+ Post New Thread
Page 6 of 12 FirstFirst ... 2345678910 ... LastLast
Results 76 to 90 of 177
Blue Skies Thread, Open Source Schools' Miles Berry offers a radical response to the ICT funding cuts in General; Originally Posted by TheLibrarian OK, we've got as far as GConf replacing Group Policy - how close to Group Policy ...
  1. #76
    monkeyx's Avatar
    Join Date
    Nov 2006
    Posts
    364
    Thank Post
    8
    Thanked 52 Times in 41 Posts
    Rep Power
    25
    Quote Originally Posted by TheLibrarian View Post
    OK, we've got as far as GConf replacing Group Policy - how close to Group Policy is it? Is it a good replacement? How granular is the control? Can I lock down the operating system as easily / well as Group Policy does?
    Gconf is very granular, defaults are also set from /etc/defaults and Linus is generally more secure in that the root level access is needed to make any major changes. There is also a commercial product called likewise that integrates with AD.

    Quote Originally Posted by TheLibrarian View Post
    The next thing to ask (or maybe should have considered this first as authentication happens before Group Policy) what replaces Active Directory? Again how good of a replacement is it?
    LDAP works very well for AD and Linux also supports LDAP. In fact LDAP existed on Linux well before it did on AD Authentication can also be done via samba to integrate with AD. There is no need to replace if you integrate ?

    Quote Originally Posted by TheLibrarian View Post
    Is there a WSUS equivalent?
    Yes it is possible to install a local update repository for most Linux Distros. These updates can be fully automated.

    Quote Originally Posted by TheLibrarian View Post
    Would we need anti-virus for the Linux machines?
    I would say yes to this as if using Samba then you will have access to Windows systems. There are free and commercial AV systems for Linux

    Quote Originally Posted by TheLibrarian View Post
    Are there systems like Policy Central / Securus available for Linux? Not necessariy free, because not all software needs to be free.
    Yes there are several free ones that include commerical support ie puppet and cfengine

    Quote Originally Posted by TheLibrarian View Post
    What's the replacement for RDP / Remote Help? VNC I suppose for RDP, but remote help? I know VNC can be used for remote help too, however I do not know if VNC can be made to ask the users permission before sharing the screen.
    Yes


    Quote Originally Posted by TheLibrarian View Post
    How are applications deployed in a centralised manner (GPO style, SMS, etc.)?
    There are several systems for this. WPKG does this, although I have not used it. Puppet and cfengine can do this I think. It would be fairly trivial to script installing apps.

  2. 3 Thanks to monkeyx:

    linuxgirlie (23rd July 2010), localzuk (21st July 2010)

  3. #77
    somabc's Avatar
    Join Date
    Oct 2007
    Location
    London
    Posts
    2,337
    Thank Post
    83
    Thanked 388 Times in 258 Posts
    Rep Power
    111
    I agree wholeheartedly with MonkeyX's points. Linux works very well authenticating with LDAP through PAM. Puppet has a very good rep and is due to support windows soon as well.

    Pluggable Authentication Modules - Wikipedia, the free encyclopedia
    LDAP/PAM - Debian Wiki
    Last edited by somabc; 21st July 2010 at 04:46 PM.

  4. #78

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,652
    Thank Post
    516
    Thanked 2,443 Times in 1,891 Posts
    Blog Entries
    24
    Rep Power
    831
    Quote Originally Posted by monkeyx View Post
    Yes there are several free ones that include commerical support ie puppet and cfengine

    There are several systems for this. WPKG does this, although I have not used it. Puppet and cfengine can do this I think. It would be fairly trivial to script installing apps.
    Didn't know about those 2, much appreciated - i'll add them to my list of things to investigate for our slow but sure move to linux.

