Convince Me To Switch To Nethserver

Our small optometry office currently runs Univention Corporate Server as a primary domain controller. The documentation is good, it’s got more features than we’ll ever need, it’s been petty reliable, and nobody in the office complains about it (that last part is most important). At least, nobody except me. I’m the one who has to maintain it.

I find that running any backend operations like a simple software update, installing or deleting a module, or running a simple diagnostic, to be painfully slow. But I can live with that, it’s not like I have to perform these tasks often.

The most egregious issue I have with UCS is the level and quality of community support. It’s abysmal. Support requests can often go days or weeks without a reply. The quality of replies is shameful. I dread having to ask any questions

They offer paid support, but it’s as expensive and restrictive as a Windows server setup. I’m not averse to paying for support. I’d probably do it if I knew it was worthwhile. But in my experience, a company that ignores their community support forums typically has awful paid support, as well, so I’m just not willing to fork over the $1500+ for help with the issue I’m currently experiencing. I’m concerned that, someday, the AD service will stop working and I’ll be stuck with no help to get it fixed quickly.

So I’ve been exploring alternatives, and this is one of them. I’d love to know what kind of experience I’d have as a Nethserver user. Here’s how we currently use UCS, and hopefully this community can tell me how easy this is to do with Nethserver.

As mentioned above, we use UCS as a primary domain controller. I run it as a VE on ProxMox with 8 Epyc cores (out of the available 24) and 16GB of ram (of 64). Our staff makes extensive use of roaming profiles with folder redirection, nobody really has an assigned computer. There are many GPOs in place to standardize the appearance and behavior of desktops, and to lock stuff down to adhere to HIPPA regulations. I got sick and tired of having to constantly re-enable screen lock timeouts and password requirements. All office printers are run via this server. I have a “hot folder” for each printer that’s shared throughout the office, and any files copied to these folders automatically get queued for printing using a script I wrote. We had to implement this because a lot of Windows 10 computers had printer driver issues that would cause the queue to freeze up and it got on my nerves. Having all the print queues on a single server has saved me so much time. We have lots of shared folders. One for each printer, one for each scanner, one for general sharing, each user’s home share (which also holds the redirected folders), a read-only share with correspondence templates, etc. We use UCS’s self-service backend to let staff set or reset their passwords with any web browser. I love the easy Let’s Encrypt integration so that nobody gets security warnings when they try to access the self-service site, even from outside our network. It’s remarkable how much panic those warnings can cause some people…

We do not host email, we use Gsuite for that. All system emails get relayed by postfix through an Amazon SES server. This includes “please set your password” emails sent to new staff.

In the near future, I was hoping to implement some kind of always-on VPN for some of our laptops, so staff can bring them home and still be able to access our locally-hosted practice management software while the laptop is domain-joined. This is possible with UCS, but requires some setup.

In the farther future, there will be multiple office locations which need to synchronize users and data over the internet. For now it’s just a single office with 15 computers.

Seems like these requirements are pretty straightforward. Should I be concerned about any of it if I choose to migrate to Nethserver?



Hello Frank

And Welcome to the NethServer Community!

As you can see from my profile (Top left of each post) I manage Networks for about 25-30 clients. And a couple of friends also.
My clients all run NethServer on Proxmox as AD, Fileserver, Mail, Print, NextCloud, Guacamole (Home Office!), Zabbix Monitoring and some also run MeshCentral…
These are now running 5 years - hardly any issues…

Note: Even though NethServer ncludes a capable firewall, my clients and myself prefer a seperate box as firewall. I use mostly PCengines APU4D4 box with OPNsense.

Most of my clients run their own Mailserver, our DNS are completly independent of Google, or any foreign entries (No Provider DNS anywhere in the network!).

So as such, I can confirm that NethServer is a good choice for SME companies and institutions.
My largest client has 3 sites, all VPN interconnected, running of one NethServer as AD. Backups are distributed to all sites. 40 users at site1, 15 users at site2, and another 5 at site 3…

Also I use OpenVPN extensively for RoadWarriors, and IPsec for Site2Site connections.

A simple Raspberry PI 3B acts as NUT Server in all my clients.

Best of NethServer is this forum here, in my opinion one of the best in Open Source.
It’s the helpful and knowledgeable people you will find here, often helpful even with something not strictly NethServer related. And our motto here is:

The only stupid questions are the unasked ones!

If you have any questions, post them here in the forum, or drop a PM…

My 2 cents

Some samples of existing Networks:


Because we have people like @Andy_Wismer :smiley:
Jokes apart, your scenario is pretty common and the community would be here to help you

1 Like

Where do you do those drawings? I currently use but i see yours are more colorfull :heart: :stuck_out_tongue:


Hi Walter

I’m “misusing” Zabbix as drawing board for planning, reporting and teaching-illustrations…
And since I do, every second person seems to ask what programm I’m using… :slight_smile:

But again, using Zabbix like this has it’s advantages. Several people can see the map / drawing at the same time, good for discussing strategies / plans and workflow! After all, it’s not an App on a PC, but a Web-App, available from everywhere… Collaboration built in!
I can enable access for others to see only certain maps / images…

Another Advantage is that these are “active” Maps, every host is linked to it’s WebInterface (If available), but also a Zabbix Screen showing more details…

A PBS at a client, access directly to Dashboard - or to more detailed Stats…

I also have to say, I HATE using Visio. It looks and feels like mid 90ies, even today, 25 years later!
Also so many ATM symbols, but a normal UPS (Non RACK Version)?
Who, besides maybe Telcos, still uses ATM?

My older, pre 2010 Maps were done in Corel Draw:
(My Home LAN in 2003!)

I tended - in those years - to overdo things a bit!.. :slight_smile:

My 2 cents

Your does have a strong Visio look and feel! :frowning:


I used to use Dia its horrible! :laughing:

I heard of Zabbix, maybe i will look into it, i mainly use it to plan and sell my solution, and later create documentation to my client, something like this ( ) and its cool since its a webapp you can share it and your client can open it:

I used to work with Vision when i worked at a company that had its licence, not anymore so i need to search for open/free solutions.

I will def look into Zabbix! Corel… uh… def not my type ahahah, but it looks awesome anyway!

Oh BTW, thanks a bunch André! :slight_smile:

Personally I don’t mind dia (at least in comparison to Visio and from a price point) I agree with Andy on the interface looking like it’s from the 90s (novel anyone?)
But I like zabbix

@GoremanX have you made the consideration already to switch to NEthserver. its a very wonderful product, with lots of useful modules and we keep working on adding new ones everyday.

I joined the community with some Linux admin skills, and now the community has also sharpened my skiilss to troubleshoot some situations and now my requests for support have gone down and am happy to also help anyone in the community in need of help