This week I have been teaching my Mac OS X Server Essentials v10.5, and a question came up:  What is the use of having security on the directory if you have a clear text login to webmail?  It’s a good question as I have been pointing out default security policies of other services that use clear text passwords, and I have warned against using them.  

In this case, the default setting is in SquirrelMail, the webmail service used by Apple’s Mac OS X Server when accessing your email.  This setting sets the authentication method to “login”, which is an insecure method.  The workbook process during the class has you secure the connection with SSL to protect against harvesting, but there is another way:  change the authentication method.  

This isn’t in the workbook, and so I’m posting this for the benefit of those that wish to have this information.  SquirrelMail can use other authentication methods, such as CRAM-MD5 and Digest-MD5.  But to set it up, you need to get into the command line.   I know, it’s a little scary for those using the Mac, but it shows you just how powerful the Mac platform can be when you start looking under the hood at the UNIX core.  ^_^

The Steps:

1. Open your Terminal
2. Type “sudo /usr/share/squirrelmail/config/conf.pl”
3. Select the Server Settings (number 2)
4. Select the Authentication Method (number 6)
5. Allow it to check your system for available authentication methods (y)
6. Type the desired authentication method (cram-md5)
7. Save your configuration (S – and requires root access, which is why we sudoed the command to begin with).
8. Quit (Q)

And that’s it!  SquirrelMail will now start using CRAM-MD5 as an authentication method for your webmail.  You can now disable your less secure methods and feel comfortable that you have a least one more level of security to protect your user’s email, and your user’s directory login information.

Other things you can do:  

1. Set up SSL for your webmail connection to protect the connection itself.  
2. Set up a realm to access to login page.

Either of these methods will add another level of security to your webmail access.

For the past couple of weeks I have been working on and off on a project to deploy Final Cut Pro in a fresh install for our Macintosh lab.  Previous to this the process was to image the machines and then install Final Cut Pro through a script.  Then on each machine I would need to enter in a site license for the software.  This took a lot of time, usually two days for a sizable class of 8 or so.  And, it didn’t give me a huge margin of error either.  

At first I wanted to do something with NetBoot, because it makes it so easy.  Just set the NetInstall image as the default image on the server, and then deploy by booting the system off the NetInstall image.  it’s really easy to set up, really easy for anyone to deploy.  Unfortunately, it doesn’t handle large images very well.  And when I say large images, I mean large images over 38 GB.  I had often wondered why, until I took the Mac OS X Deployment class, and found out that NetBoot uses a unicast method of installing, which is very inefficient.  It actually surprised me that was the case.  

The only other option that was even remotely feasible would be to use a multicast ASR server.  Every Macintosh (either server or client install) supports the server aspect of this project, so it’s very easy to deploy.  The only drawback:  It requires understanding of the command line.  Here is the process I took in order to get Final Cut Pro installed. 

Problems:  

1. Fresh Install of Mac OS X 10.5 with all necessary updates
2. Fresh installation of Final Cut Pro, Motion, Color, and Compressor (these are the Pro classes we offer here in Edtech).  
3. Practice files for the class.
4. License key already included. 
5. An administrator and a student account setup and ready to go.

I began the project by going through the Modular system image creation process.  In this process, you use a sparse image to install your OS and software, place your necessary files, and manipulate any configuration needed for the final deployment.  This is ideal for initial OS setups and system images.  So I installed the OS from a disk image of the install DVD with the following command: 

sudo installer -pkg /Volumes/Mac\ OS\ X\ Install\ DVD/System/Installation/Packages/OSInstall.pkg -target /Volumes/MacintoshHD/ -verbose

Now, I could have added a reference to an XML file that would have removed all unnecessary installations (like printer drivers), but the default install was good enough for the project and hand.  In this case, the MacintoshHD drive is actually an external FireWire drive.  I could also have done this on a machine in Target Disk Mode, but I thought this would  be sufficient, and it saved a lot of time, actually.  

