betchern0t wrote:I am a long time linux user who has used it professionally as an IT Professional as well as at home. I have just finished documentation about connecting linux to a school wireless network. I thought it might be educational to consider what indications there are that linux is ready for the enterprise.
The network was using PEAP/MSCHAPv2 which are fairly windows centric but have had years of support in linux. The SSL tunnel was secured by certificates from a global CA. The proxy was being supplied by a wpad protocol. These were the results I got:
Compatibility Matrix
Code: Select all
Operating System Desktop PEAP/MSCHAPv2 Certificate Proxy comment
Fedora 20 KDE Good Good Good Worked out of the box
OpenSuSE 13.1 Gnome 3 Good Good Good Worked out of the box.
Sometimes fails to save the connection so have to retry.
Android 4.4 Android 4.4 Good Good Medium Have to use hard coded manual proxy
Linux Mint 17 Cinnamon Good Good Poor had to use dconf to set proxy
Xubuntu XFCE Good Good Poor No concept of per connection system wide proxy
OpenSuSE 13.1 KDE Unknown Unknown Unknown Hang on boot on my laptop
Fedora 20 Gnome 3 unworkable unworkable Good Despite hours of trying couldn’t get it to work.
Cr OS 2.4.1290
(Chrome OS) Cr OS Unknown Unknown Unknown Lacked driver support for my laptop
I guess this shows up an inherent weakness in the bazaar programming model. The developers often lack resources and generally don't live in an enterprise environment. it is hard to simulate such an environment without resources and it requires a different mindset. On this snapshot, the only one which came in trumps was Fedora with KDE. Mint 17 had fixed the phantom certificate problem but had a nasty inherited bug in NetworkManager which failed to save any proxy settings.
One thing I was extremely surprised about was Fedora with Gnome complaining that the root addtrust certificate required to authenticate the ssl 3.0 session was invalid.
If I had added in OSx, Windows and Chrome OS I would expect each to pass with flying colours. Windows it seems doesn't use PKI rather machine accounts. I hear that the OSx hack for this is to simply run a script to disable the CA Certificate. Android works well but is limited. Chrome OS works well but I haven't fully tested it. This is a reflection of the resources behind them and also that their programmers live in the enterprise.
What do you think?
Cheers Paul
I think that
What do you do as an IT professional that you can't set up an internet connection without GUI? Your basically comparing GUI automatic configuration tools... Seems irrelevant in the enterprise world where you're likely going to have network specialists doing more complex work then writing a config to connect to a protected network... Unfortunately I think this is a whole lot of testing for nothing, as it pretty much misses the point.
There is a pretty decent chance those servers you were trying to connect to were running some form of linux/unix.
What DE or distro you are running is pretty irrelevant.
You basically tested the wrong thing.
There are a hand full of different utilities that can be used to connect to the internet, and all you really did was test which distro has the nicest default setup for home users.... But on any of those distros, you could just run the setup that works, its just a matter of knowing what is needed to connect to your network and configuring that.
Use what ever desktop you want, the only real difference is the network applet and 3rd party GUI config tools... You can setup a working internet connection before X is even started and then what ever network connection that exists will just be passed on to what ever X session you start.
"enterprise" basically means that they are going to have their own secured network, and are going to be doing a lot more config then just trying to establish an internet connection, so regardless of distro the appropriate tools can basically be installed and the config copied over and it will have internet independant of what internet is running.