“Not long ago, choosing Linux in the data center meant a tradeoff. You had to give up some capabilities in exchange for freedom from Microsoft lock-in. But that has changed. These days the features of Windows and Linux stack up against each other very competitively. For the most part, administrators can choose Linux or Windows today without losing out. Some differences, however, must be considered. In this article, I look at several of those differences.”
… beats the command line to administer a server. But you have to be competent. Unlike most Windows admins that just point and click all the time.
… beats the command line to administer a server.
For some things, yes. However, unless Linux based servers start to incorporate quality graphical tools for a huge amount of functions that people will want to perform on a server, then Linux, even as a server, will never compete with Windows in a lot of domains that Windows gets used. At the same time Windows’ command line tools will get better………
There’s simply no reason in the world why you can’t have some competent graphical tools that do all the right things behind the scenes, and allow people to set up systems in the right way.
Unlike most Windows admins that just point and click all the time.
Well, on a Windows system you do point and click – because that’s the way it’s designed. I think your attitude to graphical management tools has been coloured by the way in which Microsoft has haphazardly grown theirs over the years.
BEWARE: Most people who think Linux is great tell us that the command line is great probably because they know a Linux based system has no chance any time soon of competing with Windows for good management tools. Many people believe that this is OK and this situation can continue. IT CAN’T.
Edit: He, he, he, he. I thought this might get modded down. Unfortunately, it’s true.
Edited 2006-07-24 21:56
Modded down? I wonder why. that’s one of the better posts I’ve seen from you.
There’s simply no reason in the world why you can’t have some competent graphical tools that do all the right things behind the scenes, and allow people to set up systems in the right way.
Actually, there is one.
The main thing that annoys me with point and click interfaces is that they make it much harder to document your changes. In the configuration file world, you can just add a comments on who, why and when a change was made as a comment, right next to the change, you can comment out the previous setting so that it is easy to go back.
It is also very easy to make a copy of the old configfile before you start changeing something, is someting goes bad, you can always revert to the old file. If you name your old files as *.changedate your fellow admins will when the change was made last time, and they can easily use a diff to see what changed.
You could even use a versioning system like subversion to handle your changes. That will also make it easy to configure many machines similarly, just spin of branches for each machine.
Things like this are very useful, in situations where many admins share the workload.
Agreed, I use these admin tricks on a daily basis.
You cannot do this easily in windows because of the f*****g registry.
Another trick, where I work we have a cron job that remotely checksums all the important config/system files from an admin box to check for undocumented/unallowed changes made to the system.
Yep, to me, one can work more seriously on *nix.
Most people who think Linux is great tell us that the command line is great probably because they know a Linux based system has no chance any time soon of competing with Windows for good management tools.
Linux has a ton of great management tools… You just have to use the keyboard instead of the mouse. 6 of one, half dozen of the other as far as I can tell.
Most people who think Linux is great tell us that the command line is great probably because they know a Linux based system has no chance any time soon of competing with Windows for good management tools.
You don’t know what most people think. Speak for yourself, and try listening when others speak for themselves. You might learn something.
It is, of course, easier to win an argument when you speak for ‘both’ sides and misrepresent the one that you want to lose. Pointless, even childish.
I find Microsoft tools to be opaque and difficult to convince to do what I want. The Unix approach gives me better understanding of the underlying architecture, providing me with the flexibility and power to get what I need done they way I want. Power and flexibility come at the of time spent learning, but that’s the difference between a professional administrator and a casual user.
But that’s just my opinion. I don’t claim to know why other people like Linux or Windows. I’d rather hear why they made the choices that they did, rather than their guesses about other people.
On your linux server, you have total insight into the source code.
While you certainly don’t want Joe Admin recompiling anything willy-nilly, knowing that you can audit anything you care to is a killer advantage.
“… you certainly don’t want Joe Admin recompiling anything willy-nilly …”
True for any platform I believe.
I am getting to the point now I can string a series of commands together in a single entry and get more done than digging around and locating the exact entry within a registry hive or GUI panel.
Don’t let anyone tell you that “no one uses the source anyway”….that is BS.
We fixed a major issue here at my fortune 50 with automated installs over http not working correctly in RedHat Enterprise 3 by making a small fix to the kickstart source code.
We would have be SHIT OUT OF LUCK if it would have not been Linux.
Well, perhaps you should considere that it wasn’t working because it is Linux.
Jumpstart is working well here.
