Skip to content
Welcome guest. | Register | Login | Add
About | Wiki | Legacy

Microsoft Introduce PowerShell -- So Why Don't They Go *NIX?

4 replies [Last post]
User offline. Last seen 11 years 35 weeks ago. Offline
Joined: 2006-03-10

Focusing purely on servers, not workstations....

Microsoft's now beating the drum again with vaporware. It's the cycle they go through when they want to make you think your stuff is so old and want you to purchase the new stuff that's worse than the old stuff. Here's their latest offering -- Windows Server 2008. But, it's in beta.

Notice that they brag up and down about a "powershell". In the future, to administer Windows Server, you may find it's faster to do it by command line, much like you do with Linux.

So one has to ask yourself a question. If Linux and other kinds of *nix are taking back the server room, and if basically you bring up a server for databases, web apps, and file/print sharing, and if Microsoft is trying as hard as they can to bring their server OS closer and closer to having the same points on a feature list as Linux, then what is it that CIOs and business owners should be getting with Microsoft Windows?

Simplicity? Not anymore. Linux is chipping away slowly but surely at that. Meanwhile, Windows is getting harder and harder.

Security? Microsoft's firewall is nowhere near as sophisticated as iptables on *nix. Microsoft also doesn't support SNMP v3 like Linux does.

Intercommunication? Microsoft's stuff only really talks best with Microsoft's stuff. Anything else is a hack. But grab any version of *nix since the dawn of SSH and SCP and most versions, from different vendors, and all will talk with each other with no issues.

Performance? Microsoft loads a bloated GUI on their server OS and you can't unload it and still make the server usable. Microsoft also has all these API layers that things have to go through in order to achieve a given task, whereas on *nix (and Linux especially), the API layers are fewer and thinner to accomplish the same things. Microsoft also still does a lousy job with memory compared to Linux -- go bone up on the differences between a "shared object" (so) file on Linux versus a DLL on Windows, and then look at their unloading pattern after so many minutes of idle time.

Cost? No, because they force you to have to keep upgrading every 3 years unless you want to get hacked or left behind. Plus, the culture likes to charge for all their tech support, whereas with *nix, they usually don't. Also, Windows STILL needs to reboot after installing certain items. If I install SNMP, or change a setting, I STILL have to reboot Windows. But not on Linux -- I can keep that thing up and bounce services all the time without a hitch.

Cool Factor? There's more innovation going on with Linux than there is with Windows.

Managability? I can automate the mess out of a bunch of Linux servers in a single Perl, expect, and/or Bash script, all from the comfort of my own workstation. It's far harder to achieve this with Windows. Not without a box of Visual Studio and some add-ons.

Stability? If need be in a crisis where I need to guarantee uptime, I can take a Linux server, unload everything but the Kernel, a small handful of device drivers, and Bash. Or, I can unload it all down except leave one service running and perhaps the mounted disk volume. But with Windows, most stuff is impossible to unload and reload (besides what you see in Services control panel) without a reboot.

When will the remaining stalwart pro-Windows CIOs of this world realize that you don't really get anything more with Windows than you do with Linux? In fact, you pay more and get less.

User offline. Last seen 11 years 35 weeks ago. Offline
Joined: 2006-03-10
Personally, I strongly feel

Personally, I strongly feel that Microsoft will purchase SCO at a bargain price and bolt Explorer and a few other app layers on top of SCO's UnixWare. I mean, Apple did it with BSD UNIX, and Microsoft has always had a pattern of copying things that Apple innovates.

I just don't think Microsoft will have a leg to stand on with their OS after their next big marketing push for Windows Server 2008. I can just see many CIOs and network admins rolling their eyes on it, then going out to purchase one copy of Linux and installing it on 15 new servers.

User offline. Last seen 12 years 14 weeks ago. Offline
Joined: 2007-06-29

Microsoft SNMP is outdated, but who uses that anyways, Net-SNMP works fine for Windows and offers SNMP v3 support.

SSH, SCP, and SFTP work fine on Windows. Just use FreeSSH and FreeSFTP. The later works with with FTPS as well, privided you generate server certs for the traffic. You can do that in Windows server, freeware tool with IIS resource kit, or OpenSSL on Cygwin. Also, with Microsoft, they can to transport mode IPSec, which encrypts things at layer 3, rather at an application level with SSL/TLS or SSH. Old school insecure protocols can be encrypted.

I am not sure what you mean about unloading stuff. You can use taskkill for that. There's other graphical utilities (free). For services, you have net stop/start. You can also use command line registry tools or Perl to edit out configurations in the registry to prevent stuff you do not like to load. You can also terminal into Windows 2003 through serial cable, and kill processes/services as well.

