"RJ" == Russell Jones
writes: Care to name an Open-Source replacement for AD that is already integrated, and where I don't have to do the integration myself?
RJ> Well, not as tidy as AD (nor, I suspect, as difficult to diagnose RJ> when it goes wrong) is to use something like AutoYaST to roll out RJ> software and configuration packages (which you roll yourself). Far RJ> more powerful than the MS mandated and controlled policy system,
I don't think so. AFAIU, AutoYaST is for installation only, not for updates. See http://www.novell.com/products/desktop/features/autoyast.html for the word from the horse's mouth. YOU doesn't know how to handle policy-based configuration updates, where there are groups of systems that need different updates than others. If I want to change this, I need to set the install policy locally on each system and cannot do it centrally -- YOU is inherently a single system approach. And ZENworks (which is the respective Novell product) is not Open Source. (And we all see on this list how good ZMD works, don't we? Sorry, cheap shot, but I couldn't resist. ;-) That said, for configuration updates I vastly prefer cfengine to self-rolled rpm packages. It is much more flexible and the goal-oriented formulation of configurations works better when not all target systems are online and when groups of target systems must be built. It also works in heterogenuous Unix environments and thus covers more than SUSE Linux. (But I named cfengine already in my PP, so this is not really new information.) By the way, you know that AD group policies allows to set up very easily specific environments for user/user group/system combinations? Their environment variables, default printers, connected network file systems (e.g., on which server $HOME for a user is), available software, depend on the combination and is etablished transparently. If you really implement this with "roll-your own configuration rpms", you're up for much work: While much of this can be done by appropriate environment variables in Unix and with a combination of autofs and LDAP; it is much more tedious, error prone, and this technical process could really be improved by a wide margin. As I wrote, I'm not a Windows friend; but when I see that there is something better over there, I grudgingly admit it and try to learn from it. Joachim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joachim Schrod Email: jschrod@acm.org Roedermark, Germany -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org