this post was submitted on 25 Aug 2024
175 points (96.3% liked)
Linux
48287 readers
637 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Windows GPOs are a right old mess. I've been managing them for over two decades. The first fuck up is the word "Group". You cannot assign Group Policy Objects to AD groups unless you use something like ZENworks or some funky WMI filters!
Settings are applied to computers or users. Many settings are available to be set for both but only make sense or even work for one or the other. MS bought out some solution providers and that's why you get the Control Panel and other handy stuff, rather roughly bolted on.
AD with GPOs with the extension to "local machines" is a great idea but dreadful in execution. MS didn't want to nobble third party apps in the past so that's why we have this nonsense. Now its all about Azure/whatevs ie MS's cloud and subscriptions.
Now you belong us!
Linux being a Unix has NIS(+) for a directory or LDAP or AD or anything else you fancy. Ansible works for all mainstream OSs, including Windows.
So often I see people confusing and conflating authentication and authorisation, machine and session state configuration databases.
I have to disagree. Group policy is absolutely the best thing that has hit the IT world. You absolutely can assign it to groups and it is pretty straight forward to make. It also has the benefit of being very wildly used and documented. Assuming Microsoft doesn't keep screwing with it I think it is solid.
Also Active Directory is just LDAP, DNS and fileshares with configurations. You can though Kerberos (technically part of LDAP) and printers in there to. It is actually a pretty good system and I like playing with it via Samba AD.
I don't want to be rude but if you hate Windows you probably need a new career. I don't mind managing Windows systems the problem is Microsoft ruining the OS. It also happens to be totally proprietary and spyware which isn't great.
I will say Windows is decent for the niche its in. Larger scales, severs, mutlitenet, high security, kiosk, etc its not good.
I'm so glad its not my job. Running 1000s of nodes and an exponential amount more of services on those in hardened configs, across clouds, dcs, and availability zones are all easier than most ad forests I've seen.
Any windows work I do is just an exercise of how fast can I get to Linux again 😆😅, but I knew Windows admins that had it figured out.