Graham wrote:
> On Sat, 2007-09-22 at 22:34 +0100, John Cooper wrote:
>
>> Graham wrote:
>>
>>>
>>> MMC provide effortless setup of users and adding windows machines to a
>>> domain is dead simple. You can setup a whole network and there's no
>>> need to even know about designing building an LDAP directory to contain
>>> your organisations details, adding service keys, etc. It's all done for
>>> you. Although not universally implemented, single signon largely comes
>>> for free. One might argue that if you are only provided with a limited
>>> view on the technology you are using then you only need to understand
>>> that view to be able to operate the software.
>>>
>>> Setting up a Linux equivalent to AD with LDAP, Kerberos, etc is not so
>>> trivial. I'm not arguing it's a bad thing that you have to understand
>>> what you're doing, but to get the same level of functionality is a lot
>>> of work.
>>>
>>>
>> Again, like for like. If you buy a Linux server solution, the LDAP will
>> be as easy to set up.
>>
>
> I really disagree this is the case. 'Setting up' AD is literally about
> 4 clicks -- 5 minutes.
>
> Setting up a similar Linux setup is not in the same league. At a
> minimum you have to worry about:
>
> - Designing your LDAP directory
> - Setting up LDAP in multi-master mode
> - Setting up your KDC, configuring a Kerberos load balancer or at least
> HA failover
> - SASL/SSL for LDAP
> - Deciding on a set of administration tools, or writing some scripts.
> - Distributing your service keys.
>
> If you want your company LAN to have a DNS server, its a few clicks in
> windows. The basic entries are populated for you. All the SRV records
> are added and the A records for your Windows servers are there.
>
Again, like for like. You are talking about building an equivalent. I am
saying if you buy a mail solution, it will come with all the tools to
administer a running LDAP service. Open-Xchange, Kerio, SuSE etc.
provide the support you need at equivalent costs. Even the free SME
Server is a good alternative and easy to administer via its GUI.
This is a report in 2005. Things have moved on a lot since then and with
samba 4 coming up will improve even further.
" For those looking for a robust, powerful, and reliable mail system
with limited bells and whistles then Sendmail
<
http://www.zdnet.com.au/reviews/software/internet/0,39023437,39186291-8,00.htm>
is the winner. For those SMEs needing a simple-to-install and manageable
e-mail server system with good support then Novell OpenExchange Server 4
<
http://www.zdnet.com.au/reviews/software/internet/0,39023437,39186291-9,00.htm>
is the winner with Kerio MailServer 6
<
http://www.zdnet.com.au/reviews/software/internet/0,39023437,39186291-5,00.htm>
coming a close second.
And for those needing a server with the majority of bells and whistles
covered then it is a closely run race between IBM
<
http://www.zdnet.com.au/reviews/software/internet/0,39023437,39186291-3,00.htm>
and Microsoft
<
http://www.zdnet.com.au/reviews/software/internet/0,39023437,39186291-6,00.htm>
with Microsoft just pipping IBM at the post."
http://www.zdnet.com.au/reviews/software/internet/soa/Seven-mail-servers-tested/0,139023437,139186291-9,00.htm
> I'd sooner look after the equivalent Linux setup, but a Business can
> find a Windows admin for 18k who can run through a wizard or two.
> Ignoring the amount of extra time the Linux box will take to set up, the
> cost of the Linux admin to do it would be a multiple of the Windows
> admin.
>
> On top of that, I think the graphical Linux administration tools are
> generally pretty terrible. Feel free to point me to some that aren't
> (not webmin please).
>
The free tools are that. Microsoft isn't free, you are paying for the
GUIs. Look at Secure Computing's Ironmail and Webwasher's and they are
expensive, but all the functionality is GUI managed. If you are running
a web hosting company and want an easy to run service, you buy Ensim
Pro. You can use free alternatives but you will not have any support and
will need a greater knowledge.
To say it just works in a few clicks may be true but how often does it
go wrong and you don't have a clue why? We had to set up loads of
Window's trusts using "point and click" and many just didn't work. We
had to get a Windows "expert" in to fix it. Ended up editing lmhosts as
they just wouldn't resolve. He couldn't telnet on port 25 or 80 either.
John.
--
--------------------------------------------------------------
Discover Linux - Open Source Solutions to Business and Schools
http://discoverlinux.co.uk
--------------------------------------------------------------
