Windows 10 Gets Core Console Host Enhancements

x0n writes: As of Windows 10 TH2 (10.0.1058), the core console subsystem has support for a large number of ANSI and VT100 escape sequences. This is likely to prepare for full Open SSH server/client integration, which is already underway over on github. It looks like xterm is finally coming to Windows. OpenSSH was previously announced (last year) by the very forward-looking PowerShell team. The linked article provides some context, and explains that the console host isn't the same as either cmd.exe or powershell.exe, but there is a lot of overlap in functionality.

Turd

Can polish a turd all you want. Still a turd at the end of the day

Re:Turd

[MightyMartian]

I can only hope you can run a native version of Bash with a set of GNU or Posix versions of the toolset, and I can send Powershell to the shithole that horrible scripting language belongs.

Re: Turd

[spectrum-]

Powershell has some great features and ideas. And whilst it can be great to script in, it is very long winded to just type and use in an adhoc fashion. Sure there's aliases but its still a bit tedious.

The other thing power shell needs is more social interaction and perhaps just a bit more fun. I guess it's still quite new and evolving. Bash is ancient relatively speaking.

I'd like to see stuff like figlet, write, wall, mutt natively in powershell so it becomes more of a destination than a mere dull workhorse of productivity.

Re: Turd

[Ol+Olsoc]

I'd like to see stuff like figlet, write, wall, mutt natively in powershell so it becomes more of a destination than a mere dull workhorse of productivity.

Be patient - they have to get the keylogger working correctly first.

Re:Turd

You're right, just look at Linux.

Re: Turd

I've been wanting Windows to get full Unix emulation, and even better, built in compiler support like a Unix box. I want to be able to test and run python scripts that will run on Unix vms on my box through pycharm without having to use a remote vm environment. Right now, it's easier to use a macbook pro. You'd think some monkey in marketing would have caught on to this fact.

Of course ntfs file permissions behave differently than Unix file permissions but I think that is reconcilable. I know there is cygwin but that's not the same, it's more effort with that, and a lot if things can't live in both worlds.

Re: Turd

Sycraft-fu says that you are an idiotic, paranoid, conspiracy theorist for daring to state that Windows 10 contains spyware.

Re: Turd

[ArmoredDragon]

I've done a lot of neat stuff with powershell, for example I created a powershell script that gathered information about one system (using the Get-WmiObject Win32_SystemEnclosure to retrieve i.e. a computer's brand name, serial number, bios version, etc) and opened a TCP socket to feed that information to another system across the network that had a listening server which was also written in powershell.

But yeah, it totally violates the KISS principle. It's hard as fuck to look up certain information about the system because the way it's stored and retrieved is almost never intuitive (for example, you literally have to generate an XML file and then parse said file in order to get some stuff.)

It's also very hard to figure out how to do something you might not have done before, or have done very rarely, because the command names are so long that they're difficult to remember. There are shorter aliases, but they don't have any consistent naming (for example, Get-WmiObject can be shorthanded as gwmi, whereas a command like Add-PSSnapIn is shorthanded as asnp) making them also harder to remember.

I would much rather just have bash, and do that server stuff I did with tools like netcat, which although uses a separate binary, is FAR simpler than the method I used with powershell, while also having tools like dd to be able to manipulate binary blobs, and dummy block devices like /dev/zero, /dev/random, and even the ability to directly read/write to hard disks as if they were ordinary files.

If Microsoft did that, and had a good package manager for command line tools with the ability to add third-party repositories (like aptitude does) with options to compile from source (like portage does) I might actually consider using it for servers now and then. But because it doesn't, I only use it for servers either when an application requires it (as in, no Linux version available, but this is quite rare for applications meant for servers) or for active directory (also only occasionally needed.)

Re: Turd

[Ol+Olsoc]

Sycraft-fu says that you are an idiotic, paranoid, conspiracy theorist for daring to state that Windows 10 contains spyware.

He's just practicing the latest version of denialism.

Re: Turd

[arglebargle_xiv]

I've done a lot of neat stuff with powershell, for example I created a powershell script that gathered information about one system (using the Get-WmiObject Win32_SystemEnclosure to retrieve i.e. a computer's brand name, serial number, bios version, etc) and opened a TCP socket to feed that information to another system across the network that had a listening server which was also written in powershell.

You work for Microsoft on Windows 10 then?

Re: Turd

[mlts]

This. I'd love the ability to provision a Windows box, toss a SSH key on it and have it ready to be managed via Ansible.

On the development side, being able to Vagrant up a Windows box as easily as I do other boxes would be nice, and make life a -lot- easier when it comes to testing. If I need to create a Windows box to make sure a certain set of Registry settings works, it would be nice to create a base box, boot it, have Vagrant provision it, and have it ready to go. Then, when I want to prove my stuff works to another developer, I point them to the repository with my Vagrantfile and provisioning scripts.

Vagrant is a wonderful tool for testing in the UNIX environment. It (pretty much) guarantees that I will have the exact same environment for testing as the developer, and if their code works in a Vagrant box, it will work in mine. I'd love to have the same ease of use on the Windows side. The closest I can come to this is a WIM image and a directory full of MSI files.

Re: Turd

[chispito]

It's also very hard to figure out how to do something you might not have done before, or have done very rarely, because the command names are so long that they're difficult to remember. There are shorter aliases, but they don't have any consistent naming

How can you complain that PS cmdlets are both too long to type and difficult to discover? They for the most part follow a very straightforward convention of [approved verb]-[specific noun]. Like Get-childitem, add-content, export-csv, etc. There is no rhyme or reason to the naming on Unix commands. Good luck discovering the utility you're looking for the first time without Google. And you really can set aliases quickly in PS so I see that method as being the best of both worlds. Complain all you want about ps performance or lateness on ssh or whatever, but it is incredibly easy when it comes to discovery.

Re: Turd

[MightyMartian]

What do you mean no rhyme or reason? The basic toolset; cat, sh, mv, rm, and so forth are mnemonics. The point being to make the commands as short as possible while retaining some semblance of meaning. For me Powershell's absurdly verbose naming scheme is as good a sign as any that Microsoft has never really understood CLI work.

Re:Turd

[Provocateur]

not flamebait; just the facts, ma'am.

The surprise is, MS servers want to collect data on this turd. Very dis turding...

Re: Turd

I've been doing this for nearly two decades, initially with physical disk images and later with a combination of base and delta logical disk images.

Tools grown organically by early LAMP and Java developers and script kiddies aren't necessarily better. They're just different.

Re: Turd

They were short because memory was limited back when Stallman had a shorter beard and showered more regularly.

Re: Turd

[zifn4b]

For me Powershell's absurdly verbose naming scheme is as good a sign as any that Microsoft has never really understood CLI work.

Once upon a time in a galaxy long long ago there was an operating system that had batch scripting and short terse commands like: DEL, DIR, TYPE, CD, ATTRIB, COPY, ECHO... It ran on machines that had 640K of memory because that ought to be enough for anyone...

I think Microsoft did actually understand at one time but somehow that was lost somewhere along the way...

Re: Turd

Geeze Grandma, that is some really nice ssh you are setting up.

Yes dearie, the better to hide my data pilfering from you.

Re: Turd

[IamTheRealMike]

They haven't. When I first tried to use PowerShell it frustrated me so much I wrote an entire article about it. Calling PowerShell a shell is a huge stretch: it's really just a strange and verbose scripting language.

Re: Turd

Let me give an example of why long names are bad:
New-PSSession
Sure, the new is logical.
By why PSSession? It could just as well have been
New-PS
New-Shell
New-SH
New-Shell
New-Session
New-PowerShell
New-PowerShellSession
New-RemotePowerShellSession
and dozens of others that all basically would mean the same thing. Note a particular problem here is also that they do not always go for verbosity, for example PowerShell is suddenly abbreviated. So you have to remember the exact term Microsoft chose, and also what parts it abbreviated and which not.
I also have a feeling (but can't say for sure) that for tab completion purposes putting the verb/action first was a really horrible idea.
It at least means that the method of typing only 3 letters+tab never works.
It means that if you don't remember the verb (not all are obvious) tab completion won't help.

Re: Turd

[ArmoredDragon]

LOL I did that in an IT shop that was primarily Microsoft driven. I was working Tier 2 tech support (also called Desktop Support) and because I wasn't a Tier 3 tech (system engineer they were called) I had to work within the limitations of what the systems already had installed. The actual system engineers were retarded though and didn't know how to manage active directory worth shit, so I ended up finding broken shit all the time and having to build workarounds for said broken shit.

This particular script was meant as part of a system to automate provisioning employee laptops, because their existing process was rather manual, and usually took about 30 minutes. After I wrote up a bunch of powershell scripts, I turned it into a 1 minute job. This is what the tech 3 guys should have been doing, and if so they could have come up with a more elegant solution. But then again, I found that they had a very narrow understanding of Microsoft infrastructure, of which I care little for myself as I'm mainly a network guy (speak of which, I was frustrated when they had all of about zero understanding of the OSI model, which when it came down to troubleshooting a problem with NTLM authentication, they blamed it on a wifi driver when it was obviously a session layer problem, and they had no fucking clue what "session layer" even means.)

But you know, they're Tech 3 and I'm only Tech 2, so they're right of course. Fortunately I don't work there anymore.

Re: Turd

[ArmoredDragon]

How can you complain that PS cmdlets are both too long to type and difficult to discover? They for the most part follow a very straightforward convention of [approved verb]-[specific noun]. Like Get-childitem, add-content, export-csv, etc.

Ok here's the problem: It's never clear when you need to get content or get object or get whatever other verb they want to use. There's so much different ways of retrieving information because the way its stored is never consistent. For example, if I want information about the CPU, that's a WMI object. If I want information about running processes, that's another type of object.

But bash? Everything can be treated as an ordinary file. EVERYTHING. All system objects that you want to examine can be grabbed using THE SAME COMMANDS, thus parsing those objects feels identical and very consistent. Once you are familiar with cat, dd, grep, sort, sed, and awk, that's it, you can manipulate any object you want however you want.

But with powershell, with a new object type comes a new command to learn along with its syntax and quirks.

Re: Turd

[chispito]

The basic toolset; cat, sh, mv, rm, and so forth are mnemonics.

Funny you used those examples. Three out of the four of those work out of the box in PowerShell because MS included them as aliases. You can be as sleek and incomprehensible as you would like in PS. Nobody is stopping you.

For me Powershell's absurdly verbose naming scheme is as good a sign as any that Microsoft has never really understood CLI work.

Again... see comment re: aliases. New-Alias [alias] [cmdlet].

Having both the long name when you are trying to discover commands and shorter aliases for day to day work is convenient. I use PowerShell day in and day out at work, and there are lots of problems with it. The uniform naming convention is a strength, not handicap.

Re: Turd

While nothing is perfect, Powershell is an excellent and powerful scripting language for the windows environment and has made automation simple and maintainable. It's unfair to criticize it as a turd just because you dont like Windows.

Re: Turd

Is that to say all config files in Unix are consistent? You can easily inspect an object for methods, properties and events by piping to gm or get-member. Or figure out the type of object by using the gettype() method.

Re: Turd

[MightyMartian]

And I can create Powershell like aliases in Bash. What precisely is your point? The naming scheme is terribly verbose.

