Slashdot Mirror
Looking Back At Microsoft's Rocky History In Storage Tech
nk497 writes "Following the demise of Windows Home Server's Drive Extender, Jon Honeyball looks back on Microsoft's long, long list of storage disasters, from the dodgy DriveSpace to the Cairo Object File System, and on to the debacle that was WinFS."
I would have to include NTFS alternate data streams as well. It sounded like a good idea, but in practice it just left huge security holes.
I fail to see why the fact that NTFS is still around essentially unchanged is a problem. It serves its purpose well. While MS's internal factionalism has hurt their position in the massive storage arena, the continued stamina of NTFS is a good thing.
I am becoming gerund, destroyer of verbs.
IMHO, Microsoft worst offense in storage is drive letters, which provide no information about either the type and structure of the underlying disks or the data they contain, and have caused untold headaches from applications (and the OS itself) being reliant on paths that are arbitrarily assigned, subject to change, and often out of the user's control.
Admittedly, Microsoft didn't invent the system, but the fact that drive letters still exist in 2011 is entirely their fault.
How can I believe you when you tell me what I don't want to hear?
Because Windows Server has Active Directory and Group Policies. and Linux doesn't. Thats what sells Windows Server 2000/2003/2008. When there was a proposal to incorporate OpenLDAP auto confguration policy into KDE - it was rejected. That is why Linux lost the war for the Enterprise desktop.
Seriously, drive extender's "features" that Microsoft couldn't get to work right include stuff that has been standard in the Unix world for over a decade. Tell me again why people even bother with windows, especially a "server" edition?
To name some of them: Active Directory & Exchange, Sharepoint, and ProClarity/Performance Point.
What good is any sort of enterprise policy on an OS thats trivial to hack? Not to mention that all that group policy bullshit is proprietary, they don't even use open authentication methods, NTLM is just WAITING to be hacked.
There's a reason Google has banned the use of the toy OS for development machines, they don't want their information being stolen by hackers. There are also other, easier ways to do what group policy does. I never found it to be even remotely useful, or even remotely make up for all the extra time necessary to manage Windows machines over their Linux and Mac counterparts.
Monstar L
What good is any sort of enterprise policy on an OS thats trivial to hack?
It isn't if the sysadmin and netadmin know what the hell they're doing.
Not to mention that all that group policy bullshit is proprietary, they don't even use open authentication methods, NTLM is just WAITING to be hacked.
Because MS has never implemented Kerberos, right? And most companies don't give a shit if MS has proprietary bullshit if it has all the features they need, like the aforementioned group policy, Exchange, Active Directory, etc.
There's a reason Google has banned the use of the toy OS for development machines, they don't want their information being stolen by hackers.
Because external threats are the only kind that exist! Oh, wait, there's also employee ineptitude, like plugging in a petri dish of a flash drive and opening up more gaping backdoors than you'll find at a massive gay orgy. Guess what? That's far less of a concern on a server as your sysadmin likely isn't going to be that stupid.
There are also other, easier ways to do what group policy does. I never found it to be even remotely useful, or even remotely make up for all the extra time necessary to manage Windows machines over their Linux and Mac counterparts.
Let me guess: The servers you've worked with never served more than 30 people, tops. Come back when you've actually worked in an enterprise setting. I'm not a huge fan of Windows Server (it can be a bitch to administer), but quite frankly, it does a lot of things far better as a workgroup server than Linux or OS X unless you can afford some in-house developers.
How about getting the directory separator wrong? This has indirectly led to a generation of TV and radio presenters having to say "forward slash" when reading out URLs...
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
What good is any sort of enterprise policy on an OS thats trivial to hack?
Because not everyone in your organisation is a hacker? Group policies are applied for the most part to bring idiots in line with company security policy. This is similar to blocking traffic to certain ports on the firewall. It stops a few people from firing up MSN at work, but does nothing to the guy with a Linux box somewhere off in the internet providing SSH tunnel for endless amusement. That said these single "hackers" of corporate policy are easy enough to keep an eye on.
s/GUI/API in line 3
So many TLAs, so few brain cells...
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
I have used LVM2 now for two years with my various notebooks and netbooks. They had various crashes and power downs but I never loosed one bit of data. My small home server is using LVM2 as well with my 3 USB hard disks, serves videos and music to my home.
With my notebooks and netbooks I can grow or shrink my root or home partition and with my server I can just plug in another USB hard disk and grow my partition. No fuss not complicated at all and works all the time.
All that for free, just download Fedora, Debian or Ubuntu and install it in 10 minutes. If you want, setup a FTP server, apache server or what ever you like. Or you get what you pay for with Windows for 100$ or more.
http://www.mueller-public.de - My site http://www.anr-institute.com/ - Advanced Natural Research Institute
Because external threats are the only kind that exist! Oh, wait, there's also employee ineptitude, like plugging in a petri dish of a flash drive and opening up more gaping backdoors than you'll find at a massive gay orgy. Guess what? That's far less of a concern on a server as your sysadmin likely isn't going to be that stupid.
