Replacing Windows Server DC/AD with a Zentyal Server

[marcelovvm]

It is possible replace a Windows Server 2008 domain controller with Active Directory and some simple GPO (like sharing, default icons, default wallpaper, etc.) with a Zentyal server? If yes, which services I will need to use in Zentyal?

[ian]

It is possible ,

From the install menu install:

Domain controller and file sharing
Firewall
DNS server
Antivirus
Printers

Best regards,
Ian

[BerT666]

Sidenote:

In Zentyal you use the RSAT Tools to deploy GPO like on M$ Servers ;-)

[noclue]

From my test bench yes is the simple answer. I am a Windows network admin and from that point of view Zentyal is the easiest to get familiarized on for a new-to-linux person. The nomenclature used for the menu options and settings are immediately familiar to a Windows server admin. I have tested Nethserver and Univention. Univention interface was too dissimilar for an easy switchover while Nethserver the nomenclature is very Linux like and requires a bit more getting used to but othewise I was able to also build an AD/DC with Nethserver quite easily. However Zentyal has better AD functionality because you can create AD objects in the Zentyal web interface while I cannot see this function in Nethserver. You might think this is not important but actually it is because RSAT is only installable on Widows PRO clients. If you are not using a PRO client then you have no access to RSAT and therefore not able to create AD objects in Nethserver.

From scratch to setting up the domain in Zentyal with a few users and some shared folders took me less than a day. I was able to join Windows 10 clients and Windows Vista clients into the domain and checked that all the ACLs to the shared folders worked. I was also able to connect to the domain using RSAT tool to create AD objects. Then I used the GPM control from my window client to connect to Zentyal and create GPOs on each container.

I also deliberately turned the Zentyal server on and off while in the middle of processing to see if it corrupted the AD database. Zentyal passed all the tests so far.

My next plan is to test the backup/restore strategy. If I am able to rebuild a baremetal server and recover the AD in less than 2 hours I will put Zentyal into production. The production will be a scratch Zentyal with a manual rebuild of the AD structure (i.e. manually create all the user accounts and rejoin all the Widows clients into the domain) then retire the Windows SBS 2003. Our office has about 40 users so I factor about a days work to manually rebuild the AD.