[aklug] Re: heading towards a windows domain

From: Stephen King <sking@chartercollege.edu>
Date: Wed Dec 03 2008 - 16:29:27 AKST

> My experience w/consultants is they will recommend what they know,=20
> not necessarily what is actually the best for your organization.

Absolutely true, but....

> packages that are Windows server based

THAT's the rub. Largely everything else you've described can easily be
handled by whatever system you want. For example, I'm not sure what
specific Cisco systems you're using, but I'll bet they interface with
RADIUS, not AD. RADIUS is a vendor-neutral product supported on pretty
much all platforms, so a Linux solution will work fine. =20

But if you have applications that the users specifically want that are
only available in Windows, then in my experience it's just better to go
with Windows. Sure, you can run most Windows applications in wine (no
doubt, everyone here can tell of various success stories in
multi-platform application work) but the devil's in the details (like
printer management and application specific user management). In my
experience, the time spent dealing with those details is worth it if
you're a techie who likes to play with stuff, or if the network is large
enough to have actual full-time trained support staff, but is absolutely
not worth it if you're trying to manage a busy schedule while keeping a
semi-supported network running. =20

There's a small network in town that I built that I've had two other
consultants out to look at in hopes of taking over the support so I can
do my present job. Thanks to the details, it looks like I'm going to be
the only support available for this network even after I'm old and grey
and welcoming customers to WalMart. =20

Anyway, that's my opinion, for what it's worth. If anyone wants to
point out the faulty points, by all means do so. If anyone wants to
take over a weirdly mixed network that will provide you with all the
techie challenges you've ever wanted, let me know. I've already eaten
every headset I owned in frustration over it. *grin* =20

Stephen King
Dean of Education
Charter College
2221 E. Northern Lights Suite 120
Anchorage, AK 99508
(907) 777-1324
sking@chartercollege.edu
=20

"You can't build a reputation on what you are going to do." - Henry
Ford=20

-----Original Message-----
From: aklug-bounce@aklug.org [mailto:aklug-bounce@aklug.org] On Behalf
Of Kevin Miller
Sent: Tuesday, December 02, 2008 7:33 PM
To: Jim Dory; AKLUG
Subject: [aklug] Re: heading towards a windows domain

Jim Dory wrote:
> Hello listers,
>=20
> I've been away a long time (subscribed back in '05) but just thought I

> would throw out a question (or two). Then I may not hang around long=20
> since I'm not in Anchorage and other reasons.
>=20
> We are looking at going to another level on our peer-to-peer network=20
> here a the city of Nome. I've managed our network by installing=20
> fileshare/email/web servers running Centos 4 over the last several=20
> years. Since this isn't in my area of expertise - we hired a
consulting=20
> firm to assess our current networking state and make recommendations
to=20
> move forward in a few areas. We need to improve our backup for=20
> users/servers, add some redundancy, improve performance, etc. None of=20
> this is in my job description.
>=20
> Our consultants have recommended moving to MS Active Directory as a=20
> solution to some issues we are having. Part of what is driving this is

> our finance and clerk departments are looking at some fairly expensive

> finance and customer billing type software packages that are Windows=20
> server based. (I have looked for opensource packages and have been=20
> underwhelmed by my googling - but suspect there may be good ones out=20
> there undiscovered by me).
>=20
> I can see advantages to having AD services (or ldap) for managing
users=20
> with things like adding printers to desktops, guests/consulting
policies=20
> for improved security/ease of configuring - but am not that familiar=20
> with capabilities of it. Our Cisco firewall apparently interfaces with

> AD for configuring things like VPN policies and whatnot - no idea if
it=20
> works with opensource but suspect it does in that regard.
>=20
> I've done all user configs by hand - there's not that many users here=20
> and we really don't need much more complexity - but we also need to=20
> perhaps be able to outsource some IT stuff since I doubt we will be
able=20
> to afford a full time position any time soon. Perhaps some things we
can=20
> do will facilitate that.
>=20
> So the conversation I'm seeking is how the sys-admins of this group
feel=20
> about this direction we are heading. Not sure I can sell open source=20
> finance packages but we are looking at a lot of tax payer money to=20
> purchase the proprietary systems. But if there are viable options out=20
> there I'm not aware of.. with some kind of support options. Also - how

> do you feel about MS Active Directory or how would opensource versions

> (OpenLDAP?) be able to replace or interface with what we may end up=20
> doing (windows servers/apps)? We are standardized right now on WinXP
for=20
> desktops - hard to know if I can get linux going there or not since=20
> people seem to be somewhat change intolerant. We would need a database

> designer to get us off MS Access - the biggest need I see right now=20
> besides familiarity with MS Office. Are there good support services in

> Anchorage should we go any opensource solution vs. AD?
>=20
> Apologies for the rambling nature of this and perhaps it is inevitable

> that we go the windows way and hire on our current consultants for=20
> support/services. But am curious about current thoughts on this if=20
> anyone is willing.

My experience w/consultants is they will recommend what they know, not
necessarily what is actually the best for your organization. Not to
slight them - nobody can know it all. Hopefully they know their corner
of the market well. Plenty of shysters out there. Most will recommend
Windows however because that's the biggest share of the market.
However, it's not the only option. I'd look into either Red Hat or SUSE
for similar directory services.

Novell has essentially migrated their Netware product to Linux. Netware
Directory Services was miles ahead of Microsoft for years. AD is
probably more or less on the par with it now, but Novell may be an
option. I'd contact them and see what they could do for you. Take a
look at http://www.novell.com/products/edirectory/ for starters.
They'll do file & print sharing w/no problem, and much more.

A while back Red Hat bought up the Netscape directory. I'm not sure
what they've done with it exactly, but I'd expect they may be worth
talking to as well. You may prefer them over SUSE since CentOS is
essentially a Red Hat clone. But talk to them and see if they can't
come up w/a plan. Both SUSE and Red Hat target the corporate market, so
they should have some enterprise level solutions. Of course, it won't
be a free (as in beer) ride any more - but it's no different than
spending money on Windows.

Also, it may be that you end up with a mixed environment - some things
on Windows & some on Linux. Do what makes the most sense for you - not
necessarily what the consultant says. You might want to look around for
a multi-platform consultant.

HTH...

...Kevin
--=20
Kevin Miller
http://www.alaska.net/~atftb
Juneau, Alaska
Registered Linux User No: 307357, http://counter.li.org
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Dec 3 16:29:52 2008

This archive was generated by hypermail 2.1.8 : Wed Dec 03 2008 - 16:29:52 AKST