HAHAHAHAHAHAHA, I find it hilarious that you use this example as an example SUPPORTING Microsoft. You are aware that it was ONLY FUCKING MICROSOFST that had autolaunch and until extremely recently that it was even possible to completely disable it. Real operating systems(and not toys like the ones Microsoft makes) have had ways to disable that shit for eons before Microsoft even realized it was possible. If you are trusting critical data to a Microsoft product you are asking to be hacked.
Monstar L
Please explain to me exactly how the MFT works then.
Group Policies allow for LDAP based control of the Windows System Registry.
drive extender's "features" that Microsoft couldn't get to work right include stuff that has been standard in the Unix world for over a decade
"Drive extender" in WHS is, essentially, RAID that can be hot-extended - you plug a new hard drive into your server, and your storage (which shows up as a single disk) grows immediately. I don't know about the Unix world, but I certainly haven't seen any Linux distro that was configured that way. Can you name some names?
Please name a linux based solution, apart from 100% proprietary Unraid, which allow for me to do what drive extender does. I'm serious. I refuse to install WHS, and thus far the closest I can find is going Unraid, which feels dirty to me, or nexentastor.
What drive extender does, in a nutshell:
-all of your hard drives show up as one big storage pool.
-100% of disparate drive sizes can be used (excluding copies/parity obviously). So if you have 3 old 1tb drives, 2 old 1.5tb drives, and 1 2tb drive you'll have 8gb of storage
-configurable redundancy such that any single disk failure, no matter the size, all files are still available
-if two drives fail, you only lose the files that were on those two drives, not the entire array
-take any one drive out of the array, plug it into ANY windows vista or higher PC (new NTFS version), have access to all the files that were stored in that drive.
-add a drive, get that much more storage (excluding copies/parity obviously)
ZFS comes DAMNED close, but you cannot grow the number of disks in a raidz array, you have to add an entire extra array (meaning 3+ disks) to the pool. You also lose the entire array if 2 (or 3 with raidz2, or 4 with raidz3) disks die, and cannot have direct file access just by plugging in 1 disk of the array, but that honestly doesn't bother me that much.
Oh, and ZFS isn't on linux except through fuse.
There is no advantage to "control of the Windows System Registry" except for windows users, so your logic appears a bit circular. You do know that there are Linux LDAP servers, right? Because so often discussing technology with microsofties is like trying to talk about good food with McD's addicts. They often have no frame of reference with which to discuss these things.
Caveat Utilitor
If you want good and extensive developer documentation (and other support), I highly recommend using Qt for your Unix development wherever possible. It's not just an UI toolkit, it's a full-fledged framework that covers a lot of ground - probably about as much as .NET 1.x.
Let me give you an example. Lets say that I had a Linux OpenLDAP Server with Heimdal Kerberos (I do.) and I wanted to make it such that whenever a specific user logged in, he/she/it saw a specific background, and had specific Mail settings, and had specific stuff setup for them, and I wanted this to follow them everywhere. There is no facility in KDE to do that. I cannot tell KDE: "This user has this background wallpaper, their FireFox home page is: www.egroupware.com Their start up sound is iora.wav, etc." I can set that up on a per machine basis, but I can't store that information in OpenLDAP so they can use regardless of what their machine is, because KDE doesn't know to retrieve that information.
In Windows this is called Group Policy.
So IOW it sells to people who don't understand how to manage users and groups?
Group Policy is a very powerful tool for applying policy rules across an entire organization. It has very little to do with managing users and groups, other than that the criteria for who or what the policies apply to is often based on membership in a group.
I've worked with Unix and Linux on and off over the years, and I am not aware of an equivalent in the Linux world, at least not a standard package that works on multiple major distributions. Obviously it's possible to build a crappy quasi-equivalent for one's own organization out of shell scripts, but it would be a lot of work to build and maintain, and it wouldn't be as flexible or as reliable.
"...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
Surely that sort of thing has been done in UNIX using .rc files and other . configuration files in the user's home directory since the mid-70s, or does KDE ignore those?
You're right, he does appear to be describing something we easily achieve with a crontab entry, or by manually using rsync.
Caveat Utilitor
Oh I don't know about that. Cron and rsync are pretty well proven to be quite reliable and flexible. Of course it does require some competence, no pointy-clicky...
Caveat Utilitor
Yup, LVM FTW. you fail it.
I especially like your #1:
-all of your hard drives show up as one big storage pool.
Not only does EVERY unix do that, it's the ONLY way it can be done. Mixing up the logical and physical partitions in such a convoluted way is a Microsoft only type of deal. Drive letters were thrown out in real operating systems decades ago. Again, Windows: Failing today to do what Unix successfully did decades ago.
Monstar L
Nobody is saying you can't do that stuff on *NIX but its hard to do that on stand alone machines. When you are talking about shared machines or terminals where everything can be handled with NIS and home directories reside on an NFS share used by all hosts the facilities to manage user experience exist.
