Slashdot Mirror
Linux Desktop Deployment Postmortems?
duffbeer703 asks: "My employer runs alot of desktop and laptop computers -- something in the neighborhood of 40,000 PCs. Currently they are all Windows 2000 & XP managed by Active Directory and other big, complicated enterprise management tools, all of which can support Linux in one form or another. I'm looking for ways of making Linux (and maybe Unix or even Apple desktops) an option as we replace or add PCs. The problem is, most of the resources that you find online about deploying Linux focuses on server environment, and the articles that I do find about desktop Linux focus on standalone developer workstations, the IBM conversion to Linux (which doesn't seem to have happened) or things like LTSP, that won't integrate well with our infrastructure. Is anyone out there successfully using Linux for regular users? How did it go, and how did your IT and user communities adapt to the new kid on the block?"
This article was posted a little while ago about a user who used Ubuntu in a completly MS environment without his boss noticing for a few months. (linked article from the story)
My experience with it is that it's one of the most mature Desktop distributions, coming complete with most of the tools one would need to perform most jobs. Easy install, and you can use Syntaptic/apt-get for upgrades and additional installation since it's Debian based. You should check it out.
IT's probably best to dive into a Linux or any OS migration for users head first, all at once, so everyone in the office has identical migration problems and can assist each other if the official tech support is busy. It's like the choice between staying with paper, or going with computers, that businesses had to make in the '70s, '80s, or '90s. There will be some people who would never bother to learn unless they are tossed into it kicking.
Saskboy's blog is good. 9 out of 10 dentists agree.
Your employer runs a pretty hefty workstation. Although I have worked for, or known people that made similiar switches the scale was not even close. So it worked pretty well as the community was close-nit and excited about the change.
In your case though, there will be more disruption, not everyone wants to use linux... Id suggest just inserting the new computers in one department, preferably one where the employees are already interested in linux. I would also suggest taking a workgroup poll to get interior feedback interest as well.
prof
Just so that nobody thinks that nobody is reading this thread... No Linux deployments at my company. I don't think that we'll look at Linux again for at least a few more years. None of our important apps work on Linux, and we have no Linux expertise in our small company.
"Postmortem" implies "after death". I think they'd like to see the time after the death of Linux migration [unless that happens because everyone has migrated].
Saskboy's blog is good. 9 out of 10 dentists agree.
Take a look at the Ernie Ball guitar string company. They made the switch several years ago. It is only 300 +/- people but they did it cause they got hit with being out of compliance with M$
Read Rockin' on without Microsoft
I was able, at some point a few years back, to produce a Ghost image with Red Hat, OpenOffice, and a login model that used my office's Windows infrastructure to authenticate users automatically. It worked very well. I used it on several test PCs and was able to boot them up, ghost them, and have them come up connected and ready to use.
/etc/skel. The only real kneebiter was the fact that the vast majority of the office required Outlook, and for some reason (I don't recall what) Evolution wouldn't quite cut it. I seem to recall problems with lookups in the Active Directory using Evolution, but for all I know that's been fixed by now.
It was fairly straightforward to set things up with simple additions to
I ran this thing on my PC for months before my employer even noticed. I used VMware for my Windows needs (as I was a network administrator, I needed to run some troubleshooting in Windows for user support) and Samba for all of my day-to-day shares and printing. In the end, the only reason anyone knew what I was running was that I was sick one day, and someone tried to sit at my desk, with very small amounts of success.
Now if only I'd kept a copy when I was let go!
Green's Law of Debate: Anything is possible if you don't know what you're talking about.
PCs don't always make a lot of sense, especially if you need 40'000 of them :-)
I would also evaluate thin clients, especially Sun's Sun Ray technology:
http://www.sun.com/sunray/success.html/
That said, I know of a Swiss company (news agency with around 200 employees) who switched from Windows to Debian for the desktop PCs. Mostly Java applications. No serious problems were reported.
maybe try XPde, a linux desktop interface that is made to look and feel more like windows XP. You can download an iso for Clusterix, which has this environment included if you want to try it out.
You could just give Red Hat or Novell a call and either one will be more than happy to give you their dog-and-pony show for their desktop offerings. I mean, they do do this kind of thing for a living these days.
s p
Do you have must-keep Windows apps? Try CrossOver Office
http://www.eweek.com/article2/0,1895,1886920,00.a
or
Verasora/Win4Lin
http://www.versora.com/
I've used and deployed them all in small businesses with AD management, and they've all worked. There's no reason why they wouldn't work in larger businesses. After all, as IBM and Oracle are showing, they already do.
Steven
There's a few reasons why an IS department won't roll out Linux into an Active Directory environment.
:)
First, is that they cannot control the desktop using policy. This is the biggest selling point of using Windows in a workgroup domain, and especially to manage as many servers and end users as they have. Active Directory, while not perfect, is awesome in its capabilities -- all stolen mostly from Novell's NDS
Next, is expertise. Why would you introduce something into an environment that nobody really knows how to use? Your executives aren't 100% sure but they know 100% that they need to hire staff that can take on Linux servers/desktops and supporting them. That means paying a premium for that labor, and it's not necessary when you can get Windows guys on the cheap.
Lastly -- companies are hesistant to change. Financial companies in particular go with the mantra, if it works, don't touch it. You will see lots of these smaller shops on NT 4 still because to them... it works. Larger corporations that have to meet with SOX compliancy issues are forced into upgrading. That's what happened where I work.
Anyways.. best of luck trying to introduce Linux into your environment. I am going to say that you will crash and burn trying, because a company that large doesn't likely have a *need* for Linux. And if's not a necessity, a good business decision is not to let it happen. Again the mantra, if it ain't broke...don't fix it.
The price is always right if someone else is paying.
I'm glad to see that at least an AC picked up on the obvious sarcasm, even if the moderator didn't.
Saskboy's blog is good. 9 out of 10 dentists agree.
Novell has in the past, hosted a Partners Workshop whereby they note that Lavonia Lighting out of GA did a migration. You might want to call them and ask where they are in that process. Are they will with Linux? What other services do they use Linux for? How has the ROI and TCO been for them?
INSERT INTO comment VALUE('Doh!') WHERE user='you';
All the comanies I work for, none have a single desktop linux box. I could have sold some small business people a lot of linux boxes over the past few years, but one piece is missing. A financial software product. Most windows users freak out when they see gnucash. If you want to deploy in the enterprise, head first.
like everything else, the rollout has been pushed out. However, the "Open Client" has moved out of alpha status and moved into beta as of a few days ago. A couple interesting points the IBM internal helpdesk has gone through extensive training, remote desktop assistance is enabled, Lotus Workplace is installed (web/eclipse based version of notes, and office apps). Its primarly supported on RHEL workstation 4, but works on Suse,gentoo,and Ubuntu but I'm not sure how well. :)
Looks very cool, and IBM's subscription to MS Office has been canceled
I believe over 10k desktops have been rolled out in beta, but dont quote me.
Yeah, I don't really think its trolling either but also not that relevant. The guy wants info about deploying and supporting linux in a windows environment like you said. I'm just not too sure how a story about one guy sneaking an install of linux on his personal work PC helps much.
;-)
Plus, GP was pretty funny
"reality has a well-known liberal bias" - Steven Colbert
You know I read your rant/article about gnome some time ago, posting it into random stories as comment doesn't make it any better ...
http://linuxtoday.com/news_story.php3?ltsn=2005-11 -04-018-26-OP-SS-NV-0089
*an infinite number of monkeys wrote this sig
http://linuxtoday.com/news_story.php3?ltsn=2005-11 -04-018-26-OP-SS-NV-0089
there are other exact same posts around the web.
nice try FUDster.
Talk to Novell. 50% of their employees are using linux on the desktop
I've been trying to get Linux instaslled on the desktop for a few of my customers, but had problems finding a suitable model for deployment. Say what you will about Microsoft (and here most people do) but their deployment tools are pretty good. All of my new deployments utilise RIS (Remote Install Services) which greatly reduces client installation times.
/home folders to a central server. But I've never seen any Howto's or even descriptions of anyone having done this in the enterprise before. Not to say it hasn't been done, just that noone's written how it's done (that I've been able to find).
Roaming Profiles and publishing applications via Active Directory also greatly reduces on site time. Workstations can be restored without anyone technical being required on site at all.
I've looked and looked and haven't been able to find any resources for doing similar tasks with Linux based desktops. The closest I've come up with is to use custom built CD Rom desktop OSes, but these are much slower than using a workstation with the OS installed on a local hard drive.
I'm sure it can be done, perhaps by remotely mounting common application and
Not much help I know, but it shows why my company is still an MS shop.
John the Kiwi
Does out of compliance mean they were using licenses for which they did not pay? (not that the products weren't working correctly)
And that was the main reason for the shift?
Curious..
Cogito Ergo Sum
I've been using Fedora Core for a while on my desktop and have been pretty happy with it. I'm the only person who primarily uses Linux at my office. I just upgraded to FC4 (done quite easily with yum from FC3), and I got the newest Open Office. That seems to have cured the last of my interoperability issues.
Let me state that I love Linux, and I am fortunate enough to be able to use it for my work.
In the past I've been responsible for switching a small company over (circa 150 desktops) from -- what was it now? -- DOS to WIN 3.1, or WIN 3.1 to WIN 95, I forget, I've burned it from my memory. And it was a nightmare. Not cuz it was Windows, cuz we were switching, period. Accounting gave us hell ("what are the cost benefits again?"), users gave me hell ("Time is Money, Y'Know!"), and Super Senior Mgt tweaked me more than once ("If you weren't switching us to this, um, upgrade thing, what is it that you would be doing, hmm?"). Learned an AWFUL lot about wacky boutique Accounting-Inventory-Shipping-Graphics-YouNameIt programs that all ran lovely on the OLD system but had to be bludgeoned into submission on the new.
Not saying you should not upgrade. Not saying Linux is not an upgrade from what you're using (not saying it IS, either; you really need to examine the apps). Just saying that you really need to look at this upgrade from every direction short of Sunday before you dive into the change. There's a large, cold room reserved in the House of Pain for Linux Evangelists who push their companies to make The Switch without having a whole pond worth of ducks in a row.
Good Luck, Bud, and God speed! And better you than me.
Sounds like you just want to brag that you forced your shop to "run Linux"...
You've not provided any sort of business case for the switch. If your organization has the IT infrastructure to support 40,000 workstations, you aren't going to save any money by installing Linux on a couple of workstations. Further, if the "regular users" you're deploying to aren't Linux enthusiasts there will be a decrease in productivity [at least temporarily] and your boss will have you to thank for it.
I used to work at a private high school in the Northeast. You can probably figure out what one by looking at my user name. Anyhow, we (read: I) tried a rollout of Linux on our file servers and routers. Here's what happened:
The Linux file server worked beautifully. We had a simple NT4 domain, setting up Samba with proper permissions was easy. It was easy to administer, very reliable, and fast.
The Linux router(s) worked well, too. I had a nice collection of scripts run with cron that would turn off internet access to the dorms at a specified time, and then turn it back on in the morning (remember: this was a high school).