Re: Turd

[chispito]

It is verbose so you can find new commands on your own, and so you know the general function of something by its name. If someone learns the help system (get-help) and command discovery (get-command), it is usually easy to find a command. All information retrieval commands start with Get. All commands that change settings start with Set.

Please tell me, because I have a lot to learn in *nix, how would I figure out to use chmod to change permissions if I was previously unaware of the command name? How do I discover the correct commands without asking someone online or offline? By the way, the command to change file permissions (or other system object permissions) in PS, set-acl, is really unwieldy. If I were having to use it a lot on the fly in the command line, I would probably end up writing a helper function to make it simpler to supply the user and permissions level.

Re: Turd

[MightyMartian]

If you are that unaware of the system, anything less than a book isnt going to help. It's a crap analogy.

Re: Turd

[chispito]

For example, if I want information about the CPU, that's a WMI object.

That's a perfect example of were MS dropped the ball. WMI is very powerful, very inconsistent, and very slow. You use Get-WMIObject because there is no PS native command to get that information like there should be. It's duct tape for your duct tape.

Re: Turd

[ArmoredDragon]

Is that to say all config files in Unix are consistent?

They're all consistent in that they're all just plain text. All you have to do is open it and you'll know what sed parameters you want to use to extract the value you want. For example, I wrote a script that does autodiscovery of your mythtv mysql username and password by pulling it directly from a config xml file, and I didn't even need to get a special xml parser to do it. That code looks like this:

DBUSER="$(awk -F '[]' '/UserName/{print $3}' $CONFIGXML)"
DBPASS="$(awk -F '[]' '/Password/{print $3}' $CONFIGXML)"

I didn't know how to do this before I wrote that, by the way, I just looked up the syntax for awk and got it to work. I tried parsing XML in a similar manner in powershell once, and could never figure it out and just gave up.

Re: Turd

[unrtst]

I'm not sure you chose the best examples...

Please tell me, because I have a lot to learn in *nix, how would I figure out to use chmod to change permissions if I was previously unaware of the command name?

You said "change permissions", so maybe try "ch[tab][tab]", where you'll find a bunch of commands that change things (attributes, permissions, group, password, virtual terminal, etc).
Though I've never got into the habit of using it, I believe the recommended way, via the shell at least, is to use "info". So, you would type "info", it'd bring up the default page, then you'd search for "permission" by typing "/" for search (which is a common idiom) then typing permission and hitting enter. The first entry on my system is for "File permissions: (coreutils)File permissions.". Hit enter on it. It gives some brief into and another menu. Select the "Symbolic Names", and then there's info on that and links to how to set, copy, change special bits, etc.

By the way, the command to change file permissions (or other system object permissions) in PS, set-acl...

How would you find that? I assume you'd start by typing "set-", but then what? Why would you think to type "acl" for file permissions?

And yes, I know what "acl" stands for, but that's no more clear to someone searching for the command than chmod. Even if you were looking for "acl", you'd still end up finding "chacl", which does the same job as chmod.

Re:Turd

You know that Unix saying that those who do not understand it are condemned to re-invent it? You might want to actually learn and understand what powershell does before poo-pooing it.

It is WAY more advanced than BASH in what it attempts to, and actually maanges to do. Yes there are bugs. Yes it requires a mind-set shift. But to claim that BASH is so superior just shows how much you do not know about powershell.

Re: Turd

True, but every single output from a file in bash is text often in it's own special format. Everything in powershell is an object and can be formatted or imported/exported/queried as you like. Rather than faffing about with sed/awk/grep/cut you work with select queries. Essentally you need to write a text parser for every pipe you use.

There are things you can do in a couple of lines of powershell, to multiple machines over the network with a few lines of code. Trying to do similar things in bash requires a lot more time and development.

As an example, try writing a bash script to get the BIOS version out of a thousand machines over the network...

Not to say powershell is without its faults, I've run into plenty of bugs and otherwise strange and unintuitive behavior, but some of the stuff it can do is pretty amazing.

Re: Turd

[bingoUV]

Please tell me, because I have a lot to learn in *nix, how would I figure out to use chmod to change permissions if I was previously unaware of the command name?

apropos permission
apropos file
apropos change

Re: Turd

[chispito]

Please tell me, because I have a lot to learn in *nix, how would I figure out to use chmod to change permissions if I was previously unaware of the command name?

apropos permission apropos file apropos change

Thank you so much. This is immensely helpful.

Re: Turd

[beastofburdon]

That was funny, but the scary part is that you may be right about it.

Re: Turd

[beastofburdon]

Except that DOS was bought from someone else. Micro$oft simply did not change the commands.

News for Nerds

Is it just me, or is this actually news for nerds?

Re:News for Nerds

nerds have already cygwin, msys or something like that. nerds needed this functionality so long that they actualy resigned reminding m$ that terminal is a not a dirty word.
to paraphrase: a good console is like a good dog - very rare. a good console with a good language is like a dog speaking norwegian,sir - even rarer. i am mentioning this because in windows 10 they actually got cmd.exe so much better, but the underlying bat language feels like yesterday's vomit. i guess, that's where powershell comes in, but this dog speaks hungarian and i have no true will to learn yet another language specific for some minor platform.

so 2016 will be the year of the console on windows, a bit ironic

Re:News for Nerds

Yes, it is.

This is likely to prepare for full Open SSH server/client integration

Now Windows 10 can send even more of your private data to Microsoft and Homeland Security, at no extra charge!

Re:News for Nerds

[davester666]

No. Nerds refuse to run Windows 10. They don't like being tracked like rats in a cage.

Re:News for Nerds

Bullshit. I've been a nerd my while life from programming in Assembly on my Ti-99/4a to jamming my mother's radio with my Radio Shack 400-in-1 electronics kit. I have no problem with Windows 10. Why? Because I'm not a tin-foil hat wearing douchebag. If you actually care that much about "privacy", move out into the woods and live Unibomber-style, asshole.

Re:News for Nerds

Cygwin and msys are full of dirty hacks to get the job done. They're full of limitations and don't integrate nicely with Win32 applications. There's a reason Microsoft needs to add this functionality into the core console subsystem, rather than just running a Cygwin version of OpenSSH.

Re:News for Nerds

If you value privacy so little, then let me install cameras in your house.

Re:News for Nerds

How dare you insult hungarians. We are a proud people!

Re:News for Nerds

Your paraphrase is twice as long as your full comment. That's not a paraphrase.

And only 50 year old neckbeards refuse to examine new tools. Regular nerds are always looking for a better mousetrap.

Re: News for Nerds

I would let you install cameras. I would not allow you to use them though. Douchebag asshole.

Re:News for Nerds

[flopsquad]

How dare you insult hungarians. We are a proud people!

And full of eels, just like our hovercraft!

Re: News for Nerds

Oh, so you ARE a paranoid, tinfoil hat wearing douchebag. I thought you said you weren't.

Also, publicly post the usernames and passwords to all of your online accounts, unless you're a paranoid, tinfoil hat wearing douchebag.

Re: News for Nerds

[davester666]

He probably walks around complaining that he is being forced to wear clothes when he leaves the basement.

Re:News for Nerds

[dave420]

The problem with generalisations like yours is that it only takes one nerd who uses Windows 10 to prove you wrong. Just one. One single Windows 10-using nerd and you are incorrect. As it is, there are plenty, so you might want to think about not using such basic, childish logical arguments in future.

So Let Me Get This Straight

[MightyMartian]

So let me get this straight. Windows is getting the kind of terminal support *nix has had for nearly 50 years? Wow, I mean, how fucking innovative of MS.

Fuck fuck fuck.

Re:So Let Me Get This Straight

[MightyMartian]

Looks like the Redmondites are out in force with their mod points.

I just have to ask all you clever little MS types. As Microsoft moves Windows Server closer to a CLI-based operating system, what exactly is the point of Windows now, other than, I suppose Exchange?

Re:So Let Me Get This Straight

So some company does a lot of shit that no one liked and everyone complained about. Then, when they start showing a rather large willingness to go in the direction everyone wanted them go in, the same people complain about it.

Re: So Let Me Get This Straight

[mattcoz]

Why does it have to be innovative to be a good thing? Should they just not do it if it has already been done by someone else?

Re:So Let Me Get This Straight

Spyware and forced restrictions is the way everyone wanted it to go?

Re:So Let Me Get This Straight

[fnj]

I just have to ask all you clever little MS types. As Microsoft moves Windows Server closer to a CLI-based operating system, what exactly is the point of Windows now, other than, I suppose Exchange?

Exchange Server is one of the killer points, yes. The other one is Domain Login with the attendant domain-wide security model. As a *nix booster, I must say those two continue to absolutely show up *nix to this day. Those two give more than enough of a "point".

Re:So Let Me Get This Straight

This is actually a pretty big deal. Stolen from this post by a ReactOS developer:

why is command prompt so, command prompty i guess

it all goes back to a terrible, terrible architectural choice they made way back in Windows NT 3.1

Win32 consoles are implemented in user mode. god knows why simple, safe consoles are a user mode thing, while a ton of badly written GUI poo poo was violently forced down kernel mode's throat, but they probably hoped that text consoles were going to be a fad? nevermind. this alone wouldn't be an issue, in fact if anything it would make providing multiple implementations of console windows very easy, but they had to double down on the awful, and make console windows run in the user-mode part of the win32 subsystem (basesrv.dll), which runs in a hyper-privileged process, csrss.exe. how privileged?

* the system is immediately shut down with a fatal hard error if it terminates. regular hard errors (like "put the floppy back in, idiot", "executable imports non-existing function from dll", etc.) are passed from kernel mode back to csrss.exe, which turns them into message boxes (when you use MessageBox with the MB_SERVICE_NOTIFICATION flag, you are actually raising a STATUS_SERVICE_NOTIFICATION hard error); they are even interactive (you surely remember the infamous abort/retry/ignore), as in the thread that raised them is blocked waiting for your answer. the caller can even be a kernel mode driver (see IoRaiseHardError). fatal hard errors (passing OptionShutdownSystem to NtRaiseHardError/ExRaiseHardError) on the other hand can't be sent to anyone and result in an immediate shutdown (pretty fast because only drivers are notified, user mode processes are just killed) followed by a bugcheck. so technically it's wrong to say that terminating csrss.exe causes a BSOD because a BSOD is instant, while when you kill csrss.exe you can e.g. hear the disks flushing. little known fact: before Windows XP, crashing on termination of a critical process wasn't a kernel feature; instead, the startup process (smss.exe) would wait for the termination of csrss.exe and winlogon.exe, and hit you with a hard error if it ever returned from the wait. you'll notice a flaw: nobody watches the watcher (kernel don't gaf). you could totally kill smss.exe and then csrss.exe without a BSOD. back then, the debugging APIs were implemented in user mode for some loving reason, and for an even more inexplicable reason they were a RPC API and smss.exe was the server end, so killing smss.exe would have no visible effect, except breaking debugging until a reboot
* it has direct access to the real-mode address space (lowest 1 MB of physical address space), in fact it's mapped at virtual address 0 and everything. csrss.exe doesn't actually use this, it's a hack for calling the VGA BIOS from video drivers. the driver framework attaches to csrss.exe to get its address space (virtual address 0 is in the user mode range, and kernel processes like System have no user mode virtual memory range, so you need to attach to a user mode process for that) and then I have no idea what happens because I've never done VGA. there's a special flag to RtlCreateUserProcess (low level no-Win32 equivalent of CreateProcess, used to start winlogon.exe, csrss.exe, etc. you can tell a process has been launched by RtlCreateUserProcess instead of CreateProcess because its command line will include the full object namespace path, e.g. \??\C:\WINDOWS\System32\winlogon.exe), RTL_USER_PROCESS_PARAMETERS_RESERVE_1MB, whose entire purpose is to reserve the lowest 1 MB of virtual address space in the target process so that stacks, heaps, environment, etc. will be allocated somewhere else and win32k.sys can map the real-mode address space there (how do you allocate memory at address 0? just pass (PVOID)1 as the desired address to VirtualAlloc/NtAllocateVirtualMemo

Re:So Let Me Get This Straight

[Gadget_Guy]

So let me get this straight. Windows is getting the kind of terminal support *nix has had for nearly 50 years?

