The granularity and scale of active directory is a major thing that is keeping linux out of offices, etc…I know you can do a lot with certain tools but nothing comes close as far as I have seen.
The granularity of AD doesn’t scale though. I work for a huge bank and trying to get something changed in Group Policy is basically impossible. Making it even the tiniest bit bigger (e.g. adding a single new rule) will slow down every goddamned PC and VM in the entire organization. It adds up to real money lost real fast.
Not only that but some changes to GPOs can break things that you didn’t foresee so the general wisdom is, “don’t ever change it.” Rendering that whole “granularity” argument moot. What good is granularity if you can’t even use it?
Also, getting AD to scale to the size required the help of Microsoft. They had to change AD for us many times because the way it replicated certain things just does not scale past around 20,000 desktops (if memory serves). They gave us custom DLLs that run on our DCs to keep things operating reasonably smoothly but their lack of support on non-Windows platforms is a perpetual problem.
If literally every single computer in your company is Windows you’ll be fine. However, as soon as you start trying to connect your Linux servers to AD everything starts getting really fucking complicated and troublesome real fast.
Microsoft made a lot of mistakes when they were designing AD but the biggest one was making it intentionally proprietary in so many ways. It prevents us from adopting it more. If AD actually worked with everything we’d be paying Microsoft a lot more in licenses every year.
Aside: Their second biggest mistake with AD was allowing groups to be placed in other groups. This made it so that “simple” administration of your policies and access controls goes from a single lookup to a lookup to the power of n groups. It doesn’t scale at all and exponentially increases network traffic and load on domain controllers.
LDAP + Kerberos running on Linux servers doesn’t have this problem because it doesn’t allow it (intentionally, because it’s stupid).
Oh man, I’m thinking about it now and AD just makes me so upset, haha. It’s such a poorly engineered product. Don’t give it more credit than it’s due. It works fine for small organizations but that does not mean it’s a good product.
Can you elaborate…
I have looked after a few instances of Active Directory and basic user management involved multiple steps through GUI’s clearly written at different times (you would go from a Windows 8 to Windows 95 to Windows XP styled windows, etc…)
I much prefer FreeIPA, if I wanted to modify a user account it was two button clicks. Adding a group and bulk applying was the work of moments. You can setup replicas and for a couple hundred users it uses no resources.
The only advantage I could see related to Exchange Integration as it makes it really easy to setup Sharepoint, Skype & Email.
Sharepoint never gets setup properly and you find people switching to alternatives like Confluence, Github/Gitlab Pages or Media Wiki. So that isn’t an advantage.
Everybody loathes Skype and your asked to setup an alternative (Mattermost, Slack, Zoom, etc…). I am not sure how integrated Teams is.
Which really only leaves Email and I just can see the one off pain of setting up Dovecot as worth the ongoing usability pain of AD’s user control.
Selling copies for 200$
Commerical and enterprise software client side.
I have had pretty good luck with this actually. You can get e.g. Matlab for Linux no problem, and even weird company-specific tools I want I usually find to be available. But then I guess most of the commercial software I want to use is software for people like me. I don’t bother trying to use e.g. MS Office even on platforms it runs on, I don’t do professional CAD, I don’t do professional graphic design.
Literally everything easily with much mess effort
“I used Windows all my life and am unwilling to learn anything new”
It’s like the difference between learning how to read a book and learning how to assemble it in a foreign language and then read it, with many of the pages mangled and eaten away.
not really. its just different
Oh please, I use Ubuntu and Kali at work. Just because I don’t suck the Linux penguins dick doesn’t mean my statement is any less true. Using Linux is a pain. Even some of the most mundane tasks with application installation, setup, or maintenance take 20x as long and require non stop troubleshooting at every turn when nothing works as expected or you encounter new things you don’t know how to get around. Down vote me to hell i don’t care, I don’t hate Linux but I stand by my statement and everything is more difficult.
windows is the pain to use 😉
Dealing with SSL on windows is a pain vs Linux
I mean install OpenSSL for windows and it’s exactly the same
Play all my laptop’s speakers
Same, or use the fingerprint reader.
Literally the only thing keeping me from switching:
Act as a host in Parsec. If hosting ever becomes available for the Linux release, I’ll switch.
Hi to run into this problem. I have a Mac mini that I use as a bridge from my home network to my work laptop. Now, most workloads requiring horsepower, I will run in the cloud, but there are some workloads that I want to run locally. I can parsec into the Mac, but I can’t parsec into the Linux server I have. The state of media on Linux is not great, and there are understandable reasons as to why.
Did you try Sunshine and Moonlight? A little rough around the edges but the most reliable solution that I ever used. Also has the lowest latency out of the ones I tested.
https://github.com/LizardByte/Sunshine https://moonlight-stream.org/
deleted by creator
This commenter used “NI Maschine” as though everbody’d know what “NI” stood for…
iirc, it stands for Native Instruments, and iirc, the “Maschine” is either hardware or hardware+software.
