Linux « 318 Tech Journal

Posts Tagged ‘Linux’

Apple Education Licensing for Microsoft’s Active Directory

Tuesday, October 25th, 2011

We have recently had a number of requests for licensing for Active Directory environments running Apple and Linux client computers. There seems to be a bit of a debate about whether or not you need one CAL (Client Access License) for each user or device in the environment, if the devices are Apple or Linux computers. The cause for the confusion seems to be Microsoft’s External licensing. External licensing only applies to computers that are not part of your network, but instead are outside of the network (e.g. coming in over a WAN). It can be frustrating because I’ve had multiple customers tell me that different resellers and even Microsoft sales reps will give them different answers, and that’s been going on for years. I’ve spent a good amount of time with the Microsoft licensing desks, our Partner reps and a number of others to figure out the correct answer.

Licensing CALs for onsite systems can be done in a couple different ways:

Per-Device: Each computer that is bound to Active Directory receives a CAL
Per-User: Each user that uses a computer that is bound to Active Directory receives a CAL

In an environment where there are many users per device, then per-device licensing is always going to be cheaper (unless of course there are more devices than users, which wouldn’t make sense in a many to one environment). In a one-to-one environment where users come and go (e.g. by transferring between schools), but the number of computers remains somewhat static, per-device licensing still works out better as it simplifies license allocation.

Per-User CALs for education environments typically run around $1 USD per CAL for students. Per-User CALs for educators that work in the environment and are bound in that same environment typically run around $8 USD per CAL. If the systems aren’t bound, then licensing is only based on users that access file and print services, or other services; however, this becomes a bit of a challenge to calculate unless you reactively look at triggers that can be generated. But because most environments now use Active Directory binding on client systems, the CALs end up becoming one-to-one about as quickly as the computers become one-to-one.

But you should most definitely not take this article as being the rules set in stone. There are a number of scenarios that can change the licensing situation (most of them have to do with not binding clients or running computers that are offsite and/or employee owned). Contact Microsoft’s licensing desk using the contact information here, or contact a reseller like 318 for more more information.

Will the future require CALs? In an increasingly iOS and Android world, there are a few issues to sort out in many environments (e.g. IIS vs. AD licensing). This has so far ended up being in a case-by-case basis. 318 is a Microsoft reseller and can help you through these complex licensing issues, if you need it. Please feel free to contact your 318 Professional Services Manager, or sales@318.com if you would like more information.

Tags: Active Directory, CAL, do Macs need AD CALs, Licensing, Linux, Mac Clients in AD CALs, Mac OS X clients, Microsoft, MS, RHEL, Ubuntu
Posted in Directory Services, Windows | Comments Off

Lion, SSH And Special Characters

Tuesday, August 16th, 2011

At 318, we spend a pretty good bit of time SSH’d into Linux systems from Mac OS X. Therefore, whether we’re loosing our color settings when SSH’ing into Ubuntu or unable to transfer files via SSH, when OS X has a problem with Linux/SSH, we notice it pretty quickly. One such problem that has come up since we started moving many of our client systems over to Lion is that special characters don’t work by default when using SSH. Which is funny because they’re so much easier to type in Lion.

This is due to a small setting in /etc/ssh_config. To correct the setting, open ssh_config in your favorite text editor. Then look for the following line:

SendEnv LANG LC_*

Then remove LC_* from the line. I like to use the reset command any time I make such a change:

reset

Tags: Command Line, edit, Linux, lion, Mac, os x, Special Characters, ssh, ssh_config
Posted in Linux | Comments Off

Suppressing the PHP Version

Thursday, April 28th, 2011

Yesterday, we looked at hiding the version of Apache being run on a web server. Today we’re going to look at suppressing the version of PHP.

By default, the PHP configuration file, php.ini, is stored at /etc/php5/apache2/php.ini (in most distributions of Linux) or just in /etc/php.ini (as with Mac OS X). In this file

vi /etc/php.ini

Then locate the expose_php variable within the file. Once found, set it to Off as follows:

expose_php = Off

Doing so will not improve the overall security of a system (unless you believe in security through obscurity). However, it is a good idea and will help defeat a number of vulnerability scanners. If you do suppress the Apache and PHP versioning information for the sake of passing a vulnerability scanner on a backported distribution of one of the packages then it would be a good idea to check the CVEs for the port you are using and verify that you are secure.

