Don’t get me wrong, I used to be a Linux fanboy.
But after Admining in both the Linux and Windows world, I have to say: There’s a reason Microsoft has a dominant market position in business.

AD is fucking awesome. And I don’t understand why Linux is so…finnicky out of the box. There just isn’t a unified default out of the box solution where you can click a button to create a domain controller and have everything in your domain tied together, from user rights on all clients, to file shares, to mailboxes.
This should be the strong point of Unix-likes, considering their history, but it just isn’t.

On AD, you authenticate once when you log into your PC (which even works without contact to the authentication server). And then all the resources you’re allowed to use are available to you. All the admin has to do for new users is assign them to the right groups in a GUI or with a script, and everything is taken care of.

On Linux, that just isn’t the case (unless the domain is managed by AD, that integrates Linux clients well also). Linux is stuck in a time where your client was nothing more than a keyboard attached to a network device that connects you directly to the server.

And authentication is a mess out of the box. A password prompt should have the purpose of checking whether the correct person is sitting in front of the keyboard to do things. On Linux, you log into your client when you boot it. But by default, every time you want to access system resources which you are already allowed to use you need to authenticate again – from within the user account that’s already authenticated. It makes no sense.

And don’t even get me started on how awesome GPO’s are compared to the methods you have to manage Linux clients.