I just though I’d share
Edit: I’m not sure if this actually works. All else fails fall back to Ansible
TD;DR
Too Dull; Didn’t Read?
Too dumb: Don’t read
Why why why would you do that?
Because your insane?
Actually it might be useful in mixed Windows Linux environments.
Compliance. Control. Security. Lots of things?
I thought this stopped working after MS pulled the Unix subsystem, as samba was using those attributes to manage the Linux systems?
Microsoft pulled those from the UI, but if you’re adventurous you can just shove those attributes in to user with power shell and it works the same.
Then just use sssd instead of NIS, surprised me at work when this worked.
Do you have any documentation on this by any chance? I don’t really like messing with ad schemas
I don’t know. I just found this why looking for something else.
Grid by Zorin, whenever it gets released, will be what you want
But is it distro acrostic?
time will tell once it is released.
If it is at least somewhat distro agnostic and has commercial support available they will get lots of business.
Yep. i imagine the long time between initial announcement and still waiting, is getting it right for realease. At least I hope that is why it has taken so long
Zoin isn’t exactly known for long term stability or regular releases. That why I can’t really recommend it.
We need tooling but Zoin probably isn’t where it will come from.
This seems like a minefield of clashes with distro-specific behavior. What happens if your system is using different software than what it expects or a policy that exists in Windows doesn’t always make sense in the target environment? I wonder how it is being dealt with?
And what about more broad policies like denying filesystem write access?
I’m also interested in this. I’m guessing you’d have to essentially have multiple overlapping sets of policies.
Ansible does some of each.
I hope the global catalog gets finished one day for freeipa.
FreeIPA is very unreliable in my experience. Samba is much more reliable from what I can tell.
My experience is quite the opposite. I have and still use both and find samba one of the more unreliable things. Freeipa does what it does with no issues.
Samba just works. It’s easy to set up and easy to manage.
Ironically I was trying to push for some rnd to run all of the GPOs for windows boxes as local policy ran by ansible. Just could stand all of the wonkyness AD introduced into the system.
Yeah, we need better tools
ran
It’s “run”, here.
What does TD;DR mean? Or did you mean TL;DR?
Very cool!
All else fails fall back to Ansible
Fucking hell. THAT far back?
We were doing everything Ansible does for the 95% case in 2002. Like, for 95% of use-cases, Ansible is absolutely no better than a conglomeration of tools from 2002. Definitely no reason to pay licensing.
Bonus: since it’s version-agnostic (another win over Ansible if you’ve ever managed Tower/AAP/whatever next week) I’m still using that paradigm today because it works SO well. It’s losing to Cinc or mgmtConfig but only because those are 1 and 2 generations newer than Ansible and do offer distinguishing features.
Ansible is foss, free of cost and requires almost no additional overhead or hardware.
It isn’t the best sometimes but if you have a bunch of machines to manage it works great. (Assuming they aren’t behind a NAT)
Ansible is foss, free of cost and requires almost no additional overhead or hardware.
Um, why are you stressing foss ? I only ask because the 2002 kit was
- cron
- make
- awk
- at
- rpm
‘It’s foss’ isn’t really a selling point, here, since ansible is still outmatched by everything else available – including that gaggle of tools from 22 years ago.
… which was foss.
The only thing Ansible has going for it is momentum; and cult-people who haven’t seen Chef or even that aforementioned tool-bag. Heaven forbid someone sees MgmtConfig converging 1000 machines in under a second immediately after a file is changed on one (ergo no playbook run taking 10 minutes). They’d be crying every day afterward that they were still stuck on worse-than-2002-technology Ansible. At 2002, Ansible pre-dates GOOGLE MAPS for technology; and facebook; and the iPhone. Ansible is the MapQuest Printout of technology.
The new tech is so reactive, it can revert a file back to conformity immediately after it’s saved; before it can be reopened!
AND IT’S STILL OPEN SOURCE. Of course. Because that’s a no-brainer.
Keep your filthy Microsoft mitts off my Linux environment
Do you run a Linux environment? If so, you should post about it (don’t reveal to much info obviously)
I run linux on my kettle don’t you know
Can you play doom on it?
Only at “Boil my skin off!” difficulty level