It's official, Apple is killing OSX Server

@AVmcclint well you can't NetBoot an iMac Pro, so the writing has been on the wall.

I think we all saw this coming when the Xserve was killed off in late 2010. I had just deployed two new ones right before that announcement came. It really pissed off my client who tried to claim I knew about it. The moment Apple killed off the Xserve, and then released their server product as an app in 2011, I knew the end would come. The last actual server OS that Apple released was Snow Leopard Server. Snow Leopard Server was awesome. Fortunately, I have spent the last several years getting to know Windows server, and Linux. My new employer recently introduced me to Hyper-V. I was working with VMware before this. I still like VMware a lot, but Hyper-V is really nice. For my smaller clients, I will suggest using Egnyte. For the larger ones who still need an onsite file server, I will push Windows servers, or Linux. Microsoft's desktop and consumer products are crap (in my opinion), but their enterprise products are really great.

We have moved almost all our server based services to either Linux, or Windows-Server, or NAS.

Netboot is perhaps the most useful remaining service for us…
But looks now like I need to implement one of the listed alternatives.

At least these 3rd parties are interested in maintaining their products…

@PeterClarke Unfortunately, the third party netinstall services don't really help you for iMac Pros and possibly (likely?) other new mac hardware that don't network boot.

Not at all surprised, they may as well rename it Profile Manager.

I thought about this more on the drive in and like most, my single Mac server isn't doing quite the level of work that it used to back in the day. I find myself wondering why we bought it 3 or so years ago. I'm probably not going to replace it at age-out time, but wouldn't it be cool if Apple would pull the macOS Server offering from the store altogether, rename it to Profile Manager for those who need that, but also publish Enterprise Connect on the App Store and provide general enterprise support on it. Like many of us on here, we have AppleCare Enterprise contracts. While I don't need an Apple server product, I do need enterprise-grade methods to connect to existing server infrastructures.

food for thought

@PeterClarke We moved most of ours to RedHat some time ago as well. I for one will be glad to see CalDav die a miserable death but the VPN service while not allowing very granular access controls was extremely easy to use and setup.

The approachable GUI for configuring OS X Server was its biggest advantage. For people lamenting that loss, take a look at Synology's DiskStation Manager (DSM) GUI for their NAS products. There's an online demo of the DSM 6.2 beta you can play with to actually see it in action: DSM 6.2 Beta Online Demo

(I'm not affiliated with Synology, just a happy user of their products)

A number of services will be deprecated, and will be hidden on new installations of an update to macOS Server coming in spring 2018.

It's interesting that they hid Software Update in the latest Server app, but it's not listed to be deprecated in the Spring. I'm assuming it eventually will however. Our firewall/proxy is pretty locked down and we haven't really been able to open up direct connections to apple. Being able to allow access for a handful of servers and then have our Macs look to them was nice.

@PhillyPhoto Apple deprecated Software Update in Sierra. It's still used however, but rather than using macOS Server to host it you'd be better off deploying a NetSUS which bundles the Reposado SUS clone. Note that if you do try this the recommended 500GB of storage space is no longer appropriate as caching all of the current updates requires around 450GB.

Hello Everyone,

With the future removal of NetBoot, I cannot imagine having to sit in front of each of 700+ lab Macs to manually boot to recovery drive, wipe the Mac and then reinstall the OS.

Do any of you have another workflow that is working for you? I would love to hear how others are getting around NetBoot so we can wipe, reinstall the OS and start fresh.

Thank you, Mick

At least Apple's giving some warning. the last year+ of having a lot of things change with little warning and leaving people to discover solutions/workarounds on their own has been a pain.

Caching isn't mentioned so I'm assuming it will continue to cache updates. I currently have a macOS Sierra Installer running off NetBoot so it looks like NetSUS would give me that function according to the support article.

More and more I've noticed the native features of macOS server and OS X server losing features in the course of updates. I've kinda seen this coming, its going to be a pain for most.

@mconners I'm interested in this as well. As of right now, my Mac Mini does 2 things: It runs the caching service, and runs netboot for my imaging. Now it's only going to do 1 thing: caching. And if Netboot is still going to be needed to image, I'm going to have to spin up a separate linux VM for NetSUS, just to host my 1 netboot image.

