
Prepare for changes to macOS Server 5.7.1 - deng
https://support.apple.com/en-us/HT208312
======
wlesieutre
Not too surprising, they killed their server hardware line (Xserve) in 2004,
and the Mac Minis that people were using as substitutes lost their quad-core
option in 2012.

The number of people hanging on to Macs as servers has to be vanishingly
small, and Apple doesn't do small markets anymore. There are currently rumors
of a "Pro" focused Mac Mini, yes, but that's going to be comparatively
expensive and I doubt it could win back much server market even if Apple
wanted to.

They'll stick around as servers for iOS builds because there's no other option
(and the Pro Mini would be nice for that), but hanging on to Macs for any
other sort of server outside of a home file server is a lost cause.

~~~
mikestew
_they killed their server hardware line (Xserve) in 2004_

Minor nit: 2011 [0] But similar to you, I'm surprised macOS Server is even a
thing anymore. What are you supposed to run it on? That six year old quad-core
Mac Mini? The oh-so-long-in-the-tooth trash can Pro your department still
clings to? Off the top of my head, I'm a little stumped as to what I'd use to
best utilize Xcode's distributed build functionality. Apple hasn't made what I
feel is an appropriate tool for that job in at least six years.

[0]
[https://images.apple.com/xserve/pdf/L422277A_Xserve_Guide.pd...](https://images.apple.com/xserve/pdf/L422277A_Xserve_Guide.pdf)

~~~
tonyedgecombe
I wonder what Apple run their builds on, a Hackintosh?

~~~
TimTheTinker
That’s a _really_ good question. You know how we always said there’s hope that
Apple won’t ditch the Mac since they themselves couldn’t stand to use Windows
or Linux for their workstations...

I have no knowledge of their internal setup, but I _suspect_ they have a big
room full of racked ESX servers (non-Apple hardware) running builds on macOS
VMs. And probably a ton of networked iPhone motherboards running automated
tests.

I just wish they would make that kind of setup (macOS VMs on non-Apple
hardware) legal for other developers.

~~~
jaxtellerSoA
>I just wish they would make that kind of setup (macOS VMs on non-Apple
hardware) legal for other developers.

Seriously....would love to be able to install MacOS as a VM on ESXi on a Dell
Power Edge, or HP Proliant.

~~~
icedchai
You can do that with a couple minutes of Googling. Oh, did you mean legally?

~~~
jaxtellerSoA
>Oh, did you mean legally?

Yes, funny enough my employer likes to keep things on the up-and-up.

~~~
icedchai
Just tell them how much money they'll save. Their attitude might change pretty
quick.

~~~
pjmlp
I am sure the judge will understand it then.

------
jaxtellerSoA
Why do they even bother making macOS server anymore? They clearly don't care
about the corporate enterprise. They keep stripping away features. No DNS, no
DHCP, no VPN, what is anyone gaining using macOS server? If you use it you
likely are going to have to hack together a bunch of services just to get it
functioning.

~~~
enitihas
iOS build servers maybe?

~~~
sirn
I don't think you even need Server.app for Xcode Server anymore. It's now
built into Xcode.app.

~~~
george_perez
Yep, you're right. They've been slowly decoupling services from macOS Server
to macOS. A big one is content caching which was added to macOS High Sierra
under System Preferences > Sharing > Content Caching. It will cache iCloud and
software updates so that devices checking for updates go though that cache.

------
AdmiralAsshat
Looks like the original title was something like "macOS Server gets worse in
5.7.1" but was then changed to the page's official title, "Prepare for
changes..."

This is a case where I'd argue deviating from the "official" article title is
warranted, as it more clearly explains the aim behind the submission, or to
what specifically the submitter wishes to draw our attention.

~~~
JohnJamesRambo
In general, I find the way Hacker News titles change over time just really
creepy and feels like approved censorship.

~~~
root_axis
IMO the term "censorship" gets thrown around way too much.

~~~
drb91
Compared to what? It’s an accurate term. Not all forms of censorship are
equivalent to a big brother government.

~~~
root_axis
> _It’s an accurate term._

A term cannot be accurate. I understand you're trying to suggest that
"censorship" is an accurate way to describe _this particular scenario_ , but
that's your own subjective opinion, which IMO, is incorrect. Censorship
necessarily implies an intentional effort to squelch a particular person or
idea.

~~~
drb91
If changing the title doesn’t result in actively squelching the old title, I’m
not sure how to interpret this. There’s fundamentally a silent middleman
choosing the content on the site.

