Standing up a new site - your thoughts

scottalanmiller

@Dashrender said:

I'm debating if I should put a small server out there or not?

Advantages
Local AD to authenticate to.
SMB file shares
print queues
DNS and DHCP

All available without Windows. Have you considered the free option?

Dashrender

I have a pre existing Windows network I don't want to dismantle at this time. and I want them to work together without issue.

That said - I recall reading recently that someone was tying linux and windows together with BIND and Directory Services... so I'm open to that possibility as long as moving between sites is seamless.

scottalanmiller

@Dashrender said:

I have a pre existing Windows network I don't want to dismantle at this time. and I want them to work together without issue.

Then it sounds like you've already completely justified the cost and the original question is unnecessary. If having 90% of the features for free isn't good enough, then avoiding the features, also for free, can't be good enough.

A Former User

Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)

scottalanmiller

@Dashrender said:

I have a pre existing Windows network I don't want to dismantle at this time. and I want them to work together without issue.

Although I'm unsure why you would dismantle the network or why they would not work together. There are many options that are completely compatible and free. Even AD can be extended for free. Only DFS is, I believe, an issue that you would not be able to run that locally but I'm not completely sure that DFS isn't available too.

dafyre

@Dashrender If you are familiar enough with Linux, you can use SAMBA on your favorite Linux distro as an additional AD server, and you can configure DNS and DHCP on it free as well. (It will even handle GPO).

I'm not sure if it works with DFS or not, however.

Dashrender

DFS is not a requirement, only a consideration.

Dashrender

@thecreativeone91 said:

Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)

Can you add an SBS essentials to an existing network?

scottalanmiller

@thecreativeone91 said:

Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)

Samba does Group Policy and it super easy. You use all the normal Windows tools and you can't even tell that it is Linux.

scottalanmiller

@Dashrender said:

@thecreativeone91 said:

Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)

Can you add an SBS essentials to an existing network?

No, that's the specific limitation of SBS. It is always the root, never anything else.

scottalanmiller

@Dashrender said:

DFS is not a requirement, only a consideration.

Then Linux meets every requirement except that it isn't "called" Windows.

A Former User

@dafyre said:

@Dashrender If you are familiar enough with Linux, you can use SAMBA on your favorite Linux distro as an additional AD server, and you can configure DNS and DHCP on it free as well. (It will even handle GPO).

I'm not sure if it works with DFS or not, however.

Nope. Not DFS. I believe it would use NTFRS for the SysVol share though. Meaning the domain functional level couldn't be 2012 or 2012r2 I believe.

Dashrender

@scottalanmiller said:

@Dashrender said:

@thecreativeone91 said:

Do you need Group Policy? if not just use a Drop in PDC emulator with OpenLDAP/Samba. Group Policy can be done with Linux but the TCO may be cheaper with a Windows Server Essentials licenses (as much as I hate it because it's basically just SBS)

Can you add an SBS essentials to an existing network?

No, that's the specific limitation of SBS. It is always the root, never anything else.

Didn't think so..
So I guess I need to dive into a linux box once I get the phone thing handled.

Thanks

scottalanmiller

@thecreativeone91 said:

@dafyre said:

@Dashrender If you are familiar enough with Linux, you can use SAMBA on your favorite Linux distro as an additional AD server, and you can configure DNS and DHCP on it free as well. (It will even handle GPO).

I'm not sure if it works with DFS or not, however.

Nope. Not DFS. I believe it would use NTFRS for the SysVol share though. Meaning the domain functional level couldn't be 2012 or 2012r2 I believe.

You sure? It's in the docs.

https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/msdfs.html

A Former User

@scottalanmiller said:

You sure? It's in the docs.

https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/msdfs.html

Ah, it might have changed since I've done it. Though DFS in windows server 2012 is a bit different and uses SMB 3.0 normally.

dafyre

The Samba Wiki mentions that DFS-R isn't implemented yet (I believe this is what 2012 ans 2012R2 use for replicating SYSVOL, etc...

That's not to say that you couldn't replicate it by other means though...

A Former User

Samba 4.0.0 has what they call "basic" support for SMB3.0

A Former User

NXfilter would be one way to do your DNS if you don't want a whole BIND setup. It will do Zone Transfers from Windows DNS and will also handle content filtering.

scottalanmiller

Do you want to do a zone transfer rather than just have it be a local cache?

A Former User

@scottalanmiller said:

Do you want to do a zone transfer rather than just have it be a local cache?

Nxfilter has caching as well on top of the zone transfers. It's caches up to 100,000 entries by default.