Wow. That was very educational and revealing. Thank you.
My experience with IT is very limited and focuses more on devices and their local software than networking: ZX Spectrum, CP/M, Z80 Assembler, MS DOS, BASIC, Pascal, C++, MS Visual FoxPro, 68k Macs+Networking, Proxy servers and Windows 3.1 networking, bunch of different Linux on PC, Palm, first Android, bunch of WiFi routers, NT4 DC Ubuntu server 12.04, smart switches, and finally bunch of beautiful and fun Linux server software (NethServer, Nextcloud, Jellyfin, Webmin, pfSense, ntopng, Moodle, Joomla…)
Since I graduated in 1996, you can imagine that most of the things I learned – I learned myself. I’m even trying to do a little Kotlin. But I am truly captivated by Linux server software. How amazing it is, and how well developed it is, and how quickly it is growing.
So, what you explained is really cool. I understand that in reality the concepts of communication and protocols, files and file systems, data and databases – not an area for reinventing a wheel. The only reason to “reinvent a wheel” is to avoid legal fees, or try to improve the speed. That is why Mac desktop interface in 1984 conceptually isn’t much different from 2023. Reason and simplicity rule.
So, returning to the topic, yes, adding LDAP to AD resolves all online authentication problems… So, there is no need to try to do away with AD. I see this now. Then I should focus on learning how to join Linux clients to AD domain the least painful way (I have lots of such clients). I’ll be looking for options. Ubuntu was a surprise to me when they started including “join AD domain” during install. I wanted to try it. Although currently I like Manjaro better. Maybe there is a nice solution for Manjaro (their AUR is awesome).
Thank you,
Sasha