Linux to replace windows server 2003

Hi,

We have a complete windows environment. The setup is as follows:
2 Domain Controllers (Win2k3 machines), one of them is used as DHCP and DNS server as well.
2 File Servers (Win2K3 Server machines)
1 Proxy Server (ISA server 2004)
100+ Windows XP machines.

We use group policies to define the User Rights over the network. It works fine for our requirement, we are planning another setup and for this to reduce the investment we are thinking to use Linux.

Our desktop OS will remain Windows XP / Windows 7 but can we replace Windows servers with Linux? The roll of these server OS will remain same, we want one or two machine for user  authentication and grant & limit a user permissions on the network based on his profile e.g. admin, marketing, developer, designer etc. Define/set home directory

Please provide a tutorial link that can help us implement this or guide us what best we can do with our limited Linux knowledge.

Thanks
rajoo_sharmaAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

smangognaCommented:
Don't do that...
0
farzanjCommented:
Yes, you can get Linux servers to do this job.

DHCP and DNS are there in Linux as well.

Samba would act as the Windows domain controller.

What kind of proxy server do you need.  If it is a web proxy server, Squid in Linux can take care of it.

Get CentOS5, which is free and good for server machines.
0
rajoo_sharmaAuthor Commented:
Hi smangogna, I appreciate your opinion, could you please write few lines to explain the problems you see in this approach?

Hi farzanj, thanks for reply,

we use ISA 2004 server as a proxy server, it helps us to define rules to control the web access. Could you please provide a link that can help us implementing this?
0
Webinar: Miercom Evaluates Wi-Fi Security

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom how WatchGuard's Wi-Fi security stacks up against the competition in our upcoming webinar!

farzanjCommented:
DNS
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch18_:_Configuring_DNS
DHCP
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch18_:_Configuring_DNS#DHCP_Considerations_For_DNS

Samba for domain controller
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch10_:_Windows,_Linux,_and_Samba

Controlling web traffic with SQUID
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch32_:_Controlling_Web_Access_with_Squid

All of these links are old but would give you an idea.  This was a very good website a few years back.  Now there is an easier implementation of Squid also, I would let you know about it.
0
farzanjCommented:
Yes, Squid is built into Smoothwall express.
0
rajoo_sharmaAuthor Commented:
Thanks farzani,
I'll go through the links you have provided and get back.
0
farzanjCommented:
0
rajoo_sharmaAuthor Commented:
thanks again...
0
smangognaCommented:
You can have samba, dns or dhcp but not group policy

Sergio
0
Lee W, MVPTechnology and Business Process AdvisorCommented:
Samba (the released version as opposed to the beta of 4.0) cannot do group policy - you would lose all management control over things.  Yes, you'd hav centralized login, and key services, but that's about it - and you do realize there's a cost involved in LEARNING to use Samba and linux.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
farzanjCommented:
Samba group policies are implemented if you add @ in front of the group name instead of username.  It is easy to implement.  Sorry, I am lost as to what kind of group policy you may be talking about.
0
smangognaCommented:
Managing account policy, profiles, groups permission on file system are not the same, windows is much more better, you know what windows and active directory can do, but in Linux you can't do it, you must have multiple software for every thing you want to do and in the most case aren't compatible between them.
0
rajoo_sharmaAuthor Commented:
Thanks smangogna and Leew.
Do you suggest a method which is as simple as (yet powerful) Group Policy?

Farzanj, group policy to restrict the user from editing the registry, install / uninstall S/W, tempering device driver or create a network share etc. Basically an end user should not be able to accidently or deliberately change something that can bring the desktop OS down or create a problem on the network.
0
farzanjCommented:
Learning Linux involves a steep learning curve -- agreed.  But for managing group policies, Unix/Linux have always been considered much stronger than Windows.  They had those concepts even when Windows simply did not exist--it was DOS.  These days, you can use file system ACL's too that are extremely detailed in managing group permissions too.  If you are talking in context with Samba, I have always made it work to implement group policies in Linux.

Linux has LDAP too and you can combine LDAP with Samba as well.  Yes, again it needs a lot more knowledge of Linux to make it work but it does work very well.
0
farzanjCommented:
@rajoo_sharma

This sounds valid because I don't know about it.  My sense is that Samba domain controller would not interfere with Windows OS policies.  It may be doable but I am simply not sure.
0
farzanjCommented:
You know what, you may want to post that as a separate question.  I admit I don't know much about Windows system administration.  I don't know how you would centralize, for instance, registry policies in Windows.  If it does that using LDAP, it may be doable by using SAMBA as well, I am not sure.  So forgive my ignorance, open a separate question for that.
0
rajoo_sharmaAuthor Commented:
Farzanj,
Thanks again, I'll also Google on this and will also post a question about Group Policies using SAMBA.
0
abolinhasCommented:
Try Artica project, with Artica you can get a all-in-one apliance to administrate your network.

Key features.
Samba
Squid
Postfix
anti-virus for samba, squid and postfix.
....

I recomend you to take a look
www.artica.fr

For Group Policies using Samba
http://artica.fr/index.php/samba-file-sharing/53-domains-a-administration/246-define-windows-clients-policies-trough-your-pdc-
0
rajoo_sharmaAuthor Commented:
Thanks abolinhas,
I'll check the same.
0
younghvCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Networking

From novice to tech pro — start learning today.