1 / 21

Chapter 5

Chapter 5. Managing a Server. Overview. Server management Examine networking models Learn how users are authenticated Manage users and groups Manage file system permissions. Managing a Server. Managing a server Access to the server Who has permission to access

snowy
Download Presentation

Chapter 5

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 5 Managing a Server

  2. Overview • Server management • Examine networking models • Learn how users are authenticated • Manage users and groups • Manage file system permissions

  3. Managing a Server • Managing a server • Access to the server • Who has permission to access • Access restrictions to the server and its resource • File, printer, etc. • Access control schemes can be through • LAN • Internet

  4. Network Models • Network model • How the server is configured and interact with the network • Two basic network models • Microsoft LAN Approach • LAN Domain • Working Group • Client/Server

  5. Microsoft LAN Approach usr1 server usr2 ROUTER usr4 usr2 ROUTER usr4 usrr3 usrr3 Working Group LAN Domain

  6. Microsoft LAN Networking Models-Workgroup • Treats each computer in the network as an equal or peer • Also called peer-to-peer networking • Decentralized network (be able to draw it) • Each computer must have complete name of users and their info. • Each computer can be either a client and a server • When you allow others to access resources on your computer, your computer is acting as a server • When you access resources on another computer, your computer is acting as a client

  7. Microsoft LAN Networking Models-Workgroup • Appropriate for networks with 10 or less computers • A number of disadvantages • Need user names and passwords of users who need resources • Difficult to keep track of changing passwords • Most users do not want to administer resources on their computer

  8. Microsoft LAN Networking Models-LAN Domain • One or more centralized servers (single domain) • Single, centralized logon • Single point of control • Users can be given access to resources anywhere in the domain

  9. Client/Server Networking Model • Networking in Linux follows the client/server model • Server provides the resource (web server) • Client talks to the server (browser, e-mail program) • Server has a corresponding program that communicates with the client (runs in the background) • In Windows the server program called service • In Linux the server program called daemon in Linux

  10. Authenticating Users • Process of determining a user's true identity • Three basic methods • What you know – user name and passwords • What you have – entry card • Who you are – biometrics

  11. Implementing an Authentication System • If a Windows network has older computers running NT, 95, or 98, the server must use NTLM • NT LanManager is an authentication protocol • It is not as secure as Kerberos, which is the default for Windows 2000, 2003, and XP • Authentication system developed by MIT • Allows two parties exchange private information • Uses the ticket (key) mechanism

  12. Managing Users and Groups • Users need accounts to access resources on a server • On a Web server there is a restricted account that is used on behalf of Internet users • In a LAN, users with common resource needs are put in a group and the group is given access to the resource

  13. Users and Groups in Windows • Local accounts exist on a single computer and can be used to control resources only on that computer • Domain accounts can be used to control resources on all the computers that are part of the domain • Active Directory (AD) allows domains to be grouped into a forest • Microsoft Exchange requires AD

  14. Groups in Windows • Domain local groups have members from the same domain • Assign permissions to resources in the same domain • Global groups have members from the same domain • Can be used to assign permissions to resources in any domain • Universal groups can have members from any domain • Can be used to assign permissions to resources in any domain Domain 1 Group 2 Group 1 Domain 2

  15. File System Permissions • Permission allow you to control access to the resources on a computer such as a Web page, a document, or a program • In Windows, the NTFS file system is required in order to assign permissions • All Linux file systems incorporate permissions

  16. File System Permissions in Windows

  17. File System Permissions in Linux

  18. Linux Permissions • Permissions are set for user, group, and others • Each permission is set with a single digit from 0 to 7 based on the combination of permissions • read = 4 • write = 2 • execute = 1

  19. Using chmod to Set Permissions

  20. Do the following labs • Project 5-2 to 5-4 using Windows • Your DNS must work before doing this lab • Uninstalling the Active Directory • If the AD is already installed go on to 5-3 • Giving control to groups  Show the permissions in the apps directory • Project 5-5 to 5-8 using Linux • Giving control to groups Show all the permissions

  21. Project (March. 13) • What is the difference between the LAN Domain network model and the Service/client model (both centralized?, advantages and disadvantages of each) • Discuss some (3 examples) of the existing biometric techniques. What products are available? Who makes them? Who uses them? • Examine technical advantages of Kerboros authentication system over NT LanManager. • Describe how Kerboros works. What are other examples of authentication systems? How are they compared to MIT’s Kerboros.

More Related