Pitfalls and Options For Business-Desktop Linux 346
swhiser writes "Tom Adelstein dispassionately surveys the remaining fixes that will put desktop Linux through in the enterprise. Peer-to-peer networking, functional printing, laptop support, single sign-on to Active Directory and a better Device Manager (with a driver-get mechanism) are among the things companies are asking for. He says, 'The Linux desktop could fail if companies continue to pilot programs and conclude that it's less trouble to buy Microsoft. Everyone loses in that scenario.'" Pre-loaded systems are no longer a pipe dream or an obscurity, though; read on for one reader's mini-survey of Linux systems from large computer vendors.
Acidus writes "I called around today to the big OEMs (Gateway, Dell, HP, IBM) seeing who offered systems with Linux pre-installed, and the results were good. 3 of the 4 offered Linux on workstations. While no one offered Linux preloaded on laptops, Dell has some references nn how to install Linux on their laptops, while IBM has a scattering of docs on their website about installing Linux on systems. The reps at Dell, even though they have a series of Linux workstations, had to ask me what Linux was, and how to spell it. "Is that L-Y-N-I-C-S?""
WiFi support (Score:5, Informative)
"Broader WiFi card support needs to be introduced to Linux. WiFi card support for the large and important group of laptop users hardly exists. The expedient solution here would to use something like Linuxant's DriverLoader which has the elegance of being a single point solution that's applicable to the great majority of user/device scenarios."
This is the single reason that stopped my from installing Linux on my laptop. Until I discovered ndiswrapper [sourceforge.net], that is, which wraps windows wireless drivers...
Now if ndiswrapper worked out of the box, that *would* be a step forward.
HP has a Linux laptop (Score:5, Informative)
Re:Just keep using Windows (Score:5, Informative)
- keep fighting terrorism
- losing indivdual freedoms
- stop thinking
For christ sakes... just because something isn't point click and done doesn't make it any less viable.
1. Windows Network Neighborhood visibility and UNIX/Linux visibility in the same panel.
XANDROS 2.0, Lindows, Lycoris, MEPIS
2. Active Directory password management which includes single sign-on and password expiration policies.
Novell Evolution embraces mail, calendar and address book standards to ease data sharing.
Supported mail protocols include IMAP, POP, SMTP and Authenticated SMTP, as well as Microsoft Exchange 2000 and 2003. Novell GroupWise support is currently in our development branch.
3. Interoperability with Exchange 5.5 and Exchange 2000.
See above
4. Font compatibility with Microsoft Office and Openoffice.org and/or StarOffice.
Crossover
5. Windows Terminal Server clients using RDP out of the box for home grown applications and special Windows applications.
Xandros, Lycoris, SUSE, RedHat... or just install VNC...
6. Ability to click on a file in a Windows or Samba share and initiate the associated application.
Fille association is not a roadblock. Simply a minor configuration issue.
7. Device management for hardware compatibility.
XANDROS 2.0, Lindows, Lycoris, MEPIS, RedHat, Suse
8. Compatible Windows Media player Codecs.
Crossover, MPlayer, XINE
Re:WiFi support (Score:3, Informative)
Re:Just keep using Windows (Score:2, Informative)
1) Use smb:// in Nautilus.
2) Dump Active Directory and use something that's a bit more cross-platform. There's plenty of LDAP-compatible stuff out there, and Novell will sell you a drop-in solution for single signon. If you do it right, you get single signon across Windows, Linux, Solaris and HPUX.
3) Evolution Connector.
4) Just set OOo to use the MS TT fonts.
5) Terminal Server Client or rdesktop (I'm guessing they mean a RDP client here).
6) Nautilus can handle file associations just fine.
7) Not sure what the hell they mean by this.
8) Mplayer using MS codecs
Basically, it sounds like a list drawn up by someone who hasn't considered that introducing a new platform into a corporate environment means that they're supposed to exploit the advantages of that platform, rather than force it to conform to whatever existing platforms they have.
