Apple Engineering meeting

Not applicable

We have a meeting with Apple Engineering Management today. Are there any of you that have any questions you would like to see answered? I know I may not be able to hit everyone but thought I would see what kind of input I could get from the list.

Thanks,

Shannon L Rico
Sr. Network Engineer
GISD
d: 972-487-3663
c: 214-882-3621

40 REPLIES 40

jarednichols
Honored Contributor

We talking software or hardware?
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

Not applicable

A little of both meeting starts at 9am CST

Thanks,

Shannon L Rico
Sr. Network Engineer
GISD
d: 972-487-3663
c: 214-882-3621

jarednichols
Honored Contributor

The following is an email that I wrote to our Apple rep (CC'd Phil Schiller) on 29 Sep 2008 and as far as I can tell, it pretty much all holds true to this day. I know Steve's said "Apple is not an Enterprise company" but you can't deny the fact that more and more Macs are entering the Enterprise weather Apple likes it or not. I'd say if you can bring up points 1-4 with them, I'd be happy. Take mentions of "Snow Leopard" and replace with "Lion".

On specifics regarding points 1 and 5, I'm under NDA on Lion, but when it's out, we can talk. Let's just say they hold up.

On point 4... woah boy does this still hold true.

On point 6... Casper's filling this need wonderfully where Apple isn't providing anything. It seems like this is the relationship road that Apple's going down - let the 3rd party VARs do it, which I'm fine with. Gives some really smart people some great jobs.

On point 7... still holds true for anything relating to Enterprise.

At any rate, there's some things that Apple could do with little effort to seriously keep Enterprise folks happy. They're clearly anti-Enterprise and do pretty much everything they can to make life difficult for us (including yanking old OS updates from their SUS so we can't mirror them with our own SUSes for boxes that need to remain code/version frozen for some reason.)

j

<Redacted>-

I read this article over the weekend and it’s spot-on.
http://arstechnica.com/journals/apple.ars/2008/09/23/apples-patch-release-policy-is-a-concern-for-en...

It does go into the argument that if you’re releasing on your own patch schedule it kind of renders the issue moot, but my argument to that is that it’s tougher to roadmap your own schedule to your own people if you have no idea what’s coming down the line... Garbage in, garbage out (or void in, void out in this case...)

I know Apple loves to do everything different and with a shroud of secrecy but come on, EVERYONE in the executive tier has to realize that they’re getting nowhere quick by keeping Enterprise in the dark. Something has to give. I understand the secrecy, I do... I did the Mac Genius thing for a bit so I can see things with an insider’s eye.

Since I think about this a bit more, where are the other places Apple can improve their IT relationship? Roadmap the software. Or, at least the enterprise aspects of the software. We don’t care what’s happening to iLife. We do care about what’s new in the Active Directory plugin, new in the firewalls, new in security functions etc etc... I’m fortunate that perhaps soon we’ll see Snow Leopard as a part of that beta program. I know we get pre-release builds of the next minor revision. This helps somewhat, but what would be better would be a more strategic vision of what’s going on with the enterprise related portions of the OS.
A standard patch schedule. Giving enterprise IT the ability to plan is the biggest tool in their in their toolbox. Planning is everything in enterprise IT and there’s no place for reactionary measures where ever possible. If an organization is going to climb the ITIL ladder, they’re not going to do it with the inability to plan. If Apple wants to be taken seriously in the enterprise and security circles, this is low hanging fruit that can easily be addressed. Roadmap the hardware. I’ve said this to you before, but SOME kind of heads up as to what hardware will require what OS is crucial. Everything from security posture to standard imaging needs to be considered when a new OS comes into play. If all of a sudden the latest hardware requires the latest OS and we’ve had no notice to this fact, it’ll bite the enterprise in the ass and the end user/customer is not going to understand why we were left in the dark. I know that Apple’s not going to say what’s coming out. Fine. At the very least, something like “hey, the next rev of this hardware is going to require the next OS.” That doesn’t give too much away and will give enough tip of the hat to enterprise IT, “Hey, start really pounding those pre-release seeds you’ve got and get ready.”
Licensing. Licensing. Licensing. I’m sorry, but make it like Microsoft’s in the enterprise. It should be a blanket license for various products. Enterprise doesn’t mind paying extra for the convenience of not having to dedicate an FTE for keeping track of licensing and the possibility of them being on the hook for when the BSA comes knocking. We WANT to give you money for this!!! If Apple wants to play in the big boy enterprise playground, you need a big boy licensing scheme.
Exchange. I’ll hold final judgment on this one for when I get my hands on the Snow Leopard beta, but would you put the nail in Entourage’s coffin already and just go full out on Exchange support? I had a similar laundry list with our Microsoft rep on why Entourage is terrible and the main message was that they had 4+ years between releases and we basically got an updated look with a new set of icons. None of the major issues had been addressed and Mail/Address Book/iCal is starting to feel like this. I had major hopes for Mail in Leopard – full Exchange support for everything, right down to tasks and notes. I wanted a reason to kick Entourage to the curb. Instead, we got stationary. Great. Now my grandmother’s emails look fantastic in my Entourage inbox. I know Apple’s relationship with Microsoft is precarious, but there HAS to be a way that Mail/Address Book/iCal can work better with the Enterprise. Perfect example, I have Windows Vista Enterprise 64-bit running in VMWare Fusion 2. I was setting up Office 2007 with it (because I need Outlook from time to time) and because the VM was already in the Active Directory domain, it detected my username, the exchange server I’m on, all the appropriate settings... Literally everything was setup in 2 clicks. I’m a die-hard Mac user, and I have to say, thatis the experience I expect out of Apple. Microsoft nailed it – so can you. Please don’t tell me that Mail works great with Exchange; its limitations are well documented. I had a decent part in the recommendation process for non-windows based email clients for Exchange. I really wanted to recommend Mail, but because of its shortcomings I simply couldn’t. I felt terrible having to recommend Entourage. In fact, I felt that the client for Linux at the time was far better than Mail (Evolution). Open source software was providing a better Exchange experience than Apple’s software. Management tools. I know you’ve got 3rd party relationships to maintain, but it would be nice to rope a few more management features into Mac OS X Server. I can’t wait to get started with Casper because I feel it will add a lot of value to the Mac experience here at the Lab. Who better to build these tools than Apple themselves? Apple Remote Desktop does a great job at a lot of these tasks... Just ease the licensing on it a bit. One administrator per box? So now I’ve got to buy a box for each person who’s going to be admining? Perhaps a 5-seat pack would be good... Though that gets back to the seat-based licensing issue...
Quit doing ad-hoc support. The most glaring example of this is currently going on on the Apple fed-talk list. Shawn Geddis (very smart, very dedicated) seems to be doing smart card/CAC card support all by himself, right down to putting out updates on (what appears to be) his personal iDisk. The current issue seems to stem from a recent minor OS revision breaking CAC support. I would think this to be a major issue for federal folks and perhaps if there were a standard patch schedule and better roadmap for the OS, this wouldn’t have happened. Now, Shawn Geddis seems to be scrambling to fix the issue who are dead in the water without their CAC access. I know Mac users tend to be used to being on their own in the enterprise but that’s an inexcusable issue. This is NOT the way to run Enterprise support.