The ONLY Linux distro which may do what theyre wanting, is UbuntuStudio.
I happen to agree that it is a damn “whack-a-mole” “game” for us in Linux, and I"ve been experiencing that since 1996 ( when only Slackware mostly-worked ),
but … if ever the spyware in MS’s products gets made illegal, then … Linux’d be the only lifeboat left?
( don’t tell me that Apple isn’t every-bit as much into privacy-molestation as the other Big Tech corpos are: they aren’t a real alternative )
_ /\ _
Run normal games like fortnite and warzone, and run other games not through steam without needing to install proto tricks and get the right dependencies for every damn game
That’s like blaming your English teacher for “Don Quixote de la Mancha” being written in Spanish. Linux isn’t the reason those things don’t run on Linux. Fortnite and Warzone developers are responsible for failing to develop for anything other than Windows, consoles, and sometimes Mac.
Ah, I can see that you haven’t tried gaming on Linux in the last 5 years. Dependencies? Hah
Spy it’s users
Redstar OS would like a word with you
Linux can totally do that. Even if your distro doesn’t package it, you can always install spyware from source.
Natively run Windows software. Do I win?
Wine’s not an emulator…
That is correct, but a compatibility layer is also not native execution of a binary.
I beg you forgive my pedantic interjection, but … I posit that the original commenter is incorrect. it is absolutely native execution.
The CPU is fetching and executing the instructions directly from memory, without any (additional) interpretation of code or emulation of missing instructions - Which is, by definition, native execution.
What the compatibility layer “does” is provide a mapping of Windows system calls into the appropriate Linux system calls. Or, in other words, makes it so that calls to functions like
CreateWindowEx()in the Win32 API have a (still native) execution path.The native execution requires you to install WINE, yes, but if we’re disqualifying it because “it requires you to install a package”, then we also consequently:
- Add things like “print stuff”, “display graphical applications”, and “play audio” to the list of “things Linux can’t do”
- Disqualifies Windows from “natively executing” any .NET applications (a Microsoft-built first-party framework), since .NET applications require you to install .NET.
You’re right, you are being pedantic.
You’re correct in that it is a compatibility layer - And I’m not disagreeing with that. Also to be clear: Not just arguing to argue or trying to start a fight, mind you. I just find this to be an interesting topic of discussion. If you don’t find it to be a fun thought experiment, feel free to shoo me away and I’ll apologize and leave it alone.
That said, we appear to only be arguing semantics - Specifically around “native” having multiple contextual definitions:
-
I am using ‘native’ to mean “the instructions are executed directly by the CPU, rather than through interpretation or emulation” … which WINE definitely enables for Windows executables running on Linux. It’s the reason why Proton/DXVK enables gaming with largely equal (and sometimes faster) performance: There is no interception of execution, there is simply provision of API endpoints. Much like creating a symlink in a directory where something expects it to be: tricking it into thinking the thing(s) it needs are where it expects them to be.
-
However, you are using ‘native’ to mean “within the environment intended by the developer”, and if that’s the agreed definition then you’re correct.
That’s where this becomes an interesting thought experiment to me. It hits me as a very subjective definition for “native”, since “within the intended environment” could mean a lot of things.
- Is that just ‘within a system that provides an implementation of the Win32 API’? If so, WINE passes that test.
- If I provide an older/fixed/patched version of a DLL (by just placing it in the same directory) to fix an issue caused by a breaking change to a program that is running on Windows, is that no longer native?
- Or is it just ultimately that the machine must run the NT kernel, since that’s where the developer intended for it to run?
Does that make sense? I hear a statement like that and I find myself wondering Which layer along the chain makes it “native”? - I find myself curious at what point the definition changes, in a “Ship of Theseus” kind of way.
It seems to me that if we agree that the above means “running in WINE is not native”, then we must also agree that “anything written running for .NET (or any other framework, really) is not native”, since .NET apps are written for the .NET framework (Which is not only officially available for Windows, mind you) and often don’t include anything truly Windows-specific. Ultimately, both are providing natively-executed instructions that just translate API calls to the appropriate system calls under the hood.
I hope that does a better job of characterizing what I meant.
You clearly know more about this than I do, and you’ve thought a lot about it. Your points deserve a better response than I can give at this time, but I wanted to acknowledge that at least. I also wanted to say you aren’t pedantic and I’m sorry I said that. You spent time and thought on making a good conversation and I wish I had been more engaging with that instead of trying to be correct. Thank you for still conversing instead of arguing even after I was less than perfect of a conversation partner. I hope in the future I see more of your comments. Have a really nice day.
