Enterprise Software optimize

10 Linux applications that should be easier to use

The Linux desktop continues to become increasingly user friendly. Yet as Jack Wallen explains, some applications are not nearly as easy to configure and use as they should be.

After using and covering the Linux operating system for more than a decade, I have seen plenty of applications come and go. Many of the applications that go are those that wind up either too broken to work or that lack the features users need. The applications that stay are solid, reliable, up to date, and offer plenty of user-friendly features. And user-friendliness is the key for modern Linux -- especially on the desktop.

Unfortunately, no matter how user friendly the desktop gets, some Linux applications and systems are still a challenge to configure and/or use. I thought it might be interesting to bring up these applications to see what experiences you have had with them and to help developers who are interested in knowing which tools could use a nudge toward the user-friendly side of things.

Note: This article is also available as a PDF download.

1: LDAP

Of all the systems I have ever installed, LDAP is probably the most challenging. I have successfully installed it, but not without much hair pulling. Not only is the LDAP server itself a significant hurdle to leap, but connecting the client to the LDAP server is also a challenge. Now, I understand the why of the challenge on the server -- it's a complex system. But the client should be as much of a no brainer as is connecting a Windows client to a domain.

I have found that connecting Linux clients to LDAP servers is far more difficult than it should be. And as for servers, yes there are GUI tools that can help you configure your LDAP server (389 Directory Server and phpLDAPadmin come to mind). But these tools are not nearly as user friendly as they could be. What LDAP needs is a tool in line with the Gadmin tools or a system-config-ldap. That would make the configuration of LDAP a much easier prospect, thus making it a no-brainer as a replacement for Active Directory.

2: SELinux

The biggest problem with SELinux is that most users simply don't get it. SELinux is an incredibly power tool that does an outstanding job securing Linux. So powerful is SELinux that it can often keep nonthreatening applications from running. (Adobe Reader is often a victim of this.) But the scope and complexity of SELinux is only amplified when new (or moderately new) users stop by the documentation, only to find out they feel more lost than they did before they tried to RTFM. I get the reason why Linux needs tools like SELinux, but at least try to make SELinux a viable solution for those who do not want to major in CompSci.

3: PacketFence

Next to LDAP, PacketFence is the most challenging application or service I have ever had to install. This is only made worse by the fact that PacketFence is an amazing tool that should be deployed by anyone with a network that needs a granular set of controls. PacketFence is so powerful, once you start using it you will marvel at the fact that it is free. Who knew that free software could be so powerful, right? But that freedom does come with a price -- the price is your sanity after spending days getting PacketFence up and running. Now, I will be fair and mention that getting PF up and running on, say, Red Hat or CentOS is far easier than installing it on Ubuntu. So if you are planning to give PacketFence a try (and you should), make sure you install it on one of the better supported distributions.

4: Bacula

Bacula simply eludes me. Granted, I haven't given it nearly the time and attention it deserves (to have it up and running). But wow -- what a complex system. Naturally, one would think such a complex backup would be, well, complicated to set up. It is. And it is, even when using the Bacula Admin Tool -- a GUI that makes for "easy" Bacula administration. The reason I haven't given Bacula more time and effort is that there are tools like LuckyBackup that do one heck of a good job of backing up a Linux client. The key word, of course, is "client." Bacula, on the other hand, is all about the client/server backup, which, by nature, is a far more complex system. The real problem is that there is no good GUI (at least not that I have found yet) to configure the backups. Even BAT is less than stellar at making the process easier.

5: Active Directory Integration with Samba

This one really shouldn't even need an explanation. And I understand that Microsoft is at the center of the complexity here (by not adhering to any sort of standard). But the Linux community, being as adept at reverse engineering as it is) can't just point the finger of blame at Microsoft on this one. Even though folder sharing has come a long way (the latest GNOME and KDE really make folder sharing a breeze), the act of integrating a Linux machine into a Windows domain has painkillers written all over it. With the help of tools like Likewise Open and Centrify Express, the task of configuring a Linux machine to connect to an AD is doable via GUI. But I have experienced both of these tools tanking either sudo and/or user accounts in the process.

