LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Virtualization and Cloud
User Name
Password
Linux - Virtualization and Cloud This forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.

Notices

Reply
 
Search this Thread
Old 07-24-2012, 06:00 AM   #1
Nick_C
Member
 
Registered: Jan 2012
Location: London, England, UK
Distribution: CentOS, Mageia, Debian, Fedora, openSUSE, Ubuntu
Posts: 232

Rep: Reputation: Disabled
Virtualizing complex Windows environment under Linux QEMU


Having a bit of trouble visualising how user authentication could work in the following senario:
  • Workstation virtualization - this is all on the same machine
  • Linux KVM/QEMU as the virtualization host partition
  • VM1 - Win 2008 R2 - Active Directory server
  • VM2 - Win 7 workstations, various
The Win 7 workstations can be started up after the Active Directory server so they can be joined to the domain. Now I am guessing that the Linux Host cannot be part of the Windows Domain because it starts up before the Active Directory server.

There are going to be some NTFS partitions which will need to be shared with the Win 7 VMs. Assume this will be done from the Linux Host using NTFS-3g to access them and Samba Server to make them accessible to the Windows clients.

Question is how user account authentication could work under this senario. Clearly what I want is for the user accounts to be authenticated against the Active Directory Server but how can we do that if the Linux Host is not part of the ADS?

Last edited by Nick_C; 07-24-2012 at 06:02 AM.
 
Old 07-24-2012, 06:46 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,390

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
It could be in the domain I guess, but it's really not common. You can use LDAP access to AD if you wish to provide access as well, usually after installing the schemas for unix on AD. In my experience a virtualisation host would have no reason to be in any domain context. It should be doing NOTHING other than running VM related activities, and I think you're at risk of making things more complicated than they should be.
 
1 members found this post helpful.
Old 07-24-2012, 06:55 AM   #3
Nick_C
Member
 
Registered: Jan 2012
Location: London, England, UK
Distribution: CentOS, Mageia, Debian, Fedora, openSUSE, Ubuntu
Posts: 232

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
It could be in the domain I guess, but it's really not common. You can use LDAP access to AD if you wish to provide access as well, usually after installing the schemas for unix on AD. In my experience a virtualisation host would have no reason to be in any domain context. It should be doing NOTHING other than running VM related activities, and I think you're at risk of making things more complicated than they should be.
Hi Chris,

Yes, I would prefer it if the VM Host did nothing other than running VMs, that would be ideal. Problem is I can't see how the Active Directory Server could get access to the other physical NTFS partitions on the host machine to serve them out to the Win 7 clients. What I need is some sort of disk partition pass-through but I don't think anything like that exists at the moment.

Nick
 
Old 07-24-2012, 07:00 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,390

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
disk pass through? The VM's don't need to have a clue that they are virtualized at all. It shouldn't interfere. Each drive would be a vm image, or a san mount etc. Why would there be conventional physical NTFS partitions??
 
Old 07-24-2012, 09:45 AM   #5
Nick_C
Member
 
Registered: Jan 2012
Location: London, England, UK
Distribution: CentOS, Mageia, Debian, Fedora, openSUSE, Ubuntu
Posts: 232

Original Poster
Rep: Reputation: Disabled
Probably because creating a file share on a Physical volume is the only way I know of making that volume available inside a VM.

> Each drive would be a vm image, or a san mount etc

Problem is I occasionally need to boot to a different OS and access these drives as physical NTFS volumes. Therefore I wouldn't really want to convert those partitions to vm images. Don't know about the SAN mount option though, not sure how that works. Could I somehow have the Linux VMHost making these NTFS voulmes available as SAN disks and then have the Win ADS connect to those and share them normally to the Win 7 clients.

Nick
 
Old 07-24-2012, 11:40 AM   #6
jefro
Guru
 
Registered: Mar 2008
Posts: 11,506

Rep: Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403
Are you trying to boot to some partition and also then run it as a VM?


As stated above. A vm is to be treated just as if it were a real computer. All the rules apply. You don't need to start up the server first to use windows 7. You have to cache credentials or use a local logon or apply the ldap to the linux.
 
Old 07-24-2012, 02:19 PM   #7
Nick_C
Member
 
Registered: Jan 2012
Location: London, England, UK
Distribution: CentOS, Mageia, Debian, Fedora, openSUSE, Ubuntu
Posts: 232

Original Poster
Rep: Reputation: Disabled
Perhaps I didn't explain fully:

Multi-boot server Win2k3/Win2k8/Hyper-V/soon to be installed Linux VM host. Also has a couple of disk drives with a number of NTFS partitions which are used by each of the different OSs.

Problem is how to make these NTFS partitions available to the Active Directort Server VM hosted within the Linux partition.
 
Old 07-24-2012, 02:37 PM   #8
jefro
Guru
 
Registered: Mar 2008
Posts: 11,506

Rep: Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403Reputation: 1403
You make a directory or partition available by either or both of two means. One is to use the VM's ability to access partitions. Each VM has some way to integrate a local resource to the vm.

The other way is to use the partition just as any remote resource can be used. You mount it by some means in the host and then use network to access. Windows could share the resource by nfs, cifs/samba. ftp, tftp or webdav or other such as iscsi and more.
 
Old 07-24-2012, 03:54 PM   #9
dyasny
Member
 
Registered: Dec 2007
Location: Canada
Distribution: RHEL,Fedora
Posts: 836

Rep: Reputation: 91
ok, before you get into the technicalities, are you sure a single host will pull off the windows infrastructure servers as well as a set of VMs? This setup looks a lot like a typical VDI solution to me, so if that's really the case, I would suggest you look at some more advanced solutions instead.

In any case, you can script the AD server to start up first, poll it for it's services to come up (for example use dig in a loop until it's DNS replies), and after that kick off the start of the desktop VMs.
 
Old 07-26-2012, 08:54 AM   #10
Nick_C
Member
 
Registered: Jan 2012
Location: London, England, UK
Distribution: CentOS, Mageia, Debian, Fedora, openSUSE, Ubuntu
Posts: 232

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by jefro View Post
One is to use the VM's ability to access partitions.
but I'm sure last time I tried this only a whole disk drive, not just each single partition could be shared in Virtual Machine Manager.

Quote:
Originally Posted by jefro View Post
The other way is to use the partition just as any remote resource can be used. You mount it by some means in the host and then use network to access
So does this mean using NTFS-3g then Samba to share there partitions. If so how can this work if the Linux VMHost cannot be part of the Windows domain? Alternatively is there some iSCSI way of doing this, I haven't tried out iSCSI yet so don't know what its capabilities are, for example can it make available an NTFS partition or does it again require the whole disk?

Last edited by Nick_C; 07-26-2012 at 08:56 AM.
 
  


Reply

Tags
active directory, samba permissions


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Advice on preconfiguring a complex environment to install elsewhere dewdrop_world Ubuntu 15 08-07-2011 09:39 AM
Virtualizing FreeBSD in qemu on an opensuse host inspiron_Droid *BSD 1 04-16-2008 03:55 PM
LXer: Getting around Windows Activation when Virtualizing LXer Syndicated Linux News 0 07-12-2007 02:46 PM
Connecting Linux to a Complex Windows wifi network tfm1 Linux - Wireless Networking 2 09-28-2006 01:34 PM
qemu running linux under windows linuxmandrake Linux - Software 1 10-18-2005 10:34 AM


All times are GMT -5. The time now is 09:51 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration