Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation?
-
@nygl @futzle And (silly me) I did not check the other replies before I replied. I see that @cyberlyra has a helpful listing of solutions/resources. Very cool.
Thankfully, I'm about to retire from my I.T. job... I am sooooo looking forward to never logging into anything with Micro$oft splattered all over it.@muz4now @futzle @cyberlyra I’ve always wondered how embedded we are in a Microsoft backend. All the apps and front end tools are fairly easy. The infrastructure piece is a bit of work. Whipping up a Domain Controller is too simple.
-
@muz4now @futzle @cyberlyra I’ve always wondered how embedded we are in a Microsoft backend. All the apps and front end tools are fairly easy. The infrastructure piece is a bit of work. Whipping up a Domain Controller is too simple.
@nygl @futzle @cyberlyra So true. We just had a pen-test and they used a fake DC to gather quite a few hashes before we detected it (from 2 non-MS systems, naturally).
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl Perhaps you want to be clear whether there is also a need to have a change of IT people/management. I've often observed that it is they who prefer Microsoft infrastructure.
In short, because it requires less knowledge and skill (as in general knowledge and general skill) and that's something they're often not prepared to invest in - regardless of whether than can be done for fewer overall $$.
Reality is of course a bit more nuanced, but that's the brief version of this line of thought.
-
@nygl Perhaps you want to be clear whether there is also a need to have a change of IT people/management. I've often observed that it is they who prefer Microsoft infrastructure.
In short, because it requires less knowledge and skill (as in general knowledge and general skill) and that's something they're often not prepared to invest in - regardless of whether than can be done for fewer overall $$.
Reality is of course a bit more nuanced, but that's the brief version of this line of thought.
@nygl where maybe I should clarify that "change of people" can mean either getting different people or getting/allowing people to change their behaviour.
I mean, in theory, "tech" people all like learning new skills don't they? </sarcasm>
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl
Sounds like FreeIPA? -
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
-
@nygl Replacing Active Directory with Samba is something I’ve looked at on and off. AD is basically DNS + Kerberos + LDAP, with a bit of glue to sync domains together. It’s certainly _possible_ but a major undertaking.
@futzle @nygl FreeIPA would be the Linux world counterpart to AD: https://www.freeipa.org/About.html
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl DNS and DHCP are fairly straightforward.
AD is more involved, but basically it is based on LDAP. -
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl from direct experience:
1. you cannot phase it - DNS, DHCP and AD are all in it together because AD uses DNS and DHCP integrates with DNS via dynamic updates for the client registration,
2. you are better off, as dramatic as it sounds, building a separate infrastructure, just a VLAN will suffice, on which you start moving services and, perhaps, isolate authentication using LDAP,
3. once everyone is authenticating against LDAP and the relevant servers you move the clients off Windows onto <preferred alternative> -
@nygl DNS and DHCP are fairly straightforward.
AD is more involved, but basically it is based on LDAP.@nygl There are open source alternatives for all of the Microslop services, in fact they were built on open source origins.
Servers and desktop clients are also fairly easy to replace now. -
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl https://grommunio.com/ sounds interesing, I learned about it from a friend but have no personal experience
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
@nygl "Just out of theoretical interest" ... LMFAO.
The Danish govt probably has docs like that. So does the German State of Schleswig-Holstein. I think Bavaria should at least have a Proof of Concept.
-
Does anyone make a document for dismantling Microsoft infrastructure in a medium sized organisation? Is it even possible? DNS, DHCP, AD, etc. Maybe a phased approach.
Just out of theoretical interest.
Noting I'm not in any way planning to undertake this task. I'm wondering how it would be done (yes I know some European entities have done it), particularly in the light of happenings in the US and people pondering moving away from US-based orgs.
Seems the desktop and app component is the easy bit. An AD server is simply too convenient to install and get up and running. I thought there'd be an equivalent. Well, there was - it was called Mac OS X Server.
-
@nygl @cyberlyra I'd second Nextcloud, and would add Odoo https://www.odoo.com/ to the list of open source tools to look at for businesses looking to move off Microsoft.
Odoo is basically a platform with a range of apps for managing just about every aspect of a business.
And then for a Teams replacement, Nextcloud Talk, Mattermost (https://mattermost.com/), or Matrix/Element (https://matrix.org/) are all good options.@aj @nygl @cyberlyra I had no idea odoo was OpenSource, I just saw YouTubers advertising it and threw it into the same scam-bucket as Raycon Earbuds et al
-
@aj @nygl @cyberlyra I had no idea odoo was OpenSource, I just saw YouTubers advertising it and threw it into the same scam-bucket as Raycon Earbuds et al
@AuntyRed @nygl @cyberlyra Oh yeah, if you have YunoHost set up ( https://yunohost.org/ ) and search for LibreERP, that's basically Odoo.
I even set up my own instance of it, because I can: https://erp.sadauskas.id.au/ -
@nygl @cyberlyra I'd second Nextcloud, and would add Odoo https://www.odoo.com/ to the list of open source tools to look at for businesses looking to move off Microsoft.
Odoo is basically a platform with a range of apps for managing just about every aspect of a business.
And then for a Teams replacement, Nextcloud Talk, Mattermost (https://mattermost.com/), or Matrix/Element (https://matrix.org/) are all good options.@aj @nygl @cyberlyra Just self host and stay away from Odoo hosting from Odoo. They're not exactly technically competent, or their incompetence is calculated to make them more money. Either way, it's a mess. -
@nygl @cyberlyra I'd second Nextcloud, and would add Odoo https://www.odoo.com/ to the list of open source tools to look at for businesses looking to move off Microsoft.
Odoo is basically a platform with a range of apps for managing just about every aspect of a business.
And then for a Teams replacement, Nextcloud Talk, Mattermost (https://mattermost.com/), or Matrix/Element (https://matrix.org/) are all good options.+100 to all this.
@aj do you have experience with the YUNOHOST Matrix install/bridge or Element install? I've tried to run it myself before and like many newcomers I gave up, but I'm a fan in principle and would like to see it have wider use...
-
@cyberlyra @aj Wow. Responses!!!
-
@cyberlyra @aj Wow. Responses!!!