These are just the issues that come to me immediately. I’m sure if you ask a dozen other enterprise Mac folk, you’ll get at least a half-dozen more issues. I appreciate Apple’s efforts into the Enterprise. What we have is far better than what we had 5 years ago. However, it seems half-hearted. Having all of these quirks to deal with makes justifying a Mac in the Enterprise very difficult. I can confidently say that if it weren’t for Jamf’s Casper product, the Mac would likely be out on its butt within 3 years here at the Lab. We’re in a state of change where free-love fuzziness in computing is out. If it can’t be managed from the center and run like it’s part of a profitable business, it’s out. We have a far greater responsibility to the information security of this facility, the charter MIT is allowed to run it, the US Air Force, the Pentagon and the National Security of our country. Yes, the Lab faces some odd issues due to the nature of an FFRDC, but we still face the same issues that any other enterprise organization runs into.

Bottom line, Apple needs a Come to Jesus regarding Enterprise.

Thanks
-- Jared Nichols
ISD Infrastructure and Operations – Desktop Engineering
MIT Lincoln Laboratory
244 Wood St.
Lexington, MA 02420-9108
(781) 981-5500

---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

Kedgar
Contributor

This needs a Facebook like button.

Sent from Ken's iPhone

Not applicable

I asked some of these questions and will update later today!

Thanks,

Shannon L Rico
Sr. Network Engineer
GISD
d: 972-487-3663
c: 214-882-3621

"Nichols, Jared - 1170 - MITLL" <jared.nichols at ll.mit.edu>

6/29/2011 7:44 AM >>>
The following is an email that I wrote to our Apple rep (CC'd Phil
Schiller) on 29 Sep 2008 and as far as I can tell, it pretty much all
holds true to this day. I know Steve's said "Apple is not an Enterprise
company" but you can't deny the fact that more and more Macs are
entering the Enterprise weather Apple likes it or not. I'd say if you
can bring up points 1-4 with them, I'd be happy. Take mentions of "Snow
Leopard" and replace with "Lion".

On specifics regarding points 1 and 5, I'm under NDA on Lion, but when
it's out, we can talk. Let's just say they hold up.

On point 4... woah boy does this still hold true.

On point 6... Casper's filling this need wonderfully where Apple isn't
providing anything. It seems like this is the relationship road that
Apple's going down - let the 3rd party VARs do it, which I'm fine with.
Gives some really smart people some great jobs.

On point 7... still holds true for anything relating to Enterprise.

At any rate, there's some things that Apple could do with little effort
to seriously keep Enterprise folks happy. They're clearly
anti-Enterprise and do pretty much everything they can to make life
difficult for us (including yanking old OS updates from their SUS so we
can't mirror them with our own SUSes for boxes that need to remain
code/version frozen for some reason.)

j

<Redacted>-

I read this article over the weekend and it’s spot-on.
http://arstechnica.com/journals/apple.ars/2008/09/23/apples-patch-release-policy-is-a-concern-for-en...

It does go into the argument that if you’re releasing on your own patch
schedule it kind of renders the issue moot, but my argument to that is
that it’s tougher to roadmap your own schedule to your own people if you
have no idea what’s coming down the line... Garbage in, garbage out (or
void in, void out in this case...)

I know Apple loves to do everything different and with a shroud of
secrecy but come on, EVERYONE in the executive tier has to realize that
they’re getting nowhere quick by keeping Enterprise in the dark. Something has to give. I understand the secrecy, I do... I did the Mac
Genius thing for a bit so I can see things with an insider’s eye.

Since I think about this a bit more, where are the other places Apple
can improve their IT relationship?

