Linux usage in a domain/workspace

[-]

04_996_C2@reddit

Graylog as my log server and enricher

Wazuh as my SEIM

LibreNMS snmp monitoring

Bookstack for central documentation

Snipe-It for asset management

GoPhish for employee security training

All the above were absolutely critical for my employer achieving ISO certification

[-]

WenKroYs@reddit

How has GoPhish been working for you? We've been using BullPhish ID for all our phishing needs, and its have been very effective.

[-]

We are still customizing it. Like many FOSS solutions, it has just as many - if not more - options as a paid solution but requires a steep learning curve and a lot of customization to get up and running.

[-]

Plantatious@reddit (OP)

I used to run Kubuntu on my workstation, and I loved it. When I changed jobs, my laptop was hooked up to InTune/Endpoint, so I wasn't allowed to change the OS.

[-]

spidireen@reddit

We use Windows for domain controllers and to host vendor-specific applications that are Windows-only. Pretty much everything else you can think of is Linux: DNS, DHCP, web servers, logging and monitoring, email, file servers, and so on. If service doesn’t require Windows, then it runs Linux.

[-]

ESXI8@reddit

What are you guys using for DHCP / DNS?

[-]

AntranigV@reddit

We don't even use Linux. All of our infra is based on FreeBSD and illumos/OmniOS. We use both so if one of them has a zero-day type issue, we can rely on the other.

DHCP, DNS, syslog, NTP, File Server, (T)FTP server, iPXE server, web applications, chat servers, LDAP/Samba-AD, document sharing, dashboards, virtualization, containers, monitoring, build pipelines, Git server and I'm pretty sure I missed a thing or two.

Usually I'm much happier when I'm as far away from Microsoft as possible.

Linux was nice, but most common distros change things every 2-4 years, and these changes happen without even a notice. My only options for proper Linux these days is Alpine, Gentoo and Void.

I'm sure we also have OpenBSD/NetBSD on a system somewhere.

[-]

Hotshot55@reddit

Linux was nice, but most common distros change things every 2-4 years, and these changes happen without even a notice.

Lmao what are you even talking about? Both RHEL and Ubuntu LTS have 10-year life cycles and any changes are communicated very clearly.

[-]

Fighter_M@reddit

Linux sysadmins, what are some of the most common uses of Linux-based servers you encounter?

AD, file servers, Veeam backup repos, SQL Server hosts with our custom DB, build servers, VPN, you name it…

[-]

Plantatious@reddit (OP)

What's the Linux version of AD?

[-]

Hotshot55@reddit

What's the Linux version of AD?

FreeIPA or if you wanted a paid version there's RedHat's IdM.

You can also run Samba as an AD DC but it's not amazing.

[-]

slugshead@reddit

I do run a mix, mainly due to the hypervisors specs being rather lacklustre.

Things I would normally do on a windows server VM and throw a bunch of resources at, I've had to find linux alternatives. Bitnami helped a tonne in making this is a lot easier to do rather than learning linux from the beginning.

Virtual appliances are also usually linux

[-]

lightmatter501@reddit

The big servers, Redhat charges less for a 96 core server license than MS charges for a 16 core server license. The number of servers for “switching to Linux gets me another server” is pretty low.
Anything that handles a lot of network traffic. I have a 32 core server which eats a data stream which is 150 to 200 Gbps, no RDMA.
ARM servers, they are generally cheaper than the equivalent amount of x86 compute to purchase, and use less power. While windows technically supports it now, Linux has been there for almost a decade.
Database servers and file servers. Linux filesystems are MUCH faster than windows ones, offer more advanced features (zfs), and will quite happily handle sinking dozens of gigabytes per second to disk on a medium sized server.
Containers. They make your life a lot easier as an admin, especially when combined with CEPH to persist the storage. I updated 200 webserver instances in 30 minutes just by a single command, and I got full blue/green rollout with no extra effort.
One of the DCs for our domain is actually a Linux server. It kept the domain on when Crowdstrike knocked Windows offline and runs totally different everything (ARM CPU, different drives, different NIC and TOR switch, different cooling/power, etc) to help ensure full HA.

[-]

southceltic@reddit

I’m heavily dependent on file shares based on Windows because a) clients are all Windows machines (Windows 11 or Windows Server 2022 RDs) and b) NTFS permissions are based on Active Directory users and groups. Do you think I could have improvements in terms of speed without losing ease of maintenance and reliability (I’m thinking about disruptions caused by incompatibilities due to system updates )?

[-]

jaskij@reddit

Re: filesystem. This is also important for software development. Build times are quite sensitive to IOPS, and the same build on the same machine will be faster if you use Linux. This goes for both workstations and CI.

[-]

lightmatter501@reddit

Yes, there is a night and day difference. Some of it is because the types of operations needed to compile code incrementally like checking for last modified times are cheap on *nix but expensive on Windows.