The article was rather fluffy, sort of hedging around the difficult or controversial issues. The summary was pretty much a common sense answer (“use what’s comfortable and best for the situation”), which is to be expected when the article lacks any depth at all.
I imagine the comments on this article will provide more insight for those trying to decide or compare.
The article has misrepresented the cost of the two Linux enterprise distributions. While the cost of Windows does range from ~$400 (Windows 2003 Web) to $3000, once you buy it, you own it and all the security updates that come during its lifetime. On the other hand, the Enterprise Linux distributions are charging a premium for yearly support. Sure, you get free upgrades and updates with that premium, but if you were to compare the OS cost of running Oracle on Windows for 10 years (2 OS upgrades x $2500) versus Linux (10 years x $2000), the cost of Windows is far less even when including upgrades to newer version.
In my experience, cost has never been a reason in choosing an Enterprise Linux distro over Windows. Instead, stability and security have been the two driving forces behind adaption. You don’t have to worry about rebooting your Linux/Unix servers after an update.
“cost of running Oracle on Windows”
In case you are actully doing this, you should know its a bad idea. Even Oracle recommends against it. Use HP-UX, Solaris, Linux, something datacenter class. Everyone knows Windows is for the exchange cluster and Citrix servers. I would rather run oracle on netware.
I also think you are forgetting the hidden costs of windows in terms of human resources. For example where I work there are about equal numbers of windows and unix servers in our data center. The windows team is 3 times as big as the unix team, always hectic, and bringing consultants onboard. The unix world on the otherhand is relaxed. If I was to give up being a dev and be an admin, I would choose UNIX no doubt.
While the cost of Windows does range from ~$400 (Windows 2003 Web) to $3000, once you buy it, you own it and all the security updates that come during its lifetime.
Where should I begin… No, you don’t own it. The Microsoft terms make it clear that you’re practically only renting your copy of Windows. Furthermore, they carefully wave any responsability for anything that can go wrong with it. Third, how much payed support do you get with your copy of Windows? That’s right, a limited number of support calls, nowhere near a full year payed support.
Oh, and the front page of the support site for Windows 2003 Web sports a very nice big annoucement: clean your Windows 2003 of the Zotob worm.
http://support.microsoft.com/winsrv2003
Zotob: estimated at $97,000 worth of damages per company affected:
http://en.wikipedia.org/wiki/Zotob
And dang, haven’t seen any serious worms for Apache on the loose. There was Scalper, back in 2002, which was pathetic, as you can see:
http://news.com.com/2100-1001-940989.html
even then, not all companies choose the “enterprise” solutions of linux to go with, there’s nothing wrong w/ using the totally free alternatives especially if you know what you’re doing and don’t need 24/7 tech support…because you >are< the support.
but, in a comparative analysis of things that you >do> pay for, yes you’re right.
If you just need the distro and updates, but not the paid support and/or certification with an app, you really can’t beat CentOS. ( http://www.centos.org )
The CentOS team is professional, dedicated, and prompt with updates after RedHat^Wthe upstream provider releases them.
It provides complete compatibility with upstream except, of course, for RHN. It uses yum and its own repositories.
Plus it does give you the option of breaking compatibility with its CentOS Plus repository, where you can get such things as MySQL5, Firefox 1.5, Thunderbird 1.5, and a kernel with support for stuff like XFS.
Support is provided for 7 years from the release. And if the team all happened to be in a plane crash (perish the thought!) one could still fall back on buying a RHN subscription or compiling the RH provided SRPMs himself.
The CentOS team provides a great and much appreciated service to the comminuty.
Ain’t OSS grand! 🙂
Edited 2006-07-26 15:47
Iam a certified (cough if i still can find that paper) OS/2 Warp Server advanced administrator – whatever that means these days because i cant find any company that still uses this.
But i really miss the “net admin /c \\otherserver remote-command” command. Which is standard part of the server package. So far i havent seen an equivalent on any other platform.
If some smart people are willing to develop such a tool, then Linux on server will rock (in my humble opinion).
Edited 2006-07-24 23:00
PipoDeClown–check this out:
$ ssh [email protected] uptime
Password:
18:15:45 up 138 days, 1:13, 0 users, load average: 0.00, 0.00, 0.02
And yeah, Linux servers are a pleasure to administer.
plato:~%uptime
08:33:36 up 240 days, 43 min, 1 user, load average: 0.00, 0.00, 0.00
yes, Linux server are cool…
-Nex6
It seems you didn’t got the point.
The aim of the post was to show that through ssh, you can send a single remote command, not showing your uptime.
