LAC- MMC for UNIX, Linux and Mac Administrators « Krishna Ganugapati’s Weblog

LAC- MMC for UNIX, Linux and Mac Administrators

Our solutions Likewise Open and Likewise Enterprise are deployed in large enterprises – the Fortune 1000/Global 2000 represents our target audience. Every now and then (more now than then ) I fly down to meet with the customers and articulate our product road map and clarify specifics on the product.

Once in a while, I get the sense that the UNIX administrators may be concerned on whether they will be losing some degree of control once they join their systems into Active Directory.

The fact is that rather than lose control, the UNIX administrators get to be significantly more empowered than they were before.

An organization tends to consider consolidating its non-Windows systems into Active Directory only if it already has Active Directory as it primary NOS authentication infrastructure. As a matter of fact, that’s part of our qualification process. We tend to engage with customers who already have a significant Active Directory deployment and broad expertise in Active Directory.

These organizations also have a sizeable Linux or UNIX environment. One interesting trend is that whereas you see a overwhelming number of Windows systems in the corporate intranet – make sense – Windows is currently the only corporate desktop (love to see more Macs and Linux desktops, but that’s another post), its not that simple in the corporate extranet. By my anecdotal measure, you can see almost a 50-50 split of Linux/UNIX vs Windows in the extranet. And that also makes sense. Java, IBM Websphere, Apache, WebLogic, Oracle, DB2 are well established Web platforms. This is where LAMP is big and for good reason. It is not unusual to see extranets with a couple of thousand non Windows servers.

Typically the Windows servers in the corporate extranet will be joined to an Active Directory forest. The Linux/UNIX servers are usually configured in a pretty adhoc fashion. We’ve seen environments where customers maintained over thousand servers with local password databases. Many times we find the UNIX servers integrated into NIS or the Linux servers integrated into an OpenLDAP server. The end result is usually not pretty – an administrator can have several accounts on several machines and account control is usually non-existent.

Whatever the reason, the powers-that-be in the organization decide that its time the non-Windows system into Active Directory. These days we rarely explain the value proposition to customers.We’re usually contacted with customers asking us very specific questions about our product. Consolidating non-Windows systems into Active Directory is mainstream demand fullfillment business (a good place to be) rather than a demand generation business (a bad place to be)

Back to our UNIX administrator. He’s rather concerned about whether this will restrict his ability to manage his systems. He’s seen the product work. He is intrigued by the ability to login with his Active Directory credentials – he no longer needs to handle password resets one of the more time consuming aspects of his job. He just needs to provision the UNIX attributes for his users. He also loves the fact that he can set up a sudoers file and store it as a group policy object and the Likewise group policy agent will just push the appropriate sudoers file to the right set of computers.

“Fine. This is all pretty neat. But this still means that I need a Windows computer to provision the UNIX attributes for my user. And I’m not a huge Windows fan.” says our sceptical UNIX administrator.

Well. Guess what! You don’t! In Likewise Enterprise 4.0, we built the Likewise Administrators Console. Its an analogue to the Windows MMC console with one huge difference. LAC will run natively on Windows, Linux and the Mac. So instead of having to go to a Windows machine to set the attributes on your Active Directory user object, you can fire up LAC on your favorite desktop Linux and install the Active Directory Users and Computers plugin and manage any and all objects in the directory under your control. You can also run the LAC Cell Manager plugin and manage any cells you might have created.

You, the UNIX administrator, have the same calibre of tools that the Windows system administrator has to manage his Windows servers. Rather than relegate the Linux/UNIX servers to a small minority, Likewise Enterprise and LAC helps you plan an expansion of your UNIX infrastructure in a AD environment.

Wouldn’t you say this is goodness?

June 10, 2008 - Posted by kganugapati | Likewise, Likewise Open, MMC, Uncategorized | Likewise Open, MMC, UNIX, Linux, Mono, Active Directory, Likewise Enterprise | 1 Comment

1 Comment »

GREAT! That’s what we were waiting for!

Comment by leonardo corato | July 21, 2008 | Reply

« Previous | Next »

About Krishna Ganugapati

Krishna Ganugapati is Vice President of Engineering at Likewise Software Corporation where he is responsible for the design, architecture and engineering efforts of all products at Likewise.

Krishna has over 15 years of experience in the software industry most of which was at Microsoft Corporation where he served in several product and technology leadership positions. He left Microsoft in 2003 at which time he was architect in the Windows Real-time Communications Group.

As architect in the Office (erstwhile Windows Real-time Communications Group) Real-time Communications Group, Krishna was responsible for technology evaluation and review for real-time communications technologies including and not limited to SIP as a control channel, instant messaging, presence, voice and video over IP for real-time delivery, application sharing and white-boarding. He evangelized a unified SIP endpoint model for all media and application layer data protocols within Microsoft which is the basis for the real-time communications and collaboration platform in Windows Vista.

Prior to that, he was development manager of the wireless product unit in Windows Networking and Communications Group where he conceived and led the development of several wireless technologies in Windows including the wireless 802.1x authentication system, the wireless zero configuration architecture and the native WiFi architecture for software access points. As development manager in the Windows wireless product unit he was responsible for all technology vision, strategy and execution of products. The wireless zero configuration feature was touted as one of the most compelling in Windows XP and spearheaded unprecedented growth for wireless broadband communications.

Prior to that, Krishna led the development effort for a slew of network security technologies including IPSec. He led the joint Microsoft-Cisco development in 1998-2000 to produce the first widespread implementation of the IPSec standard in Windows.

From 1993-1997, Krishna was member of the Windows Distributed Systems Group through the inception and delivery of Active Directory in Windows 2000. Krishna was the principal engineer and inventor of the Active Directory Services Interfaces which continues to be the principal means of accessing the Active Directory.

He holds a BS in Computer Science from the University of Mysore, India and an MS in Computer Science from Virginia Tech.

Archives
- June 2009 (1)
- May 2009 (1)
- April 2009 (1)
- March 2009 (5)
- February 2009 (7)
- January 2009 (3)
- December 2008 (9)
- August 2008 (1)
- July 2008 (1)
- June 2008 (6)
- May 2008 (2)
Categories
- DCE/RPC
- Group Policy
- Likewise
- Likewise Enterprise
- Likewise Open
- LWIO
- Mac OS X
- Microsoft
- MMC
- MSRPC
- Named Pipes
- RDR
- SMB
- sustained competitive advantage
- Uncategorized
- unfair advantage
- Windows Explorer
  - File Server
RSS
Entries RSS
Comments RSS

Krishna Ganugapati’s Weblog

Making Linux systems first class citizens in a Windows Network