No, Windows has had the kind of terminal support for years, it is just been their own implementations. The difference now is that they are now using the same particular protocol as the *nix world. In other words, they are going from the kind of terminal support to the exact terminal support.

Re:So Let Me Get This Straight

[DogDude]

SQL Server, is another reason. Ever heard of that?

Re:So Let Me Get This Straight

[phantomfive]

Wait till you find out they'll actually let you resize the terminal window.

Re:So Let Me Get This Straight

[phantomfive]

SQL Server, is another reason.

It's been a mistake everywhere I've seen it used.
True, it's nicer than MySQL, but you pay for it.

Re:So Let Me Get This Straight

[Sarten-X]

The same as it's always been... full integration with the entire line of business-oriented Microsoft products (including Exchange) and support for the vital third-party software that requires Windows.

For many years, Microsoft's business model has been to promote a Microsoft-centric universe. If you use Office, you'll get the best service with an Exchange server, which must run on Windows Server, and really needs Active Directory, which supports your Windows workstations, which integrate with Office. It's not just that Windows is a GUI-based OS. Microsoft products are a part of a whole tangled mess of dependencies, and for years we've been stuck dealing with the downside of that glorious integration.

Every IT admin has a story about the vital business process that involved a human robot. Every day a human logs in, and runs an Excel macro to generate a spreadsheet, that he saves as a CSV file and loads into a third-party program, which generates a RTF document, that needs to be renamed to .txt and moved to a different folder for another program to find and render into a PDF, which the human has to open and read the third line on the fifth page to determine which managers need the report emailed to them. This is a GUI-based process, because the software runs on a GUI-based OS. It can't be automated, because the software doesn't support it. For decades, automation has been a "nice to have" feature, because it never fit into the Microsoft business model, so there was never a good framework to support it built into Windows.

Sure, we had some old tricks... Batch files, DDE, COM, OLE, WSH, VBA... but they never really enjoyed full support from Microsoft. They were supported features, but not supported enough that third-party vendors would feel pressure to support any automation.

Now, with PowerShell and the Core offering of Windows Server, there's the notion that everything should be able to be automated. Sure, we've had that idea from the very first days of Unix, and *nix has embraced the concept to maturity, but *nix still doesn't run every piece of business-critical third-party software. For those of us who are already firmly entrenched in that Microsoft-centric world, this is a much-needed good omen.

Re:So Let Me Get This Straight

[tlambert]

Exchange Server is one of the killer points, yes. The other one is Domain Login with the attendant domain-wide security model. As a *nix booster, I must say those two continue to absolutely show up *nix to this day. Those two give more than enough of a "point".

Both Mac OS X and RedHat Linux have answers to both domain login and domain-wide security. The Linux implementation is somewhat less robust (i.e. it's possible to escape exclusion groups, and there's no external group membership resolver like there is on Mac OS X, so there's still the 16 group limit), but it at least is a proof by existence that the claim is wrong. And you can always install the Samba implementation manually on any Linux or BSD box.

If you want to get technical, had Windows not added the proprietary field, we're just talking a KDC implementation, as in Heimdal Kerberos, or before that, MIT Kerberos, and that's been around since Project Athena, which means early 1980's, which means over 30 years. Microsoft's implementation was 1995 or so, and it was the late 90's before they made it non-interoperable with the proprietary field, so they are predated by at least a decade.

Kerberos was interesting, in that it abused the setgroups() and cr->ngroups to store the Kerberos key in the last two groups field, but at that point you were not really using groups anyway (since you were using remote Andrew FS or similar, and it was doing server side credentials enforcement).

So TL;DR: they absolutely did not, and do not, "show up *nix".

Re:So Let Me Get This Straight

[phantomfive]

Exchange Server is one of the killer points, yes.

What's so great about Exchange Server that other messaging systems don't have? Because from the client side, it doesn't seem all that special to me.......

Re:So Let Me Get This Straight

[Darinbob]

Well, I think they've decided to finally be useful to developers.

Re:So Let Me Get This Straight

[MightyMartian]

Windows had a Telnet server, to be sure. But you had to be pretty damned careful as to which commands you used. We did play around with Cygwin's bash script running in a TTY on Windows 2000, but it was clunky and slow (like everything in Cygwin was, and maybe still is, I dropped it years ago). In the end it just wasn't a very good CLI-based management platform because 1. there was no good native pure CLI-based toolset to administer a system, 2. no good TTY based text editor, and 3. it was bloody Telnet, and unless you were going to throw everything in an encrypted tunnel, it simply wasn't secure enough for production servers.

Re:So Let Me Get This Straight

Because AD and Exchange are a must? You run Exchange and AD in your business, or you don't have an enterprise, because nothing else out there scales.

It would be nice if there were a scalable directory solution that could compete... but nobody wants to dip their toe in that market.

Re:So Let Me Get This Straight

For a workgroup, OS X and RedHat is fine. For serious work, AD is the only game in town.

Re:So Let Me Get This Straight

[mlts]

SQL server is a database server, and some applications require it... but at least there are others, and one doesn't have to run their business on it. There are alternatives, from MySQL/MariaDB to Oracle, and the nice thing about Oracle is that there are no license keys to manage, so if there is a disaster, getting your RAC cluster back operable isn't dependent on licensing/activation.

This isn't to say SQL server is bad, but if one wants to move from Windows, there are RDBMS products which are just as good available. If you like NoSQL, but still want ACID... there is always MarkLogic.

Re:So Let Me Get This Straight

[mlts]

The Telnet server required an Expect script to use... and yes, you -can- do stuff that way... but it is a relative PITA compared to ssh, Python libraries, and Ansible. As the parent said, sending unencrypted passwords through a link (yes, one -could- do tunnels, but that is another bunch of hoops) was possible... but with SSH (especially with RSA authentication), it is far, far easier.

Re:So Let Me Get This Straight

[Hadlock]

Holy hell, someone mod parent up, please.

Re:So Let Me Get This Straight

Fuck fuck fuck.

We are all glad that you have been satisfied by this increase in console capability.

Re:So Let Me Get This Straight

[Gadget_Guy]

You are right that Telnet is not much use and very insecure, but it was not the only option for remote access.

Windows has also had Terminal Services (later Remote Desktop Protocol) since Windows NT 4.0, although it required a special server version. Windows 2000 Server had it in standard configuration, and Windows XP had it by default in workstation versions (except for the Home edition). XP also had the WSHContoller object for running Windows Scripting Host scripts remotely, but that was not much use for adhoc work. Finally, Powershell introduced remote interactive consoles in version 2.0 back in 2009.

Re:So Let Me Get This Straight

[Hadlock]

Tons of interesting stuff in that link, totally off topic, but details about rewriting win32 kernel with full unicode support as a realtime OS for Windows CE:

I do in fact know a little about Windows CE! from what I remember, it's a much simpler, cleaner design. its Win32 is a rewrite of a subset (for one: Unicode only, no ANSI), and the kernel is a hard realtime microkernel with some cool, unique features: for example, inter-process calls temporarily moved the calling thread to the server process, no roundtrips, no memory copies. this could only work because Windows CE had a single address space shared by all processes. this limited Windows CE to 4 GB of physical memory, but it was a necessity because it had to work on machines without a MMU. the fixed address space also limited Windows CE to 15 processes, don't know why so few (not threads though, you could create as many threads as would fit in memory, and you had 256 priority levels to choose from instead of Windows NT's meager 15)

this was until Windows CE 5. Windows CE 6 is a much more boring kernel, with separate address spaces and drivers running in kernel mode

Re:So Let Me Get This Straight

If you want to get technical, had Windows not added the proprietary field, we're just talking a KDC implementation, as in Heimdal Kerberos, or before that, MIT

_just_ ? Try setting setting up IPA sometime. That's just LDAP and Kerberos too. Have fun...

Re:So Let Me Get This Straight

[MightyMartian]

So essentially it took until 2009 for Microsoft to even begin to admit that RPC, a few rather crappy scripting host options and RDP were inadequate, but it took them over six more years to finally implement what is pretty much the gold standard of encrypted TTY interfaces.

Maybe this is part of the turning over a new leaf, but I can't help but imagine that the next version of Microsoft's coursework will announce how innovative all of this, much as it went around declaring how innovative Powershell was, when all it really is is an overly complicated descendant of Bash, inelegant, overly verbose and unnecessarily convoluted. But yes, it is the best solution MS has ever come up with to remotely administer servers in a programmatic way.

What a bloody pity they just didn't admit their long battle against *nix was idiotic, and just implement Bash and the standard toolset. But then, I guess the obfuscation which has been so much a part of NT and its descendants' success would disappear as well.

I just hope all the Redmondites see the irony of MS sitting around for two decades declaring NT's superiority because, you know, Windows and all, and now essentially reinventing, badly in many cases, what the Unix ecosystem has had for decades.

Re:So Let Me Get This Straight

[MightyMartian]

Well, whenever it appears on Server, and by that I'm assuming our Server 2012 seats won't have it, so what this amounts to is "Shell out a bunch more money in operating systems and CALs, and we'll give you this nifty feature (which every other server grade OS has had for a couple of decades now)

Re:So Let Me Get This Straight

[realmolo]

Full integration with Active Directory, for fine-grained permissions over all aspects of the mail/calendar system.

For example, with Exchange and AD, I can create a distribution group, and delegate "ownership" of that group to a specific user, so they can add/remove users to that group. I can set that group to "open" or "closed", meaning users can either join it/leave it without owner approval, or not.

I can give an arbitrary user access to another users entire mailbox, or give them only permission to "send as" a different user, or distribution group.

I can allow only certain users to send to specific addresses, meaning I can have a "My Entire Company" distribution group that only specific people can send mail to.

And then there are similar permissions/delegation options for calendars, and Public Folders, and even Skype for Business. If you have VoIP phone systems, and compatible phones, you can even access all of your mail/calendar/Skype messages from your phone.

I can set deletion and archive polices for each user, or a group of users. I can set mailbox size limits per user, or per group. I can create a "discovery search", meaning I can allow access to a user's mailbox, but only for mails that meet a specific search criterion.

And of course, there is a cottage industry of add-ons for Exchange to do a million other things. Mimecast, for example, allows automatic off-site archiving of all email (with an Outlook plugin to search the mail), and automatic failover to Mimecast's servers if Exchange goes offline.

It's just endless. Exchange has no real competition. Is it perfect? No. But it's better than anything else for corporate messaging, by a wide margin.

