Shifting from Microsoft to Linux

RomajhonRomajhon Member Posts: 5 ■□□□□□□□□□
Hello Everyone we are planning to shift from Microsoft server to Linux for our organization.
The organization consists of three servers with different roles like ADDS of course
DHCP
DNS
Group-policy
File server
Web server
and specially the Backup and security
for 50+ staff,
can one give suggestion which distro would be best for this I mean
which linux distro for server and why
which linux distro as client and why


What i was thinking as Ubuntu and Debian but not sure as I haven't used them

Comments

  • VeritiesVerities Member Posts: 1,162
    You're shifting from MS to Linux and you have no experience with Linux?? Thats a recipe for disaster. Fortunately, three servers is cake, but I would recommend spread loading your services unless you're restrained to 3 physical servers.

    Why the sudden shift and what's your reasoning behind moving to Linux? Licensing cost?? There's serious considerations for migrating your environment to another OS and figuring out how to migrate services as well. I have so many questions....

    Ubuntu is Debian Linux....in any case, Canonical is hands down killing it with their desktop and actually a nice alternative for the non corporate side of things. They have a wide array of compatible device drivers and provide a very stable desktop environment for users. SuSE is another alternative, as its also Debian based, and you can also pay for technical support if necessary.
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    Agree with @Verities. DNS and DHCP are tightly integrated into AD and so is Group Policy. Do you plan to migrate the AD domain to Linux Samba?
    Need more details..
  • rob42rob42 Member Posts: 423
    My choice, for non-MS based Server, would be FreeNAS. Okay, it's not based on the Linux kernel, rather FreeBSD, but it runs on very modest hardware and I found it really nice to work with. This was a few years ago now, running on 32-bit hardware. I also looked at Ubuntu Server at the time and gave it a try, but I much preferred working with FreeNAS.
    No longer an active member
  • RomajhonRomajhon Member Posts: 5 ■□□□□□□□□□
    Yes we want to migrate AD domain into Linux Samba
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    Romajhon wrote: »
    Yes we want to migrate AD domain into Linux Samba
    Licensing cost an issue? Migrating away from Windows SBS?

    You can select a Linux distro, install Samba 4 and do some reading and testing. This is not exactly trivial given you do not have much Linux experience.

    Alternatively, you can consider custom Linux distros that have AD functionality and provides a graphical front-end (usually web based) for administration. Some examples are Zentyal, UCS (Univention Corporate Server), ClearOS. Most have community versions and a few do provide professional services and local support. You will have to evaluate them.
  • egyasia.comegyasia.com Member Posts: 14 ■□□□□□□□□□
    Romajhon wrote: »
    Hello Everyone we are planning to shift from Microsoft server to Linux for our organization.
    The organization consists of three servers with different roles like ADDS of course
    DHCP
    DNS
    Group-policy
    File server
    Web server
    and specially the Backup and security
    for 50+ staff,
    can one give suggestion which distro would be best for this I mean
    which linux distro for server and why
    which linux distro as client and why


    What i was thinking as Ubuntu and Debian but not sure as I haven't used them


    I would advise you to use CentOS with non-gui and manage it from a windows workstation with winscp and maybe a free control panel like webmin.
  • OctalDumpOctalDump Member Posts: 1,722
    50 staff? So, a couple of techs? And you want to replace MS with Linux?

    Hire someone to do it for you. And get your techs trained up in whatever the replacement is.

    To get up to speed with RedHat for administration, for example, could easily cost 15k.

    So the cost will quite possibly be something like 10k for architecting, engineering and deployment. 30k for staff training, and then a higher premium for future staff.

    The hardware costs aren't likely to change much. Software/licensing will be cheaper. Maintenance will possibly be a little higher.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • egyasia.comegyasia.com Member Posts: 14 ■□□□□□□□□□
    OctalDump wrote: »
    50 staff? So, a couple of techs? And you want to replace MS with Linux?

    Hire someone to do it for you. And get your techs trained up in whatever the replacement is.

    To get up to speed with RedHat for administration, for example, could easily cost 15k.

    So the cost will quite possibly be something like 10k for architecting, engineering and deployment. 30k for staff training, and then a higher premium for future staff.

    The hardware costs aren't likely to change much. Software/licensing will be cheaper. Maintenance will possibly be a little higher.

    I wonder why he would spend that much money on when he can use CentOS with open-source daemons and control panel for all he want to do and most of them have free tutorials wikis , still the hardware costs are not avoidable though
  • OctalDumpOctalDump Member Posts: 1,722
    I wonder why he would spend that much money on when he can use CentOS with open-source daemons and control panel for all he want to do and most of them have free tutorials wikis , still the hardware costs are not avoidable though

    Architect/Engineering/deployment costs are unavoidable as well. And maintenance for Linux can be higher than for MS since good Linux skills are typically less common than good MS skills.

    It's a basic error to assume that "free" software doesn't have all these costs, but unfortunately, it's also a common error. So I'm trying to remind our friend that if their motivations are economic, then they do need to consider all these costs.

    For a small organisation, it usually makes sense to outsource the higher skill technical work, and just keep maintenance/admin skills in house.

    And yes, they could attempt to teach themselves from free online sources and man pages, but it will inevitably lead to substandard work full of errors and problems that a seasoned professional would not have done. Paying qualified staff is nearly always surer to deliver faster and better quality.

    To be honest, for an organisation that size, sticking with the bog standard Windows + Office environment is probably a good choice. If they are a little more forward looking, moving to cloud services where all their applications can run out of a browser is probably a better choice. You could probably downsize the IT department to one person or less.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    The cloud seems a good way moving forward. Azure Active Directory Domain Services is still fairly new, and Windows 10 can join Azure AD domain. Give Azure ADDS some time to mature and we probably can get rid of local AD domain controller come next year.

