Comment Not so easy (Score 5, Interesting) 442
Replacing windows with Linux using centralised authentication isn't that easy. We tried it recently where I work where we run both Linux and WIndows 7. This meant it had to be AD.
Using ldap for web services was easy enough as was getting win 7 desktops joined up. The hard part was getting Ubuntu machines on the domain...
The first thing I tried was likewise-open which I had a number of problems with. We eventually settled on winbind which worked incredibly well for a samba file server joined to the domain, but for desktops it wasn't ideal. If the domain controller became inaccessible for whatever reason, the whole machine would freeze up even with cached credentials turned on. The other caveat was user's inability to change their domain passwords from Linux. Well.. it was possible but whenever they changed their password, both the new and old passwords would still work. (see http://wiki.samba.org/index.php/Samba_&_Active_Directory#password_changes) It was also impossible to force a user to change their password, it would fail constantly.
If I weren't so determined I would have likely just gone with Windows 7 for ease of use despite the extra cost. There is one more commercial product I need to try and that's centrify. Fingers crossed.
Using ldap for web services was easy enough as was getting win 7 desktops joined up. The hard part was getting Ubuntu machines on the domain...
The first thing I tried was likewise-open which I had a number of problems with. We eventually settled on winbind which worked incredibly well for a samba file server joined to the domain, but for desktops it wasn't ideal. If the domain controller became inaccessible for whatever reason, the whole machine would freeze up even with cached credentials turned on. The other caveat was user's inability to change their domain passwords from Linux. Well.. it was possible but whenever they changed their password, both the new and old passwords would still work. (see http://wiki.samba.org/index.php/Samba_&_Active_Directory#password_changes) It was also impossible to force a user to change their password, it would fail constantly.
If I weren't so determined I would have likely just gone with Windows 7 for ease of use despite the extra cost. There is one more commercial product I need to try and that's centrify. Fingers crossed.