this post was submitted on 10 Mar 2024
6 points (87.5% liked)
Nix / NixOS
1743 readers
6 users here now
Main links
Videos
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The person telling you to "learn what AD is" is kinda a douche, but they aren't wrong.
AD is mainly 3 components in one:
All of these are doable on Linux. In many ways. Many, many ways. That you have to set up yourself.
For configuration management, do you want ansible, puppet, chef, nix, etc?
For shared logins, do you want openldap, lldap, Red Hat's ldap, etc?
For shared user data, do you want nfs, systemd-homed, or something else?
And for all of those, you have to evaluate, maybe test, and then select a solution, and then set it up yourself in a resilient manner.
Nixos, as a server distro, can host the relevant services needed for this. As a desktop distro, it can also do configuration management. But that's missing the point of AD, in my opinion.
The point of AD, and how it managed to become so popular, is that it is all of those, in an all-in-one solution that is simple to use (joining Windows machines to a domain is trivial), and it also comes with paid support.
Even if you were to build your own alternative on Nixos, which would be a lot of tinkering and twiddling, then you would end up with some of the same core features, but you would have to maintain, secure, etc, it yourself, and not having to do those to such an extent is why people buy Active Directory. There would be no alternative to things like Group Policy, instead you would be writing your own nix code.
So yeah. Unless someone comes along and builds an all-in-one solution on top of Nixos, nixos isn't really an alternative to active directory. You can replicate the core features. But it's not an alternative.
This was very informative and a good explanation. So thank you. That's very much appreciated.
I did not have time to write all of this and be certain I didn’t miss something.
So I summarized into learn the topic to understand the question is meaningless.
AD roaming, AD SSO, Policies, Etc.