[KLUG Members] Drive Shield/Deep Freeze for Linux
Mike Williams
knightperson at zuzax.com
Tue Jun 7 14:14:04 EDT 2005
>
> ------------------------------------------------------------------------
> From:
> Adam Tauno Williams <adam at morrison-ind.com>
>
>
>>>>>Two problems with that (at least before we have to take this over to
>>>>>advocacy): 1) In most cases you CAN install stuff on a Windows box
>>>>>without being an administrator,
>>>>>
>>>>>
>>>Only if the local admin hasn't bother to configure a policy (it isn't
>>>hard). I have lots of 2000/XP boxes and the user can't so much as
>>>install a browser plugin.
>>>
>>>
>>Guess I need to brush up on my AD (which I needed to anyway, but getting
>>caught being wrong makes it a little more likely I'll actually do it.)
>>Seems like it should be the default, though, not something you have to
>>add. And in Linux you can lock down a non-networked workstation. GPO's
>>require an AD server.
>>
>>
>
>You don't need AD to do policies. NT supported policies, and they can
>even be setup on a local machine. We use NT4 policies from a Samba 3.x
>LDAPSAM PDC. It *IS* possible to do GPO's from a Samba 3.x PDC
>apparently (I'm told from a very reliable source) but the process hasn't
>been documented yet. Just grab a copy of poledit.exe and the adm files
>of the web or your NT CD and you can setup policies point-an-click.
>
>
I tried the samba PDC and roaming profiles thing a while ago. It mostly
worked, but I didn't like it. Two independent and mostly incompatible
security models makes it kinda messy. pGINA and Services for Unix (NFS
client) on the XP box, and a good LDAP server (which I still haven't
implemented) on the Linux server seems to be the way to go.
>
>
>>The game that comes to mind is Age of Mythology, written by Ensemble
>>Studios, a subsidiary of Microsoft themselves! It's quite recent, but I
>>don't know for sure if it has the 2000/XP sticker or not.
>>
>>
>
>One shouldn't take "subsidiary" to mean anything more than 'owned by'.
>Subsidiary-ness is merely a financial/legal status; it doesn't
>neccesarily have any impact at all on day-to-day operations or access to
>information (trust me).
>
>
Granted, but it's a little disturbing that MS themselves don't follow
their rules.
>I haven't played a video game in a very long time (possibly years) so I
>can't help you much there.
>
>
>
>>>BUT THERE IS NO EXCUSE FOR NOT BITCHIN' TO THE DEVELOPERS ABOUT SOFTWARE
>>>THAT ****IS**** INCORRECTLY IMPLEMENTED. I believe in writing one's
>>>congressman frequently and even more frequent verbal lashing of
>>>proprietary software developers. Both actually work (I've had a federal
>>>congressman call me on my cell phone, and I've had patches suddenly
>>>appear that fix the @#**(@#*(@# run-as-administrator ***BUG***).
>>>
>>>
>>Impressive! I wonder if an average Joe who doesn't have the muscle of a
>>company behind him would get the same response.
>>
>>
>
>People habitually underestimate their influence; in a pasture full of
>sheep even the smallest goat can push its way to the top of the hill
>(How do you think such a tiny religious fringe exerts so much political
>power? [ for better or worse is beside the point ] It is simple. They
>read Luke 18:1-8. It pays to be really annoying.)
>
>
A Bible verse that says "piss, moan, and complain until you get your
way": I'm pretty sure they never mentioned that in Sunday school!
More information about the Members
mailing list