Samba4 AD DC on CentOS 7 vs Turnkey Linux DC Appliance
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Samba4 AD DC on CentOS 7 vs Turnkey Linux DC Appliance
Please forgive the fact that this reads somewhat like a rant. I do have legitimate questions and concerns here, I am just extremely frustrated.
If you don't care to read, just skip to the bolded text...
Perhaps I'm missing something, but I've seen multiple "how to"'s for setting up a DC using Samba4 AD on CentOS7. Even the official Samba wiki has instructions. It IS supported. People have it working. Correct?
Yet when I ran into trouble (which I assumed was just because of my inexperience and SURELY the experts at Pantek that we pay $250/hour for their "Expert Linux Support" would know exactly what it was I was missing), I was told that well... it MIGHT be doable, but would require a bit of hacking to get it to work. And it was suggested that instead we use this iso of Turnkey Linux with a built in DC.
Seriously?
The official Samba wiki has instructions... how is on earth do you see that as requiring hacking?
Beyond the fact that we were really trying to clean things up and be uniform with our new systems rather than a hodgpog of different operating systems, the "expert" is suggesting that we use an operating system that I can find very little information about and what I have found is people complaining about old packages and many unnecessary components.
Am I missing something?
Is there a genuine reason that we should not bother trying to use a Samba4 AD DC?
Is Turnkey Linux really a viable OS for a business with a need for security and reliability?
If I'm wrong and there really is a legitimate reason for his insistence on avoiding samba4 on centos and using Turnkey instead, then I don't have a problem admitting such. My problem is that I have no evidence beyond this one person who I have not been impressed with in the past either.
I have used samba 4 many times in the past for simple cifs shares. I have seen an installation of samba 4 as an AD controller, and everything AD about it worked! (Samba DNS does funky things with cnames, so you've been warned!) I did not set it up, but I assume it is fairly straightforward, especially since the samba site itself has instructions on how to do it.
With any business, you have to weigh cost versus man-hours (because those are a limited resource too). If you are looking into small business server distros, check out Zentyal. I think they offer a drop-in AD replacement on an ubuntu-based GNU/Linux.
There are many things that an Active Directory server does that can't fully be replicated with Linux.
Turnkey linux is a VM solution that offers pre-made distro's with software installed and configured by some person. If you trust that person more than yourself then good. It is meant to be a quick solution. It may not be the most secure solution. I recommend them often but have never suggested they are secure by default.
Turnkey Linux (similar to Bitnami) is an appliance that is focused on easy initial setup. IMHO they don't care about updates and long term maintenance. I understand a use case for these appliances in short term testing environments.
Active Directory, which is a complex combination of various services (LDAP, Kerberos, DNS, CIFS), usually takes an important role in a professional environment. I'd recommend to not use something that is designed to be updateable, and that has a team in the backend that provides updates. Software appliances beside Nethserver that I'm aware of are Univention Corporate Server or ClearOS.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.