FrankForum (Frankness IS Forum)
http://brainout.net/frankforum/

OSX vs. Win10: which gives sysadmins more control?
http://brainout.net/frankforum/viewtopic.php?f=51&t=447
Page 1 of 1

Author:  brainout [ 01 Dec 2015, 14:48 ]
Post subject:  OSX vs. Win10: which gives sysadmins more control?

New article, here. I don't use Apple, but many others do, and this will be a major IT issue from now on, especially for the medical community.

Author:  hupostasis [ 02 Dec 2015, 06:01 ]
Post subject:  Re: OSX vs. Win10: which gives sysadmins more control?

Windows is (still) more flexible because of Active Directory and Group Policy which isn't a thing on OS X. Using an API instead of dedicated software for remote management is a good thing, so-- I don't find that to be an issue. Microsoft is just *behind*.

The medical community (at least hospitals around here) were still running on XP and just switching over to Windows 7. So, they're on a completely different planet that I think will take another 10 - 20 years to fully switch over.

Author:  brainout [ 02 Dec 2015, 12:53 ]
Post subject:  Re: OSX vs. Win10: which gives sysadmins more control?

But isn't it Active Directory which makes Windows more vulnerable? Am Asking, not disputing. I don't know any sysadmin stuff...

Author:  hupostasis [ 13 Dec 2015, 03:38 ]
Post subject:  Re: OSX vs. Win10: which gives sysadmins more control?

brainout wrote:
But isn't it Active Directory which makes Windows more vulnerable? Am Asking, not disputing. I don't know any sysadmin stuff...


It's more secure because Active Directory accounts don't have credentials that are stored locally in the SAM database. So you can't use ntpasswd to reset the password on a local account like you would on a domain account. In fact, I am not sure how you would get around it other than connecting the machine to the domain controller and resetting the password that way.

It's also entirely mandatory for corporate environments (otherwise you'd be running as a giant workgroup). You need to be able to disable user accounts at a second's notice, so they can't log in or access data they shouldn't.

There used to be other solutions to active directory, but all of them have become defunct due to Windows being the predominant OS, so Microsoft's solution is the only solution. Regardless if it wasn't secure.

Page 1 of 1 All times are UTC
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/