Geek post.

You've been warned....if you're afraid of geek posts, run away!!

Having an ongoing issue with my Apple XServe here at work that's been frustrating me for several months.

Ever since MacOS X Server version 10.3, Apple has claimed that OS X can function as a Primary Domain Controller (PDC) for Windows clients. I've had this XServe up and running for 17 months now, and the PDC functions have been nothing but trouble.

I think that in a Mac-only environment, this XServe would be the greatest server I've ever used. But it doesn't always play nicely with PCs.

For about five months now, I've not had the ability to add new Windows PCs to my domain. When attempting to add a new PC, I get "access denied" messages, even though I know I am using a valid account with administrative priveleges on the XServe. PCs already in the domain continue to function normally.

This week, a new problem has cropped up. Actually, it's an old problem I saw about six months ago for a brief period. Twice this week, ALL PCs lost the ability to communicate with the XServe.

Even though the XServe insists that its Windows service is running normally, no PCs can find it on the network. It takes a stop and restart of the supposedly-already-running Windows service to repair the problem. Today I've developed a "kludge" of setting up an automated stop-and-restart of the Windows service every morning at 4:00 AM to try and get around this problem. But I hate having to do jury-rigs like that.

Apple's tech support is pouring a lot of effort into solving this issue, and I'm appreciative of their help. So far, however, it hasn't made a damn bit of difference. I'm on my second Apple Enterprise tech support representative, and today he made the dreaded suggestion that I might have to erase and rebuild the server.

This of course would entail visiting every single one of the nearly 150 PCs in my department, to unbind them from the old domain and rebind them to the new domain. I told him that I considered this to be the "nuclear option" and would avoid it at all costs.

Truthfully (and I told the rep this as well), if I'm going to rebind all the PC clients to a new domain, I'm not going to use this XServe to host it. I just don't trust Apple's Windows domain services. I'll either create my own Active Directory on my Windows server, or bind all of my PCs to the central campus Active Directory that UAB provides.

I'm attending a four-day Apple training session in Vegas next week called "Mac OS X Server Essentials." Between the course itself, and possibly brainstorming with the other students in the course, I'm hoping to get some good ideas for solving this issue; or failing that, suggestions on moving to a different domain model.

My dream is to someday work for an organization that has NO Windows PCs to support. Not a single one. Yes, I blame Apple for releasing a server product that doesn't quite live up to the claimed abilities. I think they vastly overestimated their readiness to sell a server product designed for a hybrid environment.

Still, if I didn't have any PCs (or at least not so many damn PCs) this would be a much less significant issue. Oh well, a man can dream...