Once completed, I installed the updates.  To find out what I needed, I actually booted up a machine with this default install and ran Software Update, which gave me the names of the packages.  I then downloaded the disk images, moved them to my machine, mounted the images, and installed with a command like this: 

sudo installer -pkg /Volumes/Mac\ OS\ X\ Update\ Combined/MacOSXUpdCombo10.5.6.pkg -target /Volumes/MacintoshHD/ -verbose

I kept the verbose switch on just so that I could see when it was done and judge when I needed the next update.  When I got to the Quicktime update, I ran into a problem:  You can’t update Quicktime to 7.6 on an non-booted system disk.  That through a wrench into the whole “modular image” process.  Not to worry though, it didn’t set back my image creation.  

Once I finished with all the updates that I needed, I then booted off of the FireWire drive and created my users in the directory.  I began with the admin account, which I used to install the remaining updates and Final Cut Pro and Motion Content from their respective disk images.  The installation let me enter in my site license for Final Cut Studio, and saved me a lot of time on each machine.  I than ran updates for The Pro Apps, which took only a couple more updates to finish.  Once done, I created my Student account with the standard login, and rebooted back into my regular computer. 

Note:  Do not try Final Cut Pro at this stage!  It will create the scratch disk with your UUID, which will make it unusable for any other machine after imaged! I found this out the hard way.

So now I have a system that is completely imaged, has the users created and ready to go, and has not launched Final Cut Pro quite yet.  Now I need to create my disk image that I’m going to use for my restore.  This is really easily done in Disk Utility, particularly if you have the image on a FireWire drive.  

Open Disk Utility, and then select the disk volume you created.  Do NOT select the physical drive!  That would result in a larger image than you need, taking up your entire drive.  Want to learn why?  Take the Mac OS X Deployment class.  ^_^  

Once the disk is selected, click on the New Image button at the top.  It will then let you name it (this is just the name of the new image, not the name of the disk), and ask you which type of image you would like.  I named the file ClonedImage.dmg.  The image needs to be Read Only, and Not Encrypted.  If you choose, you can make the image compressed, though it does take a little away from the performance.  I kept it as uncompressed for simplicity’s sake.  Then settle in, this can take a while.  For a 38+ GB image, this can take almost up to an hour (time varies on the machine you use, RAM size, processor speed, etc.).

Once it’s done, click on Disk Utility’s Images menu, and then select Scan Image for Restore.  This can take some more time, though not as much as creating the disk image.  So settle in, have a good book to read or clean out your email.  

Once done, it’s ready for deployment.  Some may suggest that you fix your permissions on the disk before you get to this point.  I’ve not needed to so far, but it is a good practice to adopt.  This would be a case of do as I say, not as I do.  ^_^ 

Now copy your new image to the “Server”.  It can be Mac OS X Server, or a Mac OS X computer.  Either will support the ASR command.  I chose to use a Mac OS X Server that also had NetInstall images for the Macintosh 10.5 Leopard Install DVD.  You will know why in a minute.  I copied the file to the root directory ( / ) for convenience.

Once copied over, boot up the new machine and log in as an Administrator.  Open your Terminal, and create a config.plist file somewhere on the system.  The config.plist file should have at least the following parameters: 

defaults write /Volumes/Backup/Apple/Images/config “Data Rate” -int 6000000
defaults write /Volumes/Backup/Apple/Images/config “Multicast Address” 244.0.0.10 

I put it in the root directory as well for convenience, though you can place it anywhere you can remember it.  Then enter this command: 

sudo asr -server /config.plist -source /ClonedImage.dmg

Press enter, and you should get a notification that your ASR server is ready to begin multicasting.  Once done, you now just need to get to your computers you wish to restore and run the restore image there.  

In this case, I find it simpler to boot off of the Install DVD image.  By making a NetInstall image, it’s easy to do and doesn’t require multiple disks (and the disks don’t walk away unexpectedly).  It also guarantees that your restore system is on the same subnet as your Server, and will have an assigned DHCP address.  Once booted off of the Install DVD, select your language and then click the continue error.  It will ask you if you want to run the install, instead click on the Tools menu, and then select Terminal. 