As soon as you start having laptops and desktops running all around the office you can't manage the settings the user is talking about anymore. Yes you can do it at deployment time. Sure you could write init scripts to go fetch and overwrite/update rc files and stuff but you'd have to do all of it yourself and it would be a security nightmare to try and get correct without putting a lot of resources into it.
GPOs make it really easy change all the CSRs home pages to the new customer service portal, and set all the sales reps wall paper to the latest product sheet instead of their embarrassing personal photos any time its needed. It also makes it possible to do things like yes your screen saver is going to turn on and the desktop will be locked after 15min, no exceptions. Sometimes that sort of thing gets required for PayCardIndustry rules and the like, and those things change every now and then.
Got a way for me to change your screen saver settings on every Ubuntu box in the company? Yes I know I can run a sed script to go into each home directory and alter the config file for whatever desktop environment is being used, I still have to find away to do it to every box.
Trust me I have been doing this for some years and this is one place where Windows gets it right, so right in fact that it in some ways justifies the use of Windows even though its otherwise a really inferior platform.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Actually Microsoft only released it as an update to XP recently, to change the default setting. You have always been able to turn off autorun by modifying the registry directly and there have been group policy templates to do it almost as long.
If anyone wanted auto run off in an enterprise setting it was trivial to do, you just through the switch in GP or put a couple lines in the logon script if you were not using GPOs for some reasons like you were in a non domain environment or whatever.
The only persons experience being changed by that recent update is Joe Sixpack's who was not going to edit his registry. As far as anyone in industry if they had any clue how to do their job as an admin this has always been a non issue.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Sweet, so LVM provides redundancy? Or I still need to use software raid for that, which reqires all disks to be the same size in order to get full usage out of them?
And if I create an LVM array, and 1 disk dies, I no longer lose everything, the filesystem is easily mounutable and I only lose the files that were on that disk and weren't redundant (which you've also assured me LVM handles for you?)
And who mentioned drive letters? You're telling me that every unix will combine all of my storage devices into one pool, as opposed to having to mount them discretely in mount points? So if I have 5 disks, by default all of my files, regardless of location in the filesystem, will get nicely distributed across said disks? That's great to know as well! Last time I checked (about 2 seconds ago, from the ubuntu box I'm posting this from) you have to choose a mount point for any volume (logical or physical), and it only provides storage to that section of the filesystem. If my /var/log is full, and I just throw in another 1tb disk, /var/log does not get access to that new storage.
I asked a serious question. I really am interested in a set of technologies that have the same capabilities as unraid (which is linux based but NOT open nor free) and drive extender. LVM and software raid are in no way comparable.
I've heard of LVM, and used it in all of my linux servers. It's a life saver when it comes to dynamically resizing storage pools. But it's in no way comparable to drive extender. Read the post you replied to and tell me which of the points LVM ticks off. I know which ones, but i'll leave it to you to decide.
Are you joking? If I want to lock down and sync desktop configurations for all users/workstations or for groups of users/workstations in any *nix it could not possibly be easier, more reliable, transparent, or trouble-free using simple command-line tools . And maintaining that is as easy as invoking the contab editor.
:)
I'm beginning to think the people who say that AD is a kludge for dealing with the registry are probably pretty much correct. It doesn't appear to offer much in the way of real benefits except to people who already use windows.
BTW, you know how I get my users (nearly all of whom were migrated from windows) to run my scripts? I give them an icon to click on
Caveat Utilitor
No, The Windows world had that way of thinking with Roaming Mandatory Profiles where "System Policies" were "files" and "scripts" copied from shares. It was utter catastrophe. The Unix 'copy the rc folder method is NT4 level thinking and not Acceptable in today's world. If it is to be acceptable in today's world it must be database driven and granular. This is why MySQL is so popular, and this is why Linux's directory services have gained no market or mind share.
The best thing anyone could do is force KDE and Gnome to adopt OpenLDAP.
And how many technologies fail on FOSS systems. I just got a patch last year that allowed my wifi to connect in under 5 minutes. While Mac and Windows did it very fast for year. (2002 from my experience). Sure we like to see Microsoft fail because it is a huge company and has a strong foothold in our technology, and during the 90's it seemed to the media it could do no wrong. But looking at it's failures and saying Microsoft is all bad while I zealiously promote an other product ignoring it deficiencies. Is really a stupid idea that doesn't help either side.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Yes, well it works very well in the *nix world -- the NT failures you cite do not affect us at all.
Huh? No-one can seriously brag about the *registry*, it's the Achilles' Heel of windows! This can only mean you've never seriously used any other OS.
MS has indoctrinated you well, but you don't appear to know enough about *nix to really participate in this discussion. Of course, it can easily be argued that I do not know enough about windows to participate in it, so perhaps we're even :)
Caveat Utilitor
I'm a staunch Linux User. I hate Windows. But I also know LDAP is a good idea.
