Hi, now I have no idea where this thread belongs since it really isn't specific to anything since I am going to give a scenario of the network we had at uni 4 years ago the best place I thought was here since it isn't server specific or software as that is what i am going to ask about!

To know how it works is the most important thing for a networking student!

Now, we had a few central servers I think 4 all together. One of them contained the student usernames and /home dirs. Whenever we logged in from any machine on the network of course same username and password would be used then our home directory would be that of the main server.

I have ruled out XDMCP login as that is a remote X login which wastes bandwidth as X gets transferred over the network. Also since each machine had an individual operating system first Red Hat then Fedora Core 3 later.

So I'm thinking it is NIS and LDAP but I'm not sure.

Probably to create the UIDs of all the students a script was used as in
sorry for the sudo code here!!

but the mechanism in between I do not know?

I have simulated this on my network by creating the same user on 2 machines ; the main server and my desktop then doing an NFS mount to /home and then chrooting the user to the dir on the /home/... path. However with the insecurity adn short comings of NFS I don't think that this would be used, also to run through this procedure 3000 times would not seem likely.

If anyone knows how to do this or can point me to some links giving an idea of what services where used and how it can be done I would be very greatful!!

Thanks

I don't think there is enough data here from which to draw definitive conclusions about the underlying mechanisms deployed at the site. You'd have to do some more research and detective work to gain clues. You've mentioned some possibilities. They key functionality is:

• Shared file system space
  Commonly used options: NFS, Samba, Andrew
• Directory services
  Commonly used options: replicated passwd/group files, NIS, NIS+, LDAP, Kerberos

The pros and cons in any solution are factors to consider in making a selection, but certainly cannot be used as evidence that any given choice was made.

There are many factors to consider in selecting software. Some important factors for the above services are: performance, reliability, cost, security, budget, organization size, IT competence, and target OS platforms.

Perhaps if you have more specific questions, others might also provide some additional information.

The other mechanism that is of interest (not suggesting that it was necessarily employed) is automounting of home directories, so the chrooting issues aren't so relevant.

Hmm, as to what they used maybe I'd have to get into contact with them, they still should remember me.

I guess I was after a way to do this and since Linux always gives many ways I am wondering of what the methods or mechanisms are to give this ability. As stated before I have simulated this with an NFS mount of /home of server on workstation then chowning the user to the corresponding /home/user dir on server (hope this makes sense).

But in this case all authentication is local.

Mr C. as I understand Samba is open source version of smb protocol used by windows? And would not be used Linux to Linux. NFS is a possibility although how would an auto mount work with NFS? Not meaning automount in /etc/fstab but when logging in?

Also you mentioned Andrew. Is that a linux protocol?

I have heard mainly that NFS isn't used due to security being virtually non existant so I'm a bit lost of how to do something like this in a proffessional context.

I know it's a lot to ask but since I don't have much knowledge in this area, are there any pointers of how to start to learn?

LDAP is used by Scalix for example, which I use, however authentication is local but if one constructed an LDAP server in theory then the network login and other applications requiring authentication could be made to use it? So all that's left would be the /home dir issue.

Read the description of automount here

http://www.linuxhomenetworking.com/w...ccess_with_NFS under section 7.

Here you've used the term chown, and previous chroot. I think there you are confusing chown and chroot with chdir (aka in shell, cd). These are very important distinctions.

Ok, so then you are talking about an /etc/passwd file most likely.

Right. Samba implements the Windows file and print protocols. But it can be used Linux-to-Linux. There are server components and there are client components. Like most *nix services, one or both can be run on any machine, making machines clients, servers, or client-servers.

Let's not confuse how and when a mount is performed with the underlying remote file system technology deployed. Automounting can be used to assist mounting of any file system type. Have a look at Week 4 Notes, "NFS, Automounter" at : http://cis68c2.mikecappella.com/ . This should help give you an overview.
http://en.wikipedia.org/wiki/Andrew_File_System
Yes, security has been an issue with NFS, yet it still has its place. There are some mechanisms that can help harden NFS' security, and NFSv4 goes further. There are plenty of companies that use it.
You seem to be asking questions about general concepts and some implementation details. This would be an excellent book for you:

http://www.amazon.com/Linux-Administ...3679911&sr=8-2
Again, where the LDAP server resides is entirely a matter of choice. The salient point is that there are LDAP query bindings built into the main system authentication components such as PAM. This allows any PAM-aware application to authenticate via LDAP (or other authentication method).

