TweetFollow Us on Twitter

A Look At Panther Server

Volume Number: 20 (2004)
Issue Number: 4
Column Tag: Programming

Patch Panel

by John C. Welch

A Look At Panther Server

Digging past the hype into Apple's latest server OS

Mac OS X Server: A Major Reach for Apple

Now that we've all had a few months to weigh in on Mac OS X Server 10.3, I figured it was time to see how it stacks up against the previous version of Mac OS X Server and other server OS's, primarily Windows 2000/2003 Server. This is less a review of Mac OS X Server as a product, and more a look at how it does the job as a server. (Keep in mind print lead times, this article is based on Mac OS X Server 10.3.3

New Features

There is a plethora of new features in Mac OS X Server 10.3, that cover almost every feature of the product at almost every level.

Single Signon/Kerberos

For network administrators, Mac OS X Server 10.3 represents Apple's first serious attempt at one of the holy grails of any network, Single Signon. The idea for single signon is simple: you sign onto the network one time, and after that, you are authenticated for any network resource you may need. So, in a perfect single signon environment, you will log on to your Mac running Mac OS X 10.3.x (You pretty much have to be running Panther for single signon, aka SSO to work). The user id and password you provide gets you all the credentials you need for everything from network file shares to email to printing. Does Apple achieve this? Well, as we shall see, mostly.

Apple is using MIT's Kerberos security system as the basis for SSO in Panther. Kerberos is an open standard for network security, and it is designed to allow for a highly secure environment that is secure without needing a firewall. (Considering that Universities need to be highly open environments, and often use protocols that do not play well with firewalls, the need for security without a firewall is critical.) Kerberos is a network authentication mechanism. Its purpose is to validate that the person trying to get to a resource is a known person. Other services then use this authentication to authorize that person to use that service or services. This is an important distinction. Kerberos does not allow you to get at share "foo" on AFP Server "Bar". All Kerberos does is say "whomever is authenticating as principle (Kerbspeak for user id) TAFKAP has indeed successfully authenticated (or not) as that principle." It is then up to the service to decide if that person is authorized to make use of its services or not. Kerberos is a cross - platform, standardized way to do authentication. (I'm not going to go into an explanation here, because there is an excellent functional and descriptive explanation of Kerberos in Mac OS X written by Joel Rennich at AFP548.com: http://www.afp548.com/Articles/Panther/kerberos1.html)

So, thanks to the way Kerberos works, it is highly compatible with SSO systems, so Apple has implemented a (mostly) stock MIT KDC in Mac OS X Server, and Mac OS X Server is now able to act as a Kerberos Domain Controller, or KDC.

Open Directory

Open Directory, now Open Directory 2 has received major attention from Apple as well. It is now based on OpenLDAP, and uses that, along with the BerkelyDB as a data store to provide fast, scalable, secure directory services for Mac OS X Server networks. NetInfo is still there, but by default, it is used only for local machine records, and is now considered a legacy service. LDAPv3 support is much improved, along with BSD Flat Files and NIS (Not NIS+) support. The big news here however is the addition of an Active Directory plugin, which allows Mac OS X Server to directly and more cleanly access Active Directory networks without the schema change workarounds that Jaguar server required.

Admin Tools

The Server Admin tools have undergone yet another change. Now, actual server administration is done from the aptly named "Server Admin" application. It controls all non - user/non - client management. Along with greatly improved interfaces for the Firewall, NetBoot, Open Directory, etc. is the ability to manage multiple servers from a single window, and apply standard settings to servers via drag and drop from another server. Apple has promised to make the APIs for Server Admin available, so that third parties can write their own management console interfaces. Sybase has already released a plug in for Server Admin that allows you to manage their ASE 12 Database under OS X. Hopefully Apple will encourage the Mac version of the Windows MMC snap-in market.

Workgroup Manager gained some improvements; most notably the ability to directly browse and edit LDAP information in Open Directory without needing what is still one of the most awkward tools on the market, NetInfo Manager. With NetInfo taking a notable step back in Mac OS X Server 10.3, to continue using NetInfo Manager for LDAP administration tasks would have been very silly. Server Monitor is essentially unchanged from Jaguar Server.

The second major change in Mac OS X Server 10.3 is the addition of a plethora of command line tools for running your server. Better directory services tools, user and group management, etc. Pretty much everything you can do with the GUI tools can be done via the shell and vice versa. While the command line may seem to be the antithesis of the Mac experience, any administrator knows that a good set of command line utilities can let you get a lot of tasks done far faster than the same tools as a GUI, especially if you are stuck with dialup access.