Now you should only have the Terminal window open.  Here, type the following command to start the restore, assuming your ASR Server has an IP address of 10.1.0.1: 

asr restore -source asr://10.1.0.1 -target /Volumes/Macintosh\ HD/ -erase

This command will search for an ASR server at that IP address, and then erase the target drive and restore from that image.  Then let it go!  For my image it took about 5 hours to complete, but just about all the machines completed the restore at almost the same time.  So I could have completed one install or 22 at the same time from the same server, and saw little difference in the time it takes to make the image.  

Now, this is the process I used.  It worked great, and our Compressor class (the guinea pig class for this image) ran just fine.  But what if you don’t have the time, or the confidence to run the command line tools?  You can do roughly the same thing with NetRestore, which is currently no longer in development, or Deploy Studio.  Both of these tools can do the same thing I do here, but have a nice GUI interface and management is simpler.  

So you may ask why I chose to do it the hard way?  Because I love the command line, and I want to be sure I have the process down pat.  After all, unless you understand the process behind the scenes of a GUI tool, what do you do when the GUI tool doesn’t work or has an error?  Where can you troubleshoot the problem?

Next week we are running a Final Cut Pro 5-day class to prepare students for the Final Cut Pro exam and get more familiar with the software.  It’s great, except the software is huge and doesn’t load into a monolithic system image very well.  As such, I had to find a way to deploy the software in a timely manner without a lot of work or overhead.  

I started first with a modular NetInstall image.  The idea was that I would include the software packages in the install image, it would create the image, and I could install it without worrying about configuration.  Boy was I being hopeful!  At first it would not recognize the software, and then it finally accepted the mounted disk images as I dragged them into the Automator Action.  I thought all was well, until I tested the image.  

It installed the OS just fine, but didn’t include the Final Cut Pro packages.  Well, I thought, I would just need to create a base install, and then deploy the software through a package.  Seemed easy enough, at least..

Mac OS X 10.5 has a great feature with PackageMaker (available with the XCode Tools Development package) that is called a Snapshot Package.  Basically, you can install software on your Macintosh Computer while this is running, and PackageMaker can tell the difference between the original state of the machine and the new improved state.  You can then create a package that would install all the changes across the board, and you would be all set.  

I started by using PackageMaker on the MacBook Pro that I would be using for the class.  I then started the process on the MacBook Pro, installed Final Cut Pro and the Motion Content, and waited.  Once done, I stopped the snapshot, reviewed the changes, and tried to make the package.  PackageMaker crashed on me every time.  I tried three different MacBook Pros, each with the same result.  

At that point, I started to get frustrated.  I tried the same process on my office Mac Pro, and it worked!  I was able to make the snapshot image, and create the package.  I then transferred it to a MacBook Pro computer and started the package.  It ran, told me it was successful, and I was sitting on cloud nine!  Until I tried to run Final Cut Pro, that is.  It would crash every time I tried to run it.  It could have been a permissions issue, but by this time I was running out of time.  I have a busy week with a surprise class and some instructor interviews to conduct, and I needed to come up with a solution quickly.  

So, I tried installing the software on a MacBook Pro from disk images using the installer command from the Command Line.  It worked, installed a bit more than we usually do, but otherwise was successful.  Well, if this would work, surely I could create a script that would mount the images, install the packages, unmount the images, and delete the images to free up space.  It was worth a try. 

The script was easy to write, and is below: 

#!/usr/bin/env bash

# This script should install Final Cut Pro and Motion from disk images.
# The script will need to be run as root, which the package should do
# automatically.
# First it will mount the images, and then it will run the Installer
# scripts for Final Cut Pro, and then Motion.

# The Images are assumed to be in /Users/Shared

hdiutil mount /Users/Shared/Final\ Cut\ Studio.cdr
hdiutil mount /Users/Shared/Motion\ Content.cdr

# Now the Installation will be run.

installer -pkg /Volumes/Final\ Cut\ Studio/Installer/FinalCutStudio.mpkg -target /
installer -pkg /Volumes/Motion\ Content/Installer/MotionContent.mpkg -target /

# Once finished, the script needs to unmount the images.

umount Volumes/Final\ Cut\ Studio
umount Volumes/Motion\ Content

# Now no longer needed, the disk images can be deleted.

rm -rf /Users/Shared/*.cdr

The Script worked on my inital testing, as long as it was run in sudo (installer needs to be run as root).  So I took it a step further and set it up as a package.  I opened PackageMaker again, added both the disk images to it and set the install location to the /Users/Shared directory.  I then added the script to the last package (in this case Motion) as a postinstall script, so that it would run after the Motion image was copied.  I created the images without any errors, and tried the deployment:  Success!  It installed just fine, and everything worked in Final Cut Pro that was expected to work.  

