Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

German Foreign Ministry Migrates Desktops To OSS

Soulskill posted more than 5 years ago | from the saving-some-geld dept.

Linux Business 147

ruphus13 writes "Here's another example of 'German Engineering' — The Foreign Ministry in Germany is migrating all of its 11,000 desktops to GNU/Linux and other open source applications. According to the article, 'this has drastically reduced maintenance costs in comparison with other ministries. "The Foreign Ministry is running desktops in many far away and some very difficult locations. Yet we spend only one thousand euro per desktop per year. That is far lower than other ministries, that on average spend more than 3000 euro per desktop per year ... Open Source desktops are far cheaper to maintain than proprietary desktop configurations," says Rolf Schuster, a diplomat at the German Embassy in Madrid and the former head of IT at the Foreign Ministry ... "The embassies in Japan and Korea have completely switched over, the embassy in Madrid has been exclusively using GNU/Linux since October last year", Schuster added, calling the migration a success.' The Guardian has additional coverage of the move."

Sorry! There are no comments related to the filter you selected.

Yes. (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25594991)

If it's good enough for Nazis, it's good enough for me. Hey everyone: let's all be like Nazis! Make Hitler proud!

Re:Yes. (5, Funny)

Anonymous Coward | more than 5 years ago | (#25595009)

Dear Sir,

The chronometer in your time machine appears to be off by a few decades.

You apparently landed in the early 21st century, instead of the mid 20th.

I'm afraid a time machine repair shop won't be available for another 200 years. But hey, we have cable TV!

Re:Yes. (0, Insightful)

Anonymous Coward | more than 5 years ago | (#25595289)

Being "like the Nazis" is not always a bad thing. After all, Hitler did make the trains run on time!

Re:Yes. (2, Informative)

Tubal-Cain (1289912) | more than 5 years ago | (#25595317)

Wasn't that Mussolini?

Re:Yes. (1)

apathy maybe (922212) | more than 5 years ago | (#25595359)

Mussolini made them run on thyme...

Re:Yes. (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25595481)

Being "like the Nazis" is not always a bad thing. After all, Hitler did make the trains run on time!

Yeah, but he also made the big mistake of failing to exterminate the jews.

Re:Yes. (1, Insightful)

couchslug (175151) | more than 5 years ago | (#25597563)

"If it's good enough for Nazis, it's good enough for me. Hey everyone: let's all be like Nazis! Make Hitler proud!"

Be careful what you ask for. They gassed retards instead of modding them down.

Thats bloody beautiful (1, Insightful)

Anonymous Coward | more than 5 years ago | (#25595005)

I certainly hope more countries follow this lead.

Re:Thats bloody beautiful (5, Interesting)

zappepcs (820751) | more than 5 years ago | (#25595307)

Can we get a special tag for this. I mean it's getting to where this type of headline is more abundant than anything needing the suddenoutbreakofcommonsense tag. Perhaps that is the tag that needs to be applied? Well, maybe not. We could at least start tagging them with OSSWindowsSmackDownScore or something, right?

I don't know who is keeping score between Windows and F/OSS anymore, but it seems like newsworthy events when entire government branches, or governments, or countries smack down Windows in favor of F/OSS. Funny, I've not heard any stories that amount to "throwing the baby out with the bathwater" after any of these announcements. Does anyone know of such a story where switching caused great harm or fiscal problems?

Re:Thats bloody beautiful (5, Informative)

jbolden (176878) | more than 5 years ago | (#25595385)

Well, no one suffered great harm but some of the early switchers might have. IBM for example failed in being able to switch, they couldn't get their divisions coordinated well enough. Sun (which switched to Sun desktop) had problems with customers and file formats as well as secondary software (much to their embarrassment).

The most successful switchers were companies like PitBoys and Burlington Coat Factory that were SCO / Solaris shops and weren't on Windows to bgin with. Windows lock-in seems to work.

What is unique about Munich is that they have remained focused year after year on this goal. They missed their early deadlines but they kept funding the project and kept moving forward. They were determined to make it happen, they had problems and (and possibly still have) but they addressed them. So this isn't a "just another example" test case but rather the best example we have of a very large organization with a huge range of needs and without a high level of technical expertise in their staff that was determined to make the switch.

Re:Thats bloody beautiful (0)

Anonymous Coward | more than 5 years ago | (#25595525)

So what you're saying s that it cost much, much more than advertised to do?

Re:Thats bloody beautiful (1)

xaxa (988988) | more than 5 years ago | (#25596899)

So what you're saying s that it cost much, much more than advertised to do?

Who cares? So long as the long-term costs are reduced by the switch to Linux -- which they seem to be, at E1000 rather than E3000 per desktop -- that's worthwhile.

