Linux in the Enterprise WAS Re: [plug] Codeweavers
Steve Grasso
steveg at calm.wa.gov.au
Thu Apr 24 17:11:11 WST 2003
On Thu, 24 Apr 2003 13:07, Ryan wrote:
> On Thu, 2003-04-24 at 11:52, Garry wrote:
> > I'm sure everyone would be aware by now of the story of how the
> > Codeweavers product allows you to run MS Office XP on Linux. The only
> > things which don't work are Outlook and Access, but with the superior
> > Postgresql/Mysql/Evolution products freely available it is a moot point..
>
> I wish I could agree about the Outlook bit ... but my job dictates
> otherwise :(
[snip]
> Speaking from unfortunate experience in the corporate world, the chief
> reason keeping people on Windows is Office *including* LookOut.
[snip]
This is at the desktop. At the enterprise server level, there are other
issues when working in very heterogeneous environments (read mixed-mode
Win2k/NT + Linux). In a fundamentalist nutshell, Microsoft presumes the
corporate world to be a hierarchical place, with centralized loci of control
and diminishing power to affect change devolving from all-powerful Enterprise
Admins at the top, to the barely-enabled Domain Users at the bottom. By
comparison, Linux has no well defined corporate world view, having grown from
a milieu of collective giftedness and collaboration. It is no real wonder
that these worlds as yet intersect incompletely.
A short, sad story to illustrate:
I (and others on the list more esteemed than I) wrestled unsuccessfully to
replace an enterprise-level W2K file server with a Debian/Samba 3 equivalent.
An easy ask one might expect. Not so. After some time and considerable effort
the system was up, users and their ca. 70GB of files migrated with their
existing ACLs intact and the system tested, only to fail in one small,
unexpected detail: the "modify" or "change" file permissions attribute (which
allows the owner of a file, or Domain or Enterprise Admins to control who can
modify or change file permissions) has no equivalent under Linux. "Who
cares?" you might ask. Well, the short answer is Domain or Enterprise Admins,
who have responsibility to ensure file ACLs actually grant access to those
allowed, deny access to those not allowed and prevent those who *are* allowed
from making the files inaccessible through 'creative' modification of the
permissions. This is easy stuff in a small office, but Freddy Kruger
incarnate over hundreds of thousands of files over tens of hundreds of users.
Perhaps there is an elegant solution (no, fiddling with group memberships
wouldn't cut it) and if anyone's found one, I'd like to hear about it - but
in the time allowed, determined by infrastructure needs, we couldn't do it.
Steve
:-(
More information about the plug
mailing list