[opensuse] Win vs Lin info
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration). An anti-FUD cheat-sheet if you like. E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2/27/07, Hans van der Merwe <hvdmerwe@sunspace.co.za> wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
I would say (besides the usual os-wars) that the ability to pilot the server remotely without a GUI could be a good point. A GUI spends resources, and Windows can't live without it, while Linux can, and connecting via ssh gives you all the power you need to manage the server and the installed services also if you're at home and want to check how things are going (maybe trough a slow connection, unusable if you need a GUI). Another point can be the fact that Windows costs, while Linux is free... Not forgetting about stability issues. Windows needs to be rebooted sometimes, Linux can live without a reboot for months (unless you want to upgrade the kernel...). Hope this helps, Elena. -- => Don't Let Your Fears Stand in The Way of Your Dreams !!! <= => http://www.delymyth.net/ ~ http://wiki.delymyth.net/ <= => FREE Hardware Anti-Virus!!! - /dev/brain <= -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 26 February 2007, Hans van der Merwe wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
An anti-FUD cheat-sheet if you like.
The only part of that debate you can't easily win is the much vaunted "collaboration" services. Everything else, Linux exceeds windows capability in so many ways that name them becomes tedious Samba is better at file and print sharing than is windows itself. Collaboration is a code word for Outlook and exchange server. Some office droids live in Office. They think it IS what computers are. I know some who simply don't know how to run their computer if they can't get office to work. Its how they launch every other application they use. Until there is a foss Exchange that works well, I'd let them have that point. -- _____________________________________ John Andersen
On Mon, 2007-02-26 at 23:48 -0900, John Andersen wrote:
On Monday 26 February 2007, Hans van der Merwe wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
An anti-FUD cheat-sheet if you like.
The only part of that debate you can't easily win is the much vaunted "collaboration" services.
Everything else, Linux exceeds windows capability in so many ways that name them becomes tedious
Samba is better at file and print sharing than is windows itself.
Collaboration is a code word for Outlook and exchange server. Some office droids live in Office. They think it IS what computers are. I know some who simply don't know how to run their computer if they can't get office to work. Its how they launch every other application they use.
Until there is a foss Exchange that works well, I'd let them have that point.
Agreed, especially with a MS Portal running aswell - this thing integrates into every part of Office - very difficult to argue against (except price maybe, but we have a Site License so everything is Free, yes those words were actually uttered to me not so long ago, thats why Im on the war path!) For Exchange/Collaboration replacement Im looking into Scalix - seems capable? E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
http://www.dongrays.com/btd/nt_to_unix/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
On Monday 26 February 2007, Hans van der Merwe wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
An anti-FUD cheat-sheet if you like.
The only part of that debate you can't easily win is the much vaunted "collaboration" services.
Oompfh. Big words. Well: I'm looking for a ready-to-run Active Directory replacement, with group policies. (I think you know about all the nice network-wide configuration work one can does with group policies, don't you?) Integrating OpenLDAP (or RH-LDAP, for that matter), Kerberos, cfengine, and a few other tools to achieve the same functionality, is not for the faint of heart. Especially when it's a hassle to use Kerberos authentication for many services. While I'm an died-in-the-whool Unix user (I don't even use one of these newfangled desktop thingies like KDE or GNOME and am satisfied with fvwm and Emacs), I have to admit that a centralized way to manage all servers and desktop, with system- and user(!)-specific profiles, would be a great thing to have. Care to name an Open-Source replacement for AD that is already integrated, and where I don't have to do the integration myself? Joachim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joachim Schrod Email: jschrod@acm.org Roedermark, Germany -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Joachim Schrod wrote:
John Andersen wrote:
On Monday 26 February 2007, Hans van der Merwe wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
An anti-FUD cheat-sheet if you like.
The only part of that debate you can't easily win is the much vaunted "collaboration" services.
Oompfh. Big words.
Well: I'm looking for a ready-to-run Active Directory replacement, with group policies. (I think you know about all the nice network-wide configuration work one can does with group policies, don't you?)
Integrating OpenLDAP (or RH-LDAP, for that matter), Kerberos, cfengine, and a few other tools to achieve the same functionality, is not for the faint of heart. Especially when it's a hassle to use Kerberos authentication for many services.
While I'm an died-in-the-whool Unix user (I don't even use one of these newfangled desktop thingies like KDE or GNOME and am satisfied with fvwm and Emacs), I have to admit that a centralized way to manage all servers and desktop, with system- and user(!)-specific profiles, would be a great thing to have.
Care to name an Open-Source replacement for AD that is already integrated, and where I don't have to do the integration myself?
Joachim
Well, not as tidy as AD (nor, I suspect, as difficult to diagnose when it goes wrong) is to use something like AutoYaST to roll out software and configuration packages (which you roll yourself). Far more powerful than the MS mandated and controlled policy system, though you can do similar things with MSIs and the MS package distribution system (SMS is it?). I'd guess the previous commenter was thinking of having Linux on the Desktop too. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 2007-02-27 at 14:58 +0000, Russell Jones wrote:
Joachim Schrod wrote:
John Andersen wrote:
On Monday 26 February 2007, Hans van der Merwe wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
An anti-FUD cheat-sheet if you like.
The only part of that debate you can't easily win is the much vaunted "collaboration" services.
Oompfh. Big words.
Well: I'm looking for a ready-to-run Active Directory replacement, with group policies. (I think you know about all the nice network-wide configuration work one can does with group policies, don't you?)
Integrating OpenLDAP (or RH-LDAP, for that matter), Kerberos, cfengine, and a few other tools to achieve the same functionality, is not for the faint of heart. Especially when it's a hassle to use Kerberos authentication for many services.
While I'm an died-in-the-whool Unix user (I don't even use one of these newfangled desktop thingies like KDE or GNOME and am satisfied with fvwm and Emacs), I have to admit that a centralized way to manage all servers and desktop, with system- and user(!)-specific profiles, would be a great thing to have.
Care to name an Open-Source replacement for AD that is already integrated, and where I don't have to do the integration myself?