Tags: apache, backport, Linux, Mac OS X, php, suppress, suppress version number
Posted in Linux, Mac OS X Server, Web Development | Comments Off

Thinking Outside the Box: CrashPlan Pro

Monday, November 8th, 2010

There are a lot of organizations who are rethinking some basic concepts in Information Technology. One of these concepts is that you need to own, duplicate and even replicate user data between each of your sites so that you can have roaming profiles in Windows and mobile home directories in Mac OS X. For organizations with a large number of labs and users who roam between them, these challenges, which have dominated the infrastructure side of IT have been cumbersome for the past 15 to 20 years. But let’s rethink the “why.”

If you have labs, common in K12 and Higher Education but not so common in the corporate world, you need network home folders on the Mac OS X side, or its sister, portable home directories. On the Windows side, you need folder redirection. But a growing number of education environments are practicing the art of the one-to-one deployment, which strongly resembles what can be seen in the corporate world.

Between the big iron, massive SANs attached to the core switches licensing for DFS heads and the like, it can all get cost prohibitive. But we still do it because we think we need our data replicated. And some of us do. But one thing that we often say is that this data is not a backup. So if it isn’t a backup then how do we back these systems up. And if we do need to back these systems up then why are we also performing a layer of redundant synchronization? Does all of this result in 3 or 4 copies of the data, all in a from that cannot be reduplicated?

The end of the Xserve is nigh, and now for something completely different?

Awhile back, someone told me that you could back an unlimited amount of data up to the cloud for a price that was so cheap that I was stunned. There were a couple of products that I reviewed: CrashPlan and Backblaze. Both are pretty darn awesome. But the bandwidth to back 3,000 users up to someone else’s cloud can become pretty darn cost prohibitive. Enter CrashPlan Pro: you can host that cloud in your own location, or in multiple locations if you have the need to do so, and all on relatively inexpensive hardware, either leveraging the hardware that you already own or even the CrashPlan Pro appliances, rack mountable goodness that scales to store up to 72TB of data per unit, to store data that gets deduplicated before it gets copied to the device over the wire, providing substantial storage savings, not to mention reduced congestion on your wire (or wireless).

And to top it all off, CrashPlan Pro offers extensibility in the form of a REST-based API that allows building that which you may need but which the developers have not yet though (or more likely had time) to build. The API actually makes CrashPlan Pro a possible destination for Final Cut, amongst other things.

Oh, and did we mention the client can run on Mac OS X, Windows, Linux and Solaris?!?!

318 partners with a number of vendors to help you rethink your IT conundrum, leveraging the best advances of today and tomorrow. We are pleased to add CrashPlan as our latest, in a long list of valued partners. Contact your 318 Professional Services Manager, or sales@318.com now for more information.

Tags: backup, client, cloud, CrashPlan Pro, Linux, Mac OS X, Mac OS X Server, Windows
Posted in Mac OS X, Mac OS X Server, Mass Deployments | Comments Off

BRU Server 2.0 Now Available

Friday, July 24th, 2009

BRU Server 2.0 was released this week, offering a long anticipated update to the popular cross platform backup suite of applications. The main two features that the TOLIS group is highlighting include Encryption of backup target sets and client initiated backup.

Whether you are a BRU, Atempo, Bakbone, Backup Exec or Retrospect environment, 318 can assist you with planning, testing, verifying or restoring backups. Contact your 318 account manager today for more details.

Tags: backup, BRU, BRU Server 2.0, Linux, Mac, Windows
Posted in Linux, Mac OS X, Windows, Xsan | Comments Off

Article on Xsanity – Linux + Xsan

Tuesday, January 13th, 2009

After a long silence on Xsanity, 318 has published the first of a number of articles for the site. The article focuses on how to install and configure StorNext clients running Red Hat Enterprise Linux (RHEL) to connect to an Xsan. It is available here.

Tags: Linux, RHEL, StorNext, Xsan, Xsanity
Posted in General Technology | Comments Off