I am an experienced MS administrator of W2003 servers & Exchange systems.
I have 5+ years UNIX mid-level experience but not in centOS. Grounded in SCO UNIX (the real SCO UNIX).
We want to use CentOS on a recently grave yarded Dell poweredge 400SC server.
This is a P4 3.0 Ghz, w/4GB memory, 2 SATA 250 GB disks.
We want to use this server w/CentOS5, to provide file and print resources to 100 users.
Each Department wants control over common folders of info for only their group.
Each user wants control over their folders.
Pretty much standard permissions for departments.
Is this do-able with the server and centOS5 and 100 users?
Thank you in advance.
Ken
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Ken Sedlacek Sent: Tuesday, August 07, 2007 5:18 PM To: centos@centos.org Subject: [CentOS] Will this work? server+centOS5+100users?
I am an experienced MS administrator of W2003 servers & Exchange systems.
I have 5+ years UNIX mid-level experience but not in centOS. Grounded in SCO UNIX (the real SCO UNIX).
We want to use CentOS on a recently grave yarded Dell poweredge 400SC server.
This is a P4 3.0 Ghz, w/4GB memory, 2 SATA 250 GB disks.
We want to use this server w/CentOS5, to provide file and print resources to 100 users.
Each Department wants control over common folders of info for only their group.
Each user wants control over their folders.
Pretty much standard permissions for departments.
Is this do-able with the server and centOS5 and 100 users?
Sure you can, my only question is why?
I just bought a Dell Poweredge 860 1u unit with a Quad 2.4GHz Xeon processor 2x4MB L2 cache and 4GB of memory for $1700.
Granted it only has 2 84GB internal SATA drives, but it is ready to hook up to a storage enclosure, which could be a MD1000 which has 15 drive bays driven by a PERC 5e controller.
Now of course the external enclosure will cost some $$ but it will provide for growing performance and capacity needs and you can always swap out the 860 for a higher end machine down the line without having to backup/restore your data volumes.
A 400SC might make a good print server, but it will struggle as a good file server, especially as users start to want things like volume snapshots and replication, etc.
Start with a lightly populated MD1000, say 4 SATA drives in RAID5 or RAID10 and 2 SATA drives mirrored for snapshots.
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
On Tuesday 07 August 2007 23:17:31 Ken Sedlacek wrote:
I am an experienced MS administrator of W2003 servers & Exchange systems.
I have 5+ years UNIX mid-level experience but not in centOS. Grounded in SCO UNIX (the real SCO UNIX).
We want to use CentOS on a recently grave yarded Dell poweredge 400SC server.
This is a P4 3.0 Ghz, w/4GB memory, 2 SATA 250 GB disks.
We want to use this server w/CentOS5, to provide file and print resources to 100 users.
Each Department wants control over common folders of info for only their group.
Each user wants control over their folders.
Pretty much standard permissions for departments.
Is this do-able with the server and centOS5 and 100 users?
It is perfectly possible on CentOS, but I would suggest dedicated distro like Openfiler (loosly based on CentOS)
Regards,
On Wednesday 08 August 2007 11:55:45 Ralph Angenendt wrote:
Tomasz Napierała wrote:
It is perfectly possible on CentOS, but I would suggest dedicated distro like Openfiler (loosly based on CentOS)
Errm, no. It isn't.
You're right, it was, but not anymore. I had an impression that rPath is based on CentOS, but I can't find any information to prove that ;)
Regards,
Ralph Angenendt wrote:
Tomasz Napierała wrote:
It is perfectly possible on CentOS, but I would suggest dedicated distro like Openfiler (loosly based on CentOS)
Errm, no. It isn't.
Or SMEserver, which is: http://www.contribs.org. If you have to ask this question, I'd suggest at least looking at SMEserver. If it does what you want it is probably the easiest system to install and manage (all simple web forms). I'm not sure if it's group concepts will do quite what you want, though. You might have to give dept managers full admin access or do certain operations for them.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Les Mikesell Sent: Wednesday, August 08, 2007 12:28 PM To: centos@centos.org Subject: Re: [CentOS] Will this work? server+centOS5+100users?
Ralph Angenendt wrote:
Tomasz Napierała wrote:
It is perfectly possible on CentOS, but I would suggest
dedicated distro like
Openfiler (loosly based on CentOS)
Errm, no. It isn't.
Or SMEserver, which is: http://www.contribs.org. If you have to ask this question, I'd suggest at least looking at SMEserver. If it does what you want it is probably the easiest system to install and manage (all simple web forms). I'm not sure if it's group concepts will do quite what you want, though. You might have to give dept managers full admin access or do certain operations for them.
I'm not sure an appliance is the solution here as the user said it is the only server, so where is his account information going to reside?