Roadmap the software. Or, at least the enterprise aspects of the
software. We don’t care what’s happening to iLife. We do care about
what’s new in the Active Directory plugin, new in the firewalls, new in
security functions etc etc... I’m fortunate that perhaps soon we’ll see
Snow Leopard as a part of that beta program. I know we get pre-release
builds of the next minor revision. This helps somewhat, but what would
be better would be a more strategic vision of what’s going on with the
enterprise related portions of the OS.
A standard patch schedule. Giving enterprise IT the ability to plan is
the biggest tool in their in their toolbox. Planning is everything in
enterprise IT and there’s no place for reactionary measures where ever
possible. If an organization is going to climb the ITIL ladder, they’re
not going to do it with the inability to plan. If Apple wants to be
taken seriously in the enterprise and security circles, this is low
hanging fruit that can easily be addressed. Roadmap the hardware. I’ve said this to you before, but SOME kind of
heads up as to what hardware will require what OS is crucial. Everything from security posture to standard imaging needs to be
considered when a new OS comes into play. If all of a sudden the latest
hardware requires the latest OS and we’ve had no notice to this fact,
it’ll bite the enterprise in the ass and the end user/customer is not
going to understand why we were left in the dark. I know that Apple’s
not going to say what’s coming out. Fine. At the very least, something
like “hey, the next rev of this hardware is going to require the next
OS.” That doesn’t give too much away and will give enough tip of the
hat to enterprise IT, “Hey, start really pounding those pre-release
seeds you’ve got and get ready.”
Licensing. Licensing. Licensing. I’m sorry, but make it like
Microsoft’s in the enterprise. It should be a blanket license for
various products. Enterprise doesn’t mind paying extra for the
convenience of not having to dedicate an FTE for keeping track of
licensing and the possibility of them being on the hook for when the BSA
comes knocking. We WANT to give you money for this!!! If Apple wants
to play in the big boy enterprise playground, you need a big boy
licensing scheme.
Exchange. I’ll hold final judgment on this one for when I get my hands
on the Snow Leopard beta, but would you put the nail in Entourage’s
coffin already and just go full out on Exchange support? I had a
similar laundry list with our Microsoft rep on why Entourage is terrible
and the main message was that they had 4+ years between releases and we
basically got an updated look with a new set of icons. None of the
major issues had been addressed and Mail/Address Book/iCal is starting
to feel like this. I had major hopes for Mail in Leopard – full
Exchange support for everything, right down to tasks and notes. I
wanted a reason to kick Entourage to the curb. Instead, we got
stationary. Great. Now my grandmother’s emails look fantastic in my
Entourage inbox. I know Apple’s relationship with Microsoft is
precarious, but there HAS to be a way that Mail/Address Book/iCal can
work better with the Enterprise. Perfect example, I have Windows Vista
Enterprise 64-bit running in VMWare Fusion 2. I was setting up Office
2007 with it (because I need Outlook from time to time) and because the
VM was already in the Active Directory domain, it detected my username,
the exchange server I’m on, all the appropriate settings... Literally
everything was setup in 2 clicks. I’m a die-hard Mac user, and I have
to say, thatis the experience I expect out of Apple. Microsoft nailed
it – so can you. Please don’t tell me that Mail works great with
Exchange; its limitations are well documented. I had a decent part in
the recommendation process for non-windows based email clients for
Exchange. I really wanted to recommend Mail, but because of its
shortcomings I simply couldn’t. I felt terrible having to recommend
Entourage. In fact, I felt that the client for Linux at the time was
far better than Mail (Evolution). Open source software was providing a
better Exchange experience than Apple’s software. Management tools. I know you’ve got 3rd party relationships to
maintain, but it would be nice to rope a few more management features
into Mac OS X Server. I can’t wait to get started with Casper because I
feel it will add a lot of value to the Mac experience here at the Lab. Who better to build these tools than Apple themselves? Apple Remote
Desktop does a great job at a lot of these tasks... Just ease the
licensing on it a bit. One administrator per box? So now I’ve got to
buy a box for each person who’s going to be admining? Perhaps a 5-seat
pack would be good... Though that gets back to the seat-based licensing
issue...
Quit doing ad-hoc support. The most glaring example of this is
currently going on on the Apple fed-talk list. Shawn Geddis (very
smart, very dedicated) seems to be doing smart card/CAC card support all
by himself, right down to putting out updates on (what appears to be)
his personal iDisk. The current issue seems to stem from a recent minor
OS revision breaking CAC support. I would think this to be a major
issue for federal folks and perhaps if there were a standard patch
schedule and better roadmap for the OS, this wouldn’t have happened. Now, Shawn Geddis seems to be scrambling to fix the issue who are dead
in the water without their CAC access. I know Mac users tend to be used
to being on their own in the enterprise but that’s an inexcusable issue. This is NOT the way to run Enterprise support.

These are just the issues that come to me immediately. I’m sure if you
ask a dozen other enterprise Mac folk, you’ll get at least a half-dozen
more issues. I appreciate Apple’s efforts into the Enterprise. What we
have is far better than what we had 5 years ago. However, it seems
half-hearted. Having all of these quirks to deal with makes justifying
a Mac in the Enterprise very difficult. I can confidently say that if
it weren’t for Jamf’s Casper product, the Mac would likely be out on its
butt within 3 years here at the Lab. We’re in a state of change where
free-love fuzziness in computing is out. If it can’t be managed from
the center and run like it’s part of a profitable business, it’s out. We have a far greater responsibility to the information security of this
facility, the charter MIT is allowed to run it, the US Air Force, the
Pentagon and the National Security of our country. Yes, the Lab faces
some odd issues due to the nature of an FFRDC, but we still face the
same issues that any other enterprise organization runs into.

Bottom line, Apple needs a Come to Jesus regarding Enterprise.

Thanks
-- Jared Nichols
ISD Infrastructure and Operations – Desktop Engineering
MIT Lincoln Laboratory
244 Wood St.
Lexington, MA 02420-9108
(781) 981-5500

---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

On Jun 29, 2011, at 8:23 AM, Shannon Rico wrote:

A little of both meeting starts at 9am CST

Thanks,

Shannon L Rico
Sr. Network Engineer
GISD
d: 972-487-3663
c: 214-882-3621

"Nichols, Jared - 1170 - MITLL" <jared.nichols at ll.mit.edu>

6/29/2011 7:21 AM >>>
We talking software or hardware?
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

On Jun 29, 2011, at 7:56 AM, Shannon Rico wrote:

We have a meeting with Apple Engineering Management today. Are there
any of you that have any questions you would like to see answered? I
know I may not be able to hit everyone but thought I would see what kind
of input I could get from the list.