Is this bad? No. This is the whole positive and negative to active moderation.

~~~
root_axis
> _If changing the title doesn’t result in actively squelching the old title,
> I’m not sure how to interpret this._

"Changing a title" is not inherently an act of censorship because there are
many reasons why a title could be changed. Changing a title _might_ be
censorship, but not always. In this case, it is _NOT_ censorship because the
title was modified based on a pre-established submission rule (i.e. from the
HN guidelines "use the original title, unless it is misleading or linkbait;
don't editorialize."), _NOT_ due to any particular prejudice against the ideas
expressed in the title.

It also seems a little strange to me that changing a title to reflect the
author's actual title can somehow be construed as censorship. It seems to me
that the person editorializing the title is more aptly described as a censor
than the mechanism that restores the title to the original form and cadence
intended by the author.

------
liquidise
Whether fair or not, i started arguing that apple wasn't a computer company
years ago. They are a phone company today and everything that looks or works
like a traditional machine, servers included, are a distraction to that
enterprise.

As a once-proud and fond apple fanboy, i am biased here. I miss having
compelling laptop and desktop options in the Mac space. In the same way that i
am still using an '09 pro and a '12 air, i bet some IT folks still cling to
their server infrastructure hoping that the glory days return. C'est la vie.

~~~
scarface74
It might have been a big hint when they dropped “Computer” from their name.

But more importantly, Apple has always been a _personal_ computer company. Not
an _enterprise_ computer company. What’s more _personal_ than a phone running
a real computer operating system in your pocket? More people (ie the
“personal”) buy iPhones + iPads in one year than Apple has sold traditional
computers in the last decade. If not, the numbers should be close.

~~~
baldfat
In the early 2000s they made a HUGE push for enterprise.

My company I worked at Part Time went all in. It was a disaster for 3 months.
The IT department didn't make the decision but the Executive Board.

Just this summer, I now work at another company, and they went 100% Apple
(Because students were issued iPads so why not switch everyone over of
course). They ended up throwing away all their 1 to 3 year old Mac All in
Ones, in all the computer labs, into the garbage (At Apple's Request Around
400 of them) and now students don't have access to a computer and only issued
a tablet.

So adults have Mac Laptops and kids have iPads (K-12) seems so strange. I
think that this is where Apple would love to put Enterprise with everyone
without a special case just uses iPads.

~~~
saagarjha
> They ended up throwing away all their 1 to 3 year old Mac All in Ones, in
> all the computer labs, into the garbage (At Apple's Request Around 400 of
> them) and now students don't have access to a computer and only issued a
> tablet.

Why? What issue did they run into?

~~~
baldfat
No issues. The lease was up and Apple doesn't like to flood the market with
used gear? That would cut into their profits?

~~~
saagarjha
No, I don’t see why you had to get rid of them. Did they not work for you?

~~~
baldfat
They were in perfectly good working order. I really think this is just Apple's
practice. Apple All In One users really don't need the latest and I bet they
are just seeing this as something that would cut into their profits.

~~~
saagarjha
Wait, so _Apple_ forced them to stop using the computers they had bought?

------
wiredfool
I'm curious what Apple uses for datacenter level servers. I know they've got a
big footprint (not MS/Amz/Goog/FB level, but big). I can't imagine them
wanting to run a commodity OS and standard tooling, given where they were with
WebObjects and what they're doing on the client side.

I don't think they're running a pile of mac pros. Do they run x86 rackmounts
with a custom OS? Linux? Windows on azure?

~~~
majewsky
Who says they can't have x86 servers with macOS? Just because they don't sell
anything like that doesn't mean that macOS doesn't support it for internal
usecases (possibly via a separate in-house build).

~~~
394549
> Who says they can't have x86 servers with macOS? Just because they don't
> sell anything like that doesn't mean that macOS doesn't support it for
> internal usecases (possibly via a separate in-house build).

Seems insane to spend the money to develop something like that, but not sell
it.

~~~
detaro
It's not that difficult to make MacOS run on selected non-Apple hardware or in
VMs for people outside Apple, so it likely has next to no cost for Apple.

------
bdz
On a sidenote I always wanted to buy an old Xserve just because for some
reason they look really good. Not sure they are good for anything tho

~~~
jamesfmilne
They do indeed look good, but I wouldn't bother. We have several of them at
our company that we keep alive as build servers for our Mac software.