Some Insightful, Some Not So Insightful (Score:5, Informative)
Fact: Linux just doesn't have a Net Neighbourhood/Places GUI. There is nothing that requires Linux (or BSD) to have to have a domain controller. In the past week, I've provided support in online forums where the problem is stated that on Windows they can't see the other Windows box - because they are using Network Places, which relies on NetBIOS and can take up to 45 min for a computer to show up in. This is the reality of the userbase - GUI.
Myth: Printing sucks
Fact: No argument - it sucks. No central tie-in into the system so all programs use the same printing config. I shouldn't have to setup CUPS, and then setup each and every program I want to use to use CUPS.
Myth: Laptop support is non-existant
Fact: There's sites dedicated to it; as long as the hardware is available, for the most part there is no trouble booting linux on a laptop. Rather, the article says that there's just not enough wifi support in laptops...
Myth: No Terminal Services client
Fact: rdesktop worked fine for years now
There's other issues, but those are the most visible. Not to say the article isn't overall wrong in it's assertion - that in order for Linux to get to the point where drivers are listed with hardware along with Windows, the hobbyist programmer mantra of "it works for me, so fsck you" keep stagnating Linux where it is today - where it's been for the last couple of years ever since "this will be the year of the Linux desktop...No, THIS will be..."
It's not acceptable to have to install 3+ programs in sequence to get an app to work - bundle the bloody stuff already, quit being lazy. Funny from the crowd who chastizes closed source about how bad their software design is...
OS X Meets Criteria, But Not Solution (Score:5, Informative)
So, taking a page from both Apple and Microsoft's business handbook, what can the Linux community "steal" from Microsoft and Apple to make Linux a stronger enterprise player?
Getting things from the Apple side isn't very hard since its resources come from the FreeBSD world, which is open source. Samba works great in OS X, which means stronger integration in Linux is needed to match OS X's performance, which I suspect does nothing particularly special.
Same is true for AD authentication. Mac OS X uses a plug-in its Directory Services that understands this LDAP-variant...surely this is something that would work in Linux, or does it lack a refined mechanism for handling multiple directory services as OS X?
Ximian already provides Exchange compatibility in its mail product, and Exchange 2000 works with IMAP provided that Outlook Web Access (WebDAV) is running. Special features of Exchange (and its Outlook client) may be missing, but Mac users are still missing features from Entourage, the successor to the Outlook client on Mac OS X, so this is not quite the biggie. Linux/Intel users can run VMware (as Mac users would run Virtual PC) to use the actual Outlook client if needed.
The Microsoft Office component is a toughie. Mac OS users have a genuine Office client. Microsoft knows that holding back creation of a Linux client would sap power from its enterprise drive.
No easy answers in this, really. I think, however, that Linux could use a central business owner, although I know its nature makes that impossible. But wait--isn't that what Apple's doing with OS X by licensing or using BSD components?
What if a company licensed a Linux distro and took the reins to make a Linux-compatible OS with the same functionality, but also the "one-click" simplicity, application strength, and security that Mac OS X enjoys in its Mach/BSD fusion?
Of course, we know that this appears to have been done, with Red Hat, et al. But has it really been done well?
Re:Fundmental hardware problems (Score:1, Informative)
http://users.actrix.co.nz/michael/usbmount.html
Re:Some Insightful, Some Not So Insightful (Score:3, Informative)
Re:Single sign-on to what ? (Score:2, Informative)
Re:Single sign-on to what ? (Score:3, Informative)
OpenLDAP fully supports kerberos authentication (and many other types) via Cyrus (and maybe GNU) SASL libraries.
See the OpenLDAP SASL Instructions [openldap.org] that document how to do it.
Re:Single sign-on to what ? (Score:5, Informative)
Er, the answer is YES. I have it working here. You can use the Kerberos tickets to authenticate to OpenLDAP and have ACL's in the LDAP server to define the permissions. It's done trough SASL and it works transparently.
And because of this, OpenLdap authentications solutions are NOT secure, as they pass credentials in CLEARTEXT. Yes, you can use certificates but now you've introduced the thorny issues of key distribution.
Not so. Understand that this is however seperate from the availability of Kerberos. Other methods can be used to pass the crendentials (Digest MD5, etc). Aditionally you can force the use of SSL, so even cleartext passwords are not problematic. You can actually define that the server won't accept cleartext from non-TLS connections.
