[Sussex] Appology / continuation

[Geoff Teale]

Not going to repost everything said by Neil and Nik.  Needless to say I take
Nik's side for most of that :)

Neil has a point, Active Directory is powerful, however it is also
universally a _bitch_ to migrate to and it doesn't deal with cross platform
authentication (ie. single logon to UNIX and Windows) which is increasingly
common in my experience, especially in large organisations who would be the
only people with the resources to think about implementing it anyway.  In a
new implementation you would also have to consider the _massive_ and
long-term licensing costs of using that technology rather than Samba.  

There is of course another reason Active Directory is a bad idea for
businesses, it's unrelaible under heavy load (as in a large Exchange 2000
implementation):

My previous employer started planning a migration to Active Directory
(including Exchange 2000) in late 2000.  By mid 2001 the project had been
scrapped as being too costly, too difficult and too damaging to the business
(downtime is an issue when you're providing a 24hour a day realtime data
service).  How did we come to those conclusions (especiallly considering
this was the same management that wouldn't employ a UNIX sysadmin without an
MCSE!), read on...

In our research and testing lab (as run by me along side our R&D office) an
Exchange 2000 server using Active Directory (set up by a nice man named Sean
who came down from Reading) was 5 times more likely to suffer fatal errors
than Exchange 5.5 under what we considered to be the peak of our daily load.
More than half of these errors caused unrecoverable corruption of the data
that woud have meant restoring from backups.  Sean (from microsoft), Larissa
and Dun You (Larissa was our Technical Consultant for "platforms" at the
time, and Dun You is a kick-ass C programmer who learnt in the Chinese
military!!) traced these problems back and eventually established that the
problem was with Active Directory - it simply couldn't deal with the load
we'd be putting on it at peak times of the day (usually this would start
around 8am EST  when New York comes on line while London and Frankfurt are
still trading).  Seans answer to this was to implement a split directory and
have different Exchange servers service different parts of this.  Larrissa
put forward this suggestion and Dun You put together an alternative based
around NetBSD, Sendmail and an LDAP server.

All of this would have been incidental accept for one thing...  At this time
we had just experienced 4 days downtime on the tfeurope.com exchange 5.5
servers.  An emergency back-up  machine was brought on-line on the first day
to handle new mail as it became apparant that the old machine was so corrupt
as to be unrecoverable.  We could not restore from backups either as
exchange 5.5 would vomit the old data straight back up (for reasons I won't
pretend to understand).  The men from Microsoft were brought in on the
second day, and they promply left again because Exchange 5.5 apparantly
isn't supported for databases greater than 15GB (this was basically the
get-out clause they used after spending several hours trying everything they
could think of).  Eventually the support team admitted defeat and restored
as much data as they could from a backup from two nights before the machine
crashed.  The entire incident lost us a lot of communication with customers
and indeed an massive amount of good will - the total cost of the incident
was estimated by our insurers as being in excess of "US$5 million".  

As a result of that incident (and the statistics from our testing) it is
unspirising that even _that_ management team could not advise moving to the
Active Directory based system, there was a rumour that the US directors of
the company had told the IT director that this had been an unacceptable
failure and any repeat would have cost him his job.

All of this leads me to a well known principle of system design: KISS.  The
problem with these solutions are they try very hard to make complex tasks
easy to administrate, but in doing so they create _very_ complex pieces of
software.  Another well known fact: bugs increase exponentially as software
complexity increases.

Get me straight :  I'm not saying Microsoft is a company of bad programmers,
it clearly isn't - they've been scraping the cream of IT graduates from
universities for several years now.  There is a _lot_ of programming talent
there.  The problem is that Microsoft has a disease that pretty much all
software companies have - it's obsessed with features and it _has_ to keep
building on things to make money.  That attitude is in direct opposition to
quality and reliability in software.
  
Almost all Microsoft software is suffering from the dreaded "second system
effect".   Which versions of MS Word was the easiest to use and the most
reliable, hmmm, Word 95 maybe?  Certainly not Word 2000 or XP, they've
screwed it up royaly by adding so much "intelligence" that the only person
who can create what they desire in such a package would be someone missing
the odd lobe :)

LINUX isn't immune from this problem either (KDE and Gnome/Sawfish are _far_
flakier than a straight twm session).  The great thing about LINUX though -
we have a choice, from the kernel on up we only need include the bits we're
happy with.

So, Active Directory:

Q/ Is it clever?  
A/ Yes it is.

Q/ Is it innovative? 
A/ *cough*novell*splutter*

Q/ Is it a good business decision?
A/ Only if you are already a 100% windows shop with enough users to offset
the cost and difficulty of setting up but don't have any high load
requirements based on it.

At the end of the day Active Directory has lots of nice features that
_could_ make a sysadmins life easier, but really there is no substitute for
a god sys-admin with a decent knowledge of the basic tools of his job, a set
of standard scripts and a sensible architecture.  Once and for all: Keep It
Simple, Stupid!

-- 
geoff.teale at claybrook.co.uk
tealeg at member.fsf.org

"Injustice is happening now; suffering is happening now. We have choices to
make now. To insist on absolute certainty before starting to apply ethics to
life decisions is a way of choosing to be amoral."
   - Richard M Stallman


The above information is confidential to the addressee and may be privileged.  Unauthorised access and use is prohibited.
 
Internet communications are not secure and therefore this Company does not accept legal responsibility for the contents of this message.
 
If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful.
 
Claybrook Computing Limited is a subsidiary of Claybrook Computing (Holdings) Limited
Registered Office: Abbey House. 282 Farnborough Road, Farnborough, Hampshire GU14 7NJ
Registered in England and Wales No 1287205
 
A Hogg Robinson plc company