This depends on the services you deploy and the number of concurrent users. The minimum requirements that we usually give are Intel core i5, 8GBs of RAM and the disc depending on the data. Remember to use Ubuntu-certified hardware.
You can use the virtualization software of your choice, simply keep in mind that it has to support the 20.04 version of Ubuntu Server (the base distribution of Zentyal 7.X).
Commercial Edition comes with extra features, quality assured updates and each commercial version is maintained for 4.5 years. You can also get official support for Commercial Edition.
Backup, User authentication in HTTP Proxy (Samba integration with HTTP Proxy), User profile pictures management, IPSec/L2TP, Domain-based HTTPS web pages block, Importing/exporting of users and groups, Audit mode on/off (file server), Smart Admin (Kernel manager, Reports & Alerts), Antivirus on-access scan, DHCP Option 150 and 155 for IP phones configuration. Remote monitoring and management of registered servers (for distributors).
Zentyal as a domain controller, has no more limitations – in terms of capacity, than those inherent in Samba4. Domains with thousands of users are properly managed with no limitations other than functional levels (Windows Server 2008-R2), non-replication of SYSVOL and those derived from server hardware capabilities.
GPOs are managed with RSAT installed on any Windows machine joined to the domain and on which you log in with a user account having “Domain Admin” rights.
Yes, it is usually possible to migrate the LDAP objects (users, groups, OUs, etc.) by joining Zentyal to the domain and replicating.
If the other DCs are correctly configured, authentication and DNS will continue working. You should be aware that manual configuration is required to synchronize GPOs, shared resources, roaming profiles and personal folders.
Zentyal comes with HA only for user replication. What are your specific requirements? For example, HA for files can be manually configured keeping in mind some limitations.
It is possible to authenticate Linux/Mac clients against Zentyal Active Directory manually. Simply keep in mind that some concepts (e.g. “joining to the domain”) are not technically possible.
Yes. HTTP sites can be blocked with the HTTP Proxy module. HTTPS sites can be blocked at connection level using the Firewall module by the ranges of IP addresses, by adding a custom firewall rule or by using OpenDNS as the main DNS forwarder. In the Commercial Edition you can also easily block HTTPS web pages by domain.
Yes, you can do this with stubs. Keep in mind that you shouldn’t modify the configuration files directly as these will be overwritten every time the configuration templates are processed (e.g. when saving changes).
Yes, you can install Zentyal Server on cloud (e.g. AWS). Keep in mind that due to the clould architecture itself, there are modules that it is probably not a good idea to install in the cloud. On a basic cloud deployment you could enable the following modules: Network, NTP, DNS, Samba, Mail, Webmail, CA, VPN and Mailfilter. You would need another Zentyal Server on premises to configure a site-to-site VPN to connect to the Zentyal Server installed on cloud and DHCP module to configure the clients.