I use OpenLDAP integrated with Kerberos and both integrated with the authentication and authorization of several different things (including machine logon). I also have a cross-realm trust relation between AD and the Unix LDAP which allows AD users to use their Windows tokens in the Unix environment (user "bar@WINDOWS.NET" assumes "bar@UNIX.NET" identity trough cross-realm). Aditionally, as a last resort for use in non-kerberized apps one can use the password '{KERBEROS}boo@UNIX.NET' or '{KERBEROS}boo@WINDOWS.NET' to make the LDAP server check the user supplied password in the Kerberos server.
NIS+NFS vs AD? Not a chance (Score:3, Informative)
Sorry, there's no way.
Now, maybe it's more resistant to spyware and virii, but it's not more secure.
Just run:
$ ypcat passwd|jack
to find out how insecure you are!
If you were running Kerberos, OpenLDAP and NFSv4
Re:Freedom, free and free. (Score:1, Informative)
No. Your first step, as with any business decision, is to justify the cost of the process. If you can't justify the one time cost vs. the ongoing costs, you don't do it. Businesses aren't generally interested in throwing money down the toilet in the interest of their IT department's idealogical bents, so if the cost justification doesn't exist, it doesn't happen. If the biggest problem you face in your quest for change is management not wanting to save money/increase productivity, your company has much deeper problems than their software platform. Blaming non-migrations on "stupid PHBs" is disingenuous. If they think that doing it will save money or increase productivity, they're not going to stand there and say "hmmm... something I could take at least some credit for - nope, I don't I'll further my career today".
As far as your comparison between Windows and Knoppix, your anecdotal evidence is irrelevant. OpenOffice does not function like Microsoft Office, like it or lump it. Nor does Evolution function like Outlook. Each of these also lack features of Office that some users will have difficulty getting over. On top of that, a GUI'ed Linux system is about as stable as a tower of Jell-O. The X Window System should've been scrapped and rebuilt as a real windowing system more than a decade ago. Amusingly enough, when Windows Explorer takes a shit, it respawns itself. When Gnome or KDE go belly up, they don't. They either throw a kernel panic (and good luck training Betsy the Bimbo Secretary the concept of Magic SysRq) or crash to a prompt. Linux is only stable when you don't add all the external cruft, and nobody wants to type memos in ed and pipe them to sendmail.
Re:As long as tech-knownothing PHBs keep making (Score:4, Informative)
Yes. If a PHB can use office they can use open office. IF they know how to use outlook then can use groupwise.
"Of course, here we are assuming you're not using Linux as a multi-user server system and are instead running it in as a single-user "desktop" machine system."
No I am not presuming that. Novell has full linux desktops.
"Ease of installation and availability of software is a big one."
This is handled by the IT dept.
"Can the PHB "Hotsync" with their Handspring / Blackberry? "
Yes.
"Can they just download some software and install it themselves"
Yes but they probably should not be allowed to.
"How about their iPod? Their digital camera? Their scanner? The latest and greatest gadget that does who-knows-what?"
At work? Why?
"I'm afraid that even downloading and installing Firefox on a Linux desktop would be too much for a PHB"
Why would it be any harder then windows. Fire up YAST, click on firebird and it installs. That's a lot easier then downloading MS software, unzipping it and then installing it. With YAST you don't even need to hunt it down on some web site.
"Until is it pretty much exactly the same as Microsoft Windows you will have a hard time getting anywhere with a PHB."
Linux is growing at an explosive pace. It's definately not having problems getting anywhere. WHen the growth of linux adoption slows down even a little bit then I'll worry. Until then it's all sheets to the wind and full force ahead.
"Until hardware and software vendors put the same time and money into developing solutions for Linux as well as Microsoft Windows, it just isn't going to get the recognition it deserves"
It's already getting the recognition it deserves. It's growing wildly despite the best efforts of MS and SCO stop it. They can't even seem to slow down a little bit. Tens of millions spent on lawsuits and it did not even slow down the growth of linux by
Honestly what planet do you live on? Are you under some impression that the adoption of linux is slowing down or has stopped? If so where did you get that impression.
Re:Device Manager (Score:2, Informative)