Pro edition.  This is quite unfortunate, since there’s a pretty large gap between the features of free pdf makers and Standard Edition.

Printing provided some challenges as well.   Printers added from SMB shares on our Windows 2003 Server did not honor any of the server’s default settings.  I.e. the SMB printer was setup to default to B&W, but the Macs would print color.  Not a huge deal in a smaller environment, but if you need to enforce certain parameters to your users this could be a high maintenance support item.  I’m also unsure if this is specific to the Kyocera TaskAlpha printer used by the customer.  Other printers were not available for testing.

Legacy Applications

Using virtualization, users can continue to use any legacy applications.  Virtualbox and Parallels are the most common options available for the Mac.  Parallels offers a neat feature called coherence mode — quite similar to VMware Fusion’s unity mode.  Coherence essentially removes the guest OS desktop, and allows the guest application windows to integrate into the host OS’ desktop.  Parallels also offers some integration with bootcamp.  For instance, if you have an existing bootcamp partition, you can easily convert this to a Parallels virtual machine.  Virtualization is the ultimate fail-safe.  If a user is ever stuck on the Mac, they can always complete the task in the VM.  In fact, you could go so far as to virtualize the user’s old PC, that way everything the user is accustomed to is available going forward on their new Mac.

Conclusion

Despite having only a few users who had switched from a PC environment to a Mac, there was a significant learning curve both from a user’s perspective and also from a support perspective.  There were issues that we did not anticipate, and some of these issues remain without proper solutions.  Perhaps one metric to keep aware of is the amount of time a user spends in his virtual Windows environment versus that of the native Mac environment.  If a user spends most of his or her time in Windows due to Mac constraints, we have to question whether this was a worthwhile “upgrade”.

Latest White Papers

Atlassian Cloud: Understanding Zero Trust Security

Atlassian Cloud: Understanding Zero Trust Security

Where To Start & Why It Matters What is the Atlassian Cloud Zero Trust Security model? Well, for decades, enterprise security controls were built to protect a large, single perimeter around a corporation. Often described as castle-and-moat security, This approach...

Related Resources

Top 6 Ways To Improve Your DevOps Journey

Top 6 Ways To Improve Your DevOps Journey

Knowing how to improve DevOps can be challenging. But, creating an integrated DevOps toolchain can set organizations apart from the rest. This is because having a well-defined business DevOps journey can reduce errors, improve collaboration and drastically increase...

Why Process Automation Is Critical For Engineering

Why Process Automation Is Critical For Engineering

Process automation releases your engineers for the work their brains are intended for. That work is creativity and problem-solving.  By implementing process automation, you improve the team’s morale. Firstly, they get more focus time for deep work and designing better...

CloudBees SDA:  Software Delivery Without Silos

CloudBees SDA:  Software Delivery Without Silos

Tired of missing deadlines, and only measuring performance of departments, but not of your entire software delivery organization? This blog will show you how CloudBees Software Delivery Automation (CloudBees SDA) can break down silos, drive DevOps mentality and...