-
that why i like windows 11. you can really taste the nativity
Wait, 11 tastes like goat barn and frankincense?
its mostly goat barn
You misspelled “naivety” lol
You windows
Windows does what Nintendon’t? Wait, that’s not it…
Get some people to write really passionately about moving off of it, apparently.
There needs to be an entire Lemmy community for all the testimonial posts.
The secured Sandbox maybe? The windows sandbox is pretty awesome for day to day use imo. And no a template VM or container isnt really the same thing. The sandbox has the task of making sure that there is nothing that can break out. Afaik the sanbox has done a pretty good job so far in that aspect. Does linux bring a comparable option to the table? Would love to find out, changig as many aspects of my life to linux is the best thing to do.
From what I see, windows sandbox is literally a template VM.
https://techcommunity.microsoft.com/t5/windows-os-platform-blog/windows-sandbox/ba-p/301849
Reall great article. Thanks for sharing. But I dont know where you get the “literally a template” idea from. The article is explaining pretty well how its made and there isn’t one thing that leads to the assumption that this was just a template that gets booted up.
It says in the article that windows sandbox is using a “base image”. It boots up the image, you do stuff then close it, and the next time you boot it up it’s the base image again. Is that not what a template VM would do?
The primary difference between a usual VM template and this is that it’s small. “When installed the dynamic base package it occupies about 100MB disk space”. That’s because it’s essentially mounting a bunch of the system files immutably. You could theoretically do the same on Linux, but it probably wouldn’t be worth the effort.
Most of the advancements they have is under the hood stuff, like linking files instead of directly including them or managing memory. Battery state pass through and graphics OOTB is cool though, depending on your setup you might have to put in a bit of work to make that happen on Linux.
Flatpak and Snap are Linux packaging formats that have sandboxing implemented and it’s pretty solid. There’s also Firejail for running sketchy applications in a stronger sandbox
People really dislike it when you point this out, But the security model on Linux is lacking. Yes, we have things like apparmor and SELinux, but compare it to sandboxd on macOS. The windows sandbox isn’t perfect, but it’s really user-friendly, and it works in most cases. Linux doesn’t have a direct equivalent. We’ve made great strides with making immutable distros through things like flatpack, and snap, but something that they failed to do is implement a least privilege model that is as robust as sandboxd on macOS.
Hit the ground running deploying…pretty much anything.
Was running game servers on my Windows PC through Docker and they were super easy to set up. I got a new PC and decided to repurpose my old computer into an Ubuntu server to get some experience with Unix. I have only been more frustrated once in my entire life. Sure, once things are set up on Linux they are really powerful, but the barrier to entry is so absurdly high and running anything “out of the box” is literally impossible by design.
The person is correct in this isn’t a Linux problem, but relates to your experience.
Windows worked by giving everyone full permissions and opening every port. While Microsoft has tried to roll that back the administration effort goes into restricting access.
Linux works on the opposite principle, you have to learn how to grant access to users and expose ports.
You would have to learn this mental switch no matter what Linux task your trying to learn
Dockers guide to setting up a headless docker is copy/paste. You can install Docker Desktop on Linux and the effort is identical to windows. The only missing step is
sudo usermod -aG docker $userTo ensure your user can access the docker host as a local user.
Erm I’ll politely disagree there. Linux is just built for it. No extra layer like Windows. Docker and Linux are besties
Don’t get me wrong - I know that they are, and I know that Linux is superior for running docker containers. The thing is that Windows handles all the permissions for you. An average Joe can get a docker container up and running on Windows. You need significantly more Linux-specific knowledge to get a container running on Linux, and the advice given by the community is often cryptic for beginners.
That’s a letter U problem. I can administer Linux a bajillion times easier than windows, because I do it for a living, and haven’t touched MS since Server 2010. Also Docker in Windows is LOL. You’re leveraging Linux to shit on Linux. Lets do that all in IIS and see how you feel.
Yeah, I started working for a company with a lot of Windows servers two years ago and I still can’t wrap my brain around them. I’ve been a Linux sysadmin/sysarchitect for 20+ years and I’m still completely lost how to get Windows to much of anything. I usually don’t have to do much on those servers, but when I do its StackOverflow that’s really administering them. It’s because I lack foundational knowledge about windows and also because I’m fine not having that knowledge.
IIS is not the same as Docker. Sounds to me you are shitting on IIS for the sake of trying to prove a point I wasn’t trying to make.
This goes into my next point. Linux users are toxic as hell. They are elitist snobs who shit on newbies because they have years of experience.
This is a very dangerous, and unfortunately widespread, generalization. The shitty ones are the loudest ones, and I’m sorry that most of your experience with linux users has been with them. I promise, much of the community are kindhearted individuals who simply use linux because of its ideals, or because they’re developers, or privacy enthusiasts, or those who bought a steam deck and think the lack of windows is pretty neat.