They are 4-5x slower than the equivalent contemporary x86 boxes you can run
Linux/Windows on. As a modern day server they are fairly rubbish really.

~~~
nodesocket
There is an eight core 3.0GHz Intel Xeon, 32GB RAM, 2TB drive for $300.00[1]
on eBay.

Curious if you install SSD disks in RAID? Then it might actually be a pretty
decent home server.

[1] - [https://www.ebay.com/itm/Eight-Core-Apple-Xserve-
Server-3-0G...](https://www.ebay.com/itm/Eight-Core-Apple-Xserve-
Server-3-0GHz-Intel-Xeon-32GB-RAM-2TB-WITH-
RAILS/322947767053?epid=1901422001&hash=item4b312fdb0d)

~~~
jamesfmilne
It's a little tricky to upgrade the CPUs in the Xserve as they are special
versions with narrower lids. You can't use stock Xeons, you have to delid them
yourself. It can be done though.

[https://forums.macrumors.com/threads/xserve-processor-
upgrad...](https://forums.macrumors.com/threads/xserve-processor-
upgrades.1096691/)

------
philipwhiuk
5.7.1 shouldn't remove features - it makes a mockery of version numbering.

------
willyt
I'm really surprised it still exists. I've actually tried to use a few of
these services on OS X server at various points in the past. It never worked
very well behind NAT; anyone that can afford their own IP space is not going
to need hand held through setting up Dovecot or BIND.

The GUI is supposed to make it easy to get this kind of stuff set up without
really understanding what it does. But, something strange always went wrong
which required trying to understand what the hell the open source software was
doing at the same time as trying to understand where in the configuration file
hierarchy the apple GUI was inserting its config and what this was doing.

Having tinkered a bit with various services on Linux since, its much easier to
cut out the middle man, install from scratch and configure a vanilla
installation using the config files. All the helpful comments on the options
in the config files make it much easier to understand what's happening anyway.

~~~
TheOtherHobbes
I tried it years ago and it was a terrible product for exactly the reasons you
mentioned - one click smiley-GUI setup that consistently failed to work.

And lots of stuck-on features that I couldn't imagine anyone using in a small
office, like a barebones custom Wiki.

I never understood where Apple were going with it. As I understand it, it was
a solid product that did what it was supposed to - i.e. help network admins
manage a network full of Macs and i-devices.

Then those features disappeared, and it turned into My Little Server, but
worse.

Which is a shame, because there may be a market for a good server product, and
Apple could have owned it.

------
cjohansson
From my personal experience macOS Server is not a serious product, nothing
works out of the box and everything requires serious terminal tweaking. Will
not give it another try

------
heavymark
Was excited to hear about this since I imagine a very large number of users
had to install the server for update caching and time machine server and now
they don't how have to. Since the title would probably be better suited to say
High Sierra Gains macOS Server Features.

~~~
jtbayly
This really changes the tenor of the title. That's actually a big deal for a
lot of people. Especially Time Machine sharing.

------
plg
I don't understand ... they've eliminated the Mail server? or you just have to
click a button to install it specifically? or you have to manually install one
of the open-source mail servers yourself? (in which case why use MacOS server
at all, not say, Debian)

~~~
kkwtfeliz
My main issue is with Push email. With OSX Server, you could get an APNS
certificate that enabled you to have mail instantly delivered to your iPhone,
push for Mail.app with one click. Will there be a workaround for this? I know
there's a dovecot version for freebsd that can use the push certificate, but
the only way to obtain it was using OSX Server's mail server... Does anyone
know if a regular, iOS app push certificate works with this?

------
GeekyBear
How about "Apple stops shipping out-of-date versions of open sourced server
daemons (for which they had created a minimal GUI)"

Not that having a minimal GUI isn't nice for users with minimal technical
skills, provided that you keep up with current versions.

However, the Server "version" of OSX has long been nothing more than an
application that installs a version of several open sourced server daemons
along with a enough of a GUI to configure the basics.

------
village-idiot
Honestly, I thought they'd killed off macOS Server a while ago. I'm a little
surprised to discover that it's still a thing.

------
exabrial
So whats the "correct" way to manage an office full of macs in 2018?

* Centralized password management

* Preload software (chrome, firefox, java) and settings

* Enterprise CA

* Schedule OS updates

~~~
brentjanderson
MDM solutions come to mind:

* [https://jamfcloud.com](https://jamfcloud.com)

* [https://meraki.cisco.com/solutions/mobile-device-management](https://meraki.cisco.com/solutions/mobile-device-management)