(While Apple Remote Desktop, aka ARD has been improved, and the client portion is now a standard install for Panther, since the administrator part is not a shipping part of Mac OS X Server's default configuration, I won't be talking about it here.)

Client Administration

The Managed Client for OS X, (MCX) services have been updated for Panther. The new feature for this is the Mobile Account, which allows for managed laptops to still function as part of an Open Directory system, even if they cannot see the Open Directory network. This is a major plus for schools and other cases where you still want to manage your users, even when they are off the main network.

Services

New in Mac OS X Server 10.3 is the JBoss Java Application server, another sign that Apple is serious about playing in the Java market. The email server has been completely replaced with Postfix and Cyrus. This finally gives Mac OS X Server email capabilities that are as first rate as the rest of the system by incorporating robust, scalable, and secure email subsystems that are well respected regardless of platform. Thanks to the Kerberos features of Cyrus and Panther, if your email client is Kerberized, then it can take advantage of SSO for email services. This is an important upgrade as the previous mail server in Mac OS X Server was simply unsuitable for heavy-duty email services.

Windows services are upgraded with the inclusion of Samba version 3.X in Mac OS X Server. This upgrade allows Mac OS X Server to work as a Windows NT 4 Primary Domain Controller. Other changes help create better integration for users logging in from a Windows machine to Mac OS X Server.

If you haven't gotten the idea by now, there's almost nothing in Mac OS X Server that did not get a major upgrade or at least serious attention in 10.3.x. But a feature list is only half the story. The question is, did Apple do things well or not? Mac OS X Server 10.2 was a pretty mixed bag of issues, and was, in my eyes, about 50% of the way to being what it should be. So now, let's look at how well Mac OS X Server 10.3.X is doing here.

The Good

So the first thing we should look at is what Apple did right. Well, as of 10.3.3, there's a lot to like about Mac OS X Server. At the top of the list is the mail server. The previous server was an albatross around the product's neck. It was unable to keep up with the rest of Mac OS X Server, and was simply unsuited to modern email needs. The inclusion of Postfix and Cyrus finally gives Mac OS X Server an email server that can play with any commercial product out there. Because Cyrus supports Kerberos, if you use a Kerberized email client, email can fit into the SSO realm of services. Log into your machine, start up your email client, you're in. No need to perform a separate login. This is one of the handier features of Windows XP/2000 in an Active Directory domain, and it's good to see that Apple has used it in a more open fashion. The administration UI in Server Admin is sufficient to take you from no email to a pretty solid and secure email server, and you can easily go to the command line if you need more in-depth control.

The Server Administration tools have all been updated for this new version, but the most notable change is the Server Admin tool, and the scriptability of that tool as of Mac OS X Server 10.3.3. The Server administration tools outside of Workgroup Manager were a muddled collection of half - baked attempts at putting a UI on things. Server Admin, new with 10.3.X fixes many of these shortcomings. As mentioned earlier, you can now manage multiple servers far easier than before, and the UI is far more capable. The DNS section has been completely revamped, and is now at least usable, (although, in the end, if you are going to muck with DNS, you still want a copy of the O'Reilly book handy, and well - read. DNS is absolutely critical in Mac OS X Server, and a poorly set up DNS will cause you pain that has to be felt to be believed. If you are not extremely comfortable with DNS, throw money at someone who is, it will be well worth the cost). The Firewall setup is finally worth the effort, although it still needs a bit of work to be on a par with third party tools, like Brickhouse. You can set up PPTP VPNs with ease, and LT2P/IPsec VPNs almost as easily. If you want to do a "pure" IPSec VPN, you're still going to be living in the command line, an oversight that needs to be remedied at some point. The Web server/Apache setup is about the same as in Jaguar, that is, tedious and obtuse. But, the ability to drag and drop settings between servers is a major plus, as is the fact that Server Admin is now scriptable. It's not a complete dictionary by any means, but the introduction of AppleScript into this realm is most definitely counted as "a good thing". One continual annoyance is the inability for Server Admin to deal gracefully with servers in the list that it cannot see. Modal dialogs and application lockups are the result of having an unreachable server. Server Admin really needs to emulate the behavior of Server Monitor here, and just fail quietly. If I never attempt to manage a server that I can't see, why do I need to wait for timeouts and dialogs? Just red - light the silly thing and leave me alone. But shortcomings of the implementations of the services aside, the new Server Admin tool is a huge improvement over Jaguar's version. One final improvement is that Apple has structured Server Admin so that third parties can extend it. While the APIs haven't been widely distributed yet, Sybase has created a Server Admin module for its ASE product.

