Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation?
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl Replacing Active Directory with Samba is something I’ve looked at on and off. AD is basically DNS + Kerberos + LDAP, with a bit of glue to sync domains together. It’s certainly _possible_ but a major undertaking.
-
@nygl Replacing Active Directory with Samba is something I’ve looked at on and off. AD is basically DNS + Kerberos + LDAP, with a bit of glue to sync domains together. It’s certainly _possible_ but a major undertaking.
-
-
@cyberlyra Super. Thanks. It’s really just wondering how an org with significant investment in MS backends might move to something else. If the need ever arose. Or prices continued to skyrocket.
@nygl @cyberlyra from a migrating users point, it might be worth moving them one new app at a time while every thing else stays the same for a while. helps them adapt gradually and lowers the impact on your support team
-
@cyberlyra Super. Thanks. It’s really just wondering how an org with significant investment in MS backends might move to something else. If the need ever arose. Or prices continued to skyrocket.
@nygl @cyberlyra I'd second Nextcloud, and would add Odoo https://www.odoo.com/ to the list of open source tools to look at for businesses looking to move off Microsoft.
Odoo is basically a platform with a range of apps for managing just about every aspect of a business.
And then for a Teams replacement, Nextcloud Talk, Mattermost (https://mattermost.com/), or Matrix/Element (https://matrix.org/) are all good options. -
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl Not what you asked for, but OSALT suggests open source alternatives for almost everything. Here's the example for AD:
https://www.osalt.com/active-directory#google_vignette
On my initial pondering about your query, I think a how-to doc would be tricky since each infrastructure is so different.
cc @futzle -
@nygl Not what you asked for, but OSALT suggests open source alternatives for almost everything. Here's the example for AD:
https://www.osalt.com/active-directory#google_vignette
On my initial pondering about your query, I think a how-to doc would be tricky since each infrastructure is so different.
cc @futzle@nygl @futzle And (silly me) I did not check the other replies before I replied. I see that @cyberlyra has a helpful listing of solutions/resources. Very cool.
Thankfully, I'm about to retire from my I.T. job... I am sooooo looking forward to never logging into anything with Micro$oft splattered all over it. -
@nygl @futzle And (silly me) I did not check the other replies before I replied. I see that @cyberlyra has a helpful listing of solutions/resources. Very cool.
Thankfully, I'm about to retire from my I.T. job... I am sooooo looking forward to never logging into anything with Micro$oft splattered all over it.@muz4now @futzle @cyberlyra I’ve always wondered how embedded we are in a Microsoft backend. All the apps and front end tools are fairly easy. The infrastructure piece is a bit of work. Whipping up a Domain Controller is too simple.
-
@muz4now @futzle @cyberlyra I’ve always wondered how embedded we are in a Microsoft backend. All the apps and front end tools are fairly easy. The infrastructure piece is a bit of work. Whipping up a Domain Controller is too simple.
@nygl @futzle @cyberlyra So true. We just had a pen-test and they used a fake DC to gather quite a few hashes before we detected it (from 2 non-MS systems, naturally).
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl Perhaps you want to be clear whether there is also a need to have a change of IT people/management. I've often observed that it is they who prefer Microsoft infrastructure.
In short, because it requires less knowledge and skill (as in general knowledge and general skill) and that's something they're often not prepared to invest in - regardless of whether than can be done for fewer overall $$.
Reality is of course a bit more nuanced, but that's the brief version of this line of thought.
-
@nygl Perhaps you want to be clear whether there is also a need to have a change of IT people/management. I've often observed that it is they who prefer Microsoft infrastructure.
In short, because it requires less knowledge and skill (as in general knowledge and general skill) and that's something they're often not prepared to invest in - regardless of whether than can be done for fewer overall $$.
Reality is of course a bit more nuanced, but that's the brief version of this line of thought.
@nygl where maybe I should clarify that "change of people" can mean either getting different people or getting/allowing people to change their behaviour.
I mean, in theory, "tech" people all like learning new skills don't they? </sarcasm>
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl
Sounds like FreeIPA? -
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
-
@nygl Replacing Active Directory with Samba is something I’ve looked at on and off. AD is basically DNS + Kerberos + LDAP, with a bit of glue to sync domains together. It’s certainly _possible_ but a major undertaking.
@futzle @nygl FreeIPA would be the Linux world counterpart to AD: https://www.freeipa.org/About.html
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl DNS and DHCP are fairly straightforward.
AD is more involved, but basically it is based on LDAP. -
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl from direct experience:
1. you cannot phase it - DNS, DHCP and AD are all in it together because AD uses DNS and DHCP integrates with DNS via dynamic updates for the client registration,
2. you are better off, as dramatic as it sounds, building a separate infrastructure, just a VLAN will suffice, on which you start moving services and, perhaps, isolate authentication using LDAP,
3. once everyone is authenticating against LDAP and the relevant servers you move the clients off Windows onto <preferred alternative> -
@nygl DNS and DHCP are fairly straightforward.
AD is more involved, but basically it is based on LDAP.@nygl There are open source alternatives for all of the Microslop services, in fact they were built on open source origins.
Servers and desktop clients are also fairly easy to replace now. -
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl https://grommunio.com/ sounds interesing, I learned about it from a friend but have no personal experience
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
