Dude (since we're apparently on an informal basis)
I help run what is probably one of the largest AD implementations in the country, if not the world. Your perception of AD is true only under certain lamebrained implementations. It IS possible to totally ignore the AD heirarchy and go for a "flat" NT4-style domain structure, but people who set those up should be severely beaten about the face and ears, and never allowed near a server again. If your ADs are like that, get a new job.
I get more replies based on my sig, rather than the content of my comments. Don't know if what I have to say is that boring, or people really ARE that wrapped up in the whole Slashdot thang.
You can't sign away right that is protected by law. My landlord can't put a clause in my lease agreement that says that I sign away my right to prevent her from entering the house without 24 hour notice. Well, she can try to, and even if I sign the lease, the state law overrides it.
Way back when EQ had first come out, I bought a retail version. After a while I got tired of it (I had beta tested the game, so my burnout factor was already up) and uninstalled the game. After about a year, a friend of mine got into EQ, so I decided I'd reinstall, create a new account and play. After installing came the CD Key registration. When I entered the CD Key, I was told the key was already used. Now I had to remember my login info for my old account. Fortunately I was able to and start playing, but jeez, what a pisser.
It's a little bit more than just tweaking krb5.conf, but that is the hardest part. You still have to create a user account, export the credentials to a keytab and move the keytab to the system.
MIT Kerberos supplies a Kerberos-aware telnetd that also does DES encryption, but why bother? I'd much rather use OpenSSH. Modern OpenSSH ports don't require a patch, you just need to use the --with-krb5 directive when compiling.
It's suprisingly easy to do. I've done it for a couple of organizations and at the house. Simplifies my ssh logons considerably. Microsoft was suprisingly strict with its standards compliance on this one.
Uh, Win2k's Kerberos implementation is suprisingly standards-compliant. I've had NO issues whatsoever getting my MIT Krb5 systems taking to Win2k and Win2k3 KDCs. Microsoft even has a simple step-by-step guide on how to export the account data to a Kerberos keytab. If your krb5.conf file is set up properly, it's less than 5 minutes to set up the user account, export the keytab and import it onto your system.
I find it laughable, that although Firefox appears to be short in the speed department (at least it loads faster than the current version of Mozilla I'm running on my laptop), the author still feels he needs to shill Firefox by expounding its totally unrelated virtues.
Used the money to hire more salesdroids to "develop more business", and bought an entire floor of a hugeassed building, then crammed everyone into one tiny corner of it.
Meanwhile, the IT processing power remained at a constant while IT staffing actually was cut. Interesting times...
Is the company making every penny count? No, they're actually wasting money by working inefficiently. They wasted a lot of my time, then tried to buy a workstation I didn't need. But the numbers look good.
At a previous job, the IT budget was on a permanent freeze. In the three years I was with the company, we had only made one major investment in IT, and that was at the beginning of my tenure. Now, we were an Application Service Provider, so our lifeblood was in our servers and how fast we could crunch numbers.
Did I mention that the major investment in servers, all the servers were bought off of eBay and other second-hand vendors?
So I'm dealing with four year old servers, with outdated hardware this is just slowing down more and more, while we are getting more and more customers, and larger customers. I tried explaining to the Powers that there is a fixed number of cpu-hours, and it takes X hours to process customer Y on our current hardware. We were operating at something in excess of 90% capacity. I gave several pleas to free up some money to acquire some faster, more robust servers, thereby reducing X, allowing us to handle more Y. But as IT is commonly held as a cost center, I got the usual "we don't have the money". I left the company eventually, but heard they hit a hard brick wall as the production environment was saturated almost 24 hours a day- the couldn't bring in any more customers. Sort of ironic that a company can get killed by its own success.
At a previous job, we used to take data that was uploaded to us, process it and give the results back to the customer. Early on, it was a very manual process. We even had to have people check the upload directories every few minutes to see if new data had arrived. When we went into "24 hour Application Service Provider" mode, one executive actually brought up the idea of hiring students who would sit up all night and drag files from one folder to another. That didn't sit too well with some of us. After actually pinning down the CTO and operations people and wrestling some kind of standard from them, we were able to develop a staggering amount of automation in a short time. Everything from notification that a customer had uploaded data, to data normalization, and later on, complete automation of the data processing and delivery of results. It implemented a lot of different technologies such as zsh and SQL Server. When I left, we were working on Version 2, which was extremely atomic, and could intelligently schedule and allocate resources to handle whatever job was queued for processing. The amount of time freed up by all of this allowed us to focus our people on developing the actual product instead of click-Refresh every few minutes.
Slashdot Mirror
Nope. I think we're bigger than Schlumberger. We use some of their products, though.
Consider it this way: why would I be lying about helping run one of the biggest Windows networks on Slashdot?!
Maybe, but which one is dominant today? It may be Malibu Stacy with a new hat, but there's a big pile of Lisa Lionhearts that everyone is ignoring.
Not Microsoft, but one of their largest customers. I wouldn't be suprised if our network was larger than theirs.
Yeah, I remember back in 2002 or so, I saw an ad for a job requring 5 years experience with Windows2000.
Some things just boggle the mind.
