Fuck Windows and Microsoft really. Today I had a meeting call through Teams first thing in the morning so I start my computer 10 minutes earlier than the call because it takes a like 3 or 4 minutes to boot and for Windows to be responsive. Windows decides to apply some past update so it takes 2 or 3 additional minutes which is fine, I am just in time for the meeting call. Well, 10 minutes into the call a notification in windows appears that the computer will restart in 5 minutes and with no option to postpone WTF. Imagine this was an important sales call, an emergency or something else critical, I might be fucked. The computer restarted I started my linux personal computer and I connect my bluetooth headphones to the it but no, they were connected to the Windows computer while it was restarting so I could not just call from it as the microphone started failing a few weeks ago. (I will just replace it, thanks Framework). So fuck my company for using Windows. Fuck Windows for developing such a nightmare OS with so shitty code. This was for sure a patch for a critical vulnerability, like always. And WTF this is Windows for a business, have a fucking super stable branch that does not need patches every other day. I don’t care about your updates to the shitty weather widget, just have a fucking working operating system that let’s me do my work. Fuck Microsoft monopolistic practices that keeps people and businesses from switching to Linux. There is no better publicity for Linux that Windows itself. Most Linux/GNU distros just let you choose when to update.


How do you manage your fleet? How big is your network?
I‘d love to push for Linux at work, but have yet to see a solution with similar management capabilities than a Windows domain. And I don’t want to manage individual clients, as sysadmin I want to push templates like GPOs and the like.
Can see it work for smaller environments, but not in a company with a couple hundred machines.
Oh, hell no. We are absolutely tiny.
It’s very much a trust-based situation as we all work together and in a small team.
I would actually love to know how to handle remote shutdown of PCs and lock out and things like that, for as we do grow, we are getting busier, and starting to expand.
Canonical Landscape, RedHat Satellite, SUSE Manager and Foreman to name a few.
I think Foreman is the only one not tied to an Enterprise subscriptions and supporting more than one distro, but I could be wrong.
I work in a higher ed org that uses a mix of (mostly) Red Hat servers and Windows & Mac endpoints; the Linux-focused admins use Ansible for things I’d do with either GPOs (if it’s something tried & true) or Intune (if it’s some half-baked newness and campus IT would actually give my group the permissions) in Windows.
Oh, Ansible is an interesting starting point. Would not thought of it for that purpose, I always „only“ link it mentally to automated deployment.
Will look into it out of curiosity.
Yeah, I’d never seen it used in this way either. They use it mostly to modify config files, which gives you a lot of control over most things on a Linux box. We also use it for Macs to do things like create a standardized local administrator account (since Apple doesn’t have a LAPS equivalent). It’s a pretty tangled web but we have an old-school Linux admin who keeps it all ticking (we just worry about his ticker!).
Good luck!
In Linux everything is a file. So modifying files is all you really need. The hardest part is how to handle mobile endpoints like laptops, that don’t have always on connections. Ansible pull mode is what we were looking at in a POC, with triggers on VPN connection. Note we have a large Linux server footprint already managed by ansible, so it isn’t a large lift for us.
One place I worked at just gave people Linux computers without telling them and disabled the boot image. The job was mostly online Salesforce, so Chrome got them through everything. Imaging was a breeze. We even made it kinda look like windows. No one really commented on it. We didnt hide it from anyone but we didnt go out of our way to make a big deal out of it.
Linux works when people stop thinking of it as “Linux”. Its “Android” or “Steam OS” or “My smart TV” etc… All you need to do is rename it and suddenly they are ok with it.
So I’m a total noob when it comes to business systems and I have never used ActiveDirectory or group policies, but wasn’t Linux or rather Unix originally designed as a system for many users on one big machine/network? Why is it so difficult for businesses to manage permissions and group settings on a large amount of devices? What does Microsoft/Windows do so much better there?
It was originally one computer that everyone connected to, it wasn’t a fleet of separate computers like Windows PCs.
And there is probably no simple way to set up a system that would function in a way that Linux needs I guess?
They have the management aspect of large environments down to a tee. Apart from costs it does not really matter if your domain consists of ten, thousand or more systems. The tools to manage those systems centralized by core systems is the same set for all sizes so to speak.
That can be on one campus, across multiple cities and locations. It’s quite frankly IMO the foundation on which the success of Windows in the corporate world is built. Standardized deployment of settings across all company systems saves administrators time which can be used for other tasks instead of micromanaging clients.
I have yet to see a similar solution for Linux clients that works the same way.
I heard Ubuntu got some big upgrades starting with 22.04 in terms to support for GPOs.
I never tested it personally but they do have some documentation for it and they can be added to a Windows domain: https://documentation.ubuntu.com/adsys/en/latest/
Not really the way if one wants to cut ties with Microsoft completely though. And I suspect most would argue „then you can go the Windows route all the way and have less pain integrating client systems“.
If getting rid of Microsoft entirely is the goal, Samba does AD with GPOs just fine.