The attack vectors I’m thinking of just come from the inherent complexity and centralization. I’m just considering the amount of damage that can be done with a compromised DA account for example vs a non directory environment.

It’s complicated. Done right it can be more secure, not done right it’s less secure.

I also only get brought in for problems for the last however many years, so I’m probaby a bit biased at this point haha.

I have had to tell companies they are going to have to rebuild thier AD from scratch because they didn’t know what thier DSRM password was (usually after a ransomware attack). These are the sort of hassles I think about vs non AD.

You could look at freeIPA or something similar to stay on Linux.

I’m an AD specialist, starting when it came out with server 2000, and can tell you it’s a waste of time for a home network unless you are doing this just because you want to learn it.

It will definitly not make your life any easier, and will increase attack vectors, especially if you don’t know how to secure and protect it.

I’ve also done the same, it’s been great.

The usb OS drive for Unraid is to load the OS to RAM. Using the SSDs for an OS vs cache drives seems like a waste to me.

I’ve used a whole range of NAS platforms and devices over the years and nothing compares to Unraid for a solid all in one solution for a homelab.

It’s datacapped at 1TB before you get throttled, and the performance is always degrading, and you have to buy from an asshole.

I’d do it if I was desperate, but it’d essentially have to be the only option available.