    Small business can then use Azure ADDS for managing domain users with GPO, Office365 for office, email, file, messaging, video conferencing and web services, Intune for device management and Azure Backup for any local PC file backup. There is no requirement for an on-site server; IP addresses can be served via DHCP service on the internet broadband router.
  • VeritiesVerities Member Posts: 1,162
    +1 for everything Octal posted.
  • RomajhonRomajhon Member Posts: 5 ■□□□□□□□□□
    so with Centos can we achieve everything like what i was thinking to use
    Red-hat for group policy
    security-onion for network security
    but not sure how to manage user accounts in linux like we have ADDS in MS and
    specially the back-up plan in linux
    any suggestions plz
  • winona_ryderwinona_ryder Member Posts: 42 ■□□□□□□□□□
    Romajhon wrote: »
    so with Centos can we achieve everything like what i was thinking to use
    Red-hat for group policy
    security-onion for network security
    but not sure how to manage user accounts in linux like we have ADDS in MS and
    specially the back-up plan in linux
    any suggestions plz

    My suggestion would be to halt your project. Perhaps examine if it's possible to change one element at a time if there is a reasonable driver to move to open source.
    OctalDump's words are quite wise here.

    What is the use case for this? What type of business software do these 50 staff need to run?
  • VeritiesVerities Member Posts: 1,162
    Romajhon wrote: »
    so with Centos can we achieve everything like what i was thinking to use
    Red-hat for group policy
    security-onion for network security
    but not sure how to manage user accounts in linux like we have ADDS in MS and
    specially the back-up plan in linux
    any suggestions plz

    If you're going to use a setup with Security-Onion make sure you set SELinux to permissive to verify and violations when running your security software. If HIPs is included with the suite, make sure you turn off SELinux since or else you're going to take your systems down.

    OpenLDAP + Kerberos is perfect for you with administering accounts in the same way as MS AD. If you want to get a little deeper you can go with RH Directory Server or Free-IPA Server, however based on your skill set and experience, I recommend going with the easiest solution (the one I first mentioned).

    Amanda Network Backup is a straight forward tool for your size environment.
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    @Verities, does directory services (OpenLDAP, Kerberos, RH Directory Server) support Windows group policy?

    To replicate AD, @Romajhon may still have to try Samba 4. Unfortunately, RedHat disabled (i.e. removed) AD functionality of Samba 4 in RHEL/CentOS 7. He can compile Samba 4 himself. Use Samba Wiki as a starting point

    Romajhon wrote: »
    but not sure how to manage user accounts in linux like we have ADDS in MS and
    Use Microsoft RSAT to administer Samba 4
  • dontstopdontstop Member Posts: 579 ■■■■□□□□□□
    Verities wrote: »
    +1 for everything Octal posted.

    +1 on that too please
  • VeritiesVerities Member Posts: 1,162
    Mike7 wrote: »
    @Verities, does directory services (OpenLDAP, Kerberos, RH Directory Server) support Windows group policy?

    [FONT=&quot]"SSSD only allows using GPO for the computer-based access control. Other GPO-related access control options are currently not supported."

    [/FONT]
    https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/sssd-gpo.html
  • RomajhonRomajhon Member Posts: 5 ■□□□□□□□□□
    I was thinking and reseraching to use SSSD method for creating Domain-controller with SAMBA 4. Any suggestion Please?
    and which RAID would best suit Linux server 0 or 6? any one tried?
  • VeritiesVerities Member Posts: 1,162
    Romajhon wrote: »
    I was thinking and reseraching to use SSSD method for creating Domain-controller with SAMBA 4. Any suggestion Please?
    and which RAID would best suit Linux server 0 or 6? any one tried?

    Question 1: Google - Samba has a complete guide on how to use it as a Domain Controller. I personally hate using Samba and would not use it because it is extremely insecure. Without fine tuning, you'll be leaving wide openings for attackers.

    Question 2: Maybe you should read up on the different RAID types since that's a very simple question to answer.
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    I did such transitions in the past on almost anything ranging from Archlinux and FreeBSD to RedHat/CentOS and Debian/Ubuntu.

    I'm not a big fan of GUI so I don't need Ubuntu's user-friendliness so I'd skip it. Then, if you don't want to dive deeply into FreeBSD which is rather different from your typical Linux and for the sake of better documentation and support I'd stay with Linux. Now the question is RedHat or Debian. These are two major distributions on which majority of other smaller distributions are based on. I would throw a dice if I were you as there's not much difference for a person who's not deeply familiar with any, but personally I'd choose RedHat as I have more experience with it. RedHat is a paid support distro and a free version is CentOS. So I'd install it and configure all the services you mentioned and would solve any issues that will most certainly arise in this transition.

    The only typical problem for me was native Windows applications that people access by the means of Terminal Services/RDP. So I usually leave one or two Windows servers which I run on Xen hypervisor and set up rdesktop connection icons on people desktop OSes (I assume they are flavors of Linux as well).

    This is a bit dated information as I transitioned from MSP/MSSP career to enterprise for a few years now and haven't used this scheme since then.
  • jdancerjdancer Member Posts: 482 ■■■■□□□□□□
    As others have posted, if your organization don't have a lot of Linux experience, your organization is going to be a world of hurt. I mean a lot of hurt. Have I mentioned a lot of hurt?

    If you do decide to move forward, you'll want to use a headless non-GUI servers. To really get to know Linux, do it via the command-line. Yeah, Web-based GUI config interfaces work but won't help you when you need to troubleshoot issues.

    At the personal level, I suggest Archlinux. At the professional level, go with CentOS.
Sign In or Register to comment.