Linux in the Enterprise WAS Re: [plug] Codeweavers

Steve Grasso steveg at calm.wa.gov.au
Thu Apr 24 17:11:11 WST 2003 

On Thu, 24 Apr 2003 13:07, Ryan wrote:
> On Thu, 2003-04-24 at 11:52, Garry wrote:
> > I'm sure everyone would be aware by now of the story of how the
> > Codeweavers product allows you to run MS Office XP on Linux. The only
> > things which don't work are Outlook and Access, but with the superior
> > Postgresql/Mysql/Evolution products freely available it is a moot point..
>
> I wish I could agree about the Outlook bit ... but my job dictates
> otherwise :(
[snip]

> Speaking from unfortunate experience in the corporate world, the chief
> reason keeping people on Windows is Office *including* LookOut. 
[snip]

This is at the desktop. At the enterprise server level, there are other 
issues when working in very heterogeneous environments (read mixed-mode 
Win2k/NT + Linux). In a fundamentalist nutshell, Microsoft presumes the 
corporate world to be a hierarchical place, with centralized loci of control 
and diminishing power to affect change devolving from all-powerful Enterprise 
Admins at the top, to the barely-enabled Domain Users at the bottom. By 
comparison, Linux has no well defined corporate world view, having grown from 
a milieu of collective giftedness and collaboration. It is no real wonder 
that these worlds as yet intersect incompletely.

A short, sad story to illustrate:

I (and others on the list more esteemed than I) wrestled unsuccessfully to 
replace an enterprise-level W2K file server with a Debian/Samba 3 equivalent. 
An easy ask one might expect. Not so. After some time and considerable effort 
the system was up, users and their ca. 70GB of files migrated with their 
existing ACLs intact and the system tested, only to fail in one small, 
unexpected detail: the "modify" or "change" file permissions attribute (which 
allows the owner of a file, or Domain or Enterprise Admins to control who can 
modify or change file permissions) has no equivalent under Linux. "Who 
cares?" you might ask. Well, the short answer is Domain or Enterprise Admins, 
who have responsibility to ensure file ACLs actually grant access to those 
allowed, deny access to those not allowed and prevent those who *are* allowed 
from making the files inaccessible through 'creative' modification of the 
permissions. This is easy stuff in a small office, but Freddy Kruger 
incarnate over hundreds of thousands of files over tens of hundreds of users.

Perhaps there is an elegant solution (no, fiddling with group memberships 
wouldn't cut it) and if anyone's found one, I'd like to hear about it - but 
in the time allowed, determined by infrastructure needs, we couldn't do it.

Steve
:-(

More information about the plug mailing list