Slashdot Mirror

← Back to Stories (view on slashdot.org)

Updating Free Software in the Enterprise?

Posted by Cliff on from the one-is-easy-one-hundred-isn't dept.

wallykeyster asks: "I'm an IT Director for a small private university in the U.S., and we are largely a Microsoft shop. We pay over $15,000 each year for our Campus Agreement so that we can upgrade the desktop OS to our version of choice, run Office, and have some Client Access Licenses. I would like to move to FOSS solutions, but I'm having trouble finding support for Enterprise management. For example, OpenOffice and Firefox (both of which I use personally) would be easy first steps, but IE is updated automatically via our SUS server (and settings pushed to clients via group policies) and Office updates will be included soon. How are other larger organizations (i.e. more than 200 desktops) dealing with software deployment and updates? Is anyone using Zen with Novell Desktop Linux?"

27 of 367 comments (clear)

  1. do what we do by Anonymous Coward · · Score: 1, Insightful

    run all your applications off of an NFS server..
    that way, you only upgrade one copy on the server.

    -Dirtbag

  2. At $15,000 a year...... by ARRRLovin · · Score: 3, Insightful

    ......You're getting off EXTREMELY cheap. If you switch to a different OS, or OSS, you'll easily spend more than that (many times more) in hiring people to support the new infrastructure.

    --
    -Randy
    1. Re:At $15,000 a year...... by Anonymous Coward · · Score: 1, Insightful

      ummm, don't you think someone is already being paid to do all the various labor-intensive things about running labs?

    2. Re:At $15,000 a year...... by lawpoop · · Score: 2, Insightful
      On the other hand, you could hire a local linux company to create a distro that client computers would load on boot. Add a support contract with occational updates to your distro. If you have problems with a client machine, simply reboot it and it will re-image itself.

      This could be cheaper than $15,000.

      --
      Computers are useless. They can only give you answers.
      -- Pablo Picasso
    3. Re:At $15,000 a year...... by Overzeetop · · Score: 2, Insightful

      They are, but just imagine the spike in help desk calls for the client side support. And the amount of labor to switch just the word templates over to OO.

      (I've done it for a small office, and it wan't pretty. None of the corporate standards switched, so everytime wo opened an old document, the formatting was toast. Trivial, though annoying, for you and me, but "the world is coming to an end"-level crisis for older, entrenched, barely-computer-literate secrateries. And, no, you can't just fire them all - they're the ones who can walk into an office, listen to a minute and a half of drivel from a $150/hr principal, then turn it into a formatted letter saying exactly the right thing and ready for signature.

      --
      Is it just my observation, or are there way too many stupid people in the world?
    4. Re:At $15,000 a year...... by Kallahar · · Score: 2, Insightful

      Except that the 15k goes to MS, they still need to have administrators on hand to install the updates. It's not like MS sends out a guy to perform the upgrades.

    5. Re:At $15,000 a year...... by ARRRLovin · · Score: 2, Insightful

      I didn't know Bill Gates posted on slashdot, but thanks dear Billy for your biased opinion... and BTW, you won't get poorer letting this guys go...

      It would be at least a few years and many hours of downtime before they would see any of that money recouped. As someone who has sat down and done an actual cost analysis, I can tell you, it's not cheap to switch to something that's "free" (beer).

      --
      -Randy
    6. Re:At $15,000 a year...... by jilles · · Score: 2, Insightful

      Agreed, for that kind of money you basically already have the best solution. Assuming your goal is to cut on the 15000 dollars and not push some idealist OSS agenda, you are not going to make any substantial cuts this way. Plus, your 'clients' (the students & staff) will probably complain loudly if you take away the software packages they are used to. At 15000$ the cost argument is ridiculous so you'll have a real hard time explaining why they have to use open office instead of ms office. Unless you remove IE from the system (which boils down to replacing the OS), people are going to click that blue IE icon.

      What you'll end up with is a complicated mix of operating systems, offices suits and browsers that you will need to support. You will increase cost rather than cut cost. Forget about eliminating MS from your systems, you'll end up doing all the work you do now + the additional work for maintaining your home built linux enterprise management kit (I'm assuming you are not interested in commercial linux support with per seat licensing).

      --

      Jilles
  3. Same boat by Jett · · Score: 5, Insightful

    I'm in the same boat where I work. I'm trying to get Firefox officially supported, the biggest sticking point is the lack of an easy method to push updates. I think this is one of the biggest reasons Firefox isn't widely deployed in the corporate environment yet, sure it's easy to install it yourself and update it yourself - but that's not a solution in a controlled environment.

    1. Re:Same boat by wireloose · · Score: 2, Insightful

      Sounds good in theory. Seldom in practice does the CEO support the idea of making all his/her users responsible for their computers. Has something to do with doing the job they're paid to do. Usually, they're doing something else that's needed. And that's why we have jobs. :)

    2. Re:Same boat by Verteiron · · Score: 4, Insightful

      That gets it on the client systems, sure. But how do you keep a user from (for example) changing their proxy setting? With IE you can lock the user out via Group Policies. With Firefox, well.. I'm not aware of a way to implement similar restrictions.

