I've administered Unix boxen for a while now, and when AD was first introduced into
our environment we resisted. But you know, you should use the tool that works
best. I've come to appreciate the ease of managing user accounts, group policies,
print services, dhcp and yes, even dynamic dns. I've since configured our AIX and
Linux boxes to use AD for those services also, eliminating that hassle. Yes, you
could find and configure open source tools to do the same, but your time managing
it and documenting it (for contingency planning) costs money too.
A few years ago I couldn't imagine myself being okay with AD in the house, but you
have to remember, it's just another tool.
Edge
> Hello listers,
>
> I've been away a long time (subscribed back in '05) but just thought I
> would throw out a question (or two). Then I may not hang around long
> since I'm not in Anchorage and other reasons.
>
> We are looking at going to another level on our peer-to-peer network
> here a the city of Nome. I've managed our network by installing
> fileshare/email/web servers running Centos 4 over the last several
> years. Since this isn't in my area of expertise - we hired a consulting
> firm to assess our current networking state and make recommendations to
> move forward in a few areas. We need to improve our backup for
> users/servers, add some redundancy, improve performance, etc. None of
> this is in my job description.
>
> Our consultants have recommended moving to MS Active Directory as a
> solution to some issues we are having. Part of what is driving this is
> our finance and clerk departments are looking at some fairly expensive
> finance and customer biling type software packages that are Windows
> server based. (I have looked for opensource packages and have been
> underwhelmed by my googling - but suspect there may be good ones out
> there undiscovered by me).
>
> I can see advantages to having AD services (or ldap) for managing users
> with things like adding printers to desktops, guests/consulting policies
> for improved security/ease of configuring - but am not that familiar
> with capabilities of it. Our Cisco firewall apparently interfaces with
> AD for configuring things like VPN policies and whatnot - no idea if it
> works with opensource but suspect it does in that regard.
>
> I've done all user configs by hand - there's not that many users here
> and we really don't need much more complexity - but we also need to
> perhaps be able to outsource some IT stuff since I doubt we will be able
> to afford a full time position any time soon. Perhaps some things we can
> do will facilitate that.
>
> So the conversation I'm seeking is how the sys-admins of this group feel
> about this direction we are heading. Not sure I can sell open source
> finance packages but we are looking at a lot of tax payer money to
> purchase the proprietary systems. But if there are viable options out
> there I'm not aware of.. with some kind of support options. Also - how
> do you feel about MS Active Directory or how would opensource versions
> (OpenLDAP?) be able to replace or interface with what we may end up
> doing (windows servers/apps)? We are standardized right now on WinXP for
> desktops - hard to know if I can get linux going there or not since
> people seem to be somewhat change intolerant. We would need a database
> designer to get us off MS Access - the biggest need I see right now
> besides familiarity with MS Office. Are there good support services in
> Anchorage should we go any opensource solution vs. AD?
>
> Apologies for the rambling nature of this and perhaps it is inevitable
> that we go the windows way and hire on our current consultants for
> support/services. But am curious about current thoughts on this if
> anyone is willing.
>
> cheers, JD
>
> --
> Jim Dory
> Engineering
> City of Nome
> PO Box 281
> 102 Division St.
> Nome, AK 99762
> 907.443.6604
>
> http://www.nomealaska.org
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Dec 2 23:04:44 2008
This archive was generated by hypermail 2.1.8 : Tue Dec 02 2008 - 23:04:44 AKST