1

Has anyone had experience migrating their Active Directory and / or Exchange servers to Linux-based alternatives? What size network in terms of End Users did you do this for? I started using Linux for my desktop and at home and all of my home lab is now Linux based (Mix of Ubuntu and Debian) but wanted to see how that translates to the enterprise. Did you have any issues with the Windows 7 or Windows 10 workstations? Did you eventually migrate the workstations to Linux? What did you transition Exchange to?

We are currently running 2 Windows 2008 R2 domain controllers and Exchange 2010 with about 50 end users / workstations.

8 Spice ups
2

Unless you’re a master Linux administrator, or prepared to pay a pretty penny for one, i would not under any circumstances switch to Linux. While the price tag is quite lovely, you are also on the hook for resolving every single issue that arises.

1 Spice up
3

I should have clarified that if I make the change I would go with a version with full support. I made the transition in a branch office of ours with about 10 users and it went fine until a specific piece of software needed a AD schema level that the current version of Samba didn’t support. Some of the other “Windows-only” admins were able to add users with no issue once the scripts were set up.

1 Spice up
4

Though I love Unix and by association Linux, I would first look at moving my office to a hosted exchange solution for mail such as is offered by Rackspace. Then maybe when the day comes that I start to do things with Azure and have to hook it up to Active Directory, I would look at those services to extend it outside the office.

Linux just doesn’t make sense if you world is all Windows otherwise unless as has been said, you want to own and fix every issue it has. It may have a dollar cost of $FREE to get and use, but it isn’t $FREE to support or fix when you consider what your time costs.

5

my business is strictly Linux, not a single windows branded OS in or any where close to being on the network. all linux desktops, and all debian based servers. LDAP and SAMBA + Kerberos for authentication, and postfix and dovecot for mail server.

No issues what so ever. we are under 50 user. but I have worked in environments that where set up the same and had over 5000 end users. it is doable and it is fairly easy to do.

2 Spice ups
6

Agreed ^^^

If you want to do it, don’t just dump everything and make the switch unless you have someone who knows what they are doing. Start with learning Linux and testing and playing around with things. Create a mimic of your work environment and get it working fine. Then see about phasing in parts of it. This may take a while until you get familiar and confident in making the transition.

7

This is also a great misrepresentation of the situation. There exists a number of options for you to pay someone else to resolve every single issue that arises, similarly to the situation that exists with Windows. If you don’t know how to fix it, you can research and try to figure it out, or you can pay someone else. That’s the norm out there right now for EVERY platform…

I agree with the sentiment that if you don’t know what you are doing, you shouldn’t necessarily be doing it… But I get a feeling on here from time to time that certain posters are incentivized to spread fear about the world as it might exist without Windows.

2 Spice ups
8

The last time I looked at pricing for Rackspace offered services of any kind, I realized that I could easily find a moderately competent Linux Admin with some drive and desire to learn for cheaper.

Everyone likes to make the comment about how time isn’t free, but they almost never actually assign a dollar amount to it and try to do the math to validate that claim. In my experience, that is because it frequently doesn’t actually work out the way that they believe it will. When was the last time you ran into a Windows issue that you had never seen before, and managed to get it resolved without spending some of your not $FREE time to get it resolved?

9

Grux, Did you have anything that did a shared contact and calendar function? Sogo.nu seems to have a good solution. Unfortunately our accounting software needs ActiveX (groan) and the tax prep software is a windows app that gets a new version annually so I will run some tests with Wine to see if they work. Do you use any accounting / General Ledger software? We aren’t thrilled with out current solution but haven’t seen many alternatives.

Bud G., thanks for the suggestion, I will create a test lab and put a mix of windows and Ubuntu endpoints and see how the transition goes in the lab.

10

We looked at setting up what we needed with Windows Server, but after seeing the quote for licensing, well we ( as an organisation ) decided to go the Linux way. You don’t need to be a “guru” to do this, you just need an understanding of how Linux works. I can tell you that doing our environment the Linux way saves the business in license costs a substantial amount of $$$,$$$.$$ Staff that are new to Linux Desktop actually have thrived in the environment.!! Several of the staff have even asked about switching over their personal PC’s to Ubuntu like they have at work…!!

No serious issues once people understand that its just a slightly different User Interface, so the start button is no longer square, its round. some of the apps have different names… big deal, these are all things that can be worked out. Heck for one person we actually changed the names associated with a handful of apps to match the windows versions of the same type of app. (MS Office names and LibreOffice names).

And this crap about “omg it broke we need a guru…” is well just that, it’s a crap excuse. Step out of your silo’d box, spread your wings and learn to fly, it’s only scary for a brief moment, Don’t be afraid to learn something new… or even to extend skill sets beyond where they are.

4 Spice ups
11

William, you have succeeded with an office with 10 so that you are proficient in Linux and should be able to do it again. The biggest problem that I have with users is that they want to stay with a system they are familiar with - Ie Microsoft Windows and if you want to go totally Linux then in an office of 50 there will be some who will strongly resist. The person who I have much respect for on this topic is Scott Alan Miller and hopefully I have managed to tag him for his views and experience.

@scottalanmiller

2 Spice ups
12

for shared contacts and calendars we set up a Horde 5 server, it does mail, cal, and collaboration.

for the accounting software, here are several options to get you started.