6: Integration with Exchange

The Evolution groupware client has an add-on that allows the client to connect to an Exchange server and even enjoy a taste of the push feature. But it's incredibly unstable and can result in the loss of data. And that is really the only option for someone wanting to connect to an Exchange server on Linux. Claws Mail? Nope. Kmail? No luck. Again, this is another situation where Microsoft is ultimately the culprit (it don't like others playing with its toys). But the open source community is too smart to let an ever-changing standard and hidden APIs get in their way. Right?

7: Linux Terminal Server

To the freakin' cloud! If I hear that commercial one more time, I might well toss my cookies all over the TV. The cloud is just another shot at thin clients, and thin clients always bring me back to the Linux Terminal Server Project. LTSP is a good idea if you want "dumb terminals," but in light of the amazingly simply Live distributions we have today, should a thin client project be as simple as booting up two live CDs, setting an IP address, and getting to work? It should, but it's not. In fact, the last time I gave LTSP a go, I stopped midway because I ran out of time and patience. It's not an impossible setup, but it's not nearly as easy as it should be.

8: VPNs

This goes both ways -- client and server. And once again, this is Linux having to go up against the seemingly impossible hurdle of proprietary hardware and software. But even without the headache of Cisco or Microsoft, OpenVPN itself isn't terribly simple to set up. And naturally, few business users are connecting to a Linux VPN solution. The overwhelming majority of VPN users are connecting to either a Cisco or Microsoft VPN solution, and doing that with a Linux client is far from simple. Even when using the GNOME or KDE GUI tools, VPN setup is iffy at best.

9: WINE

WINE should be an ideal solution: Install a layer between Linux and Windows that will allow the running of Windows applications. It should be, but it isn't. For users who want to run proprietary applications (such as QuickBooks or iTunes or a list of games miles long), the possibility seems so appealing. The reality is often that the application will either not work or will work only with certain features disabled. In an ideal world, WINE would not be necessary, as Linux would have every possible application covered with a FOSS alternative. But this is not an ideal world, and in this non-ideal world, Microsoft Windows-native applications are a necessity for the majority of PC users.

10: SQL-Ledger

SQL-Ledger is one of those applications I really want to give some love to. Why? Because there is such a black hole when it comes to either client/server or Web-based software that can go toe-to-toe with QuickBooks. And Linux really needs this. QuickBooks dominates small to midsize businesses, and it is plagued with issues. If the Linux community could come up with an easy to use/install/administer replacement for QuickBooks, the landscape would change. At nearly every turn I am told, "Give SQL-Ledger a try!" I have, and the installation itself will keep the average business user from even thinking of trying this solution. SQL-Ledger could easily be the perfect be-all solution for SMBs, but no one will know because of the challenges it presents.

Other candidates

Are the above applications impossible? Not at all. Could they use a boost in user-friendliness? You bet. In fact, if the above list of applications/services/tools would gain a boost in simplicity, the Linux operating system as a whole would greatly benefit.

Do you agree that these tools belong on the list? What other tools have you found to be far too challenging in Linux? Sound off and let everyone know how you feel.

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

30 comments
adunstan
adunstan

I'll second that! Dual monitors are even worse if your video cards are from two different manufacturers. It worked just fine under Fedora 10 but upgrading to Fedora 14 was a great leap backward for me. If I didn't need more recent versions of a few other packages I'd would've stayed at F10.

cwarner7_11
cwarner7_11

1. Replacement for QuickBooks- gnuCash. No hassles, no issues, just works. It helps to have a bit of accounting knowledge for setting up the chart of accounts, but otherwise it is perfect & user friendly. 2. Wine works, with minimal hassles. I don't understand your issues with it, actually. There are, of course, apps that won't run under Wine, but the WineHQ website offers a very good list of apps that have been tried and proven (or disproven) along with work-arounds in some cases.