Honestly.... this argument is stupid, Group Policy arose because on Windows everything is a COM object with an ACL and it was neigh impossible to manage to provide even a modicum of security without some sort of system policy at a high level. Linux of course doesn't need this because it operates in a fundamentally different manner where everything is a file and the file system permissions (group based) determine if a is executable or not. Thus the Linux kernel doesn't need to know what specific COM+ handler needs to be loaded, but rather if a file is a supported executable format or not, and what to do from there. Both systems have fundamental advantages, Linux is deceptively simple leading to a power on the command line that is daunting for many users. Whereas Windows can be easy worked with to extend using COM and the registry (The registry was never designed to hold most of the crap that people shove in there... it was designed to be a central repository of information for COM objects).
If anything this model shows MS's lack of foresight into the importance of networking and their focus on the single standalone box.
Any and all content posted above may be ignored, considered irrelevant, or otherwise dismissed.
HellOOO! "Active directiry" and "Group policies" are ways in which windows is trying to tack on the features UNIX has built-in. That is all. In Linux we create custom groups with custom perms and add the users we want to have that profile to those groups. It's secure, simple, elegant, and built-in to the OS. Windows doesn't have that; the closest you can get is ADS.
Microsoft neither invented nor has a monopoly on the ability to use LDAP.
Caveat Utilitor
"ADS was introduced for one reason: to allow NT servers to support Apple clients"
That's news to me, do you have citations to verifiable historical records that say this?
LVM is supported by every major distro out of the box. And it actually WORKS, which is more then you can say for Drive Extender.
Right its a crontab entry, fine easy. Now change the value on all systems a to something else a year later. Ahh not so easy now is it.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
First and foremost, no, until recently it was IMPOSSIBLE to COMPLETELY disable auto-run, Microsoft's pathetic security really shown through there. Secondly you have shown you know absolutely NOTHING about Linux. Unlike Microsoft there is no Linux "monolith" outside the kernel(and even then). The kernel has nothing to do with autorun. And furthermore, on distros that do enable auto-run it's insanely simple not only to disable autorun, but to remove the functionality from the system. Try removing, not just disabling, autorun from Windows. Go ahead, I can wait..... So yeah, you obviously need to use a real operating system and realize how absolutely primitive Microsoft is before saying anything more to expose your own ignorance.
Monstar L
Honeyball made a mistake: DriveSpace wasn't the problem in DOS 6.x... DOUBLESPACE was.
The original version of the compression system DOS 6.x had was called DOUBLESPACE & DriveSpace was the corrected version & it was actually QUITE competitive with Stacker (I used both products, Stacker &/or MS DOS with DoubleSpace in v 6.0, & DriveSpace in v. 6.2 - 6.22 of DOS, as well as Stacker from version 6 - iirc, 8, to compare them both...).
APK
P.S.=> Apparently, for all his ranting on the history of Microsoft's storage efforts, Honeyball's "history" isn't 100% accurate (unless he's from an alternate dimension/reality that is, ala "Bizarro World") either... & this is what you get with journalists who are really only that: Writers, instead of being TRUE "Computer Sciences oriented afficianados"...
What I am also additionally "astounded by", is that nobody else here has caught that... but, then again? Most of the folks that seem to hang around /. the past few years now are too young to have even put their hands on the things that "historical critique" type articles use as examples... & my having to cite this needed correction, first here, exemplifies this apparently... apk
Thanks for correcting. I am old enough to remember this :) It was quite a scandal in how it destroyed data and later caught at putting out of business Stacker (despite MS losing the law suit. Like most people, I didn't use this technology long as the compression was a pain in the butt, used lots of resources, and after the initial release data loss issues left me not thinking it was worth the trouble...
You still need to roll a LOT of your own scripts - there's nothing built into any desktop environment to say "members of group A get this config file, members of group B get that config file".
There's also no easy way to state "This is the base configuration. In addition to this, apply these rules from group A and those rules for group B."
Sure, you could script all of this yourself - but when discussing Linux on the desktop, the question being asked is not "can you somehow persuade the system to get configuration for virtually everything from a single, central location and then tweak that configuration on a per-group basis?", it's "does the system support some efficient means of doing all that out of the box?".
As far as Linux goes, the answer to the first question is obviously "yes". But the answer to the second question is "no, it'll require a fair bit of work and most of that work will have to be done by someone who knows what they're doing rather than some cheap fresh-out-of-college Windows technician. And if you want that person to put things together in such a fashion that future configuration changes can be made by the cheap fresh-out-of-college Windows technician without having to train the Windows technician up to the level where they can demand substantially more money, the cost involved is going to wipe out any savings several times over".
This more-or-less eliminates Linux on the desktop in anything other than organisations where you can nail the desktop down for 60% of the staff so it doesn't require that level of detailed per-group configuration in the first place. Even then, you'd probably find Windows on the desktop of the other 40%.
It's on the fly data duplication with a union filesystem ... which has completely different failure modes than RAID (also much lower throughput but for a media server striping isn't necessary). Greyhole is the only comparable system on *nix, and it's very rough still.
A LVM span only has a single underlying filesystem, if you lose a drive you're fucked.