I was even in the process of developing a grading system with the LAMP stack, since at the time, teachers did their grading manually, and often complained about it.
Everything was running beautifully for months, until politics entered the game. Some higher-ups bought software without consulting the IT department (me and one other guy) that of course only ran on Windows. They also decided that we were going to go with FileMaker for a grade database, that was maintained by some high-price consultant. In the end, they wanted everything to be Windows for some reason or another (misinformed about how Open Source works, you know, the whole deal). My wonderful little Linux environment disappeared, and eventually, so did I.
Moral of the story: technical challenges aside, your project can always be torpedoed by someone who is self-important and more powerful than you.
Some work environments are such that everything has to work as often as possible.
Doing any sort of migration is a bad ideas -- as soon as you have problems, you'll have hordes of pissed off folks screaming.
I'd recommend against doing a linux migration under those circumstances -- it will only be bad for you and Linux.
Eventually such ossified environments will likely vanish -- they'll go out of business. If you really want to use Linux at work, it is probably easier to find a job at a Linux shop.
http://www.thebricktestament.com/the_law/when_to_
Just be happy with what you have? How many of those users are going to make use of what Linux really offers? If you don't have a valid reason other than "push Microsoft out", I'd just stick with MS. It sounds like the environment is all integrated and it would definitely cost you more to switch. Let the Linux desktop mature, its still early for it - then you should have more reasons to switch.
OSX will be just as crap as Windows if you try to run it on generic, open hardware. The reason why OSX is such a pleasure to use is that it's been made to run under very well defined hardware.
The owls are not what they seem
None of the large IT concerns that I have worked for have done en-masse Linux desktop installs, by the way, but both had an approved "default" install CD-ROM image that had been sufficently tested (read that "tested tested and then triple tested again...") with the appropriate packages, etc. installed and all of the security settings tweaked and set. that it wasn't a big deal to get once the manager approved it.
Big problem was convincing the low- to mid- level managers to approve using it instead of M$.
...Open Source isn't the only answer -- but it's almost always a better value than the alternatives...
I have successfully deployed GNU/Linux networks, both servers and workstations. If you are at all serious about deploying a large amount of GNU/Linux Workstations the first thing you should do is replace the Windows Servers.
/home directories, especially when you use LDAP for the User Database. If you attempt to deploy Unix type workstations in a Windows Network enviornment you will ALWAYS be fighting with the servers.
It is much easier integrating a Unix type workstation if you use Unix type servers. It is trivial to have nfs mounted
If it's all Windows centric including backend and management, it'll be tough to add. Here we are a hybrid Windows/Solaris and are adding Linux. The way we do it is LDAP on Solaris for the backend. Sun has a product that syncs the AD to LDAP, and we are currently working with the Linux systems to get them all working. They use LDAP just fine, but we are having difficulty with our automounts and other such things.
If you want to do it in your the thing to look for would be a way to sync Linux with the AD. I don't have any experience in this area so I'm afraid I can't help, but Samba might be a place to start. I understand it works in Windows 2000 domains now. At any rate what you want is to design a solution such that the existing management tools will work more or less seemlessly with the Linux workstations. That means they need to get their account information from the AD, map the Windows file shares (Linux does that fine now) use the Windows printers CUPS has no problem with that) and so on.
You will probably need a Linux server that's the go-between and you might have to do some custom development work. However, I'm sure it's doable. Remember though, to sell it you need ot make your solution work with the existing one. If you demand a bunch of changes, you'll just get shut down. However if you make it integrate nice, it's much easier to push as an alternative. Ultimately a more platform-neutral back end would probably be good, but with infastructure that large, you can't start there because the cost will be enough to make everyone say no.
PRobably what you should do is just get permission to start experimenting. Get a Linux desktop and server up and running under your control and then start investigating what it's going to take to get some integration going on. Worst case, it doesn't work out, and you get some Linux experience out of it.
How is it irrelevant, again? The question is about replacing Windows boxen with Linux, and the linked article is about replacing a Windows box with Linux. While it doesn't say anything about support, the point is that it appeared transparent enough (to casual? observation, at least) that the boss couldn't tell the difference. Sounds like a ringing endorsement to me.
okay, i really hate the subject line (and emeril's show) but here goes:
i work in a very small environment... say roughly 25 employees and at least that many desktops with about 20 servers. i've been pushing to move away from being a microsoft shop. luckily, the guy before me was also very pro-Best Solution (note i didn't say pro-linux or anti-microsoft) and set up a number of linux servers.
i have taken hold and attempted ot push the idea of linux desktop solution for people that don't need windows (i.e. sales people). i actually set up a second box for myself before deploying a test box for a sales person. being a ubuntu user for 3 releases now, i choose it for it's polish, shine, and my comfort level. my experiences have been mostly good. anytime anyone needs a package, i just grab it from apt-get (or find a repo first if need be). i can take care of the whole box via ssh and never have to bother the user. it works GREAT except for a few small problems in a windows network:
1. setting up active directory authentication is a PAIN. it's not hard, but time-consuming and requires a lot of manual tweaking (see my request for an automated tool)
2. evolution-exchange connector is horribly in need of work. the basics work, but it's not fast or efficient - or stable. it gets the job done, albeit not eloquently
3. (i belive the following is a problem with nautilus, but idk) when accessing a shared windows folder, authentication gives a prompt for credentials, but it doesn't matter when you put here. the second prompt for credentials is the important one. in fact, you cannot get the first box to go away unless you click cancel
4. sudo & AD groups. for the life of me i can't figure out how to get sudo to recognize %domain\linuxadmins as a valid group. `groups` shows me as being part of it, but it's almost as if sudo doesn't like the slash. i've tried escaping it, and tried it without the domain to no avail. ideally, i'd like to set up a group to allow certain users to perform updates when ubuntu notifies them stuff is in need of updateing.
my gripes aren't HUGE, but they're annoying to me. of course i haven't touched on management needed for a 20,000 pc environment (pushed software & updates), so ymmv
Setup a batch of old dell stations that were previously part of a school "Tech Job Training" lab,(previously had win98 on them), with damnsmalllinux and did not even require any hardware upgrades, (10gb hd/700mhz celly/128mb ram); the systems were used for web, word processing and network access to a WinNT domain; and once the kids understood that rtf format could actually hold pictures but made much smaller files than doc format, they switched. The only problems we had the whole year with those machines was hardware related.
A computer once beat me at chess, but it was no match for me at kick boxing. Emo Philips
Universities have been doing enterprise deployment of Macintosh desktops since before MS Windows existed, even since before the term "enterprise deployment" existed. The early days were pretty rough, of course. But now OSX and its Unix core have a full set of enterprise desktop management tools available. Check out MacEnterprise and tools like Radmind. Many Universities are now doing large-scale deployments of Mac desktops. And since those tools are all Unix-based, perhaps many of the same techniques will work for Linux desktops?
Maybe this would even be a viable option for the original poster: Building one or two linux images for the clients with Citrix (or similar) clients and using a fat server to provide compatibility with Windows apps.
On se Internetz nobody noes your German.
here another2 0052658&AT=39238665-39020463t-20000004c
http://www.zdnet.co.uk/talkback/?PROCESS=show&ID=
On the other hand I do have some clients where certain individuals have requested linux, and allowing them to run it has not caused any problems other than the obvious compatibilty issues that may apply. These individuals are linux savy and can generally deal with their own problems. Management does not want to spend extra money to support a second platform, and they understand this.
I guess the point I'm trying to make is that if you are considering rolling out some linux or even apple desktops, I would be careful to only migrate people that really want them and understand the consequences (and are able to deal with their own problems for the most part). Otherwise you're going to be incurring extra costs that probably outweight any licensing money you save. That usually doesn't go over well and will generate a negative attitude from management towards linux.
As for workstation management tools, there are solutions from Redhat and Novell and probably others, and IBM has some tools too. I don't have much experience with any of them, but again it is probably an extra cost and what would the point be? What is the boss going to like about this whole idea? Sometimes I think linux fans push too hard or don't fully evaluate the situation and actually reduce the opportunities they might have to use linux where it would really be a great solution.
-Lod
is the number of people who go on about switching their companies/offices/etc over to a *nix based infrastructure, talking about what desktops they've tried or tested, what they are using now, why it's so much better, etc, quickly followed up with something along the lines of "but our IT department..", "the company is switching to exchange...", "...the powers that be won't switch...". Guess that means that you aren't in the right department to begin with (trust me - I run a 5000+ node network) and you are mad that the IT department doesn't agree with you about how much better it would be if everyone ran (insert your favorite non-MS distro here0. Or that you are in IT, but nobody listens to the guy that packs and ships the systems out.
Come on folks - at least try to sound like you work in IT, and that you have some say in IT decisions where ever it is you work. It really sounds much less pathetic that way.
http://www.rackable.com/ [rackable.com]
*cough* copy and paste.
Dude, a clue: you're not supposed to type the domain name in square brackets - slashdot adds that for you.
Comment removed based on user account deletion
Dear Slashdot, I'm trying to fit a square peg into a round hole. How should I go about it? Thanks, Some Guy
I find laziness to be an excellent motivator.
Not if you live on a continent full of "criminals" with success stories.
There is no America. There is no democracy. There is only IBM and AT&T and DuPont, Dow, General Electric, and Exxon
Check with netcraft. They are a pure Windows outfit.
We have a couple of FreeBSD desktops that live in harmony with our Active Directory Windows world. Also, we have five or six OS X systems. A third party suite (www.thursby.com) called ADmitMac even allows them to be an Active Directory management station.
Thin clients make even less sense, especially for that large an installation. They need far more network resources and if anything network-related goes down, the employee is left twiddling their thumbs. If you pay your employees $15/hour (I seriously hope you pay them more than that), 1 minute of downtime for 40,000 people costs you +$15k. 3 minutes downtime, and you just paid for someone to help handle the "complexities" of managing "real" computers.
The thin client model sucks because it turns random failures into massive failures- and nobody at Sun has had to be in the IT department when EVERYBODY'S computer stops "working". The phones catch on fire.
Any and all cost savings are most likely eaten up by the leap in service level requirements, not to mention the need to push application data around the network. The assumption by Sun is that your network has nothing else running on it and can handle throwing around java binaries around. Last time I checked, most of the data on corporate networks is stuff like print jobs, email/Outlook, file transfer, and web.
Please help metamoderate.
For a Gnome based desktop, Sabayon appears to be about the best thing I've found yet that allows you to create "profiles" for different users.
_ desktop_profiles which may be of some use as feedback/info)
I don't think it's anywhere as good as what I've heard group policy to be, but it's a start in the right direction. I've found it to be quite buggy and it took me a couple of days to get the desktop _as_I_wanted_it_.
(See http://www.codepoets.co.uk/sabayon_creating_linux
DG
The Ginger Dog
Especially in a company with that many desktops. When talking about a migration to Linux in a large environment like that means a bunch of things:
1. What do you do with ANY of the custom apps used on the desktop. Most large companies have at least a few apps their internal developers built for them, and I'll bet they weren't built with cross-platform use in mind. Sure, it may work for now in WINE, but what about when it throws a weird error? What about when a new feature is needed? Recoding the app isn't really an option for most places.