pgit
pgit

With the possible exception of OpenVPN this looks like my own list of beasts I went up against and lost. For the life of me I can't even understand what principles bacula operates on. I'd swear LDAP isn't even there, just a bunch of binaries all pointing to /dev/null. What is the major malfunction with getting an email client to talk to exchange?? I got the impression Jack was lamenting the lack of comprehensive GUI tools, but this list goes clean into the realm of the impossible on the command line, too. Again I say except for OpenVPN. The trick is to look at it separate from the OS you're running it on. Forget any GUI tools, just edit a few parameters then run a few commands to generate certs and keys and you're ready to add clients. Same on the Linux client end, just put the keys where they belong and forget any UI tool. Windows is very different, the graphical client setup is very simple to use and works like a champ every time.

jeb.hoge
jeb.hoge

I'm not a power user or even adept with the CLI, so except for WINE, I've never touched any of these things, but I did get my first taste of GIMP the other day and it took me probably six tries to save a scanned file as a JPG. That was ridiculous. I've used Photoshop for years; you'd think that experience might translate across.

parnote
parnote

I loved the article, and you made some very good points here. But I also don't think it's fair to point fingers at the Linux/Open Source crowd when it comes to incompatibility with Microsoft applications and services. The Linux/Open Source crowd will always be in the position of playing catch-up to a closed-sourced, secretive Microsoft, who adheres to NO standards, who changes the "game plan" on a whim, and who has a history of NOT playing nice with others. Even when Microsoft "embraces" a so called "standard," they bastardize it and try to steer it where they want it to go, sometimes either claiming themselves and their version to be the standard, or using their "weight" to change the standard. Linux and Open Source developers will always have to play catch-up when someone like Microsoft is involved.

Krishna66
Krishna66

For Windows users the main headaches Linux and its many distributions are its total dependence on command line. Looking at all the technological developments a question arises. DOES LINUX AND ITS COUSINS WANT THE USERS TO STILL LIVE IN THE TYPEWRITER AGE ? DO USERS HAVE TO BE GREAT TYPISTS TO BE AN ADVANCED LINUX USER ?

Justin James
Justin James

AD uses LDAP, DNS, and Kerberos... what exactly is it doing that isn't "standard"? J.Ja

Rescenin
Rescenin

First, it is easy to install on distro with firefox on it, like ubuntu, peppermint linux, crunchbang. But it didn't work on distro with another browser on it. Second, problem of certificate of the vpn server, on windows, in each login, there is a pop up about server"s certificate, but on linux, none. Even after installing/uninstalling.

Neon Samurai
Neon Samurai

Bacula It's a beast if you need backup. This sucker will do enterprises down to a standalone machine with a "backups" drive added in. Sadly, it's not simply "aptitude install bacula-client" and off you go. Keep your backup server behind an outbound only firewall; no problem. backing up to a NAS box seporate from your back server or client nodes; no problem. This remains something I come back to every six months or so because the potential functions are mindblowing. For home or work I'd be all over this thing. It's industrial software so some setup work like required fro Apache, VMware Server and such is no big deal. Bacula setup should be like Courier Mail setup not more complex than the conveluted process of postfix/procmail/dovecot-pop against an uncooperative SASLd. LDAP I'd like to see joining a client node into Active Directory or any other LDAP polished more. I thought LDAP was actually better done on the server side but it's also something I need to cut a few VMs for and look at. This includes Samba integration too; it can be a pain even without the central LDAP server being involved. SELinux I really need to cut a VM and have a look at this. To be honest, I've dragged my feet because of the promised complexity of management. Exchange Integration Best method of interegration is to use the Exchange web interface. I'd love to see better support from the various PIM suites. Granted, I'm not sure if the issue is bias or lacking access to information on the distro side or grief caused on the Microsoft side so I can't attribute responsability. VPNs VPNC by command line or KDE4's network-manager gui makes the connecting part pretty easy with a Cisco gateway. My issue has been in the stability department though; connect vpn, ssh into internal server.. half way through doing something and I've lost my VPN connection for some reason. Is the Cisco client software doing something differently from VPNC to achieve a more stable tunnel? WINE The grief I've run into seems to be between WINE needing various settings to tune it for the specific Windows version one is trying to make it compatible with. When it works, it seems to work well enough but when it doesn't work you can have some grief forcing it to behave. Tell it to limit ram to 128MB and support a win95 targetted program; oh.. wait.. it says there is no space on the C driver to install the software.. WTF? WINE isn't seeing the six gigs free on my /home partition? Now, someone has setup a bit of a respository system for WINE which works well; grab the guys "package manager" script and adding DX9, IE and such into your WINE install becomes pretty easy. The distro I'm using is also not shipping the latest WINE version.. but still.

