makspogonii - Fotolia


How to support Mac computers in Windows environments

Organizations that support both Windows and Mac desktops must approach them differently, but there is plenty of overlap with the tools and practices they can use.

Even in the Windows-dominated marketplace of OSes, Macs remain a popular choice for some business users, and IT administrators should be able to support them alongside their Windows counterparts properly.

Users with job functions such as graphic design and digital art have historically preferred Mac desktops, but they are not the only ones with that preference. Many executives and frequent travelers have also opted for Macs because of their reliability and seamless integration with other Apple iOS devices.

Windows computers will likely dominate the desktop market for some time to come, with most users currently working on Windows 10 systems. Macs only account for about 15% of the overall desktop market share, according to StatCounter, but IT admins need to ensure that any and all endpoints are accounted for with their management platform.  

Advantages of macOS in the enterprise

It might appear that Mac computers fill too narrow a niche for enterprise use, especially as IT shops look to streamline support and maintenance. Despite this, Macs offer several important benefits.

Computers running macOS are generally more stable and reliable than Windows, in large part because Apple controls all aspects of building and assembling the systems from a hardware and software perspective. Macs also offer an exceptional user experience, providing an intuitive interface and an assortment of out-of-the-box functionality and built-in software. In addition, Apple devices are highly compatible with the broader Apple ecosystem and offer near-seamless integration between Macs, iPhones, iPads and even Apple Watches.

Organizations can also provide users with Microsoft Office for Mac, which has greatly improved in recent years, offering features closer aligned with the Windows editions. In addition, many other software vendors provide both Mac and Windows versions of their products. In some cases, an organization might opt for Apple's free productivity software, Apple iWork, which includes Pages, Numbers and Keynote. These apps provide a high degree of compatibility with Office products.

Mac's benefits can increase productivity, lead to better job satisfaction, simplify IT administration, and reduce help desk and support calls. Mac computers might not be the safe haven that some perceive them to be, but their Unix-based roots and Apple's tight controls over software that can run on them still make Macs generally more difficult to exploit than Windows.

a graphic comparing the security of Windows and Mac desktops

Because Windows desktops outnumbered Macs, cybercriminals tended to go after the larger pool of targets, but this has started to change. Cyberthreats against Macs have risen significantly in recent years.

Integrating Mac clients into a Windows enterprise network

Both Windows and Macs have built-in features that provide simple file sharing across a network. In addition, IT can configure a Mac's Mail, Calendar and Contacts apps to connect to a Microsoft Exchange account.

Because Windows desktops outnumbered Macs, cybercriminals tended to go after the larger pool of targets, but this has started to change.

Administrators can also use Microsoft Endpoint Manager (MEM) to manage Mac systems. It is a comprehensive platform that includes Microsoft Intune and System Center Configuration Manager. For example, IT can use Intune to configure endpoint protection settings on Mac devices, enabling full disk encryption or firewall protection. IT can also use Intune to bind Mac computers to an Active Directory domain.

Microsoft has recently added Mac scripting capabilities to MEM, enabling administrators to automate routine tasks. They can also use MEM to discover Mac computers, inventory hardware, manage applications and carry out other administrative tasks.

Another option for Mac administrators is to use a Configuration Manager plug-in to manage Macs more effectively than they could with Configuration Manager alone. For example, the Parallels Mac Management plugin extends Configuration Manager's capabilities to Mac computers, making it possible to manage them similarly to Windows desktops.

Many organizations are also using third-party software such as Fleetsmith, Jamf Pro or Ivanti Unified Endpoint Manager to manage Mac computers. Jamf Pro offers a unified endpoint management platform for Mac computers and other Apple devices. The platform targets five administrative areas: deployment, security, inventory, device management and application management.

Apple Business Manager is another Mac management option. It functions as a web-based portal for deploying Mac computers and other Apple devices. The tool makes it easier to automate device deployment, create Managed Apple IDs for employees and purchase apps and distribute content. Apple Business Manager works seamlessly with many mobile device management products.

Another option for supporting Macs is to run macOS Server on the network. It doesn't include Active Directory (AD) components, but an admin can use the platform's Profile Manager to set Mac policies based on Active Directory groups. The Mac computers will then be able to communicate with Windows clients, share files, share printers and more.

Running Windows programs on macOS

Companies that want to run Windows applications on Mac systems can look to the free open source program Wine for help. The software adds a compatibility layer to the Mac environment that translates Windows API calls into Portable Operating System Interface calls on the fly, making it possible to run Windows applications.

Admins can also install a virtualization platform on their Mac computers, such as Oracle VirtualBox or Parallels Desktop for Mac. VirtualBox is an open source software that IT can download for free. Parallels Desktop requires a license, adding to the overall costs of maintaining a Mac.

Once a virtualization platform is in place, users can set up Windows-based virtual machines and install the necessary Windows applications. For the most part, the virtual environments work like bare metal. For example, users have full network connectivity within the VM and can access peripheral devices connected to the physical machine. However, virtual environments are not identical to bare metal, and it's possible users will run into issues depending on the Windows application. Again, this can lead to additional IT resources going toward Mac administration.

Rather than dealing with a virtualization platform, many organizations are turning to SaaS options, such as Google Apps, Microsoft Office 365 and Zoho Office. These services allow users to access their workspaces and compose or edit content within documents from any device or location. The caveat with this, of course, is that these users need adequate internet connectivity.

Cloud services pay dividends, however, from an administration perspective because they require little time and effort from IT. The SaaS option has been especially beneficial during the COVID-19 pandemic, with more users working from home and less IT oversight of remote devices and environments.

Some organizations have turned to platforms such as Microsoft 365, which provides users with a combination of apps and services. Mac users can get local copies of the basic Office apps, such as Word and Excel, while still accessing the web and mobile versions of the Office apps. It also includes OneDrive cloud storage.

Third-party tools take away a lot of the sting associated with running Mac systems on a Microsoft-based enterprise network, but administrators should fully vet them in a test environment before deploying them to their users' Mac machines.

Dig Deeper on Desktop management

Virtual Desktop