Re:So Let Me Get This Straight

[MightyMartian]

Gosh, what did we ever do before Windows 2000? Authentication by clay tablet?

It's the egocentric nature of MS's claims, that somehow computing couldn't be done without its products, that pisses me off the most. It denies an absolute vast amount of work done in these areas for decades before derivative technologies like AD even existed

Just like how Redmondites are doubtless cheering the innovation of giving Windows admins what everyone else has had for decades. This isn't a moment for pride at Redmond, but the moment when if fully recognizds just how shabbily it treated people stuck trying to do automation on its amazingly incoherent platform.

Re:So Let Me Get This Straight

[MightyMartian]

Perhaps if it came with a dose of humility.

Oh, and Bash.

Re: So Let Me Get This Straight

[corychristison]

I don't get it either... Outlook is a pile of shit, Exchange may "work" but it certainly is also a pile of shit. Years of cruft, and more added on every year.

I'm not a fan of Google, nor do I use their services, but they are at least based on open standards anyone can use... I don't just mean email, I mean calendars/appointments (CalDAV), contact syncronization (CardDAV), internal messaging (XMPP), etc.

Microsoft and their need to convolute everything until it crumbles in the users hand for the sake of locking everyone in to extract more license fees is frustrating, and a huge waste of company time/money.

Re:So Let Me Get This Straight

ActiveDirectory is a (twisted) LDAP-Implementation at heart. Kerberos is just an add-on to that for authentication. AD itself does much more than just authenticattion these days. It has rather turned into a distributed Windows Registry for domains (only small exageration there).

Re:So Let Me Get This Straight

Redmondites? You sir, are a fucking troll in every sense of the word. Grow up.

Re: So Let Me Get This Straight

I always thought PowerShell was just another name for Bash.

Then a colleague demonstrated it to me and what it can do.

It's neither a shell nor does it have anything to do with power.

Re:So Let Me Get This Straight

Yeah, we get it already: you really hate Microsoft.

Re:So Let Me Get This Straight

hahahahhahahhahhahhah..

Sorry couldn't resist, that's a typical IT guy who has grown up living in a Microsoft world response...

I'm going to guess I'm a bit older than you, I'll let you into a secret, everything Microsoft does now someone else did before them, they didn't invent the wheel.

It's like the conversation I was having with a "system Admin" not long back about why had I installed Kerberos on all the windows machines...

I was like what do you mean ? And it transpired he had found the tools I use on the domain controller to let me peek inside Microsofts implementation of Kerberos to make my life easier when fixing and modifying things, yeh I am perfectly at home modifying Windows under the hood, thats how much I know about how it works.

I was like "Dude, I didnt install Kerberos on Windows, thats what Windows uses under the hood for authentication"

In the same way that Windows AD is built on top of LDAP, Microsoft took LDAP and modified it to allow them to use it for Windows, they didn't invent Directory Servers.....

That's why all the non Microsoft software I use that integrates with an LDAP server easily connects to AD servers because they are interoperable, thats why I can run Samba in Kerberos mode hooked up to AD because they interoperate.

I've been running full unix console on Windows 7 since it came out, it's not a Microsoft implementation it's open source, it works quite well, I can even fire up powershell inside the console windows, I can imagine whatever Microsoft come up with will be a pretty good attempt but not good enough for me to move away from the software I am currently using.

Re:So Let Me Get This Straight

Shell out a lot of money and don't bother to install into anything lesser or more than a dual socket system comprised of at least and at most two 8 core processors. Or prepare to pay even more, getting audited or just generally pissed.

Re:So Let Me Get This Straight

With good reason. Every time you think Microsoft couldn't be any more scummy or inept, they go and prove that they can.

Windows 10 took some real evil to push out there. If you thought MS lock-in was bad before, well you ain't seen nothing yet. If you're on Windows 10, they dominate your PC and your data. Just wait until they tell you to pay up a subscription fee or forfeit the use of your computer as it is.

Re:So Let Me Get This Straight

[Zontar+The+Mindless]

And you can always install the Samba implementation manually on any Linux or BSD box.

Don't some Linux distros install Samba support automatically? I seem to recall that mine (openSUSE) does, at least.

Re:So Let Me Get This Straight

[Zontar+The+Mindless]

We got along just fine for years at Sun without Exchange or AD. Outlook was strictly verboten, and our mail servers actually handled lists correctly.

Good times.

Re:So Let Me Get This Straight

Looks like the Redmondites are out in force with their mod points.

I just have to ask all you clever little MS types. As Microsoft moves Windows Server closer to a CLI-based operating system, what exactly is the point of Windows now, other than, I suppose Exchange?

You don't need to port systemd, because they got the original.

Re:So Let Me Get This Straight

[Zontar+The+Mindless]

I'm sure that MightyMartian feels only heartfelt pity and compassion for the kids on the short bus.

Re: So Let Me Get This Straight

Bash is the de facto power shell and PowerShell is just a Microsoft trademark that refers to their crippled .Net interpreter.

Re:So Let Me Get This Straight

[tlambert]

If you want to get technical, had Windows not added the proprietary field, we're just talking a KDC implementation, as in Heimdal Kerberos, or before that, MIT

_just_ ? Try setting setting up IPA sometime. That's just LDAP and Kerberos too. Have fun...

LDAP is really easy. Well, it is for me:

From the OpenLDAP commit logs:
===
1.1.4.1 Sat Aug 8 23:05:28 1998 UTC; 17 years, 6 months ago by kurt
CVS Tags: FreeBSD_3_3; Branch: FreeBSD
Changed since 1.1: +0 -0 lines
Diffs to 1.1 (colored diff)
Import of FreeBSD LDAP 3.3 Port
---
1.1 Sat Aug 8 22:43:17 1998 UTC; 17 years, 6 months ago by kurt
Initial revision
---
1.1.3.1 Sat Aug 8 22:43:17 1998 UTC; 17 years, 6 months ago by kurt
CVS Tags: LDAP_3_3+prerelease, UMICH_LDAP_3_3, BOOLEAN_LDAP, LDAP_POSTE, LDAPworld; Branch: UMICH ; Branch point for: RAGE
Changed since 1.1: +0 -0 lines
Diffs to 1.1 (colored diff)
Import of Umich LDAP 3.3
===

See that 1.1.4.1? Those are my patches to get OpenLDAP working from UMich LDAP sources. It added about 40 platforms. OpenLDAP started with the UMich LDAP, added my patches, and then went on from there. Originals of the (120K of) patches are HERE:

http://www.freebsd.org/~terry/...

Just because something is hard for you, doesn't make it hard for the rest of us. Some of us have been doing this for nearly two decades.

Re:So Let Me Get This Straight

[dbIII]

It's a massive suite of stuff that people like to pretend is one program whenever comparisons are made.
So if it performs worse than any other available MTA the excuse is "but can an MTA do this" when it's an entirely different part of the suite doing the job.

Exchange. The name itself is very good advice on what to do with it. A positive is it did lead to Volume Shadow Copy because there was no reliable way to back up MS Exchange files without stopping the services and not letting users open their mailboxes for the duration.

Re:So Let Me Get This Straight

[dbIII]

Mimecast, for example, allows automatic off-site archiving of all email

Which Sendmail could do with simple entries in the alias file long before MS Exchange even existed. It's about the only simple thing about Sendmail, but such things were core functions in other MTAs years ago.

Re:So Let Me Get This Straight

[dbIII]

If you use Office, you'll get the best service with an Exchange server

True, MS Outlook is very flaky at times doing normal email unless the server is in the same building. I've had to get users onto a VPN simply because MS Outlook does SSL so badly. Phones with 1/10 the CPU on congested networks perform better picking up mail than a fast machine with MS Outlook.

Re:So Let Me Get This Straight

[dbIII]

One of the funny moments on this site was a series of posts in a range of articles by an MS fanboy that kept saying the MS stuff was superior to *nix due to the "run as" functionality. He didn't seem to know that *nix has had the entirely equivalent "su" since before the MS stuff even had usernames, he'd only heard the preaching of another fanboy about how wonderful the feature was and how MS had invented it.
That summed up the attitude nicely.

Re: So Let Me Get This Straight

All of that apart from the Skype integration can be done with Kolab, which is built on LDAP, Postfix and Cyrus-IMAP. I'm sure if someone wanted it badly enough the directory could be integrated with whatever FLOSS VoIP solution was easiest.

Re:So Let Me Get This Straight

You are right that Telnet is not much use and very insecure

It's not that insecure.
I mean, sure, it has no protection against MitM attacks whatsoever, but how many people do you know actually verifies the certificate before moving on?
It's slightly vulnerable to blind injection attacks, but those are pretty tricky to pull off, especially without anyone noticing. They also requires that the network forwards malformed packets so it might be easier to pull off a MitM attack.

There are very few protocols you can use safely if your ISP is out to get you and if you can trust your ISP there are a lot of protocols that otherwise appear to be unsafe that are perfectly fine to use.

Re:So Let Me Get This Straight

[Gadget_Guy]

So essentially it took until 2009 for Microsoft to even begin to admit that RPC, a few rather crappy scripting host options and RDP were inadequate, but it took them over six more years to finally implement what is pretty much the gold standard of encrypted TTY interfaces.

No, they have never stated that their previous technology was inadequate. They are just providing yet another option to their existing solutions. That you think that SSH is the one-and-only answer shows your biases rather than demonstrates any admissions of inadequacy by Microsoft.

Maybe this is part of the turning over a new leaf, but I can't help but imagine that the next version of Microsoft's coursework will announce how innovative all of this...

There is no way that they will attempt to claim that they invented SSH. Apart from being so easy to disprove (and thus ridicule), it would also go against the current Microsoft policy of working with standards.

...much as it went around declaring how innovative Powershell was, when all it really is is an overly complicated descendant of Bash, inelegant, overly verbose and unnecessarily convoluted.

Once again you have let your hatred and obvious lack of knowledge get the better of you. The basis of Powershell is that it treats everything as an object and is integrated with .NET so that it has access to virtually the same class structures that low level languages have. How it that being a descendant of bash? As you say, it has a verbose naming scheme for its commands and functions. How is that being a descendant of bash? Sure it has aliases to allow common *nix commands, but it also has them to allow CMD.EXE commands too. They are simply there to provide convenient shortcuts. Apart from those helpful aides, everything about Powershell is all its own.

I just hope all the Redmondites see the irony of MS sitting around for two decades declaring NT's superiority because, you know, Windows and all, and now essentially reinventing, badly in many cases, what the Unix ecosystem has had for decades.

For someone who thought that the only remote access that Windows had was telnet and that Powershell was a copy of something that it is almost completely unlike, I think that you need some more education before you can lecture anyone about the shortcomings of Windows.

Re:So Let Me Get This Straight

I know what you mean, but still to me PowerShell always seemed like a copy of bash by someone who never understood the point of a shell and instead wrote something that fell somewhere in the cracks between being a shell and a programming language and thus not really good for either.
But I admit that is a matter of opinion and possible making a shell more like a programming language is good.
I don't think so though, because I think not needing a separate debugger ever is a core point of a shell to me, and passing around objects pretty much means you do need one, as there simply is no way to display an object on a text console (a text representation of an object is a completely different thing and doesn't count, especially when the language doesn't enforce a 100% complete textual representation of the object is always possible).

