Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
bzzzt 6 hours ago

Active directory is dying along with local computer networks. Microsoft is pushing customers to Entra (formerly Azure Active directory). Modern, hybrid AD is not easy to use and difficult to manage.

jabl 5 hours ago | parent | next [-]

There's https://himmelblau-idm.org/ for a Linux client for Entra. Haven't tried it myself though.

dijit 5 hours ago | parent | next [-]

Doesn't FreeIPA work with EntraID? I used to use it with Exchange and it worked pretty well.. (or, as well as any non-microsoft product that has to intergrate with Microsoft products at least).

bzzzt 4 hours ago | parent | prev [-]

Looks nice, all it needs is an OSS server now ;)

dijit 5 hours ago | parent | prev | next [-]

This is 100% the current situation, and it's worth mentioning because clearly you have a finger on the pulse here - and that needs to be stated for others.

But, I wonder if Microsoft might reverse their stance on EntraID being SaaS; with the handwringing about sovreignty from Europe.

Back when "the deal" was made with Microsoft to basically embed itself into the digital ecosystem of every government, major institution and company in Europe: it was not the case that a member of the european parliament could have their mail disabled arbitrarily by Microsoft- such a thing was technically possible through a lot of hoops but it was significantly less feasible.

If Microsoft was to reverse course then I'm sure it would stop all the handwringing, even if people would continue to use the EntraID product in reality.

bzzzt 4 hours ago | parent [-]

I don't see Microsoft backing down from their SaaS push: it's necessary for authentication and authorization in all their Office 365 (or whatever it's called now) applications, also on platforms not running Microsoft clients. Beside that Entra is an OIDC server which makes it possible to integrate other SaaS applications in a domain which is near impossible to do if you only have local authentication.

Of course, you can still run local AD which synchronizes with Entra, but that means you get the worst of both worlds: you are paying for the cloud software but still have to manage your own servers.

esseph 5 hours ago | parent | prev [-]

> dying along with local computer networks

I have seen the exact opposite, with people moving to things like jumpcloud, keycloak, authentik, etc.

bzzzt 4 hours ago | parent | next [-]

Those are all apps running in the cloud. I meant the classic Windows AD company LAN like solutions where the clients, server and network are tightly coupled.

amaccuish 4 hours ago | parent | prev [-]

Jumpcloud is SaaS.

esseph 4 hours ago | parent [-]

Yes, but it's not Microsoft Active Directory or Entra, which was my point.