Re:Thats bloody beautiful (3, Insightful)

jbolden (176878) | more than 5 years ago | (#25597099)

Short answer: yes.
Long answer: They paid much more than they expected and got more than they originally planned. Being on the bleeding edge is expensive. On the plus side Munich's development is now plugged in to the broader community so they are able to take advantage of open source in the "if you don't like it change it" sort of way. Moreover, Munich has become a test case for lots of open source software so many other cities will end up having to do "Munich's way".

Comment: Once Munich finishes the big issue will be the rest of Germany switching over. That should take much less time and cost less per head.

German Engineering... (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#25595011)

Anyone else think Brooke Shields should stop suggesting people are having babies for German engineering? Doesn't that seem just... wrong?

Really? (0, Flamebait)

Recovering Hater (833107) | more than 5 years ago | (#25595021)

Is it really the " year of the Linux desktop"?

Re:Really? (2, Informative)

Bazman (4849) | more than 5 years ago | (#25595045)

Yeah. Did you read The Guardian article (actually The Observer)? It's dated June 22nd. Of 2003. Two Thousand And THREE.

Re:Really? (1)

Loibisch (964797) | more than 5 years ago | (#25595621)

Yeah. Did you read The Guardian article (actually The Observer)? It's dated June 22nd. Of 2003. Two Thousand And THREE.

Holy Shit, Bazman!

Rather outdated (5, Informative)

Anonymous Coward | more than 5 years ago | (#25595029)

The 'additional coverage' is from Sunday June 22 2003...

Re:Rather outdated (1)

Timosch (1212482) | more than 5 years ago | (#25595341)

I can also remember having read that a couple of years ago on heise.de

Re:Rather outdated (5, Funny)

Matt Perry (793115) | more than 5 years ago | (#25595951)

The 'additional coverage' is from Sunday June 22 2003...

They're still waiting on those Gentoo desktops to compile. They'll be ready for deployment "any day now!"

Re:Rather outdated (2, Informative)

KDR_11k (778916) | more than 5 years ago | (#25596841)

To be fair there is talk about how it has reduced maintenance costs, I suspect you don't get enough data to say that for sure until years later.

OSS is not cheaper (5, Funny)

Anonymous Coward | more than 5 years ago | (#25595031)

Just now Microsoft made a statement to the press...

"OSS is not cheaper to maintain for the following reasons"

1. Employees will waste that extra time they get not waiting for reboots instead of using it for texting & other 'social' activities.
2. We pay people to stick their fingers in their ears and say "La La LA MS is cheaper La La Laaaaa".
3. Any money left will encourage your employees to steal it.
4. Steve Balmer needs it to develop sweat-proof chairs.
5. Windows 7 wont have any of the existing lock-in as previous versions of Windows. It'll all be new kinds of lock-in.
6. ???
7. Profit (for us not you)

Re:OSS is not cheaper (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25595229)

I thought the headline was, "Open Source Software Aids Nazi Expansion."

so.. (0, Troll)

Keruo (771880) | more than 5 years ago | (#25595041)

On windows environment you use active directory and sus.

How do you centrally manage software installs and permissions on thousands of machines with oss?
Handful of servers is easy to handle but how are logins and home directories handled in environment this scale?

 

Re:so.. (4, Informative)

betterunixthanunix (980855) | more than 5 years ago | (#25595079)

Managing software installs, at least in Red Hat, is just a matter of setting up a local Red Hat Satellite repository. In Fedora, there is also Cobbler, which lets you spin a Fedora installer with customized software packages.

As for logins, there are a variety of mechanisms. You can go with old school NIS, or even just use Samba, which can be especially useful during migration when you will probably have a heterogeneous environment (assuming the migration is away from Windows). Also, there is autofs, which can automatically mount a network mapped home directory when a user logs in...

Re:so.. (1)

Keruo (771880) | more than 5 years ago | (#25595287)

> List price for Satellite server is $13,500 (USD) annually.

That system sounded too nice to be true at first.
Though I asked for OSS alternatives, let me rephrase, are there any FREE OSS alternatives for this task?
Is the only alternative to write shell script to ssh into every machine and do the install?

Re:so.. (1)

jbolden (176878) | more than 5 years ago | (#25595397)

All Linuxes come with package upgrade services that run. You simply point them at a local repository and the machines will self update on whatever frequency you want as part of your standard image.

Re:so.. (5, Interesting)

Keruo (771880) | more than 5 years ago | (#25595587)

Self-updating is not problem, apt-cron etc will handle that.

The problem is, I have new software which I need to deploy to 4000 machines overnight.
Do I really have to reimage 4000 machines to achieve that goal?
What about user files on those desktop machines? Reimaging would wipe them clear. (ok, home directory on separate partition/on network would fix this)

Having something automatically installed/uninstalled on machines centrally deployed is the problem here.