Thanks,

Shannon L Rico
Sr. Network Engineer
GISD
d: 972-487-3663
c: 214-882-3621

Not applicable

OK I asked these questions to the best of my ability and will put the
answers I got in red:

Roadmap the software. Or, at least the enterprise aspects of the
software. We don’t care what’s happening to iLife. We do care about
what’s new in the Active Directory plugin, new in the firewalls, new in
security functions etc etc... I’m fortunate that perhaps soon we’ll see
Snow Leopard as a part of that beta program. I know we get pre-release
builds of the next minor revision. This helps somewhat, but what would
be better would be a more strategic vision of what’s going on with the
enterprise related portions of the OS. They feel that the release of
Lion and iOS 5 have made strides in this area as it has had the most
publicly available info and they feel that it will get better but they
feel that the impact of maintaining some level of privacy allows them to
continue developing right up until release.
A standard patch schedule. Giving enterprise IT the ability to plan is
the biggest tool in their in their toolbox. Planning is everything in
enterprise IT and there’s no place for reactionary measures where ever
possible. If an organization is going to climb the ITIL ladder, they’re
not going to do it with the inability to plan. If Apple wants to be
taken seriously in the enterprise and security circles, this is low
hanging fruit that can easily be addressed. They stated they are not
Micrososft and there will never be a "patch Tuesday" they feel that they
are good at delivering patches as needed and feel that as they get an
update available it should be delivered immediately not held until a
certain day. I replied that this made sense for security updates, but
that there minor software updates were more frequent than necessary and
they stated that we should deploy SUS. Roadmap the hardware. I’ve said this to you before, but SOME kind of
heads up as to what hardware will require what OS is crucial. Everything from security posture to standard imaging needs to be
considered when a new OS comes into play. If all of a sudden the latest
hardware requires the latest OS and we’ve had no notice to this fact,
it’ll bite the enterprise in the ass and the end user/customer is not
going to understand why we were left in the dark. I know that Apple’s
not going to say what’s coming out. Fine. At the very least, something
like “hey, the next rev of this hardware is going to require the next
OS.” That doesn’t give too much away and will give enough tip of the
hat to enterprise IT, “Hey, start really pounding those pre-release
seeds you’ve got and get ready.” They stated that as a corporation they
do not like to dwell in the past and try to keep new things coming. That
being said, they understood that from an enterprise standpoint that it
does become problematic for legacy style application. Made a note to
address this with others on the Sr Management team but could not and did
not promise anything.
Licensing. Licensing. Licensing. I’m sorry, but make it like
Microsoft’s in the enterprise. It should be a blanket license for
various products. Enterprise doesn’t mind paying extra for the
convenience of not having to dedicate an FTE for keeping track of
licensing and the possibility of them being on the hook for when the BSA
comes knocking. We WANT to give you money for this!!! If Apple wants
to play in the big boy enterprise playground, you need a big boy
licensing scheme. I think this was addressed somewhat with the Volume
licensing announcements that came out for Apple.
Exchange. I’ll hold final judgment on this one for when I get my hands
on the Snow Leopard beta, but would you put the nail in Entourage’s
coffin already and just go full out on Exchange support? I had a
similar laundry list with our Microsoft rep on why Entourage is terrible
and the main message was that they had 4+ years between releases and we
basically got an updated look with a new set of icons. None of the
major issues had been addressed and Mail/Address Book/iCal is starting
to feel like this. I had major hopes for Mail in Leopard – full
Exchange support for everything, right down to tasks and notes. I
wanted a reason to kick Entourage to the curb. Instead, we got
stationary. Great. Now my grandmother’s emails look fantastic in my
Entourage inbox. I know Apple’s relationship with Microsoft is
precarious, but there HAS to be a way that Mail/Address Book/iCal can
work better with the Enterprise. Perfect example, I have Windows Vista
Enterprise 64-bit running in VMWare Fusion 2. I was setting up Office
2007 with it (because I need Outlook from time to time) and because the
VM was already in the Active Directory domain, it detected my username,
the exchange server I’m on, all the appropriate settings... Literally
everything was setup in 2 clicks. I’m a die-hard Mac user, and I have
to say, thatis the experience I expect out of Apple. Microsoft nailed
it – so can you. Please don’t tell me that Mail works great with
Exchange; its limitations are well documented. I had a decent part in
the recommendation process for non-windows based email clients for
Exchange. I really wanted to recommend Mail, but because of its
shortcomings I simply couldn’t. I felt terrible having to recommend
Entourage. In fact, I felt that the client for Linux at the time was
far better than Mail (Evolution). Open source software was providing a
better Exchange experience than Apple’s software. Anticipates that the
Mail updates we will see in Lion server will better but not certain it
is the best enterprise solution.
Management tools. I know you’ve got 3rd party relationships to
maintain, but it would be nice to rope a few more management features
into Mac OS X Server. I can’t wait to get started with Casper because I
feel it will add a lot of value to the Mac experience here at the Lab. Who better to build these tools than Apple themselves? Apple Remote
Desktop does a great job at a lot of these tasks... Just ease the
licensing on it a bit. One administrator per box? So now I’ve got to
buy a box for each person who’s going to be admining? Perhaps a 5-seat
pack would be good... Though that gets back to the seat-based licensing
issue... Said to look closely at the profile manager stuff coming out in
Lion, hope to see it soon.
Quit doing ad-hoc support. The most glaring example of this is
currently going on on the Apple fed-talk list. Shawn Geddis (very
smart, very dedicated) seems to be doing smart card/CAC card support all
by himself, right down to putting out updates on (what appears to be)
his personal iDisk. The current issue seems to stem from a recent minor
OS revision breaking CAC support. I would think this to be a major
issue for federal folks and perhaps if there were a standard patch
schedule and better roadmap for the OS, this wouldn’t have happened. Now, Shawn Geddis seems to be scrambling to fix the issue who are dead
in the water without their CAC access. I know Mac users tend to be used
to being on their own in the enterprise but that’s an inexcusable issue. This is NOT the way to run Enterprise support. This went into a long
dialog regarding our own problems with deployment and basically it
boiled down to us buying a higher level agreement from Apple. We may
take advantage of this. but basically there are three tiers the highest
of which when you have problems they bring an engineer onsite.

Thanks,

Shannon L Rico
Sr. Network Engineer
GISD
d: 972-487-3663
c: 214-882-3621

"Nichols, Jared - 1170 - MITLL" <jared.nichols at ll.mit.edu>

6/29/2011 7:44 AM >>>
The following is an email that I wrote to our Apple rep (CC'd Phil
Schiller) on 29 Sep 2008 and as far as I can tell, it pretty much all
holds true to this day. I know Steve's said "Apple is not an Enterprise
company" but you can't deny the fact that more and more Macs are
entering the Enterprise weather Apple likes it or not. I'd say if you
can bring up points 1-4 with them, I'd be happy. Take mentions of "Snow
Leopard" and replace with "Lion".