Intercommunication? Microsoft is actually more agressive on using standards in RFCs and many standards from ITUs. One format in email is BDAT, which has problems working with some e-mail servers or security appliances like Watchguard. At lot of ITU standards were just never implemented on Unix to a great popularity with a degree of adoption. Exchange platform is a plethora of ITU standards for X.400, and many of their libraries and concepts are modeled after than. RemoteDesktop is another ITU standard. NetMeeting uses another ITU standard. Active Directory is essentially Kerberos and LDAPv3. They got away from WINS and NetBIOS and went to DNS. Their implementation of WMI and products supporting it like MOM use WBEM standards, which is supported by Sun, and there's a freeware product OpenWBEM on this. So there are tons of solutions they use, but not many have the R&D resources to implement them. A lot of solutions in the past they home-grown, as there wasn't anything around, like COM and OLE. But what are they to do, destroy their platform to support CORBA? The whole .Net thing made sense for Microsoft because they have several runtime engines with multiple languages, which was an unmanageable mess. Java VM platform only supported one language, so they made .NET which can support ANY language including Java, C#, C++, Python, JavaScript, VB.NET, etc. and run on their virtual machine. The language C# and the runtime environment are released as standard by ECMA, as is JavaScript by Netscape. Mono is an implementation of .NET that supports ASP.NET (Apache), ADO.NET (mysql), and native Windows.Forms in X and runs on BSD, Linux, MacOSX, Solaris. Many of the XML technologies are supported on .NET and interoperate well with Java and other solutions, like on Perl, Python, TCL, etc.

Security? iptables blows most solutions away, but then who uses Windows firewall anyways, it stinks. Use ZoneAlarm, or IPSec policies to achieve the same result, and combine this with ACLs on multi-port firewall router.

Simplicity? Yes and No. Some Windows solutions automate complex technologies together. Active Directory, well, implement authentication through Kerberos that references a database and authorizes access through LDAP database secured through Kerberos, that have replication to x number of KDC/LDAP servers on Linux. The client side would have to be manually configured with to get a kerberos ticket into keytab file on each unique desktop, with SPN created on KDC, and re-wiring of PAM modules for authentication including SSH, and utilization of NSS modules for lookups with authentication through SASL (kerberos) for the lookups and have them cached. The level of automation would be difficult, and the roll out of unique keys is manual process (fortunately some of these chores can be automated with SAMBA 3.0.20 and above). Maybe setup host-to-host secure traffic. In Windows they can do this through IPSec and have it secured through passphrase, certificate, or kerberos. The certs or passphrase would need to be rolled out to every host that accesses that one server. On Windows all of this is automated. On Linux, you'd have to create your own solutions, probably using things like cfengine. On the topic of certificate solutions (PKI), OpenSSL is difficult. Try setting up multi-tier hierarchal PKI infrastructure, where you issue certificates, and have applications check against a CDP for revocations. On Windows, you can set this up with a few clicks of a GUI, have it integrated into ActiveDirectory (which this is using RFC standard for X.509 CDP and AIA data into LDAP) so that all clients know of the trusted root chain and don't plague users clients with dialogs about trust issues. So, in conclusions, yet more complicated, but same for Linux. An Apple ][e is more simple than Linux, but you don't seem people running to that platform.

Managability? This is funny, I can automate a bunch of Windows servers with a single Perl script as well, or VBScript (yuk). I use notepad, but I'm spoiled with Komodo. I can roll out installation of Perl on all corporate systems with Active Directory through GPO automation, as ActiveSate packages up Perl and Python in MSI installer (Microsoft's RPM variety but supports remote silent installs). With Win2k3, there's enough command line tools, vbscripts, and scripting libraries to do many of the same things. I prefer Perl, because I get all of the Microsoft libraries, I get custom Win32 perl libraries, and all of the rich Perl modules like Net::SMTP. If I want to, I could install SFU (free) for ksh93 functionality with several Unix tools, compile others, or run Cygwin for bash and expect, but, well, I don't want to because Perl.

Lastly, there's tons of tools, free, for Windows from Microsoft and third parties. Many of them are cross-platform. On Linux, everything comes from tons of different entities, all slapped together to create a solution. So in fairness you have to include the whole picture, third parties and Microsoft's solution for Windows, as Linux is a mixed of many different solutions.

User offline. Last seen 11 years 35 weeks ago. Offline
Joined: 2006-03-10
my response

"Net-SNMP works fine for Windows and offers SNMP v3 support."

Partially true. It does support v3 completely, but has another problem -- the SNMP data is not valuable. Net-SNMP works for Windows but doesn't provide HOST-RESOURCES MIB, which is pretty critical. This means you're not going to get info for CPU, memory, or disk space. However, you can get oodles of info back on the NIC data.

As for the rest, sounds like you really love Windows and living within the confines of how it operates. Okay, good for you.

User offline. Last seen 7 years 7 weeks ago. Offline
Joined: 2007-02-26
Young hearts run free
Joaquin wrote:

Lastly, there's tons of tools, free, for Windows from Microsoft and third parties. Many of them are cross-platform. On Linux, everything comes from tons of different entities, all slapped together to create a solution. So in fairness you have to include the whole picture, third parties and Microsoft's solution for Windows, as Linux is a mixed of many different solutions.

Are you noticing a trend in the amount of software not from MS making up your total system?

As a developer I found too often that innovation atop the MS platform required a budget sign-off from the boss and the solution would be limited. I installed GNU/Linux so I could do what I want. The community support and pace of development was already enough to make it a confident choice, now it's absolutely blasting ahead.

IT action is all about the Internet now and even VC's recognise GNU/Linux as a winning choice in colossal success stories. No doubt MS will plough on with a huge installed base, just like there's still lots of cobol out there, existing apps have huge inertia.

PS. Ubuntu server is one to watch if the progress of Ubuntu desktop is anything to go by.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.