MultiUserMac

this article was written by user jlg, who offers setup support services, see the page MyobSupportServices for his comment on that.

---

Disclaimer: This configuration is not officially supported by MYOB, and has not been extensively tested. It is presented here as a proof-of-concept only. Use it at your own risk.

Summary
MYOB Network Edition (any version prior to 12.0.9A) offers abysmal performance due to the way it handles multi-user access to the data files. Even if every user is on a very fast machine with a Gigabit Ethernet, once there are more than a couple of users, MYOB's performance becomes a major obstacle to productivity. Others have found that running MYOB on just one computer, with multiple simultaneous users on the same system, offers the best performance because it allows each MYOB instance to have direct, local access to the data file. This configuration has been implemented in production environments using Windows Terminal Server, and it can be replicated using Mac OS X. Some of the advantages to this setup, in addition to improved overall MYOB performance, include remote access capability across even low-bandwidth connections, reduced MYOB support issues (it's only on one machine instead of multiple), and lower overall hardware cost (you only have to buy one beefy machine to run MYOB; the rest can be older or less-expensive hardware). Compared to WinTS, the Mac OS X setup is really not all that difficult, and can be run on Mac OS X workstation--so it's a much lower cost, and significantly more secure, solution. This document gives a brief description of how to set up Mac OS X as a VNC-based multi-user system.

Recommended System Specifications
These specs are minimums for reasonable performance; you can skimp if you don't mind lower performance.

Intel Core 2 Duo-based Mac--I suggest one core per 2 users; e.g. for five or more users, use a Mac Pro
Mac OS X 10.5.x
4GB RAM--the more memory, the better
120GB HD or larger

Required Software:
Vine VNC Server v3.1 or higher
MYOB Network Edition 2006 or higher

Setup

Step 1: Prepare the System
Login as an administrator.
Install MYOB.
Install Vine VNC Server.
Open System Preferences-->Universal Access
Check the Enable access for assistive devices box.
Set up MYOB FileConnect? to share your data file(s).
Set up queues for printers, fax modems, etc. that MYOB users may need.

Step 2: Create User Accounts
Login as an administrator.
Open System Preferences-->Accounts
Create all the user accounts you need. They don't have to have admin rights (the "Allow user to administer this computer" checkbox doesn't have to be checked). Remember the password you set for each user.
Click Login Options and check Enable fast user switching.
Create an "MYOB Users" group, and add all of the users to that group.

Step 3: Copy Applications

[Note: MYOB AENE 2008 seems to have fixed this issue. So, if you're running AENE 2008 or later, you can skip down to Step 4.]

Copy the entire MYOB folder into an Applications folder inside each user's home folder. MYOB has issues if you run multiple instances of the same copy (i.e. if multiple users run them from the main Applications folder), so each user must have their own copy.

To do this the easy way, login as an administrator and run the following script in a terminal session. This script is also useful if & when you update the main installation of MYOB or Vine VNC and want to push the updated version into all the user folders:

---

---

Step 4: Configure User Accounts
For each user:
Login as that user.
Open System Preferences-->Accounts
Click Login Items and add the Vine Server application from the current user's Applications folder (not the main Applications folder!).
Check the Hide box.
Open Vine Server.
Under the Connection tab, assign a Display Number and a Port unique to that user. The Password can be whatever you want--I recommend making it match the user's password. Again, each user much have a unique Display Number and Port. The standard method is to use Port 590x where x is the Display Number (i.e. 5901, 5902, 5903, etc.). Note that these ports must be accessible through any firewalls, routers, etc. on your network, if you want access from the internet at large.
Under the Startup tab, be sure Start server when the application launches is enabled. Other than that, the defaults should work.
For the sake of convenience, create a Dock item for the MYOB application (if you had to complete Step 3, be sure to use the MYOB install from the current user's Applications folder, not the main Applications folder!).
Open your favorite text editor, and create a file called .mypw at the root level of the user's home directory. Make it a one-line file containing the user's password. Set the file permissions so that the user can read & write, but nobody else can.

To do this from the command line, open Terminal and type:

echo password >> ~/.mypw
chmod 600 ~/.mypw

(Replace password with the user's actual password, of course.)

Step 5: Create the Auto Login Startup Item
This script will automatically create a login session at startup for any user with a .mypw file. If you don't want a user to be automatically logged in at startup, don't create a .mypw file in their home directory.

---

---

Save the following script as /Library/StartupItems/AutoLogin/StartupParameters.plist

---

---

Step 6: Test
Reboot the machine. Approximately two minutes after startup, you should see user logins taking place every 20 seconds or so until all users are logged in, and then the login screen should once again appear. At this point, you should be able use a VNC client to connect to each of the Vine Server ports--one for each user (you'll want to make a note of which VNC port belongs to each user).

Notes
Oddly enough, while the Vine Server is free (GNU GPL), the Vine Viewer is not; for a Mac VNC client, I recommend Chicken of the VNC instead. If you're using Leopard, the Vine Server sessions will appear in the "Shared" network resources in the Finder, and you can use Leopard's built-in screen sharing functionality to connect.

Obviously, this solution is less than perfect in terms of system security, as it involves storing passwords, in clear text, in the filesystem. In addition, VNC is insecure--all data, including the session password, screen data, keystrokes, everything--is sent across the wire in the clear.

It's also a bit of an administrative hassle, since whenever a user changes their password, they also have to update their .mypw file, or their auto login...won't.

For better data security, you could run the VNC connections across a VPN connection--very do-able, but outside the scope of this document.

For better system security, Apple needs to come up with a remote desktop feature that doesn't require this type of kludgy VNC + auto login configuration. You'll notice I'm not holding my breath.

It would be helpful if MYOB would program for this type of single-host/multi-user configuration, to allow multiple users to run separate instances of the same MYOB executable without issues. Again, I'm not holding my breath.

Finally, remember that this configuration is not officially supported by MYOB. It works for me, but there's no guarantee that it will work for you. I have only tested this configuration with a handful of simultaneous users, with just MYOB and VNC Server running under each account, and not under particularly heavy load. If users start opening other apps (Mail, Safari, etc.), other single-host/multi-user glitches may rear their heads. In other words, use these instructions at your own risk, have good backups, and test everything thoroughly.

Our Setup
I am currently running this configuration, in production, on an Intel Xserve 3GHz Xeon DP (four total cores), with 8GB memory, and Mac OS X 10.6.4 workstation (not Server). I set it up with nine MYOB sessions (myob01, myob02, etc.), in the manner described above. We're running AccountEdge? 2010 v14.2.1, which has significant performance improvements over previous versions but still seems to benefit from this single-host/multi-user setup. We generally have 5-6 concurrent users, with a mix of VNC users and standard network clients.

I've found that Chicken of the VNC gives me a bit more robust connection than Leopard's built-in VNC client, but either one works well enough. Also, since the VNC sessions don't fully support copy & paste between local and remote applications, it's more user-friendly to run the VNC session full-screen and have people use the VNC session as their primary desktop--configuring their email, web bookmarks, etc. within the VNC session instead of in the local login session. This provides the greatest usability and portability, though it does put a bit more load on the MYOB server.