You'd need a union filesystem to be able to take out any number of drives and still be left with a functioning array (minus some files). None of the union filesystem supports automatic duplication though.
Stop awfulizing it -- scripting this is elementary in *.nix, and if you can't do it you're not a competent *.nix admin, period full stop.
Caveat Utilitor
Oh, also: what the devil does all your ranting about "the desktop" have to do with it? The rest of us are talking about admining servers.
Caveat Utilitor
Maybe, but if so you've still got a lot to learn. Like how to admin without KDE or gnome, for instance. :)
Caveat Utilitor
If we're talking about replicating something as highly polished as group policy, a script that runs on login to pull in configuration files isn't the hard bit. The hard bit is providing a central, consistent GUI-fied means of tweaking all those configuration files that reduces the configuration to tick-boxes, eliminating the risk of a typo causing havoc when an application tries to read an invalid configuration and if you're lucky reverts to default. If you're unlucky, the application is broken.
Realistically, you'd probably store the actual configuration information in a database of some sort then use that database to write out config files accordingly. Which means that now you have something almost as complicated as Active Directory, except you can't go out and hire people who already know it - which will make any self-respecting IT manager very nervous indeed. And it'll require quite a bit of ongoing maintenance because every time an application upgrade requires updates to the configuration file, your system will need tweaking too.
The article does a fairly thorough job of roasting MS over their lack of internal coordination, outlining how one wing starts to work on a new technology and other departments that need to get on board "wanted nothing to do with it'. In any well-managed company, a department that refuses to get on board with a new technology gets hell rained down on them from above until they fall into line.
Take Apple's "spotlight" meta search feature for example. Imagine the team working on the AddressBook app "wanted nothing to do with it"? There'd be hell to pay, and either team managers would change their tune or get replaced. In a large project like an operating system, lack of cooperation simply cannot be tolerated. But it seems that MS is just so large at this point that it doesn't have the power to guarantee their different projects cooperate fully with each other.
I have read from time to time that there was this sort of internal battle going on at MS, where different projects worked in isolation and there was infighting, but I'd never really seen the effects of these issues before. It's interesting to see the result. This appears to be an upper management or communications problem. Whoever is above the Outlook team needs to be asking that team manager "so how's integration with drive extender going?" If they get foot-dragging and complaining and brush-offs, that manager needs to be dragged into the director's office for some "re-education" on cohesive development. If the director isn't asking these questions, THEY need to be replaced. Something of this sort is isn't working properly at MS.
Its like a construction project. You've got all these separate units coming in, doing electrical, plumbing, structural, heating, floors. The general contractor has to make sure these people work together. Refusing to cooperate with one of the other groups simply cannot be tolerated, and it's the GC's responsibility to make sure everything works smoothly. Problems between groups need to be brought to the GC, and the GC needs to settle them immediately. Otherwise the finished building has serious problems. You can't just turn over the house to the owner and say "Oh by the way we removed the heating from the bathroom. The plumbers wouldn't route the pipes around where the heating ducts needed to go. You don't REALLY need heat in such a small room anyway." But that's the sort of thing that MS is pulling from time to time.
I think MS is just taking the cowardly way out. "We can't control our own internal development processes well enough to get this feature integrated properly in with the rest of our technology, so we're just canceling it." The article states simply that companies like Dropbox and DataRobotics (makers of Drobo) that have only one core technology are forced to "get it right", because dropping it simply isn't an option. MS seems to think they have the option to just drop any feature at any time on a whim if it's not going well, instead of going to the additional effort of kicking some butts and making it work. It's not like its an impossible task. This is doable. They just lack the necessary internal management to pull it off consistently.
Bottom line: At MS, with any new project, unless all the key players decide to get on board, the project is doomed.
In other words, the Outlook team manager should not be capable of tanking Drive Extender. But it is, and it did. And THAT is a serious internal management problem that MS has demonstrated over and over. Something's gotta change.
I work for the Department of Redundancy Department.
News to me.
Quoting Zombie Ryushu in this comment:
Lets say that I had a Linux OpenLDAP Server with Heimdal Kerberos (I do.) and I wanted to make it such that whenever a specific user logged in, he/she/it saw a specific background, and had specific Mail settings, and had specific stuff setup for them, and I wanted this to follow them everywhere. There is no facility in KDE to do that. I cannot tell KDE: "This user has this background wallpaper, their FireFox home page is: www.egroupware.com Their start up sound is iora.wav, etc." I can set that up on a per machine basis, but I can't store that information in OpenLDAP so they can use regardless of what their machine is, because KDE doesn't know to retrieve that information.
Doesn't sound like a server task to me.
Quoting DarkOx in this comment (which is the very comment you replied to that triggered this discussion in the first place)
As soon as you start having laptops and desktops running all around the office you can't manage the settings the user is talking about anymore. Yes you can do it at deployment time. Sure you could write init scripts to go fetch and overwrite/update rc files and stuff but you'd have to do all of it yourself and it would be a security nightmare to try and get correct without putting a lot of resources into it.