zefficace
zefficace

It's all good and easy until you go multi-screen with more than one video card. I just upgraded my system with twin asus gtx570 (guess what I do with them often enough) and have four screens hooked up. Under win7 settings up four screens is a breeze. Under Linux, after nearly a month of fooling around, I still don't have a proper setup. Something always screews up. Rand 1.3 doesnt support multi-card, and xinerama is deprecated and results most often in disabling compositing. Even nvidia-settings can't do a good job. Now of course, you could always discuss the somewhat obscure "language" of X config files. It surely is not impossible to understand, but it is far from elegance. Again, using the nvidia tools still doesn't do well on its own, why should the user be expected to do better. Xorg should not only be easier but less of a drag entirely. At this point X may have many "cool" network functions, but it leaves to be desired for the desktop. Maybe with wayland w'ell get somewhere, but right now, Windows is better by a longshot.

mrlhxc
mrlhxc

I don't think i've tried Evolution on Linux lately, so i guess i don't know much of its issues. Ya know, Mail on OSX and iOS surprisingly works well with Exchange. Now it doesn't have all the features of Outlook, but for the basics i really enjoyed using it during college. I'm still waiting for Wubi to work correctly for 11.04 Ubuntu. I don't want to mess with my partitions and install it, just want to play with it without Virtualizing it.

pgit
pgit

I agree gnucash is easier to deploy and use than quickbooks, but for the time being it does not integrate with point of sale software and doesn't have inputs for various taxes. Two huge holes that need to be plugged before gnucash can really give qb a run for the money. As for wine, one huge problem is accessing network resources with a windows app that relies on such. There is a horrific timing issue between the instance of the app running under wine and the network interface on the system, which of course is being handled with the Linux OS. That renders a lot of proprietary apps useless. Others simply can't access network resources at all. I have seen a number of apps that run fine with wine, except they need to retrieve a database from a server, which they simply can't do. Of course that is also a total show stopper.

Neon Samurai
Neon Samurai

You have a scheduling program, a storage management program, a backup program and a client program at least. The reason makes sense; your storage server may not be the same box that your scheduler or backup handler is running on. The storage management program will do anything from local disk through removable media on up to robot managed tapes and reels so fair enough that it's separate to sit where it needs to be when bridging the data stream and storage media. My personal grief was with setting up the relationship between the seporate programs though. I'm pretty sure the need certificate keys and passwords where all in place but darned if I could get it going. I'll have to look at it again with Debian 6; maybe they improved the implementation or the newer version behaves better.

Neon Samurai
Neon Samurai

File -> Save As - enter a filename.jpg - click save - confirm the quality of JPG (I like 100% but it seems to default to 80%) At the bottom of the file save window, it says "select filetype by extension" however, you can also click the bullet point to expand out a list of filetypes instead of GIMP simply recognizing the filename ending. I'd actually like it if more programs managed filetypes this way but not all could as it would get messy with .doc meaning about five different possible formats or versions of formats. Granted, one is going to have learn something new when working with any new program. Anything more complex than notepad anyhow.

tommy higbee
tommy higbee

I use the command line when it makes sense. It's often the easiest and fastest way to do things. But that's more a strength than a weakness. It's a fallacy to think you can't function in Linux without a command line. In fact, on my home PC I use the command line pretty extensively, but on my laptop I almost never do.