      It sounds like a Windows Server Administrator Template Policy would go a long way towards Firefox acceptance in corporate environments. You'd need some kind of plugin for Firefox that makes it read values from the Windows registry, as well.

      Alternatively, a Firefox plugin could read the Group Policy restrictions targeted at IE, and "translate" them internally to the Firefox equivalents, but such a solution would be a sloppy hack at best.

      --
      End of lesson. You may press the button.
    3. Re:Same boat by j0217995 · · Score: 2, Insightful

      I would love to hear this. We use IE throughout our company and I have forced the home page, some bookmarks, security settings and other things from Group Policy. Now I can't do that in Firefox which means no Firefox at the company. I've been looking for something that I can setup and forget it. My GPO just works.

  4. Totally obvious by The+Bungi · · Score: 2, Insightful
    Pay 15K per year to have a working supported enterprise management solution, or

    Pay 45K per year to hire someone to manage a homegrown house of cards "solution" based on rsync, rpm, apt-get, crontabs and other such industry stalwarts.

    I think the choice is clear!

    1. Re:Totally obvious by geomon · · Score: 2, Insightful

      Pay 45K per year to hire someone to manage a homegrown house of cards "solution" based on rsync, rpm, apt-get, crontabs and other such industry stalwarts.

      While I agree that the 3X differential in cost may be too high for this person's institution just to migrate, the "house of cards" comment is laughable. Centralized software management has been done successfully for years on *nix platforms and is done for a much lower cost than what you cite in yorur comments.

      But we also manage large *nix server farms for research and maintain Solaris, AIX, HP-UNIX and other varieties of non-Microsoft OSs. The incremental cost of adding Linux administration for our workstations is a 1/4 of what you cite.

      As always, YMMV.

      --
      "Rocky Rococo, at your cervix!"
    2. Re:Totally obvious by geomon · · Score: 2, Insightful

      Well, in my experience most of the stuff that's tied together with little scripts, general purpose utilities and dependencies tends to be brittle, even on Unix.

      Yes, that can be problematic. That is why someone considering coverting would want to pick a distro and be consistent.

      If you are honest in your assessment, though, you will concede that Microsoft updates often break apps that have been created by customers. We often experience a lag time in deploying Access when Office upgrades come out due to the updates thrashing our custom-built apps.

      No one solution is without its warts.

      --
      "Rocky Rococo, at your cervix!"
  5. Please think also "free software on WINDOWS"!!! by Heraklit · · Score: 2, Insightful

    Befor you all start shouting about a Debian repository and mounting /usr/local/from-server, please consider:

    The question is most probably about updating free software on Windows desktops!

  6. Re:small colleges by team99parody · · Score: 2, Insightful
    however we have neither the budget or willingness to pay for such services. We make do with what we have, it works for us to this point, but things definitly could be better.

    Do you have classes (in either IT, CS, MIS, or similar) that claim to teach real-world skills? If so, a project to automate such an effort would be a wonderful class project for you guys to undertake.

    Even if the class isn't about IT, this project can be used as a case study - for example, a class about software methodologies and software lifecycle mangement - or even a business class evaluating build-vs-buy tradeffs.

  7. Re:$15,000 a year... by capt.Hij · · Score: 2, Insightful

    I actually tried this *once*. It seemed like a great idea on paper. I would train people to do something useful, and they could go to potential employers and pretend to have some sort of useful experience.

    It was awful, and I will never do it again. I ended up spending all my time fixing stupid mistakes, and it was more work than just doing it myself. Especially since the ultiumate solution was to convert to linux, and set up a server to dish out rpm's and schedule updates via crontabs.

  8. This has got "duh" written all over it by Anonymous Coward · · Score: 1, Insightful

    Let's assume you have 300 PC's, that's $0.96 per desktop per week for IT infrastructure which appears to be working well. If you were having all sorts of problems I'd suggest otherwise but given the information you've supplied I'd argue that your dislike of Microsoft (or preference for FOSS) is getting in the way of your ability to think logically. Remember the first rule of engineering: it it ain't broke don't fix it

  9. Re:$15,000 a year... by tekiegreg · · Score: 3, Insightful

    Not really, assuming: 1) You're paying students $8/hour 2) You work students 15 hours/week (they gotta study sometime) = $6240 I can do 2 students with room left over for a trained chimp (we'll assume $2,500 worth of bannanas and computer repair bill from feces thrown at computer). With 2 students you could probably upkeep a small university ok (say 150 computers per student) after that I'd put the students to work finding an automated solution.

    --
    ...in bed
  10. The same way it has always been done... by HermanAB · · Score: 2, Insightful

    Unix upgrades have been centrally managed since some time before the dinosaurs, using tools like rsync and NFS shares.