Workgroup Manager has received some notable updates, primarily based on new capabilities of Panther, and the new Open Directory access is a good start on a decent LDAP manipulation tool. You can now directly manipulate information in the directory structure outside of what Workgroup Manager lets you see. You can add pre-built settings, change existing settings, or add custom settings of your own. Dealing with the Open Directory structure this way is nicer than trying to manipulate data via the command line, but Workgroup Manager still needs a proper LDAP browser, ala the Java - based LDAPBrowser tool. You can activate Server Admin from within Workgroup Manager or vice - versa. At some point, these tools really need to be integrated into one tool, mostly so that Workgroup Manager can benefit from the improvements to Server Admin.

However, even with these notable improvements, client and machine management in an OS X network is still far harder than it has to be. To really manage client machines, you almost have to buy Apple Remote Desktop, because Workgroup Manager is only capable of the most limited machine management. So in essence, you have the "ARD Tax". There's no way to tell how computer lists fit into Open Directory. Are they a container? An OU? Short of using a tool like LDAPBrowser, or the command line directory tools, there's no way to tell. Want to change the IP address on a large group of computers? Hope you have some time for ARD or SneakerNet, that's the only way you're doing it. Apple really needs to look hard at Microsoft and Novell's directory management tools, and learn from them. Workgroup Manager is not up to the task of managing a large network.

As a first start, the Kerberos integration is outstanding in many ways. The basic setup is simple, and as of 10.3.3, most of the outstanding bugs with AFP and Kerberos have been fixed. You can make most of your services use Kerberos, (aka having them be "Kerberized"), and once that happens, you get the benefits of SSO, excellent security, and convenience. However, if you are going to need to do more with it than a very basic setup, you had better get very familiar with the MIT Kerberos administration documentation, http://web.mit.edu/kerberos/www/krb5-1.3/#documentation, because Apple has almost nothing beyond "read the man page". But, they at least give you a complete MIT Kerberos setup, so you can get more complex things done; it's just harder than it should be. If your needs align with what Apple anticipated them to be, then the setup is dead simple. If not, you're going to be spending a lot of time below the UI.

Finally, the command line utilities. Apple has finally given server administrators a complete set of command line applications for running Mac OS X Server. Pretty much anything you can do through the UI, you can do through the command line, and there are a few things, such as setting mount style for Active Directory homes that you can't do via the command line. While some may shudder in horror at the idea of a command line, the fact is, server administrators need one. It allows you to integrate Mac OS X Server tools into other systems. By providing a full-featured command line interface to Mac OS X Server, Apple makes integrating Mac OS X Server into management tools on other platforms far easier. That is, by the way, a good thing.

The Not-So-Good

Under this heading we start with the Windows support. The big news is that in Panther, you have near one-click Windows NT 4 PDC setup. (I say near, because it's rarely that simple). However, if you want to make your Mac OS X Server a part of a Windows domain, then you can't use NTLMv2 or Kerberos for your login authentication. In fact, SMB under Mac OS X Server isn't Kerberized at all, so you can't have anyone needing Windows sharing participating in SSO. This puts a real crimp in SSO for Mac OS X. Along with that, the Active Directory plugin for Directory Services, while a good start, is not anything close to what it needs to be for heavy use. If you have a home directory in Active Directory, it doesn't mount as your home directory under OS X, but rather as an additional mount on your desktop. If you're trying to get an Open Directory Master to talk to Active Directory, that is far harder than it needs to be.

The LDAP access in WGM is too disjointed to be useful. It's very hard for new administrators to use the directory inspector to get an idea of how all of the directory information is laid out. In Active Directory by contrast, seeing how containers and OUs are laid out is quite easy, and it makes moving resources between directory structures much easier than in Workgroup Manager.

Sharing is still not as flexible as it needs to be. For example, if you, as an administrator, want to see volumes, instead of shares, Apple has a kbase article that will tell you how to do this. (http://docs.info.apple.com/article.html?artnum=107823). The problem is, if you follow this procedure, and you're an administrator with a network home directory, you may end up killing your ability to log in with that account, because now you can't get access to the share points. It's a binary setting, either volumes or share points, but not both. This is rather silly that an administrator can't choose how they want to get to information on the server. There's a clear need for both, and forcing you to choose like that is silly. Since this is a system-wide change, and not a user specific change, you can't just apply it for one administrator.