Re:so.. (1)

ILongForDarkness (1134931) | more than 5 years ago | (#25595753)

I'm sure there has to be a way. Clustering suites, say Sun's Grid Engine, or ROCKS http://www.rocksclusters.org/wordpress/ [rocksclusters.org] have utilities for pushing applications off to their nodes, you might be able to use that functionality in your environment. Also, not sure it is possible, but could you use kickstart (PXE) but rather than having commands to format the harddrive and install you just have to post install bit which you'd want to rcp the app over, run the installer and clean up for example. It would require a reboot but I think it should work.

Re:so.. (5, Informative)

Terrasque (796014) | more than 5 years ago | (#25595849)

At least the debian / ubuntu system easily support this, using meta packages.

you have an empty package, leys say blah-desktop-graphics that all employees working with graphics have installed. You want to install graphics program Foobar. You add Foobar to your local repository, and release a new version of the metapackage that depends on Foobar. So package manages sees "oh, new version of blah-desktop-graphics. Great, lets grab that. Hm, for that I need Foobar too, so lets grab that one, and install it."

Exactly how apt deals with new dependencies under updates can be configured, from ignore, to ask, to install automatically. Since you're deploying a default image, and have already pointed that image to your internal update server, it would just be a small additional step to set that option correctly. As a bonus you have 100% control over what gets pushed to your machines.

Re:so.. (0)

Anonymous Coward | more than 5 years ago | (#25596047)

mod parent up

Do you think RH doesn't have to do that? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25595979)

What do you think?

What.

A.

Moron.

Re:so.. (1)

BraulioBezerra (1321253) | more than 5 years ago | (#25596149)

Cluster SSH can be a good way. I never used it, though.

Re:so.. (1)

pembo13 (770295) | more than 5 years ago | (#25596209)

Seems like a simple script to login to each machine and run "yum update" would solve that issue.

Re:so.. (0)

Anonymous Coward | more than 5 years ago | (#25596301)

Create a meta package with the custom files you want to install on every computer and install that meta package on all the computers.

If you want to install another software, add dependency to your meta package so that it will require this new package to work and release a new version of the meta package. apt-cron etc. will try to install new version of the meta package, notice the dependency and install missing components.

Disclaimer: I have no idea if this would really work, but I don't see why not.

Re:so.. (0)

Anonymous Coward | more than 5 years ago | (#25596429)

This is possible. I'm a student at New Mexico Tech, and our computer center does exactly what you describe. The linux machines there check in nightly with a local update server, so when new packages need to be added, they can just be put there, and they'll be installed automatically at update time.

Re:so.. (1)

jbolden (176878) | more than 5 years ago | (#25597047)

You make whatever you have to deploy a package and have the machines update with your new package. Updating is install/uninstall you just change dependencies on some virtual package

Re:so.. (2, Interesting)

Bert64 (520050) | more than 5 years ago | (#25597065)

Well, stick with the custom repository, add your apps to it, and make sure that your update scripts also support retrieving a list of mandatory packages that need to be installed, so that anything new gets installed at the same time as any updates.

Re:so.. (1)

DrSkwid (118965) | more than 5 years ago | (#25597421)

I'd have them netboot over PXE and then there's just the morning spike to deal with. Department boot servers would deal with that.

The three terminals in my office boot PXE & I know that booting 64k blue gene nodes into Plan9 is possible. This lies somewhere between the two.

Re:so.. (3, Insightful)

rubycodez (864176) | more than 5 years ago | (#25595427)

puppet http://reductivelabs.com/projects/puppet/ [reductivelabs.com]

Re:so.. (1)

Keruo (771880) | more than 5 years ago | (#25595599)

This sounds like what I was after, Thanks for the link.

Re:so.. (1)

richlv (778496) | more than 5 years ago | (#25595465)

at least for some distros (primarily redhat heritage, also some suse capabilities) there's http://dag.wieers.com/home-made/mrepo/ [wieers.com]

there's also http://www.redhat.com/spacewalk/ [redhat.com] , the recently opensourced satellite spinoff - but it still requires oracle as a backend, so screw that ;)

Re:so.. (2, Interesting)

Falstius (963333) | more than 5 years ago | (#25595727)

Is the only alternative to write shell script to ssh into every machine and do the install?

Back in the day, I had a text file with the names of all of our machines. for name in `cat machinlist.txt`; do ssh $name yum install -y software; done

You don't even need a script.

Don't bother pointing out all the problems with that, I know. But it does work (once you fix the syntax errors).

Re:so.. (0)

Anonymous Coward | more than 5 years ago | (#25595801)

Put a debian package repository on a network that's accessible only via VPN (a'la OpenVPN), and then put an apt-get dist-upgrade invocation into a cron job.

Re:so.. (0)

Anonymous Coward | more than 5 years ago | (#25595097)

Directories and logins? Not a big deal even since the days of NIS/NIS+ and automounters.

Patching? Depending on the distro it's not that difficult to pull off.

The problem for me has always been replicating the functionality of GPOs. It is the Achilles' heel of Linux, OS X, and most other *NIX.

And yes, I know there's a commercial solution for OS X at least (Centrify), but then you start negating any cost advantages inherent in leaving MS.

Re:so.. (2, Informative)

Bert64 (520050) | more than 5 years ago | (#25597107)

What i always found amusing about windows policies, is that they're implemented in userland and trivially easy to bypass...
As an example, the one that prevents you from using cmd.exe
Take a copy of cmd.exe and run it up in a debugger, you will notice it checks a registry key to see if it's allowed to run, and displays an error if it's not. Well, hexedit the binary and break the check (just rename the key so it wont find it) and run the modified cmd.exe on a machine with a group policy that doesn't allow it... Running cmd.exe will get around the userland restrictions in explorer.exe that prevent you seeing certain drives too.

Now how stupid is this? Surely a more sensible approach is a kernel level check?

Re:so.. (4, Insightful)

IgnoramusMaximus (692000) | more than 5 years ago | (#25595505)

How do you centrally manage software installs and permissions on thousands of machines with oss?

This is a joke, right?

Where the fuck do you think Microsoft stole Kerberos and LDAP for their AD from?! We've been using the stuff AD is made of years before it was even a wet dream in Microsoft's diseased minds.

As to automated installs, every damn Linux distro has a package management system capable of being remotely scripted, and designed for mirroring via localized caches!

What a dork.

Re:so.. (4, Interesting)

Keruo (771880) | more than 5 years ago | (#25595745)

I know microsoft ripped kerberos and ldap to ad and crippled them while doing so.

Since this has been done years on unix systems, care to link a howto / etc documentation on deploying such system?
No, I don't mean guides explaining how to install kerberos and ldap.

I haven't been able to find guide on deploying active directory-like system with free software which would offer group policy features. When I already have groups deployed in LDAP, why do I need to script installers instead just defining policy to install software to that group?

Re:so.. (1)

Culture20 (968837) | more than 5 years ago | (#25596097)

When I already have groups deployed in LDAP, why do I need to script installers instead just defining policy to install software to that group?

Because of the Unix philosophy: do one thing and do it well. LDAP isn't a software installation system. Even AD's software installation pales in comparison to real software installation systems built for windows; AD can't even install an EXE file without scripting _and_ mandatory reboots (or encapsulating into an MSI).

Re:so.. (1)

mhall119 (1035984) | more than 5 years ago | (#25596317)

Getting the latest version of Samba is the easiest way, if all you want to do is replicate the functionality of AD. In the past I have replicated an NT4 domain using Samba and LDAP, back before they had AD functionality, it was remarkably easy and the Windows clients couldn't tell it wasn't an NT server.

I'm not exactly sure what you do with GPOs, so I don't even know if it would make sense in a Linux context. There are a plethora of ways to install software on your Linux workstations. Trying do apply the Windows installation method to Linux will only lead to disappointment, but if you use the Linux methods you will find them quite capable.

Re:so.. (4, Insightful)

IgnoramusMaximus (692000) | more than 5 years ago | (#25596589)

I haven't been able to find guide on deploying active directory-like system with free software which would offer group policy features. When I already have groups deployed in LDAP, why do I need to script installers instead just defining policy to install software to that group?

That is because of fundamental differences in the entire philosophy of Linux/FOSS vs. that of Microsoft. Microsoft aims to provide cookie-cutter, one-size-fits-all "solutions" whereby some doofus MSCE can read "AD for Dummies" and then click his way through system administration. It works, to a degree, in homogeneous environments which do not deviate in any way from "Microsoft Approved" designs.

Linux on the other hand is built around small, specialized components out of which a competent admin is supposed to construct a solution tailored to a specific environment. And the glue which links all of these components, which can be combined in a very large number of ways, is scripting.

That is why one cannot be a competent Linux admin without being also competent with a number of scripting languages. That is the price, but it is also the advantage as more demanding the deployment parameters grow, the more such approach becomes superior over the one-size-fits-all method.

So in effect you are asking for Linux to abandon all of its advantages and become "like Windows" just because you are too lazy to learn how to deploy it properly. And by this I do not mean reading some idiotic 20-step "how to" which cannot cover even a fraction of the possible configurations. By "learning" I mean understanding all the fundamentals of the system operation, learning all the involved scripting languages and being able to modify all the essential system scripts with thorough understanding of all the involved components.

And that is why such "how tos" are of a very limited use. There are "shortcuts", some of which were already pointed out to you - such as Samba, but they are intended for simplified scenarios whereby the scope of possible configurations is very narrow.

Once any serious sized Linux deployment is considered, a huge number of possible scenarios exists, beginning with basic considerations such as if to run the client systems via network mounted root file systems (in which case no home directory "roaming" exists) or if to deploy terminal servers or X-terminals etc and so on, all of which have impact on how users are authenticated and how their resources are allocated on the network, not to mention that LDAP and Kerberos are amongst many other ways of maintaining centralized user information. No "how to" guide is going to cover all of these complexities.