    Nowadays, with RPM and DEB package managers, you also have the option to put all packages on a central FTP server and then schedule an update using the native update utility eg. apt, rpm or urpmi.

    So, my reaction to anyone claiming that there is 'no support' for Unix, or that Unix is 'hard to manage' or that Unix 'doesn't have enterprise tools'. Is one of incredulity - like where have you been the past 500 years, man??? Sleeping???

    --
    Oh well, what the hell...
  11. Fanboy moron! by Anonymous Coward · · Score: 1, Insightful

    Ummm, if that someone was at all knowledgeable in Linux, do you think that he would be asking Slashdot? Don't you think that he would already know the answer to this and be hacking happily?

    He's a Windows shop manager and may or may not have Windows centric staff. He does not have an Linux people so, hiring Linux people for just the migration would probably cost him more than the $15,000. But, the cost doesn't stop there, he will need to have Linux knowledgeable support personnel for ongoing support. That means either train what he has now or hire other people. Either way, he is likely to run over the $15,000/yr. Microsoft tax.

    I love Linux and use it exclusively, as I have for over four years. but, there are times when Linux is not the best solution and it sounds like this is one of them. $15,000/yr. is dirt cheap for Windows server licenses and CAL's, probably Exchange and SQL licenses, Windows Desktop licenses and Office licenses. It WILL cost him much more, at least for the short term(1-2 years) to switch. And, that all assumes that he truly can switch and that some application isn't going to force him to continue buying Microsoft anyway.

  12. Stick with Windows by Anonymous Coward · · Score: 3, Insightful

    You're getting Windows and Office on 200+ desktops for only $15,000 and you consider that too much? Are you on CRACK? That's like quibbling over whether you'll pay three peanuts here or walk 1000 miles to pay two peanuts.

  13. Re:$15,000 a year... by SamHill · · Score: 2, Insightful

    When I started my latest academic sysadmin job, we were talking about hiring a couple of students, as that's what they'd always done in the past. I kept putting it off because the systems were so screwed up that I had to spend a huge amount of time trying to figure out what kind of crack people had been smoking when they set them up and didn't have the time or energy to train anyone.

    In the end, we bought a brand-new server (we needed the disk space, anyway) that I set up from scratch. I migrated the data and built a bunch of tools to keep everything up to date, then moved on to automate handling the workstations. I never did get around to hiring anyone else, and the only time I remotely regret that is when I'm taking vacation.

    Hiring students to do things is a cool idea in theory. You get some extra help and some backup, and they get some experience that they can take to their jobs. Unfortunately, their lack of experience, professionalism, and often just general understanding of how things work mean that important things get broken or never get finished because they lack the knowledge or the time to do the work.

    It gets really fun when you have a couple of people who think they know what they're doing making changes without telling anyone else.

    These days anyone can set up a Linux box themselves if they want to learn about the OS and how all the pieces work, and I'm happy to help out where I can. But having students work on ``mission-critical infrastructure'', such as the departmental web server or faculty workstations, just isn't worth it.

  14. Re:Easy... by orin · · Score: 2, Insightful

    Any MSI package can be deployed either to users or computers via Active Directory. There would be a bit of mucking about involved in creating new MSI packages for each update to software - but this is easier than manually patching a significant number of machines. I'm surprised that very few open source projects aiming to dominate the Windows desktop release their binaries in .msi format as this would simplify their distribution in AD environments.

  15. Re:Zenworks for Linux/RedCarpet by fferreres · · Score: 2, Insightful

    Ok, but if you want people to use certain smtp server, force it at the network level, not app level. And why cant people change the homepage? If you have user accounts why not allow them to change it? If it's a public terminal you can make the config file read only to users. Windows does not help much to harden machines, Zen may work, but it's a work arround at best.

    --
    unfinished: (adj.)
  16. Re:Zenworks for Linux/RedCarpet by G+Money · · Score: 2, Insightful

    Forcing the smtp server at the network level would work great if all your workstations are on a local network, but if you're managing users worldwide roaming around with laptops it's not really an option. Anyway, with the security policies for application/desktop configuration, you can choose whether you're setting defaults for a user that are locked (they can't change them) or unlocked (they can). A read only config file would also work but it's not that convenient to have to manage several dozen config files in /etc/skel and then have to script out changes to every user's account anytime you want to force a change on everyone. With Zen you can have as many different groups of users as you want and each group (or even machine if you want) can have a separate set of policies applied to it, minimum list of software packages to have installed, etc.... All policy is group based so if I have a group of office workers who only need OpenOffice and Firefox and shouldn't be able to make changes to their preferences I can put them in a separate group from my power users who I can trust not to set their incoming imap server to something non-existant and then complain to the helpdesk. You would never use Zenworks to harden a single machine, you would use is to manage at least several hundred out to several hundred thousand. You're absolutely right about it being overkill for just a few machines.