The documentation, while 10.3 from 10.2 still needs a lot of work. Apple needs to include far more examples for new administrators, especially considering the lack of third party references available. For example, in the firewall docs, while they talk about setting up rules for TCP and UDP ports, they don't have an example of what a rule to allow a service into a specific machine should look like. This is one of the most common tasks an administrator does on a firewall, and it would make a lot of sense for Apple to include more screen shots of this from both the UI setup and the IPFW setup. While it's good to talk about generic hows and whys, and wherefores, for someone who hasn't been setting up Unix networks for twenty years, nothing beats a well - annotated picture. There are also far too many instances of "read the man page." Well, the man page is only designed to tell you how a command needs to be structured. That's a syntax guide, not a howto. Since Apple isn't shipping this stuff in paper anymore, they need to spend that savings on putting more information into the docs. I really doubt they'll get a ton of emails complaining that the "documentation was just too darn informative and useful."

The Bad

Now we come to my least favorite part of any analysis. The stuff that I think is just bad. Heading this list, indeed, leading it by a huge margin is the Mac OS X Server print server. First of all, it virtually ignores all the features of CUPS other than the lowest - level drivers. Adding a printer via the server only allows you to connect via AppleTalk or LPR. Um, hello, IPP? The only way to get any kind of authenticated printing is via SMB. So not only do you lose any integration with SSO, but if you want authenticated printing, none of your OS 9 clients can connect. Wait it gets better. If you have a bunch of different printers, say HP LaserJets, and you use Server Admin to connect to all of them. They all have different host names, different IPs, but the same queue name, say the default. In that case, in Server Admin, all the printers would have the same name, because queue name, not IP, or DNS name is what is used to identify the printers. Even better, if you want to set the default queue, you'll only see one entry. If you want to advertise the printer via Open Directory, you can't set that up in Server Admin. You have to do that manually in Workgroup Manager, by creating a manual LDAP entry. As it turns out, you can use Printer Setup Utility to add an IPP printer, but the Print Server almost totally ignores it, including to the point of not logging any of the printer activity in its logs, (which are utterly separate from CUPS. On Mac OS X Server, if you use the print server, then as far as the CUPS logs are concerned, all print jobs are created by root. Even better, CUPS does allow for authenticated, and even SSL printing, but the Mac OS X Server Print Server completely ignores this, as does the documentation. As of 10.3, the Print Server is simply not worth the trouble, and you're far better off with a third party product, or just getting CUPS to do it all for you.

Next on the list here is Apple's support for Mac OS X Server. It's glaringly inconsistent. Sometimes, a problem can go on for months, until you happen to talk to the right person who has the secret knowledge. It's almost like as far as Apple Support is concerned, databases are things that other people use. If you have any questions on the Active Directory plugin, or customizing install packages, that thousand - dollar support package you bought? Useless. They won't even talk to you. That is what is considered "advanced integration" and requires another support package, which starts at $6000 and goes up from there, although if you have a tight budget, per - incident calls are only $700. Apple's support organization is still far too weak and bush-league for the type of markets they are starting to hit. Making people keep a list of "the smart ones" is just silly. The only way I've found to get bugs into the hands of the people who will actually do anything about them is to get a free, online developer membership and report bugs that way.

Documentation is still far from where it needs to be. Telling someone to "read the man page" is only useful if the man page is complete. Kerberos documentation is a large gaping hole in Apple's docs. If you look at the "Command-Line Administration" documentation, the entire section on the command line utilities for kdcsetup, sso_util, and kerberosautoconfig takes up less than a quarter of page 160, and is basically a nice table telling you to read the man page. If that's all you're going to put in, why waste the space? Parts of the documentation are far from being as clear as they need to be, (tip: If you're setting up advertising a printer in Open Directory, you have to have a queue name. The docs make it sound optional). Accurate and complete documentation is critical to a server product, and Apple is dropping the ball here. The online knowledgebase is not filling the holes here at all. Searching for "Kerberos" in the Mac OS X Server section of Apple's support site results in two hits, both of which are readmes for updates.

Conclusion

Even with the missteps and holes in the product, Mac OS X Server 10.3.3 is a major leap forward for the product. If Apple uses the next major version to patch and fix the problems noted here, and in other forums, they will truly have a server product that is the equal of any on the market from any company.