I think Nex6’s point is, that you can even more conveniently have a remote shell through ssh.
>18:15:45 up 138 days, 1:13, 0 users, load average: >0.00, 0.00, 0.02
>And yeah, Linux servers are a pleasure to >administer.
You should definitely reboot that box more often…
Once a month would do. Unix/Linux/Windows, as beautiful as they may look, do have bugs and things, rebooting once in a while is a nice security precaution.
The OpenBSD team recommends that, and they know
Once a month would do. Unix/Linux/Windows, as beautiful as they may look, do have bugs and things, rebooting once in a while is a nice security precaution.
True, the beauty with high uptime is that it allows you to choose when and why to reboot.
Another thing, it is very important to know the difference between the uptime of the computer, and the uptime of the services you provide to your users/customers. Soner or later you will have to reboot regardless of how good your OS is, e.g. because of hardware failure.
This means that you have to plan your system setup with some kind of fail over capability if you want to provide uninterupted service to your customers, regardless if you run Linux or Windows.
<em>
18:15:45 up 138 days, 1:13, 0 users, load average: 0.00, 0.00, 0.02
And yeah, Linux servers are a pleasure to administer.
</em>
For me, it only means your kernel is not up-to-date at least, and therefore that the server is easier to hack and to compromise.
“<em>
18:15:45 up 138 days, 1:13, 0 users, load average: 0.00, 0.00, 0.02
And yeah, Linux servers are a pleasure to administer.
</em>
For me, it only means your kernel is not up-to-date at least, and therefore that the server is easier to hack and to compromise.”
you shouldnt second guess as to why he hasnt updated this paticular server. For all we know its running a dns/dhcp on a mini network with no internet connection.
If this were the case the secuity implication would be vastly reduced and uptime would be the priority
psexec
This is too funny. ssh has done this for years, and using ssh keys eliminates the need to even type in a password.
but having both a password and a key would add a extra layer of security. now i have to admit that i dont know if ssh can do that, so its just a comment on security in general.
windows is backwards from Linux, its just different.
where as linux is comannd line first, Gui second.
windows is gui first comannd line second.
also:
in windows, if your a scripter. you can script anything. and i mean anything. anyone who tells you you can not automated it, is a fool.
you can choose from, .bat, .cmd, .vbs, Perl, python
and soon powershell,
tho, perl and python have to be installed.
with gui first, you can easily delagate admin tasks, to other groups that may not be technical, like account management and have them do it via gui.
ps: note: many of these can also be done in Linux via sudo and other tools
-Nex6
Edited 2006-07-24 23:19
You don’t need graphical tools. Web based or text based (ncurses) work fine if done properly.
“how much payed support do you get with your copy of Windows?”
We have about 200 Windows servers at the K12 organization I work for. We buy support incidents in 5 packs for around 200$ each (1000$ for 5). We buy about 10 or so total each year. Sometimes the call gets fixed in an hour, sometimes in 2 or 3 days of Microsoft time (multiple teams etc).
If we bought RedHat, we would have to pay for a copy on each of 200 servers. 200 x 1500$ per year = 300,000.
It costs us about 2000$ for Microsoft support per year.
Its a deal.
Of course if you are on the phone to RedHat every day for help, it would be worth it money-wise, but I would queston why you were using RedHat.
We have about 200 Windows servers at the K12 organization I work for. We buy support incidents in 5 packs for around 200$ each (1000$ for 5). We buy about 10 or so total each year. Sometimes the call gets fixed in an hour, sometimes in 2 or 3 days of Microsoft time (multiple teams etc)
OK
If we bought RedHat, we would have to pay for a copy on each of 200 servers. 200 x 1500$ per year = 300,000
That’s pure BS ! You just would NOT buy this version of Red Hat for replacement of the servers you described, because they are not mission critical at all (2 or 3 days waiting, come on !).
You would buy the less expensive one, and would have to pay for ONE server license support, at $100.
And then pay by incident like on Windows.
Your comparison is so flawed it’s amazing.
It costs us about 2000$ for Microsoft support per year
Its a deal.
No it’s not, not at all. Especially since you would not even have 10 incidents a year.
Of course if you are on the phone to RedHat every day for help, it would be worth it money-wise, but I would queston why you were using RedHat
Which makes sense, as the $2000 Red Hat license is just not for your kind of usage.
200 servers — why? Anyway, the problem is two-fold. First, you ought to have contacted RedHat. $1500 might be the price if your site had a single server and you wanted unlimited support (not on-site). If you want the same type of support (per incidence) as what you buy from MS, you can get it for about 2/3 the cost.