So, I then figured that if this worked, surely it would work if I added it to a NetInstall image, right?  So I created a new NetInstall image workflow that would add this image to the NetInstall.  I then tested it out, and it still didn’t install the package.  So, I copied the package to the server, shared it out, sent the package to each machine, and installed it manually from there.  In the end, I got the deployment working, and the total deployment (not counting the time taken to try and create images and such) took about half the amount of time it would have if I installed everything with the CD’s.  It could have taken even less time if I had Apple Remote Desktop installed and used it to deploy the image.  

So, that was my experience.  I’m going to look at the NetInstall workflow to see if I missed something in how I placed the Automator Action for the package install.  Until then, I still have a very viable deployment solution that takes less time than I would have expected.  ^_^

I’m back from the Chicagoland area, and It’s good to be back home.  The trip home was mostly without incident, with both planes actually arriving on time (or earlier).  The trip was pleasant, and I made some really great friends with other instructors and developers out there within the ranks of the Apple Certified Instructor network.  

So, what about the training?  

Directory Services:  The Directory Services class was phenomenal.  It focused on connecting to various directory systems out there (both Active Directory and OpenLDAP), using the built in GUI tools, third party tools, and using the command line utility.  

We spent a lot of time demoting and promoting our servers to Open Directory Masters, while connecting to another directory system and making an Open Directory Replica.  

I learned a lot of new things at the training, mostly on how to replicate and create backup Directory systems for failover.  I’ll start covering each chapter in more detail as time permits, but needless to say it was a very useful class.  

Overall the flow was well designed.  The material was a little lacking in that some work in the workbook was not available or mentioned in the reference guide.  But other than that, it was well done.  The cognitive load was well managed with the timing of the class, and the constructivist method was well represented in this material.  Arek Dreyer, who wrote the reference guide, did a great job with the work.  I hope he works on the material again with the new 10.6 materials for which Apple Training is already planning.  

Advanced System Administration:  I want to preface this review by mentioning how this class was originally conceived.  When 10.5 came out, Apple Training looked at the existing certification and noticed that an Apple Certified Systems Administrator could go the whole certification process without once taking anything more than Server Essentials.  

Apple wanted to make the certification more meaningful, and so decided that knowing how to set up the environment was more important than knowing how to manage an Xsan or Podcast Producer.  And, quite honestly, they were right.  A Systems Administrator needed to focus on the core system that allows for Xsan and Podcast Producer to work well with the rest of the system, and not just the peripheral systems.  

So, basically, anything that didn’t fit into Deployment (system imaging and image maintenance) and Directory Services needed to be dumped into this class.  As such, the class is 5 days long and still too short for the material.  It’s also a fairly new class, as it is the only class that was not recreated from Tiger classes.

So, what do I think of it?  It definitely shows the signs of a kitchen sink class.  If you don’t have experience in the Command Line and didn’t take any of the other classes, you would be totally lost on this one.  It is completely designed to be a capstone course, and allow the student to design their own solution while completing the class.  

But there are problems:  If you don’t focus on the on-going narration (which the instructor had better be creating along the way for the sanity of the learners), then you can easily get lost in the details.  There is a lot of focus on current UNIX solutions, potential issues, tools that are still in development, and proprietary command line tools that Apple has created to manage their utilities.  All this is thrown at the student in four pillars:  Planning and Implementation, Networking, Administration (monitoring, security, and automation), and Troubleshooting.  

The narration is thus:  You have just been hired as the new PretendCo Systems Administrator, and the company is on the cusp of huge growth.  You find out that the company, up to now, has been running on one server, set up as a Standard configuration system for convenience.  You now have to do some real management to scale up the system you put in place in order to cope with the new growth expectations.  