Joachim
Well, not as tidy as AD (nor, I suspect, as difficult to diagnose when it goes wrong) is to use something like AutoYaST to roll out software and configuration packages (which you roll yourself). Far more powerful than the MS mandated and controlled policy system, though you can do similar things with MSIs and the MS package distribution system (SMS is it?). I'd guess the previous commenter was thinking of having Linux on the Desktop too.
So Samba AD-enabled with LDAP managed users/groups is probably the best bet for replacing File and Print services? E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hans van der Merwe wrote:
On Tue, 2007-02-27 at 14:58 +0000, Russell Jones wrote:
Joachim Schrod wrote:
John Andersen wrote:
On Monday 26 February 2007, Hans van der Merwe wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
An anti-FUD cheat-sheet if you like.
The only part of that debate you can't easily win is the much vaunted "collaboration" services.
Oompfh. Big words.
Well: I'm looking for a ready-to-run Active Directory replacement, with group policies. (I think you know about all the nice network-wide configuration work one can does with group policies, don't you?)
Integrating OpenLDAP (or RH-LDAP, for that matter), Kerberos, cfengine, and a few other tools to achieve the same functionality, is not for the faint of heart. Especially when it's a hassle to use Kerberos authentication for many services.
While I'm an died-in-the-whool Unix user (I don't even use one of these newfangled desktop thingies like KDE or GNOME and am satisfied with fvwm and Emacs), I have to admit that a centralized way to manage all servers and desktop, with system- and user(!)-specific profiles, would be a great thing to have.
Care to name an Open-Source replacement for AD that is already integrated, and where I don't have to do the integration myself?
Joachim
Well, not as tidy as AD (nor, I suspect, as difficult to diagnose when it goes wrong) is to use something like AutoYaST to roll out software and configuration packages (which you roll yourself). Far more powerful than the MS mandated and controlled policy system, though you can do similar things with MSIs and the MS package distribution system (SMS is it?). I'd guess the previous commenter was thinking of having Linux on the Desktop too.
So Samba AD-enabled with LDAP managed users/groups is probably the best bet for replacing File and Print services?
That depends on a bunch of factors. If you want to integrate Linux systems into your existing AD setup (on Windows servers), I'd think winbind (which makes windows AD users and groups the ones in Linux) would suit. I'm a little hazy on how essential users (e.g. 'nobody') are handled if they are not in AD. I'd think that as with LDAP there are fallbacks to /etc/group and /etc/passwd (ish) when users are not found in AD. I don't know about using LDAP authentication against AD. AD is not LDAP, it's a proprietary X500 derived set of conventions. You may be able to get it to talk LDAP or LDAPishly enough to work. I'd be wary of the latter, though. OTOH, if you are happy for users just to go directly to print/file servers (rather than find them via a directory search) the server doesn't need to be that integrated with the domain and can just do certain types of authentication against it. Ech, it's been a while since I looked at this, and I'm not clear what you're trying to do. There is no "best bet", IMO. It depends too much on your existing set-up. You need to look at what Samba can provide and consider what you want to do. I'm not even sure if you need to use Samba... Do you need to work with AD? Can you put Linux on the desktop? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2007-02-28 at 16:26 +0000, Russell Jones wrote:
So Samba AD-enabled with LDAP managed users/groups is probably the best bet for replacing File and Print services?
That depends on a bunch of factors. If you want to integrate Linux systems into your existing AD setup (on Windows servers), I'd think winbind (which makes windows AD users and groups the ones in Linux) would suit. I'm a little hazy on how essential users (e.g. 'nobody') are handled if they are not in AD. I'd think that as with LDAP there are fallbacks to /etc/group and /etc/passwd (ish) when users are not found in AD. I don't know about using LDAP authentication against AD. AD is not LDAP, it's a proprietary X500 derived set of conventions. You may be able to get it to talk LDAP or LDAPishly enough to work. I'd be wary of the latter, though. OTOH, if you are happy for users just to go directly to print/file servers (rather than find them via a directory search) the server doesn't need to be that integrated with the domain and can just do certain types of authentication against it. Ech, it's been a while since I looked at this, and I'm not clear what you're trying to do. There is no "best bet", IMO. It depends too much on your existing set-up. You need to look at what Samba can provide and consider what you want to do. I'm not even sure if you need to use Samba... Do you need to work with AD? Can you put Linux on the desktop?
I have the luxury of implementing a clean system at a clients with about 10 users (7 XP, 1 Vista, 2 OSX). In the future couple of Linux clients. I would like to provide: 1. Login and File/Print sharing. Doing this in Samba just feels natural? because it's what most of the client PCs talk. I'm not sure about AD, no-AD? Do I need it? 2. Central user/password management LDAP will provide central user management. This will also help with Apache/Tomcat auth and any other services in the future that can talk LDAP. Any other ideas? E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hans van der Merwe wrote:
On Wed, 2007-02-28 at 16:26 +0000, Russell Jones wrote:
So Samba AD-enabled with LDAP managed users/groups is probably the best bet for replacing File and Print services?
That depends on a bunch of factors. If you want to integrate Linux systems into your existing AD setup (on Windows servers), I'd think winbind (which makes windows AD users and groups the ones in Linux) would suit. I'm a little hazy on how essential users (e.g. 'nobody') are handled if they are not in AD. I'd think that as with LDAP there are fallbacks to /etc/group and /etc/passwd (ish) when users are not found in AD. I don't know about using LDAP authentication against AD. AD is not LDAP, it's a proprietary X500 derived set of conventions. You may be able to get it to talk LDAP or LDAPishly enough to work. I'd be wary of the latter, though. OTOH, if you are happy for users just to go directly to print/file servers (rather than find them via a directory search) the server doesn't need to be that integrated with the domain and can just do certain types of authentication against it. Ech, it's been a while since I looked at this, and I'm not clear what you're trying to do. There is no "best bet", IMO. It depends too much on your existing set-up. You need to look at what Samba can provide and consider what you want to do. I'm not even sure if you need to use Samba... Do you need to work with AD? Can you put Linux on the desktop?
