Greetings:

I would like to setup a multiple Linux server domain as an example to replace the muppet based approach of Microsoft puppet (muppet) networks: Active Directory (Perhaps Fedora Directory Server), Domain Controller (Samba), Exchange Server (Postfix)... and so on. What I want is the ability for users to log into the DC and inherit the requisite permissions for the different systems, file servers and application servers - transparently a-la a muppet network. I need the ability to easily administer them similar to using Remote Desktop, rather than using a KVM switch or swapping cables.

Any thoughts or suggestions on how to proceed will be greatly appreciated!

Sad fact: Microsoft have much better single sign-on capabilities than the Linux distributions, and for the things that users care about, Exchange is better than any Open Source groupware product. I don't count Scalix and Zimbra as fully Open Source, and those are the Exchange equivalents in the Linux world.

For an Active Directory equivalent, see FreeIPA. It's a fairly new thing from Red Hat that builds on Fedora Directory Server.

Before you get into infrastructure, though, you probably need to acclimatize to Linux a bit more. Unlike MS products, UNIX systems are really built for automation - SSH provides both remote access and remote command execution, the command-line shell is designed to make scripting trivial, and the text configuration files help make whole-network automation systems like Cfengine and Puppet possible. You can install Web applications to give some monitoring and administration interfaces, but frequently servers don't actually run graphical desktops, and desktop administration utilities are usually token, because *NIX admins don't work that way. As a Windows admin starting out with Linux, I found this a bit of a culture shock.

Great, thank you.

I actually abandoned MS platforms for RedHat/Fedora 4 or 5 years ago, but would like to demonstrate to my small company that the same user experience may be found without the license fees or vendor lock-in.

I use Webmin currently for a lot of the Admin, but would like to take that next step to a full replacement architecture.

Fedora 9 has FreeIPA packages, so you should be able to get it up and running fairly easily, but I don't think that RH offer it with RHEL or formally support it yet. IIRC, Scalix is a RH partner.

Note that these enterprise-y technologies are designed for larger companies, and are overkill for smaller organizations (less than say, 50 users). If your organization is pretty small the most cost-effective way to deliver a managed desktop is to use the thin client approach - Ubuntu are much further ahead than RH in this area. Google LTSP for more on that, if it's of interest.

For small organizations in-house email and collaboration/groupware stuff is too high maintenance, and it's probably better to look at service providers like Google, Joyent etc.

I think that the bottom line is that the kind of migration that you are talking about is really only likely to yield major benefits for larger or more technically orientated organizations. Appliances, Web-based service providers and thin clients are all uses of Open Source and open standards that can significantly reduce complexity (and cost) for smaller organizations.

Comparing Exchange to an SMTP server is crazy. First you should survey your users to find out what features and applications they actually use.

Sorry this has been so long since an update - I have moved since this last.

While I recognize that such an effort is overkill versus Exchange/AD/other but I also think the point is that Linux/FOSS can compete and one does not have to be enslaved as emancipation is available. At least that's my story and I am sticking to it!

Thx all.

Ian

You might want to try zivios (http://www.zivios.org). Its a consolidated web panel and an n-tiered PHP-5 application. It uses MySQL and OpenLDAP as it's data store, with OpenLdap being the primary back end for identity management and application integration and MySQL being used for panel specific data. Check it out!