I have always been exposed to windows active directory with server controlled logins, server based “home” directories, etc. With the nature of NixOS it seems like it might be easy to deploy something similar by just setting up the configuration.nix as some sort of symlink to one stored on a central server. The only issue would possibly be how to not create home directories on the local machine and instead store them on server. You might be able to make a central passwd file that gets read, but i am not sure just how secure that would be. Thoughts?
The person telling you to “learn what AD is” is kinda a douche, but they aren’t wrong.
AD is mainly 3 components in one:
- Configuration management across a variety of machines
- Shared logins
- Shared user data across many machines
All of these are doable on Linux. In many ways. Many, many ways. That you have to set up yourself.
For configuration management, do you want ansible, puppet, chef, nix, etc?
For shared logins, do you want openldap, lldap, Red Hat’s ldap, etc?
For shared user data, do you want nfs, systemd-homed, or something else?
And for all of those, you have to evaluate, maybe test, and then select a solution, and then set it up yourself in a resilient manner.
Nixos, as a server distro, can host the relevant services needed for this. As a desktop distro, it can also do configuration management. But that’s missing the point of AD, in my opinion.
The point of AD, and how it managed to become so popular, is that it is all of those, in an all-in-one solution that is simple to use (joining Windows machines to a domain is trivial), and it also comes with paid support.
Even if you were to build your own alternative on Nixos, which would be a lot of tinkering and twiddling, then you would end up with some of the same core features, but you would have to maintain, secure, etc, it yourself, and not having to do those to such an extent is why people buy Active Directory. There would be no alternative to things like Group Policy, instead you would be writing your own nix code.
So yeah. Unless someone comes along and builds an all-in-one solution on top of Nixos, nixos isn’t really an alternative to active directory. You can replicate the core features. But it’s not an alternative.
This was very informative and a good explanation. So thank you. That’s very much appreciated.
I did not have time to write all of this and be certain I didn’t miss something.
So I summarized into learn the topic to understand the question is meaningless.
AD roaming, AD SSO, Policies, Etc.
This is nis and nfs
Learn what AD is and then delete this question.
Learn what manners are and delete your non-answer.
Anno domini
You are looking for an old style mainframe, NixOS is about configuration and programs installed.
Depending on your need you can achieve what you want with just some ssh connections and stuff, you can even tunnel a graphical interface!
However if you are just looking for file sharing and syncing, you can just make and http or ftp (tho this protocol is not recommended anymore) and access it across several computers.
You can also use auto-sync processes (IIRC “rsync” is one) or just a syncing daemon and a git repo.
NixOS can help you, but only on the way you apply a configuration. I personally just have my own setup file in github.