I have the luxury of implementing a clean system at a clients with about 10 users (7 XP, 1 Vista, 2 OSX). In the future couple of Linux clients.
I would like to provide: 1. Login and File/Print sharing. Doing this in Samba just feels natural? because it's what most of the client PCs talk. I'm not sure about AD, no-AD? Do I need it?
You only "need" AD if you already have it (or have a specific requirement for one of the features that you cannot provide another way). 2. Central user/password management LDAP will provide central user management. This will also help with Apache/Tomcat auth and any other services in the future that can talk LDAP.
I think SuSE provides some similar functionality in the LDAP Yast2 modules, but I'm not familiar with those. You could also have a look at the LDAP users module for webmin. It's quite nice.
Any other ideas?
Try typing "ldap pam nss howto" into google (sans quotes) and see what you find. IIRC, this is how I got started. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 28 February 2007, Hans van der Merwe wrote:
I'm not sure about AD, no-AD? Do I need it?
I have never found a use for AD or even Windows Domain controllers. Certainly never for a network that small. Even where they are claimed to be of use (really large installations where people want to log into their desktop from any workstation) they don't work well enough for anyone to actually DO that. So everyone graduates from the Microsoft course and runs out an defines Domain controllers and Active Directory, only to burry themselves in a maintenance nightmare that doesn't meet its very reason for being. -- _____________________________________ John Andersen
On Thu, 2007-03-01 at 01:13 -0900, John Andersen wrote:
On Wednesday 28 February 2007, Hans van der Merwe wrote:
I'm not sure about AD, no-AD? Do I need it?
I have never found a use for AD or even Windows Domain controllers. Certainly never for a network that small.
Even where they are claimed to be of use (really large installations where people want to log into their desktop from any workstation) they don't work well enough for anyone to actually DO that. So everyone graduates from the Microsoft course and runs out an defines Domain controllers and Active Directory, only to burry themselves in a maintenance nightmare that doesn't meet its very reason for being.
I feel the same. What do you recommend? E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 01 March 2007, Hans van der Merwe wrote:
On Thu, 2007-03-01 at 01:13 -0900, John Andersen wrote:
On Wednesday 28 February 2007, Hans van der Merwe wrote:
I'm not sure about AD, no-AD? Do I need it?
I have never found a use for AD or even Windows Domain controllers. Certainly never for a network that small.
Even where they are claimed to be of use (really large installations where people want to log into their desktop from any workstation) they don't work well enough for anyone to actually DO that. So everyone graduates from the Microsoft course and runs out an defines Domain controllers and Active Directory, only to burry themselves in a maintenance nightmare that doesn't meet its very reason for being.
I feel the same. What do you recommend?
For the size of installation you mentioned: Just Samba and cups on the server. A properly set up cups/samba combo will do it all, even provide drivers for every printer on your network. If it were considerably larger, I might look into ldap, but not till it got big enough to justify SLES, because SLES integrates ldap so well you never even need anything else. -- _____________________________________ John Andersen
John Andersen wrote:
On Thursday 01 March 2007, Hans van der Merwe wrote:
On Thu, 2007-03-01 at 01:13 -0900, John Andersen wrote:
On Wednesday 28 February 2007, Hans van der Merwe wrote:
I'm not sure about AD, no-AD? Do I need it?
I have never found a use for AD or even Windows Domain controllers. Certainly never for a network that small.
Even where they are claimed to be of use (really large installations where people want to log into their desktop from any workstation) they don't work well enough for anyone to actually DO that. So everyone graduates from the Microsoft course and runs out an defines Domain controllers and Active Directory, only to burry themselves in a maintenance nightmare that doesn't meet its very reason for being.
I feel the same. What do you recommend?
For the size of installation you mentioned: Just Samba and cups on the server. A properly set up cups/samba combo will do it all, even provide drivers for every printer on your network.
If it were considerably larger, I might look into ldap, but not till it got big enough to justify SLES, because SLES integrates ldap so well you never even need anything else.
I've never worked with ldap. Does it download the encrypted password the way Windows does? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 01 March 2007, James Knott wrote:
I've never worked with ldap. Does it download the encrypted password the way Windows does? Your windows machine do not know they are authenticated by ldap, they just do as they always do. Samba hands off authentication to ldap.
-- _____________________________________ John Andersen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
On Thursday 01 March 2007, James Knott wrote:
I've never worked with ldap. Does it download the encrypted password the way Windows does?
Your windows machine do not know they are authenticated by ldap, they just do as they always do. Samba hands off authentication to ldap.
My question is in reference to portable use, when away from the ldap server. With Windows, if the server isn't available, you get authenticated against a previously downloaded encrypted password. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 01 March 2007 19:13, John Andersen wrote:
On Wednesday 28 February 2007, Hans van der Merwe wrote:
I'm not sure about AD, no-AD? Do I need it?
I have never found a use for AD or even Windows Domain controllers. Certainly never for a network that small.
Even where they are claimed to be of use (really large installations where people want to log into their desktop from any workstation) they don't work well enough for anyone to actually DO that. So everyone graduates from the Microsoft course and runs out an defines Domain controllers and Active Directory, only to burry themselves in a maintenance nightmare that doesn't meet its very reason for being.
John really hasn't any idea of what he's talking about. It works very well for us. It sure beats running around our dozen or so computers (we're a small shop) applying security and getting them all different, installing software manually on each one, going to each one and going through Windows Update to get the results of the latest Patch Tuesday. But don't trust me either, do your own research and ask people who actually use it, not a bunch of Linux geeks. Of course you're not going to get good unbiased advice here~ -- Cheers John Summerfield -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sunday 11 March 2007, John Summerfield wrote:
Of course you're not going to get good unbiased advice here~
Apparently not. -- _____________________________________ John Andersen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Summerfield wrote:
But don't trust me either, do your own research and ask people who actually use it, not a bunch of Linux geeks.
