Hi,
I've been running Linux as a workstation OS for years, and have been dealing with Windows networks and standalone Linux servers for a while now. However, the time has come for me to complete redo the server installation and am looking to move to a complete CentOS install base, with only Windows workstations.
My question is the following. I've been searching online for a good reference to describe good practices when building a linux network, but haven't really been able to find much when it comes to best practices for user administration, ACLs, "optimal" (or recommended) file locations, etc. For example, I know I need an LDAP server, but not sure how that ties into system login, or how to use a Linux LDAP server as the basis for a primary domain controller (is it still called that given Windows AD world?), etc. Or even how to properly create group structures and ACLs that accurately reflect group ownership/etc. The octal permissions at the file level are only good enough for a single group; I need to give multiple groups different permissions on the same files, etc.
I realize that there are a lot of questions that I need to research, but I was hoping someone could point me in the direction of some advanced admin docs with best practices, etc. Most of the stuff I find relates on how to set up a basic standalone PC, without any reference to how to network together a bunch of servers running off central authentication, etc...
Thanks for the advice!
Eric
Eric B. wrote:
Hi,
I've been running Linux as a workstation OS for years, and have been dealing with Windows networks and standalone Linux servers for a while now. However, the time has come for me to complete redo the server installation and am looking to move to a complete CentOS install base, with only Windows workstations.
My question is the following. I've been searching online for a good reference to describe good practices when building a linux network, but haven't really been able to find much when it comes to best practices for user administration, ACLs, "optimal" (or recommended) file locations, etc. For example, I know I need an LDAP server, but not sure how that ties into system login, or how to use a Linux LDAP server as the basis for a primary domain controller (is it still called that given Windows AD world?), etc. Or even how to properly create group structures and ACLs that accurately reflect group ownership/etc. The octal permissions at the file level are only good enough for a single group; I need to give multiple groups different permissions on the same files, etc.
I realize that there are a lot of questions that I need to research, but I was hoping someone could point me in the direction of some advanced admin docs with best practices, etc. Most of the stuff I find relates on how to set up a basic standalone PC, without any reference to how to network together a bunch of servers running off central authentication, etc...
Thanks for the advice!
Eric
Eric,
if you are thinking of setting up ldap, email, address book ...etc.. all in one go ... then you need to test out ...something like zimbra from zimbra.com
"Shibu C Varughese" shibucv@itmission.org wrote in message news:4739E414.4060504@itmission.org...
My question is the following. I've been searching online for a good reference to describe good practices when building a linux network, but haven't really been able to find much when it comes to best practices for user administration, ACLs, "optimal" (or recommended) file locations, etc. For example, I know I need an LDAP server, but not sure how that ties into system login, or how to use a Linux LDAP server as the basis for a primary domain controller (is it still called that given Windows AD world?), etc. Or even how to properly create group structures and ACLs that accurately reflect group ownership/etc. The octal permissions at the file level are only good enough for a single group; I need to give multiple groups different permissions on the same files, etc.
I realize that there are a lot of questions that I need to research, but I was hoping someone could point me in the direction of some advanced admin docs with best practices, etc. Most of the stuff I find relates on how to set up a basic standalone PC, without any reference to how to network together a bunch of servers running off central authentication, etc...
Eric,
if you are thinking of setting up ldap, email, address book ...etc.. all in one go ... then you need to test out ...something like zimbra from zimbra.com
Thanks for the input; I have already looked at Zimbra, and it looks like a very interesting soln for me once I have everything else set up. I see Zimbra as a nice group-ware pkg, but not as something to help me with user-authentication to the server (for shell access), setting up file permissions, shares, SMB permissions/shares, etc, etc, etc.
Tx!
Eric
----- Original Message ----- From: "Eric B." ebenze@hotmail.com To: centos@centos.org Sent: Wednesday, November 14, 2007 9:58:15 AM (GMT+1000) Australia/Brisbane Subject: [CentOS] Re: A good primer to User Administration?
"Shibu C Varughese" shibucv@itmission.org wrote in message news:4739E414.4060504@itmission.org...