SQL-Ledger (Enterprise Finance Management)

SQL-Ledger ERP is a free, open-source, platform independent double-accounting-method system and enterprise resource planner (inventory, work and purchase orders, taxes, etc.) that uses the SQL database server (PostgreSQL/Oracle/Mysql databases). It uses a web browser for an interface and be accessed remotely. It is extremely comprehensive and is available in many languages. Install:

sudo apt-get install sql-ledgerWebERP (Enterprise Finance Management)

WebERP is a free, open-source enterprise resource planner and accounting suite similar to SQL-Ledger that uses a web browser as an interface. It runs on the LAMP server. It is somewhat difficult to implement and use, but conforms to strict accounting guidelines. Set up your LAMP server first, then install using the web site instructions.

Phreebooks (Enterprise Finance Management)

Phreebooks is a free open-source enterprise resource planner and accounting suite similar to WebERP. It also runs on a LAMP server. It is in active development in 2011. A demo is available at the website.

Quasar (Enterprise Finance Management)

Quasar is a proprietary Linux-based accounting suite similar to Quickbooks. For a single user without point-of-sale or networking needs, it is free. For other users it costs CA$500 per seat. An installer for KDE-based systems is here.

Eqonomize!

Eqonomize is a personal/household accounting software package for KDE/Kubuntu. It provides a complete solution, with bookkeeping by double entry and support for scheduled recurring transactions, security investments, and budgeting. It gives a clear overview of past and present transactions, and development of incomes and expenses, with descriptive tables and charts, as well as an approximation of future account values. Install:

We tested several of these and went ahead with the SQL-Ledger-ERP as it met our needs perfectly. It is also highly configurable and has many of the same or similar features as quickbooks does minus the Application lock ups, and application crashes.

As to network performance when compared to a like sized windows environment, running all windows based software and windows OS’es, we see a overall reduction in network chatter between devices, we see a reduction in issues needing help desk, we see an environment requiring LESS overall maintenance than a similar configure Windows environment. (we did a hard comparison between our network and a network of like hardware set up with Windows server /desktop).

3 Spice ups
13

There are distros like Univention that advertise as AD replacements and do things like LDAP, Kerberos, cert management etc. They’re general paid support or enterprise licensing. Your mileage will vary but the cost is often less with fewer limits particularly on a per user basis. No need for CALS for every user, as an example.

Build a small virtual lab and learn it before your transition. The impact to a project like this failing can be significant or in other words expensive so a small budget for a pilot project should be reasonable.

The legacy impact is usually glossed over. What happens when you leave or you need to expand your team? What does that mean for your organization? I once built a nice little asterisk server for a sales company. They abandoned it two months after I left because they could hire support for it and decided it was no good because the person who replaced me had no idea how to manage it (or gumption). Hilariously they replaced it with a 3CX server and were really pleased with how quickly the change over went. A former colleague was surprised even the voice prompts were the same. I said its because they are and explained how they were essentially the same thing.

14

Actually, that’s a key reason to switch. Windows comes with no support, but is very costly. Linux is cheaper to support, easier to support, easier to find support resources and since it is free to acquire you can save all that money you were going to spend on Windows to pay for Linux support if you need it. Support is probably the top reason to switch, That LInux is cheaper to buy up front is nice, but doesn’t really matter in the grand scheme of things. It’s the “cheaper and easier to support” that wins the day long term.

NEver look at up front costs, always look at ROI and TCO. That’s where Linux slam dunks.

3 Spice ups
15

DO you pay for full support with Windows? If not, why do you feel you need it for Linux? NOthing wrong with support and supporting vendors is great. But just wondering why, when moving from something harder and more complicated to something easier that you would move from being without support to having support?

For support, look at RHEL and Suse.

2 Spice ups
16

I agree that you should be moving to hosted whether Exchange or not. But a few tips on that specific thing…1. Always use hosted email unless you have an extremely clear reason why you should not. Always start with hosted as the assumption.

  1. Hosted Exchange should come only from Office 365 by Microsoft, never from any other vendor. If you don’t trust MS to run your Exchange, you can’t trust Exchange and you need to be off of it. Microsoft runs Exchange cheaper than anyone else. Way cheaper than RS and RS can’t even begin to support it as well.
  2. COnsider getting off of Exchange. Exchange is only the back end. You can provide full Exchange compatibility without Exchange.
  3. If you can get users away from Outlook, you gain all kinds of additional benefits and might be able to lower costs even further.
2 Spice ups
17

Windows isn’t free to support of fix either. What matters is not that Linux isn’t free to support, but that it is cheaper to support than Windows.

1 Spice up
18

I’ve done that a lot. I’ve had lots of success with pure Linux shops and mixed ones. And success with pure Windows shops, too. THey all work, in the right situation.

19

So please correct me if I am wrong but do you think the switch of workstations would also help with the current state of ransomware (e.g. WannaCry / Petya)? Kerberos would still be used for authentication (so the credential compromise part wouldn’t necessarily be improved) but with a full switch of the workstations the payload code would not run even if the local smbclient was vulnerable to the same SMBv1 exploit or whatever the next vulnerability would be. That is a HUGE argument for TCO since you wouldn’t have downtime to restore from backups if the network shared drives a user had write access to was hit/encrypted.

I am NOT saying not to have segmented backups/offline backups, just that the need to restore from them MAY be lessened in catastrophic circumstances.

20

I agree completely. Windows is great and has loads of places where it makes total sense. Linux does too. But the “LInux is hard” FUD is ridiculous. From end users to admins, I’ve tested this over and over again and routinely people find it the same or easier. There is a reason that enterprise shops that don’t buy into this theory use Linux more than anything else - because it saves them money at the end of the day and 99% of their cost is in support, not purchasing. Linux’ biggest benefit is ease and low cost of support.

1 Spice up