Totally agree with this. This isn't the place to get hearty recommendations of AD, but hopeful ruminations that it mightn't be necessary :-) You need to do your own research. People here will know about what is relevant to them. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
But don't trust me either, do your own research and ask people who actually use it, not a bunch of Linux geeks. Totally agree with this. This isn't the place to get hearty recommendations of AD, but hopeful ruminations that it mightn't be
I missed the original message but: (a) There is *NO* Active Directory compatible service for LINUX. At least not in any state that is currently production ready. (b) AD on Windows 2003 is a very stable service; in general, Windows 2003 is very stable, provided you don't do anything dumb like install non-M$ applications or services. (c) AD and Linux play quite nicely together.
necessary :-) You need to do your own research. People here will know about what is relevant to them.
-- Adam Tauno Williams Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Adam Tauno Williams wrote:
(a) There is *NO* Active Directory compatible service for LINUX. At least not in any state that is currently production ready.
I never said there was. Though it's misleading to put it that way. Samba exists, but is not production ready. I was talking about something equivalent, not compatible.
(b) AD on Windows 2003 is a very stable service; in general, Windows 2003 is very stable, provided you don't do anything dumb like install non-M$ applications or services.
Odd comment. So you can't use any software except MS software? Doesn't that cut down the field somewhat? I thought one of the advantages of MS was the large selection of existing software?
(c) AD and Linux play quite nicely together.
For now. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Russell Jones skrev:
Adam Tauno Williams wrote:
(a) There is *NO* Active Directory compatible service for LINUX. At least not in any state that is currently production ready.
I never said there was. Though it's misleading to put it that way. Samba exists, but is not production ready. I was talking about something equivalent, not compatible.
(b) AD on Windows 2003 is a very stable service; in general, Windows 2003 is very stable, provided you don't do anything dumb like install non-M$ applications or services.
Odd comment. So you can't use any software except MS software? Doesn't that cut down the field somewhat? I thought one of the advantages of MS was the large selection of existing software?
Sure, there's a huge load of software for Windows, but as stated, if you're in the need for a STABLE server based on Windows 2003, you shouldn't install anything not distributed on the 2003 CDs. Not even MS Office. (Like I'd run a MS server anyway.. Right..)
(c) AD and Linux play quite nicely together.
For now.
-- Anders Norrbring Norrbring Consulting -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
(a) There is *NO* Active Directory compatible service for LINUX. At least not in any state that is currently production ready. I never said there was. Though it's misleading to put it that way.
No it isn't. I've researched this topic quite thoroughly, no such thing exists, not even anything equivalent.
Samba exists, but is not production ready.
Yep, specifically we are talking about Samba4, and it is quite a ways from a release.
I was talking about something equivalent, not compatible.
Sure there are LDAP servers and Kerberos servers, but AD is much more than LDAP + Kerberos. There is no Open Source equivalent. I very much wish there was, but being even equivalent to AD would be a herculean undertaking and require the close cooperation of many services and applications - something at which Open Source, quite frankly, sucks. We, very happily, run an NT4 style domain with 2000/XP/Linux workstations using a Samba3 + LDAP server. It works well. we even have DHCP and DNS using the LDAP backend. But it doesn't provide 1/5th the feature set of AD. You are basically on your own for user/group management, workstation management is a complete hack job, and you get none of the very nice security features.
(b) AD on Windows 2003 is a very stable service; in general, Windows 2003 is very stable, provided you don't do anything dumb like install non-M$ applications or services. Odd comment. So you can't use any software except MS software? Doesn't that cut down the field somewhat?
I suppose, but you can build a completely M$ infrastructure. If you go with M$ you usually go with M$ all the way.
I thought one of the advantages of MS was the large selection of existing software?
(c) AD and Linux play quite nicely together. For now.
The future is always an unknown. To conspiracy theorists I'd point out that interoperability with M$ infrastructure has dramatically improved in recent years, not gotten harder. Witness that you CAN use AD via Kerberos and LDAP technologies, verses NT4 domains. Witness the pervasive use of Web Services in .NET. Witness the use of WebDAV in M$-Exchange. I could go on. So a non-interoperable future would be a change in the current trend and pattern, not even a continuation of existing behavior. If one is forced to assume a future scenario it is always best to assume things will continue as they are; they usually do. Don't let ideology or ideologues fog things up - ideologues are the people most certain to always be wrong, on any side of an argument. -- Adam Tauno Williams Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Adam Tauno Williams wrote:
Yep, specifically we are talking about Samba4, and it is quite a ways from a release.
Right, so it does exist, it's just not useful yet. But it's not as if it's not being developed and tested.
I was talking about something equivalent, not compatible.
Sure there are LDAP servers and Kerberos servers, but AD is much more than LDAP + Kerberos. It's user and group management - got that /for Linux users and groups/ policies - got that with a reasonable amount of effort AFAICS, given you don't want to use all the features at once-- but who would? what else is there? Can you be more specific? This just sounds like FUD otherwise. There is no Open Source equivalent. I very much wish there was, but being even equivalent to AD would be a herculean undertaking and require the close cooperation of many services and applications - something at which Open Source, quite frankly, sucks.
Huh? And what are RFCs for?
We, very happily, run an NT4 style domain with 2000/XP/Linux workstations using a Samba3 + LDAP server. It works well. we even have DHCP and DNS using the LDAP backend. But it doesn't provide 1/5th the feature set of AD. Again, I was talking about /Linux on the desktop/ being able to provide the same functionality. I know Windows is based around specifications not available to the general public. So of course Linux (or any other hardware, system or software that doesn't have MS approval of any kind) is likely not to work with it. You are basically on your own for user/group management, workstation management is a complete hack job, and you get none of the very nice security features.
By "security features" you mean the ability to configure workstations using policies? As I explained, that is quite possible. Or do you mean something else? Please explain.
(b) AD on Windows 2003 is a very stable service; in general, Windows 2003 is very stable, provided you don't do anything dumb like install non-M$ applications or services.
