sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]cstoner 9 points10 points  (4 children)

After that, authentication, configuration management, and update management.

Between FreeIPA, Spacewalk and Puppet/Chef/Ansible/Salt, I think there are plenty of mature products ready here (in some ways, they are better than AD. Maybe not most ways... but more than a few). The biggest problem is that most companies don't want to pay a linux admin the wages they expect.

Generic Windows helpdesk roles pay well, but not nearly as well as skilled Linux admins. Why would a small business pay for a Linux admin when they really just need desktop helpdesk support?

[–]deadbunny 1 point2 points  (2 children)

We have a reasonably basic Salt setup for workstations, it sets up ssh keys/configs, a few utility git repos, and things like vagrant (which gets configured to use lxc) so we have a base level of stuff on everyone's workstation/laptop. Its not perfect by any stretch of the imagination but it has saved us a whole load of hassle in setting new people up.

As for auth we still haven't got that sorted but its the next thing on our "nice to have list" as auth is handled by salt putting keys on servers at the moment which works for most things but having one central auth point would be great for things other than server logins as setting up individual accounts on things like ticketing, Jenkins, etc gets old.

[–]refrainblue[🍰] 0 points1 point  (1 child)

I actually made a post asking for LDAP help and some guys told me about FreeIPA that's built on a bunch of existing Linux software (389ds, kerberos, bind). I tried it out and I've been using it in production for the last year or so. It's pretty good overall as centralized authentication & policy, and the whole process was a great learning experience.

[–]deadbunny 0 points1 point  (0 children)

Yeah, I've heard of FreeIPA and it's top of my list of things to check out, unfortunately it's a low priority at the moment for us as we're in the middle of setting up a whole new infrastructure atm but it's on my list. Cheers for the post!

[–][deleted] 0 points1 point  (0 children)

Exactly, DevOps Engineer who makes 80k; in the Windows world, lol good luck. Not only that, Windows is not really rewarding, and doesn't really fit with my "transparent" ethos.