Neon Samurai
Neon Samurai

Ubuntu is getting there and most people will never see a command line if hardware is supported and they don't need to go outside the repositories. Other distributions do a better job of it but Ubuntu is the popular brand at the moment. If you ever chose to become comfortable on the command line you'd be rewarded by any OS you regularly used. Command line even opens Windows up to more functionality. The key is not memorizing every possible command and command switch but learning the few basic skills used to navigate around and dispay a program's help information. For tech support, I can quickly give you a few commands to run. If needed, you can easily copy the output from those commands. We're both remain in the natural text format of forums. On a GUI system, my list of steps is going to be more convoluted; click here, now here, click there, fill that in, click this now. I may actually have to do screenshots or video capture so we're not leaving the text forum to visit picture and video hosting sites.. and we're assuming that my pictures and video don't have something interesting hidden in them. If you need to provide program outputs, your also taking screen shots to send over. Power. By simple realities of UI design, you just won't get the same efficiency and power. Consider Nmap; a monster of a port scanner for which I've never seen a GUI front end provide full functionality. What can be done by command line in the time it takes to type takes noticeably longer by GUI. To provide full functionality a GUI interface has to have you digging down through several layers of menus. The hundred settings I have directly accessible by command line would be a horrible screen of buttons in a GUI format. This extends to the overall desktop; digging through a Start Menu versus quickly calling up the GUI apps from command line. With a start menu icon, I get one program. With a command line, I can literally open a dozen programs at once. Another example; my logs are all text files which are easily searched from command line. I can filter out specific log entries and consolidate them as applicable. I can view my logs in part or in full with command line programs. Need a single command to check for people trying to break into your machine and generate a list of IP's to block based on it? No problem, you can even easily schedule it to run daily for you. The efficiency part really becomes noticeable when working with a well designed program that can be used equally by mouse or command line. Every time one reaches for the mouse they loose time.. type type type.. stop.. find the mouse, find the cursor, move the cursor, click on something. I go back to Excel with this one too as that's where I saw it most pronounced in my past work. Staying within the keyboard, I could fly around that program. The few functions I needed that could only be accessed by mouse.. oh I felt that loss of productivity when producing an adhoc report "due yesterday" when requested today by some eager manager. Command line lends itself to naturally chaining programs. I can run a command and send the output to a second command and on to a fourth and it's all natural. With GUI, I'm not likely going to get a standard output I can work with and if I do, it's likely going to be cut/paste to put it into the second program. More likely though, if two GUI programs are not designed to work together, your going to be out of luck. With GUI, you also rely on the program writer to provide you with a user profile or saved settings function. With command line, saved settings means simply dropping your command and various switches/options into a text file. That text file is very quickly made executable and now I have my full set of options "saved". Remote support also. Maybe I'm not sending you a short list of commands to try. Maybe you pay me to look after your machine. With an internet connection and port 22, I can do that very well. I have actually jumped into a client's machine and fixed things while they are still on the phone describing the issue; I got the gist, confirmed it faster by command line tools and then made required changes. Adding and removing software packages.. way more efficient by command line. I can search descriptions or partial names and see a short list of available programs then install the one I want. I can uninstall it easily if it turns out to not be what I want. This is mostly due to the package management system of the OS but the command line gives me more efficiency than opening and clicking around a GUI package manager. Very closely related to the last point is server administration. A server shouldn't have a GUI layer in the first place. It shouldn't be running that much extra code which does nothing to make the services (the actual reason for the server's existence) run better. More software running means more chances of problems. More installed software that isn't running may still be exploitable enabling someone who shouldn't be on the server. I also don't want to waste bandwidth and slow my interactions down with some remote desktop application when I can use much less bandwidth with a more responsive interface by command line. System install and config; very closely related to the above point. My own systems and servers, I build out with a set of scripted commands. Where packages come from, what packages are to be installed, post-install configuration; easy to manage scripts that automate 95% of the process. The only way to be more efficient is with system images; a Norton Ghost type drive image of a previously installed system. Fault tolerance. If one is comfortable at the command line, fixing a broken GUI is not such a concern. My GUI desktop crashed out.. oh well, by command line; read the error log, fix the issue, restart the GUI. Health reasons. Doing a lot of mouse work adds a nasty twist to your arm and leads to carple tunnel pain much faster than a keyboard. I've spent days doing heavy keyboard work in Excel with no pain at all but even a few hours of heavy mouse work can be enough. Now, some types of work does lend itself to GUI interface. Working with images on command line is fine for resizing or changing formats but for any real image work, you'll want a mouse and similar pointer device. With the poor text input systems all smartphones have provided, heavy command line work sucks pretty quickly. The Ipad has a fantastic music studio app; lots of sliders, tials and toggles I wouldn't dream of working through keyboard or a command line application. (I'd probably be a terminal app with ansi display but still.. keyboard isn't better than mouse or touch in that case still). Browser I'm actually half and half on. The GUI layer brings image display and layout with it and a good keyboard command system helps one navigate around but with the adhoc development of websites, there is a lot of mouse only type stuff out there. It's not about "the typewriter" age or some demand that users be typists. The reason the command line has remained relevant and loved is not because of nostalgia but because there has not yet been an interface method that can truly replace it's power and flexibility. You really want to get into osX or other Unix like OS then hit the command line. You really want to get into Windows; learn your Powershell. Touch typing will also benefit you with any OS you happen to be inputing information on; not a demand by any means but a thoroughly proven recommendation.

