Tue Sep 11 2012 08:55:20 AM PDT from the8088er @ UncensoredI had no idea Oracle was doing a Linux distribution.
What about Solaris? is there indication that they're going to end that?
Technically, their distribution is nothing more than repackaging RHEL, but they do some custom kernel compilation, I believe.
That was my concern.
It's not Solaris anymore; it's Oracis now. Sun's vision for Solaris was to build and maintain an industrial grade workhorse of an operating system. Oracle's vision for Solaris is for it to fill a box and make money.
Not that there's anything wrong with making money, but the show is no longer being run by people whose primary drive is a love of technology.
Not to worry, though: HP/UX will be the first of the remaining commercial unices to fade into oblivion, especially now that Oracle has discontinued any further development of its products on that platform. AIX will cross over into that same immortal netherworld (Valhalla is only a few miles from Armonk, after all) where i/OS and z/OS already are.
The data center of the late 201X's and early 202X's will be Linux and Windows. For all practical purposes most data centers are already there. That's excluding bare metal hypervisors, of course, but whether VMware and Microsoft admit it or not, there's no such thing as a "Type 1 Hypervisor." ESXi won't run without help from Linux, and HyperV won't run without help from Windows.
well, the judge told oracle to continue h-pox and itanic support - gut I guess yes, its fading away.
It's only Ubuntu that has deliberately forked things up (pun intended).
I must admit I'm warming up to Gnome Shell and am running it at home now (but not at work because it screws up my video card). Slam the mouse into the upper left corner of the screen and everything shrinks and spreads out for you to pick from. The real win is the way it handles virtual desktops.
Instead of a fixed number it simply creates them as you need them, and when your window selector is open with all of your windows shrunk and displayed on the screen, the virtual desktops are displayed in a column on the right side.
Virtual desktops are useful for me because I usually have two or three remote desktops open, and I like to put those into full screen virtual desktops instead of in my window stack.
use Ubuntu with Xfce as well.
I wrote this about Samba4 http://en.gentoo-wiki.com/wiki/Samba4_as_Active_Directory_Server if you like something different. That's basically the AD system I am using with citadel. They also have a release candidate for Samba4 out there. Not alpha, not beta, but real rc! My system is basically the same since alpha11, but there are only about 5 machines in the domain.
You might be right there, but on the other hand, actually seting up SSO stuff in linux manually is a bit of pain. Samba does a pretty good job here, I either use kerberos tickets (for things like libvirt) or the ldap user for manually entering usernames and passwords across almost all of my local services: trac, apache, dokuwiki, citadel, windows vms, etc. In theory, spnego should work with firefox plugins or IE, but I do not use either of them.
The trouble with SSO is that there are so many standards to choose from. LDAP has seen wide adoption, but it is user-hostile if you have any sort of password expiration configured - there are no diagnostic messages. LDAP doesn't do web-based single signon at all so we end up with two different authentication systems that must be synchronized, manually or via a scheduled task. We are using Google Apps OpenID auth for SSO to some of our web-based stuff--not too hard to implement via Spring Security, but does take some custom code.
I agree about the password expiration stuff, but I guess that is not a direct fault of LDAP as a method, more of the implementations. As far as my expiriences go, almost all externally authed services have totally useless error messages. "Wrong password" can mean anything from "I misparsed your special chars", "The LDAP Server is down", "I was just too stupid to look up your user but I do not dare tell you." to "Lizards are forcing me to keep you logged out."
What I do not get is your remark about SSO and website stuff: Are you referring to the seamless login you can have with IE on Microsoft products? I agree partly, but with Samba4 using LDAP and Kerberos, you should be able to overcome these problems with a certain Firefox plugin. I think there is also something for Apache and at least dokuwiki would be able to handle this. I think thats SPNEGO.
Yeah, it's definitely the lizards' interference in most cases.
As for web-based SSO, this may be a concern that is somewhat unique to companies like mine: many of our tools, ranging from JIRA to Google Apps, are actually SaaS apps that are hosted "in the cloud" or by someone else. As such, we want to be able to log in to Google Apps once, with our browser, and get access to all our other apps as well. You are not going to accomplish this easily with LDAP, and you are not going to accomplish it at all with Kerberos.
SSO here is not the same thing as password synchronization. If everything is talking to the same LDAP, but I still have to enter the same password multiple times a day, that's not SSO.
If your organization's email domain is hosted on Google Apps (branded gmail, basically) then you'll find that the pinheads in charge want the central point of configuration for your SSO to be... Google Apps. (They implement an embrace-and-extend'd version of OpenID.) You could point Google Apps at your SSO provider using SAML, but this doesn't address POP3 login to gmail, etc. So you end up in cron-job based synchronization.
Subject: Migrating from tdbsam to ldap
How do I most painlessly migrate users from tdbsam to openldap based authing in samba? I searched the web, but most guides seem to be from around 2005. Did one of you ever do something like this? Did it work out? Did you suffer while trying? The closest thing I found is http://nickportertech.blogspot.de/2008_05_01_archive.html which itself names tools hinting to https://gna.org/projects/smbldap-tools/
I will be switching distros at the same time, so I will not really operate on a live system