For me, it’s going to be a challenge to teach this in a For-Credit schedule, if just because the course narration will be really difficult to keep in the student’s mind.  When I offer this class, I’ll be spending a lot of time focusing on the instructor notes, so that I can keep that narration flowing.  I may need to build the narration into some online exercises as well.  

So, overall, Directory Services was a hit, and a blast to teach.  Advanced System Administration was great, but I was honestly only able to keep up because of what I had already known having both taken all the previous Apple classes, and my experience with Linux.  I’m thinking that I may make the Linux Fundamentals a prerequisite for taking this class.  That way I can know that my students have had time to whet their experience on a UNIX environment in the command line.

This week I finish up with my T3′s for Apple with Advanced Server Administration.  This class is focused primarily on running the ADDIE process (Analyze, Design, Develop, Implement, and Evaluate) throughout the IT  infrastructure of a company, and build it up using both the GUI and Command Line tools.  Because it is assumed that you have been learning the GUI tools up to this point (this is the capstone course), it primarily focuses on the command line tools available to the Mac.  

I’m not sure when we will offer the class at the U, as much depends on other training offerings and any additional infrastructure we would need, but I already have a lot of people interested in this class.  Most of them are Linux administrators who are going to be supporting the Apple platform, and want to do so with SSH (just as they would with Linux).  I already have a list of people who would love to take that class.  

Anyway, it all hinges on whether or not I’m judged “good enough” to train.  Partly judged by my peers, partly judged by the Master Trainer, my fate rests in their hands.  At this point, however, I’m less concerned.  I’m rather more concerned with how my family is doing back home.  I’m literally counting the days until I fly out.  But I will miss the Chicago area.  

Anyway, more details on the classes I attended during this trip sometime next week.  I’ll give a teaser for the classes, and give you my opinion of the materials and flow of the class.  

As promised, here is my review for the Mac OS X Deployment 10.5 T3 that I attended this last week.  

First, the location.  Of course I’m biased, but I have always loved Chicago, and as such enjoyed the trip Villa Park and Oakbrook Terrace.  The hotel was nice, and the location of the training facility was fairly easy to get to.  The only problem:  no sidewalks.  It makes it difficult to walk when you don’t have sidewalks, and there isn’t enough room to walk on the street (without getting hit).  Other than that, the location was nothing to complain about. 

The materials:  There are quite a lot of material for this class, and I was a little concerned that it would be impossible to fit it all into a 2 day training.  Luckily, that was the thought of the course developers as well, and as such the training was extended to 3 days.  That fits in perfectly with my training schedule I have planned for the University, so I didn’t complain. 

The Subject Matter:  There was still a lot that I wanted to cover but couldn’t in the class, mostly those focusing around the command line.  But then, there is a separate class for that, which I will be attending in two weeks.  ^_^  But those important topics, such as deploying through the command line, and imaging through the command line, were covered in depth.  Also planning, scaling, and third party utilities for managing a deployment option was well covered.  

One really nice thing I liked about the class was a mandate for the student to immediately apply what they have learned to a real world situation.  They do this through a Deployment planning sheet, which the trainer should have printed out for each student.  We didn’t have it, but it was made available to us in PDF form, and there is a link that comes with the learning materials to PeachPit’s website for the same PDF.  Once the form is filled out, the last chapter talks about real world solutions in many large companies, school districts, and training centers, and gives the student time to go through their document to see what they find useful, and what they don’t need, in their deployment of OS X.  

The Requirements:  It is essential the student have a command of both the Mac OS X GUI and have command line experience before starting this course.  Basically, students would need to have completed at least the Server Essentials course, and be able to manage a UNIX command line experience.  Why?  Because at the beginning of the course you are just expected to set up your computers with little assistance from the book.  At this point, it is expected that the student knows already how to set up a brand new install of Mac OS X. 

The command line experience would be more along the lines of familiar with syntax of commands.  Most, if not all, of the commands used are Mac OS X Utilities and not your typical UNIX commands, yet the syntax is the same and therefore the student needs to be familiar with that syntax.  There may be some situations when troubleshooting is necessary, and as such the student will need to know how to get to the man pages.  

