I have recently obtained a Network Administrator position at a company. We have around 25 computers, all running Windows XP. I have found it frustrating to have to go to each individual machine to install programs and run updates, etc. I would like to set up a Linux server where I can control all the computers on the network from this one server. I need the ability to massivly install programs such as Microsoft Office and run defrag and updates. Is this possible to do from a Linux Server? If so, Is there a Linux Distribution out there that is made for this type of need? Or, would it be better for me to use a Windows Server?

Any help on this would be greatly appriciated. Also, I will be happy to do more research if someone has any URL's that they can direct me to.

Thanks in advance.

Hi there

I have a network of 20 XP machines and a Linux Mandrake server, and another network of 18 (XP and ME) with a Windows 2003 server.

My Linux-controlled network is set up as a peer-to-peer network, with each computer being controlled by user policies. My mandrake distribution (MultiNetwork Firewall) is designed to secure the network, not control application software or user accounts. But this network security allows me to tightly control network access, including blocking inappropriate Web material and downloads, and set times when access is allowed.

On the other hand, my Windows 2K3 server runs an Active Directory network, which allows me to control user's desktop appearance, profiles, programs, and settings all directly from the server. It also allows for application deployment. That is what 2k3 is designed for. If you want to control Internet access or use filters, or have a firewall/proxy, you have to purchase 3rd party software. 2K3 also requires a client access license for each computer that will access the server.

Linux is cheap, easy to maintain, and secure the network. 2K3 has Active directory, and works very well with XP, but it's very expensive. you have to look at your company's budget as well. You might even consider having both: a Linux to protect your network and be a router/DHCP/DNS/firewall, and a Win2K3 server for Active Directory/User management/Application deployment.

I don't know about any other Linux distributions that can interact with XP and allow for application deployment, since I've only used Mandrake. Perhaps another member could comment on that.

Hope this helps.

Thanks for the info. It is very helpful. You mentioned a license for each client computer. Do you know if there is a way around this? I can get server 03 but I do not want to purchase a liscense for each of the computers. What I am asking, is does Windows Server 2003 restrict access to computers that do not have a license?

Thanks again for your help.

I think what you are asking is illegal. If you have Windows clients connecting to a Windows server you must have client licenses.

Windows XP and 2000 come with their own "client licenses" so as long as the clients are Windows XP or Windows 2000, you are fine.

I believe you are just looking for management tools to control Windows boxen in a not-so-small peer-to-peer network using just linux.

And to answer the question of this friend: no it is not possible... at least not right now.

Well, I've been looking as well for some time and it doesn't really easily and it's not feasible with just Linux. I agree with Avatar in this respect. If you really want to do app rollout, you'd be better with a Windows server, because there just is no software for linux that'll do what you want it to do.

Peace

For windows 2003 server, you need to buy CAL's for each client that connect too the server, this is not the licence you get when you purchase the client software, this is an additional license, if memory serves me right, Server 2003 comes with 5 CAL's by default, so you will need to purchase additonal licenses for your clients.

How about Window Server 2000 or NT? Would I need a license for each of the clients then? All clients on the network are either windows 2000 or XP. How much does a license cost for each client? I am asking here because I am finding it very difficult to find this information from Microsoft.

By the way, thanks so much guys for your help. My company is depending on me getting this up and running with minimal cost but full legalality.

Thanks again for the help.

I'm not sure if this exactly fits with what you are after, but perhaps you should look at something like tightvnc? It would allow you to control each of the computers remotely, but only 1 at a time. Is that what you are after?

Not really. I need the ability to massively install software on all of the "Ip choosen" clients at one time. I think this is done with Active Directory?

I do have another question if anyone can help. I have been researching license information for clients. (CAL's) I plan to set the server up to access the clients from the server. I do not need to access the server from any client on the network. I will not be setting up the server to share a printer nor for file sharing. Do I still need CAL's for each client if they will not be accessing the server?

Thanks for the help. I am finding it very difficult to find my answers on Microsofts website.

I think in micro$oft's eyes, if you are going client--to--server, or server--to--client, you are performing a server task so you may still need to purchase (CAL's) for all client that are connected to the network. I'm not 100% sure on this, you need to talk to a Micro$oft representative to find out what the legal postion is on it. I too found it hard to find any information about (CAL's) for an assignment a couple of weeks ago, I think this is the reason so many people are turning to linux to save on costs. When NT was out there was no (CAL's), and company were connecting dozens and even hundreds of clients, and micro$oft were not making money from this, so for win2k and 2003 the bought in the (CAL's) licencing scheme, this is what i have been told anyway.

Thanks for the info. I finally got tired of searching Microsofts website and went to Books-A-Million (bookstore) and picked up a copy of Mastering Windows Server 2003. It does state in there that every computer on the network that Windows Server 2003 accesses requires a CAL. This is so stupid! It's like paying a large amount of cash for a car and then having to pay a license for each destination you drive to. I wish there was a Linux Distro that would work the same as Windows Server. ... Maybe one day.

Thanks for all the help guys.

Yes, doesn't make much sense does it.

Sorry for the late reply.

It does not matter what version of OS your clients have, they still need a CAL. Windows 2000 or 2003 comes with 5 CAL. So say if you have 20 clients, you need to buy 15 CAL's.

I don't know where you live, but in my case if I remember correctly, CAL's were about 25$ CAD each, and they never have to be renewed. (unless you buy a new server OS later on.)

Active directory allows you to control the user profiles (like what wallpaper they have), policies (like which drives are shown in my computer, and what printer they can access), software installation and removal (even unattended). You can even redirect their system folders (like My Documents) to any location you choose. I do not believe Linux can do any of this.

Hope this helped.

Hi... read you're post and had to drop some help...

1. Active Directory is the only way to easily Deploy any software to windows clients.
2. I believe that there is some non-free active directory software for linux. I'm not sure how much, but could be considerably cheaper than 2003 server liscenses...
3. There are other ways around software deployment... If you are an effecient programmer, you can write a program or a script to do the following:
...a. In the "All Users" Startup folder, place a shortcut to the program or script that does the following:
...b. Looks at an answer file for software. (shared out on the linux box with samba) i.e. \\linuxserver\windows_installs\install.txt
...c. Begins an install of that file (if a complicated install such as office, etc, try using a MSI builder such as InstallSheild)
...d. Appends a local list to keep track of whether not that software has been installed.

Yeah... lots of work. And MSI builders can cost over $25,000.

The moral is, nothing controls Windows better than active directory, and since windows isn't natively a scripted or opensource OS, there's no easy way to deploy software to a large amount of computers without good Active Directory implimentation. Even with Active Directory, you will probably find yourself spending more time setting up the unatended installations once, than had you done it individually on each PC.

Specifically, you may find certain options for microsoft products that can assist you... Service Packs and hotfixes usually accept certain switches to assist in deployment.

Good luck!

-fbl