The other problem is that you didn’t shop around. RH-certified support is easy to come by and cheap. Further, you never need to pay license fees for your software or support on machines you don’t want to.
You had to give up some capabilities in exchange for freedom from Microsoft lock-in.
Way I remember it, putting all those windows machines to sleep it was all gain and managebility was a big part of that gain.
Does Linux have anything comparable to Active Directory for Windows? Perhaps AD sucks and Linux/UNIX has something way better, I don’t know. I know that Windows AD is very easy and I’ve been able to walk people through creating groups/etc over the phone.
What comparable packages are there for Linux?
It has PAM, you can pretty much authenticate anything with anything you like.
If we bought RedHat, we would have to pay for a copy on each of 200 servers.
Don’t buy RedHat. Get Ubuntu for free, take a low-cost support contract with Canonical.
I don’t think Canonical have any presense at all in my country. Doubt that even RedHat do much here. On the other hand, MS here is huge.
> Does Linux have anything comparable to Active Directory for Windows?
It depends of which aspect of AD you’re talking about — LDAP directory or Kerberos KDC. If you’re looking for a good LDAP directory for Linux there are a few solid alternatives. If you want a mature commercial solution, look no further than Sun Directory Server or perhaps a slightly inferior alternative RedHat Directory Server (both come from the same code base, only Sun Directory Server is a few years ahead in terms of features and stability). Novel eDirectory is also worth considering, but in my opinion is considerably more clumsy and complicated as a directory solution compared to the above mentioned alternatives. And of course there is OpenLDAP. As for Kerberos KDC, there are few mature open source projects with MIT Kerberos and Heimdal being most notable and widely used implementations.
Modded down? I wonder why. that’s one of the better posts I’ve seen from you.
Well, you like it because you love Windows and Microsoft :-). I’m no Windows fanboy – that’s just the way it is unfortunately.
If someone can package up all the good open source server software out there and give them nice graphical front-ends, the world’s its oyster. It would certainly scare the living hell out of Microsoft.
In the configuration file world, you can just add a comments on who, why and when a change was made as a comment, right next to the change, you can comment out the previous setting so that it is easy to go back.
That doesn’t stop the use of a graphical interface. Maybe it’s something to build in ;-)?
You could even use a versioning system like subversion to handle your changes. That will also make it easy to configure many machines similarly, just spin of branches for each machine.
No reason why you couldn’t put that in as part of a graphical tool as well.
I’m not claiming that Windows graphical tools are perfect. They’re far from perfect at times.
You don’t know what most people think. Speak for yourself, and try listening when others speak for themselves.
I do, and I see and hear all the same things. ‘Linux has no really good configuration tools’ says someone. ‘Oh why bother? The command line is so much better’ comes the reply. There then comes an esoteric argument about what you can do from the command line, having an intimate knowledge of the underlying system and editing and copying text files – conveniently painting over that a decent graphical tool could do all of this, except in a less error prone way and faster. You know what something does and what it means, you just want a straightforward way of turning it on without having to flick through a command line reference or hunt through a text file.
The only argument that stands up is when you want to do some automated scripting, but you use that when you need it.
You might learn something.
I doubt it.
It is, of course, easier to win an argument when you speak for ‘both’ sides and misrepresent the one that you want to lose. Pointless, even childish.
It is of course easier to go defensive and fight back with what you perceive to be the psychology at play, rather than tackling the issues head on ;-).
I find Microsoft tools to be opaque and difficult to convince to do what I want.
I never said Windows’ graphical tools were the greatest that there could ever be. They’re not. Spending quite a bit of time in something like Component Services tells you that, but I’d rather have a decent interface to readily do the things I need than having to repetitively punch the same commands in or hand edit some text files.
The Unix approach gives me better understanding of the underlying architecture, providing me with the flexibility and power to get what I need done they way I want. Power and flexibility come at the of time spent learning…….
There you go. All the same arguments I’d outlined, which really don’t mean too much.
but that’s the difference between a professional administrator and a casual user.
Well, I believe I made the point that there’s no reason that a ‘professional administrator’ can’t have some decent management tools and know about what’s going on. Whether you hand edit a text file to turn a feature on, or click a checkbox in a graphical interface to turn it on, you still need to know what it is you’re turning on. The latter method doesn’t stop that from happening, and some well thought out graphical tools can help there.
I’d rather hear why they made the choices that they did, rather than their guesses about other people.