Re:So Let Me Get This Straight

This one time, this one guy said something stupid. Therefore, Linux is better.

Re: So Let Me Get This Straight

If you really believe that, you are an idiot and don't work in a real enterprise.

Re: So Let Me Get This Straight

[MightyMartian]

Am I the only one who finds Powershell exceedingly slow? Load up is crazy, and try to load in extensions like Exchange, and holy shit it crawls.

Meanwhile Bash always seems snappy, despite being a fairly complex interpreter itself.

Re:So Let Me Get This Straight

[MightyMartian]

I was referring to TTY access. Your misrepresenting what I said.

Re:So Let Me Get This Straight

[Ash-Fox]

I mean, sure, it has no protection against MitM attacks whatsoever,

Windows Telnet server supports using NTLMv2. You're speaking non-sense.

Re:So Let Me Get This Straight

no it will probally work

Re:So Let Me Get This Straight

[modmans2ndcoming]

you miss the point that Exchange is doing that from AD, not some separate config for user access that is only useful to itself. AD is a central repository for access to everything you need to manage in an enterprise. Your SendMail solution is great for send mail. Can I use it to manage access to network shares, printers, applications, remote access, etc? no.

Re:So Let Me Get This Straight

[modmans2ndcoming]

business enterprises were far more fragmented back in the day. They handled scale by having site specific access for their large enterprises.

Re:So Let Me Get This Straight

[MightyMartian]

And it's not as if Exchange is easy. Yes, there's the brain dead configuration that comes out of the box, but if you want to do anything like advanced filtering it suddenly becomes very complex. We run Exchange 2010 where I work, and a few months ago I wanted to do some scripting on incoming emails to a specific mailbox. Certainly possible, but man oh man, between being forced to work in Powershell and the awkwardness of Exchange itself, I ended up implementing it on the Postfix server that sits between the Exchange server and the network. Postfix passes off the message via STDIO to my Bash script, I pulled out the attachments I need to save elsewhere for further processing, and it's been humming like a charm ever since.

Maybe some of it has to do with the fact that I'm a *nix guy, and it's more familiar terrain, but I really can't get over just difficult Powershell and Exchange can be, where the *nix philosophy just makes things so much easier.

Re:So Let Me Get This Straight

[MightyMartian]

I use MS products every bloody day. We upgraded to a Server 2012 network last year, we run Exchange 2010, all our workstations run Windows, with Office on them.

I have to deal with its often inelegant solutions to automation and remote administration (seriously, at one point we had GUI "scripting"). Yes, they've built better tools than they had, but all those tools ever seem to do is demonstrate the old maxim; those that don't understand Unix are doomed to re-implement it badly. Even Powershell is just gawdawful hard to use, and while it's better than the collection vbscript files, batch files, registry files and the like that came before it, I still find the process of Windows scripting just dreadful.

Windows needs Bash and the standard Unix toolkit, badly. Yes, there might be some kludges here and there, but WTF is the registry but just a bunch of setting/value pairs in a hierarchy. We were using text-based tools ten years ago to manipulate it, building registry files or using CLI registry utilities. Binary data was a pain, to be sure, but most of the registry is all just plain text.

Re:So Let Me Get This Straight

[sjames]

PostgreSQL.

Re:So Let Me Get This Straight

MS has "innovated" on their GUI into a state that people rather use command line instead of it. It is funny, how even the official Microsoft tips nowadays tell people to press win-r and type some obscure command such as wgpocpl.cpl, instead of explaining how to do those magic gestures with mouse. It seems that MS has managed to hide or remove every advanced feature that even their own people can not find them anymore from GUI.

Re:So Let Me Get This Straight

Well actually it is the SSH you HAD 50 years ago. The other day I used SSH on a Windows box. It was like going back to the 1980's. No back space, no tab function, no arrow function. Better type easy and check you spelling there is no way to back out of a command. I'm glad to see SSH in Windows but could we have the 2000 model? Didn't they build this from OpenSSH? what version did they used version 1.2?

Re:So Let Me Get This Straight

You run Exchange and AD in your business, or you don't have an enterprise, because nothing else out there scales.

Zimbra and Samba4 seems to work fine in my enterprise?

Re:So Let Me Get This Straight

[Ash-Fox]

Full integration with Active Directory, for fine-grained permissions over all aspects of the mail/calendar system.

Have more in depth permission schemes in Zimbra actually.

For example, with Exchange and AD, I can create a distribution group, and delegate "ownership" of that group to a specific user, so they can add/remove users to that group. I can set that group to "open" or "closed", meaning users can either join it/leave it without owner approval, or not.

Can do that in Zimbra.

I can give an arbitrary user access to another users entire mailbox, or give them only permission to "send as" a different user, or distribution group.

Can do that in Zimbra, the sharing function are actually a much nicer set of ACL options than what Exchange/Outlook provides.

I can allow only certain users to send to specific addresses, meaning I can have a "My Entire Company" distribution group that only specific people can send mail to.

Can do that in Zimbra.

And then there are similar permissions/delegation options for calendars, and Public Folders, and even Skype for Business. If you have VoIP phone systems, and compatible phones, you can even access all of your mail/calendar/Skype messages from your phone.

You can do this in Zimbra, however for the VoIP stuff, you'll need a 3rd party addon (it exists, because I use it). As for the Skype for Business/Lync, I don't really know, but Zimbra has a built in instant messaging solution that works too.

I can set deletion and archive polices for each user, or a group of users. I can set mailbox size limits per user, or per group. I can create a "discovery search", meaning I can allow access to a user's mailbox, but only for mails that meet a specific search criterion.

Can do that in Zimbra.

And of course, there is a cottage industry of add-ons for Exchange to do a million other things. Mimecast, for example, allows automatic off-site archiving of all email (with an Outlook plugin to search the mail), and automatic failover to Mimecast's servers if Exchange goes offline.

Plenty for Zimbra too.

It's just endless. Exchange has no real competition.

Where Zimbra can't beat Exchange on is complete perfect integration with Outlook. It does however beat Exchange and Outlook on their offered functionality.

Re:So Let Me Get This Straight

So let me get this straight. Windows is getting the kind of terminal support *nix has had for nearly 50 years? Wow, I mean, how fucking innovative of MS.

Fuck fuck fuck.

I beg you pardon, but I'm only one to recall old words of wisdom, repeated many times over the decades:

Those who don't understand Unix will in the end implementing it later anyway -- though badly.

Re:So Let Me Get This Straight

MACS aren't real computers. They are extremely overpriced toys for clueless rich people who have more money than brains. They the the technology equivalent of the helmet worn by the retarded kid.

Re:So Let Me Get This Straight

That makes it sound better than it is. In my experience it is more like
this:

Every day a human logs in, and sometimes windows does something weird so
the computer needs rebooted or it is unusable for 5 minutes.

The he runs an Excel macro to generate a spreadsheet which causes a crash
once a week which most windows users consider not so bad because it doesn't
happen every day. He saves as a CSV file and loads into a third-party
program, which sometimes generates a RTF document, that needs to be
renamed to .txt and moved to a different folder for another program to find and
usually render into a PDF, which the human has to open and read the third line
on the fifth page to determine which managers need the report emailed to them.
Sometimes the program won't make it into a PDF and nobody knows why. The
vendor can't understand why anyone takes issue with it so the organization
that purchased it gave up along time ago because they have more important
stuff to do. The RTF generating program needs fiddled with every time
windows gets an update because even though everything it does could be
pretty well self contained it mysteriously uses a bunch of obscure low level
windows stuff that might even still be ok if they knew how to use it properly.

Re:So Let Me Get This Straight

[dbIII]

This one time, this one guy said something stupid. Therefore, Linux is better.

No, those half dozen times at least in as many different articles. Both things have it but he kept insisting that it was an MS only thing and linux had to "catch up". Amusing.

Re:So Let Me Get This Straight

[dbIII]

No. Just as MS Exchange is a suite with parts that do different things a different environment with LDAP and a mail transfer agent can also work together.
Sure you understand at least that much?
The truly amusing thing is in a thread about a third party addon for MS Exchange you seem to be demanding that I find a single application that provides everything the MS Exchange suite and it's addons can provide. How about we move away from marketing fiction and a bit closer to reality?

Re:So Let Me Get This Straight

[dave420]

So the linux implementation isn't nearly as robust and is terribly limited in scope. That's not a particularly good argument.

Re:So Let Me Get This Straight

[dave420]

So you are just flailing about trying to make an argument based on your personal recollections, extrapolating many poor arguments into an even poorer argument? Brilliant.

Re:So Let Me Get This Straight

[godefroi]

If you like NoSQL, but still want ACID... there is always MarkLogic.

I just threw up in my mouth a little. MarkLogic makes me think of ColdFusion.

Re:So Let Me Get This Straight

No, they were forced to do this to interoperate with UNIX. You see, MS isn't making any money so they're desperate... oh wait..

Re:So Let Me Get This Straight

I would hope so, since he certainly seems to be one of them

Re:So Let Me Get This Straight

so what happened to Sun?

Re:So Let Me Get This Straight

[dbIII]

An example is an example. In this case the fanboy had the fault and not either OS - so an example of that. What is your problem exactly?

Re:So Let Me Get This Straight

wow, this is a rare peek into internals and this made my (yester)day, sir!

i must admit i am quite impressed by the vast depth of the sh!t the console subsystem is/was in. one always suspected that the code will be old and hacky but this is equivalent of realizing that andromeda galaxy does not belong to ours

from now on, every time i'd feel like weeping due to nature of the software i am maintaining, i will read this blog and harden the bleep up :)

Re:So Let Me Get This Straight

The parent comment is a little confused. Both console and GUI were implemented in user mode in NT 3.x, with csrss.exe being the privileged subsystem that handled both drawing and console APIs. Remember NT was initially designed with ALL user APIs supposed to be directed through the kernel to privileged subsystems (originally Win32, OS/2, Posix), but that design got pretty warped along the way and is basically unrecognizable now beyond weird artifacts like this one. It wasn't until NT4 that the GUI was shoved down into the kernel for performance reasons (like supporting DirectX that was pushing Win9x to the front of gaming) that the split between console and GUI api paths became more crazy. The console was left up in user mode for a ton of bad-but-needed-for-backcompat reasons.

Re:So Let Me Get This Straight

[throx]

Where Zimbra can't beat Exchange on is complete perfect integration with Outlook. It does however beat Exchange and Outlook on their offered functionality.

That's actually the key to the differentiation of Exchange. Integration with Outlook means integration with Office and the incredible morass of Office Automation that large businesses tend to build over time. Just as there was never a drop-in replacement for Notes, despite the detractors (usually Exchange fanboys) listing similar bullet-point by bullet-point comparisons and declaring victory, it's the ability for the groupware platforms like Notes and now Exchange to pull together a wide array of communication and messaging activities through desktop application integration that really gives them the leg up and lock in when it comes to the Enterprise.

Zimbra is, for sure, an outstanding messaging and communication solution that when you break down the bullets on the standalone Outlook/Exchange combo fares extremely well. Ain't always that simple. :)

Re:So Let Me Get This Straight

[Ash-Fox]

That's actually the key to the differentiation of Exchange. Integration with Outlook means integration with Office and the incredible morass of Office Automation that large businesses tend to build over time.