2. Time to fire and rehire your desktop support staff! And any IT group that is directly tied to desktop products, cause you're doing a complete 180 degree switch on them. You can argue that anyone worth paying should already know Linux, but the reality is a lot of people in IT are tied to MS, because that's what their company has bet the farm on. You would probably have to either rehire or retrain most of the desktop support group.
3. Your options are RedHat, or SuSE. A company that big is only going to switch if they can buy Linux from a vendor with the chops to support a large organization. Mom & Pop Linux Support Inc isn't going to be taken seriously since they may be in business today, but might not be tomorrow. Business wants a large company backing a product so they have someone to go back to when something goes really wrong.
4. Retraining Costs. Sure, there's adjustment when moving users from Windows Version X to Windows Version Y, but generally the user experience remains fairly consistent. Moving to Linux, unless you reskin it to look exactly like Windows and hide away anything that would hint that it wasn't Windows is going to require significant user retraining. Then there's all the new apps that they'll have to learn to use. You'll lost a LOT of time and money here.
5. What's the real benefit? Yeah, Microsoft is evil, vendor lock-in, security vulnerabilities blah blah blah and so on. But honestly, does Linux provide a real business value? Does it save money in the long run? Does it make the work easier to do? Don't answer these questions as techno-geeks who are already biased, look at it from a semi-objective standpoint.
I don't think you can make an effective case to begin the switch-over of 40,000 desktops to linux, even in much of a phased approach. Best you can probably hope for are a few pockets of Linux users within IT. The average user would probably never even get whif of its existance.
First, be patient. I don't think the IBM migration is as dead as it appears. Most of the commercial migrations I have seen take 2-3 years to accomplish assuming that a fair amount of resources are thrown at the problem. If you want a smoother transition, I would suggest planning for 4-5 years. This timeframe should allow you to rewrite all your inhouse applications to support Linux if necessary
The first step is to identify those workstations that have the simplest requirements and/or the users who are most interested in switching. Start there and migrate a few stations at a time. Don't be afraid to rollback to WIndows for a while when you need to. Try to use Wine and other technologies to make the transition easier. I think that this is still where IBM is.
The second step is to do an analysis of what has/has not worked in this step and then look for the next group of workstations to migrate. Wash, rinse, repeat until you run out of shampoo.
Once you have a fairly established set of Linux workstations, I would suggest investing in infrastructure. Look at things like OpenAFS, X11 application servers, and the like. For desktops you can create a computing network that looks conceptually sort of like a SAN and is very easy to maintain (read up on Project Athena). This requires more care with laptops because of mobility requirements,but if you are careful about which applications you put on the laptop and which ones you run over the network, you should have few issues.
Hint: You can put an X server on the Windows systems to give them access to your X11 app servers, and therefore not immediately require everyone to rn Linux to gain access to certain applications.
LedgerSMB: Open source Accounting/ERP
He's got 80,000 hands or what?
If you want to integrate Mac OS X computers into your existing Windows server infrastructure, be sure to check out http://macwindows.com/
This site is dedicated to enabling Mac OS X computers to coexist in the enterprise environment.
This is a troll intended to harass a crooked store from this story. Has nothing to do with Linux migration at all.
In Soviet Russia, 40,000 Linux workstations upgrade you! ;)
Interesting - but a profile isn't all there is to Group Policy - it's quite a bit more than that.
It's a huge waste of money. If you don't have the expertise then don't try and do it yourself.
Quickbooks and Peachtree are more than adequate. They get the job done, they are easy to use, and they have the right mix of features for the price.
Also, I don't think any of the systems you listed are really common.
From my experience, it goes: Quickbooks->Peachtree->Mas 90/200/500->Peoplesoft/other giant software package.
1. You've confused criminal actions, civil liability and theft of services.
2. The process of being out of BSA compliance is hugely worse than even a substantial penalty for anything you might not have bought. They basically shut you down EVEN IF YOU ARE IN COMPLIANCE. All it takes in an unhappy employee making a phone call...
First off, out of compliance does NOT mean you have more installations than you paid for copies of. It means you have more installations that you can instantly produce proof of. Which is NOT the same thing. You have to prove that your innocent, on demand, whenever they decide to come knocking.
I don't know about that place in particular, but many places of this scale might, for instance buy all their PCs from Dell et all and pay the Windows tax on all of them at ship time. If they never upgrade to a new major OS version (buying new PCs faster than they get around to upgrading new ones) they have never, ever needed to buy an OS license.
However, if they lose one COA they are STILL out of compliance - even though they paid for every single license.
So: A) It's not criminal anyway - it's only civil liability. If it was criminal the burden of proof would be on THEM to prove you did it.
B) Even though the civil burden of guilt is lighter, the burden of proof is never supposed to be firmly on you to prove your innocent. Their EULA requires not only that you DID buy the software but that you can prove your innocence on demand. IANAL, but I don't think this would hold up if SCOTUS
ever got around to hearing it. But someone would have to have a zillion $ to fight M$ that long.
2. They basically come take all your computers away and shut down your business indefinitely. That's massively different than charging you - even charging you 100x for any missing licenses. And EVEN IF THEY'RE WRONG they do nothing to compensate you for this lost time. And you can't sue them for it, because the BSA has no assets themselves, supposedly - or not assets enough to sustain the legal fees for a big court case.
Looking for freelance Actionscript (Flash/Flex) or ColdFusion work and/or freelance developers. Email me, put Slashdot
Turbo Linux is a Red Hat based Linux that has a special distro geared towards destops and Laptops called Turbo Linux 10 F. It comes with *licensed* codecs for windows media player and real player media along with the only licsened DVD Player for Linux PowerDVD (which is also the best player around for windows). Turbo Linux is the biggest distro in Japan and China... and is found on many *certified* hardware platforms running x86 servers and other bigiron such as mainframes.
||| I still can't believe Parkay's not butter.
I really wanted to mod you Flamebait, but I thought I'd respond instead.
Did you even read the question? He said he wants to make Linux an OPTION when he replaces and installs desktops. Not that he wants to "force" anybody to switch. Not that he's trying to save money. Not that he wants to evangelize. None of the above things that you mentioned. He never bragged, nor did he ever even HINT at "switching" the entire organization.
He wants information about introducing non-Windows desktops into what was an all Windows shop. Maybe his graphic artist will want the OPTION to buy a Mac; maybe somebody else in the organization will want the OPTION to use Linux. He wants to make these OPTIONS available, not as standalones, but as part of the greater network so that the users have all of the Active Directory (etc) stuff available even if they CHOOSE an alternate platform.
I am baffled about how you got modded up so high, when you didn't even come close to a reasonable response.
Repetition does not transform a lie into the truth. - FDR
In short, while Microsoft is making the move towards an distributed environment (somewhat, at least) Unix (and the like) is still stuck in a networked model. Sure, you can setup your ldapv3 Usermanagement, however, whithout patching not even cyrus imapd integrates. With a bit of luck you may find an groupware solution that integrates into your existing directory without wanting to set up its own, and so own. To much good, but isolated solution on unix side. ons of reliable services. Own their own, but try to integrate. Then it's getting a nightmare. Not sure, how well KDE would integrate in such an environment.
In a large environment Microsofts services simply integrate better, from a user point of view, we can be just lucky, that they do not work as promised.
I'm the IT Manager at my company (we have about 200 users) and the biggest item holding us back is the lack of a reliable shared calendar. I use Linux as my desktop (you know, eat your own dog food) and with the exception of of a reliable shared calendar I can do everything I need to do on my Linux box. Email, word processing, presentations, and spread sheets. We use Evolution to connect to our exchange server and unfortunately the lack of a reliable shared calendar prevents us from deploying Linux on more of our desktops.
I know that there are products like CrossOver and VmWare that run Window programs on Linux, but that sort of defeats the purpose of moving to Linux in my view.
I think the problem is more that Windows has to maintain backward compatibility with previous stupid versions of Windows and all of the stupidities committed by applications in the many previous Windows environments.
The PC hardware isn't the problem: Linux works on a very wide range of hardware.
Lew
"The Constitution, the WHOLE Constitution, and nothing but the CONSTITUTION."
A year or two ago, I orchestrated an enterprise upgrade from Win 9x desktops with Banyan servers to WinXP with Win2K servers.
/etc/initab to customize the services running at a particular run level is a diverting amusement rather than an odious burden.
;-)
You would not believe how scared and panicky the users got. During the physical migration, users were given 4 hours of training on the changes from Win9X to WinXP. Then immediately went back to their desk to a newly converted workstation. It hardly helped at all. The shape of the MS Office icons changed, we got dozens of calls from users who said we had "taken away" MS Office. One department had their shared drive change from the P to the Q drive letter. Even after telling them verbally three times in class, and following it up with email, we still got dozens of calls from users who said their documents had been "deleted". We even got calls from people complaining that their spyware was missing! And some of them were PhD's.
Humans in general are dumb, easily panicked sheep. They fear and loathe change as if it were physically painful. They don't like Windows - in fact it is one of the favorite topics of water-cooler derision. But they would rather run their nuts through a clothes-wringer than have their toolbar move to the top of their screen.
Linux enthusiasts are generally highly intelligent malcontents. People who desire frequent chaotic change because it soothes the agony of their ADHD induced boredom. They love having to follow up the latest installation of Fedaro by trying to figure out where to download a multi-media player from because *someone* got pissy with the old player's authors and left it out of the distro. Tweaking
And Linux enthusiasts suffer from a terrible conceit, believeing that the rest of the world "wants" to be like them, but just doesn't know how. So if they can make the Linux desktop look 75% the same as windows, then they can lure the sheep in for a closer look. The implicit assumption being that once a sheep gets a good look at the "freedom" offered by vi and shell scripting, they'll have an epiphany and never want to go back to a point-and-click GUI.
Here's a clue for all the cult-of-linux followers out there. Most people HATE change. Flexibility is spelled c-o-n-f-u-s-i-o-n. Powerful tools are d-a-n-g-e-r-o-u-s. Configuration options are a t-a-r-p-i-t.
Memorize this commandment:
EASE OF USE is ***all*** that matters!
Until conversion to Linux represents LESS change for the average user to deal with than an upgrade to the next version of Windows, 90+ percent of the population won't touch it.
Or, you could go for an even lower common denominator, and develop XXX-windows with built-in pr0n. After all, it was x-rated content that created the market for VCRs and cable TV
"Sic Semper Path of Least Resistance"
Go Sun Microsystems JDS, using their service and methodology we ran a conversion pilot of 2,000 Wintel PCs fast and smooth, we kept integration with MS Services as Exchange, Active Directory and SQL Server.
Now we are planing the conversion of about 90% of Wintel PCs for Sun's JDS PCs (some users really need Windows, must don't).
Also we are working with them to migrate Active Directory to LDAP and Exchange to Sun's JES Mail Services.
Database.. Q3 next Year.
Here is a good description for using FAI to install Ubuntu http://faiwiki.informatik.uni-koeln.de/index.php/I nstalling_Ubuntu_Linux_with_FAI
How the fuck is that a flamebait?