My question is the following. I've been searching online for a good reference to describe good practices when building a linux network, but haven't really been able to find much when it comes to best practices for user administration, ACLs, "optimal" (or recommended) file locations, etc. For example, I know I need an LDAP server, but not sure how that ties into system login, or how to use a Linux LDAP server as the basis for a primary domain controller (is it still called that given Windows AD world?), etc. Or even how to properly create group structures and ACLs that accurately reflect group ownership/etc. The octal permissions at the file level are only good enough for a single group; I need to give multiple groups different permissions on the same files, etc.
I realize that there are a lot of questions that I need to research, but I was hoping someone could point me in the direction of some advanced admin docs with best practices, etc. Most of the stuff I find relates on how to set up a basic standalone PC, without any reference to how to network together a bunch of servers running off central authentication, etc...
Eric,
if you are thinking of setting up ldap, email, address book ...etc.. all in one go ... then you need to test out ...something like zimbra from zimbra.com
Thanks for the input; I have already looked at Zimbra, and it looks like a very interesting soln for me once I have everything else set up. I see Zimbra as a nice group-ware pkg, but not as something to help me with user-authentication to the server (for shell access), setting up file permissions, shares, SMB permissions/shares, etc, etc, etc.
Tx!
Eric
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wed, 2007-11-14 at 10:11 +1000, redhat@mckerrs.net wrote:
----- Original Message ----- From: "Eric B." ebenze@hotmail.com To: centos@centos.org Sent: Wednesday, November 14, 2007 9:58:15 AM (GMT+1000) Australia/Brisbane Subject: [CentOS] Re: A good primer to User Administration?
"Shibu C Varughese" shibucv@itmission.org wrote in message news:4739E414.4060504@itmission.org...
My question is the following. I've been searching online for a
good
reference to describe good practices when building a linux network,
but
haven't really been able to find much when it comes to best
practices for
user administration, ACLs, "optimal" (or recommended) file
locations,
etc. For example, I know I need an LDAP server, but not sure how
that
ties into system login, or how to use a Linux LDAP server as the
basis
for a primary domain controller (is it still called that given
Windows AD
world?), etc. Or even how to properly create group structures and
ACLs
that accurately reflect group ownership/etc. The octal permissions
at
the file level are only good enough for a single group; I need to
give
multiple groups different permissions on the same files, etc.
I realize that there are a lot of questions that I need to
research, but
I was hoping someone could point me in the direction of some
advanced
admin docs with best practices, etc. Most of the stuff I find
relates on
how to set up a basic standalone PC, without any reference to how
to
network together a bunch of servers running off central
authentication,
etc...
Eric,
if you are thinking of setting up ldap, email, address book ...etc..
all
in one go ... then you need to test out ...something like zimbra
from
zimbra.com
Thanks for the input; I have already looked at Zimbra, and it looks like a very interesting soln for me once I have everything else set up. I see Zimbra as a nice group-ware pkg, but not as something to help me with user-authentication to the server (for shell access), setting up file permissions, shares, SMB permissions/shares, etc, etc, etc.
Tx!
I'll vote for zimbra too, has been brilliant for me. It is sort of appliance like in that you typically don't need to do much to a server to turn it into a working system. Mine runs as a Xen VM and I'll soon (5.1) be clustering it.
As far as tutorials go, I found that http://howtoforge.com/ is an excellent source of such types of articles.
---- Now I know that there are a few Zimbra users on this list - probably most of them won't agree with the author of my link below whom I think it can be determined was not very happy with Zimbra...
http://lists.andrew.cmu.edu/pipermail/info-cyrus/2007-November/027543.html
cyrus-imapd is used by some serious mail administrators so the discussions on this list tend to be technical.
I have no experience with Zimbra so I am incapable of adding to the discussion but thought the link to a different point of view should be offered.
To the OP...
Linux by it's nature doesn't necessarily lend itself to a turnkey solution - at least not Red Hat (or CentOS by inference), nor the other Linux distributions.
Obviously Microsoft has done an excellent job at exploiting this weakness.