On specifics regarding points 1 and 5, I'm under NDA on Lion, but when
it's out, we can talk. Let's just say they hold up.

On point 4... woah boy does this still hold true.

On point 6... Casper's filling this need wonderfully where Apple isn't
providing anything. It seems like this is the relationship road that
Apple's going down - let the 3rd party VARs do it, which I'm fine with.
Gives some really smart people some great jobs.

On point 7... still holds true for anything relating to Enterprise.

At any rate, there's some things that Apple could do with little effort
to seriously keep Enterprise folks happy. They're clearly
anti-Enterprise and do pretty much everything they can to make life
difficult for us (including yanking old OS updates from their SUS so we
can't mirror them with our own SUSes for boxes that need to remain
code/version frozen for some reason.)

j

<Redacted>-

I read this article over the weekend and it’s spot-on.
http://arstechnica.com/journals/apple.ars/2008/09/23/apples-patch-release-policy-is-a-concern-for-en...

It does go into the argument that if you’re releasing on your own patch
schedule it kind of renders the issue moot, but my argument to that is
that it’s tougher to roadmap your own schedule to your own people if you
have no idea what’s coming down the line... Garbage in, garbage out (or
void in, void out in this case...)

I know Apple loves to do everything different and with a shroud of
secrecy but come on, EVERYONE in the executive tier has to realize that
they’re getting nowhere quick by keeping Enterprise in the dark. Something has to give. I understand the secrecy, I do... I did the Mac
Genius thing for a bit so I can see things with an insider’s eye.

Since I think about this a bit more, where are the other places Apple
can improve their IT relationship?

Roadmap the software. Or, at least the enterprise aspects of the
software. We don’t care what’s happening to iLife. We do care about
what’s new in the Active Directory plugin, new in the firewalls, new in
security functions etc etc... I’m fortunate that perhaps soon we’ll see
Snow Leopard as a part of that beta program. I know we get pre-release
builds of the next minor revision. This helps somewhat, but what would
be better would be a more strategic vision of what’s going on with the
enterprise related portions of the OS.
A standard patch schedule. Giving enterprise IT the ability to plan is
the biggest tool in their in their toolbox. Planning is everything in
enterprise IT and there’s no place for reactionary measures where ever
possible. If an organization is going to climb the ITIL ladder, they’re
not going to do it with the inability to plan. If Apple wants to be
taken seriously in the enterprise and security circles, this is low
hanging fruit that can easily be addressed. Roadmap the hardware. I’ve said this to you before, but SOME kind of
heads up as to what hardware will require what OS is crucial. Everything from security posture to standard imaging needs to be
considered when a new OS comes into play. If all of a sudden the latest
hardware requires the latest OS and we’ve had no notice to this fact,
it’ll bite the enterprise in the ass and the end user/customer is not
going to understand why we were left in the dark. I know that Apple’s
not going to say what’s coming out. Fine. At the very least, something
like “hey, the next rev of this hardware is going to require the next
OS.” That doesn’t give too much away and will give enough tip of the
hat to enterprise IT, “Hey, start really pounding those pre-release
seeds you’ve got and get ready.”
Licensing. Licensing. Licensing. I’m sorry, but make it like
Microsoft’s in the enterprise. It should be a blanket license for
various products. Enterprise doesn’t mind paying extra for the
convenience of not having to dedicate an FTE for keeping track of
licensing and the possibility of them being on the hook for when the BSA
comes knocking. We WANT to give you money for this!!! If Apple wants
to play in the big boy enterprise playground, you need a big boy
licensing scheme.
Exchange. I’ll hold final judgment on this one for when I get my hands
on the Snow Leopard beta, but would you put the nail in Entourage’s
coffin already and just go full out on Exchange support? I had a
similar laundry list with our Microsoft rep on why Entourage is terrible
and the main message was that they had 4+ years between releases and we
basically got an updated look with a new set of icons. None of the
major issues had been addressed and Mail/Address Book/iCal is starting
to feel like this. I had major hopes for Mail in Leopard – full
Exchange support for everything, right down to tasks and notes. I
wanted a reason to kick Entourage to the curb. Instead, we got
stationary. Great. Now my grandmother’s emails look fantastic in my
Entourage inbox. I know Apple’s relationship with Microsoft is
precarious, but there HAS to be a way that Mail/Address Book/iCal can
work better with the Enterprise. Perfect example, I have Windows Vista
Enterprise 64-bit running in VMWare Fusion 2. I was setting up Office
2007 with it (because I need Outlook from time to time) and because the
VM was already in the Active Directory domain, it detected my username,
the exchange server I’m on, all the appropriate settings... Literally
everything was setup in 2 clicks. I’m a die-hard Mac user, and I have
to say, thatis the experience I expect out of Apple. Microsoft nailed
it – so can you. Please don’t tell me that Mail works great with
Exchange; its limitations are well documented. I had a decent part in
the recommendation process for non-windows based email clients for
Exchange. I really wanted to recommend Mail, but because of its
shortcomings I simply couldn’t. I felt terrible having to recommend
Entourage. In fact, I felt that the client for Linux at the time was
far better than Mail (Evolution). Open source software was providing a
better Exchange experience than Apple’s software. Management tools. I know you’ve got 3rd party relationships to
maintain, but it would be nice to rope a few more management features
into Mac OS X Server. I can’t wait to get started with Casper because I
feel it will add a lot of value to the Mac experience here at the Lab. Who better to build these tools than Apple themselves? Apple Remote
Desktop does a great job at a lot of these tasks... Just ease the
licensing on it a bit. One administrator per box? So now I’ve got to
buy a box for each person who’s going to be admining? Perhaps a 5-seat
pack would be good... Though that gets back to the seat-based licensing
issue...
Quit doing ad-hoc support. The most glaring example of this is
currently going on on the Apple fed-talk list. Shawn Geddis (very
smart, very dedicated) seems to be doing smart card/CAC card support all
by himself, right down to putting out updates on (what appears to be)
his personal iDisk. The current issue seems to stem from a recent minor
OS revision breaking CAC support. I would think this to be a major
issue for federal folks and perhaps if there were a standard patch
schedule and better roadmap for the OS, this wouldn’t have happened. Now, Shawn Geddis seems to be scrambling to fix the issue who are dead
in the water without their CAC access. I know Mac users tend to be used
to being on their own in the enterprise but that’s an inexcusable issue. This is NOT the way to run Enterprise support.

