Microsoft Trojan Horse Part Duex: System Center Operations Manager 2007 Cross Platform Extensions and Connectors

by Noah Gift

After reading a recent press release about System Center Operations Manager 2007 being able to "manage Unix/Linux", the first thought that goes through my head is WTF? Who in their right mind would touch that product?

After thinking for a bit, I then realize this is the exact same corporate strategy Microsoft has pursued with Active Directory. Release a trojan horse into a corporation by making an inferior, arguably broken, operating system, Windows, that won't work with anything else, or follow the same standards, and then release a steaming pile of bandages, duct tape, glue, and well...poo, and make everyone authenticate against it while charging an expensive licensing fee.

We have active bot nets that rival NASA in pure computing power due to boneheaded Operating System design, yet Corporate America should have Microsoft manage Unix and Linux. Ha, ha, ha, I am rolling on the floor laughing. For anyone has had the "pleasure" of dealing with Active Directory and the politics that goes on with that, I shudder to think of this product. May God have mercy on your souls.

References:

Botnet
Botnet pandemic

Post Script: This is a FACT, of the 600 million computers on the internet 100-150 of them have been a part of a botnet at one point. These are primarily Windows computers. This is a complete failure by Microsoft of Epic proportions.

"Operating systems like Microsoft Windows, meanwhile, still made it too easy for criminals to infiltrate them, the experts said."


21 Comments

schmichael
2008-04-29 20:39:30
Nice post. Its always good when open source advocates use research and objective facts to form opinions as opposed to the senseless FUD mongoring Micro$osft does. --end sarcasm--


Next time please say 'shit' instead of 'poo' so hopefully content filters will protect our children from such senseless drivel.


(For what its worth I'm a happy Debian user and only touch Microsoft products when forced at gunpoint. I'm just sick of having to defend the open source community to my Windows-using friends when they read posts like this.)

Noah Gift
2008-04-29 20:47:39
schmichael/Thank you for your opinion. I still stand by my opinion. Active Directory is and was a horrible product that I was intimately familiar with. It was specifically designed to "trojanize" the corporate workplace through a deliberate design that would not interact equally with other directory service implementations such as OpenLDAP. This is not a wish or an idea, or a fantasy, this is a fact.


Given that behavior, I shudder to see this behavior taken a step further and Windows attempting to create proprietary tools that now manage Unix and Linux, so that yet another license fee is paid for something that wasn't broken to begin with. I have worked in corporate America for over a decade, at huge corporations, and I know exactly what I am talking about. This is a pile of "poo", just like Active Directory.

schmichael
2008-04-30 05:48:42
Thanks for elaborating Noah! Sorry for my overdramatic comment. :)
Carla Schroder
2008-04-30 15:50:43
If it walks like shit, talks like shit, etc....


Thanks, what a great, concise summary.

Sarah
2008-04-30 17:32:32
Having had the misfortune of dealing with Active Directory and politics thereof myself, I will be happy if I never have to see that shoddy thing ever again.


I would go so far as to say it's an exceptionally obvious trojan, all Microsoft have to do is push out a buggy, slow, crash happy thing and everytime it breaks go "Well that's *nix for ya, use our stuff"... which shouldn't be all the difficult considering this IS Microsoft we're talking about... the only company that can make copying a 10MB file from directory to directory take over an hour, so no major challenge there then.


Your problem will be an inability to escape from using the MS tools, lets be honest, we both know what corporate IT is like, this will be mandated for use, usage will be enforced and non-compliance will have thee out the door.


One thing I do so loath about MS is they slap fancy names on stuff and everyone rants about how wonderful it is (ReadyBoost = Swap Paritions, Shadow Volume Copy is at heart soft locking and so on). Linux needs more PR work.

yaco
2008-04-30 17:56:23
It's actually very cool that nobody erases the heck out a comment like this, thnks for your wise words man.
Yessir
2008-04-30 18:36:16
"Post Script: This is a FACT, of the 600 million computers on the internet 100-150 of them have been a part of a botnet at one point. These are primarily Windows computers. This is a complete failure by Microsoft of Epic proportions."


Umm. WTF?


You know, I read a rant such as this and I think, "Yeah!, and another thing...." And I can sing along the whole way. Been there, hear ya, all of that.


However, that paltry and glaring "100-150" is making me a little nuts.




But, yeah, I hear ya.


idle
2008-04-30 21:21:08
hahaha.. duck tape.


classic.


Donald
2008-05-01 07:46:35
Sorry, but I really don't agree. Every person I know who works with a large UNIX/Linux install base complains and struggles to manage the systems. I don't know of a company with more than 10,000 UNIX/Linux systems that hasn't deployed something like Openview or Tivoli. Microsoft is just moving into that space through a partnership with Quest. Quest makes a PAM module that authenticates to AD and other things that are really handy in a heterogeneous environment. Sure AD sucks, but it sucks less than the alternatives. After all, every user is already in AD, why have secondary (or tertiary) ID stores? Similarly, if you (like we) are managing 150K windows systems with SCOM why not go ahead and manage your 15-20K UNIX/Linux systems with a single system. It's called efficiency.
CharlieB
2008-05-01 09:32:18
I've always believed that Microsoft could have made a standards-compliant LDAP and Kerberos implementation that would have allowed XP and Vista to authenticate again any standard server, even if it required additional schema element. The reason they didn't do it is because that would have promoted a mixed environment and allowed users to avoid installing Windows Server and paying Microsoft for CALs.