Odd comment. So you can't use any software except MS software? Doesn't that cut down the field somewhat?
I suppose, but you can build a completely M$ infrastructure. If you go with M$ you usually go with M$ all the way.
That's what MS want, of course. That's their game plan. Deployment by induction. It's like a virus. (Where have I heard that phrase before? ;-) )
I thought one of the advantages of MS was the large selection of existing software?
(c) AD and Linux play quite nicely together.
For now.
The future is always an unknown.
It's a whole bunch of them.
To conspiracy theorists No conspiracy, just self interest and logical profit making business practice for a dominant supplier. The relevant group here is historians, BTW. I'd point out that interoperability with M$ infrastructure has dramatically improved in recent years, not gotten harder. This is because a) MS realise that people blame them for the problems b) bugs get fixed (by FOSS devs and MS ones). Witness that you CAN use AD via Kerberos and LDAP technologies, verses NT4 domains. Because a) people demanded it: they required interoperability with their LDAP systems. To penetrate those companies, open standard adherence was required b) the possibility of using organizations using LDAP became real Witness the pervasive use of Web Services in .NET.
With specs MS helped craft. Like the W3C specs. Heard of CSS2? (OTOH their implementation of DOM Level 2 and ECMA 262 were fine-- it depends on strategic importance) Most likely they've pulled the same tricks with Web Services and .NET they did with the Web and IE. They'd be foolish not to, in fact, provided they can avoid people noticing because they aren't yet familiar with the implementation of the specs.
Witness the use of WebDAV in M$-Exchange. I could go on.
It's called embrace and extend. Heard of that?
So a non-interoperable future would be a change in the current trend and pattern, not even a continuation of existing behavior. Entropy always increases. That doesn't mean local reversals aren't possible. So it is with interoperability. It's the ultimate logical conclusion, but there are often local changes, the pivots around which the markets turn. And Microsoft is an expert at manipulating those swings. If one is forced to assume a future scenario it is always best to assume things will continue as they are; they usually do. Like the stock market, right? Don't let ideology or ideologues fog things up - ideologues are the people most certain to always be wrong, on any side of an argument.
Don't confuse certainty with ideology. Hedge your bets and you won't be wrong. But you won't be right either. I know MS is appropriate in certain situations. But one needs to take their strategy and the distortions they create to further that into account when making decisions about their products. And don't forget that shareholders and stakeholders in MS have an ideology, best summarised as "$$$". That's normal, but one shouldn't pretend it's not an ideology. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2007-03-21 at 17:48 +0000, Russell Jones wrote:
Don't confuse certainty with ideology. Hedge your bets and you won't be wrong. But you won't be right either. I know MS is appropriate in certain situations. But one needs to take their strategy and the distortions they create to further that into account when making decisions about their products. And don't forget that shareholders and stakeholders in MS have an ideology, best summarised as "$$$". That's normal, but one shouldn't pretend it's not an ideology.
Long ago about 2000 years we were warned we could not serve both GOD and Bill Gates. -- ___ _ _ _ ____ _ _ _ | | | | [__ | | | |___ |_|_| ___] | \/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 02 April 2007 21:05, Carl William Spitzer IV wrote:
Long ago about 2000 years we were warned we could not serve both GOD and Bill Gates. Preach it, bubba....
... Amen -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 2007-04-03 at 21:22 -0500, M Harris wrote:
On Monday 02 April 2007 21:05, Carl William Spitzer IV wrote:
Long ago about 2000 years we were warned we could not serve both GOD and Bill Gates. Preach it, bubba....
... Amen -- Kind regards,
M Harris <><
My boss went out and got him a new preconfigured PC with Vista Home Premium yesterday. It landed in my office; I had to look at it and get it hooked up to a small network. After switching on the system, it took 15-20 minutes before it showd a desktop. Huh, an Intel Core 2 Duo E6400, at 2.13 GHz, 2MB L2 Cache, 1066 MHz FSB 1GB Ram (DDR2 SDRam 533 MHz, 64 Bit), with NVidia GeForce 7650 GS (256 MB DDR2 HDMI & DVI). Thereafter it takes 90-120 seconds to start WinVista. On the first start, after about 25 minutes, "BullGuard" appeared, demanding an email address to register it. I pressed PrtScreen to make a screen capture, because I always document such things (in this case the first start of a brand new pre-installed machine) for future use with new users or system installation. I use MSOffice Word, or MSWorks writer if no office is installed yet. I pressed Ctrl-V to paste the screen capture in MSWorks Wordprocessor. A pop-up appeared; "Works cannot access one or more required files. The files may have been renamed, deleted, or moved. Try reinstalling Works, and then start the program again" !!! After rebooting the same problem with Works. Each time with a scroll-down the error pops up. In the mean time BullGuard persisted its registration need, till it was set to do registration later. Only 7 days left it displayed. Inthe mean time Vista updated 5 files and wanted a reboot. OK .. let it be ... After a reboot BullGuard appeared with its desktop. All windows open neatly with a fade in and fade out when closing. It feels rather retarded, rubber like and quite slow to react for such a fast system. The desktop looked like a childrens toy-PC, quite colourfull. Looking for the menu items to set up the system, it has a XP update feeling. Pre-Installed was MS Office 2007. Got a test version key from the OEM supplier. Could convert to a full version just by entering a key. Entered the "Trail Product Key". It registered automatically and checked it with a green checkmark. With the next start of Office, it had to be registered or convert to a full version. Customer lock in for Office? Now MSWorks does not start at all anymore ... "Program closed due to etc. ...". After the new boot, it was there again, .. for how long before the next error message? Interestingly, there was also a CD-Key from CyberLink Power Cinema for Linux in the box as well. Just a day in the life of a first time start of Vista ... :-) Al -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 04 April 2007, LLLActive@GMX.Net wrote:
After switching on the system, it took 15-20 minutes before it showd a desktop. Huh, an Intel Core 2 Duo E6400, at 2.13 GHz, 2MB L2 Cache, 1066 MHz FSB 1GB Ram (DDR2 SDRam 533 MHz, 64 Bit), with NVidia GeForce 7650 GS (256 MB DDR2 HDMI & DVI). Thereafter it takes 90-120 seconds to start WinVista.