[-]

pdp10@reddit

ARM servers, they are generally cheaper than the equivalent amount of x86 compute to purchase, and use less power.

We avoid ARM platforms for the most part, and use quite a few x86_64 microservers for situations where a cluster VM isn't a good choice. Can you outline which x86_64 server configuration you were comparing against?

[-]

lightmatter501@reddit

Ampere’s bigger chips were up to 256 cores in a dual socket server way before x86. The cores are a bit weaker but most developers aren’t making intelligent use of them anyway, so it’s not a big performance loss.

[-]

forcemcc@reddit

Everything. The real question is what is windows being used for? Most environments I consult for only use windows for SQL server, and they all have plans to move those workloads to something else.

[-]

Plantatious@reddit (OP)

See, I'm the opposite. The only time I've come across Linux in environments is with Observium. 99.9% of K12 educational institutions out there run Windows environments, so running Windows Server only makes sense. Barely anyone even runs headless Windows because there's this irrational dislike for PowerShell, and the overhead for a GUI is always taken into account when buying hosts or building VMs.

[-]

pdp10@reddit

Ironically, Microsoft SQL Server has had a Linux version for quite a few years. Probably the Freemium version doesn't have a Linux version, though.

[-]

ABlankwindow@reddit

We are hybdrid, in azure environment, most of our linux are related to SOC. we had more when we were still on prem. When we moved to cloud some things got moved to PAAS\SAAS azure offerings that used to be linux servers. but wherever we can we use linux. cheaper and generally speaking more reliable on up\down time to use linux.

[-]

malikto44@reddit

A few things Linux does well:

Spawning containers or VMs. I can use a utility to pop off and provision stuff very easily in Linux. Windows isn't that easy, especially with activation and all that goes with it.
Easy administration. You can (and should, IMHO) do all administration from a SSH or console prompt.
Small footprint. I can carve functional VMs with two gigs of RAM. Windows, you really need 8 gigs minimum.
A lot of tools. If I want to stuff Microsoft SQL Server in a Docker container, I can.
Linux does software RAID extremely well. Linux md-raid is bulletproof, and a lot of SANs use that on the backend. ZFS is something that is often used and is hard to kill. If one wants more flexibility, there is UnRAID. If on RHEL, where one doesn't have access to a checksumming filesystem, there is making a RAID stack from dm-integrity, md-raid, LVM, and XFS, perhaps adding kmod-kvdo and LUKS as well.
It is easy to make and image Linux servers, especially if you use LDAP authentication and either use FreeIPA/IdM, LDS with AD, or LDAP with Entra, so you can easily have users federated out, and NFS directories automounted.

[-]

pdp10@reddit

I can carve functional VMs with two gigs of RAM. Windows, you really need 8 gigs minimum.

We go a lot smaller than that. Your current distro-default 64-bit kernel is going to take up less than 16MiB. Checking a random server, it's got Systemd using 12.3MiB resident and a workload using 74MiB resident, both of which I consider too profligate, but you can see how 256 or 512MiB machines are often very practical when workloads aren't running in JVM/CLR.

[-]

illicITparameters@reddit

Not a linux admin, but in mixed environments the most common usage I’ve seen is Syslog, web servers, database servers, and virtual appliances like SIEMs, vCenter, and management appliances.

[-]

AtlanteanArcher@reddit

Yea, we have a ruckus controller running in a linux vm.

[-]

Braydon64@reddit

Linux servers are used for literally anything that isn’t AD or print servers…

[-]

astonishing1@reddit

Linux can be a print server as well.

[-]

Braydon64@reddit

True, although I see windows used for that more

[-]

astonishing1@reddit

That's because it can get tied into AD and the GP stuff in Windows. If you have a mixed Win/Lin environment, Windows likes to be the boss of everything, and it is bad to have two print servers servicing and queuing the same printer (like crossing the streams in Ghostbusters).

[-]

Brufar_308@reddit

Packetfence 802.1x NAC CMDB and helpdesk. And a bunch of things other people have already listed.

[-]

UninvestedCuriosity@reddit

One place that has always lead me to find interesting things and pretty decent walkthroughs on setups is howtoforge. That's not where I got started but it was that website which helped me really embrace it. Now my environment is mostly debian with a few windows DC's, file servers, and print servers. Mostly because it's just easier when hooking into windows server proprietary functions or third party driver features.

But there's Linux for everything. Even multicast image deployment through things like fog project. Hypervisors, routers, really everything.

Browse through the guides there under debian and you'll get lots of ideas and most of them offer pretty good linux hygiene as well in terms of doing the normal basic security things.

Just get in there, setup some vm's, try things, follow guides, break things, fix things. I'm actually kind of jealous you have this entire beautiful thing to learn. There's so much less pain than 20 years ago when I got going.

