Slashdot Mirror
German Foreign Ministry Migrates Desktops To OSS
ruphus13 writes "Here's another example of 'German Engineering' — The Foreign Ministry in Germany is migrating all of its 11,000 desktops to GNU/Linux and other open source applications. According to the article, 'this has drastically reduced maintenance costs in comparison with other ministries. "The Foreign Ministry is running desktops in many far away and some very difficult locations. Yet we spend only one thousand euro per desktop per year. That is far lower than other ministries, that on average spend more than 3000 euro per desktop per year ... Open Source desktops are far cheaper to maintain than proprietary desktop configurations," says Rolf Schuster, a diplomat at the German Embassy in Madrid and the former head of IT at the Foreign Ministry ... "The embassies in Japan and Korea have completely switched over, the embassy in Madrid has been exclusively using GNU/Linux since October last year", Schuster added, calling the migration a success.' The Guardian has additional coverage of the move."
Dear Sir,
The chronometer in your time machine appears to be off by a few decades.
You apparently landed in the early 21st century, instead of the mid 20th.
I'm afraid a time machine repair shop won't be available for another 200 years. But hey, we have cable TV!
The 'additional coverage' is from Sunday June 22 2003...
Just now Microsoft made a statement to the press...
"OSS is not cheaper to maintain for the following reasons"
1. Employees will waste that extra time they get not waiting for reboots instead of using it for texting & other 'social' activities.
2. We pay people to stick their fingers in their ears and say "La La LA MS is cheaper La La Laaaaa".
3. Any money left will encourage your employees to steal it.
4. Steve Balmer needs it to develop sweat-proof chairs.
5. Windows 7 wont have any of the existing lock-in as previous versions of Windows. It'll all be new kinds of lock-in.
6. ???
7. Profit (for us not you)
Managing software installs, at least in Red Hat, is just a matter of setting up a local Red Hat Satellite repository. In Fedora, there is also Cobbler, which lets you spin a Fedora installer with customized software packages.
As for logins, there are a variety of mechanisms. You can go with old school NIS, or even just use Samba, which can be especially useful during migration when you will probably have a heterogeneous environment (assuming the migration is away from Windows). Also, there is autofs, which can automatically mount a network mapped home directory when a user logs in...
Palm trees and 8
According to the article, the migration is already well underway. From the 11.000 desktops, 4.000 already are migrated to Open Source and about half of the embassies are on Open Source Software now. That explains where they get their maintenance cost numbers from, good to see that the cost savings seem to be real and backed by their own data instead of being estimates :)
They also started the switch a long time ago, according to article, the infrastructure switch started in 2001 and the decision for the destop migration was done in 2004, so I think they have some solid experience with handling Open Source now, which I think is good.
Well, at least Germany had the balls to stand up to Microsoft and actually go with the GNU/Linux solutions vs most other countries and corporations that just do this to get a discount from Microsoft. Here's a good quote from the article:
The conversation between Ude and Ballmer was confidential, but anyone who knows the Microsoft CEO can guess how it went. Let us say negotiation is not his forte. Ballmer is no more designed for the art of persuasion than the Abrams tank is for delivering meals on wheels.
Life was hell, then I discovered Linux...
Can we get a special tag for this. I mean it's getting to where this type of headline is more abundant than anything needing the suddenoutbreakofcommonsense tag. Perhaps that is the tag that needs to be applied? Well, maybe not. We could at least start tagging them with OSSWindowsSmackDownScore or something, right?
I don't know who is keeping score between Windows and F/OSS anymore, but it seems like newsworthy events when entire government branches, or governments, or countries smack down Windows in favor of F/OSS. Funny, I've not heard any stories that amount to "throwing the baby out with the bathwater" after any of these announcements. Does anyone know of such a story where switching caused great harm or fiscal problems?
Support NYCountryLawyer RIAA vs People
From the Guardian article:
(emphasis mine)
And this is why, ladies and gentlemen, we won't be seeing this in many countries outside Germany. They have a politician who knows what he's talking about, and doesn't pander to the whims of industrial lobbyists.
I'm going to transform myself into a mighty hawk. Either that or I'll just go and work at Dixons, haven't decided yet.
Well, no one suffered great harm but some of the early switchers might have. IBM for example failed in being able to switch, they couldn't get their divisions coordinated well enough. Sun (which switched to Sun desktop) had problems with customers and file formats as well as secondary software (much to their embarrassment).
