On Wed, 2007-11-14 at 10:11 +1000, redhat at mckerrs.net wrote: > > ----- Original Message ----- > From: "Eric B." <ebenze at hotmail.com> > To: centos at centos.org > Sent: Wednesday, November 14, 2007 9:58:15 AM (GMT+1000) > Australia/Brisbane > Subject: [CentOS] Re: A good primer to User Administration? > > "Shibu C Varughese" <shibucv at itmission.org> wrote > in message news:4739E414.4060504 at itmission.org... > >> My question is the following. I've been searching online for a > good > >> reference to describe good practices when building a linux network, > but > >> haven't really been able to find much when it comes to best > practices for > >> user administration, ACLs, "optimal" (or recommended) file > locations, > >> etc. For example, I know I need an LDAP server, but not sure how > that > >> ties into system login, or how to use a Linux LDAP server as the > basis > >> for a primary domain controller (is it still called that given > Windows AD > >> world?), etc. Or even how to properly create group structures and > ACLs > >> that accurately reflect group ownership/etc. The octal permissions > at > >> the file level are only good enough for a single group; I need to > give > >> multiple groups different permissions on the same files, etc. > >> > >> I realize that there are a lot of questions that I need to > research, but > >> I was hoping someone could point me in the direction of some > advanced > >> admin docs with best practices, etc. Most of the stuff I find > relates on > >> how to set up a basic standalone PC, without any reference to how > to > >> network together a bunch of servers running off central > authentication, > >> etc... > >> > > > > Eric, > > > > if you are thinking of setting up ldap, email, address book ...etc.. > all > > in one go ... then you need to test out ...something like zimbra > from > > zimbra.com > > > > > Thanks for the input; I have already looked at Zimbra, and it looks > like a > very interesting soln for me once I have everything else set up. I > see > Zimbra as a nice group-ware pkg, but not as something to help me with > user-authentication to the server (for shell access), setting up file > permissions, shares, SMB permissions/shares, etc, etc, etc. > > Tx! > > I'll vote for zimbra too, has been brilliant for me. It is sort of > appliance like in that you typically don't need to do much to a server > to turn it into a working system. Mine runs as a Xen VM and I'll soon > (5.1) be clustering it. > > > As far as tutorials go, I found that http://howtoforge.com/ is an > excellent source of such types of articles. ---- Now I know that there are a few Zimbra users on this list - probably most of them won't agree with the author of my link below whom I think it can be determined was not very happy with Zimbra... http://lists.andrew.cmu.edu/pipermail/info-cyrus/2007-November/027543.html cyrus-imapd is used by some serious mail administrators so the discussions on this list tend to be technical. I have no experience with Zimbra so I am incapable of adding to the discussion but thought the link to a different point of view should be offered. To the OP... Linux by it's nature doesn't necessarily lend itself to a turnkey solution - at least not Red Hat (or CentOS by inference), nor the other Linux distributions. Obviously Microsoft has done an excellent job at exploiting this weakness. I suppose you could fool with Sun's various services, Novell offers similar, and I suppose so does Red Hat but none are fully integrated and lead you through wizard-wize from start to finish and setup an entire network infrastructure. What I found that worked for me was to learn LDAP and the book that made it happen for me was 'LDAP System Administration by Gerald Carter' While this book is getting old and out of date, it actually makes LDAP very clear and once you get the basic idea of LDAP down, then adding everything else to it (samba/windows networking, cups, various authentication services) all become obvious. There are no magic tools that teach you LDAP - you can't install some GUI thing and understand what is going on...it doesn't happen that way. Craig