Open Source Training/Teaching as Advocacy? 29
dsavitsk asks: "I am a part owner and I.T. manager of a small company. I spend most of my time writing in-house software in Python and VB, and administering the various systems we use. (Our current setup is a Win2k Server, a few win2k clients, a FreeBSD gateway, and a few other things.) I am also in law school, so my time is very short. In general, whenever I can, I will use an open source program over a closed one (hence, most of our software is now Python powered). One of the perks of my job is that I have an open budget and mandate to learn as much as I can about new technology we might use. (I've bought $1200.00 in O'Reilly books in the last year alone!) So, the question. I simply don't have time to learn everything I need to know, and to configure lots of open source projects that don't have a pile of books or decent documentation written about them. I found, in fact, that not knowing anything, it was much easier to set up a Windows domain than a Samba server. We also don't have the money to hire a full time sysadmin. What we would like is to hire a consultant for open source software who would not only come in to install and configure something, but who would also teach me the hows and whys so that I could then pickup where they left off. Clearly, we are not looking for free help, and would be happy to pay market rate for the work. In short, we are looking for people who would advocate for open source not just be producing it and consulting about it, but by administering it and teaching at the same time. So, where would I find such a someone?"
You need to think about what you are doing (Score:5, Insightful)
If you want to run a Windows domain -- use windows. While you *CAN* use samba, is it worth your time (which is in very limited supply if I read your post correctly) and your money to setup a custom, "free" solution to everything?
What do you do when Windows XP ServicePack 8 stops interacting with your Samba DC?? Do you stop studying for the bar, drop your management duties to figure out how to fix it? Do you have enough money lying around to pay an expert to fix it?
At work I try to stick with things that everyone is familiar with that also happen to work.
Use the best, simplest solution you can afford. If you want a Windows Domain, buy a server from Dell for $2000 with a W2k Server licence. You spend about 4 hours setting it up with resources available readiliy online.
If you go with a samba solution, you buy a server for $1200, and buy 16 hours of consulting time, while losing 8 hours of your time learning how to use it.
free doesn't always mean free.
Re:You need to think about what you are doing (Score:5, Insightful)
Moreover, wouldn't these guys [afr.com] be apt to find a fix to the "XP Service Pack 8" breakage for you? Open source doesn't always mean "fix it yourself", you know.
Of particular interest (apologies for the redundancy);
Re:You need to think about what you are doing (Score:3, Insightful)
Once it's set up, you'll never think about it again. Good luck achieving that sort of stability on Windows.
Don't get confused. You can't estimate the initial setup costs on Linux and then tack on the usual maintenance costs on Windows. For the most part, it's one or the other, and, in my experience, I'll take the larger up-front investment over the weekly hassle any day.
Re:Not really... (Score:3, Insightful)
I completely fail to be impressed with the importance of a security fix whose primary function is to turn the "convince a user to connect to an external SMB server, then sniff their password" attack into the "convince a user to connect to an external SMB server, then sniff and crack their password" attack. Users, in the main, have terrible passwords. Giving away a hash is little better than giving away the password
Kerberos provides some sort of authentication infrastructure, but it sure wasn't Public Key Intrastructure last I checked, but rather pre-shared keys for DES (in the case of K4) and other symmetric cyphers (with K5). SSL and IPSec, on the other hand, do work quite nicely with public keys, even if most people don't seem to want to bother using client certificates or even verifying server certificates.
I replied to a comment that said, in essense, "it's not Microsoft that's lame for breaking Samba compatibility, it's Samba that's lame for not keeping up with Microsoft's l33t security updates" by saying, in essense, "Microsoft's security update is not so l33t and has the added effect of breaking stuff, so Microsoft is lame after all". You have failed to explain how this is off topic or, for that matter, wrong.
A low UID is not a license to be rude, and snide comments are especially out of place when they are misinformed. I suggest a calmative, followed by a period of quiet reflection.