I think you’ll find this is a reasonably big issue stopping people from using Linux as a server, and certainly, for Linux replacing Windows.
I do, and I see and hear all the same things. ‘Linux has no really good configuration tools’ says someone. ‘Oh why bother? The command line is so much better’ comes the reply. There then comes an esoteric argument about what you can do from the command line, having an intimate knowledge of the underlying system
You are not listening AT ALL !
What I see is people saying to you that there ARE GUI tools, a LOT of them.
But the people that most need them, those that come from Windows, complain that these tools are not Windows tools.
You can even have a complete tool like Webmin, they will still make lame excuses like “it’s not consistent” !!! What they mean is : “it’s not a Windows tools”.
Anyway, people (like me) that had to administer both Windows and Unix/Linux boxes are quick to say the command line is far better.
For plenty of reasons, like automatisation. Someone was saying everything is scriptable in Windows : that’s plain BS.
Automating changes in the registry or diff of the registry is a nightmare already. Having an intimate knowledge of the underlying system is essential to even manage the Windows registry.
and editing and copying text files – conveniently painting over that a decent graphical tool could do all of this, except in a less error prone way and faster
That’s plain BS too. The GUI tool to manage a text file is a text editor, exactly like on the command line, and it works pretty well.
Then, changing all your configuration in one command is very easy to do in vi/emacs, but with a GUI, it will take hours on some configs.
Lots of companies I worked with used appliances using Apache. As soon as you wanted to do sth even remotely advanced, no GUI was sufficient, while editing the config text file was very easy.
I’d rather have a decent interface to readily do the things I need than having to repetitively punch the same commands in or hand edit some text files
This is stupid !
You DON’T need to repetitively punch the same commands, there is automation for that. You are doing something wrong obviously.
It’s a stupid argument too, as you would have to punch the same commands in your GUI.
And editing text files is not sth you do every day : once it’s configured, there’s no use going at it again every day.
Well, I believe I made the point that there’s no reason that a ‘professional administrator’ can’t have some decent management tools and know about what’s going on. Whether you hand edit a text file to turn a feature on, or click a checkbox in a graphical interface to turn it on, you still need to know what it is you’re turning on. The latter method doesn’t stop that from happening, and some well thought out graphical tools can help there
But everyone agrees with you on that. The thing you don’t seem to understand, is that configuration is not just choosing option, it’s also writing some text sometimes : regular expressions, information, numbers, searching, … You’ll have to use your keyboard sooner than later.
I think you’ll find this is a reasonably big issue stopping people from using Linux as a server, and certainly, for Linux replacing Windows
No it’s not. That’s BS also. There are plenty of examples, but one is sufficient : Apache and IIS.
I think you’ll find this is a reasonably big issue stopping people from using Linux as a server, and certainly, for Linux replacing Windows.
Let me get this straight: the big issue stopping people from using Linux is that I’d rather hear the reasons why people make choices directly from them, instead of speculation from you?
Tell me why you like Windows. Tell me why you don’t like Linux. I don’t care that you chose Windows; that’s not important. What is valuable is understanding your reasons behind the choice.
But you only know YOUR reasons. Your speculations about why other people made different decisions is without value. If your guesses don’t support their decision, that doesn’t mean that they are stupid. It indicates that your guesses are wrong or incomplete.
Speak for yourself, and no one else, and I’ll do the same. Tell me what works for you, and I might learn how to avoid things that irritate me in Windows. Listen when I tell you about good GUI admin tools in Linux, and you might learn something. But if you insist on telling me what I think, then you’re indulging in a monologue, not a conversation.
“I think you’ll find this is a reasonably big issue stopping people from using Linux as a server, and certainly, for Linux replacing Windows.”
Let me get this straight: the big issue stopping people from using Linux is that I’d rather hear the reasons why people make choices directly from them, instead of speculation from you?
You’ve misunderstood – again – by not reading within the context of the discussion. Lack of graphical management tools is stopping many people from using Linux when they could. That was the point of that paragraph.
You’ve heard from one person who believes Linux is being held back badly by graphical management tools, or the lack of them. Now go out and find many more. I think you know they exist, which is why you’re avoiding the issues raised.
I don’t care that you chose Windows; that’s not important.
I didn’t, and I usually don’t ;-). You’re completely missing the point in favour of thinking that I’m some person who think Windows is all round great.
But you only know YOUR reasons.
