Good Morning All, Well it is in the UK
I am wondering are there a set of tools that can replace Microsoft Windows Server, Active Directory, DNS, DHCP and Group Policy. To manage Windows Work Stations
i work in a Secondary School in the uk managing around 500 devices and 14 Virtual Servers, and we are looking upgrading our server infrastructure but looking into linux alternatives so we can cut down our microsoft licencing etc.
would be good to hear from the linux community and see what is on offer.
You can get centralized credentials with LDAP and SAMBA - but this is not a full domain controller.
DNS, DHCP
This can easily be done with any Linux distro or if you want something more specialized you can look at PFSENSE or IPFire
Group Policy
You are a bit out of luck here as I don’t think there is a Linux alternative to this as this is propitiatory.
You will also have to look at what software you run on your servers in regards to Linux alternatives. There is also no Linux alternative to WSUS so the best you could do would be to have a caching server.
Easy to replace things are DNS/DHCP routers / firewalls and other pure network stuff.
Next up would be typical network apps e.g. samba for storage, you can use Windows AD for auth.
Samba can do some of the AD stuff as well, but it’s not a direct swap in replacement; try building a list of “user journeys” you need to support and try it out before hand, my guess is you’ll have to give something up compared to a typical Windows PDC.
How much time/effort would be reasonable to spend on your end for this endeavor? What’s your background?
For identity, DNS, certificates, and access control you want to use FreeIPA (IdM in Redhat terms).
Edit. (Missed that your not teplacing windows with linux, nust trying to cut costs.) To manage windows workstations. You want windows server with h active directory.
You got to ask yourself if you really want to manage windows clients with a hacked solution. You likely really don’t.
If you’re running FOSS software simple rules in the way you make groups and images and who gets added to them would probably take care of that. Non-FOSS not so sure.