GPOs make it really easy change all the CSRs home pages to the new customer service portal, and set all the sales reps wall paper to the latest product sheet instead of their embarrassing personal photos any time its needed. It also makes it possible to do things like yes your screen saver is going to turn on and the desktop will be locked after 15min, no exceptions. Sometimes that sort of thing gets required for PayCardIndustry rules and the like, and those things change every now and then.
How is that discussing server admin?
Yeah, because waiting on Microsoft to fix security exploits is SUCH a good idea, how many 10 year plus exploits have been found for Windows? Way more than any other OS out there, and whenever a whole is found in a major linux package they are fixed within at most days, vs. weeks windows. But yeah, you keep playing with your toy OS, makes it easier for people to own your data!
Monstar L
What can my Linux boxes do that my Windows Server 2K8 R2 boxes can't?
Well frankly, I don't think you're managing a lot of users from a desktop. Might I suggest you spend more time reading so you'll be qualified to post?
Caveat Utilitor
What about the registry is so bad?
APK is a know-nothing troll who has never worked in the industry. His only "legend in his own mind" was that he claimed that "his" hosts file could completely secure a windows computer. The only thing that can completely secure a windows computer is a power failure. Or a sledge hammer.
Stay up without a reboot every 2^32 seconds?
2^32 seconds is 136 years 2 months 9 days 10 hours 28 minutes 16 seconds
Wow, you know nothing, and it shows, and the fact that someone as ignorant as you is writing security guides speaks volumes on Windows security. I have repeated myself I don't know how many times but you refuse to listen, IT WAS FUCKING IMPOSSIBLE TO TOTALLY DISABLE AUTORUN IN WINDOWS UNTIL VERY VERY RECENTLY!!!!!!!!! Why do you think Microsoft finally removed it? Because Windows is such a buggy pile of shit that they couldn't figure out how to allow users to totally disable it without breaking 50 fucking things. You could "disable" it, but that didn't actually totally disable it, it was still incredibly trivial for a hacker to take advantage of it's many, many flaws. And yes, if you totally actually you know, ignore the severity of the holes(which Microsoft LOVES to do) and include EVERY Linux package under the sun, then yeah, Windows has fewer holes. But the ones it does have are so big you could drive a truck through them. You are a Microsoft shill as I said, and I look forward to your clients suing the shit out of you for recommending such a buggy, insecure OS to them. There is a reason that Windows server is losing ground faster than Balmer can throw chairs, nobody wants to take even a remote chance on putting any actual real data at risk with that buggy insecure piece of shit "operating system"(read toy). The numbers speak volumes, Windows is a dead end, and if you value you career I suggest you actually get your head out of Billy G's ass and look at the actual data.
Name me one, ONE serious incident in the past 10 years that was a result of a Unix security bug. I'll just fire off the most notable Windows ones, because I would be writing a novel if I listed every single Windows security failure.
Stuxnet, Conflicker, SQL slammer, the pentagon hacks(which succeeded because of Window's inability to totally disable autorun, see earlier argument), Klez. and the list goes on and on. Not to mention a security incident just waiting to happen, Microsoft's DRM anti-piracy system. It just gives me such a warm fuzzy feeling knowing that I have to prove that I bought that piece of shit OS to Bill whenever he demands that I do. And that if he doesn't particularly like me he can remotely disable my system. Yeah, that's not a security issue at all.
Windows is a joke to hack and you are a shill or an idiot for arguing otherwise. So which is it, shill or moron?
Monstar L
AD is useful, as you note, insofar as it's standardized so you can learn about it on any system. And the distribution method is pretty reasonable; it's not that complicated and MS doesn't do anything terribly stupid to muck it up. It's not a bad system, and given that MS doesn't have a /etc folder that I can easily sync among systems it's a huge improvement over other options.
But being a GUI is not a benefit, at least not in the way you describe. I think it's worth having a GUI -- having a GUI provides a lower barrier to entry an can help teach you how things work. It's just that I think the GUI should output a text file (or some equivalent human-readable config in a database if that's your preferred distribution method).
Given the chance of a typo versus missing a checkbox somewhere in the hundreds of hierarchal screens in the policy manager, I'll take the text config file any day. And that's not even considering things like copying bits of a configuration among systems, which is clearly much easier with copy-and-paste than with GUI data entry.
Group Policy is useful in that it's standard. There's a lot of value in that, particularly in finding new people already familiar with it. And it addresses one of the key management problems with Windows -- the registry -- which is good because before AD it was nigh on impossible to deal with that mess.
But you can't honestly believe both that it's "more standard" and "more flexible" at the same time. Those goals are mutually exclusive. It might be flexible enough for your purposes, or even for most anyone's purposes, but it's certainly not more flexible than a custom script.