I've used these two before and they work quite well.

~~~
vesak
Working URL for Jamfcloud: [https://www.jamf.com/products/jamf-
cloud/](https://www.jamf.com/products/jamf-cloud/)

------
walterbell
Does it support MDM and DEP for iOS devices?

Is there an iOS MDM provider which will allow you to configure per-app VPNs
that connect to an open-source VPN? Microsoft Intune only supports specific
corporate VPNs, is that because per-app VPNs require a corporate VPN app that
is installed on the phone? Why can't the native IPSEC client perform this
function on a per-app basis? It would allow segmentation of Facebook from
normal traffic.

[https://docs.microsoft.com/en-us/intune/vpn-setting-
configur...](https://docs.microsoft.com/en-us/intune/vpn-setting-configure-
per-app)

Edit: Profile Manager is still supported in 5.7.1

Instructions for MacOS Server setup of Profile Manager without DEP,
[https://medium.com/@JoshuaAJung/managing-your-mobile-
devices...](https://medium.com/@JoshuaAJung/managing-your-mobile-devices-in-
the-cloud-using-apples-own-mdm-solution-8a588d9724b6)

------
ken
> As hosted services have become widespread ...

This makes it sound to me like we should acquiesce with "cloud" services, but
that seems like a very different perspective than their recent privacy note:

> We design our products to limit the collection and use of data, use on-
> device processing whenever possible, and provide transparency and control
> over how information is shared.

I never ran Mac Server (at least, not for anything real) but it was always a
selling point to me that I could easily run these services myself if I wanted.
Including more features in vanilla macOS is great, while dropping other
significant features sours the whole platform for me a tiny bit. People (and
companies) always want extra power, just in case, even if 99% of them never
use it.

~~~
8fingerlouie
>> As hosted services have become widespread ...

>This makes it sound to me like we should acquiesce with "cloud" services, but
that seems like a very different perspective than their recent privacy note

Apple is all about the cloud these days. Their privacy efforts are about
keeping your data safe, be it in the (their) cloud or on your device.

Sadly trust is not a renewable resource, and i lost mine years ago in cloud
providers ability to keep data safe.

------
mitjak
> Caching Server, File Sharing Server, and Time Machine Server

I'd love some confirmation of this but I have a sense macOS server is used
primarily in file heavy scenarios like movie and music production.

~~~
joemaller1
Our SMB design office is media-heavy, with lots of very large raw photo shoots
and source video files. We've been using Apple Server for file sharing for a
long time (running on Mac minis). All other services have been migrated or
abandoned. At some point we need to switch to a Windows or Linux SMB server,
cloud storage is still cost-prohibitive with the file sizes we're throwing
around.

edit: File sharing _was_ on Server.app, now it's just plain macOS-flavored SMB

~~~
fs111
Consider a synology NAS. They are made for a use case like that.

~~~
tracker1
Been really happy with mine... still running a DS-409+ with 4x 4TB drives.
Will probably upgrade or homebrew a freenas box again. Still sour from my last
freenas experience in 2012 though.

------
Fnoord
"Services Migrated from macOS Server to macOS High Sierra"

So I guess High Sierra and Mojave? Though I don't see the Time Machine Server
feature on 10.14.0 at System Preferences > Sharing.

I'm using a Time Machine server on Linux (Netatalk), but I suffer from an
infinite loop somehow. It never finishes the upload for some reason, and keeps
incrementing the amount of MB backed up and still needed to back up.

~~~
cprecioso
You have to add the disk as a shared folder in the File Sharing section, then
right-click and in Options there's a checkbox to make it a Time Machine share.

------
xoa
It's a bummer, at one point Server was actually a pretty cool product, Network
Homes and such were a great feature for Macs and it was approachable for a lot
SMB applications. A nice GUI on some good open source features isn't a bad
thing. I feel that Apple missed a bit of an opportunity there by being stuck
in the 90s and early 00s mold where Macs weren't really considered at all, and
thus of course businesses weren't so interested either very often. But times
changed and if Apple had kept with it they could have both capitalized that
and potentially carved out a profitable niche, it would have lined up well
with current worries about over centralization and dependence on the cloud and
services if Apple had a friendly product that let people do stuff at home.
There were a lot more interesting possible features there that never got and
now will probably never be explored in the same way.

Granted, the same can be said about a lot of Apple product possibilities,
including desktop Macs period. And there are always tradeoffs: Apple's
startup-type organizational structure makes multi-tasking hard, but also makes
for fantastic focused products. If they were more traditionally structured
they probably would have maintained the Mac a lot better, but would the iPhone
have come to be in the same way?

