| ▲ | mbreese 2 hours ago | |||||||
Well AD is just a really opinionated LDAP/Kerberos setup, so you’d think that there would be something that Linux could do. But when you’re talking about enterprise management of thousands of devices, you need some kind of consistent security policy management. That requires running OS software that accepts remote policy management, which is a very specialized configuration and not just “vanilla Linux”. You can get really far with LDAP, but I’ve only used it for remote accounts, file shares, and sudoer config. I’m sure there are more policy configurations that would be possible with a more advanced tool. I suspect the RHEL world has something to offer here, but I’d love to see a more general and commonly supported solution developed. It would make Linux more of an option for enterprise managed endpoints. But, I agree with you - for an enterprise customer, this really needs to be some kind of paid/supported product. I wouldn’t want the French government to rely on some scripts that worked on my small cluster. | ||||||||
| ▲ | pjc50 2 hours ago | parent [-] | |||||||
> That requires running OS software that accepts remote policy management Every Linux system that supports SSH potentially "accepts" remote management! The challenge is just putting it into a framework. | ||||||||
| ||||||||