Something's hozed with that machine. Vista may have some problems, but that is not one I've seen. -- _____________________________________ John Andersen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I have seen the same thing, started up the a spanking new HP machine with about 4GB of DDR2 ram, 2 core 2 chips and it was slooooowwwwwwww I went out for a breather (cigarette) and cam back in again about 15 minuts later, but the machine was still busy starting, up nothing rong with the machine just vista that is slow, from looking at all the emergency patches coming out for Vista I am not surprised at all. Regards Per Qvindesland On Wed, 2007-04-04 at 00:27 -0800, John Andersen wrote:
On Wednesday 04 April 2007, LLLActive@GMX.Net wrote:
After switching on the system, it took 15-20 minutes before it showd a desktop. Huh, an Intel Core 2 Duo E6400, at 2.13 GHz, 2MB L2 Cache, 1066 MHz FSB 1GB Ram (DDR2 SDRam 533 MHz, 64 Bit), with NVidia GeForce 7650 GS (256 MB DDR2 HDMI & DVI). Thereafter it takes 90-120 seconds to start WinVista.
Something's hozed with that machine. Vista may have some problems, but that is not one I've seen.
-- _____________________________________ John Andersen
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 04 April 2007 03:27, John Andersen wrote:
After switching on the system, it took 15-20 minutes before it showd a desktop. Huh, an Intel Core 2 Duo E6400, at 2.13 GHz, 2MB L2 Cache, 1066 MHz FSB 1GB Ram (DDR2 SDRam 533 MHz, 64 Bit), with NVidia GeForce 7650 GS (256 MB DDR2 HDMI & DVI). Thereafter it takes 90-120 seconds to start WinVista.
Something's hozed with that machine. Vista may have some problems, but that is not one I've seen. Nope...
... this machine need *at least* one more GB Ram... what a joke... -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
M Harris wrote:
On Wednesday 04 April 2007 03:27, John Andersen wrote:
After switching on the system, it took 15-20 minutes before it showd a desktop. Huh, an Intel Core 2 Duo E6400, at 2.13 GHz, 2MB L2 Cache, 1066 MHz FSB 1GB Ram (DDR2 SDRam 533 MHz, 64 Bit), with NVidia GeForce 7650 GS (256 MB DDR2 HDMI & DVI). Thereafter it takes 90-120 seconds to start WinVista.
Something's hozed with that machine. Vista may have some problems, but that is not one I've seen.
Nope...
... this machine need *at least* one more GB Ram... what a joke.. Microsoft said that Vista would run with 512. eMachine recommended 1 Gig for my computer. Based on that, I figured an absolute minimum of 1.5 Gig to have anything like an acceptable level of performance. [ Not that I will ever know for sure. ] Seems like Microsoft lowballs the "required" memory numbers to sucker people in. 512 would probably have about the performance level of my old 8088XT with the turbo mode turned off.
-- (o:]>*HUGGLES*<[:o) Billie Walsh The three best words in the English Language: "I LOVE YOU" Pass them on! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
... this machine need *at least* one more GB Ram... what a joke...
Two months ago my wife and I decided that it was time for new laptops, out IBM A21Ms had serverd us well. But 667Mhz P3s were a little out dated. Since we get the maximum life out of machine we decided that we would get 2 really nice machines and not have to fool with another upgrade for a couple of years, here is what we got. 2 HP DV9208NRs, we opted for the additional memory ( from 1 to 2 GB ), both are AMD Turion 64 X2s running 1.6 Ghz. Both came with windows vista preinstalled. The first time I booted mine I had an opensuse 10.2 boot dvd in the driver and I opted to boot from it, I completely wiped the harddrive, including the recovery partition, and setup opensuse 10.2. I haven't looked back since. For grins we allowed my wifes to boot into vista, 20 minutes later we got to the first semi-useable desktop, we still had alot of configuration to do. I didn't think I was ever going to get vista to decide which tool to use to connect to my wireless lan. After a half day of playing with vista my wife said put suse 10.2 on it so I can use it. Vista was nothing but a dog on that machine and it should smoke on dual core, 2Gb machine. Just my .50 cents. -- John Registered Linux User 263680, get counted at http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 04 April 2007, John Pierce wrote:
or grins we allowed my wifes to boot into vista, 20 minutes later we got to the first semi-useable desktop, we still had alot of configuration to do.
On the other side, I configured a Core 2 Duo Dell 9200 2 gig ram for a friend. It booted in less than 3 minutes the first time, obtained its IP from the router with out asking TOO MANY times if it was ok to do so, Connected to MS and installed pending upgrades. While it was doing the upgrades I showed him how to stream classical music from di.fm and we installed his printer, shared it with his XP machine, and had a beer. Alaskan Winter Ale. All updates finished before the printer was finished installing and 10 minutes after the power cord hit the wall he was installing Quake 4. I can't imagine what is taking you guys 20 minutes. Am I trading in my Suse? Not on your life. -- _____________________________________ John Andersen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 05 April 2007 03:13, John Andersen wrote:
On the other side, I configured a Core 2 Duo Dell 9200 2 gig ram for a friend. You are the first one to actually say you are using *2 gig ram* and that is important... if you are using less than 2 gig you are going to look at significant bootup times... and poor run times... period. Yes, M$ lied... what did you expect?
On Wed, 21 Mar 2007 10:54:38 -0400 Adam Tauno Williams <adamtaunowilliams@gmail.com> wrote:
But don't trust me either, do your own research and ask people who actually use it, not a bunch of Linux geeks. Totally agree with this. This isn't the place to get hearty recommendations of AD, but hopeful ruminations that it mightn't be Just to add to the crow, last year, HP switched testdrive to LDAP (http://www.testdrive.hp.com) since this was essentially the only way they could effectively manage userids and passwords on all their different systems. While I could be wrong, but the master server was a SLES 9 server. -- Jerry Feldman <gaf@blu.org> Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
Hans van der Merwe wrote:
On Tue, 2007-02-27 at 14:58 +0000, Russell Jones wrote:
So Samba AD-enabled with LDAP managed users/groups is probably the best bet for replacing File and Print services?