  5. #79

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,174
    Thank Post
    284
    Thanked 773 Times in 583 Posts
    Rep Power
    335
    Quote Originally Posted by localzuk View Post
    You do save about 12 per machine as you don't need the desktop windows license. (Using schools agreement prices).
    Under Schools Agreement you have to count every desktop Pentium 3 upwards, no matter what operating system they are running or I believe even if they are just being used as terminals.

  6. #80
    TheLibrarian
    Guest
    Quote Originally Posted by TheLibrarian View Post

    Are there systems like Policy Central / Securus available for Linux? Not necessariy free, because not all software needs to be free.
    Quote Originally Posted by monkeyx View Post
    Yes there are several free ones that include commerical support ie puppet and cfengine
    Neither puppet or cfengine are replacements for Policy Central or Securus, these products monitor activity on the PC, watching for keywords etc. and when triggered will take a snapshot of the screen and post that screen and other relevant information on the Policy Central / Securus server.

    They are used as part of the Every Child Matters framework - although how this is going to be effected by the change of government I have no idea.

    Thanks for the other information though, if we can keep getting information like that, this thread could become useful instead of a huge (over done) debate about if it can be done.

    I've put my troll back under the bridge....

  7. #81

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,652
    Thank Post
    516
    Thanked 2,443 Times in 1,891 Posts
    Blog Entries
    24
    Rep Power
    831
    Quote Originally Posted by teejay View Post
    Under Schools Agreement you have to count every desktop Pentium 3 upwards, no matter what operating system they are running or I believe even if they are just being used as terminals.
    Only if you're buying desktop licenses... If you don't buy any windows desktop licenses under Schools Agreement then you aren't stuck with that...

  8. #82

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,174
    Thank Post
    284
    Thanked 773 Times in 583 Posts
    Rep Power
    335
    Quote Originally Posted by localzuk View Post
    Only if you're buying desktop licenses... If you don't buy any windows desktop licenses under Schools Agreement then you aren't stuck with that...
    Doh, yes, my bad.

    One question, what do you use to centrally manage deployments of updates to Ubuntu desktops and deploy extra software? I know there is Landscape, but that's a chargeable product I believe, are there any free alternatives? Edit: ignore that, I just scrolled up!

  9. #83


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by teejay View Post

    One question, what do you use to centrally manage deployments of updates to Ubuntu desktops and deploy extra software? I know there is Landscape, but that's a chargeable product I believe, are there any free alternatives? Edit: ignore that, I just scrolled up!
    The simples thing in my mind would be a script to 'apt get install X' that could ssh into many computers at once. updates are usually automated anyway.

  10. #84


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by TheLibrarian View Post
    OK, we've got as far as GConf replacing Group Policy - how close to Group Policy is it? Is it a good replacement? How granular is the control? Can I lock down the operating system as easily / well as Group Policy does?
    I wanted to add my 2p to this
    I don't think Gconf is a very good replacement for remote administration or group policies - more of default profiles I think. but with respect, you are thinking in terms of a windows admin, not a unix admin. Linuxes tend to need less in the way of locking down, a default user is already quite locked down in comparison to windows.

  11. #85

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,622
    Thank Post
    1,240
    Thanked 777 Times in 674 Posts
    Rep Power
    235
    Quote Originally Posted by CyberNerd View Post
    The simples thing in my mind would be a script to 'apt get install X' that could ssh into many computers at once.
    That's rather what I was thinking - it's sometimes difficult to get accross to people used to Windows machines that there's a simpler way to do software installs! I think that possibly Puppet is used for wide-scale automation of multiple machines, with scripting suport and so on, but would probably be overkill compared with a simple SSH.

