Slashdot Mirror
Active Directory Comes To Linux With Samba 4
Da Massive writes in with another possible answer to a recent Ask Slashdot about FOSS replacements for Microsoft AD server. "Enterprise networks now have an alternative choice to Microsoft Active Directory (AD) servers, with the open source Samba project aiming for feature parity with the forthcoming release of version 4, according to Canberra-based Samba developer Andrew Bartlett. Speaking at this year's linux.conf.au Linux and open source conference in Hobart, Bartlett said Samba 4 is aiming to be a replacement for AD by providing a free software implementation of Microsoft's custom protocols. Because AD is 'far more than LDAP and Kerberos,' Bartlett said, Samba 4 is not only about developing with Microsoft's customization of those protocols, it is also about moving the project beyond just providing an NT 4 compatible domain manager."
According to TFA FOSS AD is not here yet by a long shot, in early alpha, many missing features. Summary is *terrible* in suggesting non-M$ AD is already here.
Those are my principles, and if you don't like them... well, I have others.
Exactly. You need CALs for stuff like:
AD
Exchange
Terminal Server
etc.
It adds up pretty quickly.
It's really a nightmare for IT Depts as they have to keep track of the CALs and ensure they have enough licenses to cover the number of users.
A careful reading of the TOS says that it is licensed via user or device CALs based on authenticated users..
They actually have an example if you use AD as back end authentication on a web site you have to buy a CAL for ever user, or magic uber-CALs for the web server.
Really, it is just a tax. A MS shop typically has to pay:
- For a OEM license on windows
- For a volume license upgrade on windows
- For a device or user CAL for the windows machine/user
- For a windows server license (per VM!)
- For exchange server (and a windows server license)
- Per user exchange CALs (yay!)
- Office CALs for outlook
It used to be a CAL came along with NT4 so you didn't need a separate one, but that is not the case anymore. MS said their customers wanted the simpler model of paying more for the same thing.
Of course, CALs and VLK upgrades are locked to specific versions so you have to keep buying them again and again to keep the additional rights.
The only happy area is that the CALs apply to all servers at once, so if you have a thousand users and a thousand servers you only need a thousand CALs.
No software checks this, but these are the terms.
It is really quite insane, but maximizes MS's profits.
See http://www.microsoft.com/windowsserver2008/en/us/client-licensing.aspx
And keep in mind that MS thinks performing an authentication against AD is accessing the server.
Actually - the AD support in Samba is a bit of old news, since that has been promoted before.
But it's still good news, especially since lately the configuration of Microsoft's softwares and platforms has started to get incredibly complex and very hard to penetrate - as well as configure in a secure way.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
No...no...no
There are "per device" or "per user" licenses.
If you have 5000 computers but 40,000 users, it is probably cheaper to buy device licenses...so you can do that.
In addition, each server DOES require a server license (which is different than a CAL).
Windows is licensed like so
Standard edition license includes 1 phys server + 1 VM (on the same server)
Enterprise includes 1 phys server + 4 VM (again on the same server)
Datacenter includes unlimited server licenses of any type
Users with enterprise agreements or software assurance don't have to repurchase - they're covered under their contract.
Well really they probably pay for "service".
Now some think this is a total waste of money and the whole point of Linux is you don't pay for anything. While it's true you can do this, if you're multi-million wonga business is relying on your IT that may not be too smart.
But buying "service" isn't some nasty con, you're actually getting something. Also you can shop around for it, and even switch suppliers.
Now the "free" aspect of Linux really helps you (as a business) as all your "computer wonks" can have a copy (for free) and take it home, use it outside the office (so they learn the product inside out). It does work out cheaper than Microsoft. The product evolves quicker, but you're not forced on some insane upgrade cycle.
You can get lots of certified hardware (which is important) and you're not alone (lots of other businesses have done the same).
Business get very twitchy when Linux advocates talk about "free" and the reason is they want to know: "Who's accountable if this stops working". A word of advice if you're trying to get your employer to consider Linux, keep the talk about "free" to a minimum (even "cheap" has negative connotations) instead talk about:
Lower Total Cost of Ownership
Competition in the market for Linux Support
No vendor lock-in
Hardware support from all major suppliers
Plenty of success stories
Oh and don't forget Sun make great Linux kit (not just Solaris)
I had the pleasure of formatting our Windows 2003 server this summer and completely replacing it with an Ubuntu Samba OpenLDAP Domain server using this tutorial... http://ubuntuforums.org/showthread.php?t=640760 The server has been working flawlessly at our school since September! We ran out of CAL's and our school is expanding very quickly. It didn't make sense to purchase more and continue paying the micro$oft tax..
It is every bit as racist as niggardly is; as in "Microsoft behaves niggardly with its protocols while at the same time preaches interoperability."
That legitimate words "sound kinda like" racist slurs does not mean the common words are racist. On the other hand, we have just been trolled.
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50