I would try Vintela from Quest. It's the best we've ever had. All manual implementations in a heterogenus enviroment have failed at our side. Jan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Jan Albrecht wrote:
Hans van der Merwe wrote:
On Tue, 2007-02-27 at 14:58 +0000, Russell Jones wrote:
So Samba AD-enabled with LDAP managed users/groups is probably the best bet for replacing File and Print services?
I would try Vintela from Quest. It's the best we've ever had. All manual implementations in a heterogenus enviroment have failed at our side.
Note this is a windows-centric product. "VIA allows organizations to ... [add] the ability to integrate and manage Unix, Linux and Java environments through Microsoft systems and interfaces. ... Vintela solutions ... [utilize] existing Microsoft Windows management tools and services" This is a selective quote, so read the original if you wish: http://www.vintela.com/products.php But in terms of windows-centricity, this is the important bit. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
"RJ" == Russell Jones <russell.jones@cas.ox.ac.uk> writes:
Care to name an Open-Source replacement for AD that is already integrated, and where I don't have to do the integration myself?
RJ> Well, not as tidy as AD (nor, I suspect, as difficult to diagnose RJ> when it goes wrong) is to use something like AutoYaST to roll out RJ> software and configuration packages (which you roll yourself). Far RJ> more powerful than the MS mandated and controlled policy system,
I don't think so. AFAIU, AutoYaST is for installation only, not for updates. See http://www.novell.com/products/desktop/features/autoyast.html for the word from the horse's mouth. YOU doesn't know how to handle policy-based configuration updates, where there are groups of systems that need different updates than others. If I want to change this, I need to set the install policy locally on each system and cannot do it centrally -- YOU is inherently a single system approach. And ZENworks (which is the respective Novell product) is not Open Source. (And we all see on this list how good ZMD works, don't we? Sorry, cheap shot, but I couldn't resist. ;-) That said, for configuration updates I vastly prefer cfengine to self-rolled rpm packages. It is much more flexible and the goal-oriented formulation of configurations works better when not all target systems are online and when groups of target systems must be built. It also works in heterogenuous Unix environments and thus covers more than SUSE Linux. (But I named cfengine already in my PP, so this is not really new information.) By the way, you know that AD group policies allows to set up very easily specific environments for user/user group/system combinations? Their environment variables, default printers, connected network file systems (e.g., on which server $HOME for a user is), available software, depend on the combination and is etablished transparently. If you really implement this with "roll-your own configuration rpms", you're up for much work: While much of this can be done by appropriate environment variables in Unix and with a combination of autofs and LDAP; it is much more tedious, error prone, and this technical process could really be improved by a wide margin. As I wrote, I'm not a Windows friend; but when I see that there is something better over there, I grudgingly admit it and try to learn from it. Joachim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joachim Schrod Email: jschrod@acm.org Roedermark, Germany -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Joachim Schrod wrote:
"RJ" == Russell Jones <russell.jones@cas.ox.ac.uk> writes:
Care to name an Open-Source replacement for AD that is already integrated, and where I don't have to do the integration myself?
RJ> Well, not as tidy as AD (nor, I suspect, as difficult to diagnose RJ> when it goes wrong) is to use something like AutoYaST to roll out RJ> software and configuration packages (which you roll yourself). Far RJ> more powerful than the MS mandated and controlled policy system,
As I wrote, I'm not a Windows friend; but when I see that there is something better over there, I grudgingly admit it and try to learn from it.
Fair enough. The impression I got was that you were suggesting that SuSE should somehow be a drop in replacement for AD. That's not realistic as MS can keep moving the goalposts indefinitely.
very easily specific environments for user/user group/system combinations? Their environment variables, default printers, connected network file systems (e.g., on which server $HOME for a user is), available software, depend on the combination and is etablished transparently. When you say transparently, you mean by membership of a group or groups, right? BTW, LDAP + cfengine or similar + careful design of a system set-up, requiring in-depth knowledge of the system (as required for AD) is enough (no?) since LDAP can be used with SSL. I know it doesn't give you the same as AD without Kerberos (as that is what AD uses), but in terms of rolling out configurations what would be missing?
BTW, I was thinking of Debian, where one can just create config packages by diffing before and after config changes (a la MSI, though probably less complex/sophisticated), and create a repository yourself-- not that hard, just put the files in the right places and run a script to generate Packages files, etc. Can you not do that with smart or just use apt under SuSE? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 27 February 2007 23:58, Russell Jones wrote:
Well, not as tidy as AD (nor, I suspect, as difficult to diagnose when it goes wrong) is to use something like AutoYaST to roll out software and configuration packages (which you roll yourself). Far more powerful than the MS mandated and controlled policy system, though you can do similar things with MSIs and the MS package distribution system (SMS is it?).
At this point, the battle's over. One can control pretty much every aspect of a user's desktop with AD, including the ability to use right-clicks for context menus etc, access to software (the fact that Office is installed doesn't mean you can use it). Q Why do IT managers not deploy Firefox on Windows? A Because of their security concerns Q What security concerns? A Things that users might do, that they are not allowed to do. Such as download software. Such as change their proxy settings. If a site's using AD, and if they have lots of Windows desktops they should be, you won't get more than peripheral stuff off the Windows boxes, and the Windows serverss (some of them anyway) will remain because they are required for AD. -- Cheers John Summerfield -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Summerfield wrote:
On Tuesday 27 February 2007 23:58, Russell Jones wrote:
Well, not as tidy as AD (nor, I suspect, as difficult to diagnose when it goes wrong) is to use something like AutoYaST to roll out software and configuration packages (which you roll yourself). Far more powerful than the MS mandated and controlled policy system, though you can do similar things with MSIs and the MS package distribution system (SMS is it?).