I suppose you could fool with Sun's various services, Novell offers similar, and I suppose so does Red Hat but none are fully integrated and lead you through wizard-wize from start to finish and setup an entire network infrastructure.
What I found that worked for me was to learn LDAP and the book that made it happen for me was 'LDAP System Administration by Gerald Carter' While this book is getting old and out of date, it actually makes LDAP very clear and once you get the basic idea of LDAP down, then adding everything else to it (samba/windows networking, cups, various authentication services) all become obvious. There are no magic tools that teach you LDAP - you can't install some GUI thing and understand what is going on...it doesn't happen that way.
Craig
"Craig White" craigwhite@azapple.com wrote in message news:1195007481.9807.13.camel@lin-workstation.azapple.com...
if you are thinking of setting up ldap, email, address book ...etc..
all
in one go ... then you need to test out ...something like zimbra
from
zimbra.com
Thanks for the input; I have already looked at Zimbra, and it looks like a very interesting soln for me once I have everything else set up. I see Zimbra as a nice group-ware pkg, but not as something to help me with user-authentication to the server (for shell access), setting up file permissions, shares, SMB permissions/shares, etc, etc, etc.
Now I know that there are a few Zimbra users on this list - probably most of them won't agree with the author of my link below whom I think it can be determined was not very happy with Zimbra...
http://lists.andrew.cmu.edu/pipermail/info-cyrus/2007-November/027543.html
Wow - thanks for the link. Definitely an interesting point of view to read. I'd be curious to see how well Zimbra holds up if I even choose to go that route. There are other OSS Groupware servers out there as well, but Zimbra did seem interesting, and their purchase by Yahoo gives them a little more credibility in my books. But again, this is a "down-the-road" thing for me.
Linux by it's nature doesn't necessarily lend itself to a turnkey solution - at least not Red Hat (or CentOS by inference), nor the other Linux distributions.
Obviously Microsoft has done an excellent job at exploiting this weakness.
Agreed - MS has done a great job of putting a server for network dummies package with their AD system. But the truth is that I am not looking for that; I was the control and flexibility that RH / OSS offers and not be stuck with the MS way or no way.
I suppose you could fool with Sun's various services, Novell offers similar, and I suppose so does Red Hat but none are fully integrated and lead you through wizard-wize from start to finish and setup an entire network infrastructure.
Agreed; once again I'm not looking for a wizard (although it would be nice! :) ). Rather, I'm looking for some reference material to better understand how all these different systems mesh together, and how to get the login (kerberos ?) system to work with LDAP to work with NFS, ACLs, SFTP, etc, etc, etc. I seem to have trouble finding reference material for "server farm" rollouts - most of the material I find is all geared towards standalone machines.
What I found that worked for me was to learn LDAP and the book that made it happen for me was 'LDAP System Administration by Gerald Carter' While this book is getting old and out of date, it actually makes LDAP very clear and once you get the basic idea of LDAP down, then adding everything else to it (samba/windows networking, cups, various authentication services) all become obvious. There are no magic tools that teach you LDAP - you can't install some GUI thing and understand what is going on...it doesn't happen that way.
Thanks for the tip; I'll take a look into it and see what I can pick up from it!
Eric
On Tue, 2007-11-13 at 18:58 -0500, Eric B. wrote:
"Shibu C Varughese" shibucv@itmission.org wrote in message news:4739E414.4060504@itmission.org...
My question is the following. I've been searching online for a good reference to describe good practices when building a linux network, but haven't really been able to find much when it comes to best practices for user administration, ACLs, "optimal" (or recommended) file locations, etc. For example, I know I need an LDAP server, but not sure how that ties into system login, or how to use a Linux LDAP server as the basis for a primary domain controller (is it still called that given Windows AD world?), etc. Or even how to properly create group structures and ACLs that accurately reflect group ownership/etc. The octal permissions at the file level are only good enough for a single group; I need to give multiple groups different permissions on the same files, etc.
I realize that there are a lot of questions that I need to research, but I was hoping someone could point me in the direction of some advanced admin docs with best practices, etc. Most of the stuff I find relates on how to set up a basic standalone PC, without any reference to how to network together a bunch of servers running off central authentication, etc...