Re:so.. (1, Interesting)

Anonymous Coward | more than 5 years ago | (#25596873)

So what you're saying is that LInux isn't viable for small/medium sized businesses.

Re:so.. (2, Interesting)

IgnoramusMaximus (692000) | more than 5 years ago | (#25597117)

So what you're saying is that LInux isn't viable for small/medium sized businesses.

Only if small and medium businesses are restricted to hiring learning-impaired boneheads for all of their IT needs. A competent Linux admin can keep a far larger number of small businesses operational because as a reward for all the effort he spent learning how to do it he gets to automate and make reliable a far larger number of diverse systems then a Windows admin can, not to mention that his task is in the long run far less labour intensive (although there is a steep learning curve and up-front investment in good configurations and scripts).

I know this for a fact because I make a good living doing just that, having replaced a veritable horde of MSCEs over the years.

Re:so.. (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#25598123)

linux nerds think software should be more complex so sysadmin salaries are higher, reason #128 nobody listens to them

Re:so.. (1)

drinkypoo (153816) | more than 5 years ago | (#25598267)

linux nerds think software should be more complex so sysadmin salaries are higher, reason #128 nobody listens to them

The truth is that the complexity of Windows and Linux is really not the important issue; the important issue is what happens when you reach some point not covered by the existing system. When that happens on Windows, you have to contract Microsoft to fix Windows for you in most cases, because they don't give the code to just any asshole. With Linux, that is precisely the case... Asshole.

Re:so.. (1)

Bert64 (520050) | more than 5 years ago | (#25597155)

While i do fully agree with you, "replacing windows" is a simplified scenario and the scope of configurations is very narrow because as you pointed out, windows configurations do not deviate from "microsoft approved" designs...

So what people really need, are simple ways to migrate from windows to linux and achieve equivalent functionality. Yes, this will lose many of the benefits of linux, but it's a start. Once linux deployment is far more widespread, more people will be motivated to learn it and companies will see the benefits of using more highly skilled staff to set things up properly.

One step at a time...

Re:so.. (2, Insightful)

IgnoramusMaximus (692000) | more than 5 years ago | (#25597443)

So what people really need, are simple ways to migrate from windows to linux and achieve equivalent functionality. Yes, this will lose many of the benefits of linux, but it's a start. Once linux deployment is far more widespread, more people will be motivated to learn it and companies will see the benefits of using more highly skilled staff to set things up properly.

Unfortunately there is no way to do it. That is by trying to migrate the "functionality" of Windows to Linux one essentially has to ... emulate all of the Microsoft "technologies", which destroys bulk of the advantages of Linux. Efforts in doing so invariably result in sad, crippled, barely compatible, unwieldy "solutions" which do not conform to even the most basic of the best practices of the Linux world, and which serve only as an aid to Microsoft's marketing drones in pointing out that Linux cannot even hope to match Microsoft in all the Microsoft's most drooling of idiocies.

Examples of these include things such as Mono, various mis-guided "Exchange replacements", "universal" Windows/Linux "management solutions", etc and so on.

The hard truth is that there is no practical way to "easily" migrate from Windows to Linux (or to anywhere else for that matter). And that is so by Microsoft's design. Your only viable option is to re-design the system from scratch to take full advantage of your new platform.

Re:so.. (1, Insightful)

bertok (226922) | more than 5 years ago | (#25598021)

This snipped caught my attention:

...construct a solution tailored to a specific environment...

The thing is, I'm a systems integrator, and as a part of my consulting job I have worked on small and large projects at something like 100 different companies and organisations of all sorts. Do you know what I discovered?

Companies all have the same needs when it comes to IT.

They all have the same need for home directories, application deployment, patching, security, backup, and the like. They all run the same kind of applications for the same reasons. It doesn't change as much as people think from company to company. So why should I have to reinvent the wheel every time? Why shouldn't I use a pre-packaged solution which does exactly what everyone needs? Isn't that a huge waste of time and money?

Notice that the Munich project ran over budget.

This is why Microsoft is so hugely successful. They realised that people don't want to "do it themselves" unless it's a hobby.

Re:Have you tried google? (0)

Anonymous Coward | more than 5 years ago | (#25596757)

Out of curiosity, since you seem to know what you want, and you've asked the questions, have you considered simply firing up a web browser, pointing it at google, typing your query, and seeing what you get back? You've got me curious now to see how hard it would be to look up the answers to your questions, and how useful the information is.

Re:so.. (2, Insightful)

canuck57 (662392) | more than 5 years ago | (#25596835)

I haven't been able to find guide on deploying active directory-like system with free software which would offer group policy features. When I already have groups deployed in LDAP, why do I need to script installers instead just defining policy to install software to that group

First, quit thinking like Microsoft, their methods are ass backwards and overly complex. Look at a script as a hyper intelligent policy where you are in total control and not bound by the options presented to you.