The parent asked a legitimate question. Why should a company switch 40,000 computers over to Linux when no business rationale was provided?
It seems the duffbeer703 is some nobody within his company .
For everything else I'd go with the Solaris Enterprise System.
I'm sure it can be done, perhaps by remotely mounting common application and /home folders to a central server. But I've never seen any Howto's or even descriptions of anyone having done this in the enterprise before. Not to say it hasn't been done, just that noone's written how it's done (that I've been able to find).
Why is it that people think Desktop Linux and Server Linux are different animals when it comes to enterprise setups? Enterprises have been doing rapid deployment, diskless (or minimally local), network boot unix installs for ages.
HOW should linux desktops be set up in an enterprise? Exactly the same way as the *ix servers! Any enterprise unix admin worth their salt already has this worked out. The only difference is which applications get installed.
Need that latest patch deployed to all 1.7 bazillion desktops? Update the filesystem that the desktops are booting to and update all of them at once. Messing with symbolic links makes it easy to swing a link back to the old version and reboot the workstations if something goes bad.
Mounting remote filesystems allows users to write their files directly to the network, where it will be backed up according to firm policy. Mounting the system filesystems ensures that every machine is running the latest and greatest. Deploy your apps in OpenAFS, and you can control access to apps via ACL groups.
U could make a live-cd with some distro like Ubuntu or Gentoo(best choice :) )...with everything u need for Workstation and Desktop use...that u are also able to install of course...
... ull be grateful.
do ur homework
duffbeer703 asks: "My employer runs alot of desktop and laptop computers -- something in the neighborhood of 40,000 PCs
Wow, I didn't realize the Springfield Nuclear Power Plant employed so many people.
Beauty is in the eye of the beerholder.
This excuse people use that Windows is crap because of diverse hardware is tiresome. It has nothing to do with that. There’s an endless lineup of people who are willing to tell you they honestly run Linux or some BSD variant on weird hardware and their platforms are solid. Beyond that, bad hardware does not create an inconsistent and confusing interface, security holes, application bloat, and other nonsense that is strictly further up the stack on Windows. OS X, on the otherhand, is solid in design both under the hood and as far as usres are concerned. It lacks decades of legacy bagage except in a controled, deliberate fashion (Classic support is not a critical component, but an optional add-on). We live in an era where resources are abstracted such that user applications don’t have to care about specific processors, video cards, motherboard chipsets, and so on. Maybe Windows users should wake up and realize this.
Join Tor today!
I think the key is to make the transition process as smooth as possible.
One department at a time is a good strategy, but I'd go even further:
Your users will gonna have to learn to use a lot of new softwares and they won't be happy with that. If all those changes appends all at once, there will be a perception that Linux is hard and complicated. And it will fail.
I'd replace one aplication at a time for as long as I can. Internet explorer would be the first (replaced by firefox), then maybe Outlook (by Thunderbird), and then I'd go with MS-Office (one component at a time, replaced by OpenOffice2).
The idea is to make them learn while they are using there "confortable Windows environment". That way they will be able to go back to there old software (for a while) if something doesn't work as expeceted or if they are in a rush.
And make sure some of the IT staff makes the changes before everyone elses, so they can offer some supports.
Anyway, I which you good luck !
We also have A/D etc. and are also looking at whether Linux will work. We have found an excellant distribution in Xandros (www.xandros.com) for our pilot workstations. The Business Edition works with A/D, allow initial log-on to authenticate with A/D, autmatically sets home directory, has Star Office & Open Office, and also has Cross Over office to run Windows apps. I would suggest trying it.
With such a large scale of PC's, you would NOT want to try to make a massive overhaul of the infrastructure. Also, you would need to consider if even migrating to a different OS would be beneficial. The first step, however, would be to take one of the smaller departments and identify that department's computing needs. What do they use their computers for? What hardware do they rely on? Is there a third party application that is heavily relied on? Then, after identifying those items, see if there are alternatives in another OS. If you find alternatives in Linux, setup a "test" workstation in that department. Pick out one user, and train that use on how to perform his/her tasks on that workstation. Do not force someone to do this that isn't willing, or that is hesitant about it. Find someone that is genuinly interested in giving something different a try. Then, ask that use to spend a few hours each day doing their work on that test workstation. Have them document any problems that they run into. This testing phase should last for at least a month. Stay close and in touch with the user. If they get frustrated because they can't perform a specific task, you need to be able to provide an immediate solution. The biggest plus you can ever possibly have with migrating to another platform is for the users to be on your side. That's who management is really going to pay attention to. If the user can be as productive or more productive with a solution that costs substaintially less in licensing, etc.., then management is really going to pay serious attention. Where I work (much smaller company with only 300 desktops), we rely very heavily on a third party application that simply cannot be run on Linux. However, I have brought Linux into the picture by setting up an education lab running K12LTSP. I was able to demonstrate to management productivity and cost savings by bringing back to life older Win 98 PC's that were collecting dust and ready to get thrown out, as well as addressing the needs of the school on our campus. I saved the company several thousands of dollars by going this route. When management wanted to start monitoring and restricting Internet activity when I first arrived, I put together a proposal of commercial applications vs open source applications. The result is a Linux proxy (running Mandrake) with squid and squidGuard. Reports of activity are automatically generated each midnight, and management is capable of viewing these reports through their webbrowser. Again, I was able to save the company several thousands of dollars. While replacing desktops simply isn't an option for us, I have made Linux a very viable solution to address needs that we had here, while saving the company money, and making me look like a hero in the process. :o)
We start our roll out on December 12. Send me an email and I'll let you know how it goes.
The city of Munich, Germany (probably tens of thousands of PC's) is deploying Linux as we speak. Of course, I have no idea about details since I only live in this city, but it might be interesting to talk to them. Most of them should speak English fairly well. Take a look at www.muenchen.de or googlelize "munich linux" or something... and take your German dictionary. :-)
At my current employer they use Microsoft Unix services for MS/Windows on the active directory server. This allows the AD server to act as an NIS authentication server for Unix/Linux clients. IT works well.
Crossover worked great for running Outlook including connecting to the exchange server for email and calendaring. Ignore the BS link about Crossover and MS/Outlook not working with Exchange posted by sjvn. It's just not true. Using Crossover 3.0.1 only failed on some MS/Powerpoint pressentations which used Audio/Video. With Crossover version 5.0, I'm sure they have made improvements. The Ximian connector only works when the webdav interface on the MS/Exchange server is enabled. Large companies rarely do this. One may also use OWA (Outlook Web Access).
The only hassle I had was when my password changed and I needed to update files used for authenticating to Microsoft print servers and file servers.
I love Linux on the desktop!
There are relatively few firms with 40,000 PCs. Those firms that have 40,000 PCs usually have very skilled technical people to do their homework. While posting on /. may be informative, somehow I think they'd have a better sense of what they're doing than the OP does.
IOW the post doesn't ring true.
My major on concern would but what you have in place on AD that is being used. if you have a lot of policies than going to linux might be a bad choice. (this goes beyond just loging in) also patch roll outs would be a concern. are there any other programs that your workstation needs that is windows only?
From TFA:
The BSA [Business Software Association] had a program back then [2000] called "Nail Your Boss," where they encouraged disgruntled employees to report on their company...and that's what happened to us. Anyways, they basically shut us down...We were out of compliance I figure by about 8 percent (out of 72 desktops).
How did that happen?
We pass our old computers down. The guys in engineering need a new PC, so they get one and we pass theirs on to somebody doing clerical work. Well, if you don't wipe the hard drive on that PC, that's a violation.
Since when? Why can't the clerical worker use the software on the hand-me-down machine in a perfectly legal manner if new copies of the software are purchased for the new engineering PC? Aren't both using licensed copies? Why has the license for say, Windows, suddenly expired when the machine is transferred to another user within the company?
I decided to see if the BSA had an explanation for this position. Now I can't say that I read the entire site, but I didn't see any mention of wiping hard drives in the most likely places it would appear, for instance documents linked from the Tools for IT Managers page. Searching for "wipe hard drive" or variants thereof, using both the BSA site's search engine and "site:bsa.org wipe hard drive" at Google turned up nothing.
Is this some piece of common wisdom among IT managers, that they should routinely wipe the hard drives of hand-me-down computers? Does that imply I need to purchase a brand-new license for the software (like Windows) that was already on the machine before the next person may use it? Why does my common-sense view that I've already paid for these licenses not apply? Don't licenses for things like Windows apply in perpetuity to the CPU on which they are installed?
By the way, this is one of the most persuasive pieces I've ever read on converting a small-to-medium enterprise from Windows to Linux. The best parts concern Ernie's reaction to being mauled by the BSA. His family-run guitar string company was made to look like a bunch of despicable criminals in a horribly public way (armed marshals at the doorstep). After settling for $65,000 in penalties, and paying another $35,000 to cover the BSA's legal costs (as guaranteed by Congress) plus his own attorneys' fees, Ernie turned his back on all commercial software and moved his business to Linux.
If business users find an application that they cannot do without, and it only runs on one platform such as Linux, then you can be a hero and give them linux. End users don't see cost savings directly, and they don't care about your support troubles.
My advice for a large migration is to break it up into small ones. I like the approach of one application suite at a time.
And I suppose I should add 5. profit!
2. Decide on a method for authentication. I suggest using Kerberos 5, since that's what Active Directory uses. You must make a choice -- use Active Directory as your KDC, or use MIT or Heimdal as your KDC with a trust between it and the Active Directory. Due to licensing, and technical reasons, we use an MIT KDC, with a 1 way trust (AD trusts the MIT KDC, the MIT KDC doesn't trust AD). The technical reasons boil down to:
Note that you could choose to have Windows systems authenticate against the AD or authenticate against the MIT Keberos realm, and have non-Windows systems use an MIT KDC.
2. Redirect passwd file lookups to LDAP. You already have an LDAP server -- Active Directory. You'll need to add the LDAP schema defined in RFC 2307, and will need to add the posixAccount auxillary class to all of your users. Part of that process involves putting the passwd file information like uid, gid, geckos, homeDirectory, and shell information in the appropriate attributes.
Again, due to licensing issues, and the fact that we already had an enterprise LDAP directory, we chose to not use Active Directory for this purpose. But, it certainly can be done.
3. On the linux desktop systems, use pam_krb5 to redirect authentication to kerberos, and configure nsswitch.conf and ldap.conf to redirect passwd file lookups to LDAP. On RedHat systems, you can do it all from authconfig, although I think it's helpful to know the files involved.
4. I like pam_access for restricting who is allowed to log in on a given workstation. pam_access can restrict to members of groups, and those groups can be posixGroup objects in LDAP/Active Directory.
I think it's helpful to have home directories on a central server. We use OpenAFS. I don't know if it's possible to have a user's home directory on a Microsoft share or not. If not, you'll probably still be in the business of creating home directories on desktops. Microsoft has some NFS thing for Windows. I haven't used it, so I'll refrain from commenting, other than to remind you to research potential licensing issues.
A lot of this will work across a number of platforms. I have it working on Linux and OS X.