At any rate it leaves a small hole for me at least, I don't mind handling
things normally at work but I enjoyed playing with a nice GUI at home, and
some small business I know still use Server. I asked for some suggestions on
the Ars forums, and for anyone else wondering, one I was given that now looks
really promising after first tests is Synology's DiskStation Manager, run
standalone if you buy their equipment but also possibly under ESXi vis
Xpenology (alongside macOS if that's still desirable for some of the remaining
MDM functionality and such). I haven't dug deep into it yet but the GUI and
power looks pretty nice, and ESXi will even run on Mac Pros in which case a
macOS guest shouldn't even be a license violation. Something to consider
anyway as a replacement. For simple network needs those running UniFi kit
might find the controller is also enough, though right now it's a little
shallow on some core features. Might still be good enough and again a decent
GUI.

Anyone on HN have any other ideas for equivalents, with sane GUI defaults even
if some CLI usage is needed as well? Are some free general distros these days
fine for that, or have popular GUI managers that can go on top? I could see
more specific distributions like FreeNAS being good for some applications
depending on what exactly Server was being used for. Another storage focused
option might be NexentaStor CE, though that is limited to 10TB.

------
slededit
A DNS server is table stakes at this point. The removal of these is really
strange.

------
tambourine_man
Basically, you are on your own (install open source packages yourself).

And that’s supposed to be a good thing, because… you get to install and test
the latest stuff yourself. Because Apple can’t and won’t. OK.

------
nottorp
Hmm Time Machine Server. That would come in handy for backing up my laptop
automatically to my desktop instead of plugging in a usb hard drive once in a
while.

Anyone has experience with that? Can I trust it?

~~~
Aloha
Yes, but you no longer need server for it.

I've been using it with netatalk for a while, recently migrated it to a 2012
MacPro running 10.14. Seems to work about as well as it did on my linux box.

~~~
nottorp
Yes, it's new to me because I never bothered to check out Mac OS server. Now
that they moved it into the main Mac OS, I've set it up for one of my laptops
and it seems to back up invisibly... except for the first backup where I had
to leave the laptop on overnight because it took 7 hours ;)

------
enitihas
Does even Apple use macOS server for their own servers?

~~~
bookbinder
They haven't used mac servers in more than a decade long before they
discontinued Xserve.

~~~
k__
How do you CI for iOS apps without a mac server?

~~~
bunderbunder
I would guess you just use non-rackmount hardware to do it.

~~~
mrpippy
Or mount Mac Pros in a rack:
[https://www.sonnettech.com/product/rackmacpro.html](https://www.sonnettech.com/product/rackmacpro.html)

------
edhelas
Messages Removed in Server 5.7.1 Alternatives: ejabberd, Openfire, Prosody

Yes, serious XMPP servers there <3

------
dejaime
MAcos server? Is that even a thing? wow

------
chmars
We wanted to switch to a Linux-based NAS. There was a major issue though: EXT4
does not support long enough directory / file names (or paths). As a result of
our extensive folder structure and file naming scheme, we ran into all sorts
of issues. In the end, we made the jump to Google Drive where security is
probably better anyway in comparison to a local NAS.

(Your mileage may vary as usual.)

~~~
e12e
I don't think there's a path limit in ext4, but looks like individual
file/folders are limited to 255 bytes, while hfs+ (on Linux) is 255 utf-16
characters, which is potentially longer.

The 255 bytes limit seems common (xfs, zfs)-while reiser allows 4kb or so.

What kind of naming scheme do you have that you had a problem? Long, multibyte
file names?

~~~
cesarb
IIRC, there's a limit that the whole path passed to system calls has to fit
into a single page. For most architectures, that's 4096 bytes including the
terminating nul character. (This limit arises because the kernel has to copy
the passed path to kernel space before doing any work on it, and allocating
more than a single page is costlier.)

~~~
e12e
Just tried, there's definitely a 255 sigle file/folder name limit with zfs -
but I had no problem making very deep folder trees. However 'touch' wouldn't
accept a path that was too long - 4kb looks about right.

Bash cd wouldn't let mee leap all the way down in one go - but if I got down
there (while ls a * ;do cd a * ;done) - I could create a file (ed: view from
"top"):

    
    
      find -iname ok|wc
      1 1 12805
    

I guess I've got a hard time imagining 4kb path and 255 byte path segments
being a serious issue - but maybe my imagination is the problem?