Re:so.. (0)

Anonymous Coward | more than 5 years ago | (#25598039)

you get the software for free, so surely you can buy a book explaining this with the saved money?

Or do you manage 1000 Desktops without a budget?

Re:so.. (1)

glitch23 (557124) | more than 5 years ago | (#25595863)

Handful of servers is easy to handle but how are logins and home directories handled in environment this scale?

Use LDAP to integrate RHEL clients (and other distros too) with OpenLDAP, MS Active Directory, Fedora Directory Server, or Sun Java System Directory Server. Any one of those accomplishes a central identification and authentication repository. LDAP-based directory servers can handle millions of entries in a distributed (i.e. global) environment.

Re:so.. (1)

Culture20 (968837) | more than 5 years ago | (#25596043)

Active Directory -> openLDAP & kerberos
WSUS -> cfengine or something similar
The tinker toys are all in the box...

Re:so.. (0)

Anonymous Coward | more than 5 years ago | (#25596619)

Yes, there are many.

The obvious one is NFS+NIS.

You could also use the same active directories and join with kerberos. And you could serve the active directories with samba.

You could use a NBD.

You could set up your own apt repository (Debian/Ubuntu), create your own packages, and keep them synced with that...

But will it stick? (0)

elashish14 (1302231) | more than 5 years ago | (#25595073)

It's not just a matter that they're trying OSS - it's whether they'll stick to it. A lot of governments/other organizations try it out and end up switching back after a while. Good thing that they're trying it, but not the end all, be all. We can just hope that it goes well.

Re:But will it stick? (3, Informative)

rohan972 (880586) | more than 5 years ago | (#25595241)

From TFA: The Foreign Ministry in 2001 began migrating its back-end IT systems to Open Source in order to provide all embassies and consulates with Internet access and email. "Our strategy was to use as far as possible Open Standards and Open Source. Reduction of costs was the main reason for this decision." Upon completion of this project, the ministry decided in 2004 to also migrate the desktops.

It's 2008, 7 years since they started the migration, I think they're sticking to it.

Re:But will it stick? (0)

Anonymous Coward | more than 5 years ago | (#25595327)

Yes, because governments never make bad decisions, then hide them with false data/reports.

Re:But will it stick? (1)

rohan972 (880586) | more than 5 years ago | (#25595655)

Yes, because governments never make bad decisions, then hide them with false data/reports.

So are you saying they didn't really start migrating in 2001 or that they aren't really still using F/OSS now? Or did you just want to say something and couldn't come up with anything sensible?

Re:But will it stick? (0)

Anonymous Coward | more than 5 years ago | (#25597373)

No, that's not even close to what I'm saying. Let me say it another way since you seem to be having difficulty.

âoeIt's entirely possible the move to FOSS (in this instance) was a bad decision for one or more technical and/or financial reasons, but if you put out a glowing report then nobody knows otherwise. Problem solved.â

Re:But will it stick? (1)

YrWrstNtmr (564987) | more than 5 years ago | (#25596755)

It's 2008, 7 years since they started the migration, I think they're sticking to it.

Those are 5 words to remember.
It's never as easy as "dump Windows and install Foo".

Some more interesting tidbits from the article (5, Informative)

bomanbot (980297) | more than 5 years ago | (#25595115)

According to the article, the migration is already well underway. From the 11.000 desktops, 4.000 already are migrated to Open Source and about half of the embassies are on Open Source Software now. That explains where they get their maintenance cost numbers from, good to see that the cost savings seem to be real and backed by their own data instead of being estimates :)

They also started the switch a long time ago, according to article, the infrastructure switch started in 2001 and the decision for the destop migration was done in 2004, so I think they have some solid experience with handling Open Source now, which I think is good.

Re:Some more interesting tidbits from the article (1)

gbjbaanb (229885) | more than 5 years ago | (#25595351)

if only 4k of 11k are migrated, doesn't that mean they will announce even greater cost savings once the migration is complete?

The big question is - which desktop do they use? Suse, Ubuntu or Fedora? Gnome or KDE?

Re:Some more interesting tidbits from the article (1)

LingNoi (1066278) | more than 5 years ago | (#25595879)

That's really not the big question.. The big question is what do the users think..

Good for them (5, Insightful)

Vskye (9079) | more than 5 years ago | (#25595117)

Well, at least Germany had the balls to stand up to Microsoft and actually go with the GNU/Linux solutions vs most other countries and corporations that just do this to get a discount from Microsoft. Here's a good quote from the article:

The conversation between Ude and Ballmer was confidential, but anyone who knows the Microsoft CEO can guess how it went. Let us say negotiation is not his forte. Ballmer is no more designed for the art of persuasion than the Abrams tank is for delivering meals on wheels.