The most successful switchers were companies like PitBoys and Burlington Coat Factory that were SCO / Solaris shops and weren't on Windows to bgin with. Windows lock-in seems to work.
What is unique about Munich is that they have remained focused year after year on this goal. They missed their early deadlines but they kept funding the project and kept moving forward. They were determined to make it happen, they had problems and (and possibly still have) but they addressed them. So this isn't a "just another example" test case but rather the best example we have of a very large organization with a huge range of needs and without a high level of technical expertise in their staff that was determined to make the switch.
The real story would be if they got the Interior Ministry to convert. In Europe, that (and the Agriculture Ministry) is usually where the deadbeats end up.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
This is a joke, right?
Where the fuck do you think Microsoft stole Kerberos and LDAP for their AD from?! We've been using the stuff AD is made of years before it was even a wet dream in Microsoft's diseased minds.
As to automated installs, every damn Linux distro has a package management system capable of being remotely scripted, and designed for mirroring via localized caches!
What a dork.
Self-updating is not problem, apt-cron etc will handle that.
The problem is, I have new software which I need to deploy to 4000 machines overnight.
Do I really have to reimage 4000 machines to achieve that goal?
What about user files on those desktop machines? Reimaging would wipe them clear. (ok, home directory on separate partition/on network would fix this)
Having something automatically installed/uninstalled on machines centrally deployed is the problem here.
There are no atheists when recovering from tape backup.
I know microsoft ripped kerberos and ldap to ad and crippled them while doing so.
Since this has been done years on unix systems, care to link a howto / etc documentation on deploying such system?
No, I don't mean guides explaining how to install kerberos and ldap.
I haven't been able to find guide on deploying active directory-like system with free software which would offer group policy features. When I already have groups deployed in LDAP, why do I need to script installers instead just defining policy to install software to that group?
There are no atheists when recovering from tape backup.
I don't think laptops existed when this story was new.
Das Jahr des Linux Desktop-Computer.
This space up for sale.
At least the debian / ubuntu system easily support this, using meta packages.
you have an empty package, leys say blah-desktop-graphics that all employees working with graphics have installed. You want to install graphics program Foobar. You add Foobar to your local repository, and release a new version of the metapackage that depends on Foobar. So package manages sees "oh, new version of blah-desktop-graphics. Great, lets grab that. Hm, for that I need Foobar too, so lets grab that one, and install it."
Exactly how apt deals with new dependencies under updates can be configured, from ignore, to ask, to install automatically. Since you're deploying a default image, and have already pointed that image to your internal update server, it would just be a small additional step to set that option correctly. As a bonus you have 100% control over what gets pushed to your machines.
It's The Golden Rule: "He who has the gold makes the rules."
That is because of fundamental differences in the entire philosophy of Linux/FOSS vs. that of Microsoft. Microsoft aims to provide cookie-cutter, one-size-fits-all "solutions" whereby some doofus MSCE can read "AD for Dummies" and then click his way through system administration. It works, to a degree, in homogeneous environments which do not deviate in any way from "Microsoft Approved" designs.
Linux on the other hand is built around small, specialized components out of which a competent admin is supposed to construct a solution tailored to a specific environment. And the glue which links all of these components, which can be combined in a very large number of ways, is scripting.
That is why one cannot be a competent Linux admin without being also competent with a number of scripting languages. That is the price, but it is also the advantage as more demanding the deployment parameters grow, the more such approach becomes superior over the one-size-fits-all method.
So in effect you are asking for Linux to abandon all of its advantages and become "like Windows" just because you are too lazy to learn how to deploy it properly. And by this I do not mean reading some idiotic 20-step "how to" which cannot cover even a fraction of the possible configurations. By "learning" I mean understanding all the fundamentals of the system operation, learning all the involved scripting languages and being able to modify all the essential system scripts with thorough understanding of all the involved components.
And that is why such "how tos" are of a very limited use. There are "shortcuts", some of which were already pointed out to you - such as Samba, but they are intended for simplified scenarios whereby the scope of possible configurations is very narrow.
Once any serious sized Linux deployment is considered, a huge number of possible scenarios exists, beginning with basic considerations such as if to run the client systems via network mounted root file systems (in which case no home directory "roaming" exists) or if to deploy terminal servers or X-terminals etc and so on, all of which have impact on how users are authenticated and how their resources are allocated on the network, not to mention that LDAP and Kerberos are amongst many other ways of maintaining centralized user information. No "how to" guide is going to cover all of these complexities.