    --
    David Hicks

  12. #86


    Join Date
    Mar 2009
    Location
    Leeds
    Posts
    6,580
    Thank Post
    228
    Thanked 854 Times in 733 Posts
    Rep Power
    295
    Quote Originally Posted by CyberNerd View Post
    I wanted to add my 2p to this
    I don't think Gconf is a very good replacement for remote administration or group policies - more of default profiles I think. but with respect, you are thinking in terms of a windows admin, not a unix admin. Linuxes tend to need less in the way of locking down, a default user is already quite locked down in comparison to windows.
    i find its more like the tools for locking down win98 (the name of which escapes me than a replacement for gpos

  13. #87

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,154
    Thank Post
    114
    Thanked 527 Times in 450 Posts
    Blog Entries
    2
    Rep Power
    123
    Just kind of thinking aloud, but one trivial thing that might help is to set a cron job that runs daily and checks against a server to see what needs to be done.

    If you schedule
    Code:
    wget  -qO- http://myserver.domain.name/thingstodo.sh | bash
    to run on each machine at a particular time then you can put whatever's needed in that script on the central server. You could have the script running regularly and it could include logic that decides what/if it needs to do based on time, machine name, whatever.

    (basically, what you're doing is fetching the text of the shell file from the server and piping it through bash - whatever it contains will be executed as if you'd type the commands locally)

  14. #88

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,622
    Thank Post
    1,240
    Thanked 777 Times in 674 Posts
    Rep Power
    235
    Quote Originally Posted by srochford View Post
    Just kind of thinking aloud, but one trivial thing that might help is to set a cron job that runs daily and checks against a server to see what needs to be done.
    SSH from the main server to the other machines would be more secure - that HTTP request is unencrypted and unauthenticated, a user on your network could examine the script going past (so any passwords used to do anything would be visible) or simply spoof the IP address of your server and replace your script with whatever they like.

    --
    David Hicks

  15. #89
    somabc's Avatar
    Join Date
    Oct 2007
    Location
    London
    Posts
    2,337
    Thank Post
    83
    Thanked 388 Times in 258 Posts
    Rep Power
    111
    Quote Originally Posted by dhicks View Post
    SSH from the main server to the other machines would be more secure - that HTTP request is unencrypted and unauthenticated, a user on your network could examine the script going past (so any passwords used to do anything would be visible) or simply spoof the IP address of your server and replace your script with whatever they like.

    --
    David Hicks
    Well you could use https or any other network transfer protocol scp, smb, nfs? SCP would be good as it is encrypted and you will know if the key changes in the event of a man in the middle attack.

    For Redhat / Fedora / CentOS there is spacewalk which is opensource and allows you to manage groups of machines.



    Spacewalk: Free & Open Source Linux Systems Management
    Last edited by somabc; 22nd July 2010 at 05:35 PM.

  16. 2 Thanks to somabc:

    dhicks (22nd July 2010), mark (22nd July 2010)

  17. #90

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,930
    Thank Post
    1,337
    Thanked 1,781 Times in 1,105 Posts
    Blog Entries
    19
    Rep Power
    594
    Love the idea of GConf, (but it is a bit WinSuite) ... just as I love Karoshi ...

    But, can someone give me a detailed breakdown of how they would get FOSS at this level into a 90 pupil primary school and how it could be looked after with minimal support by the school (think about the local support folk in commercial companies or local schools not having *nix skills or knowledge)?

SHARE:
+ Post New Thread
Page 6 of 12 FirstFirst ... 2345678910 ... LastLast

Similar Threads

  1. Open Source Schools presentation now available
    By GrumbleDook in forum BETT 2014
    Replies: 7
    Last Post: 6th January 2011, 11:32 AM
  2. open source schools
    By Face-Man in forum *nix
    Replies: 12
    Last Post: 1st September 2009, 03:39 PM
  3. Open Source, Outsourcing and Schools
    By Dos_Box in forum IT News
    Replies: 5
    Last Post: 6th March 2008, 08:34 AM
  4. Stockport schools take open-source route
    By CyberNerd in forum IT News
    Replies: 1
    Last Post: 23rd March 2007, 06:48 PM
  5. Open source in schools
    By kevinmcaleer in forum General Chat
    Replies: 14
    Last Post: 22nd December 2005, 08:52 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •