[malkamius]

The "Microsoft Tax" is often cheaper than the "Linux Engineering Salary." While Linux alternatives exist, they require "assembly"—integrating LDAP, Kerberos, DNS, and config management (Ansible/Salt) to do what AD does out of the box.

Most businesses don't want to be in the business of maintaining their own identity infrastructure. They want a utility. Between Group Policy’s granular control over the endpoint and the tight integration with Exchange/M365, Microsoft has created a "sticky" ecosystem. I've tried the "DIY" route with Linux mail servers, and the friction of maintaining deliverability and security patches manually is a nightmare compared to the "it just works" nature of the Microsoft ecosystem.

I am not a system admin, so maybe this is a crappy take.

[Spooky23]

You’re thinking apples and oranges.

Remember that every K-12 student for the last decade is getting it done on the cheapest low bid Chromebook possible. They are true pieces of shit, too-down managed by barely qualified people and yet the kids persevere.

That’s the baseline. Windows is an evolution of 1999, slowly shifting to the shitty cloud based model. It is the worst of both worlds. It’s like Peoplesoft in computer form. Even my IT crew at work is all Mac now.

Apple is an unreliable partner and a sole source. I think Linux is the pragmatic choice going forward.

[stock_toaster]

> Remember that every K-12 student for the last decade is getting it done on the cheapest low bid Chromebook possible.

> They are true pieces of shit, too-down managed by barely qualified people…

I feel like this is even underselling how bad it often ends up being.

[pjmlp]

K-12 american student...

I am quite certain there are zero of those devices on my German school neighborhood, or the school on my home district back in Portugal.

[rootusrootus]

> K-12 american student...

And Sweden, and Austria, and there are probably others.

[pjmlp]

Might be, I am only used to countries where families are still expected to buy their own computers, or get to share one among the family, and school life is still quite analog.

Actually I would love to see a report per worldwide schools, to settle this argument about high adoption of Chromebooks outside USA.

[rootusrootus]

> to settle this argument

It's really a one-sided argument, I don't need to participate. You assert that this is an America-only phenomenon. Austria and Sweden are just easy examples that falsify your assertion. There is no debate about adoption rates or anything else.

[pjmlp]

Some people tell it is.

Just because I find some random Chromebooks at FNAC doesn't mean all schools are racing to adopt them.

Thus numbers will be welcomed.

[ocdtrekkie]

I am a sysadmin and Group Policy is the entire moat Microsoft has. Linux has nothing like it, and it probably can't because it requires a level of top down authority over a platform's design and implementation that would be hard in the Linux space.

Maybe something like systemd could do something similar which defined policy over all the components they've taken over, but a distro doing it would be pointless, we're not a Linux shop and have at least three different Linux distros in service.

[Alupis]

Nothing in the linux world would forbid something like Group Policy. A commercial distro that targets large-scale enterprise customers could implement something exactly like Active Directory + friends.

Ansible, FreeIPA, and more can be used individually or together to achieve what AD provides. There are large enterprises that are non-windows...

[ocdtrekkie]

My comment above already addresses this.

I'm aware there are large enterprises that are non-Windows. All of them are technology companies. They are well equipped to pay their own developers to compensate for not having Group Policy, and may even be Microsoft competitors who don't want to spend money on them. Ansible being a replacement for Group Policy is very funny. That is like saying Postgres is a replacement for Excel.

[p_ing]

Home Depot used to have a large fleet of RHEL machines within the stores. Looks like they've more recently rolled to SuSe.

https://linuxdevices.org/linux-based-pos-rolls-into-home-dep... (2001!)

https://www.datacenterknowledge.com/data-center-site-selecti...

[rtpg]

Not to argue too much against what you're saying but I thought that some EU gov't entities had moved off of Windows a while ago.

I know at least one university that doesn't put Windows on its machines either. While Uni requirements are not the same as "enterprise" requirements, it does feel close-ish.

Having said all this, I am very primed to believe that they have a Group Policy-sized hole in their systems. Just thinking they are doing ... something.

[nunez]

You can do a lot with Ansible but GPOs are unbelievably configurable and you'd need to know lots and lots of registry lore to get close.

[firesteelrain]

Ansible and FreeIPA can’t hold a candle to Active Directory

Ansible has a defined purpose and it is good at what it does

[justsomehnguy]

> Nothing in the linux world would forbid something like Group Policy

Except 100 and 1 method of configuring of anything. But not a binary tree because three zealots depend on greping a config into perl2 scripts for some automation.

[taegee]

selinux?

[ajb]

The competitor of Group Policy is not really an implementation of that running on Linux clients. It's that the client doesn't need that level of management because 99.5% of your users only use cloud based services. Microsoft know that, which is why they are keen for everyone to use their cloud ecosystem, but that's not a monopoly today in the way windows was.

[tapete1]

Of course Linux clients in your network can be controlled by group policy. You just need to roll out a enterprise-grade distribution like red hat.

See for example:

https://docs.redhat.com/en/documentation/red_hat_enterprise_...

https://documentation.ubuntu.com/adsys/latest/how-to/use-gpo...

[whatshisface]

The present future of top down Linux management is NixOS. Who knows what the eventual future will be. ;)