Neon Samurai
Neon Samurai

It sounds like your using the SSL VPN over a browser. This would depend on what the browser will support or what the Cisco box allows for client side browsers. If it's an option, you might consider using the VPN client application. It works well enough on Windows boxes (don't know if there is a win7 and/or 64bit version yet). On your unix like boxes, look for vpnc in the package list; it'll provide VPN connection by client instead of reyling on your browser and SSL certificates.

dcolbert
dcolbert

WHS is *awesome* for the backup needs of the typical Windows home user. I wish I had just bitten the bullet and bought WHS when it came out. It has revolutionized my home backup and recovery process for my Windows machines. It doesn't accomodate for Mac or Linux at all - which is unfortunate - but for Windows, for point in time system backups, it is an amazing product. Of course, it looks like Microsoft is intent on blowing that with the next revision. LDAP is one of those technologies that makes me feel old. I don't know enough about it, and it seems complex, it seems like it causes my engineers a lot of heartache and grief, across multiple platforms. I've never been able to figure out exactly what keeps causing SAMBA to break in Linux, but it does, and it seems like it is so random - it'll be broken in one distro, working in another - acting fine here, acting bizzare there, with no rhyme or reason or consistency. It has been really flaky with Ubuntu for the last couple of versions (I'm on 9.10 now, but it has been flaky going all the way back to 7.04). Network browsing and mounting shares has been unreliable at best. I was shocked when JoliOS handled it so seamlessly in Nautilus on my Win network. I expected that to be far more difficult to get working.

dcolbert
dcolbert

I write a blog saying that I love a Linux distribution, and you write a blog that points out the places where Linux is really lagging in delivering the kind of user-friendly experience it should... Maybe there is something to those 2012 end-of-days rumors, after all...

Neon Samurai
Neon Samurai

I'm not sure if it's Xorg graphic drivers or the GPU manufacturers making this hard but stop already and deliver the same GPU features we see from the same hardware but with Windows drivers. I'd also like to see touchscreen support apearing much faster. Every little embedded UI with a Linux kernel behind it is doing touchscreens.. why is that so slow to get back to full desktop distributions. Additionally, touchscreens done in firmware would be preferable too; stick a chip between screen and usb cable out so any computer simply sees the touchscreen as a standard mouse input. You'll sell more touchscreens and solve the lacking driver issue all at once.

Neon Samurai
Neon Samurai

Exchange2003 or previous and you should be able to use the fairly common Evolution plugin. If your version of Exchange is newer then you'll need the latest Evolution plugin (evolution-plugin-mapi?) which means you'll need a distro with very recent software versions; latest Evolution, the mapi plugin, Samba4..

pgit
pgit

I was thinking the same thing. I'm having a lot of good luck with debian servers, the devs obviously approach things from the typical admin's point of view. If anyone can make bacula easy it's the debian team. Question is have they given bacula a hard enough look while working on 6?

seanferd
seanferd

On a GUI system, my list of steps is going to be more convoluted; click here, now here, click there, fill that in, click this now. In Windows, the difference between ipconfig /all and clicking through to the DNS suffix settings in the TCP/IP config through accessing the network control panel via one of ten methods just to see what is configured, is staggering, for example. It even takes forever to meta-describe the GUI method.

