Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 12 Oct 2001 14:46:32 +0100
From:      "Kastaki" <kastaki@ganbert.com>
To:        "Ted Mittelstaedt" <tedm@toybox.placo.com>
Cc:        <freebsd-newbies@FreeBSD.org>
Subject:   Re: UNIX and Networking
Message-ID:  <02ba01c15324$4e241480$6760ff3e@computer>
References:  <000201c152da$2df40700$1401a8c0@tedm.placo.com>

next in thread | previous in thread | raw e-mail | index | archive | help
I have been using MS Terminal Services, but I do prefer Citrix Metaframe
instead - infact MS has licensed a toned down version of Citrix M in
Win2K.....but like you said, if the server goes down, then everyone goes
down with it and that is not a solution!
Unix is obviously the king of terminal servers........

I keep writing questions which I seem to know the answers to (total and
utter confusion)......my issue is with the fact that the user can log in
locally, even to a Unix workstation...but then I know that the initial sec
policy can disable "loggin in locally"....by use of a scipt - infact would I
be correct in saying that you can write a script to a Unix Workstation so
that users can not log in localy, and that all loggin in has to go through
to the main server??

In any case, where will the users and groups list be - at the central server
or at the Unix workstation or both???



----- Original Message -----
From: Ted Mittelstaedt <tedm@toybox.placo.com>
To: Kastaki <kastaki@ganbert.com>; <dmp@pantherdragon.org>
Cc: <freebsd-newbies@FreeBSD.ORG>
Sent: Friday, October 12, 2001 5:55 AM
Subject: RE: UNIX and Networking


