The Next Wave of Integration
Microsoft’s Services for Unix ties two OS combatants together.
Microsoft has changed—at least a bit. It used to be knocked for its “closed” architecture due to technologies like WINS, NTLM and the SAM, to name just three. Now, Microsoft is more standards-based with DNS, Kerberos and LDAP-derived Active Directory replacing the aforementioned technologies. This is great news. Open standards promote interoperability, and the more interoperable Windows is, the more it gets installed.
Adding greatly to Windows’ interoperability is Microsoft Services for Unix 3.5 (SFU). Here are the areas of increased compatibility SFU offers:
NFS Client. NFS is the Unix way of sharing files. You can make
Windows easily open NFS “shares” (properly called Mounts).
NFS Server. You can fool Unix clients into thinking your Windows
server is actually a Unix NFS server.
NFS Gateway. You can have a Windows server take NFS mounts and
have them appear as if they were just regular Windows shares. This eliminates
the need to have an NFS client loaded on Windows machines.
Telnet Server. The telnet server in Windows 2000 Server is a
generation older than its Windows Server 2003 counterpart. You can load
SFU 3.5’s telnet server on a Win2K system to have comparable functionality.
This component isn’t installable on Windows 2003, since it’s already built-in
and up to date.
NIS Server. NIS is the Unix way to handle centralized account
management. You can fool Unix clients into thinking your Windows server
is actually an NIS server.
Password Synchronization. You can synchronize a user’s password
between AD and an existing Unix NIS server. Note, however, that in order
to perform this little piece of magic, the AD schema must be updated.
This could be a tough pill to swallow for some organizations.
Unix Utilities. You can make Windows think it’s got a whole battery
of common Unix utilities, everything from command shells such as C SHELL
and Korn shell to command-line tools, such as cron, ls and grep. SFU is
full of utilities that make working on Windows easier for a Unix admin.
Interix and Interix SDK. If you already have source code for
home-grown Unix applications, you can use the included compilers such
as yacc or cc to recompile those applications to run under Interix (a
POSIX-compliant subsystem.) Once they’re running under Windows, the idea
is that you can stop running it on your expensive Unix box. It also contains
the XllR5 and XllR6 libraries, but not the actual X11 server components,
which means you can develop X Windows applications under Windows, but
you either need a third-party X11 implementation for Windows or must run
your X Windows applications on another platform.
Microsoft considers this a “point revision” over SFU 3.0, but it’s actually quite an overhaul. The most major change is the price. SFU 3.0 cost $100. SFU 3.5 is free for the asking. You can click www.microsoft.com/windows/sfu/ and either download it or have a CD sent to you for a nominal $6.99 shipping fee.
You can install SFU 3.5 on Windows 2003, Windows XP Professional or Win2K.
The NIS server component, however, won’t load on the Pro versions of Windows
(servers only). If you want to perform password synchronization, then—before
the installation begins—be sure to log in as a user who is both in the
Enterprise Admins and Schema Admins group, or the installation of that
component will fail and you’ll have to start all over again. This really
should be fixed in the SFU 3.5 setup routine.
SFU 3.5 will talk with almost any Unix variety, but Microsoft specifically tested SFU with Red Hat Linux 8.0, Solaris 2.7, HP-UX 11i and AIX 5L5.2. And there’s nothing you have to install on the Unix side to make SFU 3.5 work.
| The SFU Admin console includes a new
NFS Sharing tab on the Properties page of a standard directory. (Click
image to view larger version.)
Once installed, the Unix savvy will likely start playing with the UNIX
command-line tools. For instance, typing “c:\sfu\bin\cal 2004” at a command
prompt is a fun way to get a little yearly calendar to display. The Admin
console may be your next step. Here, you can configure how Windows can
pretend to be both an NIS and NFS server. If you plan to use this machine
to access Unix NFS mounts, you can manipulate how that client piece should
SFU 3.5 can’t be beat. It’s a solid integration tool and it works as advertised. At a total cost of $0, the price can’t be beat either. It could take you some time to truly get integrated, but in the end, it’s worth it.
Jeremy Moskowitz, a Group Policy MVP, is the Chief Propeller-Head for Moskowitz, Inc. and GPanswers.com. He is one of less than a dozen Microsoft MVPs in Group Policy. Since becoming one of the world's first MCSEs, he has performed Active Directory and Group Policy planning and implementations for some of the nation’s largest organizations. His latest books are Group Policy Fundamentals, Security, and Troubleshooting and Creating the Secure Managed Desktop: Group Policy, SoftGrid, and Microsoft Deployment and Management Tools.
Learn more about the books and Jeremy's Group Policy Master Class training www.GPanswers.com (ranked as one of "The 20 most useful Microsoft sites for IT professionals" by ComputerWorld magazine).