I understand and completely agree.

Zimbra is, for sure, an outstanding messaging and communication solution that when you break down the bullets on the standalone Outlook/Exchange combo fares extremely well. Ain't always that simple. :)

Yeah, I have encountered that myself more times than I can count in companies I have consulted with. The type of companies I see using solutions like Novell's Groupwise or Zimbra etc. tend to be companies that mostly operate using Cloud services (like, through a webbrowser) interestingly enough.

To say Exchange and Outlook has no competition though is a stretch. It's just that when it comes to offering products that work best with Microsoft products... Microsoft products tend to win most of the time.

How about...

A good desktop/workstation UI to go with that? Windows is very quickly turning into a huge turd. I guess we'll all stay with Win7 until Linux becomes viable, or then move to Linux running most of our stuff in Win7 VMs...

Re: How about...

Try Mint Linux if you haven't already.

Pooh-Pooh all you want. This is great news!

[slacka]

For those of us that have no choice but to manage Windows and *nix boxes, it's a pain in the ass to have to context switch between RDP and ssh'ing. This will make our job much easier. Between all the open source software, github, and stuff like this, I love the new MS. Of course our real servers will always run FreeBSD.

Re:Pooh-Pooh all you want. This is great news!

[Billly+Gates]

SSH and docker support will get the MBA types who fear change and spending cash to consider Server 2016.

I would rather MS innovate than to just EOL good products instead.

SSH support will go everywhere including the MMC SNMP tools and not just powershell for remote work. FOr any organization with security in mind this will be a HUGE reason to upgrade. Sadly, since Server 2016 is already in preview 4 I doubt this will see hte light of day on that release. It will be 2018 with Server 2016 R2 before we see SSH everywhere undearneath including AD authentication.

But I can hope it will be part of Server 2016.

Re:Pooh-Pooh all you want. This is great news!

For those of us that have no choice but to manage Windows and *nix boxes, it's a pain in the ass to have to context switch between RDP and ssh'ing.

I RDP into a Windows server, from there ssh (putty) to a local Linux server, and use MochaX if I need to run a Linux gui tool. Maybe I'm missing something but it's the easiest and works well for me.

Re:Pooh-Pooh all you want. This is great news!

[WaffleMonster]

For those of us that have no choice but to manage Windows and *nix boxes, it's a pain in the ass to have to context switch between RDP and ssh'ing.

Remote shells for Windows have been available for decades. Hell I remember telnet server was included with NT net tools a lifetime ago. A lifetime before that directing command interpreter thru modem ports.

Multiple vendors offer ssh servers for windows and all of the unix shells have been ported to windows. Anyone who really wanted one would already have one.

This will make our job much easier. Between all the open source software, github, and stuff like this, I love the new MS.

You mean the Microsoft that thinks it owns the users computer and can force spying and updates on people unwittingly and or against their will? Yea real swell...

Re:Pooh-Pooh all you want. This is great news!

[slacka]

Remote shells for Windows have been available for decades. Hell I remember telnet server was included with NT net tools a lifetime ago. A lifetime before that directing command interpreter thru modem ports.... Anyone who really wanted one would already have one.

Remote shells? Yes! But SECURE, Remote shells? They have never had that built-in. I don't think you realize what a bad idea it is to communicate with you company's servers over plain text. And VPNs aren't always an option. I can always get ssh through, but I've been on plenty of networks that block VPNs. Not to mention needing additional VPN software and hardware key fobs. Give me pure ssh any day!

Re:Pooh-Pooh all you want. This is great news!

[slacka]

You mean the Microsoft that thinks it owns the users computer and can force spying and updates on people unwittingly and or against their will? Yea real swell...

Or you could just turn off both telemetry and updates, but that wouldn't give you anything to rant about. And by the way, if you turn it off, turn it off correctly. Please don't reply with some bullshit, tin foil hat wearing, MS hating blogger who can't follow basic MSDN documentation.

Re:Pooh-Pooh all you want. This is great news!

[Gadget_Guy]

Remote shells? Yes! But SECURE, Remote shells? They have never had that built-in.

Powershell's remote shell is secure, and that is built-in to Windows.

Re:Pooh-Pooh all you want. This is great news!

Are you blind or something? Did you not read the post the other day about THIS EXACT THING?
NO, turning of telemetry DOES NOT stop sending ALL telemetry. It just lessens the amount it does send.
Or for being more tinfoilhatty, it just PRETENDS to not send it.

Re:Pooh-Pooh all you want. This is great news!

[guruevi]

But why in the hell do you want to shell out thousands of dollars on Windows Server ($6k or so to run unlimited virtualized environments?) for something that runs perfectly fine on (free) Linux.

Re:Pooh-Pooh all you want. This is great news!

Wow, you are fucking naive. I bet you also support NSA spying because "terrists".

Re:Pooh-Pooh all you want. This is great news!

[Anne+Thwacks]

Because Microsoft!

Re:Pooh-Pooh all you want. This is great news!

Mainly tools. VMWare and Hyper-V have a princely cost... but they come with tools, and the expertise to obtain people who know how to use them is pretty easy to get. OpenStack has a lot of promise, but it really isn't there yet, especially with features that the enterprise wants/needs like vMotion [1]. OpenStack also cannot be brought into compliance with PCI-DSS, or other standards as of Liberty/Mitaka, which makes it worthless for a lot of uses.

The ironic thing is that Oracle has their own virtualization technology with VirtualBox... and all they need to do is make a L1 hypervisor with that with various tools to manage it, and they would kick VMWare to the curb, provided their licensing fees were reasonable.

[1]: Yes, pets/cattle is a buzzword, and it works well for things like static web servers that keep synced via Varnish/lsync... but there are things like Oracle RAC which cannot really be Docker-ized.

Re:Pooh-Pooh all you want. This is great news!

[Hadlock]

It's probably an R2 feature, so right, 2018. I can't possibly see them shoe horning something as foundational as SSH in to Windows at the last minute and expecting it to be secure and with low overhead.

Re:Pooh-Pooh all you want. This is great news!

[bloodhawk]

tools and management. The licenses are a pittance compared the cost of the hardware and the peoples time running them.

Re:Pooh-Pooh all you want. This is great news!

[WaffleMonster]

Remote shells? Yes! But SECURE, Remote shells?

Everyone used telnet at the time.

They have never had that built-in. I don't think you realize what a bad idea it is to communicate with you company's servers over plain text.

As I said in the text you didn't bother quoting multiple vendors offer ssh servers for windows. Anyone who wants ssh access to windows already has it. What does it matter if it is built in or not?

Re:Pooh-Pooh all you want. This is great news!

[Billly+Gates]

It is $6,500 plus per core cpu costs for VMWare. Hyper-V comes free with the server license

Re:Pooh-Pooh all you want. This is great news!

[Bert64]

Your losing a lot of the flexibility and security of SSH by doing it via RDP, eg if your using key based auth then your key must be stored on the rdp host, and you can't pipe stuff back and forth to your local machine..
Also, putty is pretty dated when it comes to encryption ciphers it supports, so you need to maintain a weak ssh configuration on your hosts.

Re:Pooh-Pooh all you want. This is great news!

If it's built in, it means I don't have to wonder whether or not I remembered to install it on that new server I set up yesterday.

Re:Pooh-Pooh all you want. This is great news!

The ironic thing is that Oracle has their own virtualization technology with VirtualBox... and all they need to do is make a L1 hypervisor with that with various tools to manage it, and they would kick VMWare to the curb, provided their licensing fees were reasonable.

I work for Oracle, and I don't understand this any better than you do. All we hear from PMs is that we have to support running our products inside VMs, and "VMs" *always* means "VMWare VMs". They don't appear to give a shit about their own virtualisation product, even though we all use it ourselves and think it rocks. Talk about a disconnect...

Re:Pooh-Pooh all you want. This is great news!

[Zontar+The+Mindless]

You mean the Microsoft that thinks it owns the users computer and can force spying and updates on people unwittingly and or against their will? Yea real swell...

That would be the Microsoft that lets you pay for the system, then purports to rent it back to you, hoping you'll not notice, yes.

Re:Pooh-Pooh all you want. This is great news!

[AmiMoJo]

Because $6k is s small change compared to the cost of a few admins familiar with Linux. There are far more admins familiar with Windows, so you can pay them less, so your $6k is saved in a few months max.

Oh, and there is the option to move your virtualized servers into the cloud. Microsoft makes it really easy to migrate, or just buy extra capacity from Azure. I'm sure there are people offering something similar for Linux, but you can bet it's not as good.

Re: Pooh-Pooh all you want. This is great news!

Azure IS for Linux you damn troll amateur!

Re:Pooh-Pooh all you want. This is great news!

Can you configure it so you can only connect if you have a proper private key/certificate but not with you normal login? I think yes, but it's a pain and not the default. Note: I don't think you can count password-based login even remotely secure nowadays. Locking your account after too many wrong tries just means your have a massive DoS vulnerability instead.
Also still the issue that I can't get a PowerShell client on my Linux machine, on the OSX laptop, on my phone, on my tablet, ...
The syntax is also a real pain. Someone learned from the git school of command line interfaces: Always hide the behaviour that anyone sane actually wants behind lots of options. Never make useful behaviour the default.
(I mean seriously, why doesn't just "NewPSSession " work??)

Re:Pooh-Pooh all you want. This is great news!

Hardware? The ironic thing is that the biggest reason why I've seen some places keep and maintain a SPARC Oracle RAC cluster is due to Oracle's licensing. Licensing a SPARC CPU meant a lot more bang for the megabuck (and with Oracle DB servers, I'm talking seven digits) as opposed to x86. Same with POWER. It actually is cheaper to have those architectures in place compared to x86 because of Oracle's licensing.

On a different note, Oracle reminds me a lot about Symantec. A lot of cool technologies, but they just never use them. Oracle can be out there slashing VMWare's throat just by throwing a few devs at VirtualBox, adding features to compete with VMotion, HA, and fault tolerance, and charging significantly less for license fees. If Oracle does this, they will actually get businesses who are tired of AWS's costs moving their stuff back in-house because it would be cheaper overall [1]. Heck, Oracle could put VirtualBox into the x86 BIOS/UEFI so machines can ship ready to go with just a minimum of provisioning needed and a hypervisor ready to go.

With ownership of the entire stack from the hardware on up, Oracle could even make dedicated boxes optimized from the ground up for compute node work, or add Infiniband (a la EMC Isilons), and this would allow for drives to be added to one node, expanding the space on all in a cluster (with redundancy across nodes and drives baked in.) A SAN would still be needed, but it would give a tier of relatively cheap drives available as an alternative.

Wish Oracle would do something with all the cool stuff they have. It would earn them more money in the long run.

[1]: Yes, AWS is great for peak load, but someone has to pay for those servers, somewhere.

Re:Pooh-Pooh all you want. This is great news!

[thegarbz]

Does Exchange run on Linux yet?
What about Sharepoint?

Re:Pooh-Pooh all you want. This is great news!

[Megol]

I don't but I support shooting irritating anonymous cowards!

Re:Pooh-Pooh all you want. This is great news!

Thank you Bert64. I'm only a part-time admin, despite many years of schooling, and there's a bit much to keep up with. And I've inherited this thing, along with people (only a few) accustomed to using putty.