John Welch <jwelch@provar.com> is an IT Staff Member for Kansas City Life Insurance, a Technical Strategist for Provar, (http://www.provar.com/) and the Chief Know-It-All for TackyShirt, (http://www.tackyshirt.com/). He has over fifteen years of experience at making Macs work with other computer systems. John specializes in figuring out ways in which to make the Mac do what nobody thinks it can, showing that the Mac is a superior administrative platform, and teaching others how to use it in interesting, if sometimes frightening ways. He also does things that don't involve computertry on occasion, or at least that's the rumor.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

iDefrag 5.0.0 - Disk defragmentation and...
iDefrag helps defragment and optimize your disk for improved performance. Features include: Supports HFS and HFS+ (Mac OS Extended). Supports case sensitive and journaled filesystems. Supports... Read more
PCalc 4.2 - Full-featured scientific cal...
PCalc is a full-featured, scriptable scientific calculator with support for hexadecimal, octal, and binary calculations, as well as an RPN mode, programmable functions, and an extensive set of unit... Read more
FileZilla 3.10.2 - Fast and reliable FTP...
FileZilla (ported from Windows) is a fast and reliable FTP client and server with lots of useful features and an intuitive interface. Version 3.10.2: Note: Now requires a 64-bit Intel processor.... Read more
The Hit List 1.1.11 - Advanced reminder...
The Hit List manages the daily chaos of your modern life. It's easy to learn - it's as easy as making lists. And it's powerful enough to let you plan, then forget, then act when the time is right.... Read more
Bartender 1.2.32 - Organize your menu ba...
Bartender lets you organize your menu bar apps. Features: Lets you tidy your menu bar apps how you want. See your menu bar apps when you want. Hide the apps you need to run, but do not need to... Read more
ClamXav 2.7.5 - Free virus checker, base...
ClamXav is a free virus checker for OS X. It uses the tried, tested, and very popular ClamAV open source antivirus engine as a back end. I hope you like and use ClamXav a lot and that it helps keep... Read more
xScope 4.1.2 - Onscreen graphic measurem...
xScope is powerful set of tools that are ideal for measuring, inspecting, and testing on-screen graphics and layouts. Its tools float above your desktop windows and can be accessed via a toolbar,... Read more
MacFamilyTree 7.3.3 - Create and explore...
MacFamilyTree gives genealogy a facelift: it's modern, interactive, incredibly fast, and easy to use. We're convinced that generations of chroniclers would have loved to trade in their genealogy... Read more
Skype 7.5.0.738 - Voice-over-internet ph...
Skype allows you to talk to friends, family and co-workers across the Internet without the inconvenience of long distance telephone charges. Using peer-to-peer data transmission technology, Skype... Read more
PushPal 3.0 - Mirror Android notificatio...
PushPal is a client for Pushbullet, which automatically shows you all of your phone's notifications right on your computer. This means you can see who's calling or read text messages even if your... Read more

It Came From Canada: Jurojin: Immortal N...
At this point it’s pretty safe to say that no MOBA is going to dethrone Dota 2 and League of Legends anytime soon. After all, if Batman can’t do it, nobody can. However, with a genre as popular and profitable as this one, there’s still room for... | Read more »
Tiny Farm – Animals, Tractors and Advent...
Tiny Farm – Animals, Tractors and Adventures! Review By Amy Solomon on March 3rd, 2015 Our Rating: :: LIVELY LANDSCAPESUniversal App - Designed for iPhone and iPad Tiny Farm – Animals, Tractors and Adventures! includes farm-related... | Read more »
This Week at 148Apps: February 23-27, 20...
Final February Fun at 148Apps   How do you know what apps are worth your time and money? Just look to the review team at 148Apps. We sort through the chaos and find the apps you’re looking for. The ones we love become Editor’s Choice, standing out... | Read more »
GDC 2015 – Does Not Commute is Definitel...
GDC 2015 – Does Not Commute is Definitely a Game You Should Keep an Eye on Posted by Rob Rich on March 2nd, 2015 [ permalink ] We were teased about Mediocre Games’ (Smash Hit, | Read more »
F84 Games & POW! Announce Stan Lee V...
F84 Games has announced that it is working with legendary comic creator Stan Lee and POW! Entertainment to produce Stan Lee’s Hero Command. The game will be a action adventure of heroic proportions. | Read more »
Setlyst Keeps Your Set Straight So You C...
Setlyst Keeps Your Set Straight So You Can Focus On Rocking Out. Posted by Jessica Fisher on March 2nd, 2015 [ permalink ] Universal App - Designed for iPhone and iPad | Read more »
Space is Vast, So Space Agency Has a Vas...
Space is Vast, So Space Agency Has a Vast New Update! Posted by Jessica Fisher on March 2nd, 2015 [ permalink ] Universal App - Designed for iPhone and iPad | Read more »
Size DOES Matter Review
Size DOES Matter Review By Campbell Bird on March 2nd, 2015 Our Rating: :: HARD TO BEATUniversal App - Designed for iPhone and iPad This rhythm game has a unique control scheme and performance system that make it feel like a true... | Read more »
The first ever action 3D card battler Al...
On the other hand, you probably haven’t played an action 3D card battler – until now. Step forward, All Star Legion. All Star Legion is a 3D QTE-based action RPG card battler, but fear not – the game itself isn’t as convoluted as its description.... | Read more »
Travel Back to the 1980s With the Making...
Headup Games has released a hilarious making of video for its upcoming title, Pixel Heroes: Byte & Magic. The game is a RPG/Roguelike where you control three heroes set to save the township of Pixton from an evil cult called The Sons of Dawn.... | Read more »

