Locking Down Linux Desktops In an Enterprise?

supermehra writes "How do you move 300 desktops, locked down with Windows ADS Group Policies (GPO), over to Ubuntu desktop? We have tried Centrify, Likewise, Gnome Gconf, and the like. Of course, we evaluated SuSe Desktop Enterprise and RedHat Desktop. Samba 4.0 promises the server side, however nothing for desktop lockdown. And while gnome gconf does offer promise, no real tools for remotely managing 300 desktops running gnome + gconf exist. All the options listed above are expensive, in fact so expensive that it's cheaper to leave M$ on! So while we've figured out the Office suite, email client, browser, VPN, drawing tools, and pretty much everything else, there seems to be no reasonable, open source alternative to locking down Linux terminals to comply with company policies. We're not looking for kiosk mode — we're looking for IT policy enforcement across the enterprise. Any ideas ladies & gentlemen?"

How about: less douchebaggery?

[mr_bubb]

Instead of spending $$$ on bondage and discipline, how about treating your users like adult human beings?

Re:How about: less douchebaggery?

[dna_(c)(tm)(r)]

That's the most retarded thing I've ever seen.

You're right, but we are talking about large corporations that lock down their desktops, after all.

Re:MOD PARENT UP

[tepples]

If every directory your users can write to is mounted as noexec, and you don't do something boneheaded like giving them sudo access, they will be completely unable to install software.

How long until PC vendors start selling PCs configured this way to unsuspecting home users?

Re:Isn't this something Unix solved decades ago?

[QuantumG]

We're talking about desktop machines you fucking retard.