Something else that would be important before taking this class is having troubleshooting knowledge, and an understanding of what you are being prepared to learn.  This way if something doesn’t quite work they way it’s written in the book, you can step outside of the given examples and find alternatives.  That’s part of learning, something that many students I have had in the past didn’t quite understand.  It requires reading/studying ahead of time, asking questions, and being attentive.  

The Pace:  Unlike both Support and Server Essentials where we pend a lot of time trying to catch the class up after some really long first setup exercises, this class is paced just right for the materials.  We as a training class (of 10 trainers) finished with plenty of time on the last day to cover some topics more in depth, and that was with us doing the majority of the optional exercises.  So with a typical class at this level, the pacing will be such that students will have some time to play with some configuration, or perhaps have a long lunch as a thank you for coming to the class.  

Overall, it is the best designed Apple training course I have attended so far.  The materials are well designed, the pace is just right (low to medium cognitive load), and the course talks well to adult students (through Constructivist methods).  This is a class that may not run often here in Utah, but will most likely be a well attended class when it does.  It is by far my most favorite class to date.  ^_^  

Also, I’d like to say thanks to everyone that attended, because they gave me some very welcomed constructive criticism, and the Master Trainer was a great host.  If only the Cubs could have won all three games I was there, rather than just one of the two.  Oh well, there is always next time.  

I thought I would post this, as we had a similar situation within our class with this issue. At times, when you try to start Kerberos in Mac OS X 10.5 Server, the domain gives you trouble. The first thing you should do is check the host name with changeip, and determine the issue with your DNS. Then, you can fix your Kerberos issues with the following steps as found here on Apple’s documents page:

1. Fix Your DNS: This is necessary, otherwise steps below will not work.

2. Fix your /etc/hosts file: Best done in Terminal. Run sudo bash and authenticate to get to root, and then run vi /etc/hosts. Once in there, add your server’s IP Address and fully qualified domain name, like this: 10.1.0.1 mainserver.pretendco.com

3. Set your Host Name: This can be done as root with the following command: scutil –set HostName mainserver.pretendco.com. Replace the Mainserver entry with your own domain name in this step, and all subsequent steps you see.

4. Initialize Kerberos: This requires three steps (and being logged in as root):
slapconfig -kerberize diradmin MAINSERVER.PRETENDCO.COM (diradmin would be the directory admin login name)
sso_util configure -r MAINSERVER.PRETENDCO.COM -f /LDAPv3/127.0.0.1 -a diradmin -p diradmin_password -v 1 all (replace diradmin and diradmin_password with your directory admin and password)
sso_util configure -r MAINSERVER.PRETENDCO.COM -f /LDAPv3/127.0.0.1 -a diradmin -p diradmin_password -v 1 ldap

Once you finish these steps, reboot the machine, and check your Server Admin utility. You should see that you have all your services running on your Open Directory Master.

Even with this trouble, Kerberos seems really simple to set up with a Mac server. I’ve never tried it on a Linux server, but from the expressions on some friend’s faces when I suggest it, it doesn’t seem to be very simple. I’m not sure how it’s implemented in Active Directory either, though I do know it’s just as frustrating when it doesn’t work.

Now that I have things pretty much under control back home, I promised that I would post my impressions on the Apple Training upgrade to 10.5 that I attended for the past two weeks.

The Design
Overall, the design actually follows some instructional design techniques, unlike the Tiger materials. The student, as they progress through the course, must utilize the techniques, steps, and knowledge they had acquired in previous chapters. Building upon the previous material the students are reinforced in that material, and are not treated as mindless children that can’t learn. Constructivist theories at the heart of it, which makes me happy. THe command line is no longer separate from the individual events that the commands apply to, but rather you learn the command line all through the book. Finally, the training becomes professional, and therefore something I am proud to offer at the University.

The Materials
The materials are being published through PeachPit, though the student kits will only be available to an Apple Authorized Training Center. They are very well done, with bits of the lecture in with the slide presentations. They no longer follow the Reference book, which has additional assignments should someone want to continue on with their learning in another direction. The only thing that I currently see wrong is having a place for notes, should the instructor choose to cover a specific topic in more detail. Other than that, it will be professionally bound, and cost less than the workbooks that were available from Apple. ^_^ Good news for any Apple Authorized Training Center.