Not using key-based auth, but am using IP blocker based on pw guessing (seems to work). I've thought about key-based auth, but that limits me if I need to log in from some random place and don't have keys with me. If I keep keys with me, they can be stolen.

I'm no fan of MS, but RDP lets me "see" local hard disk (etc.) on remote system. I rarely need to move files back and forth, and mostly use "clipboard" for small stuff (RDP passes "clipboard" too.)

Bottom line: nothing I'm doing is important enough for me to get hyper-crazy about data security. No personal data, no secrets, etc., but I will look into putty, encryption ciphers, etc. Thanks again!

Re:Pooh-Pooh all you want. This is great news!

[guruevi]

Can you pay Windows sysadmins minimum wage? Wherever I look, I don't see 120k/year difference in wages (I assume a full time sysadmin would have to handle at least 10, if not 100 servers). And a sysadmin that just knows Windows is a bad sysadmin, I would never hire someone that is a one trick pony.

Re:Pooh-Pooh all you want. This is great news!

[guruevi]

Sure: OpenChange, Zimbra can pretty much drop-in replace Exchange. For Sharepoint, there are plenty of wiki's and document management systems around, Sharepoint isn't even the best (or most used) at it.

Re:Pooh-Pooh all you want. This is great news!

[thegarbz]

OpenChange, Zimbra can pretty much drop-in replace Exchange

Yep, every time I've heard something like that it has ended in tears. Exchange remains a killer app with no real comparison. It's not an email server, it's a complete communications hub which puts the company in control of email management and policy.

For Sharepoint, there are plenty of wiki's and document management systems around, Sharepoint isn't even the best (or most used) at it.

Wiki? Sharepoint isn't a wiki or a document management system. It's an all things to all people behemoth that people use to run their entire companies. As soon as someone hears that it integrates with SAP that's the end of it. In terms of flexibility it's the best thing out there. A true nasty piece of shit to get working and to use, but quite frankly still a killer app for any business that uses it.

The biggest thing you're missing is the end users. The point of the Windows server ecosystem isn't that it provides some servers, it's that it seamlessly integrates with end user apps in ways only Microsoft can (because Microsoft control those end user apps).

Re:Pooh-Pooh all you want. This is great news!

Don't forget you need a Windows Box to MANAGE VMWare's linux based hyper visors too.

Brilliant move to break encryption

[nashv]

This, friends is how you break SSH security.

You use Windows to SSH , and Windows 10 "telemetries" to Microsoft, thereby given them access to the encrypted traffic. What do you call this strategy where you fool people into initiating secure communications on an insecure device?

That's cool

If you don't mind MS probably storing your command history just like everything else you do on their OS that it phones home about. This is why I use a mac, fantastic developer and general use platform without the spying. The few spotlight phone homes are easily disabled.

Windows 10

But, who really actually cares for Windows 10? o:

Windows 7 is where its at.

Re: Windows 10

[spectrum-]

A lot of people clung to XP up to the end too. Some even pay to keep it supported by MS or third party. But all OS have a usable lifespan in normal home or corporate implementations.

Re: Windows 10

Clung paste tense? No, still clinging to. Most of our customers have mission critical apps that won't run on Vista or newer. Microshit has done a very poor job wrt backwards compatibility. When an open source product like DOSBox can do a better job of running much of your software, they should be embarrassed. With nearly 120,000 employees, they should be ashamed that a small project beats them so badly.

Re: Windows 10

"DOS ain't done till Lotus won't run" seems to still be a corporate goal here. Backwards compatibility isn't one of the important goals, and in some cases, incompatibility is the goal. I'm ashamed to have not quit yet, but my wife has liver cancer and the insurance is great.

Incompatibility has been our goal for a long time:

https://en.wikipedia.org/wiki/AARD_code

Caldera filed that lawsuit the week I started.

Re: Windows 10

I'll never understand why people invest in software from a company that has a 20+ year history of intentionally breaking backwards compatibility.

We have 37 programs we use that our internal IT supports. Less than ten of them will run in Vista or newer. About half of the ones that don't work on Vista run fine in DOSBox. How is a tiny project so much better than a company with over $300 billion in market cap?

Re: Windows 10

Because they don't care or even try.

Re: Windows 10

[ChunderDownunder]

DOSBox?

Microsoft stopped shipping MSDOS (via Windows Millennium Edition) a long time ago. If you've had 15 years to transition off DOS and Win16 applications that worked only via a compatibility mode of XP then I don't think you can blame MS for not giving your customers ample time to update.

Re: Windows 10

DOSBox is a great project with talented contributors so of course they can outdo a corporation that hires mediocre developers.

Re: Windows 10

Every Windows upgrade the past 15 years has been a disaster wrt backwards compatibility. I don't understand why some people still expect Microsoft to improve.

Re: Windows 10

This. No one in their right mind would work for them since they hired John Thompson to run the company. Just look at what he did to Symantec.

Re: Windows 10

Because the myth that they try still persists despite all evidence otherwise.

Re: Windows 10

He was handpicked by Pelosi to be on the Financial Crisis Inquiry Commision. I don't understand why Microsoft decided to so closely tie themselves in with Pelosi.

Re: Windows 10

So we should throw away things that work perfectly fine just because they're old? I guess you don't use vi.

Re: Windows 10

[Gadget_Guy]

Backwards compatibility isn't one of the important goals, and in some cases, incompatibility is the goal.

And yet the link you supplied to support this theory states that the AARD code only affected a particular beta version of the operating system. That situation was more about targeting tests than lack of backwards compatibility.

A lot of code that stopped working (for example in the change to Vista) was because the developers did things that were outside the published API and often specifically discouraged by the official documentation. Despite what a lot of people say, Microsoft does work hard to ensure backwards compatibility. I have been able to run programs written for Windows 3.1 on my Windows 7 system. It would probably work on the 32-bit version of Windows 10 too, but I haven't tested that.

Re: Windows 10

[ChunderDownunder]

No but I wouldn't expect a company to indefinitely support a compatibility module for a technology that they haven't actively developed for over 2 decades. I don't hear anyone complaining in 2016 that OS X won't natively run Mac OS 7.1 applications from the early 90s.

Re:Windows 10

[sonamchauhan]

Exactly! Using Windows 7 Pro at home and at work here.

Re: Windows 10

[Bert64]

Microsoft try very hard to retain backwards compatibility, and there are all kinds of nasty hacks for that purpose...
The problem is that many things in windows were just so poorly designed that improvements can't really be made without breaking compatibility, scroll up and look at the post about console windows for instance.

Re: Windows 10

[Ash-Fox]

I guess you don't use vi.

Why would you use vi instead of vim?

Re: Windows 10

[Ash-Fox]

Every Windows upgrade the past 15 years has been a disaster wrt backwards compatibility

Most applications seem to be running fine here?

If you want to see a few decades of disaster (or lack of) with backwards compatibility though... Just look at OS X.

Re: Windows 10

Holy crap just replace that software with something modern.
I bet you are not still running the same light bulbs that your company had in the building when that software was installed.
Shit changes, move on.

Stuff that matters

This is.

Welcome to 1984 Microsoft

That was the first year I started using xterm. It's amazing how a company with almost 120,000 employees takes over thirty years to catch-up to open source.

Re: Welcome to 1984 Microsoft

It's amazing how a company with nearly a $100 billion in revenue a year just can't make new products.

Re: Welcome to 1984 Microsoft

They don't want to try. New products are expensive while milking everything out if an even bad product can be profitable.

Re: Welcome to 1984 Microsoft

The vast majority of competent employees left here long ago since they made enough in stock options that they could afford to not put up with the younger mediocre people here.

Re: Welcome to 1984 Microsoft

Still though, the idea that Windows is getting a native ssh client is 1984 kind of scary as well.

Just imagine all the possibilities...

Don't care. Will not install Windows 10.

Microsoft is about to kill itself. Ordinary users are asking me about Linux. In the 90s, I heard my hairdresser talk about MP3s to another customer. I knew then that MP3s had arrived in the mainstream and were not going to go away. And now people ask me about Linux.

Microsoft screwed up Windows 8, 8.1 and 10. If they end support for Windows 7 before they have something that could replace Windows 7, Microsoft is toast. Without their lock on the desktop, all their other products, first and foremost their Office products, are wide open to disruption. It will not be pretty.

Re:Don't care. Will not install Windows 10.

you are a fucking moron

and Mp3's died like a decade ago, no one wants to manage that shit when they can just click on pandora

When?

[ChunderDownunder]

Still running the general release 10240 build.

Allegedly there was some November update that was aborted.

Pity there isn't a -1 ; Conspiracy Theory mod

[Sycraft-fu]

Slashdot needs ones. Seriously, for a community that claims to hate FUD, the OSS types sure like spreading it when it is about the "right" groups. If you actually care about what kinds of things the telemetry communicates back at various settings, the information is all out there for you. No, SSH data isn't one of them. However I am going to imagine you don't, and this is just crap you want to fling at "the bad guys" because you can.

Also a thought for you: Your OS, by definition, has access to anything any program on the system is doing. What would stop it from looking in at any 3rd party SSH server you ran, if you think it does that?

Re:Pity there isn't a -1 ; Conspiracy Theory mod

"Also a thought for you: Your OS, by definition, has access to anything any program on the system is doing. What would stop it from looking in at any 3rd party SSH server you ran, if you think it does that?"
*My* OS doesn't send data off to 50 different IP addresses when I've disabled all the phone-home settings (e.g. looking for updates, setting time via NTP, etc). I can't say the same for the latest batch of MS products, and I can't tell what in the holy hell the purpose for these 50 odd connections is. So while it is *technically* possible for some 3rd party SSH to do this, I could tell if it were since I can eliminate any variables. With Microsoft and the 50 fucking IP addresses of fuck-knows-what, I have to take it on blind faith that it's *not.*

Re:Pity there isn't a -1 ; Conspiracy Theory mod

[sonamchauhan]

You: "I'm your new owner, don't call home"
Windows 7 et al: "OK"
  "Hmm... it obeyed me"

You: "I'm your new owner, don't call home"
Linux et al: "OK"
  "Hmm... it obeyed me"
  "Hmm... its meant to obey me"

You: "I'm your new owner, don't call home"
Windows 10: "OK, jump through these extra hoops"

  "No, not obeying me"

Re:Pity there isn't a -1 ; Conspiracy Theory mod

telemetry communicates back at various settings, the information is all out there for you.

Where? Where is the specific information? The Microsoft Privacy policy is so vague it is laughable.

Re:Pity there isn't a -1 ; Conspiracy Theory mod

[Ol+Olsoc]

telemetry communicates back at various settings, the information is all out there for you.

Where? Where is the specific information? The Microsoft Privacy policy is so vague it is laughable.

You have a Donald Trump Level of denialism, coward.

Re:Pity there isn't a -1 ; Conspiracy Theory mod

You: "I'm your new owner. Don't call home."
Windows 10: {spews telemetry across the network anyway}
pfSense: "Denied."
Microsoft: "I feel a disturbance in the advertising revenue. It's as if millions of installations of Windows 10 phoned home all at once and were suddenly silenced."

Re:Pity there isn't a -1 ; Conspiracy Theory mod

[nashv]

Please point me to the place where the information where Microsoft provides the detailed information about what telemetry data is collected. I don't think you can because I've checked and such a document does not exist. It is not 'out there' and while I only present a hypothesis, you are simply factually wrong (aka full of shit).