Most appliances don't provide user account management only integration.
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
Ross S. W. Walker wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Les Mikesell Sent: Wednesday, August 08, 2007 12:28 PM To: centos@centos.org Subject: Re: [CentOS] Will this work? server+centOS5+100users?
Ralph Angenendt wrote:
Tomasz Napierała wrote:
It is perfectly possible on CentOS, but I would suggest
dedicated distro like
Openfiler (loosly based on CentOS)
Errm, no. It isn't.
Or SMEserver, which is: http://www.contribs.org. If you have to ask this question, I'd suggest at least looking at SMEserver. If it does what you want it is probably the easiest system to install and manage (all simple web forms). I'm not sure if it's group concepts will do quite what you want, though. You might have to give dept managers full admin access or do certain operations for them.
I'm not sure an appliance is the solution here as the user said it is the only server, so where is his account information going to reside?
Most appliances don't provide user account management only integration.
SMEserver includes web forms to set up accounts and can act as a windows domain controller. It also provides web, ftp, and email/webmail services and it combines the 'group' concepts for unix permission groups with email groups to simply things. The down side is simply that if it doesn't already do what you want (or have a contributed module) it is much harder to customize that a stock centos - but it does most of what you'd want as a windows server out of the box - and includes some options for backups.
On Wednesday 08 August 2007 18:31:18 Ross S. W. Walker wrote:
[snip]
I'm not sure an appliance is the solution here as the user said it is the only server, so where is his account information going to reside?
Most appliances don't provide user account management only integration.
-Ross
Openfiler uses internal LDAP server to manage group/user permissions.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Tomasz Napierala Sent: Thursday, August 09, 2007 4:59 AM To: CentOS mailing list Subject: Re: [CentOS] Will this work? server+centOS5+100users?
On Wednesday 08 August 2007 18:31:18 Ross S. W. Walker wrote:
[snip]
I'm not sure an appliance is the solution here as the user
said it is
the only server, so where is his account information going
to reside?
Most appliances don't provide user account management only
integration.
-Ross
Openfiler uses internal LDAP server to manage group/user permissions.
I did not know that, good to know. Does it by chance also act as a Kerberos key distribution center?
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
Ken Sedlacek wrote:
I am an experienced MS administrator of W2003 servers & Exchange systems.
I have 5+ years UNIX mid-level experience but not in centOS. Grounded in SCO UNIX (the real SCO UNIX).
We want to use CentOS on a recently grave yarded Dell poweredge 400SC server.
This is a P4 3.0 Ghz, w/4GB memory, 2 SATA 250 GB disks.
We want to use this server w/CentOS5, to provide file and print resources to 100 users.
Each Department wants control over common folders of info for only their group.
Each user wants control over their folders.
Pretty much standard permissions for departments.
Is this do-able with the server and centOS5 and 100 users?
You can certainly do this with CentOS-5.
You will want to install samba and join the server to your Active Directory domain ... here is a guide that works:
http://www.howtoforge.com/samba_ads_security_mode
(skip the part that has you download new samba RPMS from samba.org ... the centOS 5 RPMS work OK for ADS ... you will want to use winbind)
You will most likely want to make sure that you have ACL support for CentOS-5 and you will want to edit the /etc/fstab and change your shared folder to have ACL support. Here is an article on ACLs for centos:
http://techxworld.com/community/blogs/features/archive/2007/05/21/acls-on-sa...
To do this, you should ensure that you have created a separate partition/mount for the file shares. I usually do this in /home/samba/ for public shared items and /home/<DOMAIN>/ for the users home directories ... and I usually have home as a separate mount ... like this:
/dev/sda4 /home ext3 defaults,acl 0 0
You will need to be able to use the getfacl and setfacl commands to setup initial permissions.
Johnny Hughes wrote:
Ken Sedlacek wrote:
I am an experienced MS administrator of W2003 servers & Exchange systems.
I have 5+ years UNIX mid-level experience but not in centOS. Grounded in SCO UNIX (the real SCO UNIX).
We want to use CentOS on a recently grave yarded Dell poweredge 400SC server.
This is a P4 3.0 Ghz, w/4GB memory, 2 SATA 250 GB disks.
We want to use this server w/CentOS5, to provide file and print resources to 100 users.
Each Department wants control over common folders of info for only their group.
Each user wants control over their folders.
Pretty much standard permissions for departments.
Is this do-able with the server and centOS5 and 100 users?
You can certainly do this with CentOS-5.
You will want to install samba and join the server to your Active Directory domain ... here is a guide that works:
http://www.howtoforge.com/samba_ads_security_mode
(skip the part that has you download new samba RPMS from samba.org ... the centOS 5 RPMS work OK for ADS ... you will want to use winbind)
You will most likely want to make sure that you have ACL support for CentOS-5 and you will want to edit the /etc/fstab and change your shared folder to have ACL support. Here is an article on ACLs for centos:
http://techxworld.com/community/blogs/features/archive/2007/05/21/acls-on-sa...