These are just the issues that come to me immediately. I’m sure if you
ask a dozen other enterprise Mac folk, you’ll get at least a half-dozen
more issues. I appreciate Apple’s efforts into the Enterprise. What we
have is far better than what we had 5 years ago. However, it seems
half-hearted. Having all of these quirks to deal with makes justifying
a Mac in the Enterprise very difficult. I can confidently say that if
it weren’t for Jamf’s Casper product, the Mac would likely be out on its
butt within 3 years here at the Lab. We’re in a state of change where
free-love fuzziness in computing is out. If it can’t be managed from
the center and run like it’s part of a profitable business, it’s out. We have a far greater responsibility to the information security of this
facility, the charter MIT is allowed to run it, the US Air Force, the
Pentagon and the National Security of our country. Yes, the Lab faces
some odd issues due to the nature of an FFRDC, but we still face the
same issues that any other enterprise organization runs into.

Bottom line, Apple needs a Come to Jesus regarding Enterprise.

Thanks
-- Jared Nichols
ISD Infrastructure and Operations – Desktop Engineering
MIT Lincoln Laboratory
244 Wood St.
Lexington, MA 02420-9108
(781) 981-5500

---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

On Jun 29, 2011, at 8:23 AM, Shannon Rico wrote:

A little of both meeting starts at 9am CST

Thanks,

Shannon L Rico
Sr. Network Engineer
GISD
d: 972-487-3663
c: 214-882-3621

"Nichols, Jared - 1170 - MITLL" <jared.nichols at ll.mit.edu>

6/29/2011 7:21 AM >>>
We talking software or hardware?
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

On Jun 29, 2011, at 7:56 AM, Shannon Rico wrote:

We have a meeting with Apple Engineering Management today. Are there
any of you that have any questions you would like to see answered? I
know I may not be able to hit everyone but thought I would see what kind
of input I could get from the list.

Thanks,

Shannon L Rico
Sr. Network Engineer
GISD
d: 972-487-3663
c: 214-882-3621

Matt
Valued Contributor

So basically Apple is telling us F you like always.

Figures.

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

Not applicable

/giggle

Nick Caro Senior Desktop Support Administrator

Not applicable

Yea it actually got rather silly when talking about servers etc. They
have a real hard line approach to the Mac Minis etc. Basically we got,
most of the stuff you do on a server in the Mac World can be done
simpler and easier on another platform so use that stuff. We mac our OSs
friendly for just that purpose. 8)

Thanks,

Shannon L Rico
Sr. Network Engineer
GISD
d: 972-487-3663
c: 214-882-3621

Matt
Valued Contributor

Maybe if we were 19 year olds with an iPad and had the parents credit card added on our App Store account they would give us more support or give a damn.

Sorry for the rant. Former Apple Employee from the Good Ole Days and just sick of Apple is treating us. Apple acts so high class and its so easy yet the Enterprise group, which most companies covet, Apple stick their middle finger up at us or puts a carrot on a string in front of us.

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

Matt
Valued Contributor

How are we suppose to run infrastructure on Minis or anything else. I think Apple has forgotten they make computers also.

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

jarednichols
Honored Contributor

They feel they're doing a good job of roadmaping the software? Wow. That's a boldfaced lie. I want engineering-level detail on what's changing. The "publicly available" info is just what the features are. Wow, great. I want to know how it works. Even the WWDC videos made available (if you're in the dev program) don't go into the level of detail I'm looking for - which you can get from a TechNet subscription on the Microsoft side. Wow, AirDrop... that looks like something I want to disable. How do I do that? Can't find that info anywhere, it's all trial and error.

I think I can stay under NDA and still state that if you're integrating your Macs into AD with 10.5 or 10.6, buckle up. If you're in the seed program, head over to http://devforums.apple.com and see what I've posted there for problems.

"dwell in the past" for hardware? How about because we're given no opportunity to plan, we're forced to move forward. No, we're not dwelling in the past, but we're given zero opportunity to plan for the future so what do you expect us to do? Enterprise is about steady-state to next-state transition. They've obviously got no clue about it.

Ug.
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

jlbates
New Contributor

You can always use this
http://www.macfixit.com.au/shop/index.php?_a=viewProd&productId=983 =P

Joshua Bates
Software Technician

Matt
Valued Contributor

Apple lies to your face. They sat down with our company and tried to sell us on servers and not getting JAMF Casper or ExtremeZI-P because we could do it all with Mac Servers. Some people here fell for that garbage and Casper ended up going off the table. 2 months later Apple killed the Server line. When I called our Apple "Engineer" (I have an Engineering degree this guy is a glorified Mac Genius) he said oh we still have Servers they are much better now. I was like are you kidding me a Mac Mini is not a Server just because you tell us it is. Dont even get me started on FCPX.

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

John_Wetter
Release Candidate Programs Tester

Interesting discussion… I understand some of the things said. For me, hardware is the biggest thing. Knowing when something is going away or being released can be quite a pain sometimes, especially given the OS revs that often come with them.

On the Software Update front, I guess for a Casper user, that's a non-start… Set up SUS, just like you'd set up WSUS if you're serious about wanting to schedule your release cycle. That whole discussion is kind of a non-start for me… Even patch Tuesdays don't happen on Tuesday here! Updates get released once we've tested them… Period.