Why, then, would a Unix/Linux administrator trust critical management aspects of their mixed environment to the company that has done to most to suppress mixed systems? How motivated can Microsoft be to support Unix well?

Hal Logan
2008-05-01 10:24:53
I'll agree, Microsoft has done much evil in their day, and they've been responsible for a great deal of security headaches. Having said that, our sysadmins run an AD shop. They currently use SMS, and are considering upgrading to SCOM. Can anyone recommend a management/software deployment platform that supports Windows as well as Unix/Linux machines? If you've had experience with it, positive or otherwise, I'd appreciate that feedback as well. Thanks!
Chris
2008-05-01 10:36:29
The main problem is the average IQ of the people who have buying power in corporations. The company I work for has one Active Directory tree with ALL our users over the whole of Europe for "cost saving" purposes. Starting up a pc at work takes between 10 and 45 minutes, depending on the time of day it is.
There seems to be a general rule in big companies that the higher up in the hierarchy, the lower the IQ gets... sad reality of the day and one of Microsoft's success factors. People ARE really as dumb as Microsoft needs them to be.
Tiago
2008-05-01 11:49:29
To Hal Logan,


Novell Zenworks does that. We use it to manage Windows PCs, not servers Windows or other.
Best thing is just try it.

dcs
2008-05-01 12:43:50
Donald: "After all, every user is already in AD, why have secondary (or tertiary) ID stores? Similarly, if you (like we) are managing 150K windows systems with SCOM why not go ahead and manage your 15-20K UNIX/Linux systems with a single system."


Uh, no. Actually, I managed for years to do without the Microsoft account at two companies. However, just this last year $EMPLOYER switched over the mail system to an all-MS hash and the only way to get mail is to log in to the AD domain. Not too bad on authenticating IMAP, but every time the password expires I have to hunt up a Microsoft admin to change it.


Yeah, like _that_ is good security practice.

daz
2008-05-01 15:27:36
"15-20K UNIX/Linux systems with a single system." I have heard this its called Nagios why not convert your 150K over no Cals (cows) needed.


I bet from this new view point the Linux systems will start to look amazingly bad and some manager some place will say install vista.


I wonder where they got all this new tech for controlling 1000's of machines was it the Xbox :P


I guess I am just waiting for MS to release their own servers and desktops and replace OEMs and Intel/AMD.


Microsoft way to go heck why don't they just BUY IBM and HP n Dell just to show they care.

daz
2008-05-01 15:33:43
I bet from this new view point....


does not read right..... from this new Sco or is it Scum no no sorry keyboard is playing up SCOMicrosoft

Dale
2008-05-01 16:32:58
If you want an active directory that will work with most everything, work well with with most everything go look at Novell's Active Directory. They have been interoperable on a grand scale for a long time and probably do it better than any one else.
jecker
2008-05-01 19:20:13
I agree 100% with Dale; use Novell's Active Directory. Novell's Active Directory Services has been around since the early 90s, whereas, Microsoft's Active Directory Services has only been around since 2000.
Chris Josephes
2008-05-02 14:07:46
The first question that comes to my mind is what Unix/Linux solutions are out there for managing Windows hosts. IBM, HP and Sun has their solutions. When you consider virtualization, then VMWare and Xen have their UIs for managing Windows hosts.


I don't think this is a new or innovative thing. For this product offering, MS will have to compete on their own merits just like any other product.

uSlacker
2008-05-09 20:17:10
When the open source community finds the ability to stand on it's own two feet without relying on bashing of Microsoft to make it feel superior, then it will be taken seriously within corporate data centers. Until then, drivel like this will do nothing other than give the fanboys something to laugh about.


\\uSlacker

bladow
2008-06-18 22:45:05
I think you're confused. OpsMgr is for monitoring Unix and it does a great job. Compare Event Correllation and Analysis framework systems and OpsMgr is the only one most Systems Analyst really want to use. Why? It works, it's cheap, and it's easy to administer.


If you don't know what you're talking about, why post a bunch of crap? OpsMgr is pretty amazing, Microsoft is pushing the bar higher with it and other companies have systems they wish could do what it does.


So what does it do? If Unix has a daemon go down, OpsMgr will let you know. If there is a probelm with Oracle, OpsMgr will let you know. CPU usage high (after it learns what the baseline is, by itself) it will alert you. You can create a diagram for distributed applications, when something is wrong with it, you can find out exactly what went wrong the second it happens, sometimes even way before it happens.