|
Unix has always been a dirty word in Redmond. Microsoft's
spurned love affair with Unix through its Xenix product gave way to the NT days when the
company tried to pretend Unix didn't exist. It took several iterations of Windows before
Microsoft officially acknowledged Unix's presence with the release of Services for Unix.
Even then, this add-on pack for NT 4.x appeared to be as a means for accessing an outmoded
legacy system rather than as a peer-to-peer connectivity tool.
Don’t ignore Unix
A spin-off from Windows support for the Internet does mean that there is native Unix
support with the incorporation of TCP/IP and File Transfer Protocol (FTP) in Windows
clients and server support through NT's Internet Information Server (IIS). But this is
baseline connectivity and very tedious. Customers' needs and the irresistible pull of the
Internet mean that Microsoft can't ignore Unix but the company's apparent reluctance to
fully support it within Windows has left the field open for third party solutions.
Attachmate, Netmanage, WRQ and Wall Data have all been making healthy profits from TCP/IP
suites for Unix integration, but the philosophy behind Windows is ease of use. If
Microsoft really is the customer-driven organisation it professes to be, its operating
system should slot neatly into existing corporate IT infrastructures with the minimum of
fuss. The maturity and wide acceptance of Unix has made it Microsoft's primary target and
the rise of Linux has proved that there is still plenty of life in that market.
Closing the features gap
In the corporate business systems field, Unix has been the workhorse that makes Windows
look like a Shetland pony in comparison. Over the last decade Microsoft's mission has been
to expand the feature list and capabilities of NT to match and, hopefully, surpass those
within Unix. With the launch of Windows 2000, Microsoft feels it has closed the features
gap – in terms of 32-bit Unix at least – but more than this it sees the addition
of Active Directory as the killer feature that will tip the balance to make the enterprise
network Windows-centric.
The aim of supplanting Unix has matured from confrontation to infiltration and one of the
levers will be Windows Services for Unix 2.0 (SFU2) which is slated to appear in mid-May
in the US – two or three weeks later for the European market. In its original form
SFU was a gateway for interfacing the dissimilar worlds of Unix and Windows but SFU2 uses
Windows 2000's latest features as tools to annex Unix as a satellite of Windows. SFU1
offers the basic tools to support the Unix/Windows interface: file sharing, terminal
access through Telnet, unified password management, and a limited Korn Shell to allow
automated administration scripts for the Unix network to be executed from Windows. SFU2
consolidates this support but expands password management to allow Unix and Windows
accounts to be synchronised by centralising support within Active Directory.
The philosophy behind Active Directory is to consolidate user and resource information to
simplify network management. It is a major addition for Microsoft but in the face of
competition from Novell Directory Services (NDS) and other LDAP implementations it cannot
be effective if it only provides support for Windows 2000. The solution from Microsoft's
perspective is to make Windows a focal point for mixed networks. This is apparent through
SFU2's account management features.
Unix management is based on its hierarchy of Network Information System (NIS) servers and
the Achilles' heel is the primary NIS server at the apex of this pyramid. SFU2 replaces
the primary server with a Windows 2000 domain controller and any queries from Unix clients
or secondary NIS servers are routed to it. Before Windows can take over the duties of the
NIS server, data has to be imported from Unix source files for which a wizard is supplied
to find and translate files such as /etc/passwd into Active Directory records. The
directory then controls password synchronisation so that any changes made in the Windows
NT and 2000 or Unix environments are universally implemented. It also means that Unix and
Windows user names can be cross-matched and used as a basis for seamless access to
services in either environment.
Synchronising to the Windows environment poses no major problems but the concept breaks
down when the more stringent security rules within Unix come into play. Unix passwords are
case sensitive and cannot be dictionary words. When synchronisation takes place the Unix
server may reject any Windows passwords that don't comply with the latter condition and
logons will be rejected if case rules are not stringently followed. In Unix environments,
such as Linux, where this is the case, the only solution is to impose Unix rules on
Windows platforms which means another clause in the policy document for users to follow.
In use, the SFU gateway has plenty of work to do because any files requested through the
Unix NFS (Network File System) have to pass through the Windows 2000 server before
delivery to the client. This not only suggests that a dedicated server should be used for
the gateway but it also provides a single point of failure, an undesirable feature where
mission critical applications are concerned. This could be counteracted by implementing
the gateway on clustered servers but, given the workload involved, it would be better if
both servers were dedicated to supporting Unix connectivity. UK prices have yet to be
announced but in the US the licence cost will be $149 per server. This brings up the
question of whether a dedicated cluster can be considered to be a single server or whether
Microsoft will insist on strictly imposing its licensing.
In favour of Unix
Windows may be gaining greater interest as an enterprise-wide operating system but many of
the larger sites targeted by Windows 2000 are based on a legacy of mission critical
applications – and a legacy system is best defined as one that works. These
applications have been developed over several years and have won the confidence of their
users and support teams. There may be a desire to move to Windows but there is still a
perceived risk despite Microsoft's efforts to dispel the reputation of Windows as being
unreliable. Unix-centric corporates do not feel a need to stampede into the Windows 2000
environment, if only for the conservative adage "if it ain't broke don't fix
it".
Microsoft cannot be blamed for looking at IT through its own end of the telescope
especially where Unix integration depends on satisfying specific needs of the wide product
range that falls under the umbrella of Unix. For many companies it's not so much a case of
integrating Unix with Windows as integrating Windows within Unix, where Unix is the
primary system and Windows is the terminal access medium. In this area the third parties
excel – and the main operating system is one of the many flavours of Unix supported
by manufacturers who are looking after their own investment in the face of Microsoft's
onslaught. Many of these "Microsoft-friendly" manufacturers, such as Compaq and
Hewlett-Packard, have integration policies and products that take a more realistic view of
the corporate world.
SFU2 is an inexpensive patch that provides a bridge but adds little to the first iteration
of Microsoft's NFS access suite and nothing to the physical integration of Windows and
Unix applications. The main attraction is the addition of management features that take
advantage of Active Directory but this will only really help those who wish to access
their Unix files as transparently as possible while migrating applications to a Windows
environment. If you plan to keep Unix for years to come, look elsewhere.
Please note, part 2 of this article follows shortly.
> |