> >-----Original Message-----
> >From: owner-freebsd-newbies@FreeBSD.ORG
> >[mailto:owner-freebsd-newbies@FreeBSD.ORG]On Behalf Of Kastaki
> >Sent: Thursday, October 11, 2001 5:40 PM
> >To: dmp@pantherdragon.org
> >Cc: freebsd-newbies@FreeBSD.ORG
> >Subject: UNIX and Networking
> >
> >
> >> On a server, the more workload you can take off the CPU the better,
> >> that way it has more time to handle the management tasks and heavy
> >> lifting.  This kills software modems for any server.  Second, because
> >> FreeBSD is even less of a desktop OS than Linux, people who do use
> >> FreeBSD as their desktop are definitely hardcore sub-species of geek.
> >> Thus the users and, more importantly, those who can write the drivers,
> >> already know better than to go anywhere near a software modem.
> >
> >
> >I know this might sound really stupid, but how do you use UNIX in a
> >networking environment???
> >I mean, take Win2K, you can install a DOMAIN CONTROLLER and you have all
> >your users log in to a domain, and it makes life much easier as an
> >administrator, you can set security policies, you can virtually control
> >their life from 9 till 5......as long as they LOG INTO THE DC....but if
they
> >log in as local users (if they are allowed), then they will have no
access
> >to the network....
> >
> >Yes, I agree UNIX is more stable, it can run Web Servers or Mail servers
> >more efficiently, it can run File and Print Servers and most of the time
it
> >can run Application Servers, such as Oracle on Sun Servers - but my
question
> >is, how do you administer the network as far as your users as concerned?
> >If your users are using Win2K Professional desktops and you are running
UNIX
> >servers, then they obviously log into their desktops as local users, and
if
> >they want to use that Oracle DB, they can double click an icon on their
> >desktop and that starts a shell at the UNIX server, but how can you
control
> >their desktops from your UNIX Box - or do you have to have a DC somewhere
in
> >your networking environment? Bearing in  mind that 80% of security
breaches
> >are internal!!
> >
>
> What you have to understand is that UNIX is a totally different paradigm
from
> NT/W2K.
>
> Windows grew up in a graphical environment from a single-user point of
view.
> This was good if you had limited system resources because removing
internal
> security and multiuser support takes a huge chunk of code away.  Also,
from a
> business perspective, Microsoft makes money on every copy of Windows sold,
so
> it's in their interest to have a whole network of windows desktops.
>
> UNIX came from a different perspective - true UNIX networks originated as
> networks
> of ASCII terminals and a central multiuser UNIX server.  Later on when
> graphical
> programs became more important, these networks became networks of
X-Terminals.
> In
> that kind of network, all applications are on the central UNIX server and
the
> remote terminals are simply terminals and don't execute programs
themselves.
>
> Today, both types of networks are starting to take on characteristics of
each
> other.  Microsoft has found that the Domain Controller model is simply not
> scalable in large networks.  It's fine if you have 100 or fewer desktops
all
> on
> a flat network (like with a big 10/100 switch) but beyond that the support
and
> licensing costs of duplicating applications across every single desktop is
> astronomical.  You have workstations breaking down and needing to be
> reformatted
> every day in the larger networks.  So, Microsoft is actually now moving
more
> and
> more toward the traditional UNIX model of using Windows terminal services
> where
> the central NT/W2K fileserver becomes a terminal server and all
applications
> run
> on it there, while the remotes all become dumb workstations with no apps
> loaded
> on them, running Terminal Server client.  You should read the Microsoft
> literature
> sometime.  In a TS model the Domain Controller becomes unnecessary.
>
> By contrast UNIX is moving somewhat away from that model to a model where
> every
> UNIX workstation in the network is a full-blown UNIX system.
>
> Now, if your wondering how to exercise control to the Microsoft Domain
> Controller
> level in UNIX the answer's easy - you design the network like that.
Simply
> set up a
> central, massive UNIX server and make every PC in the place running a copy
of
> UNIX
> that runs an X-server, and when users login to those systems they get a
> desktop
> with icons that run X-programs on the central UNIX system.  This is a
> beautiful
> solution from a corporate network point of view because all user
configuration
> is
> on the central server and if a workstation dies then it's user isn't
offline
> for
> 3 days while all their apps and settings are reinstalled and re-setup.
> Instead the
> dead workstation/X-terminal is replaced by another X-terminal.  Licensing
is
> also
> easy because since your apps are on the central server you don't have to
> purchase
> hundreds of copies of - say - Microsoft Word, you just purchase ONE copy
of a
> wordprocessor and everyone runs it from the central server.
>
> What everyone is starting to agree on, however, is in a typical corporate
> network of
> office drones all running the typical Word/Excel/PowerPoint/Email
application
> on a
> Windows PC, that we simply cannot use that as a model long term, the
support
> costs
> are horrendous.  Instead the user-definable settings absolutely must be
taken
> away
> from the workstations and centralized.  Microsoft has realized this and
has
> Terminal
> Services as an answer, and whether you believe it or not TS is becoming
more
> and
> more used in the corporate network every day.  UNIX has always had this
model
> as an
> option.
>
> >I guess what I am trying to ask is can Unix live without Microsoft or
Novell
> >as far as authentication is concerned?
> >
>
> It's far more than about authentication.  In a large corporation you
simply
> cannot
> permit people to do things like saving files to the local hard disk,
saving
> e-mail
> to the local hard disk, it is just setting yourself up to be slammed in
the
> face
> when the users computers die.  You have to move as much of it as possible
to
> the
> central servers.  This is also why so many large companies are really
trying
> to sit
> on the idea of purchasing a ton of laptops.  In the most advanced
companies,
> they
> are funding broadband VPN connections from desktops at people's homes to
the
> corporate network, and for the roaming salespeople they are pushing Palm
> Pilots
> and WinCE systems on them, and trying to get rid of the laptops.  There's
> still a lot
> of holdouts of course, but most sales dogs I know once they switch over to
the
> lightweight Pilot they hate lugging the fat laptop around.  Another
extremely
> important
> point is in a sales meeting it's socially acceptable to slap out a Pilot
or a
> CE system
> and make a notation, you don't see people hauling out their laptops in
front
> of
> customers and flipping up the screen and making notes.  More and more I'm
just
> seeing
> the sales groupies when they go calling on a customer they lug along a
token
> laptop that
> runs the dog-and-pony show and that's the only one they take.  (and half
the
> time
> the D&P show either doesen't work or is inapplicable to what the customer
> wants
> to talk about and it's a waste of time to mess with anyway)
>
>
> Ted Mittelstaedt
tedm@toybox.placo.com
> Author of:                           The FreeBSD Corporate Networker's
Guide
> Book website:
http://www.freebsd-corp-net-guide.com
>
>
>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-newbies" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?02ba01c15324$4e241480$6760ff3e>