I'm a UNIX guy. Been doing Solaris and Linux commercially for well over a decade, and a bunch of other variants too. Always had a fair degree of contempt for Microsoft products, and anyone daft enough to try to run servers with them.

But the reality is that Sun^WOracle seems determined to shoot themselves in the foot, or at least to can the general-purpose-server side of the business in favour of database appliances. And while there's a fair bit of Linux work around, it sometimes pays to be flexible.

So I've been poking at Windows for server stuff. Specifically, Windows 2008 R2.

At home I've replaced the Debian system doing random house-server duties -- nothing heavy, nothing I couldn't live without -- with Win2k8R2 on the same machine. It's doing DNS, DHCP, and file service Just Fine and was significantly easier to get going than pretty much any UNIX. The DHCP client ties into the name server properly and it took almost no work to configure. This for someone who has never tried to do this stuff on Windows before.

The same machine has a second Win2k8R2 instance running inside Hyper-V for a sandbox. Again, complete doddle to set up. Much easier than virtualisation on Linux with Xen or KVM, and unlike ESXi it'll run on any random hardware with Windows drivers.

What I haven't done so far is build a Linux VM. I don't expect that would be particularly difficult, provided I stuck to the supported distributions (Red Hat derivatives and SuSE). And obviously I've not tried to do anything comparable to a full vSphere infrastructure.

At work I've built a couple of Win2k8R2 instances on opposite sides of our global WAN. Installed Active Directory Lightweight Directory Services (AD LDS) on both and got a multi-master replicating LDAP service going. This took... very little time. It's essentially just a matter of adding the LDS role to the base Windows installation, running the "New LDS instance" wizard, answering a few questions, then doing the same on the other box(es) but answering "replica" to the first question so it'll hook up to the original and establish replication.

Compared to doing the same with OpenLDAP or eTrust or iPlanet a few years ago it's incredibly easy. The tools provided for prodding at the directory are reasonable -- LDP provides both a tree-based browser and lots of debugging info -- and include all the command-line stuff you'd expect. And it'll tie into existing AD infrastructure via the userProxy object class so you can have your random application users authenticate against AD as required.

My sole complaint thus far is that it doesn't take schema files in the same format as everything else, it wants them as LDIF. A tool is however provided that'll do the conversion, and I merely need to sit down next week, go over nis.schema, and pull out the bits of it I need -- posixAccount, posixGroup, and whatever the netgroups object classes are.

There's a fair amount of arcanery involved in this stuff, but Microsoft seem to have done a good job of making it so that you don't need to be an expert to get the basics done. This is in stark contrast to your typical UNIX (or similar) vendor with moronic defaults and mandatory tweaking to make anything work.


Abort, Rephrase, Ignore?

October 2011

2 345678


RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags