The saddest part is that there wasn't anything cool implemented on OS X since Snow Leopard. I'm talking about things like Grand Central Dispatch, Time Machine, ZFS (although it didn't worked out), OpenCL and whatnot. They just keep adding more and more Facebook and Twitter fagotry nowadays and it keeps getting worse like removing RSS from Safari.
Squid works fine with Kerberos and AD authentication. And since Vista and Windows 7 are a pain to setup Proxy authentication on Squid ntlm_auth most people should be using Kerberos or digest right now.
But I still have all my MobileMe services available on iCloud. My mail, my contacts and everything else are still there. All except idisk which I didn't used anyway and they've warned a year before closing it down. They also offer me free 25GB instead of 5GB of standard iCloud because of my old MobileMe account.
I've forgot to add this funny piece of information:
SuSE Linux Enterprise SP2 doesn't support ext4. It will mount ext4 volumes as read only in order to facilitate migration from ext4 to supported file systems including BTRFS.
You don't need to actually use Facebook. Just connect Pidgim, Adium or wathever client you use to the service. You can even use OTR if you are paranoid.
As far as I can tell the policies that can be set through the GPMC console are equal or better than those on a Windows 2003 server so I think you should give a good look at it. All those more cheesy policies I've checked like desktop settings and restrictions, package installation and more are there.
I don't know if you can edit the password settings through the "Domain Security" MMC but I'm not saying you can't either. The "samba-tool" command however allows you to set password policies.
Again, go look at it. Even if you are not planning to use it because its an interesting experience. I'm not saying that OP should use it because its still in release candidate stage but it will become a great piece of software when they release a stable version.
It works like a charm and it helps a lot on pure Novell environments that need Active Directory because of a certain software or operating system. With Novell-CIFS it even respects the trustee control lists.
And then there is the PAC on Kerberos. I've read that the Samba team decided to implement their own internal LDAP and Kerberos systems because it would require so many modifications and patches on existing and stable projects that no open source project would want to maintain just because of Samba.
"That's right: the directory itself as well as a DNS server are components to Samba 4. IMO, this is the biggest mistake"
The DNS is needed for Kerberos (for Windows at least) and other Active Directory features like GPO.
"The DNS server is not BIND compatible and will not take a zone transfer, and doesn't even do reverse records yet (not properly, at least)."
What? Of the 3 DNS implementations of SAMBA4 2 of them use Bind. One is a DLZ plugin and the other is a flat file generated by samba. Both need to be included on the named configuration file AND accept configuration of the zone through the MMC console on Windows. The third option uses an internal and very simple DNS server.
"I've been a follower of Samba 4 since I was in college, and that was close to a decade ago."
Sorry but based on the assumptions above you either didn't expressed your point well or you are lying.
"it just won't be possible without making a huge mess of things due to a pre-existing DNS system which won't be able to be fully compatible."
If you use the DLZ plugins or the flat file scheme you can just make a separate zone for AD. I haven't checked the scripts that are suposed to migrate a Samba3+LDAP structure to SAMBA4 but you could provide something regarding DNS related tasks to the script if they aren't already there.
Tell me that when you have to really use that "LDAP" thingie on your Windows server to provide authentication and directory services to external applications. Because you are probably using it as a glorified NT4 Domain.
You can build the structure with LDAP, Kerberos and SAMBA with a bit of work. There are tools to simulate the group policy functionality or you can just script it.
If you want to pay, there is Novell Domain Services for Windows which is included on the NOWS suite and its stable. It runs on top of SuSE Enterprise.
Slashdot Mirror
By the way its one of the few Unices that I operate nowadays that have crappy NFSv4 and Kerberos support.
And I'm not even talking about what they've did to their server operating system.
OSX is good, but it's in decline if you ask me.
The saddest part is that there wasn't anything cool implemented on OS X since Snow Leopard. I'm talking about things like Grand Central Dispatch, Time Machine, ZFS (although it didn't worked out), OpenCL and whatnot. They just keep adding more and more Facebook and Twitter fagotry nowadays and it keeps getting worse like removing RSS from Safari.
Its all about using Facebook from Starbucks.
Weirdest thing is that SuSE Linux Enterprise Desktop has the best Gnome configuration I've ever use.
I would kill to have some mod points to mod up this fellow AC who have read past the first book of Dune.
