this post was submitted on 28 Jul 2024
72 points (100.0% liked)

Linux

8307 readers
206 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
 

Hey all, sorry for the low level question, but basically I'm looking for the easiest way to set up something like a Windows AD. This would be for something like 10 computers at a local church where I do a lot of their infrastructure work. Is also be interested in sound something similar on my home network, but a while directory is probably overkill. And any suggestions on learnings or other suggestions appreciated!

top 25 comments
sorted by: hot top controversial new old
[–] zelifcam 56 points 4 months ago (1 children)
[–] [email protected] 21 points 4 months ago

And LLDAP for something lighter

https://github.com/lldap/lldap

[–] [email protected] 25 points 4 months ago (1 children)

Depends on what you’re looking for? Common logins? A way of mass applying configurations and policies or to multiple computers? Way of doing centralized shared file stores?

There’s no true 1:1 in Linux, but there are multiple applications that can cover all of the functions. As one person said, LDAP, but that’s a protocol that can be served via multiple applications. Samba is one that offers an AD like system that would probably cover SoHo type needs. Things like openldap, 389 server and other can do pure directory/authentication but may not meet everything.

[–] Jayb151 4 points 4 months ago (2 children)

Depends on what you’re looking for? Common logins? A way of mass applying configurations and policies or to multiple computers? Way of doing centralized shared file stores?

I'm actually kind of looking for all of this. Everything there is currently Windows, but it's kind of hard to upgrade everything without paying money haha. I was wondering if I could do a version of Linux because as a non-profit we have a free google workspace account. It would be nice to move away from the Windows teat(especially because we have a free productivity suite in Google Docs), but that might be a hard battle to win.

[–] [email protected] 9 points 4 months ago

I’d start by looking at Samba then. That’s probably gonna be your closest 1:1 replacement. It can even act as a domain controller for Windows systems too.

[–] Starbuck 2 points 4 months ago

In Unix, there is a philosophy of small utilities that do their job well and are easy to integrate with each other. You don’t find one thing that does everything in Linux the same way you do with AD, but you might find something that does most of it.

I’d look at SSSD and FreeIPA, those are probably the closest you’ll get. Put in Ansible and you’ll be fine. You might also look at what Google can do on its own with ChromeOS

[–] [email protected] 19 points 4 months ago (1 children)

Depends, what are you going to use it for? Just authentication? OpenLDAP if so. If you want a full AD equivalent, it's still AD via Samba.

What are the church's requirements?

[–] Jayb151 2 points 4 months ago (2 children)

Right, so the church itself has no idea what they want/need. I'm basically doing all this set up for free, just so I can say I've done it. What I was really hoping for was authentication, but also group policy management and file share. Thanks for the response!

[–] 1371113 2 points 4 months ago

Non profits qualify for 10 free business premium licenses with MS. Hopefully a Linux cloud provider has something similar. You don’t want to have to go back to the church every week right?

[–] [email protected] 0 points 4 months ago

The church being a nonprofit organization may be able to get GSuite for a super low cost or free.

[–] [email protected] 18 points 4 months ago* (last edited 4 months ago)

While LDAP/Samba are the canonical answers for "what is the AD equivalent for Linux", I would also like to point out that you could save yourself the time to maintain this by using an AD SaaS solution like Jumpcloud or similar that supports Linux. Given that you said it's for a church with about 10 computers, there might be a discounted or even free option (eg under the nonprofit category).

[–] Hawke 15 points 4 months ago (1 children)

AD is basically LDAP+Kerberos, plus some tools to manage system and user configuration using LDAP.

So for Linux it would be those two tools, and roll your own tools for config.

Or just use Samba which handles a lot of this in the same way as AD.

[–] Jayb151 3 points 4 months ago (1 children)

Thanks for the response! Can Samba handle things like group policy as well?

[–] testfactor 13 points 4 months ago (1 children)

If most of the boxes are Windows, probably Samba4.

But if you're mostly using Linux, FreeIPA is actually really nice.

[–] Jayb151 3 points 4 months ago

FreeIPA

Ho shit! I never actually heard of this before, but I'm interested now. I've been using Fedora on my personal laptop...and have been wanting to switch to Linux on my gaming PC. I haven't made the leap yet though as I'm not 100% comfortable being without Windows. I know dual booting is a things but I haven't done that in a decade and would rather just have one OS on my Pc. Thanks a lot for your response!

[–] ikidd 10 points 4 months ago (1 children)

FreeIPA, and there was another one but its an enterprise level system, can't remember the name.

[–] zelifcam 0 points 4 months ago
[–] [email protected] 9 points 4 months ago (2 children)
[–] Jayb151 2 points 4 months ago

Damn, I hadn't heard much about this either, but it does seem like a full replacement for Windows server with AD. I'll for sure be checking it out, thanks!

[–] RubberElectrons 1 points 4 months ago

I used this at v4.0, everything worked great for getting both lin and win 7 clients to play ball except the win7 machines would eventually keep claiming the machine key had expired. It was sooo irritating.

[–] [email protected] 7 points 4 months ago

Why has no one mentioned freeipa/redhat IDM!

[–] [email protected] 5 points 4 months ago (1 children)

Another vote for Zentyal http://zentyal.com/ Basically AD on linux, with a nice GUI to boot.

[–] Jayb151 4 points 4 months ago* (last edited 4 months ago)

Zentyal seems to be the closest direct replacement for Windows Server. I'm downloading it now to take on a test drive, thanks much! EDIT: Actually, it seems the link to download the community edition is broken?

[–] [email protected] 0 points 4 months ago

There isn't really a direct equivalent. AD is a great product. Best to focus on the individual pieces instead of the whole package for a replacement.