[ale] large scale system management

Wed Nov 16 21:22:30 EST 2011

Prior quote from another thread:

>Actually I have done such comparisons, and Windows wins in areas like
>user authentication (Active Directory) and remote configuration
>management (Group Policy).  I have performed audits on both Linux and
>Windows servers, and Windows provides a unified way to access all
>configuration data (WMI), while Linux uses a giant pile of
>non-standard text files.  If you think that's easy to grep through
>across multiple distro versions and different software packages, you
>are sorely mistaken.

OK. I have a few issues with large scale system management and the above
quote.

First, AD for user authentication is not that big of a deal compared to
LDAP for Linux systems. Either can work for both. Gui tools exist for both
but cli is almost not an option for windows so large scale _scripted_
processes are much harder. Yes, it can be done in Windows using .NET and
specialty perl/python modules tools but the coding structure is quite
arcane and convoluted to the point of being painful. I won't even mention
the inconsistencies between various releases.

WMI on the front cover looks like the cat's meow of configuration data
tools until you start trying to access it across multiple platforms. so an
office with a pile of XP Pro desktops, some win2k3 servers, a few win2k8
servers and a growing set of win7 desktops ALL provide different sets of
data, and use different methods to access their WMI stuff. Imagine the fun
of multiple windows domains with multiple types of windows systems in each
domain.

Then the line of "Linux uses a giant pile of non-standard text files" made
me laugh out loud! Text files are the standard until someone puts things
into a closed, binary format so they can sell you the tools to manage your
own systems.

The multiple distros part is also laughable in light of the multiple
versions of windows in a typical business LAN. Harsh reality is most places
use ONE distro in their setup and the only changes are between versions.

As a RedHat specialist for a while and a fully recovered former windows
admin, there is NOTHING windows world offers that can't be done better,
slicker, cheaper, faster and more technically "correct" with a decent
RedHat setup.

1. Fedora for the desktops that can be updated often, RedHat workstation
for those that should be very stable.
2. Project 389 for LDAP
3. Dogtag for SSL certificate management
4. NFSv4 for shared storage
5. SELinux for hardened access rights
6. Satellite/Spacewalk for system package and configuration management

This basic setup will work for access and management from LAN to WAN. Add
in IPSWAN for vpn segments with user and office certs managed by dogtag and
it's everything and more than windows offers.

-- 
-- 
James P. Kinney III

As long as the general population is passive, apathetic, diverted to
consumerism or hatred of the vulnerable, then the powerful can do as they
please, and those who survive will be left to contemplate the outcome.
- *2011 Noam Chomsky

http://heretothereideas.blogspot.com/
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20111116/20db0b67/attachment.html 