The Test
now that I have taken both tests, I can say that the tests are written a little better than the previous test, though I took the longer version than will be available for everyone else. The test will be designed to have someone sit for 2 hours (mine was designed for someone to sit for 2.5 hours), and instead of killing all the easy questions, both easy and hard questions will be removed from the test. This way the test results will be generally higher, and passing will also need to be higher. For now, it will still be multiple choice, but they are looking into some real application and development along that front. What I would like to see is a practical sit-down test, similar to Red Hat’s exams, which no one can just memorize an answer without learning something. Apple Training would like to see it as well, so it’s good to see that we are on the same page. ^_^

The Staff
Apple Training has gone through a lot of changes recently, with most of the staff being laid off. This comes from a common belief that the Macintosh platform is so easy to use, there shouldn’t need to be any training for it (i.e., the Apple Executives that don’t want to pay for a Training Department). Unfortunately, this is the way many companies are moving, and leads us into a longer rant about the importance of training, and the quick decisions to axe training in corporate environments to save money. Anyway, those that are left are really the cream of the crop, and being led by someone that really has a fantastic vision for the direction training should go.

Final Thoughts
My trip to Austin was bumpy, my trip back was agitated. I had more bad experiences in Austin than I have had in just about any other city, but all in all I liked it. I’m actually making a plan to head down to San Antonio in a couple of years, as we plan a trip to Oklahoma to visit some family. So it wasn’t the worst experience I have ever had in traveling (that would be the time I was in JFK and a baggage car rammed into our plane, delaying us 5 hours). All in all, it was productive, and this Spring we can start with the 10.5 materials. In the meantime, I am going to see if it’s possible to set up a testing environment for the Macintosh that will let me grade someone on the progress they have setting up a machine, both at the Computer and Server level.

I just finished the first week of Leopard Training for Support Essentials. It was an interesting ride, and there is a lot that I like about it, and some that I’m not too happy with.

What I Liked
I have to hand it to Apple: When they contract to people to write their training materials, they do a good job. The three instructors that we had all wrote the materials in the Student Workbook, and the workbook now looks like it is worth the money you pay for it.

The course does eliminate the need for a key chapter that was my most popular when I taught the class: The Command Line. Now, instead of having a single chapter, we introduce it bit by bit, integrating it with each of the chapters. So now instead of just getting a quick look at how to play with the command line, you are using it actively in each chapter.

How is this better? Well, for those that are looking to integrate a quick remote method of troubleshooting on the Mac and don’t want to bother with the bandwidth required for a VNC connection, they can quickly perform pretty telling troubleshooting tasks. In fact, I would say that more Command Line content is included in this course than in the previous course.

Other great things are the lack of Apple Remote Desktop (yay!), more focus on the core open source technologies available, and a focus on BootCamp (which is now integrated into Leopard). It’s also nice to be able to repartition your drive, live, with Disk Utility without having to use a third-party application. Sure, linux could do that for years, but with Windows and previous versions of Mac you would need a third party app to get it done.

What I Didn’t Like
The weakest point in the Apple training is perhaps the testing. It always has been, because there has never been a bank of questions, just one set of questions for each time you take the test. So, it’s not a real evaluation of your knowledge. It’s also problematic because in order to compensate, they provide obscure questions that require a constant study of the reference material instead of practical application. But then, it is a multiple choice test, and what else can you do?

The good news is that it’s possible that new testing methods could be on it’s way. I’m hoping for a more Flash-based virtual environment that will simulate the experience. Another possibility would be to have the training centers set up a physical exam, much the same way as RedHat exams, and allow the instructor/training center to deliver it. Of course it runs into consistency issues (from one AATC to another), but that is another topic all together.

Other than that, it was a good training situation. We got a quick peek at the future new exams that are coming down the pipe, and I’m really impressed with them. Finally, it feels like Apple is getting some real quality back into their training materials.

I’m really excited for next week, when we go over Server Essentials!