But there's still Gates, and the Gates Foundation (0)

Anonymous Coward | more than 5 years ago | (#25597073)

Ballmer is no more designed for the art of persuasion than the Abrams tank [is for something else]

Cute, but. That was almost a decade ago. In Europe.

Gates no longer goes around saying the poor don't need computers either.

And an Abrams can be quite good at persuasion. Deployed poorly, a tank is vulnerable. That doesn't mean you can laugh at the army behind it. Gates, Ballmer and Microsoft, are very very accomplished at persuasion. And more destructive than tanks. And more poorly reported on as well.

Now, in Africa, Bill Gates wields not just discounts, but also Microsoft international development funds, and most importantly, the Gates Foundation.
And is a renowned philanthropist, not the aggressive imperial CEO of an American monopoly.

Gates and Microsoft now have more leverage, more access, in much poorer countries, with more biddable public officials. And with vastly less US/EU oversight, legal and PR restraints.

Despite repositioning himself as a philanthropist, Bill Gates still doesn't view Microsoft's ongoing way of doing business as illegal or unethical. Still doesn't distinguish the general good from what's profitable for Microsoft. And still has great trouble recognizing conflicts of interest.

OSS has had a brief happy time the last couple of years, as Microsoft's efforts to lock in trusted computing had distracting birthing pains. But Microsoft never went away. Never became less aggressive, or more ethical.

Common sense to become common again (3, Insightful)

Yogiz (1123127) | more than 5 years ago | (#25595123)

Interesting. Does that mean that there are still reasonable people in the world? Even in politics?

Re:Common sense to become common again (0)

Anonymous Coward | more than 5 years ago | (#25597451)

You could be confusing politics and government. Something like this gets a few more headlines, and it may start to become a political issue.

Another small step. (0)

Anonymous Coward | more than 5 years ago | (#25595147)

The article made a fascinating speculation about the German software development culture and German culture in general. It was the reference to German geek culture that made me chuckle. What a site best documents numerically GNU/Linux progress on the desktop? A little competition for the big OS and software makers is good for everyone. - nicht wahr?

This is why they did it (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#25595151)

OSS is a secret project of the ITALIAN-German axis to spread their nefarious ices into our homes and base ball parks. Stop the ITALIAN menace before all our freedoms are gone! Everyone listen to me before it is too late! You know that guy on Snelling street with the loud dog? Yeah, I think he is an ITALIAN SPY. GODDAMNIT!

ddfdffd (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#25595173)

germany started world war 2. so it's not a good news!

Why Microsft products make sense in USA: (0, Flamebait)

Austyg (1388421) | more than 5 years ago | (#25595273)

Because Joe TwelvePak and Joe the Pluduhmber say so!

GNU/Linux (1, Interesting)

gQuigs (913879) | more than 5 years ago | (#25595293)

They know what GNU is, or at least use it by name. That's really the biggest story here.

Re:GNU/Linux (1)

nawcom (941663) | more than 5 years ago | (#25595477)

They know what GNU is, or at least use it by name. That's really the biggest story here.

You mean everyone doesn't use Ubuntu or PCLinuxOS? GNU? Whoever made this "Nuu" operating system probably copied Ubuntu.
</newbie ubuntu user stereotype>

Why this will never happen in other countries (5, Insightful)

jeevesbond (1066726) | more than 5 years ago | (#25595381)

From the Guardian article:

Another interesting aspect of the Munich decision is that it was not driven simply by cost savings, because industry gossip has it that Ballmer offered heavy discounts on Microsoft software to stave off the threat. This was also the case in the Ministry decision to plump for open source. According to a BBC report, Interior Minister Otto Schily said the move was motivated by a desire to improve security in the nation's computer networks as well as to save public money. 'We are raising computer security by avoiding a monoculture,' he said, 'and we are lowering dependence on a single supplier. And so we are a leader in creating more diversity in the computer field.'

(emphasis mine)

And this is why, ladies and gentlemen, we won't be seeing this in many countries outside Germany. They have a politician who knows what he's talking about, and doesn't pander to the whims of industrial lobbyists.

Re:Why this will never happen in other countries (1, Interesting)

Anonymous Coward | more than 5 years ago | (#25595559)

> They have a politician who knows what he's
> talking about, and doesn't pander to the whims
> of industrial lobbyists.

Ehm, let's just say some are less clueless. It might seem from 'the outside' that Germany politicians are not that driven by lobbyists but in fact they are. It's just that the German government cares very little about an American Cooperation.

In fact German politics are heavily influenced by German cooperations, for example in the energy or pharmaceutic politics.

Re:Why this will never happen in other countries (2, Interesting)

Anonymous Coward | more than 5 years ago | (#25595667)

Well Otto Schily is not the Interior Minister anymore, since 3 years actully.
And now he is on the board of a biometric security company. As the Minister he pushed for biometric details in passports. That should cover the lobbying part.