Dude (since we're apparently on an informal basis)
I help run what is probably one of the largest AD implementations in the country, if not the world. Your perception of AD is true only under certain lamebrained implementations. It IS possible to totally ignore the AD heirarchy and go for a "flat" NT4-style domain structure, but people who set those up should be severely beaten about the face and ears, and never allowed near a server again. If your ADs are like that, get a new job.
I get more replies based on my sig, rather than the content of my comments. Don't know if what I have to say is that boring, or people really ARE that wrapped up in the whole Slashdot thang.
NGage?
Wasn't that the silly little cellphone/game platform that nobody bought?
What?
Sounds like you want Windows and Active Directory.
You can't sign away right that is protected by law. My landlord can't put a clause in my lease agreement that says that I sign away my right to prevent her from entering the house without 24 hour notice. Well, she can try to, and even if I sign the lease, the state law overrides it.
Slashdot being all opensource and that, shouldn't that be GPG?
Moron.
What would it matter, since I would be paying $20/month *per account*. It would be pure gravy for Sony.
Way back when EQ had first come out, I bought a retail version. After a while I got tired of it (I had beta tested the game, so my burnout factor was already up) and uninstalled the game. After about a year, a friend of mine got into EQ, so I decided I'd reinstall, create a new account and play. After installing came the CD Key registration. When I entered the CD Key, I was told the key was already used. Now I had to remember my login info for my old account. Fortunately I was able to and start playing, but jeez, what a pisser.
What? n00b opinions are somehow considered invalid? n00bs, my friends, is exactly what Linux needs or it will die.
It's a little bit more than just tweaking krb5.conf, but that is the hardest part. You still have to create a user account, export the credentials to a keytab and move the keytab to the system.
MIT Kerberos supplies a Kerberos-aware telnetd that also does DES encryption, but why bother? I'd much rather use OpenSSH. Modern OpenSSH ports don't require a patch, you just need to use the --with-krb5 directive when compiling.
It's suprisingly easy to do. I've done it for a couple of organizations and at the house. Simplifies my ssh logons considerably. Microsoft was suprisingly strict with its standards compliance on this one.
Microsft Krb5 interop guide
Uh, Win2k's Kerberos implementation is suprisingly standards-compliant. I've had NO issues whatsoever getting my MIT Krb5 systems taking to Win2k and Win2k3 KDCs. Microsoft even has a simple step-by-step guide on how to export the account data to a Kerberos keytab. If your krb5.conf file is set up properly, it's less than 5 minutes to set up the user account, export the keytab and import it onto your system.
Try harder.
it's l0phtcrack
Or one could say "Firefox beats Internet Explorer in the slowness category". That should pass the Slashdot test.
I find it laughable, that although Firefox appears to be short in the speed department (at least it loads faster than the current version of Mozilla I'm running on my laptop), the author still feels he needs to shill Firefox by expounding its totally unrelated virtues.
Obviously, since IE is faster, this is unecessary or MS has already optimized the code.
Used the money to hire more salesdroids to "develop more business", and bought an entire floor of a hugeassed building, then crammed everyone into one tiny corner of it.
Meanwhile, the IT processing power remained at a constant while IT staffing actually was cut. Interesting times...
Is the company making every penny count? No, they're actually wasting money by working inefficiently. They wasted a lot of my time, then tried to buy a workstation I didn't need. But the numbers look good.
At a previous job, the IT budget was on a permanent freeze. In the three years I was with the company, we had only made one major investment in IT, and that was at the beginning of my tenure. Now, we were an Application Service Provider, so our lifeblood was in our servers and how fast we could crunch numbers.
Did I mention that the major investment in servers, all the servers were bought off of eBay and other second-hand vendors?
So I'm dealing with four year old servers, with outdated hardware this is just slowing down more and more, while we are getting more and more customers, and larger customers. I tried explaining to the Powers that there is a fixed number of cpu-hours, and it takes X hours to process customer Y on our current hardware. We were operating at something in excess of 90% capacity. I gave several pleas to free up some money to acquire some faster, more robust servers, thereby reducing X, allowing us to handle more Y.
But as IT is commonly held as a cost center, I got the usual "we don't have the money". I left the company eventually, but heard they hit a hard brick wall as the production environment was saturated almost 24 hours a day- the couldn't bring in any more customers. Sort of ironic that a company can get killed by its own success.
At a previous job, we used to take data that was uploaded to us, process it and give the results back to the customer. Early on, it was a very manual process. We even had to have people check the upload directories every few minutes to see if new data had arrived. When we went into "24 hour Application Service Provider" mode, one executive actually brought up the idea of hiring students who would sit up all night and drag files from one folder to another. That didn't sit too well with some of us.
After actually pinning down the CTO and operations people and wrestling some kind of standard from them, we were able to develop a staggering amount of automation in a short time. Everything from notification that a customer had uploaded data, to data normalization, and later on, complete automation of the data processing and delivery of results. It implemented a lot of different technologies such as zsh and SQL Server. When I left, we were working on Version 2, which was extremely atomic, and could intelligently schedule and allocate resources to handle whatever job was queued for processing. The amount of time freed up by all of this allowed us to focus our people on developing the actual product instead of click-Refresh every few minutes.