You know your reasons why you think Linux as a server can survive on the command line alone. Most normal people know differently. Denying that by dismissing what I’m saying, without saying why I’m wrong, really is utterly meaningless.
Your speculations about why other people made different decisions is without value.
Your speculations on what you believe to be speculations are meaningless unless you stick to the discussion and explain why.
Listen when I tell you about good GUI admin tools in Linux, and you might learn something.
What good GUI admin tools? The whole point of this is that there aren’t any, and you certainly haven’t described any. I have a feeling you’re chasing your tail here……
But if you insist on telling me what I think, then you’re indulging in a monologue, not a conversation.
I’m afraid you’re arguing with yourself. You’re desperately trying to say that I’m wrong about the state of graphical admin tools within the Linux world and that they need to be drastically improved if Linux is to expand further, but you’re avoiding actually talking about it or providing examples. In short, you’re a perfect example of the denial I spoke of.
Does Linux have anything comparable to Active Directory for Windows?
The answer is a definite no. There is LDAP and PAM, but these are uncoordinated don’t provide any real structure and again – there’s a huge dearth of management tools. Red Hat Directory Services may do marginally better. You can’t just take a Linux system and easily add it on to an LDAP domain in a straightforward and trivial way.
There’s also nothing like a unified group policy, which allows you to control desktop settings.
Does Linux have anything comparable to Active Directory for Windows?
The answer is a definite no
Wow, so much BS. The answer is a definite yes. Novell have such thing, and it offers even more.
What you are saying is “No, Active Directory is not available for Linux”. We know that, thanks.
That’s not the question, the question is about anything comparable.
There is LDAP and PAM, but these are uncoordinated don’t provide any real structure and again – there’s a huge dearth of management tools
So much BS again.
You seem to have a strong MS way of thinking.
LDAP and PAM are uncoordinated, whatever, that does not mean they can’t be used together, which they can.
Saying LDAP don’t provide any real structure is so stupid I’m amazed. Directories are the basis of things like Active Directory.
Again, Novell has sth even more advanced, Red Hat have one too, and SUN too I think, but I don’t know their state.
AD is strongly bases on LDAP, CIFS and Kerberos, the rest being glue around them.
Red Hat Directory Services may do marginally better. You can’t just take a Linux system and easily add it on to an LDAP domain in a straightforward and trivial way
There is no such thing as an LDAP domain, you meant an AD domain I guess.
There’s also nothing like a unified group policy, which allows you to control desktop settings
Of course there is, for each of the main Linux desktops (KDE and Gnome). And of course, they are unified, as there is only one for each (like for Windows).
And they can be pushed by PAM, which can get the configs in an LDAP directory, for example.
I don’t understand people saying nonsense about a unified thing when there is only one available.
There is even compatibility programs for GPO on Linux, because the thing (GPO) you call unified is not compatible with anything : it works only on Windows.
Wow, how unified !
What you’re complaining about, is that you think there is no one that has put one package that integrate all these Linux tools into one package with one administration interface, adn then sell it in a flashy box. You’re just wrong, too bad.
Actually it’s is straightforward to use LDAP and PAM together on Suse and Red Hat using GUI tools ( Suse/redhat-config-* ), I don’t really understand your problem.
Concerning GPO, Red Hat and Novell are working on it ( bandit / sabayon … http://www.redhat.com/magazine/008jun05/features/sabayon/ )
But why the f**k are you talking about desktop settings responding to an article called ‘Server-Side Windows vs. Linux’ ?
“has no chance any time soon of competing with Windows for good management tools.”
Linux/*nix has many good management tools. Management tool != GUI.
as a dev and a casual admin, I find that both world are doing things right and wrong
I agree that text base config is nice for backup et config versioning, but they are error prone, and most software won’t read it unless they are restarted.
on the other hand GUI admin provide less error if they are clearly designed ( most windows admin GUI are quite cryptic ).
but for secure remote administration *nix OS are quite mandatory because there is no decent implementation of SSH on windows (for windows users).
as for uptime, the box uptime is no more related to the service uptime wich is the upmost important today. Ans still today windows and linux lack of convenient and easy tools to provide failover.
Where microsoft wins easily is the almost seamless integration between servers and clients. The speed of deployement of a client over a network is a plus.
most server daemons on linux today respond to the HUP signal as telling it to reread the config file iirc…
But the people that most need them, those that come from Windows, complain that these tools are not Windows tools.
No. The GUI tools just are not up to scratch and aren’t integrated together – it’s that simple. The closest anything comes is Webmin – and that’s for remote access. Even then, you also get a lot of strange messages coming out of Webmin without it telling you why. It’s just not well integrated enough with its underlying software.
