Last time there was a sizable update to Mac OS X 10.4 Server, Apple hosed my domain which I didn't find out about until 24h later.

Imagine the joy when I installed a recent Security update, and just for the hell of it decided to turn off my DNS server. OK, so it improved security (by preventing anyone from accessing the box) but given that it's a lights-off box, and not connected to a monitor, it was a real job to get back in there again and repair it. (Thank goodness for FireWire-mounted disks.) They subsequently re-released the same update except without deciding to randomly turn off bits of the server.

That wasn't all. Apache refused to start afterwards. I traced this down to a bizarre entry that I'd swear wasn't there before ... the apachectl claimed everything checked out OK, but the way that Apple had set up virtual sites meant that the port it was trying to listen on for virtual hosts was the same it was trying to listen on for main requests (probably because of the borked way that it tries to use the web cache proxy) and the result was that Apache was starting, then falling over almost immediately because it couldn't create a port that it had already created.

Honestly, I don't know why I bothered getting Mac OS X server. Quite apart from the fact that the poor security record, there hasn't been a single update to the server that I've run that has been successful recently. A lot of the marketing gump is just that; whilst it comes out-of-the-box configured, if you stray into unknown territory it's a minefield to get back, and that's assuming some internal knowledge of these products already. Frankly, now that I've got an Intel Mac and an up-to-date copy of Parallels, I'm considering switching my domain handling back to a virtualized Debian instance.