This. This is truth!
Pointing out that you find it easy because you do it for a living isn’t a very good counter to their point - most people do other things besides Linux for a living
This is what’s holding the community back. The “get good” advice isn’t really advice and keeps Linux from hitting the mainstream. I get it you’re amazing at Linux but the rest of us shouldn’t have to go back to school to get a computer degree and become a Linux professional in order to use it. This is the same person that replies to questions about Linux with “why do you need the GUI just use the command line instead or it’s dead simple just type: followed by like 80 lines of code that people can’t make heads or tails of because they’re novices. Man I get that you want to flex but it’s a pretty strange flex.
OTOH, many people can’t make heads from tails regarding windows, icons or buttons, and they don’t get the contextual clues that the GUI gives for any operating system. They don’t see them, and if they do they’re unable to make the automatic inferences most of us long time users obtain from them. They act as people who are blind from birth and suddenly see, who have problems to understand tridimensionality; the GUI is not in their mind model of how to work with computers, and they have a lot of difficulty interacting with it.
Is your point meant to be that these people who already have trouble learning GUIs would somehow have an easier time intuiting command line?
If that’s correct, that’s an absolutely BS argument
Is your point meant to be that these people who already have trouble learning GUIs would somehow have an easier time intuiting command line?
No, my point is that they’re lost causes and they’re untrainable.
No, my point is that they’re lost causes and they’re untrainable.
Ah… I still don’t get how that’s meant to refute the previous person’s point that elitism and the “git gud” attitude around Linux contributes to it’s inability to become mainstream.
If anything your reply only reinforces their point, because you seem to be suggesting we throw anybody who struggles to learn it to the curb.
So that makes the “get good” advice valid? What are you talking about bro? I didn’t say Linux isn’t valid. I think you must have replied to me specifically on accident because your response isn’t germane to my reply. Or if you feel it is please explain. Make sure you use as many polysyllabic words as possible. I think you wrote up one of the Linux documents I’m to understand.
Or maybe I’ll just say: cool story bro.
So that makes the “get good” advice valid?
No, they’re untrainable. It’s literally impossible for them to get any good. At all.
Perfect. Good solution. Linux only for the elite.
LinuxComputers only for theelitepeople willing to engage their brains.FTFY
That’s very weird as with docker on windows you technically run your containers in a linux vm, and besides that, in my experience windows is not nearly stable enough to be useful for running services.
All while I have been deploying selfhosted services for myself without problems on Linux for years. My only problem has been the constantly overloaded system, but that’s no surprise when you run heavy services on the 10+ year old portable hard drive system disk. Windows would only perform worse in that environment.Yeah… this feels like a very bad example. I am honestly curious as to specifics here, because Ubuntu setup is pretty dead simple with the graphical installer. And like you said docker is native linux.
Saying running anything out of the box is “impossible by design” on Ubuntu is objectively wrong frankly. Maybe you could argue they haven’t succeeded in their goal of being super out of the box friendly, not sure I’d agree but at least you’d have leg to stand on.
I feel your pain, ugh. Setting up certain types of software can be a pain in the ass because there’s almost always dependencies that need to be set up first; in addition, it’s not always clear what you’re supposed to install or how to do it the right way. A lot of Linux-related documentation out there isn’t geared towards beginners and leaves out a lot of important explanatory and contextual information, which just makes it more frustrating. Unnecessarily, in my opinion.
However, I gotta mention that Ubuntu - though widely used - is sorta notorious for being user unfriendly and isn’t always the most appropriate choice for a beginner Linux user. If anyone reading this is thinking about trying Linux for the first time, I would consider Linux Mint. It’s a Linux distro that is actually based on Ubuntu (which is based on Debian), but it works “out of the box” better than most and should be a positive experience for most users. It’s pretty solid.
Truth!
In my experience, most package managers should set up dependencies by themselves! Though, I do agree with the lack of explanation of documentation.
I use arch by the way, but what’s your opinion of other “user-friendly” distros like Manjaro or Garuda?
Get credit for its strengths, mostly. That and play games with anti cheat bullshit.
ITT: people confidently asserting that Linux can’t do things that it can do.
Can Linux mess with my default browser preferences every other time it applies updates? I’m pretty sure it can’t.
Shit you got me there
Windows is definitely easier to install older programs on. Linux is getting better, especially thanks to steam/valve imo, but it’s impossible to recommend Linux to just about anyone that’s not in IT or interested in tech as everything seems to have a caviat or workaround you have to do to get stuff either working or just limping along. For instance…I installed endeavor on my msi gaming laptop and getting it to use my 2070 card over my Intel graphics was a nightmare for a first timer. I can’t recommend it especially when I just wanna game.