That’s plain BS too. The GUI tool to manage a text file is a text editor, exactly like on the command line, and it works pretty well.
I’m tempted to ask if you’re for real. We’re talking about editing text files here, not having a well organised application that can do the same thing consistently time after time.
As soon as you wanted to do sth even remotely advanced, no GUI was sufficient
Well there you are then.
You DON’T need to repetitively punch the same commands, there is automation for that.
Automation takes time and effort, and it has to be worth it. If there is automation to be done then I’d rather let a GUI tool automate that for me, or failing that you can write your own script for those select occasions. Seriously, this automation argument is totally overplayed by command line proponents.
It’s a stupid argument too, as you would have to punch the same commands in your GUI. And editing text files is not sth you do every day
And configuration through a GUI will always take less time and be less error prone. If you need to copy the configuration – just copy the underlying files. Preferably, a GUI would just allow you to export to another system without having to hunt around for the right files.
The thing you don’t seem to understand, is that configuration is not just choosing option, it’s also writing some text sometimes : regular expressions, information, numbers, searching
Hmmmm. No it isn’t. You’re talking about scripting there, which is what a command line is for. This is a very small, although useful, part of what any administrator does. Even then, there’s no reason why a GUI can’t automate this further in many areas and save you time.
No it’s not. That’s BS also. There are plenty of examples, but one is sufficient : Apache and IIS.
Hmmm. I don’t think you get what was being said there. Look at the graphical tools for IIS and Apache, and compare. That’s what this has been about.
Seriously, this automation argument is totally overplayed by command line proponents.
One could easily, and IMHO accurately, claim the reverse. I once converted about 10,000 sendmail-delivered mailboxes to qmail-delivered Maildirs with two hours work and one final command. True, a canned software package that did that would have been a one-step thing… but there was no such thing… and yet I was able to do it easily (most of the time was spent testing and ensuring that all configs were properly converted to qmail format).
Did I mention I did this on a live system which was queueing mail for the users and let them pick up their existing mail? The only adverse effect of the whole thing was a few people found that they had to re-read some mail that they had deleted (from the original Mailbox files) and about 20 seconds of time when the old POP3/IMAP daemons were shut down and the new ones fired up.
You could do most of that from a GUI, sure. If you were either a) paying the money for a commercial mail server replacement where a conversion utility was included or b) spent the time building a GUI app to do the same, which I guarantee will take you more than two hours. Would you have only 20 seconds downtime and a few mailboxes in which messages were not deleted? Could you even do it at all if you were using Exchange or various other commercial mail systems?
Hint: were it not for the configs and testing, it’s a five minute job in *nix to do what I did, using the mailbox2maildir script provided with qmail/others.
(for those who have considered moving to qmail or postfix maildir formats, it’s quite simple because you can leave the original mailbox file in place, generate the maildirs and then keep both around for a while for the sake of ensuring no data loss, and you can let mail queue into qmail’s queue while you do it, and the mail will be delivered when you fire up qmail-send, then you fire up sendmail in a mode that won’t answer, just deliver any remaining sendmail queue to remote sites)
I once converted about 10,000 sendmail-delivered mailboxes to qmail-delivered Maildirs with two hours work and one final command.
Well, that’s a good example of scripting right there, and is why Microsoft wants to make their command line stuff better.
However, for the vast majority of tasks someone would want to perform (and sendmail to Qmail or Postfix conversions might well be one of them) the current state of management tools is a hindrance on a Linux system, no doubt about it. That’s the point being made. It’s not going to replace custom tasks.
Wow, so much BS.
Don’t worry. I’ve expected the denial that would inevitably come ;-).
The answer is a definite yes. Novell have such thing, and it offers even more.
Hmmm. Active Directory comes for ‘free’ with Windows when you get it. It is integrated into every part of Windows’ activities, from Group Policy to managing desktops to allowing certain users to use a COM+ component in Component Services.
Novell’s eDirectory doesn’t come for free and it doesn’t do any of this. However, if you run Active Directory, you can let eDirectory manage it. *rolls eyes*
LDAP and PAM are uncoordinated, whatever, that does not mean they can’t be used together, which they can
LDAP and PAM are coordinated if you want anything approaching the single sign on and authentication that Windows has. A Linux system should be able to automatically configure and use it.
Saying LDAP don’t provide any real structure is so stupid I’m amazed. Directories are the basis of things like Active Directory.