>Also a thought for you: Your OS, by definition, has access to anything any program on the system is doing. What would stop it from looking in at any 3rd party SSH server you ran, if you think it does that?

Exactly. The point is that it shouldn't be doing anything remotely close to that. And with Windows, I have no way of knowing if it is. You just supported my point.

Re:Pity there isn't a -1 ; Conspiracy Theory mod

[penguinoid]

FUD is only a bad thing when it is manufactured artificially with no regard to truth. Vaccines causing autism, preached by someone selling a "safer" alternative? FUD. CO2 increasing average global temperatures? Uncomfortable truth. A little CO2 might cause the collapse of civilization/end of the world? FUD.

Re:Pity there isn't a -1 ; Conspiracy Theory mod

And you are avoiding the question, Olsoc.

Re:Pity there isn't a -1 ; Conspiracy Theory mod

I don't think you can because I've checked and such a document does not exist. It is not 'out there' and while I only present a hypothesis

Did you search your video library, same up ampty handed and concluded that such a document does not exist? If you had looked in the "feedback & diagnostics" options, a link exists to this document:

http://windows.microsoft.com/e...

Yes really, you are a confirmation-bias idiot who is so convinced of the conspiracy that you feel that you do not even need to check your claims.

BTW, the document (and related documents) also tell you what the collected data may be used for (i.e. product improvement) and who may look at it.

Re:Pity there isn't a -1 ; Conspiracy Theory mod

[Ol+Olsoc]

And you are avoiding the question, Olsoc.

No avoidance at all, I'd provide you a link, but I can only access that on my W10 computer. They might block it from other browsers/OS'. They say they collect information about you, and say they collect keystroking. If that doesn't say keylogging to you, your Check is waiting for you.

Re:Pity there isn't a -1 ; Conspiracy Theory mod

Looking at the privacy statement in the tech preview they say "when you input text, handwrite notes or ink comments, we may collect samples of your input to improve these input features, (e.g., to help improve the accuracy of auto-complete and spellcheck)." Are you really going to pretend you don't understand what that means?

They also go on to say "Microsoft takes measures designed to prevent the collection of email addresses and passwords, and numeric sequences such as phone numbers and credit card numbers." Now you can play the conspiracy theorist card if you want and argue about how it's "vague" but the fact is they aren't going to be specific and supply a "war and peace"-length document detailing exactly where and how these things are used but ultimately they would still have to worry about litigious tin-foil-hatters finding a mistake in it and suing them over it.

Ultimately if you're that paranoid then just don't use it.

Re:Pity there isn't a -1 ; Conspiracy Theory mod

Conspiracy theorists thrive on vaguaries. If something is omitted (or not explicitly specified) then the contention is that this is a deliberate attempt to mislead people, of course the conspiracy theorist is more enlightened than most and will not be misled, the lack of evidence is evidence itself! How do we know systemd isn't a Redmond plot to destroy Linux? How do we know the government isn't covertly run by crab-people?

You know damn well that even if they enumerated every possible entry point for telemetry capture and every possible procedure and use-case for the data these people would still not be satisfied.

What good is SSH when there's no security?

[kheldan]

When Windows 10 doesn't in the least respect your privacy, what's the point of even having SSH capability? It'll just capture all your keystrokes and everything else and report it all to Redmond anyway. Are they even bothering to do this so you can't capture the packets it's sending to it's corporate masters, so you won't be able to tell precisely what data they're stealing from you?

Re:What good is SSH when there's no security?

Cool down a bit. It would be scandalous if Windows was actually sending your keystrokes to Redmond.

Re:What good is SSH when there's no security?

[kheldan]

Hey, buddy, don't come crying to me when you come home one day and discover that Clippy has gone through your underwear and sock drawers, neatly folded and organized all the above, discarded the ones with holes in them, ordered replacements, and emailed you a recommendation for brands of non-chlorine bleach to get those nasty stains out of the crotch of your tighty-whities.

Re:What good is SSH when there's no security?

[kheldan]

Microsoft is the troll here, NOT ME! Will someone please boot the Microsoft shills off the site or something?

cygwin

[dltaylor]

I needed that functionality on Win 7, along with other tools.

Dropped Cygwin onto it, and it works pretty well.

http://cygwin.com/

Re:cygwin

[GeekBoy]

And you can get a bash shell.....

SSH into windows to get a powershell? No thanks.

Re:cygwin

Cygwin fucking sucks

Re: cygwin

It sucks AND it works pretty well.

Meet Shino, the Surveillance Turd

I wouldn't trust Microsofts SSH implementation, it seems every new day reveals some surveillance feature. From disks that encrypt, but send off the password to Microsoft, to Telemetry that continues to send data to UK servers (which is in the grip of GCHQ mass surveillance), even if you opt out.

So what would their SSH server do? Backup passwords to Microsoft? Clone the stream to a UK server?

Re:Meet Shino, the Surveillance Turd

[Lennie]

The implementation of OpenSSH will use the Windows encryption libraries and random number generator, just like their implementation of SSL/TLS used by their webserver and browsers. If you are using Windows, a least some lof of the time you'll probably using at least one of those. Even if it's just to retrieve and verify Windows Updates.

So if you don't trust those... why would you use Windows in the first place ?

SVR5 or Cygwin

I run Cygwin on a 2008 R2 server and it does what I need.

If M$ has kept xterm et al uptodate in the background then that is a good thing. But, suspicion, a butt load of patents just folded over to M$ and gave them SVR5, then I guess, if I buy, then I have to debug every thing, 25 years worth, all over again.

At this year, I will not live long enough to debug SVR5, again. OH! Why not cp everything I did! M$ has a very naughty reputation of making, slight-of-hand, changes and not documenting them! I do not have time left to do the documentation and debugging all over again.

Yes, we are still a long way from Mars

[Provocateur]

isn't the same as either cmd.exe or powershell.exe, but there is a lot of overlap in functionality

Sorry, Major Tom, we have a long way to go
when we still have to apologize for their efforts.

It has been an interesting journey, Ground Control.

Another Dimension

[Etherwalk]

Pity there isn't a -1; Conspiracy Theory mod

Modding should really be happening along more than one dimension. With a nerd crowd you could easily have multiple scoring systems side-by-side. For example, a 543 might be 5 (insightful or informative), 4(funny), 3(mainstream v. conspiracy). Someone can have an insightful comment that is a bit conspiracy theorist--like most accurate comments about spying that would have been made pre-Snowden, for example.

Re:Another Dimension

you just blue my mind

For some definition of 'forward-looking'

[Junta]

I applaud them finally embracing a sensible remote shell strategy. I recall many heated debates where MS would say all sorts of nasty things about ssh.

However, I can't say that implementing decades old terminal function and ssh is 'forward looking'.

Re:For some definition of 'forward-looking'

[arth1]

Didn't they already do this, though?
I seem to remember that Microsoft Services For Unix (SFU) had an optional ssh component too.

Holy Back Orifice Boys!

Reading these comments I can see you pushing your glasses up higher on your nose right after you hit that post button. Calm down.

Windows 10 Tablet Crashes when I unplug it

Every time. Boom. Crash.

On the plus side, the clock is keeping time now. And the WIFI re-connects too!

  A couple more years and it will be ready for business!

Meh, probably not a full implementation

I suppose the Windows native implementation of SSH will be sufficient for remote shell access but I doubt they will bother with all of the nice features like reverse tunneling. Corporate firewalls are a huge PITA when you have to partner with multiple organizations whose IT departments won't open any incoming ports and SSH is one of the best ways around all of that shite, IMHO.

A famous old quote comes to mind

Those who do not learn from Unix are doomed to re-invent it.... poorly.

Maybe next decade they will let more than 2-3 folks login via RDP at once without paying Citrix or MS buku bucks, but I don't want to go crazy here. They almost have all the features of LVM in their new storage model, now also... almost. Maybe in the 2020's they'll port over an ancient copy of ZFS.

Fuck MS they cannot be forgiven for previous skulduggery. I can see all the MS Powershell hipsters patting each other on the ass for this, but I could give a fuck what 20-40 year old features they are finally able to reproduce.... poorly.

Hey wait

It isn't even April 1st yet! This has got to be a joke. If not,they would have embraced and extended Wayland by now.

Windows Is Dead.

Windows Is Dead.

but why ?

[steveoc]

Not sure why anyone would care ... the whole "Windows 10 experience" is such a horrific platform to try and do any work done on ... fixing the shell is a noble step indeed, but there are so many other show stoppers on that system, that its just a drop in the ocean.

Re:but why ?

[modmans2ndcoming]

Like?

Re:but why ?

[thegarbz]

Why? Putting all the privacy shit aside I don't see Windows 10 any different for getting work done than Windows 7. Both of which have the edge over Vista with better window handling.

There's a lot of things to complain about on Windows 10, getting work done on it is not on that list.

Fifteen mentions of Windows on the front page ..

[tetraverse]

Fifteen mentions of Windows on the front page. Is this how slashot is going to re-connect with the technology sector?

FORWARD looking?

[tigersha]

OpenSSH came out in 1999. We are now in 2016. Which means Windows in 17 years behind the curve. When OpenSSH was available for BSD Windows ME was the new hotness and Windows 2000 did not exist yet, never mind XP and 7.

What part of "Forward" am I missing?

Re:FORWARD looking?

[Ash-Fox]

I've had OpenSSH running on Windows for many, many years now. I don't know what your problem is?

You have to laugh

[simpz]

When Windows NT first made an appearance all the Unix people were told your obsession with terminals is so outmoded that we haven't put support into NT.

I think the Unix guys are getting the last laugh...

Re:You have to laugh

[modmans2ndcoming]

Then Microsoft grew up and became a completely different company that values the needs of their enterprise customers.

Windows 10 is spyware. Who cares ?

Who gives a fig what Windows 10 can do ? It's spyware. Only an idiot would use it.

I hope it has a lot of features

[modmans2ndcoming]

If it is feature-ful enough to complete with the 3rd party terminal clients companies could save a lot of money when they migrate to windows 10.

Windows has native sshd, Linux has Systemd.

[See+Attached]

Windows will get a boost, and Linux gets generified?

Re:You have to laugh - Absolute bullshit.

Microsoft "grew up"?

What does that even mean?

Your premise is absolute bullshit.

VT*/ANSI != xterm

Do you even know what xterm is?

forward looking....

[The_Revelation]

I'm not sure if the Powershell team could ever be considered 'forward looking' if all they ever manage to do is port more parts of *nix into Windows - I mean, thats all Microsoft does. "How can we make Windows 3.1 more like *nix?". At the same time they appear to pull in both directions "easier to use, touch interfaces, tiles-the-size-of-your-face" all the way over to "Windows version without GUI, poorly documented proprietary CLI with invisible dependencies".

I think if the Powershell team were forward looking in the slightest, they would have implemented SSH has the base of powershell, and created powershell commands into that environment, rather than deploying Powershell as it is, which is a bastardization of bash that duplicates the functionality of Open SSH with a stack of proprietary WMI instrument abstractions. In fact, I'd go a step further, Microsoft. Either fire the Powershell team, or ditch the Open SSH effort, because the two environments are not necessary, and I can only predict that it will expose more attack surface rather than providing a useful management interface.