As far as I'm concerned, even when Apple has provided management tools, they've always just been good enough so they can say they've got them, but usually not good enough to really fully be useful. There's always been a hang-up, whether it be the whole golden triangle thing, just pure scalability, just a clunky interface, whatever…

There have obviously been a few people who really have been burned by Apple, but I agree, they are the opposite of Enterprise friendly. The only thing keeping it decent are the management tools out there like Casper. EDU is even ahead of the game with the iOS App store VPP program, but that's still clunky as heck and just needs to work better. I've been an Apple proponent on the systems side since around 2004 when I converted from Windows to Mac, but I have to say in the last couple years, it's been really tough to keep moving the ship forward.

John

--
John Wetter
Technical Services Manager
Educational Technology, Media & Information Services
Hopkins Public Schools

Matt
Valued Contributor

Without Casper, we would have eliminated all Macs.

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

noah_swanson
New Contributor

Second.

Not applicable

OK, I've read all of the complaints about Apple. This is Apple's fault.
That is Apple's fault. The war is Apple's fault.

Have you ever paused to consider that there are two sides to the issues?
Major problems are between Apple and Microsoft. If you assume, as you
evidently have, that the universe is Microsoft, and everyone must work
flawlessly within that universe, then, yes, Apple fails. And I bet
Microsoft is jubilant about it. In fact, I'm pretty sure that Microsoft
has done everything they can to foil Apple integration.

I cannot blame Microsoft for Apple killing the Xserve, or for Apple's OS
changes, but perhaps Apple had so many complaints about how its servers
and workstations would not work with Office, Exchange, and AD that they
decided to forget about the enterprise computer business and concentrate
on other more lucrative markets.

Hey, you want all Microsoft, go for it! Enjoy yourself! But pause to think
what an all Microsoft world will look like.

That's my opinion.

And to say "If it weren't for Casper..." well, you could save a lot of
money by eliminating both Mac and Casper from your budget...

--
Karl Schoenefeld | IT Department
SGS St Louis | 1035 Hanley Industrial Court | St Louis, MO 63144
Direct: 314-918-3126 | Cell: 314-680-0359

Matt
Valued Contributor

What the hell does Microsoft have to do with apple sticking it to us? Centrify has no issue getting Macs into the ad word neither does extremezip.

mimmordino
New Contributor

A lot of discussions in this thread have been about how Macs are inherently unfriendly to the enterprise IT users and teams (actually not Macs themselves, but Apple). That really has nothing to do with Microsoft, it's more about process and best practices.

What's funny is that Apple is the minority in the computer biz, yet they're the ones that won't deal. I want to get some volume licensing in place, I call my Microsoft rep and we start negotiating. They're the majority, and they have me over a barrel (because, let's face it, try convincing all your users to switch from Word to Open Office), but they still deal. Try calling your Apple rep and getting some deals on pricing or anything else.

The complaints about Macs being enterprise-unfriendly are purely due to the company that makes them. They have every opportunity to make their products more compatible (thus potentially giving themselves more market share), but they continually choose to make it more difficult for us admins. I don't see how that has anything to do with Microsoft.....

Mike Immordino
Trustwave
End User Support Mgr.
(312) 873-8943
mimmordino at trustwave.com

Matt
Valued Contributor

Amen.

Matt
Valued Contributor

Not only that how many times has an Apple Engineer sat in a meeting and lied to you. They did it to us so many times. It got to a point where our management said you need to find a really good reason to keep Mac's here. Thanks to JAMF we have a reason. I worked for Apple for 4 years, I know exactly what they are up to I lived with it for a long time. They care about us as much as any other business does. Apple doesn't have magic fairy dust that makes everything all better like they make the consumers feel. We are enterprise people we know what support is and we pay for it. You want to throw stones at Microsoft I have news for you, you're sleeping with the enemy.

Matt
Valued Contributor

You are totally missing the point #1 and #2 you sound like this is Macrumors. Nobody is turning this into an Apple vs. Debate except you.

Matt
Valued Contributor

Can someone at JAMF do something about this guy. Out of nowhere he is starting trouble here.

ernstcs
Contributor III

Gentlemen, please tread lightly on the list when starting to point fingers.

The debate about the topic is fine, but don't get personal about it.

Also, there is no Enterprise in Apple, like there is no I in team. Do I want them to be more Enterprise mindful, hell yes. Is it going to happen anytime soon? Doubtful. Heck, I think Adobe (gulp) has more Enterprise sense recently.

Apple does try though, one little thing at a time, never a large scale concerted effort though. The built-in AD binding works. Exchange works. You get a bone every once and a while.

Enterprise is not an individual consumer, and we will always be a second class after thought.

Just my opinion.

Craig E

Matt
Valued Contributor

… and thats the point everyone here is making. We aren't on a consumer site like macrumors or engadget where people talk about iPods and iTunes (which was the point I was making below), we work in a specialized industry with specialized needs. We serve Enterprises, Education, and Large Organizations and require specialized Enterprise SLA's and Support. Apple doesn't give us anything including something important like Roadmaps. You may hate Microsoft but they have excellent Enterprise Products and Support. Apple does nothing for us and when I say nothing I mean nothing. You call me a Microsoft whatever but I have been a Mac users since System 7 and worked at Apple for 4 years. I know that company inside and out. You can personally attack me all you want but I think the majority of the people here will agree when it comes to Apple we are nothing to them.

jszaszvari
New Contributor III

| Apple doesn't give us anything including something important like Roadmaps

Very True

| . Apple does nothing for us and when I say nothing I mean nothing.

Still speaking the truth

| You can personally attack me all you want but I think the majority of the people here will agree when it comes to Apple we are nothing to them.
Agreed, same attitude persists with all the other Mac Sys Admins I know. If it doesn't suit the consumer, then it's not happening.

Also as Craig E said, let's not argue on this list - The "Mac Enterprise" list is full of arguments and political crud - Lets not become them please, This is quite possibly the best Mac in the Enterprise list on the net even though its Casper specific :)

John

ernstcs
Contributor III

And don't forget, you'll likely be forced to move to Lion Server if it
still supports NetBoot and you need Lion images, and you want Lion
endpoint updates from your own ASUS, if that's still an option. Like it
would be terribly painful to update the software and make this
functionality work on Snow Leopard server, your current stable systems?
Correct me if I'm wrong here, but that's how it worked. If you wanted to
support the new workstation OS the tools you needed only existed on the
new server OS, forcing you to upgrade to a new unproven server platform.

