118 linuxnewbie.org.gif 119 120 Wednesday, 05-Jan-2000 11:06:49 EST 121 Why I chose Windows NT over Linux 122 Written By: Skippy 123 124 This issue is nicely avoided in a Windows NT domain. "One account, one 125 password" is the method for domain security - if a user can log on, 126 they can get their mail (or rather, they aren't likely to be denied 127 mail access due to password discrepancies). NT domain user accounts 128 have only one network password for authentication, network browsing, 129 email, etc. Occam's Razor dictates that we avoid the unnecessary 130 complexity of the potential Linux solution for this. 131 132 Another concern is the fact that I have about a dozen users at a 133 remote facility. Windows NT's domain model allows me to drop a Backup 134 Domain Controller at this site. This will allow me to locate the 135 users' home directories on this server, as well as allow this server 136 to handle domain logon authentication; both of which help minimize WAN 137 traffic across the connecting T-1 link. 138 139 Linux requires that I either set up NIS/NIS+, or duplicate the 140 /etc/passwd file somehow in an effort to ensure that users from both 141 facilities can log on from either and still access the network 142 resources they need. Again, this is comparatively more complex than 143 the Windows NT solution. 144 145 MESSAGING 146 I'd been running sendmail on my personal mail server for some time. 147 It's complex, cumbersome, and sometimes just plain weird. Recently I 148 replaced sendmail with Postfix, which is far easier to configure and 149 supposedly less vulnerable. I have very little experience with 150 Microsoft Exchange, so any messaging system I choose to implement will 151 require a fair bit of effort on my part. 152 153 My first matter of business was to decide whether or not I wanted to 154 be responsible for client email. Should it be backed up? If so, what 155 makes the most sense - keeping all mail on the server, or configuring 156 a backup system to include workstations? I'd rather have the 157 workstations be fairly modular: all user data should be kept in their 158 network home drive, so a desktop failure can be quickly remedied by 159 dropping a spare machine on the user's desk. Local email presents a 160 hurdle to this. 161 162 So I planned on configuring my client workstations to use IMAP. Again, 163 a lot of research followed as I familiarized myself with IMAP. I'd 164 previously only ever used POP3. Outlook 2000 doesn't support IMAP, but 165 Outlook Express does. So I began fiddling around. It was about this 166 time that the password issues discussed above began to surface. It 167 then came to my attention that Outlook Express was caching the IMAP 168 folders and messages locally on the workstation. While this wasn't an 169 issue in regards to my backup strategy, it did present some security 170 concerns. If one user were to use someone else's desktop just to check 171 their email (not an unlikely thing to happen at all), the possibility 172 exists that an enterprising (and malicious) individual could read 173 their email from the locally cached copy of the IMAP information. 174 175 I haven't found any evidence that Outlook 2000 caches the information 176 stored on an Exchange server (as long as you're _not_ using personal 177 folders). So again, Microsoft comes out on top. 178 179 Exchange also provides me with Public Folder support. This allows me 180 to easily store (and make available) departmental communications, 181 memos, etc. I'm sure this same functionality is available from a Linux 182 solution, but I'm not aware of it; nor am I aware of whether or not it 183 is compatible with Outlook 2000 as the client component. 184 185 SUMMARY 186 I had quite hoped that I would be able to implement a Linux solution 187 for our information technology needs. Linux has a lot of things going 188 for it: stability, customization, low-cost. It's more secure, and 189 requires less hardware to function. I will almost certainly have a 190 Linux box in my office, to run an internal web server, use nmap, and 191 generally just fiddle. 192 193 I've been detailing why Microsoft Windows NT is earning my business. 194 But I have many complaints against it. I don't _want_ to have an 195 internet browser> installing NT. 196 197 I don't like the security vulnerabilities in NT. I don't like how 198 inflexible it is in regards to its function. I don't like having to 199 navigate what feels like countless nested windows in order to close 200 down my open TCP and UDP ports, only to be told that I need to reboot. 201 I don't like the Blue Screen of Death. 202 203 But the proof is in the pudding. We're not software developers, so 204 development tools aren't important to us. We're not running an 205 e-commerce site, so uptimes and internet security aren't key concerns. 206 We have modest requirements, and Windows NT fulfills them quite well. 207 Better, in fact, than Linux. 208 209 Linux is a great operating system, with a lot of power, and potential. 210 I truly regret the fact that I am not more skilled in it. But I don't 211 regret using a tried and true network operating system that will 212 fulfill my needs, and the needs of my users. 213