Also, you can say things like "no package...works on...multiple major distributions" and expect anyone to take you seriously. There is no such tool for Windows either -- AD is only available on the MS Windows distribution and no other system supports it at all. However, if you limit yourself to a single OS like you did for Windows there are in fact standard OS management tools built-in that can do many if not all of the things you want, and people with training and experience that know how to run them before they've ever seen your systems. All the "major distributions" now have very standard, config-driven systems and like Windows try very hard to keep you from modifying the underlying scripts directly.
/ Which drives me nuts -- it's good for configuration management but bad for actual configuration
QEMM ! and DesqView ! I remember fondly multitasking DOS stuff and having access to oodles of RAM thanks to DEVICEHIGH and LOADHIGH. I felt so powerful !
I think with Win7, MS has finally managed to become as reliable as DesqView.
The Cloud - because you don't care if your apps and data are up in the air.
I take your point regarding the GUI. But without a GUI - or at the very least a standardised way of describing the configuration that is consistent across all your applications - you haven't really got an AD clone. You've just got a few scripts making judicious use of rsync.
Yes, but because that's really all that's necessary. The features of ADS you seem to feel are missing in *nix are simply unnecessary because we already have fine-grained control over user and group permissions built into the OS. The rest is merely syncing user data. We can do that easily enough with rsync.
Caveat Utilitor
See mhddfs.
ZFS is excellent, but I'm not sure it's a good choice for average home users. They don't understand why they need drives the same size, or build non-redundant arrays and get pissed when one drive takes out the whole array. If you can get them to understand to install new drives in mirror pairs and keep an eye on them so you can replace one when it fails, you might be on to something. A custom distro could be set up to handle this without too much hassle. While I don't like MS tech much, their drive extender thing was ok for home users. WHEN you lose a drive, you can still read the data on the other drives. So it's non-redundant, but it also doesn't lose ALL your data when one drive dies. ZFS and most other raid systems don't either, but try getting most home users to do it right... They will stripe them and think they are so smart for not "wasting" the space.... then scream when their non-backed-up "RAID" dies.
I explain my raidz2 setup to people and the first question when they get the basic stuff is "so you throw away 2 drives?"... sigh... They don't want to spend the $, buy the cheapest USB HDD they can find, then complain to me when that drive crashes and they lose all their data. We can't talk home users into using backups, RAID seems to be completely beyond them. People on /. understand this stuff, but your average home user thinks the computer case is the "hard drive" or "cpu".....
Microsoft canned a product because it was buggy and didn't work properly? Must be a first.
To understand recursion, you must first understand recursion.
Says the person trumpeting the benefits of tacking missing UNIX functionality onto windows. Sorry, but your perspective is either based on ignorance or you're a shill. The "long in the tooth" methods you ignorantly dismiss are still, to this day, the primary power of the networks we all depend upon daily, and are exactly what ADS is trying to implement. If it's "long in the tooth" it's because it's stood the test of time. Unlike Redmond's server products, which perhaps have a niche among amateur users who admin small, low-demand servers (SOHO), but in the enterprise the track record tends to be rather dismal...
This is such a typical comment from people that have no idea what Drive Extender is (or was). It's not RAID. RAID has a ton of issues to deal with. You can't just add more drives to raid and have the volumes magically get bigger, not without some serious rebuilding (often taking 10+ hours on larger volume sizes). Even then you have to extend your partitions manually.
DE just works. You plug in a new drive, of any size, and you get additional redundant storage, instantly, without rebuilds or partition extending, or any of the other headaches the come with RAID. Also, if your motherboard fails, you don't have to reconfigure RAID on a new computer.. you can just access the files from any computer, since the files were stored on normal NTFS filesystems, without the need to create drive sets.
When WHS first came out, i tried to explian how useful Drive Extender was, and just got blank looks from the unix guys.. saying "it's just raid". It was like trying to explain DVR's to people that had only used VCR's. They just didn't get it until they used it.
If you need web hosting, you could do worse than here
LVM is only part of what DE did. LVM doesn't do data de-duplication, nor does it provide redundancy like DE did (yes, you can stripe volumens and mirror them with LVN, but that's just doing software RAID). DE used drive balancing, which copied data between drives to keep them balanced and redundant. This way, if a drive fails, and you have enough storage, the system will just rebalance (assuming you have more than one drive) without any degradation of performance (like you would see in RAID-5).
Let's say you have 5 1TB drives, and you have 50% of the capacity used. That will mean you have 50% free on all drives (or about 500GB). If you lose one drive, then the system will rebalance between the 4 drives (so you will now have 250GB free on 4 drives), if you lose another drive, it will rebalance over 3 drives.. etc.. until you no longer have enough free storage to compensate. Add more drives, and it will rebalance across those drives.
This system is not as robust as RAID, in that if you lose a drive before a rebalance can occur, you might lose data... but it's far more flexible and easy to use. It was designed for home users who may not understand RAID, but are technical enough to be able to pop in a new hard drive if they need more stogage.
If you need web hosting, you could do worse than here
Greyhole comes a lot closer, but it's still pretty experimental, and it's relatively recent... which goes against the claim that DE is doing what Linux or Unix has done for decades.