Neon Samurai
Neon Samurai

WHS is pretty. I have spent some time poking at it on a little HP chassis (think it was one of hte little HPs anyhow). I'd actually put it along side Apple's Timecapsule. Primarily automated backups dedicated to a given OS. The osX machine at home has it's dedicated box for wifi connectivity and backups. By the same thinking, if all one has to support is Windows boxes at home then a WHS can be very nice; some fun plugins available too. In my case, I'm looking to centralize backups across all client nodes though. Backula having client apps for multiple platforms is a big part of it's selling features. When I did my last run through what backup apps where available, multi-platform support was something that kept a lot off the list. I don't even want backup that only works with Linux based systems. For LDAP, the general concept seems clear; Novell did it before MS delivered Active Directory. It's just a central script or rules that all client nodes should inherit and implement. Now, as for actually working with various LDAP solutions, I can't offer much detail in that area. My experience tends to be with MS-LDAP and even then it involves heartache (why, oh why, if policy rules are enabled in the policy, must I also enable the same rules in the local group policies? Why?). Samba is indeed another one. To play in a Microsoft world, one has to have SMB/SMB2 and be able to keep current with Microsoft's implementation. My tv box, Windows and Debian boxes all talked happily with the NAS; all password protected accounts, no UPnP spraying media across my network with no consideration for if the requesting node should be permitted. I upgrade the NAS firmware and now Windows boxes can connect but the Debian and media box are SOL. Windows to manage files over Samba, SSH for Debian to push files up to the NAS, UPnP for the media box to read files off the NAS; boooo! (note: win7 has UPnP on by default. If you don't want to spray your media across the local network, be sure to look into that.) I really don't get why Samba has to be so flakey either. The easy and dismissive answer would be because Microsoft has extended IBM's network protocol with various incompatabilities so as to conflict with anything build to the SMB standard. They where dragged into court and ordered to stop mucking with IBM's protocol (think it was part of the handing over full documentation order). Other systems manage to implement Samba well like Maemo on the N810 though so it's not a simplified "evil MS" issue. The WHS machine mentioned above has since become an Ubuntu server without issue so it also seems to be on the client side of the relationship. Maybe it is a version thing; fragmentation within the limits of a single project. With Microsoft's move from SMB to SMB2, there has been greif between Windows versions when an AD server isn't involved. Samba is making the same move as they try to maintain compatability; Samba4 is all SMB2 from what I understand. As of Samba 3.5.? they are actually merging in the best from SMB and SMB2 though so hopefully that simplifies the project management and results in a more standard Samba across distributions. (Not that it helps those of us having grief now). In my case, I need to make mount.cifs more verbose. It's one of the few times I couldn't simply spot the issue in /var/log/messages, /var/log/syslog or an application specific log.

Neon Samurai
Neon Samurai

Just off two longer than should have been posts with your article and now I'm going to be on the other side of the table tearing into some of my own points of grief.

pgit
pgit

but hardly a service I can offer to clients. =\ I always assumed it was a matter of time, keep banging my head on it until the light comes on. But something about bacula has just been the most obstinate software I've ever dealt with. Apache ended up looking pretty logical and OpenVPN was a piece of cake (3 solid months in the making) compared to this. Nothing beats having someone show me around a working system as the shortest path to knowing it. I doubt there's a working bacula system within 100 miles of where I sit.

Neon Samurai
Neon Samurai

I'm hoping Backula is like Apache; looks pretty complex until you figure it out then it becomes pretty easy to work with. I'll know better after I get a working Backula setup and then try a second time.

dcolbert
dcolbert

I'm going to have to collect my thoughts and get back to my own blog and see if I can keep those fires burning. :)