[-]

TheDawiWhisperer@reddit

Linux servers are mostly used to increase my dependency on slcohy

[-]

dagamore12@reddit

Nessus, there is a free home use licenses for like 10ip'(?), Splunk(no idea if free home use) licensing servers(think IBM Flex) for applications (think matlab and creo). to add on to what others have pointed out.

[-]

TecheunTatorTots@reddit

Looks like there was (not sure if it is still true) a free 60 day trial for Splunk, and a free home version that caps at 500 mb per day ingest and lacks a lot of the features that would make it useful, like alerts for instance.

[-]

dagamore12@reddit

Yeah i use it at work, not at home, but with a 500mb ingest limit, it would still be good for setting it up and deploying the client for testing/homelabbing.

[-]

TecheunTatorTots@reddit

True, yeah for a homeland it should be fine. Not sure that I'd deploy it in a small office with more than five machines, though.

[-]

doomygloomytunes@reddit

Databases, containers, web servers, web proxies, dns, running applications and middleware

[-]

fitting_pieces@reddit

For my environment, linux is used all the way from Devel boxes to internet-facing production systems.

[-]

pdp10@reddit

Virtualization or container host (KVM/QEMU, Proxmox, Xen, Kubenetes)
NAS/SAN (NFS, iscsid, LIO)
router (ravd, Quagga, Bird, B.A.T.M.A.N., VyOS)
firewall (Smoothwall, nftables)
web proxy or reverse proxy (Squid, Varnish)
email server (Postfix, Dovecot, etc.)
WiFi AP (hostapd, dnsmasq)
DLNA server (minidlna)

[-]

Ssakaa@reddit

They can be used to replace almost any service you'd run on Windows, though they don't do a great job replacing AD in a Windows environment, and even worse for SCCM/MECM/WDS, no WSUS equivalent for Windows clients as well. Core network infrastructure is a solid, easy, win if you're not already providing those via an appliance (not requiring CALs for every device on the network for DHCP and DNS is a handy benefit, though you'll still want to reach back to AD's integrated DNS for that layer).

Outside the Windows world, virtualization hosts (XEN/KVM/Proxmox), webservers (external website or internal web interface based services), container hosts (docker/kubernetes/podman), log aggregation/SIEM (Splunk/ELK/Graylog), service and system monitoring/metrics tools (Ichinga/Nagios/Zabbix/Prometheus/Grafana), user directories (LDAP), SSH, SFTP, file servers (SMB, NFS), storage services (Ceph/Gluster/Minio/Longhorn/iSCSI), centralized management (Ansible AWX/Chef/Puppet), vulnerability scanning (Nessus/OpenVAS), databases (Postgres/MariaDB), email (postfix/sendmail/exim). Let alone all manner of network layer services, from DNS, DHCP, etc. through VPNs, virtualized switches, overlay networks, etc.

Out of those, if you're not already providing it on the Windows side, and depending on your scale, centralized log aggregation and system/service monitoring can both be big steps towards improving your ability to be more proactive, but the cheaper up front cost, the more effort you can expect to "get it right" to a point that it's genuinely helping you. Vulnerability scanning can be good too, but will increase your workload until you a) catch up on everything it opens your eyes to and b) sort out the valid and invalid concerns, and get your rulesets sorted.

[-]

lectos1977@reddit

Most of mine are securiry and utility appliances. Pihole, Zabbix, openvas, wazuh, email Journaling. The sky is the limit. Wherever you need an open source server to fill in the blanks.

[-]

gaveros@reddit

My org uses it for: Oracle Database Clusters Some in house web applications running LAMP Node Red Proxy for AWS from our production network to our global production software Ansible for network switch upgrades

And a few other odds and ends, apart from the one-two servers with samba everything else is domain joined with SSSD

[-]

Ezzmon@reddit

They can do pretty much anything. But like you we have a primarily windows environment. The 2 linux VMs that come to mind on our network: 1) a Nessus VM for internal pen testing and 2) a locked down Ubuntu TFTP server that stores switch config backups

[-]

obviousboy@reddit

You could poke around here - https://www.linuxfoundation.org/projects

Just random crap off the top of my head

Asterisk - VOIP system

OpenDaylight/OVS - SDN platform on Linux (if your into networking you can read about google and facebooks own networking they built on Linux) facebooks is available publicly - FBOSS

Run your own CICDCD with concourse and spinnaker

Run your own virtualization platform with Openstack

[-]

_BoNgRiPPeR_420@reddit

Anything internet-facing in our environment runs Linux. Web servers, SFTP, rsyslog, k8s, etc. Some applications also require it in the Enterprise. Hospitals that run EPIC probably have Linux servers running cache for example.

[-]

mr-phillips@reddit

I use mine to run

Zabbix : SNMP Monitoring

Wazuh: SEIM

[-]

holiday-42@reddit

Dhcp, DNS, radius,syslog, file servers like samba file server, tftp server, ftp server, nas, plex.