If you need web hosting, you could do worse than here
mhddfs only provides spanning of volumes, it doesn't do the rest of it.
If you need web hosting, you could do worse than here
Umm.. Your link alleges that Microsoft locked Be out of the market, not that they stole any source code. What's your point exactly?
If you need web hosting, you could do worse than here
Rsync and - even less so - cron don't solve the problem.
You are conflating "incompetence" with a lack of interest in continually reinventing the wheel.
I'm quite capable of implementing something that can achieve probably 90% of the functionality of GPOs. I have zero interest in doing it, however, because I'd rather spend my time productively.
No. The single most important feature of Group Policy is the simple fact that it exists and works.
Sure, you can cobble together something in a Linux environment that probably comes close to providing the functionality of GPOs. You might even be able to leverage puppet or cfengine and save yourself a lot of work. But a) you've just wasted weeks to months of time doing it, b) you now have to maintain not only the policies, but the mechanism for enforcing them, and c) when you move on to a new environment you have to do it all over from scratch again.
Ie: it's a textbook example of reinventing the wheel, and while I understand that's the sort of busywork old-school sysadmins *love* doing so they can look and feel busy, the people paying the bills now expect more from their employees.
Which Linux distribution has anything close to Group Policy ?
The logic is fine, the terminology is poor.
Group Policy provides a mechanism and comprehensive set of capabilities for central configuration management of Windows machines. "Control of the Registry" is merely an irrelevant implementation semantic.
Central configuration management is - amazingly, given its age - functionality significantly lacking from Linux/UNIX. IME this is largely due to traditional Linux/UNIX admins taking great pride in how awesome they are at continually reinventing the wheel (and castigating those who try to minimise it - the common complaint being it would make things "too easy").
Flexible software RAID and logical volume management.
Define "Flexible software RAID" and "logical volume management" so I know exactly what you are referring to.
Software RAID does not require that all disks are the same size. If you have (3) 1TB drives and (2) 1.5TB drives, nothing says you can't create a RAID-10 across the first 1TB of all 5 drives and put a 0.5TB RAID-1 array across the back half of the 1.5TB drives.
LVM2 handles everything else (it will also do redundancy if you want). And you can migrate LVs between PVs using the migration tools. So if you have a portion of your volume group on a RAID-1 array and decide that it belongs on the RAID-10 array in the same volume group, you just do an on-the-fly migration to the other PV.
You can even do things like migrating LVs off the active disks so that you can rip them out and replace them with larger / faster / better disks, then migrate it all back.
Without having to take the server down.
Wolde you bothe eate your cake, and have your cake?
True, but its spanning is better than with LVM. You get what the parent asked, "1 disk dies, I no longer lose everything, the filesystem is easily mounutable and I only lose the files that were on that disk".
And for redundancy, one can use mdadm RAID on the underlying devices.
Which is why you have to post anonymously so often - every troll account you create gets burned.
Then again, who wants to p0wn a Windows 95 box?
http://www.vmware.com/support/vsphere4/doc/vsp_40_new_feat.html
"Flyin' in just a sweet place,
Never been known to fail..."
All linux distros can read and write ntfs file systems. Too bad windows can't say the same for linux.
And that's my limit for today, since I have laundry to do, and I have to walk my dogs and make supper. I guess it's time to set the filter back to +1 or greater for another week. :-p
You obviously never checked my profile. "tom" doesn't stand for what you think it does.
APK, you're very childish. That's why nobody takes you seriously. And now that today's software release is done, I'm going to finish my wine and watch some TV.
They're not mutually exclusive. Try taking a "Beginner's english" class. Oops, commercial is over, sorry :-)
Second, all recent linux distros are able to mount windows file systems, BUT not everyone has a recent distro. All recent distros CAN delete NTFS files, but some only as root.
But real server admins flat-out refuse to run windows for anything critical.
My mother has been dead for more than a decade, you insensitive clod. Seriously. And she never had anything to do with computers.
If you had checked my profile, you would have noticed what t.o.m. stands for. Oh wait, you can't - you can't log in. Oh well, guess you'll never know. In the meantime, why not google for barbara hudson open source linux - here's the first link. Read the story lead. Now scroll down and read the paragraph that begins "'I Just Hope OraKill Doesn't Buy Novell'.
This sounds EXACTLY like what I"m looking for. Googling/etc now, I appreciate the info.
And no, on a really hosed system, windows recovery console cannot delete certain files, which is why every windows user should know someone who can recover their crap by either booting into linux, or yanking their drive and recovering their data.
When's the last time any linux user had to use windows to recover their linux partitions? Windows is crippleware.
For RAID: Support for RAID6 and RAID10. Stripe size customisation. Layered RAID devices (to create, for example, a RAID50).
For LVM: Adding and removing underlying physical volumes is much easier.
I'm not bashing Windows, this is just something that Linux does quite well, and Windows barely does at all (and in fairness, most of the times you'd want to be doing this with Windows, you'd probably have a SAN that does most of it for you).