To do this, you should ensure that you have created a separate partition/mount for the file shares. I usually do this in /home/samba/ for public shared items and /home/<DOMAIN>/ for the users home directories ... and I usually have home as a separate mount ... like this:
/dev/sda4 /home ext3 defaults,acl 0 0
You will need to be able to use the getfacl and setfacl commands to setup initial permissions.
I forgot to post docs for acl on centos5:
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-acls.html
On Wed, 2007-08-08 at 05:57 -0500, Johnny Hughes wrote:
I forgot to post docs for acl on centos5:
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-acls.html
Let me shamelessly plug some more ACL documentation ;): http://kajero.com/books/unixsystems/html/chap-filesystem.html#chap-filesyste...
-- Daniel
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Ken Sedlacek Sent: Tuesday, August 07, 2007 5:18 PM To: centos@centos.org Subject: [CentOS] Will this work? server+centOS5+100users?
I am an experienced MS administrator of W2003 servers & Exchange systems.
I have 5+ years UNIX mid-level experience but not in centOS. Grounded in SCO UNIX (the real SCO UNIX).
We want to use CentOS on a recently grave yarded Dell poweredge 400SC server.
This is a P4 3.0 Ghz, w/4GB memory, 2 SATA 250 GB disks.
We want to use this server w/CentOS5, to provide file and print resources to 100 users.
Each Department wants control over common folders of info for only their group.
Each user wants control over their folders.
Pretty much standard permissions for departments.
Is this do-able with the server and centOS5 and 100 users?
Thank you in advance.
Well, it's not the most ideal setup, but if you are determined to stick with it, here's how I would configure the hard disks:
part raid.1 --size=128 --ondisk=sda part raid.2 --size=128 --ondisk=sdb part raid.3 --size=100 --grow --ondisk=sda part raid.4 --size=100 --grow --ondisk=sdb
raid /boot --fstype ext3 --level=RAID1 --device=md0 raid.1 raid.2 raid pv.1 --fstype "physical volume (LVM)" --level=RAID1 --device=md1 raid.3 raid.4
volgroup CentOS --noformat --pesize=32768 pv.1
logvol / --fstype ext3 --name=root --vgname=CentOS --size=8192 logvol swap --fstype swap --name=swap --vgname=CentOS --size=4096 logvol /var/spool --fstype ext3 --name=spool --vgname=CentOS --size=16384 logvol /home --fstype ext3 --name=home --vgname=CentOS --size=51200 logvol /shared --fstype ext3 --name=shared --vgname=CentOS --size=51200
This will start you off with a 50GB /home for user's home directories and 50GB /shared for shared files, but since it's using LVM you can extend either as the need occurs and then extend the underlying file system. It will also allow you to attach a storage enclosure in the future, add the RAID LD to the CentOS VG, pvmove the data over to it and then vgsplit the LD off into it's own VG. I would avoid doing snapshots until you get an external enclosure with a separate LD for handling just snapshots.
You can then create sub folders under /shared for each department.
I would probably start by using LDAP for users and groups and Kerberos for passwords even if it is a single server. It might take a little bit longer to get going, but it will ensure that any new server added can immediately join-up and you will not need to re-map all uid/gid permissions because they weren't setup appropriately to begin with.
Use UID/GIDs that are significantly higher then the defaults, leave the defaults for local user accounts and assign the network UIDs and GIDs starting at like 10000-99999 if you decide to migrate to Windows AD you can then map to the RIDs using winbind starting at 100000-999999.
You will need a backup solution too, don't forget have a backup strategy from the start!
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
<big snip>
You will need a backup solution too, don't forget have a backup strategy from the start!
-Ross
Amen to that, Ross. I've used a few, but have found that the paid solution from Arkeia[1] is pretty damned solid and easy to use.
HTH, ~Ray
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Ray Leventhal Sent: Wednesday, August 08, 2007 12:08 PM To: CentOS mailing list Subject: Re: [CentOS] Will this work? server+centOS5+100users?
<big snip> > > You will need a backup solution too, don't forget have a backup strategy from the > start! > > -Ross > > Amen to that, Ross. I've used a few, but have found that the paid solution from Arkeia[1] is pretty damned solid and easy to use.
I've heard good things about BitLeap http://www.bitleap.com/
I have a friend who runs ops at a not-for-profit swear by it.
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
-
Daniel de Kok -
Johnny Hughes -
Ken Sedlacek -
Les Mikesell -
Ralph Angenendt -
Ray Leventhal -
Ross S. W. Walker -
Tomasz Napierała