Eric,
if you are thinking of setting up ldap, email, address book ...etc.. all in one go ... then you need to test out ...something like zimbra from zimbra.com
Thanks for the input; I have already looked at Zimbra, and it looks like a very interesting soln for me once I have everything else set up. I see Zimbra as a nice group-ware pkg, but not as something to help me with user-authentication to the server (for shell access), setting up file permissions, shares, SMB permissions/shares, etc, etc, etc.
Tx!
Eric
Eric,
I would also have a look at SME - http://wiki.contribs.org/Main_Page
It does most of the things you are looking for out of the box and is based on CentOS.
The other thing is to ave a look at the Samba site which has a number of tutorials and case studies.
Regards
Rob
You should take a look at http://www.clarkconnect.com/
This Centos 4.X based and include kolab groupware (with toltec outlook connector) Look for the features and software they choose !
On Nov 13, 2007 3:01 PM, Eric B. ebenze@hotmail.com wrote:
Hi,
I've been running Linux as a workstation OS for years, and have been dealing with Windows networks and standalone Linux servers for a while now. However, the time has come for me to complete redo the server installation and am looking to move to a complete CentOS install base, with only Windows workstations.
My question is the following. I've been searching online for a good reference to describe good practices when building a linux network, but haven't really been able to find much when it comes to best practices for user administration, ACLs, "optimal" (or recommended) file locations, etc. For example, I know I need an LDAP server, but not sure how that ties into system login, or how to use a Linux LDAP server as the basis for a primary domain controller (is it still called that given Windows AD world?), etc. Or even how to properly create group structures and ACLs that accurately reflect group ownership/etc. The octal permissions at the file level are only good enough for a single group; I need to give multiple groups different permissions on the same files, etc.
I realize that there are a lot of questions that I need to research, but I was hoping someone could point me in the direction of some advanced admin docs with best practices, etc. Most of the stuff I find relates on how to set up a basic standalone PC, without any reference to how to network together a bunch of servers running off central authentication, etc...
Thanks for the advice!
Eric
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
http://wiki.contribs.org/Main_Page
This is another solution using CentOS
Alain Spineux wrote:
You should take a look at http://www.clarkconnect.com/
This Centos 4.X based and include kolab groupware (with toltec outlook connector) Look for the features and software they choose !
On Nov 13, 2007 3:01 PM, Eric B. ebenze@hotmail.com wrote:
Hi,
I've been running Linux as a workstation OS for years, and have been dealing with Windows networks and standalone Linux servers for a while now. However, the time has come for me to complete redo the server installation and am looking to move to a complete CentOS install base, with only Windows workstations.
My question is the following. I've been searching online for a good reference to describe good practices when building a linux network, but haven't really been able to find much when it comes to best practices for user administration, ACLs, "optimal" (or recommended) file locations, etc. For example, I know I need an LDAP server, but not sure how that ties into system login, or how to use a Linux LDAP server as the basis for a primary domain controller (is it still called that given Windows AD world?), etc. Or even how to properly create group structures and ACLs that accurately reflect group ownership/etc. The octal permissions at the file level are only good enough for a single group; I need to give multiple groups different permissions on the same files, etc.
I realize that there are a lot of questions that I need to research, but I was hoping someone could point me in the direction of some advanced admin docs with best practices, etc. Most of the stuff I find relates on how to set up a basic standalone PC, without any reference to how to network together a bunch of servers running off central authentication, etc...
Thanks for the advice!
Eric
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
2007/11/13, Eric B. ebenze@hotmail.com:
Hi,
I've been running Linux as a workstation OS for years, and have been dealing with Windows networks and standalone Linux servers for a while now. However, the time has come for me to complete redo the server installation and am looking to move to a complete CentOS install base, with only Windows workstations.
For a situation like yours I am using http://freshmeat.net/projects/smbldap-tools/
-
Alain Spineux -
Alexander Georgiev -
Craig White -
Eric B. -
redhat@mckerrs.net -
Robert Slade -
Ross Cavanagh -
Shibu C Varughese