I haven't even touched Lion yet. I'm glad I won't have any new hardware
that NEEDS to run it when it's released this week.

Craig E

RobertHammen
Valued Contributor II

I wouldn't exactly assume you need a Lion Server to offer updates to Lion client systems, and I'm not talking about Reposado.
On Jul 19, 2011, at 9:11 AM, Ernst, Craig S. wrote:

(This message brought to you by those three letters: N, D, and A).

Matt
Valued Contributor

I can't get my GM copy to bind to AD correctly :(

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

bentoms
Release Candidate Programs Tester

This is the dilemma I'm in.

New job. Just purchased Casper. I've 5 mac mini servers (mac nw of 200 but global).

What OS?

Beta test 10.7 or install 10.6 & have to rebuild in 6 months?

I'm beta testing 10.7 with jss as soon as both are released.

Not ideal, but this environment has never had Casper so can slowing introduce.

Regards,

Ben.

tanderson
Contributor

Mine blew up my existing AD bind and set my admin accounts to standard. Repeatable process btw. Filed bugs, etc. but not expecting much.

Tom

tlarkin
Honored Contributor

I only go to the Apple Engineering meetings for one reason, free lunch. Otherwise it is a sales pitch, and they are always pushing their iOS devices, and they even screwed that up too.

The bottom line is, we are all enterprise users, and we want more enterprise support for Macs, but Apple makes way more money selling iPhones and iPads and laptops than they would catering to the enterprise people, for many reasons. They own that market share, they are going to invest in that market share. It is smart business for them to do so. It would be dumb for them to invest tons of R&D money into enterprise solutions when it may expand their enterprise market share less than 1%, where as the mobile device market share and smart phone market share they are leading.

To be honest, I am looking at Linux solutions, NIS, NFS for home folders with Kerberos, and possibly AD to ditch my OS X servers. Come end of life they won't be replaced with Mac servers and there is no guarantee OS X Server will run natively on server hardware. I want RAID 5, dual power supplies, lights out management and so forth. They no longer offer such things, oh and I want it rack mounted.

That doesn't take away from the fact Macs offer great end user experiences and when managed properly are more efficient than Windows. I been in IT for over 10 years now supporting both platforms, Apple does some stuff great, other stuff they are horrible at, just like Microsoft, SuSe/Novell, RedHat Enterprise, and so forth.

-Tom

Walter
New Contributor II

I think OS X server doesn't really get you anything you can't get with a Linux server since most of what is packaged with it is Open Source tools anyway (Apache, MySQL, Jabber Server). If you use Apple native apps like PodCast stuff, then OS X server makes sense.
--
Walter Rowe, System Hosting
Enterprise Systems / OISM
walter.rowe at nist.gov<mailto:walter.rowe at nist.gov>
301-975-2885

On Jul 19, 2011, at 11:12 AM, Thomas Larkin wrote:

I only go to the Apple Engineering meetings for one reason, free lunch. Otherwise it is a sales pitch, and they are always pushing their iOS devices, and they even screwed that up too.

The bottom line is, we are all enterprise users, and we want more enterprise support for Macs, but Apple makes way more money selling iPhones and iPads and laptops than they would catering to the enterprise people, for many reasons. They own that market share, they are going to invest in that market share. It is smart business for them to do so. It would be dumb for them to invest tons of R&D money into enterprise solutions when it may expand their enterprise market share less than 1%, where as the mobile device market share and smart phone market share they are leading.

To be honest, I am looking at Linux solutions, NIS, NFS for home folders with Kerberos, and possibly AD to ditch my OS X servers. Come end of life they won't be replaced with Mac servers and there is no guarantee OS X Server will run natively on server hardware. I want RAID 5, dual power supplies, lights out management and so forth. They no longer offer such things, oh and I want it rack mounted.

That doesn't take away from the fact Macs offer great end user experiences and when managed properly are more efficient than Windows. I been in IT for over 10 years now supporting both platforms, Apple does some stuff great, other stuff they are horrible at, just like Microsoft, SuSe/Novell, RedHat Enterprise, and so forth.

-Tom

tlarkin
Honored Contributor

OS X Server gets you the following natively:

- Open Directory support, MCX, built in replication - SUS (though now third party options are availalbe_ - xgrid - Podcast Producer

You can convert OD mcx to local MCX and you can use other LDAP replication methods, but OS X Server does it all native for the Mac platform. Though I agree, Linux is the future for managing Macs. Apple themselves don't even run OS X Server they run Linux. I had a job interview not too long ago with them for their data center out in CA. They run all Linux on their back end.

-Tom

bentoms
Release Candidate Programs Tester

+ NetBoot.

if someone created a cross platform netboot i'd not have purchased mini's

golbiga
Contributor III
Contributor III

It's been done.

http://afp548.com/article.php?story061220102102611
<http://afp548.com/article.php?story061220102102611>http://www.afp548.com/article.php?story110201151411464&query=netboot

<http://www.afp548.com/article.php?story110201151411464&query=netboot>Allen
<http://afp548.com/article.php?story061220102102611>
On Jul 19, 2011, at 12:23 PM, Ben Toms wrote:

+ NetBoot.

if someone created a cross platform netboot i'd not have purchased mini's

Matt
Valued Contributor

I was never able to get that to work correctly. Does anyone else have a better write up?

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

jarednichols
Honored Contributor

The issue that most folks run into is that you need a box to chuck out Netboot but not DHCP. Your DCHP services are located on a box outside of Netboot. Because Netboot is an extension of DHCP (as is Microsoft's PXI boot) you basically need to hack ISC DHCP at the code level. Most folks think "ISC" when they think DHCP. However dnsmasq can apparently pass out DHCP extensions (such as Netboot and PXI) without passing out an actual IP.

This is the route I was going to take.
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436