At this point, the battle's over. One can control pretty much every aspect of
I guess you'd better stop using Linux-based systems then. What an odd thing to say... I'm sure there's room for improvement, but there is no reason why windows cannot be displaced. Granted, it may be hard (though I don't think it is in many cases), but it's far from impossible, especially if Linux-based systems are being used on the desktop. Which is what we're talking about AFAIAA. As for institutions not rolling out FF, that's not true. http://wiki.mozilla.org/Firefox:2.0_Institutional_Deployment Again, it may be harder (I'd say less convenient in this case), but it's far from impossible. Of course, rolling out to Windows desktops, they use AD. But AD being a requirement to fully utilise windows desktops was an inevitable and predictable part of MS' server and lock-in strategies. If the roll out were to Linux desktops the same functionality is certainly possible, though probably harder. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 07 March 2007 21:27, Russell Jones wrote:
John Summerfield wrote:
On Tuesday 27 February 2007 23:58, Russell Jones wrote:
Well, not as tidy as AD (nor, I suspect, as difficult to diagnose when it goes wrong) is to use something like AutoYaST to roll out software and configuration packages (which you roll yourself). Far more powerful than the MS mandated and controlled policy system, though you can do similar things with MSIs and the MS package distribution system (SMS is it?).
At this point, the battle's over. One can control pretty much every aspect of
I guess you'd better stop using Linux-based systems then. What an odd thing to say... I'm sure there's room for improvement, but there is no reason why windows cannot be displaced. Granted, it may be hard (though I don't think it is in many cases), but it's far from impossible, especially if Linux-based systems are being used on the desktop. Which is what we're talking about AFAIAA.
I've been using Linux extensively for around a decade - not SuSE to be sure, but other distros. "hard" means error-prone. Windows 2000 Professional and Windows Xp are designed to work with AD, and by now it's pretty solid and fairly easily scales to cover a world-wide network, with bridgehead servers to cache settings and distribute them round servers in the local office, and the ability to establish trust relationships between forests (think a hierarchy of domains == a forest). Implementing the controls available in AD on Linux isn't possible in any reasonable time. First, you need the schema. Then the tools to ad the information. And the tools to distribute the information. And, if it doesn't work with your XP clients, where do you go for help? (I don;t know the answer here) What about when you deploy Windows Vista: likely there will be additional data required in the schema, and maybe again when Windows 2003 Server's successor arrives.
As for institutions not rolling out FF, that's not true. http://wiki.mozilla.org/Firefox:2.0_Institutional_Deployment
That is very recent then, in the past month I spent quite some time reading through extensive discussion of the question. Like Windows Vistam FF2 is a little young for extensive deployments.
Again, it may be harder (I'd say less convenient in this case), but it's far from impossible. Of course, rolling out to Windows desktops, they use AD. But AD being a requirement to fully utilise windows desktops was an inevitable and predictable part of MS' server and lock-in strategies. If the roll out were to Linux desktops the same functionality is certainly possible, though probably harder.
And "harder" mitigates against "free licences." I'm on the Linux/390 list, mostly because I used to be an MVS systems programmer, and so I know a bit about those machines, even though they're far-descended from what I used. I hear about people running their webservers and web applications on the zSeries, and they share files with Windows systems using Samba, and they run their databases on zLinux, but I don't recall anyone considering replicating AD functionality there, and a few years ago someone found he could run 42000 virtual penguins on one, and someone did manage to run Windows on one. More likely, they will want to authenticate Linux users using AD. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 27 February 2007, Joachim Schrod wrote:
Integrating OpenLDAP (or RH-LDAP, for that matter), Kerberos, cfengine, and a few other tools to achieve the same functionality, is not for the faint of heart.
He is talking about a corporate environment. Therefore, he should be running SLED. In which case all of that integration is done for you. It all works very well. SLED is much more than the same old same-old in expensive wrapping. -- _____________________________________ John Andersen
John Andersen wrote:
On Monday 26 February 2007, Hans van der Merwe wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
An anti-FUD cheat-sheet if you like.
The only part of that debate you can't easily win is the much vaunted "collaboration" services.
Interestingly, there is at least one firm developing products of this kind based on F/OSS. I don't think O3 spaces is F/OSS, though I couldn't find license information, just a price list. http://o3spaces.org/Page/sp3/nctrue/index.html http://www.linux-watch.com/news/NS3513176830.html -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2/27/07, Hans van der Merwe <hvdmerwe@sunspace.co.za> wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
An anti-FUD cheat-sheet if you like.
Here are some Novell whitepapers "SUSE versus Others" http://groups.google.com/group/VGLUG/files You can find many ammunition here too http://www.novell.com/linux Cheers -J -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2/27/07, Jigish Gohil <jigish.gohil@gmail.com> wrote:
On 2/27/07, Hans van der Merwe <hvdmerwe@sunspace.co.za> wrote:
This will probably spark some debates, but can someone point me to some information that I can use to successfully challenge out IT department concerning moving some Windows driven services to Linux (file, print and email/collaboration).
An anti-FUD cheat-sheet if you like.
I remeber reading ac ouple of years ago IBM Redbook that explained how to migrate from Windows to Linux (Red Hat, IIRC). It was quite good. Try these links: http://www-03.ibm.com/linux/news/ntmigration.shtml http://publib-b.boulder.ibm.com/Redbooks.nsf/Portals/Linux?Open&c=Portals&n=... Regards, -- Mark Goldstein -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (20)
-
Adam Tauno Williams
-
Anders Norrbring
-
Billie Erin Walsh
-
Carl William Spitzer IV
-
DElyMyth
-
Hans van der Merwe
-
James Knott
-
Jan Albrecht
-
Jerry Feldman
-
Jigish Gohil
-
Joachim Schrod
-
John Andersen
-
John Pierce
-
John Summerfield
-
LLLActive@GMX.Net
-
M Harris
-
Mark Goldstein
-
Michael S. Dunsavage
-
Per Qvindesland
-
Russell Jones