|
|
This section of the site is here to help you in the Server Setup area of the LDAP/NFS Network Authentication system. It is divided into sections for LDAP setup, NFS setup, and Samba setup.
NOTE:
 |
|
|
|
This site will give detailed instructions of how to duplicate our setup, which allows for Windows 2000, Mac OS X, and Linux clients to connect and authenticate from the same system. The steps are very detailed, and quite complicated. This is NOT a novice level system. You MUST have a strong level of competency using a command line Linux system.
These instructions will go through several steps, and you must follow them carefully until the end. There will be steps in the middle to test various parts, but those same tests will NOT work in the final product.
If you choose to not use the full instructions (like leave out Windows support) it will change the whole system, and you are on your own to make it work. That said, Windows setup is the most difficult part of the whole thing, and leaving that out would make it all a LOT easier.
We will follow the following path for our setup.
1) Set up your linux servers.
2) Set up the initial LDAP server.
3) Set up the nfs mounts/server.
4) Set up the samba server.
5) Change the LDAP server to work with samba.
6) Set up a test Linux, Mac, and Windows client. Test system.
7) Set up the Linux clients.
8) Set up the Mac OS X clients.
9) Set up the Windows 2000 clients.
10) Add user accounts and machine accounts.
|
|
|
|
|
|
|
Before setting up your servers, you need to do some network architecture planning. How many servers you need, and the power of those servers, will depend on the load you plan on putting on those servers. Our system is for our department only, not for the whole campus. As such, it does not have as high of demands on it as some others may have in trying to implement a campus wide solution.
For our system, we use Debian Linux for all our servers. Everything we have used to provide this service is open source software, running on x86 hardware. There are MANY other alternatives out there to this, some of which may be easier, or more difficult, to set up. However, our open source solution provides a VERY cost effective solution. All instructions found here are given for Debian Linux. If you are using another flavor of Linux, or totally different OS altogether, then we assume you know enough about your system to make the changes as required to make our setup work for you.
We have a cluster of three Debian Linux servers providing all the services for our network authentication system. We currently have around 300 users (about 1/2 of which are removed every semester), and 100 client machines, and our system works great for our needs. Before doing any work on your servers, I highly suggest you spend some time determining what your needs are and making sure you have the infrastructure in place to support your needs. Our two main servers (LDAP and NFS) are 800 Mhz Pentium 3's with 512 Megs of RAM.
In our system, we have three main servers. One to provide LDAP authentication, which also functions as the samba server, one to provide NFS file sharing and storage of home directories, and one to provide web services (which I will NOT cover in this tutorial). It is fairly easy to scale the system to a greater number of servers if needed, simply by changing the path for where home directories are found. Scaling up LDAP on the other hand can be a bit more tricky. You could simply have multiple LDAP servers and add them all into the search path for the clients, but then to search, the client has to look through the entire first server to determine it's not there, then search the second, and so on and so on. There most likely are ways to improve and speed up this process, but we have not had a need to do so yet with our small user base.
Once you have taken a good look at your needs, and have some sort of an idea of how many servers you will need, along with the power of those servers, and the storage space you will need, then we are ready to begin with our installation. Our documentation will show how to duplicate a three server setup as we have done.
Now, let's continue on and start with the LDAP setup.
|
