On Sun, Feb 9, 2014 at 6:22 PM, John Stewart <john_stew...@carleton.ca> wrote: > Second attempt at posting as the switch in using an underscore to a period > in our mail addresses confuses the listserv into thinking I'm not a list > subscriber. > > On 09/02/2014 6:17 PM, John Stewart wrote: >> >> On 09/02/2014 2:45 PM, ToddAndMargo wrote: Thank you for the offer. Got me >> to thinking. Whenever I come across a Windows Active Directory (AD) server, >> I think under my breath "Why would you do that to yourself?". What a slow, >> cumbersome, clunky mess. Within the first ten minutes of discussing a >> Windows server with a client, I inevitably get asked how to speed it up. I >> have to tell then that that is just the animal they are dealing with. If I >> can set up a Windows server with the least amount of services running on it, >> I do. I love it when they don't want AD. (Most of my customers seldom have >> more than five workstations.) >> >> Active Directory would be overkill for five workstations, but for large >> organizations Active Directory is a key part of your IT infrastructure. >> Integrating our SL5 Sun Ray thin client servers with the AD domain managed >> by our central computing department was a huge step forward. This enabled >> our students and instructors to use the same login and password they use to >> access centrally managed services and the first time they login their Linux >> home directory is automatically created.
Sun Ray is... a very different architecture. Merged authentication has been available for decades now, with NIS, Kerberos, LDAP, or the entwined Kerberos/LDAP mix that AD and therefore Samba use. Yeah, it's handy, but creating home directories on first login is actually a Linux PAM issue, not a Samba/AD issue per se. >> That's the way I felt when I managed the Solaris based Unix systems in our >> central computing department but my recent experience has been that our >> Windows 2008 Terminal Server machines are more reliable than our SL5 Sun Ray >> servers. It's not a hardware difference since both sets of servers run on >> the same type of hardware. Hmm. Sun Ray is hampered by the attempt to run X servers on a thin client. X is.... bandwidth and resource greedy, which is one reason that graphical "thin clients" hae never worked well for UNIX and Linux Surprisingly, laptops running a simple Linux (such as Scientific Linux) and running the www.nomachine.com "NX" software provide surprisingly good and manageable and efficient graphical access to centralized servers. >> Samba 3 has had it's day in the sun but it doesn't cut it for supporting >> Windows 7 clients. We're dealing with a wacky situation in another >> department where the previous IT support person declined to simply join >> Windows 7 clients to the centrally managed AD domain. What he did instead >> is use Microsoft Hyper-V to create an SL6 virtual machine on a pair of >> Windows 2008 terminal servers (ironically part of the centrally managed AD >> domain) and install Samba 4 to create his own AD domain to support Windows 7 >> clients in the department. That's..... perverse. Possibly efficient and effective! But perverse. Running one's own subdomain, including using Samba oon a Scientific Linux box, is often the only way to get sane internal DNS/DHCP/CIFS/LDAP in a Windows environment.