Price Scanner via MacPrices.net

Sale! 15-inch 2.2GHz Retina MacBook Pro for $...
 Best Buy has the 15″ 2.2GHz Retina MacBook Pro on sale for $1774.99 $1799.99, or $225 off MSRP. Choose free home shipping or free local store pickup (if available). Price valid for online orders... Read more
27-inch 3.5GHz 5K iMac in stock today and on...
 B&H Photo has the 27″ 3.5GHz 5K iMac in stock today and on sale for $2299 including free shipping plus NY sales tax only. Their price is $200 off MSRP, and it’s the lowest price available for... Read more
Apple Launches Free Web-Based Pages and Other...
Apple’s new Web-only access to iWork productivity apps is a free level of iCloud service available to anyone, including people who don’t own or use Apple devices. The service includes access to Apple... Read more
Survey Reveals Solid State Disk (SSD) Technol...
In a recent SSD technology use survey, Kroll Ontrack, a firm specializing in data recovery, found that while nearly 90 percent of respondents leverage the performance and reliability benefits of SSD... Read more
Save up to $600 with Apple refurbished Mac Pr...
The Apple Store is offering Apple Certified Refurbished Mac Pros for up to $600 off the cost of new models. An Apple one-year warranty is included with each Mac Pro, and shipping is free. The... Read more
Updated Mac Price Trackers
We’ve updated our Mac Price Trackers with the latest information on prices, bundles, and availability on systems from Apple’s authorized internet/catalog resellers: - 15″ MacBook Pros - 13″ MacBook... Read more
Apple CEO Tim Cook to Deliver 2015 George Was...
Apple CEO Tim Cook will deliver the George Washington University’s Commencement address to GWU grads on May 17, at which time he will also be awarded an honorary doctorate of public service from the... Read more
Apple restocks refurbished Mac minis for up t...
The Apple Store has restocked Apple Certified Refurbished 2014 Mac minis, with models available starting at $419. Apple’s one-year warranty is included with each mini, and shipping is free: - 1.4GHz... Read more
Save up to $50 on iPad Air 2s, NY tax only, f...
 B&H Photo has iPad Air 2s on sale for $50 off MSRP including free shipping plus NY sales tax only: - 16GB iPad Air 2 WiFi: $469.99 $30 off - 64GB iPad Air 2 WiFi: $549 $50 off - 128GB iPad Air 2... Read more
16GB iPad Air 2 on sale for $447, save $52
Walmart has the 16GB iPad Air 2 WiFi on sale for $446.99 on their online store for a limited time. Choose free shipping or free local store pickup (if available). Sale price for online orders only,... Read more

Jobs Board

*Apple* Solutions Consultant - Retail Sales...
**Job Summary** As an Apple Solutions Consultant (ASC) you are the link between our customers and our products. Your role is to drive the Apple business in a retail Read more
*Apple* Pay Automation Engineer - iOS System...
**Job Summary** At Apple , great ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job Read more
Sr. Technical Services Consultant, *Apple*...
**Job Summary** Apple Professional Services (APS) has an opening for a senior technical position that contributes to Apple 's efforts for strategic and transactional Read more
Event Director, *Apple* Retail Marketing -...
…This senior level position is responsible for leading and imagining the Apple Retail Team's global engagement strategy and team. Delivering an overarching brand Read more
*Apple* Pay - Site Reliability Engineer - Ap...
**Job Summary** Imagine what you could do here. At Apple , great ideas have a way of becoming great products, services, and customer experiences very quickly. Bring Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.