[unisog] Current use of Netware (OES), MS AD and Samba for delegated control
Bradley.Ellis at its.monash.edu.au
Fri Jun 10 00:25:02 GMT 2005
> I think that this can be acheived with just Samba and a bunch
> of trusted domains, which will be a lot cheaper than the
> alternatives of Novell Open Enterprise Server or MS Active
If you are _just_ using these systems for File and Printer
sharing then you are possibly right.
However it is the extended uses of these systems MS AD/Novell
that really brings in the benefits when you are managing a
large fleet of desktops.
These systems offer a number of advantages that to my
knowledge aren't in Samba -
- Configuration Management via AD Group Policy,
You could possibly do this with
registry files but its all a bit painful,
and hard to find people with the knowledge
to do this effectively.
- Automated Software Installation ... Sure you
can do this out of a login script, but how do
Check that the system have enough disk space,
Install the software without giving the user
administrative rights, etc ?
- Software and Hardware Inventory ...
The Prescott stepping issue with XP SP 2,
a report would tell you how many machines
your tech's needed to visit to upgrade the
Problems with Video Drivers, etc.
The automated installation of software can be extended to
When MS-Blaster came out, how many of us where running
around and manually patching 1000's of machines ?
(SUS or other automated patching solutions didn't
exist at that time).
> What good and bad experiences have people had with these
> setups, especially in the sense of security vs feature
> comparisons between them?
Most of the bad experiences have been when people
_thought_ that they new enough to setup these systems,
but didn't really understand what was required.
Eg. No WINS server in a routed NT 4.0 network, etc.
The good experiences have been when customers have had
a good organisational IT Policy that their staff where
educated in, a hardware and software SOE, appropriate
remote control of workstations, resulting in:
* A good level of support for remote sites from a
central IT Support using remote control, and
local it support suppliers where appropriate,
significantly reduced travel costs and increased
staff productivity and a less lost time due to
difficulties using IT Equipment.
* 30 minute maximum turnarounds for problems
with desktops - 15 minutes troubleshooting,
if it wasn't fixed then, 15 minutes to rebuild.
* Happy customers supported at 20:1 tech ratio.
* No lost files when upgrading pc's or reimaging
as the customers saved their files onto servers,
Hopefully this helps,
Senior IT Security Officer, Infrastructure Services
Information Technology Services, Monash University - Clayton
More information about the unisog