Beyond the stuff above, for managing lots of Linux desktops there are lots of options, but they're probably all roll your own type things. If you have a few standard configurations, you could use rsync. Or have them all point to a central YUM repository, or... Well, there are tons of ways. I can't give you a postmortem on that, because we don't have lots of Linux desktops in our environment yet. Centralized management doesn't make sense for the few that we have.
Summary: pam_krb5 + pam_access + nsswitch + central filesystem == HAPPY
Read up on kerberos. There's a fair amount to get your head around. If you can explain why kerberos authentication is better than "ldap authentication" you should be in pretty good shape.
That is a good question, and if us Linux geeks ever want some foothold in the "common" market, we need to answer it or create an easy way to do this. The first thing I would do is begin using OSS applications like OpenOffice.org vs. the standard M$ Office products. OO.o is cheaper, has similar functionality, and is simpler than MS Office. I'd perhaps also deploy the newest version of Firefox as the default web browser, including some sort of memo to the staff to please use this new one (for security reasons, you could say).
This is where the hardware aspect enters. Each of the software mentioned above has ports to Win32, Linux, Mac (9 and X), and SunOS/Solaris. The thing about linux is that there is upkeep needed. I guarentee that probably 20000 of the users will not want to update their software weekly. I work at a research lab, and we run SunOS, Red Hat Enterprise Linux, and Win32 XP. I love linux, but RHEL doesn't have the best package management in the world, and most users aren't going to like the necessity to hunt down packages. Plus, with RHEL, I often must compile my own packages, which is a pain and sometimes time-consuming, and often I have to make further system modifications (most of which require root access) to integrate the new application into the environment. Having every user log in as root to apply updates is a terrible idea.
At home I dual boot XP Home and Ubuntu Linux. Ubuntu is good; I really enjoy it. It is based on Debian, so the rock-solid package management is still there. Minimal configuration could be done to allow users to install updates, without them needing root access or requiring technical knowledge. Still, though, many applications require compilation tweaking for the user to be happy with the results. Basically with any Linux distro, you'll have the ease-of-use problems. I'd keep a simple rule of thumb: if it needs the terminal, stay away (regarding large amounts of users).
My first choice would actually be Apple in this case. Not only is Mac OS X secure and easy to use, but it is simple to distribute widely. Mac OS X is based on Darwin BSD (based on, like movies based on books). It uses a mock kernel, so it isn't really BSD, but the layer between the UI and the kernel is Unix. Installing applications is just as simple as windows. In fact, most applications require the user to copy the application the applications folder by clicking and dragging. Plus any business application these days is likely to support Mac and Windows. The biggest problem with using Apples is that they don't come standard with a 3 buttom mouse (but 3 button mice are compatible with Macs). Apples are honestly the best computers on the market for general business users and artists alike. I wouldn't run a 500000 entry Oracle database off of one, but I would not even run a 50000 entry database from Windows. The advantage of Mac is that it accomadates both techies and regular users. I, being a techie, like to customize lots of things. It isn't hard to customize a Mac, but Apple set things up very well so a non-techie doesn't inadvertantly screw something up. The only real disadvantage (other than the mouse issue) of Macs is that they are expensive. Consider, however, that Apple has some of the best support (though with 40000 computes you'd probably have techs ascending from the ground), it has some of the best hardware, and an Apple's power doesn't deflate. We've all had the experience with Windows that it works so quickly at the beginning, and then after a while Windows just slows down. Apples don't do this. The battle for the gigahertz is really irrelevant.
Summary:
Go with Apple: cost/benefit is probably best of anything out there. Begin using OSS standardly. Update the systems in very small baby-steps. Start out with a test group of maybe 200 users. If you want to upgrade a specific department, that may be the best idea. Get their inputs throughout the test group. Include both techies and non-techies in this test-group and see how it goes. Most likely any major problems will pop up in this test phase and can be addressed before 40000 computers and users are affected.
This is all assuming that A) you know what distro you want and B) you have already checked that software packages can match your business demands.
These are the deployment options you can apply, for example:
if you are using RIS or DHCP, adding a linux loader as a menu item is a snap - both redhat and debian can start their installers - which you can automate.
if users are installing via custom made CD-roms, it's easy to make an auto-deployment CD. redhat and debian have extensive support for that. i've personally worked with anaconda and found it quite customizable to my needs.
i'll forego LTSP and similars as you already noted they're not appropriate for your setup - but "real" linux can also run directly off PXE and do network mounting - you might want to try that.
that should be enough to set you off piloting.
The parent, who obviously read /. yesterday was making a joke! Evidently you didn't get it and neither did the dimwit who modded him as a troll.
a lot
a lot
a lot
It's two words, folks...
Time to fire and rehire your desktop support staff
I'd think you would lose one or two "mental giants", but that's it. Both are better off for parting ways.
Retraining Costs
More than a few DE emulate Redmond's desktop, so I don't see where the issue is here. ALL the new apps? You mean the email clients with pretty buttons laid out in a predictable way and reasonably suggestive icons? Most OSS apps follow Redmond's products pretty closely. I don't see how this is an issue at all except when politics/microsofties shuts the whole thing down.
does Linux provide a real business value
-I can run a domain for less up-front dollars, and far less baby-sitting. (saves time and money)
-I can run desktops without antivirus/spyware/firewall software annual subscriptions. (saves money)
-I can use the hardware I've got for longer. (saves money)
-I can manage client pc's far more easily. (saves time and money)
-I can better manage my IT budget. (Microsoft BSA shakedown anyone?)
-Less license compliance management (imagine what a CF a BSA visit would be)
The most important difference is an MS product tend to work in one or two configurations. Trying to make them do anything else is just asking for trouble. In Linux/BSD applications can be combined to fix my problems far better than comparable MS products.
I don't think you can make an effective case to begin the switch-over of 40,000 desktops to linux
Yes you most certainly can. Like ALL projects at that scale, it happens in long well-planned phases. At that scale, MS may make the executives an offer they can't refuse, but end-users don't really care.
I've switched clueless users over before and they don't know it's not windows and they don't care. "Just let me get my work done." Which they can and do with greater efficiency on many different fronts.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
another problem is the unknown issues that will come up. with that many users there will be a LOT. just take excel for instance. while openoffice can do much of what excel does there might be some functions that aren't in it. if that happens to be the case and 10 users NEED it you're screwed. also there will probably be a million questions on how to do things they used to do in office. you'll need a lot of training. (this is all time and time=money).
I contracted for a company and converted ALL desktops (75 of them) to Linux. At first the users were unconfortable but after a few months and no "wierd Windows problems" they were happy. CrossoverOffice (WINE) worked great in getting those apps I just couldn't replace. The users grew to love OpenOffice and Evolution. At first I tried SuSE, RedHat 9, Fedora Core, and Gentoo. For regular desktop users I found Fedora Core worked best and had just about everything they needed already installed. The people with scanners grew to love Gimp becuase of it's power over Paint (we couldn't buy Photoshop for everyone). The hardest thing was to find a good Terminal emulator with key mapping.
At work we've used Linux on the desktop since RedHat 7.3 was an up to date distro. The systems now have a mix of FC3/4, with Firefox, Thunderbird & OpenOffice 2. We have an MS leaning technically inept VP, but he had Windows on his desktop so didn't make a fuss.
Last year my pro Linux manager decided to move out of state, but first would hire and train up a replacement. Alas his hiring choice was overridden by the pro MS VP, and onboard came a completely MS focused replacement instead.
Since then, our "Windows only where absolutely needed" policy has been ignored completely and it's downright depressing. All whitebox machines bought since have had XP Pro and Office 2003 put on them, while a fair chunk of the existing systems have been reformatted and had XP put on for no good reason.
The boss and upper management had no idea but are now noticing the costs involved in all this proprietary software. Meanwhile 90% of Linux desktops at the company has shrank to 30%, and any time I try and question a decision to wipe out yet another perfectly working Linux box the new manager bleats 'productivity reasons' which is utter BS.
We've worked just fine for 4 years with Linux desktops, and any time I've been to talk to someone who had these supposed productivity issues, they've said 'oh well I didn't know where something was' or 'I couldn't open this file', or some other easily fixable issue.
The other reason he cites is that 'people new to the company don't know what they're doing' with Linux, yet they're expected to figure out how to use the company's custom database interface and the way the whole company operates with next to no help.
It's such horseshit that I'm on the verge of quitting. With the VP & manager tagteam all my hard work is being dismantled and I can't stop them as they're putting themselves between the rest of IT and the users.
-AT
Working in a DevOps shop is like playing in a band made up entirely of keytarists.
Anyone care to guess who the employer is?
The list of companies with 40,000 laptops and desktops should be small. GM, Intel, Siemens, Lockheed Martin, Verizon, and a few others (we can probably rule out Microsoft).
One important clue is that it seems like they are using Ask Slashdot as a their first tool to investigate a major business decision.
There is quite a few options that have good pro's and cons. Here is a few suggestions and my personal experiences. For a desktop environment here are a few suggestions. SuSE Pro Linux,
This desktop environment comes complete with a nice interface for installation. This includes the ability to use a domain for authentication information.
Pros: Good installer, Easy to configure, abundance of applications.
Cons: SMB configuration for Printer sharing is not simple nor easy but required to browse a windows network. Requires Lisa to browse windows base network. Apps list is weighty and can confuse. Will not play DVD's *(due to the DVD Consortiums direct actions.) The equipment and software is capable of it but disabled. While video games are not a plus for the Linux Desktop system you can get around this with Codega.
Novell Linux Desktop,
This seems to be a great alternative to the full weight of SuSE Pro. This environment comes with far fewer applications that the full beast of SuSE Pro and might need a few applications installed or compiled.
I would give both of them a go and see what you think.
The Novell Linux server is also a good beast but will not always play with within a previous AD environment. Mind you this has nothing to do with Novell's server product.
Hesperant
The Rainworks Project
here is a guy who works for some very large company. why on earth shd he get free advice ? I mean, if Verizon or Dell or Ford or someone like that said, hey we want you as a consultant, but are not going to pay you for it.....
at some point this open source love one another community thing gets to be ludicrous. If the guy is going to make a committment to buy 1,000 linux desktops, i'm sure a vendor will give him some support...
and i wonder how great his employer is - is this a guy who works for a compnay that is shafting employees left and right, paying the ceo gazillins, and we are expectted to help for free ?
Pop Quiz: Name a place where you can ask a question of a couple hundred thousand UNIX, Linux, Windows, and other IT/IS pros all in one place, many of whom may have experience relevant to your company's situation. In addition, this place cannot charge a fee for their services, and the answers must be diverse and rapid.
...
I don't know about you, but the only place that comes to mind is Slashdot. Vendors and consulting firms often have a bias to whatever products/services they feel they can offer at greatest advantage to themselves, and not necessarily to your best interest. With all that in mind, I think Slashdot is a pretty good place to start, like bouncing an idea off of a skilled friend except on a much larger scale. That's not to say they shouldn't do their own homework from that point onward, but a company doesn't often get to the point of having 40,000 workstations by sheer guesswork.
-AT
Working in a DevOps shop is like playing in a band made up entirely of keytarists.
As much as I would *love* to be able to do this, it's just not yet feasible from what I have seen.
