Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
We are in the process of moving our office workstations from Windows to Linux. We would like to implement a "terminal-like" environment where users are created on a single server, then when someone logs into any workstation in the office, they are authetnicated against that server and all personal settings (e.g. Desktop, Firefox bookmarks, Thunderbird email) are pulled from the server. On logout, all changes are saved back to the server. If this were done securely (e.g. TLS), that's a definite plus.
I know this can be done, but I'm not sure what specific terms to google for. If someone could point me too some howtos are tell me what to search for, I'd appreciate it. For what its worth, the clients will be Redhat FC2 and the server will (likely) be OSX. TIA!
Last edited by TruckStuff; 11-16-2004 at 06:04 PM.
Distribution: FC1, Gentoo, Mdk 8.1, RH7-8-9, Knoppix, Zuarus rom 3.13
Posts: 98
Rep:
Re: One server, lots of linux clients
Quote:
Originally posted by TruckStuff We are in the process of moving our office workstations from Windows to Linux. We would like to implement a "terminal-like" environment where users are created on a single server, then when someone logs into any workstation in the office, they are authetnicated against that server and all personal settings (e.g. Desktop, Firefox bookmarks, Thunderbird email) are pulled from the server. On logout, all changes are saved back to the server. If this were done securely (e.g. TLS), that's a definite plus.
I know this can be done, but I'm not sure what specific terms to google for. If someone could point me too some howtos are tell me what to search for, I'd appreciate it. For what its worth, the clients will be Redhat FC2 and the server will (likely) be OSX. TIA!
You could try and roll-your-own with LDAP providing the centraized authentication. I have setup something like what you describe with OpenLDAP where the user account, password, uid, gid are all kept on the LDAP server so when someone logs into a new linux box for the first time the LDAP server get's polled, if the user doesn't have a home directory on the client then one is made automagically and populated with profile information for their shell, X-windows manager, etc. This all happens with pam / ldap interaction. I have set it up with TLS and x.509 certificates. I created a CA and signed my own. It wasn't fun but it's possible. Some lean toward ldap / kerberos but I used ldap / sasl and feel good about it.
Far as browser and email client settings following a user around, I don't know of a way of setting that up.
check the openldap website.
If you are looking for a "turn-key" solution.. basically install and it runs itself.. I have no info for ya. Linux is still aimed at CompSci majors or control freaks (like me) and is still not suitable for your average administrative assistant. If you find something to fit the bill I'd love to hear about it.
Could you run everything off the server via SSH clients?
I'm not sure what exact requirements you have, but if you could, all authentication would be local, so that might simplify administration. Your server CPU and memory would obviously go up.
I'm just trying to brainstorm ideas here... is it possible to setup a user's home dir over an NFS or SMB share? If I could do that, and handle the authentication with LDAP, that would seem to knock out most of what I am looking for.
I'm sure we've all seen this type of setup done in large labratory setups on Windows. If windows can do it, SURELY Linux can.
Here's a couple of thoughts to maybe steer you in the right direction or give you more ideas or for you to look at and think "what in the blue h*** was he smoking because I want some".
On each of your new shiny Linux clients make an entry in the /etc/fstab and point it to an NFS and/or SAMBA share located on your central server where you want all your user's /home directories to be. Tel the fstab file to mount it automatically upon bootup. Host all of the /home directories for your users in there.
When creating your users I know there is a way to specify their home directory location. I believe the syntax is useradd -d /custom/directory/here username . I would then point this directory to your share mentioned above so that whenever a user logs on it will look for their /home directories in the custom share, so that no matter what all changes, options, settings, etc will be located on the central server. This will effectivally give them the equivlent of a roaming profile in windows.
The thing I don't know how to get around, however is authencation on the central server. I don't have the foggiest idea how to tell a computer to authenticate users on another computer as supposed to their compuer. I would be VERY interested to find out how it's done however as it would be very userful.
Anyway there's a couple of suggestions or thoughts to get you started.
Distribution: FC1, Gentoo, Mdk 8.1, RH7-8-9, Knoppix, Zuarus rom 3.13
Posts: 98
Rep:
Quote:
The thing I don't know how to get around, however is authencation on the central server. I don't have the foggiest idea how to tell a computer to authenticate users on another computer as supposed to their compuer. I would be VERY interested to find out how it's done however as it would be very userful.
Tap
Like I said. LDAP and PAM is -one- solution to this. look up a message or two and you'll see what I said about it. The biggest convienance is that ldap can be used for other things on the network besides authenticating linux logons. It can function as your email directory too for instance. Of course you'll have to secure the ldap server since it holds all the keys to the kingdom so to speak.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.