Follow
A lot of VM testing of Linux with AD auth. It's come a Long way in the lat five years but I've had a very curious reaction to it all and don't like how much I need to rely on AD admins. I'd rather do the bit of extra work and just use more traditional methods. Am I just being reactionary?
But the simple fact is while it works via SSSD and PAM black magic it needs careful organization and thought at the domain level and nobody is willing to do that so fuck it.
And not all software plays well with it, not the free stuff anyway. Anything that authenticates via prototypical linux/UNIX methods needs to be able to talk to the PAM stack.
Essentially the boss made this argument a while back that it is absurd we have this perfectly good authentication infrastructure and why weren't we using it? I went a bit FOSS warrior in response which of course always fails.