@mconners

I almost have a workflow that has solved this but am not 100 percent there yet. Essentially what I am working toward is using DEP for enrollment and some custom scripts I wrote (tied to the relevant Jamf triggers) to get the provisioning of software the exact way I want it and have pretty much gotten through these scripts, the machine how I want it. My scripts even kick the machine into the right JSS groups and handle AD binding.

What I have not yet solved is what you are seeking to know...how do you get the hard drive wiped and the OS back on there (using the standard installer) in an automated manner. Pre-iMac Pro days, I would have said to use a NetInstall with automator configuration actions and I tested that and it worked. Given that we lose NetBoot, the only way I can see to clean the hard drive is to boot up to Internet Recovery. (I would love for someone to prove me wrong on this using tools other than NetBooting or thumb drives.)

I don't have an iMac Pro to play with so I can't really test whether thumb drives created with the installer on them using the createinstallmedia switch. If I can solve the seemingly simple, yet incredibly vexing problem of how to get the Vanilla OS on a DEP-assigned machine, I would feel great.

I believe Apple may be planning to throw us a bone on that though...especially given the move to APFS. If they had some tool to snapshot a clean virgin OS on a machine and give us some means of reverting the hard drive back to a snapshot that would help. I would also love some sort of way to have a clean snapshot of say a new OS and get it out to the fleet. That way it is as simple as it is to wipe an iPad. I've heard that they are working on something in this regard, but I'm not them or that close to them so their actions will speak louder than any words I know of.

To be honest if Apple had an actual OS agnostic enterprise caching solution so that Internet Recovery could easily be made really fast for a large number of devices spread across a large network there isn't much we else would miss. If they then allowed MDM providers to have a little bit of control over update release to clients while still using said caching server infrastructure the circle would be complete and we would be happy.

China is an issue for Apple DEP dependance plan.

C

Hello @blackholemac I had an interesting conversation with an Apple support engineer a week or two ago. We were attempting to get remote NetBoot/NetInstall to work. We went through everything including whitelisting the IP address of our netboot server. Bottom line was this.

He told me that Apple is actively working on solutions for all of this. I suspect you might be onto something with relation to the APFS and remotely wiping. He couldn't confirm it would ever come to light, but said he hoped we would hear more by summer.

This got me thinking, perhaps at WWDC this year, we will hear more about management tools that will assist us. If we could remotely wipe and reset our Macs using APFS, this would be very much like wiping an iPad and off it goes back to the original state and new stuff flowing to it.

Let's hope Apple is working on things and we will see things by summer. Sad thing is, we in education need to know about the tools now and not later. Our entire workflow is based on what we currently know. I can't imagine changing things up in July for an August deployment window.

Ironic that that should release a new beta version on the Apple Seed channels yesterday...

@mconners....

The solution is lock down the macOS just like iOS... it's not rocket science... The big question is why has it taken 4 year to get an secure enclave on Mac hardware?

C

We use NetBoot for hosting AST to run diagnostics. I wonder what Apple plans to do with this service in the future.

I work for a K-12 private school and we use NetInstall all the time. Unless they're replacing all of this functionality with something better, then more and more schools, including mine, will be moving to Chromebooks. It's sad but most schools need more functionality than an iPad. And preparing these devices in an easy and efficient manner is paramount.

Keep in mind @nkuhl30, if we can simply wipe or reset a Mac to out of the box with a remote command, then that would be ideal. Once the computer checks back in, then the apps and settings all come streaming down again. Without seeing and knowing the tools that may come out, we are all kind of left in the dark. We will see how 2018 proceeds. Here's hoping for an optimistic change for us.

Apple should hang it up on the server/service side, RHEL is more than capable and widespread in enterprise (RHEL) and EDU (CentOS).

Nothing has been as bullet proof for us as RHEL has been over the years...macOS Server.app blows chunks (cold day in hell before I ever recommend it for anything important) when it comes to services...and while Windows might be convoluted and vulnerable, there are TONS of folks who manage/support the platform so from a business perspective it makes sense in a lot of scenarios (where RHEL isn't an option due to staffing limitations, etc.).

So to Apple Server.app...#byeFelicia

@donmontalvo Amen