1 linuxnewbie.org.gif 2 3 Wednesday, 05-Jan-2000 11:06:40 EST 4 5 Why I chose Windows NT over Linux 6 Written By: Skippy 7 8 INTRODUCTION 9 I'm an information technology professional with several years of 10 experience. I earned my MCSE early in 1999, as a means to help further 11 my career. I'd been fiddling with Linux at home for only a couple of 12 months, at that time. In the months between then and now, I've learned 13 an awful lot about Linux. I'm no expert - not by any stretch of the 14 imagination - but I'm pretty comfortable with what I need Linux to do. 15 16 I should qualify the statement above by stating that I'm not an expert 17 with Windows NT, either. I've got a certificate that says I passed six 18 exams successfully. I do feel competent with NT - more so than with 19 Linux, actually. I see a lot of strengths and weaknesses with both 20 products, and advocate each in their own capacity. 21 22 I recently obtained a new job - designing, installing and supporting a 23 network for a medium sized company with _no_ information technology 24 infrastructure currently in place. A network engineer's dream come 25 true: the chance to build my own network from the ground up. I am 26 responsible for all of the technical decision making - desktops, 27 servers, office suites, email packages, security, backups, training. 28 Everything. 29 30 As an MCSE, I can spit out a recommended Windows NT domain model in no 31 time flat. One PDC and one Exchange server at the main facility, a BDC 32 at the remote office, and either Windows 98 or Windows NT Workstation 33 on the desktops. However, the organization is a non-profit, and since 34 I have some experience with Linux, I wanted to evaluate the viability 35 of an Open Source solution. Further, the licensing costs of Microsoft 36 products can be nicely side-stepped with a Linux implementation. 37 38 CLIENTS 39 Although I have experience with Linux, my users don't. And I don't 40 have enough experience to feel comfortable supporting 50+ users with 41 things like X Windows (which I can barely get to run myself!). So I'm 42 fairly adamant about installing a Microsoft operating system on the 43 client desktops. These days, most users have a PC at home, so the 44 familiarity of Windows 9X, or the similarity of Windows NT 45 Workstation, works in my favor. 46 47 If I had chosen a Linux solution for end user desktops, then I would 48 need to evaluate an office suite. The bulk of my users will be using a 49 word processor, a spreadsheet package, some email, and the occasional 50 presentation. StarOffice 5.1 comes to mind as a free, robust, capable 51 package. But the catch is that StarOffice is only free for 52 non-commercial use. Since we're a business, we're still obligated to 53 pay for licenses to use the software. 54 55 If I'm going to pay money to use a software package, then I want to 56 ensure that there are ample support resources available to me in order 57 to support my end users. If someone experiences some bizarre anomaly 58 with Microsoft Office 2000, I can quickly consult TechNet, or the MS 59 Knowledge Base, or ask any number of people (professionals and lay 60 people) who use MS Office regularly. If an issue arises with 61 StarOffice, where do I turn to for in-depth support information? How 62 long will it take me to get comparable answers? How long will my users 63 have to suffer downtime while I chase down the limited support options 64 for StarOffice? 65 66 Further, Microsoft makes the Office Resource Kits available, allowing 67 me to really customize my Office installations, as well as provide me 68 with some helpful troubleshooting tools. To the best of my knowledge, 69 no such thing is available for StarOffice. 70 71 And finally comes the issue of training. If I were to install 72 StarOffice (or any other Linux-based office suite), who can I hire to 73 conduct professional training sessions for my users? I can only think 74 of one place in Columbus, Ohio, who might be able to accommodate me on 75 this, and the lack of competition suggests that pricing may be higher. 76 Otherwise I'd have to conduct in-house training for all of our users. 77 And if I'm busy training users, how much other work am I free to get 78 done? 79 80 NETWORKING 81 I was familiar with Samba from my own Linux network at home, but only 82 for workgroup based sharing. I eagerly started learning as much as I 83 could about Samba, and its capacity to act as a Windows NT server. The 84 connectivity itself was easy enough to implement. After a couple of 85 false starts, I was quickly using my Linux test server to authenticate 86 domain logons from my laptop. I configured the Linux box as a WINS 87 master browser, and network browsing was working just fine. 88 89 My first real snare came when I tried to change my network password 90 from my Windows 98 laptop. The change would never take. I did a little 91 more researching (scoured the included Samba documentation, asked my 92 local users' group, etc) but found no evidence that password changes 93 from a Windows 98 client were supported. I'm told that Windows NT 94 Workstation can accomplish this necessary task, but I have not tested 95 it myself. 96 97 After a little more poking around, I realized that Samba had no 98 capacity to expire passwords. The Linux logon account would properly 99 expire if I were to try to log on from the server console, but Samba 100 happily authenticated expired accounts without complaint. This is, 101 quite simply, unacceptable. One of the main components of network 102 security is password security. One component of password security is 103 mandatory password expirations. If my network can't require users to 104 change their passwords every 45 days, then passwords are nothing more 105 than a formality. 106 107 I began to toy around with the idea of implementing some sort of 108 kludge - a counter in the logon script, maybe - to get the Linux 109 system to force a password change. But the more I thought about it, 110 the more concerned I became at the amount of obfuscation involved with 111 such a process, and the fact that it could foul up. The Linux user 112 account had one password, and the Samba account had a password. They 113 should normally be synchronized, but the fact that there was a 114 possibility that they could become disparate was bothersome. This 115 meant that a user could, for example, authenticate a logon but be 116 denied email access. Or vice versa, conceivably. 117