this post was submitted on 23 Apr 2024
22 points (89.3% liked)

Sysadmin

7763 readers
242 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]

founded 2 years ago
MODERATORS
 

Samba is amazing, Windows server is a lot less so. The problem with Windows server is that it takes tons of steps to do basic things. On Samba I had Samba tool and it was very nice and friendly. On Windows server you have a ton of different management panels.

If there was a way I could hold off I would but due to changing requirements I didn't have much of a choice. (We needed Windows Server bare metal and I was not about to go and buy another machine.)

top 14 comments
sorted by: hot top controversial new old
[–] PlasticExistence 6 points 8 months ago (2 children)

I'm sorry for your loss. I've done administration of both, and I loathe working with Windows.

[–] [email protected] 5 points 8 months ago (1 children)

Would you ever date a Linux user ?

[–] PlasticExistence 6 points 8 months ago (1 children)
[–] [email protected] 2 points 8 months ago
[–] [email protected] 1 points 8 months ago

Funny how the so called "off brand" solution is so much simpler.

[–] [email protected] 4 points 8 months ago (2 children)

Why did you need a bare metal anything?

I realise that with the enshitification of VMware, there's one less viable option for virtualisation, but it's not the only one around.

[–] slazer2au 2 points 8 months ago (2 children)

If you are using LDAP auth for your hypervisor (vsphere as an example) how do you auth after a kaboom event and your AD server VMs have not auto started.

I remember reading somewhere (prob /r/Sysadmin) that having one bare metal AD server just incase everything goes offline.

[–] IHawkMike 7 points 8 months ago

You connect directly to the ESXi host with root. Because you're going to have to boot up vCenter in addition to the DC anyway when you're using SSO. I would use DRS rules to prefer host1 for vCenter and the PDCe for that reason.

Only in the very early days of virtualization (2008-2012) did I recommend keeping a physical server around. I know a lot more now than I did then.

But anymore, I don't recommend using SSO for hypervisors or backup infrastructure. It's better to add another wall in front of an attacker trying to laterally move onto these critical platforms for ransom, data exfiltration, etc.

And in reality, these "kaboom events" aren't terribly common unless you've neglected some other part of your infrastructure.

[–] [email protected] 4 points 8 months ago (1 children)

In the same way as if your Windows Server on bare metal doesn't start after an update, via the console.

[–] slazer2au 1 points 8 months ago (1 children)

I recall that ESXi doesn't let you do crap from the console. Just configure management. Be interesting to hear what options Prox and Hyper-V may have.

[–] computergeek125 5 points 8 months ago* (last edited 8 months ago)

You use console to turn on embedded shell then Ctrl+Alt+Fn over to it (I forget whether it's on f1 or f2), then you can use esxcli and all the rest of that to fix it up.

Once you get enough networking/storage pieces sorted out you can get back into the management HTML UI and SSH

Then when you're done fixing, turn shell and SSH back off.

[–] [email protected] 1 points 8 months ago

Simplicity, at the end of the day it was to complex to manage

It wasn't exactly running that many services anyway

[–] [email protected] 2 points 8 months ago (1 children)

Why not OpenLDAP? I’ve refused to run a Windows server at home for years and I’ve OpenLDAP running nicely in a lightweight container.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

That's not Windows Server. We needed more simplicity and having everything on one system was the simplest.

I don't like it as much but at the end of the day it was easier