Dude... calm down. People who write "M$" may be childish or just repeating an overused joke but on the other side you are trying too hard.
Squid works fine with Kerberos and AD authentication. And since Vista and Windows 7 are a pain to setup Proxy authentication on Squid ntlm_auth most people should be using Kerberos or digest right now.
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos
Do it! Report the results.
But I still have all my MobileMe services available on iCloud. My mail, my contacts and everything else are still there. All except idisk which I didn't used anyway and they've warned a year before closing it down. They also offer me free 25GB instead of 5GB of standard iCloud because of my old MobileMe account.
I've forgot to add this funny piece of information:
SuSE Linux Enterprise SP2 doesn't support ext4. It will mount ext4 volumes as read only in order to facilitate migration from ext4 to supported file systems including BTRFS.
https://www.suse.com/releasenotes/x86_64/SUSE-SLES/11-SP2/#fate-306585
http://www.novell.com/documentation/oes11/stor_posixvol_lx/?page=/documentation/oes11/stor_posixvol_lx/data/posixvol_new_oes11sp1.html
I think there is the possibility that they might be planning to replace NSS on Open Enterprise Server with BTRFS.
X over SSH is a real pain to use over internet. Not that I'm recommending Splashtop.
Have you checked freenx?
I know that a lot of people working on NASA doesn't use Windows.
And then there is this talk again about people replacing email with something.
You don't need to actually use Facebook. Just connect Pidgim, Adium or wathever client you use to the service. You can even use OTR if you are paranoid.
As far as I can tell the policies that can be set through the GPMC console are equal or better than those on a Windows 2003 server so I think you should give a good look at it. All those more cheesy policies I've checked like desktop settings and restrictions, package installation and more are there.
I don't know if you can edit the password settings through the "Domain Security" MMC but I'm not saying you can't either. The "samba-tool" command however allows you to set password policies.
Again, go look at it. Even if you are not planning to use it because its an interesting experience. I'm not saying that OP should use it because its still in release candidate stage but it will become a great piece of software when they release a stable version.
But there is GPO support on SAMBA4. You can even manage them remotely through GPMC on a Windows computer.
SAMBA4 implements GPO and so a lot of other systems that are not "AD" like Zenworks.
It works like a charm and it helps a lot on pure Novell environments that need Active Directory because of a certain software or operating system. With Novell-CIFS it even respects the trustee control lists.
"Or can Samba4 do Group Policy?"
It does.
And then there is the PAC on Kerberos. I've read that the Samba team decided to implement their own internal LDAP and Kerberos systems because it would require so many modifications and patches on existing and stable projects that no open source project would want to maintain just because of Samba.
Bind options are still there. You just need to know how to "./configure --help".
"That's right: the directory itself as well as a DNS server are components to Samba 4. IMO, this is the biggest mistake"
The DNS is needed for Kerberos (for Windows at least) and other Active Directory features like GPO.
"The DNS server is not BIND compatible and will not take a zone transfer, and doesn't even do reverse records yet (not properly, at least)."
What? Of the 3 DNS implementations of SAMBA4 2 of them use Bind. One is a DLZ plugin and the other is a flat file generated by samba. Both need to be included on the named configuration file AND accept configuration of the zone through the MMC console on Windows. The third option uses an internal and very simple DNS server.
"I've been a follower of Samba 4 since I was in college, and that was close to a decade ago."
Sorry but based on the assumptions above you either didn't expressed your point well or you are lying.
"it just won't be possible without making a huge mess of things due to a pre-existing DNS system which won't be able to be fully compatible."
If you use the DLZ plugins or the flat file scheme you can just make a separate zone for AD. I haven't checked the scripts that are suposed to migrate a Samba3+LDAP structure to SAMBA4 but you could provide something regarding DNS related tasks to the script if they aren't already there.
Tell me that when you have to really use that "LDAP" thingie on your Windows server to provide authentication and directory services to external applications. Because you are probably using it as a glorified NT4 Domain.
You can build the structure with LDAP, Kerberos and SAMBA with a bit of work. There are tools to simulate the group policy functionality or you can just script it.
If you want to pay, there is Novell Domain Services for Windows which is included on the NOWS suite and its stable. It runs on top of SuSE Enterprise.
Last time I've checked SBS was a cripleware incapable of basic things such as LDAP replication.