Basically title. Do you know of any companies that use desktop Linux?
I can think of two in my area in Brisbane - Adfinis and Red Hat. Both have a pretty small presence here from what I last heard (several employees each).
My employer allows the Linux team to use Linux but it's discouraged and our lives are made somewhat difficult.
That's either BS or FUD, pick any two. Stick to a specific distro and train your staff and there's no reason for any IT personnel to find linux "harder to manage".
Users grumbling it's harder to use might be a different matter.
Linux is Linux. Train your staff to properly use one and they can use them all. "Distro" is just a fancy word for "which package manager and update cycle to we chose and what logo do we put on our pre-installed wallpaper".
The Linux desktop is harder to manage because isn't a one box solution like Windows. With Windows you control everything via GPOs. You can't do that on Linux as there is no centralization.
The best solution I've scene is Ansible and Xfce4 kiosk mode. You can set and enforce the desktop layout
Windows GPOs are a right old mess. I've been managing them for over two decades. The first fuck up is the word "Group". You cannot assign Group Policy Objects to AD groups unless you use something like ZENworks or some funky WMI filters!
Settings are applied to computers or users. Many settings are available to be set for both but only make sense or even work for one or the other. MS bought out some solution providers and that's why you get the Control Panel and other handy stuff, rather roughly bolted on.
AD with GPOs with the extension to "local machines" is a great idea but dreadful in execution. MS didn't want to nobble third party apps in the past so that's why we have this nonsense. Now its all about Azure/whatevs ie MS's cloud and subscriptions.
Now you belong us!
Linux being a Unix has NIS(+) for a directory or LDAP or AD or anything else you fancy. Ansible works for all mainstream OSs, including Windows.
So often I see people confusing and conflating authentication and authorisation, machine and session state configuration databases.
I have to disagree. Group policy is absolutely the best thing that has hit the IT world. You absolutely can assign it to groups and it is pretty straight forward to make. It also has the benefit of being very wildly used and documented. Assuming Microsoft doesn't keep screwing with it I think it is solid.
Also Active Directory is just LDAP, DNS and fileshares with configurations. You can though Kerberos (technically part of LDAP) and printers in there to. It is actually a pretty good system and I like playing with it via Samba AD.
I don't want to be rude but if you hate Windows you probably need a new career. I don't mind managing Windows systems the problem is Microsoft ruining the OS. It also happens to be totally proprietary and spyware which isn't great.
I will say Windows is decent for the niche its in. Larger scales, severs, mutlitenet, high security, kiosk, etc its not good.
I'm so glad its not my job. Running 1000s of nodes and an exponential amount more of services on those in hardened configs, across clouds, dcs, and availability zones are all easier than most ad forests I've seen.
Any windows work I do is just an exercise of how fast can I get to Linux again 😆😅, but I knew Windows admins that had it figured out.
I can't say I've managed Linux desktops at scale (so technically I should leave it there) but I do manage several hundred Linux VMs with Ansible, and I manage all of my PCs with Ansible. Desktops are a different ballgame to servers, dealing with end users and all, but I still don't think it would be that hard once it's been set up.
It is just less established which means it would be hard to get the ball rolling. It is doable but would take more time than just using a basic Windows environment with AD. You also have the issue with vendor support and end user knowledge but that's a problem for another day.
That's probably a fair point. I can't say too much as I haven't touched Windows desktop or server too much.
Could be apples vs oranges here though as we're talking about getting started versus well established setup, but my current employer is looking at adopting Ansible + Packer for imaging and partially Ansible-managing Windows servers where it makes sense because of limitations in SCCM and GPO. As far as I can see across the divide Windows Server isn't all smooth sailing.