The open source thing is more liky to be a case of what we call in German: A blind chicken sometimes finds a grain, too.

Re:Why this will never happen in other countries (1)

surreal_fraction (1394297) | more than 5 years ago | (#25596157)

In fact Schily is not what I consider to be a good politician. He has won the Big Brother Award two times. But well this quote is the best I have ever heard of him. http://www.bigbrotherawards.org/ [bigbrotherawards.org]

Re:Why this will never happen in other countries (1)

Bert64 (520050) | more than 5 years ago | (#25597213)

The point with this migration, is that it proves what people have been saying...
Short term migration costs can be higher, but long term costs are a lot lower, and that it works on a large scale. Based on this, more migrations will happen, if not in government then in the business sectors. In the current economic climate, saving money and reducing dependencies on companies that may not be there in a few years makes a lot of sense.

And you wonder why OSS isn't more popular . . . (1, Informative)

Anonymous Coward | more than 5 years ago | (#25595439)

The biggest hurdle proved to be to convince the two hundred IT workers a(sic) the ministry. "Their issues were not technical. They just did not know anything about Linux and Open Source and we had to change their views. We took all of them on a crash course of using Linux servers and configuring Apache. There they discovered that it works."

Never underestimate foreign ministries (5, Insightful)

Kupfernigk (1190345) | more than 5 years ago | (#25595457)

In Europe, these have traditionally been where the most intelligent graduates went. They wrote the book on security. They are bright enough to realise that if they open a branch office in Obscuristan it is going to be easier to get a version of OO customised for the Obscuristani dialect than persuade MS to do it, and know their successors in 100 years time will still be able to read the files. And perhaps they have the smallest concern that the CIA might be able to get information via Windows backdoors.

The real story would be if they got the Interior Ministry to convert. In Europe, that (and the Agriculture Ministry) is usually where the deadbeats end up.

Re:Never underestimate foreign ministries (0)

Anonymous Coward | more than 5 years ago | (#25595737)

Too true! I don't know a lot about Germany, but certainly that's the way it is in the UK.

You have the FCO (foreign ministry), which is generally competent and is led by the man who will probably be the next leader of the Labour Party; and the Home Office (interior ministry), which is a bunch of idiots for whom the phrase "not fit for purpose" was coined, who believe that ID cards will stop terrorists and that recording every phone call in Britain will help fight crime, and is led by someone who only has the job because... er, actually, why the hell does she have the job? I dunno, maybe she's sleeping with Gordon or something. One of life's mysteries...

Re:Never underestimate foreign ministries (1)

ducomputergeek (595742) | more than 5 years ago | (#25596637)

NSA, it's the NSA that reads your emails

CIA will just write long reports about what you wrote....

Only Desktops? (1)

hdd (772289) | more than 5 years ago | (#25595511)

Why not laptops as well?

Re:Only Desktops? (4, Funny)

Liquidrage (640463) | more than 5 years ago | (#25595749)

I don't think laptops existed when this story was new.

2008 (4, Funny)

Crazyswedishguy (1020008) | more than 5 years ago | (#25595829)

Das Jahr des Linux Desktop-Computer.

Re:2008 (2, Funny)

xaxa (988988) | more than 5 years ago | (#25596987)

Das Jahr des Linux Desktop-Computer.

Shouldn't that be "das Jahr des Linuxdesktopkomputor"

Re:2008 (3, Funny)

Crazyswedishguy (1020008) | more than 5 years ago | (#25597697)

Shouldn't that be "das Jahr des Linuxdesktopkomputor"

You tell me - my username isn't CrazyGermanGuy!

"Computer" in German is "Rechner" (1)

jonaskoelker (922170) | more than 5 years ago | (#25597997)

It'd be "rechner", not "komputor". The word "desktop" in the non-computer sense translates to "Schreibtisch" (lit. "writing table", same as in danish).

I don't know which words Germans use to distinguish between desktop/laptop/workstation systems and servers/clusters/phones/*, though.

"Jahr des Linux an die Schreibtisch Rechner" =~ Year of Linux on the desktop computer. Not sure.

Can you say... (0)

Anonymous Coward | more than 5 years ago | (#25595897)

Get the Facts!

Has this anything to do with the Green Party? (3, Interesting)

atrocious cowpat (850512) | more than 5 years ago | (#25596515)

I wonder if this has anything to do with the (then, 2001, when this started) german Foreign Minister (Secretary of State) Joschka Fischer being a member of the Green Party.

The german Green Party has a tradition of rather sane maxims regarding IT. In late 1998 Germany elected a Social Democrat / Green Party coalition and 2001 seems like a reasonable date for the implementation of descisions made shortly after 1998.

This, of course, is pure conjecture, i'd be grateful if anyone from Germany had any background information on the reasons for the switch.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?