I have been looking for alternatives, but afaik there just is no tool for Linux that can do the same as RSAT on Windows.
The best thing we can do is mimicking the functionality with know options available in the Linux world. Part of it will be Samba-tool
What I can imagine is to create some kind of Webinterface around Samba-Tool. An example for this is how Linux-schools project has implemented this in Karoshi server
I just wonder âŚ
An OEM license for Windows 10 Pro costs $ 150.00 and a Retail license for Windows 10 Pro costs ⏠186.00, w/o VAT, at least here, in Romania.
Share the cost of one of these licences to the number of the PCs on your network âŚ
Is it worth for these costs to find alternative solutions against RSAT, anyway, if I understand well, not so good solutions?
You are absoluty right about replacing RSAT, itâs not worth the effort and seems really hard.
I was more thinking about a âNethserver client GPOâ that may provide some typical settings like:
There are a lot of legal resellers. You might have to search a bit, but Google is your friend in that regard. A couple win10 licenses shouldnât cost more then 100 euroâs. Let me know if you need help, if the forum allows I can compile a short list of reputable resellers.
But I really donât see how any of this is even remotely valid, as I do not believe for 1 second that there are sysadmins who will not have at least 2 windows vmâs, when they support a windows client base. You need at least 1 for testing client updates and to diagnose issues and another for all administrative tasks.
That is, unless you want to tell an employee that they canât work for an hour while you test updates and suchâŚ
Licensing cost is mainly an issue for server installs, where the number of cores you have, has an impact on your license fee (above 8 cores iirc)
If you can force all clients to Mac or Linux then there is no use-case for ad for the clients, except perhaps for centralised login. There is little use for gpoâs on a non-windows client tho, as they wonât be run, except for a few login related ones.
Maybe I am completely wrong about sysadmins elsewhere, but I donât see how you get to guess that updates wonât bork the client machines and just risk it, and keep your job.
That is usually not feasible, since we usually provide support to 3rd parties (as a business).
Donât get me wrong, I have your same idea: if you need GPOs is because you have Windows clients to manage; since your client environment is already Windows-based, an additional (client) license, which costs greatly less than a server one, shouldnât be a burden anyways.
But this is true only if you manage a network with four or more PCs. Unfortunately we have customers which are really small (2/3 people working in an office) which are bound by GDPR to have personal accesses and thus need AD. To standardise the deployments on these customers (with the respect of the other bigger ones) you will deploy GPOs, so you need RSAT tools; some of the policies are replaceable with other workarounds (e.g. share mapping), some others are simply not economically justifiable, if done manually, for 2/3 PCs (like blocking USBs). And doing stuff manually on single PC is much more expensive (implementation, maintenance, complexity) than doing it once for all PCs.
So yes, I am sure 90% of the people, when faced with the higher cost of not having a Windows client machine for RSAT tools, will agree that a single license is better. But this is not always the case, and since we are discussing general support of GPO without proprietary products in the middle, I second that having an interface for managing GPOs would be better, even if the support is basic.
IMO these kind of lists should not be in these forums. It would be a bit strange (to say the least) if we, as an opensource linux community, start promoting to buy windows licenses from sources that are impossible to judge if they are legit or notâŚ
If it were to me, windows client licenses cost at least EUR150,- Then the opensource counterpart has the license cost advantage, although the main reason to use opensource is the philosophy behind opensource and not the cost. (but in this commercial world that probably will be an utopia)
I get your point, but I do not suppose that you will tell them to come back tomorrow because today you will be reinstalling their machine, whenever windows decides it is time? Nor that you deploy untested updates ? What happens when ransomware hits ?
If that is actually what is accepted by the customer, then I just need to learn more about real world scenarioâs that are alien to me, yet seem quite common.
I do agree that it is nice to have GPO editing from the webinterface for the basics you relay there, but I highly doubt you will find it enough.
Scenario: Policy has to be reworked to do X
You change the policy
You walk over to the user, ask them to gpupdate /force from the commandline
ask them to log out and back in or even reboot
Test
etc?
Scenario: User has windows issues and end result is PC needs reinstall
Send user home
pick up PC
reinstall PC
bring back PC
call user to come back to work?
Seems more expensive then the license to me, if you consider the lost time of that person. I am sounding overly critical tho, and made a statement that was clearly wrong, else there would not have been this discussion.