Traditional Unix file permissions (and their resultant issues and repairs) have been perplexing the majority of Macintosh users since OS X first appeared. Windows administrators, on the other hand, have bemoaned the lack of granular control in Apple’s operating systems, with less-detailed permissions available than with Microsoft’s XP and Vista. While Tiger introduced Windows-style ACLs (Access Control Lists) to the Macintosh, Leopard now utilizes them by default, making more complex file-sharing schemes a reality. Whether that’s a gift or a curse depends on your ability to make ACLs work for you.

The most frustrating part of IT work is that you can’t fix every problem you find. That’s certainly the case with the retail version of Office 2008 that shipped last Tuesday. The installer is fraught with serious permissions issues, and currently the best solution is to wait for a fix from Microsoft before deployment.

Advertised heavily and presented enticingly, every Macintosh user has heard that Time Machine takes the complexity out of backups. While that may be true for individual users, managing numerous backups over a network is still a significant challenge for most Macintosh administrators. So with all the attention paid to the Time Machine in Leopard client, there hasn’t been much focus on how Leopard Server can be used to back up multiple users to remote disks. In fact, if you’re not looking closely, the Time Machine features in OS X Server are easy to miss entirely.

One of the long-standing complaints from IT departments about Mac OS X is the lack of a granular administration system. Users are either administrators or they aren’t; It’s a simple and appealing set up for home studios, but a serious problem for companies laboring under HIPAA and Sarbanes-Oxley regulation. In our earlier series on how to master Open Directory, we deployed centrally managed network accounts for Macintosh. Administrators who need finer control of the user environment can build on that deployment to manage account preferences.