Replacing so much of your environment without going over to Citrix or something else, just isn't worth the management overhead that you will have.
Having to manage the different platforms for a start will be a hassle, the fact that the two platforms will look different will confuse the users, and possibly if it's in a public place, marketing as well.
When the time is right, you will be able to get a HD-DVD or Blu-Ray disc and put it into a computer and run it up, Exchange Server, Active Directory Domain Controller, whatever, and it will convert it and everything on it into a Linux box. TLC - Total Linux Conversion.
The management overhead of an environment that size is huge as it stands, unless you can see that you are going to save the business BIG BIG dollars by maintaining another two or three environments (Don't forget, there will be different versions out there) nobody is going to accept it just yet.
Wait a couple of years, start bringing in Open Source software to replace other items, and make the future migration simpler, but a conversion now? I just don't think it's going to happen simply and straight forward just yet.
Baby steps, eating an elephant in one hit is quite a difficult task that essentially no man can do, just take one bite (Application) at a time, and then it will be easier.
Curiosity was framed; ignorance killed the cat. -- Author unknown
Ladies and gentlemen of the jury, I'm just a caveman. I fell on some ice and later got thawed out by some of your scientists. Your world frightens and confuses me! Sometimes the honking horns of your traffic make me want to get out of my BMW.. and run off into the hills, or wherever.. Sometimes when I get a message on my fax machine, I wonder: "Did little demons get inside and type it?" I don't know! My primitive mind can't grasp these concepts. But there is one thing I do know - when a man like my client slips and falls on a linux distro in front of a public library, then he is entitled to no less than two million in compensatory damages, and two million in punitive damages. Thank you.
A lot is two words, you insensitive clod!
Normality is now: overrated.
Okay, the last line was definately troll-worthy, but the gist of the post is spot on. You can't use OSX on non-Apple hardware, and that is friggin' retarded. I've heard all kinds of good things about OSX, but if I can't run it on the hardware I own and like, then screw it.
Hey, I finally got my first freak! Took you long enough!
I had a friend who had to set up a network at a local church using largely donated PC's. I gave him all 3 flavours of Ubuntu (MAC, PC, 64Bit) and he was able to get a pretty good system up and running in 2 days. (Granted, only about 15 PCs) The basic release of Unbuntu/Open Office has everything a church needs - web access, ability to print newletters, correspondence, ability to keep up with budgeting... And, as an added plus, chances of users downloading adware, viruses, and silly little apps/toolbars is very sharply reduced. Training was made easier by the fact that the staff, while familiar with Windows from home, was not used to doing things one way. A few brief training sessions with a short handout (explaining how to save doucuments in word/excel formats in the rare case that something needs sent outside the company) and all is running well. Saved the church lots of money on licenses, and provided a stable environment. I agree with the posters though who say a large, well-funded enterprise may be better off sticking with Windows.
Second -- it's almost 2006, and the only major Linux desktop deployments anyone can name are a small city in Florida that converted from Unix thin-clients years ago and a 300 person company controlled by an owner with a raging grievance against Microsoft. Next stop after that is a couple of guys saying "Ubuntu rulez!" At this point, I think it's fair to say that it's astonishing how little penetration Linux has made on the desktop. It certainly has advantages, even if they're not as overwhelming as the zealots make out, and I'm surprised at how little has changed since the fabled Million GNOME Desktops In Mexican Schools hype of 1998.
The issue is that Linux is not Windows. Yes, you can use Linux in place of Windows, but if you do so you are asking for a headache (yes, people do spend way too much time trying to make Linux into something more like Windows-- for example looking for a replacement for X11 that is not network transparent and the likes).
On the other hand, if you take the requisite time and have the expertise, you can create a *much* better system with Linux. *Far* less TCO, *far* better integration. No distinction between local and remote apps for example.
LedgerSMB: Open source Accounting/ERP
Anyway, again I tried to install it on my father's PC (I'm a Mac user actually, and I have no access to another PC right now). Again the installation failed; again, the integrity check revealed a corrupted file on the CD; and, again I installed Kurumin successfully.
With this evidence... must I assume that the problem is a defective computer, rather than a defective disc?
Circumcision is child abuse.
Novell's workstations (the majority at least, and yes, I know for sure) are Linux-based. NLD (Novell Linux Desktop) is based on SLES 9. Novell's server products (Linux OES) is also based on SLES 9. Novell runs windoze apps in Crossover Office and uses OpenOffice 2 for everything, including high-level reports (I haven't seen a .doc for over a year, or a .xls, or a .ppt).
Give it a shot. These desktop OS's are great. Unlike IBM's efforts at converting Novell is doing it and quickly.
One of the difficulties of displacing Windows is that, "That's how computers work," and people don't realize that it doesn't have to be that way. Now for a few counter-examples:
We got a notice today that the license for a certain (very common) utility expires at the end of the year, so the normal software update "push" process is going to remove that software, and we will need to use an alternate. They tell us that the alternative is already in place, and may have named it, but we'll have to change habits, etc. This utility is the type of thing that's considered basic plumbing in *any* Unix or Linux.
A few years back, the corporate network was practically dead during the August virus storm - the Windows virus storm. Meanwhile those of us on Unix could barely do our jobs because the network was crawling.
I'll stop there.
The living have better things to do than to continue hating the dead.
The technical stuff: Users were running on ageing Sun hardware with relatively low performance (Blade 1000s, Ultra 60s). The applications they run are technical applications for which ports exist for both Solaris and Linux. The new hardware is high-end HP workstations with more memory and processors than you can shake a stick at, combined with Nvidia FX3000/3400/3450 GFX cards. OS is RedHat 3.0. That was forced upon us by the key application which is only supported on that distribution.
Rationale behind the move: Move to Linux because the applications run faster. That's it.
So what worked well?
The major factor in the success of this rollout was the relatively low degree of change in terms of what was presented to the users. The applications they use were simply ports of the Solaris versions. Nothing new to learn. The only difference is that they work a whole bunch faster. Instantly the user base is won over and there's buy-in.
Another, seemingly small, item was the look of the login screen and the desktop environment on first login. First impressions do matter, and getting this right turned out to be very good PR. As the desktops were deployed, users would crowd round the first of the new systems in their areas and "kick its tyres". People were genuinely interested in what they were seeing, and a buzz spread round quickly. On our feedback forms many commented on how much they liked the new, tricked out, environment. In reality little had changed in terms of usability and people weren't frustrated that they couldn't find their favourite application (or analog, where none existed)
There was a relatively low impact for the support team too. Accustomed to Sun's jumpstart, kickstart is an intuitive and easy mechanism for deploying to a large number of identical desktops very easily. Power on, press F12, and the whole thing is automated from that point onwards.
What didn't work well?
The desktop environment was customised from the standard Redhat KDE login so that the right click menu displays a cascaded list of technical applications. Non-essential stuff was removed. Working out how the KDE menuing system hangs together wasted 2 days of my time. Redhat support were useless and I had to use a combination of strace and the source to prove definitively how it works. My major gripe with this whole process was the total lack of adequate documentation. If you're coming from a commercial Unix vendor's platform you'll be accustomed to good quality documentation that gives you all you need to deploy in a couple of hours. Just compare the CDE guides on docs.sun.com to the KDE manuals on www.kde.org and you will see what I mean. This is a fundamental weakness in the OSS world that must improve before large organisations will consider widescale deployments.
What else?
There was no desire or justification to migrate the backend office applications to the Linux desktop. Don't go there - it's a hiding to nothing. If the rest of your enterprise is using MS Office and Exchange there is no sense in trying to fudge things with OpenOffice or Evolution or their ilk. If you do, you *will* have problems. Somethings just don't work, and the support team don't want to spend the rest eternity trying to figure out why a particularly obtuse Word document with some recondite macro is refusing to display in OpenOffice. So how do those users get their standard office tools? Citrix. It just works. Leave the pain of MS support to the masochists and get on with your day job
You do remember that Apple's revenue comes primarily from the sales of hardware (Macs, and iPods) right?
Someone brings it up in every time. I might as well do it here. (Yay AC checkbox.) APPLE WANTS YOU TO BUY ITS HARDWARE. If you're not an Apple hardware customer, you're not an Apple customer.
I guarantee you that Apple has done basic market research to examine the potential market for boxed copies of OS X for whitebox x86 PCs. I'll further guarantee you that they did basic math to figure out the potential revenue from that potential market. And I'll go out on a limb and say that if that number was higher than their projected revenue from hardware sales, they'd start shipping the CDs out ASAP.
Slashdot readers like to believe that Apple is a cult centered around Steve Jobs' massive ego. Bullshit. Apple is a Fortune 500 company. It has shareholders which elect a board of directors, and Steve and his ego are answerable to them. Steve and his bigwigs do their research and justify their decisions to the board. There's no way they'd hold off on a profit-making opportunity if it was at all reasonable.
I have been running Linux (currently FC3) on my Desktop for 3 + years, as a result of being thuroughly disgusted with Windows. Fortunately my company of 600 + has a very decentralized IT department and no one noticed until I said something and to this day no one really cares what I run as long I get my work done. As such, as a community of one, I have become quite use to figuring out how to "make it do what I want" and consider myself very competent. I have paid for no software (with the exception of Crossover which I paid for since I considered it my choice to make the switch). I would be a greater advocate for Linux desktop migration, but I have to compete with a small but vocal contingency of OS-X users.
.autoreg before you can acheive that seemless gnome integration. If a visit to the website is not helpful, I start googling.
One of the biggest problems I have found is that in order to install software in linux I go though a number of steps:
1) go to the site. Poke around to see what I need in addition to the software package in question to install to make the disired package work. This is really just a cursory look and usually results in nothing.
2) download the package (sometimes a tgz, sometimes a rpm, sometimes a bin, etc).
3) attempt to install. 8 out 10 times this will not work.
4) armed with whatever lame error message I received as a result of #3, I start researching. Sometimes there is a readme, and sometimes it is actually helpful. In the case of Firefox 1.5 there was a readme that was totally not helpful. I revisit the website... this time with a little more enthusiasm for my quest for info. Apparently with fc3 you have to download and install linc then touch a file called
5) bounce between #3 and #4 for a while until I get everything installed. Or I loose interest and put it aside... effectively giving up.
As a windows user, installing software was as easy as double clicking setup.exe, and 9 times out of 10 that worked. For me the litmus test is this: Can my father do it? Install an application in Linux: No. Install an application in Windows: yes (unfortunately sometimes when he doesn't mean to).
The problem, I think, partly stems from an inherent arrogance on the part of developers who think that if you are running linux you are smart enough to figure out how to administer and configure it. And for the most part that is true, but only because of things like this that prevent wider spread adoption.
you meant Ximian Connector? it's been released under the GPL license last year. see this press release.
The real killer was that the tiny wireless laptops were used solely for telnetting to a legacy system. The WLAN network was comprehensive, but every now and then the network WILL go down momentarily, and the Windows telnet client (legacy app from 1994 or so, with custom scripts to make function keys to do all sorts of weird things) just did not handle even a brief disconnect. Worse, the server side kept the accounts in a state that prevented login for some 40 mins.
