[TCLUG] linux VAR in Twin Cities

[Chad C. Walstrom]

On Tue, Nov 06, 2001 at 10:13:21AM -0600, Dave Sherohman wrote:
> Kochie.)  Currently about 80-85% linux, but Windows still has about a
> dozen machines in its grip.  (A dozen machines that are going to be
> looked at very closely in the very near future, thanks to a letter I
> received from Microsoft this morning "requesting" that we do a license
> audit.)

Go with Citrix MetaFrame XP.  Push out Windows desktop sessions to UNIX,
Mac, DOS, or Linux clients on a need-to-access basis.  

Other things to do: 

  * Shut off the Windows RDP protocol so that newer windows boxen can't
    request a session

  * Firewall off all incoming ports except the ICA ports through a DMZ
    of some kind.  Microsoft has this awful licensing algorithm that
    locks up client licenses for months at a time, and you don't want to
    have to dump more $$$ into allocating licenses.

  * Use a Samba server to push out home directories, shared directories,
    and printers to the MetaFrame server.  Users can then see all the
    same resources they do under Linux.

  * Set up static profiles for all users... NO WINDOWS ENVIONMENT
    CUSTOMIZATION.  This cuts down on the number of problems you'll
    have.  ** TRUST me on this one. 95% of the problems I had with a
    fully customizable profile environment was the custom profiles. **

  * Use Perl to massage bad Registry management by certain software
    packages, including Office 97.  Office 2k was supposed to be better
    about these things, but when you tie in static profiles, you still
    want to have *some* customization of the user environment.

  * Use Perl wrapper scripts to allocate "sessions" for per-use license
    restricted software.  I was able to convince a software vendor to
    sell me a 5-client license under the premise that I had a
    license-server to regulate concurrent use.

  * Create generic users based on job profile.  Provide the people with
    those job requirements with passwords to these users.  This is a
    second way to regulate per-user/per-use licensed software.  It
    guarantees that Jane Accountant only has access to the software she
    needs.

-- 
Chad Walstrom <chewie at wookimus.net>                 | a.k.a. ^chewie
http://www.wookimus.net/                            | s.k.a. gunnarr
Key fingerprint = B4AB D627 9CBD 687E 7A31  1950 0CC7 0B18 206C 5AFD

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20011106/3dbac8b6/attachment.pgp