Thanks for the replies guys, billymayday your link was great and exactly what I needed to understand a bit more about this, I just need a few free machines now to play around with it to learn more

Mr C. as always your input is invaluable:

Sorry I confused I meant chroot; as in changing the users root directory from /home/user to /anydir.

Local PAM authentication yes /etc/passwd

Thanks for the link! I will look at all your emailed links soon, I'm so greatful as I actually have some propper material Linuxwise to learn from!

; and yes samba is run on most *nix based systems including BSD and OSX as both smbd and nmbd using netbiosns and netbiosds I think was the other one.

Ok ok google.com I know I'm sorry!

Again thankyou! You also mentioned some other book guides in another one of my threads which I will check soon to find out the line you mentioned. Also if you have any other suggestions for books as I think you have a handle on where I'm lacking (ok ok in all areas! lol, but still I have managed to get a network going from scratch which says something) and it would be a great source for me to LEARN and hopefully one day be as competent and good as you and billymayday.

But in general thankyou so much guys for everything; I just whish I had someone around me that would be able to help out like this and give me the constant kick up the butt when I get things wrong or half way. But at least this kind of guidence is making me realize a lot, mainly the fact that I need to do much more work in the linux department as the home grown network has many limitations.

Kaya :-)

Nice site.

It is good. The name belies a much more professional product than one would expect. Very useful reference on a lot of topics (not just the step by step howtos one tends to see).

Yes I read through the NFS automount and found a nice NIS tutorial:

http://www.linuxhomenetworking.com/w...onfiguring_NIS

adn also one for LDAP and RADIUS, which is good as it will enable me to hookup routers and switches to LDAP by using RADIUS. It even gives the Cisco commands for that which is a big advantage as Cisco support both RADIUS and TACACS+. Defintely something to try at home :-)

http://www.linuxhomenetworking.com/w...DAP_and_RADIUS

I think I need more research thuogh in the basic technologies of how they work and I'm sure I can find alot through Google. As the fundimentals are the most important thing before continueing to more advanced stages.

I don't mean to be negative but I lost a bit of confidence last night with all of this; I know I'm at the begining of the road unlike you guys who are way down and hence are experts in your fields. But when you guys reply sometimes I feel like a real juniour even with a few years linux experiance under me. As I said before I look up and respect you guys for being so good and knowing so much but still it feels like I'm battling with things on occasion. I guess because I wana be an equal and not a say a beginner.

I guess only solution is read and time/experiance, but still it doesn't make it any easier!

Well, you sound like you'll pick it up ok.

I reckon (unless you're up against a deadline) you just need to chill out, lean back and do a lot of reading until you've got your head around all the options/protocols. If you take your time it'll sink in better.
Then, when you've got it (sufficiently) straight, come up with a design and start a new thread for us to comment on it.
If you rush it you'll end up with a mess..

In the meantime, feel free to ask more qns if you don't get something.

Thanks for the vote of confidence chrism01

Maybe I am too hard on myself as a student, and I know I have little patience when it comes down to things as I expect to have all the core material locked in my brain before I get to industry.

Taking a step back to read and query first is probably a good idea, since I have no one around me who knows anything about Linux as is; chilling should be the way forward ironically. I guess it would make it easier to have someone patting you on the back when you've done a good job or exceeded expectations. However I have only had my servers up and running since Feburary of this year so I guess that was my starting point at server design.

I guess now I am happy and proud to be part of this community that looks after each other from Senior level to Jouniour level and back again.

Anyhow I have to get ready for an exam now for my Cisco CCNA, I'm trying to complete the course which is 12 months in 5 months and it seems like I'm doing ok so far judging by my results and the fact that my lecturer is letting me teach the students a few concepts aswell.

hmm... who knows maybe one day I'll be helping people on this forum too at the advanced level?

Thanks!