I tried to hunt for a solution, but being no Windoze expert and having no root access to the server it was easier to install Ubuntu (for testing) then SUSE (because boss told me so) and run an autossh tunnel via a Linux server. Added bonus: strong encryption without some commercial VPN bs. I used plain old xterm because it's easily reconfigurable via xresources, and THOSE are not going to change ever :-) Konsole and gnome-terminal seem to be in a constant flux.
Now the system works, one can fire a shotgun at every WLAN AP, drive to nearest store, buy new APs, set them up, and if you do that within 40 mins the telnet connections never break.
Oh, the powersave part.. battery lasts over 5 hours under Linux, under 4 under XP because of all the extra bullshit that was installed by default. It could be tuned to 5+h no doubt under XP, it just was too much of a hassle.
'Once scientists, even the dim-witted social scientists, get muzzled, the Western Civilization is finished.' - oldhack
In fact, these days most companies have their main applications like ERP web based. So, the platform the client works on becomes less important. That's a serious saving. Why dont you just change to a thinclient or LTSP? Maybe you need a wordprocessor and a spreadsheet next to your webbrowser. Everything else can be done with your mozilla.
Before you make the decision to migrate to Linux, you need to think about "why" you are moving over. Do not move over because it is "cool". There are shops that run perfectly fine on Windows machines, and spending time to migrate to the newest, coolest platform will be a waste of money and time.
My company made the switch from Windows to Linux almost two years ago, and the reason was because management finally decided that we cannot run pirated versions of Windows anymore, but we also did not want to pay for any OS/computers. Thus the move to Linux, because it is free (as in beer... wait, who here gets free beer?). Oh, and no IT department. They decided that this can be done with one system administrator (who is maintaining 50+ critical servers) with help from a couple of programmers.
This caused a lot of pain, not only because of the short time frame to move ("quick! do it before we get audited!") but also because of the lack of funds. Management bought us the cheapest, crappiest hardware they could find, and asked us to put Linux on them ("because Linux works on old hardware, right?").
Given all of these circumstances, I thought we did an amazing job in moving everyone over to Linux... our users bitched a lot, because they no longer get to use their shiny personal Windows laptop, but instead, they have to use the crusty ol' PII 450 with a 15" CRT, with a griding hard drive and a hairy mouse. Of course, hardware failure was frequent, and most of the users just blamed it on the "crappy Linux machines".
Sometimes I look back at this experience and thought that we had done more harm to the Linux image than we did good... most people in my company now has a negative opinion of Linux, due to the rushed-out software + unstable hardware.
I guess the moral of the story is: If your IT infrastructure sucks (or plain doesn't exist), moving to a better OS probably will not help you.
I tried to use Ubuntu at a large enterprise shop. Even after having to write the script to do VPN connections to our environment, which was not fun, and then trying to get the simian-connector setup to work with the Evolution 2.2 and 2.4 (which kept crashing), I was not sure that this was ready for prime time. I think the enterprise IT dept has to be ready to enable things like pop or imap or other stuff in order that this. I must admit that all of that was very fun and satisfying, and after years of Windows it was nice to be able to modify the mouse sensitivity via kernel mod and make my unique flavor of an OS. ;-)
Big happy smile for that.
I would say that ubuntu is better than the other "professional" linux desktops though. almost perfect except for the VPN and the exchange access. . oh well. . .
Hey, imagine that: A quick Google search turned up this handy program called SystemImager and a whole bunch of other links.
Search on the strings:
systemimager linux
jumpstart linux
kickstart linux
ghost linux
Happy reading. Gotta love dose Google guys!
Everything in the Universe sucks: It's the law!
Simple solution, Use Altiris (www.altiris.com) and you can image about 400 machines a night to what ever OS you want... and then deploy software and take inventory... you can even demo it for 30 days to see, it is complete lifecycle management, including counting the cost of all those MS licenses you no longer need!
Trying not to sound like a corperate shill (I work for the company which makes this software): if you wish to incorporate a number of Linux/UNIX workstations into your current Windows AD based environment, I would suggest you look into using a product called VAS, from Quest Software. It runs a daemon on the Linux/UNIX host, with modules for PAM and NSS, which allow the host to join a Windows domain and authenticate using Kerberos through the AD's KDC, the same as a normal Windows workstation. Windows users can then login and be managed from AD, producing a minimal amount of disruption to the current corporate IT setup, and a single-sign-on for both Windows and Linux/UNIX systems.
I know that Novell has moved a good part of their work force over to either Suse or Novell Linux Desktop. I also know that the University of Detroit Jesuit High School in Detroit has 110 Linux terminals being used by students.
John
Well, seems like I'm alone with noone to reply to. We run linux on one of our four servers. It is used soley for web access and email counts. Does it's job and does it well. Yesterday with a prolonged power blackout, two of the three Win2003 servers would come back up - linux did it in about 45 secs and just kept swimming.
1. If you need/want ongoing commercial support Open Country is your answer Cross distro supporting .deb and .rpm both. Totally web based admin of all of your linux systems and the users (note they can make apps follow users) Disclaimer: I helped in the founding of the company.
2. If you want Debian only in what is IMHO a very well designed setup, also web based Klaus Knopper of Knoppix fame has created m23 the iso, and it's documentation (quite extensive) are both on the knoppix 4.x DVD.
I'm sorry, I'm to tired to be witty at the moment so this message will have to do.
I'll be suprised if anyone reads this, or even believes it, but..
It's been my job professionally for about 5 years to manage Linux on the desktop for a biomedical company who designs their own ASICs and PCBs on Mentor Graphics..
First I migrated them away from HP-UX as Mentor Graphics ported more and more of their tools to Linux.. It was more cost effective to get brand new Dell machines running redhat [which gets replaced, because Dell's redhat install is crappy] for US$1800 than refurbed old PA-RISC workstations at US$5000+ a box.
Basically, I'm using:
Distro: Debian
GUI Xfree86 or Xorg [depending on which box]
Desktop Env: KDE [muggles love KDE]
Mail: Evolution and MS Outlook [a la crossover office, what a lifesaver!]
Web: Mozilla or Firefox [both are installed]
Office suite: OpenOffice 2.0 and MS Office 2000 [a la crossover office], planner, & MS Project
Music: amaroK or xmms, or whatever they want
The home directories, and proprietary Mentor software are all NFS automounted [it's fine, really], so the only data on the drives is the os and application data.. i lose a drive, no big deal, when the drive's replaced, i reinstall stock debian..
However, I -have- used apt-move [and apt-proxy] to make my own distro of debian in-house for building workstations.. it's a lot more convenient to install the netinst CD and be done, reboot the machine, point the sources.list at the internal repository, load aptitude, and just hit + on the top levels [which essentially loads everything in the repo.], and bam. Installation would probably be more efficient if i used something like Fully Automatic Install (FAI), but i haven't been smart enough to figure out how to get it installed.. It's only good for installs tho.. I maintain the separate repo for upgrades.. That and it keeps people from installing things willy-nilly from the net if the only repos the workstations have is an internal server with a subset.
User accounts are all managed via LDAP, tied in with the corporate ADS directory, one login to auth them all!
box configuration management is all handled by Cfengine2 -- all hail the university of oslo! Cfengine has made it possible for me to manage all the boxes at once, no matter what the hardware discrepancies.. i can do the work of 4 people, by myself. that and, the configuration repairs itself if discrepancies show up on the workstations for some reason..
Let's see, that's software centralization, user data centralization, user auth centalization, and workstation configuration centralization.. for 30+ boxes across two buildings, for engineers and managers, for almost 5 years.. There may be better ways to design a network of workstations, but the support model I've implemented has really worked out for me..
Once a "normal" user gets used to the idea that the computer will do whatever they want it to do, even though it's not windows, the questions about how to do things taper off after a while as they get used to the new system..
It's sad really. I've been doing the Linux desktop professionally longer than anyone i've ever even heard of. I know for a fact the Linux desktop is completely viable, but nobody seems to believe it. Non-technical and technical people alike all seem to have their doubts and never get up the energy to actually explore it.. Heh..
anyway, good luck
US$0.02++
Missing is an enumeration of *why* you want to make the change, and the benifits/risks thereof.
Stop saying boxen !
Stop saying boxen !
Stop saying boxen !
Just STOP !!!
... is do you need to upgrade at all? All upgrades or changes cause chaos and transition periods. If your office is HAPPY with Windows, and there aren't any pressing wide spread problems necessitating a change... why not just leave Windows be? Besides, compared to other costs Windows is financially miniscule.
Based on my wages, I "earn" a copy of Windows every hour or two. The time it usually takes me to get a Linux Distro up to Windows level functionality is much much greater than that.
Stop and ask yourself, from a purely economic standpoint, does the extra time you would be spending trying to manage a mixed OS environment be beneficial to the company. If the answer is no, then you've saved yourself trying to hoodwink your superiors into making decisions that you "like" to see instead of decisions that are actually good for the company.
You want to run linux desktops in an A.D. / Windows environment? Do you want them to integrate into A.D. and manage them with windows bases servers? If thats what you want, maybe you should look at http://www.vintela.com/
We use Linux at our Texas dealerships for some servers, but today marks the first day I have ever set up a 'normal user' with Linux on the Desktop. It was Ubuntu. So far, so good. We'll see how it goes. I'm excited to rid ourselves of Microsoft products.
If I read the original question, he is asking how to make
it possible to run Linux _alongside_ the 20,000+ desktops
that are already installed. Most of the above replies
seem to have assumed the original post was asking about
replacing the desktops.
I run Linux in a 40 desktop environment that is predoiminantly
Microsoft. Thankfully I have some System Administration
responsibilities through which I can influence things like
ensuring IMAP is running on the exchange server.
I have run Redhat (7.2, 9, and EL4) on my own workstation.
A colleague runs Gentoo. So far, we are the only ones with Linux
on our desktop. However, I have just finished installing two
database servers using RHELv4 running the "O" word, and any chance
I get I point out where Linux has made me more productive in my day
to day tasks.
One of my requirements is to work from home. Using a Linux shell
across a VPN (low speed ADSL at my end) is far, far, far more
efficient than using Windows via VNC. Since I'm also programming on
Solaris most of the time, Command line is really all I need. And
when I use "screen", moving from work to home means all of my
shells (upwards of 8 at any one time) can stay open, active, and
ready for use.
The DB servers using linux is the first sign that management see
there is something to this "linux thing". All I have done is to
influence our (admittedly antiquated) NT4 domain to enable
co-existence. And using standards like HTML on our intranet
instead of Word documents.
Now that OpenOffice 2 is out, I will start suggesting it as an
alternative (we pay heaps in licensing every year to MS).
When it comes to the crunch, its the bottom line that is the one
thing that mangement understands.