Maybe I should be more clear. OpenLDAP provides the usual standard and freely available way on a Linux system of providing single sign on, centralised management and settings. LDAP is obviously its foundation, but by itself it doesn’t do anything which is why Microsoft has Active Directory. AD goes beyond being a simple LDAP system and allows you to manage almost every part of a Windows network and the software on it.
Nothing on Linux currently gets anywhere near to providing this, nor is it even remotely simple to set up within a reasonable time.
Of course there is, for each of the main Linux desktops (KDE and Gnome).
Ahhh. So both KDE and Gnome can be managed centrally through an LDAP system? Errr, no they can’t.
And of course, they are unified, as there is only one for each (like for Windows).
???
And they can be pushed by PAM, which can get the configs in an LDAP directory, for example.
Every way of doing this is simply up to the administrator to try and work out. There’s no straightforward way of doing it, and setting it up in a standard way. However, back to the point – there is still no way of being able to easily manage desktops centrally in a straightforward way. Technology may be there, but that just isn’t good enough.
That’s why we’ve had efforts like Kiosk in KDE and Sabayon in Gnome. It’s still a long way from being easy to manage as a universal whole in a straightforward way.
I don’t understand people saying nonsense about a unified thing when there is only one available.
One of what available?
There is even compatibility programs for GPO on Linux, because the thing (GPO) you call unified is not compatible with anything : it works only on Windows.
That’s tough luck I’m afraid. GPO works only with Windows, so go and cry to Microsoft. Meanwhile there is still nothing comparable to it even in an all Linux based network.
What you’re complaining about, is that you think there is no one that has put one package that integrate all these Linux tools into one package with one administration interface, adn then sell it in a flashy box.
Yep, you’re damn right there.
You’re just wrong, too bad.
I’m afraid I’m not wrong, although many want to simply cover there ears and believe it’s not true. I mean, it’s Linux right? All the technology is there, so someone must be bringing it together, right?
If you find something out there that is able to manage Linux systems in the same way as Windows, with Group Policy for managing desktops, good graphical tools for doing so, allows me to write a networked component (perhaps Java based on a Linux system) with transparent authentication of users and groups through a good GUI, allows me to easily remote manage systems through the same method and same authentication method and allows me to simply connect a GUI (if I have the right permissions) to a remote machine to be able to view and search event logs etc. and administer it then let me know.
Even then, there’s no reason why a GUI can’t automate this further in many areas and save you time.
Quoting myself here, I should add that searching and parsing error logs is a very useful way in which a good GUI can be used.
in windows:
you can pretty easiliy mix and match Gui based stuff and scripting CLI stuff, a good example is the mmc console.
like having a mmc setup with connections to all your event logs.
or with scripting, having a vbs based logon script that talks directly to AD and maps drives, printers and such according to group membership.
with Linux:
you can do some of the same things, its just different, like having all your logs goto a syslog server or rsncing them to a server.
some of the ad style stuff can be done to a degree, its just more work to setup, RH directory does support policys and has gui tools.
-Nex6
like having a mmc setup with connections to all your event logs
To what effect? After years of trying to get anything meaninful from a Windows event log, I’ve given up. It’s usually not worth the few clicks to load up the viewer.
depends on what your logging and how you setup your logs.
-Nex6
like having a mmc setup with connections to all your event logs.
While having a nice GUI that you can use to search your logs is pretty reasonable, the quality of information you get in that Event Viewer is not always helpful, shall we say.
Pop all of the log information you’re likely to find on a Linux system into a nice GUI, with searchable functions, and you would have something nice and useful.
I was not saying that Linux had any problem doing it, its only that, windows can do pretty powerful stuff also. weather or not the logging info is better on one or the other well….
i admin both Linux and windows boxs, truth be told i have far more windows boxs. and windows does have alot of tools both gui, comand line and scripting so you can
choose which way you want to go about it.
Linux is much the same, plenty of cli and scripting stuff, and gui tools if you know where to look.
tho the windows gui tools are more mature. but that does not really matter much.
-Nex6
In the configuration file world, you can just add a comments on who, why and when a change was made as a comment, right next to the change, you can comment out the previous setting so that it is easy to go back.
That doesn’t stop the use of a graphical interface. Maybe it’s something to build in ;-)?
You could even use a versioning system like subversion to handle your changes. That will also make it easy to configure many machines similarly, just spin of branches for each machine.
No reason why you couldn’t put that in as part of a graphical tool as well.
But the problem is that how do you do it with windows?