Standing up a new site - your thoughts
-
Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)
-
@Dashrender said:
I have a pre existing Windows network I don't want to dismantle at this time. and I want them to work together without issue.
Although I'm unsure why you would dismantle the network or why they would not work together. There are many options that are completely compatible and free. Even AD can be extended for free. Only DFS is, I believe, an issue that you would not be able to run that locally but I'm not completely sure that DFS isn't available too.
-
@Dashrender If you are familiar enough with Linux, you can use SAMBA on your favorite Linux distro as an additional AD server, and you can configure DNS and DHCP on it free as well. (It will even handle GPO).
I'm not sure if it works with DFS or not, however.
-
DFS is not a requirement, only a consideration.
-
@thecreativeone91 said:
Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)
Can you add an SBS essentials to an existing network?
-
@thecreativeone91 said:
Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)
Samba does Group Policy and it super easy. You use all the normal Windows tools and you can't even tell that it is Linux.
-
@Dashrender said:
@thecreativeone91 said:
Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)
Can you add an SBS essentials to an existing network?
No, that's the specific limitation of SBS. It is always the root, never anything else.
-
@Dashrender said:
DFS is not a requirement, only a consideration.
Then Linux meets every requirement except that it isn't "called" Windows.
-
@dafyre said:
@Dashrender If you are familiar enough with Linux, you can use SAMBA on your favorite Linux distro as an additional AD server, and you can configure DNS and DHCP on it free as well. (It will even handle GPO).
I'm not sure if it works with DFS or not, however.
Nope. Not DFS. I believe it would use NTFRS for the SysVol share though. Meaning the domain functional level couldn't be 2012 or 2012r2 I believe.
-
@scottalanmiller said:
@Dashrender said:
@thecreativeone91 said:
Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)
Can you add an SBS essentials to an existing network?
No, that's the specific limitation of SBS. It is always the root, never anything else.
Didn't think so..
So I guess I need to dive into a linux box once I get the phone thing handled.Thanks
-
@thecreativeone91 said:
@dafyre said:
@Dashrender If you are familiar enough with Linux, you can use SAMBA on your favorite Linux distro as an additional AD server, and you can configure DNS and DHCP on it free as well. (It will even handle GPO).
I'm not sure if it works with DFS or not, however.
Nope. Not DFS. I believe it would use NTFRS for the SysVol share though. Meaning the domain functional level couldn't be 2012 or 2012r2 I believe.
You sure? It's in the docs.
https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/msdfs.html
-
@scottalanmiller said:
You sure? It's in the docs.
https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/msdfs.html
Ah, it might have changed since I've done it. Though DFS in windows server 2012 is a bit different and uses SMB 3.0 normally.
-
The Samba Wiki mentions that DFS-R isn't implemented yet (I believe this is what 2012 ans 2012R2 use for replicating SYSVOL, etc...
That's not to say that you couldn't replicate it by other means though...
-
Samba 4.0.0 has what they call "basic" support for SMB3.0
-
NXfilter would be one way to do your DNS if you don't want a whole BIND setup. It will do Zone Transfers from Windows DNS and will also handle content filtering.
-
Do you want to do a zone transfer rather than just have it be a local cache?
-
@scottalanmiller said:
Do you want to do a zone transfer rather than just have it be a local cache?
Nxfilter has caching as well on top of the zone transfers. It's caches up to 100,000 entries by default.
-
@scottalanmiller said:
Do you want to do a zone transfer rather than just have it be a local cache?
Is local cache enough? If the local linux box is the first DNS choice, won't windows try to register with DNS there, and if it's only cache, won't it fail, then I could have WSUS problems?
-
@Dashrender said:
@scottalanmiller said:
Do you want to do a zone transfer rather than just have it be a local cache?
Is local cache enough? If the local linux box is the first DNS choice, won't windows try to register with DNS there, and if it's only cache, won't it fail, then I could have WSUS problems?
Doesn't Windows registration happen via AD?
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
Do you want to do a zone transfer rather than just have it be a local cache?
Is local cache enough? If the local linux box is the first DNS choice, won't windows try to register with DNS there, and if it's only cache, won't it fail, then I could have WSUS problems?
Doesn't Windows registration happen via AD?
No, don't think so... I think it's dynamic DNS, unless it changed.