Check out Vintela Authorization Services It provides full integration and synchronization between Linux and Windows AD. We use it where I work, and it greatly simplifies things, so that for example, if a user is created in the AD, they can use their Windows credentials to log on to our Linux server.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't regist
Well I was a ubuntu zealot myself till I tried Xandros, Ubuntu is good, But I prefer a Kde interface and xandros comes with crossover office installed(a 30 day trial version). This allows you to run windows programs like IE or office if you have to. The one thing I note with xandros is its a love hate relationship, in my case its true love, but many seem to not like it, as it has a strong GUI interface and is almost a totally automated setup. The upside to the setup I find is that it only took me 25 minutes to install it on my first try, and at 25 minute I was pulling email off of my server. Add to that it comes with open office installed and you have a pretty solid system that has its own vpn you can install with a down load, as far as I know no one else has a vpn in their distro's as of yet. While this isn't your typical linux, I think if you give it an honest try I think you'll find its a good choice.
You could find some techniques to install a Linux system automatically on a lot of computers at http://linuxmafia.com/faq/Debian/kickstart.html
Copy'n'paste:
Kickstart is a Red Hat package that deploys Red Hat to multiple
installation targets with minimal customisation. SystemImager is a
third-party tool that does a better job. http://systemimager.org/
fai (fully automated install) is a Debian-based tool to do likewise.
http://www.informatik.uni-koeln.de/fai/ Like System Imager, it's
suitable for building clusters.
Replicator is similar. http://replicator.sourceforge.net/ It tries to
do some customisation for differences in hard disk sizes, video cards,
etc.
Partition Image is a semi-automated tool for replicating a Linux
partition to multiple targets. http://www.partimage.org/
(Of course, you can also use an LNX-BBC maintenance disk and "dd"
or dump/restore images. Pick your poison.)
I was responsible for installing Samba3 domain with LDAP a few months ago and the most complete and comprehensible guide I found on the net was John H. Terpstra's guide, Samba3-by example. The guide contains real-world solutions for different organizational configurations, so I suggest you give it a chance. You can find it on the official Samba website. The servers I configured now serve both Windows and Linux clients - which as I understood is what you were looking for.
"The question is about replacing Windows boxen with Linux"
No. The question is that's not the question.
The question is not about how can I install Linux on my "box" and then being able to connect to my company's IT resources without IT people knowing it.
The question is about how the IT people can deploy Linux desktops/laptops in the hundreds in a controlled manner and integrating with current IT tools and procedures. That's the question.
And the previous post adds ABSOLUTELY NOTHING about the question.
Well, on two of my home computers, Linux has run just fine for a long time--long after Windows needed several complete re-installs. Ubuntu works on the desktop computers with out any problem, as does DamnSmallLinux (only problem--printer drivers--you have to get them), as does Puppy Linux (gets them for you). I know that Ubuntu works on a laptop, and you can find Linspire already on a laptop computer.
A very real hinderance is that any time a big customer gets some visibility in moving to F/OSS on the desktop, resellers highly dependent on MS' continued good will must step in or lose that. If it's a big enough account, then MS will step in directly and try to cut certain people out of the decision making process. In some cases the vendor will hinder hardware orders for the evaluation or pilot. Or MS will set a handful of their own staff full time to work on site to "help" with the evaluation.
So there are good reasons why open source projects are not publicised. In general, it pays to keep quiet if for no other reason than to avoid the persistent whining and shouting from the MS vendors. Some however, either have nothing to lose or have been pushed too far by MS (or its designated reps the BSA) or both.
Anyway, some of the rest can be explained in that most non-power users won't remember or even know which specific hardware, OS, or apps they are using. So of course you won't hear about it. Put them on WordPerfect, Appleworks, AbiWord or OpenOffice.org and to them it's still "Word". For a lot of end users "Windows" means any graphical user interface including, but not limited to, Gnome, KDE, Fluxbox, and so on. Correspondingly "Word" means any word processor, "Excel" means a spreadsheet, and "Powerpoint" means those time-wasting presentation graphics. Even some die-hard F/OSS programmers do that. It's like the trademark dilution you had with "Kleenex" and "Xerox" or ordering a "Coke" down south.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
boxen!
Think about how the hell you're going to manage large numbers of desktops in a scalable manner.
Things to consider: Installing new apps, installing patches, managing users and home/shared directories. Managing printers, etc.
Sure, there are some slick tools such as apt and yum. But that's only part of the picture.
Check out Infrastructures.org to start down the path of enlightenment, Ed Gruberman. Or feel the wrath of a boot to the head.
The postman hits! The postman hits! You have mail.
An excellent posting. Thanks a lot for posting it in the detail that you did. I plan to try out Cfengine2 now. Do you think it would work with Ubuntu desktop installs?
-> Sometimes, you just gotta break free from the shackles of proprietary code.
I may be a little different from the other posters, in that some people have to justify the use of linux desktops over Windows. In my case, we are a biotech research center and lots of apps needed by my users are Linux only. We also have lots that are PC only and a few groups that are mostly Mac users.
I wanted an environment that could be the IT dream hybrid. One infrastruture to rule them all!
Its not perfect but here's what were doing so far (this is all been done very recently so only time will tell if this is actually a good idea!)
Active Directory is our common login directory. Our file servers are mostly Windows. All Linux apps are on an NFS share from a Linux server. We have an Mac Xserv that is set to synchronize with the AD. Lin/Win clients are ghost imaged
The Windows clients of course are handling purely with AD
The linux clients are set to pseudo-windows mode with Winbind performing the login and pam_mount auto mapping salmba shares like the drives that they are used to getting on Windows (they get /home/smith/U mapped to the same place as their U drive in Windows) Printers are run through the Windows print server also. Apps come from the NFS share.
Mac clients authenticate to the Xserv natively and get their drive mappings through samba from the Xserv login script.
Now the last piece is app management. We are evaluation Zenworks for the Win/Lin environment and use the Apple Remote Desktop 2 for macs. However if Zen doesn't run easily (most of my staff consists of student employees, so we have to make helpdesk tools easy to use) we'll use pure AD or AD+SMS for windows and continue doing Linux updates through the RHN up2date tool (it is set to automatically install any updates we put in a certain nfs share) and new apps are put on the NFS application share.
Zenworks certainly has the potential to be this solution for lots of people, but the added complexity of keeping yet another directory (eDirectory) sync'd to the active directory (currently we have openLDAP and the Mac Xserv user directory sync'd to it) might be wearisome to many and for lots of people the cost of these products is highly prohibitive.
This is my solution and it may be silly for most people, heck in a few years I may think its silly for ME.
I strongly belive that the approach taken by Symantec and Altiris (and yes Zenworks too) of buying up seperate desktop management tools and lumping them all together in swiss army knife conglomeration simply isn't going to cut it. I think the need exists for a new rewritten product to manage Linux desktops (and ideally all the others depending on client software(ie a Win client, a Mac client, Palm, etc).
As important and useful as this would seem to be to IT admins, (maybe we're worried that too much desktop management automation will put us out of jobs...) I really wonder when something will step up to the plate and make such a product to remotely image, update, deploy packages and remote admin a variety of clients.
This is something I've pondered a lot lately and had to comment on. If it makes no sense to anyone else, Oh well. :)
I brought Linux to my Microsoft-entrenched company six years ago and it's doing some good things for us on the server side. LAMP, in particular, has been a winner. Experiments on the desktop, however, were not particularly encouraging. Let's just say that people are creatures of habit. There need to be many good reasons for forcing them to use new desktop environments, a new browser, etc.
But the really, really big issue that people on the IT side of the equation need to consider is this: how deep is their sysadmin bench? Do they have only one superstar surrounded by Unix newbies? What I'm saying is that you want to avoid being the only person, or one of very few, who can manage your shiny new *nix network confidently and competently. Keep in mind that people take vacations, people get sick, people quit, they get fired, and so on. With Windows, pulling in some extra help for a day or two using a temp service - - in my area, anyway - - is no problem. But if you and, say, one or two enthusiasts are all you have on the Linux team and you expect most of the support to come from the Web, USENET groups, and old copies of Linux Journal, ask yourself how much fun it's going to be when you have the inevitable disaster, or you just want to take some vacation. I learned this the hard way and am now trying to build up some Linux competency in our tech department. Even though the attitude has been good and the spirit willing, it's slow going when you have to teach people 75 percent of the material (a lot of people don't like to read, you know?). As much as it is criticized, Microsoft support has gotten me out of several scrapes when I didn't have time to dig up the answer on my own. Who will give you priority when a critical service on your Linux network chokes? My best advice is that you think more about how to maintain the network than how to roll it out.
It's only funny until someone gets hurt. Then, it's hilarious.
Argh. I'm tired of people assuming any technical term of 5 or fewer letters just has to be an acronym.
It's "Win". Short for "Windows". It's not "WIN".
Likewise, if you're talking about Macintosh computers, it's "Mac". Short for "Macintosh". It's not "MAC".
I've also seen people write "Linux" in all caps (i.e. "LINUX"). This is incredibly annoying.
With spending like this, exactly what are "conservatives" conserving?
I think that prepackaged Microsoft solutions offer convenience and appear to reduce complexity and cost. As long as the environment is rigorously set up and you never have to do anything out of THEIR ordinary, that approach works for many people.
I have a really difficult time believing that kind of an approach works optimally for 40,000 people. If you force them to all work the same way, you save on your visible support costs, but you cost your business nimbleness and flexibility when you want to do something different.
While Microsoft has certainly improved in this regard, we have all heard horror stories about worms, viruses, denial of service attacks, and all kinds of other issues. Microsoft constantly fights back with reports that their systems have fewer issues, but twenty five years of actual experience running UNIX desktop and server systems and over ten years of running Linux desktop and server systems tell a different story.
I have never once, either at home or in the workplace, ever encountered any issue at all that resulted in even a minute of down time because of integrity or security issues. Many years ago, I was working on some wide open VMS desktop and server systems and we had a big scare - a prankster got into our network and put a silly display on every workstation in the company. We closed that hole the same day and never had a problem since.
I have other tales to tell about Microsoft based systems. At one QA employer, one person opened a worm Email message and affected the entire company's Email address books. We spent about a day of full time engineering resources to solve the problem itself, but we also wasted countless hours of individual employee time, getting rid of junk.
At two other employers, I was hired, along with around ten other people, to eradicate a virus and upgrade all software to the very latest service pack and anti virus data. The cost to each company was in the tens and hundreds of thousands of dollars - for ONE incident!
No system is impervious to intrusion, and best practices can mitigate many of these problems on any system, including Windows. However, the incidence of these kinds of issues and the general ignorance toward them is significantly greater on Windows based environments. That ought to say a lot, even though Windows is also extremely more widely used.
What are the real costs of moving to another environment? Training, staff, and support changes. Are there real costs and real changes? No doubt. Are they worth doing? That is a call that each project must study and review for themselves. There are real migration costs, and the biggest cost is severely messing up a change. Don't undercount that aspect. However, any well managed effort can be done successfully when you first lay out the business reason for considering it, then lay out the requirements, set up a prototype, then a limited deployment, and identify issues. Move forward if and only if all issues can be documented, resolved, and implemented. Stretch out the deployment to a wider group and see if it can also be effectively deployed. Then come up with a strategy to deploy en masse. It CAN be done, and it can be done very effectively, saving considerable long term repeating costs, but the cost of change is not zero. It takes time, research, effective management, and deployment.
Brian Masinick, masinick at yahoo dot com Linux