As we know domain accounts can have some or loads of various policies which are mostly invisible to the normal users.
Would you agree that installing ignition under domain account should be avoided to prevent potential weird problems which are difficult or impossible to fix?
My understanding that whenever possible local admin account should be used - is it right?
Depending on who you ask, whenever possible the gateway should not be hosted on Windows at all
In general, if you don't need a domain account (i.e. for access to network folders) you should stick to the default LOCAL_SYSTEM account, since it makes your IT group happy with some OS-level restrictions available automatically.
I have not seen it myself but quite curious if it is possible for the operating system to be so locked up that there is no diagnosis available to check what went wrong ? eg. wrapper file empty, no logs in the status page in the gateway?
I recently had to set up Ignition to login with a domain. The IT was getting rid of all local logins to the SQL Server db, which was fair as there was like 60-70 of them that mostly only existed for stored procedure/schema convenience reasons, and they only wanted to have to worry about security of domain users. But this was necessary for me to be able to have Ignition login to the SQL Server as the domain user with an integratedSecurity=true keyword in the connection string. This and network drives are probably the two biggest reasons that would require this.
Personally, I have two Linux servers for R&D. One is Debian Stretch 10, recommended because the debian distro does not get updates often, therefore is a stable branch. On it I run docker with about 20 Ignition instances all running at the same time. Docker is much more lightweight than VMs'.
The other is Ubuntu Server 20.04 LTS.
I shared this tip recently in another thread, for me the best command to know is "history". Type that in, and it will show every command you've entered since first powering up the box, even surviving reboots. If you want to enter the same command again and that appears on line 250, just type !250 or sudo !250, and it will re-enter it for you.
If you are deploying Edge devices on OnLogic hardware, they can pre-install Linux for a small fee. Personally, I go for this, it saves the time of the install and keeping different USB sticks with Linux installers on them.
It's another layer of abstraction, but worth it, especially for R&D testing, IMO. There are some good resources now, on IU, elective studies on Ignition with Docker, and scripts to quickly deploy a new docker container with official installs.
It's really handy for testing the new releases. I basically have a docker image for all minor versions of 8.1
You can only get support for redhat itself, the paid version, installed from the paid repos. If you install Fedora or CentOS, the free versions from free repos, you cannot get support. You would have to reinstall with redhat.