Hey guys,

At the moment, I have the thrilling task of rebuilding my server because I want to get it up and running. And because I think it's time I really started using Linux more (I know 'bits and pieces' about it but not nearly as much as I do with Windows), I have obtained a copy of Fedora Core 5 to install on said server box.

Now, I think I'll be able to work a lot of basic shit out - I've already installed FC5 in VMWare, and it looks pretty damn simple. And I think I'll be able to work most things out - after all, Google is your friend. Configuring DNS, DHCP, SSH and basic firewalling/routing should be pretty simple, so that will provide my server with a list of basic services. One thing I want to get a bit more info on, though, is the use of file sharing over LINUX with both Linux and Windows clients.

Now, question number 1. Correct me if I'm wrong, but normally you would use both NIS and NFS to provide authentication and file sharing for Linux clients. Am I correct in this? And I take it it's a piece of piss to set up?

Question number 2. Because I will, with any luck in an ideal world, be having both Windows AND Linux clients running off the same network, I'll want to set up Samba as well. Pretty easy, however there's one thing that by the sounds of it will be easier said than done, at least with a little bit of Google searching.

What I want to do is set up a basic set of users (ie. ''root' for SysAdmin, "dogwomble" for general usage, etc.), set up a basic set of shares (ie. sharing '/home' for all users' personal shit, creating a 'sys' share for all the install files and stuff, and a 'raid' share for my huge motherfucking 1.2tb RAID array) and also set up roaming profiles. Easy enough, I would imagine, except for one thing. I want to set it up so that all the usernames and passwords are automatically synchronised between the Samba and the NFS/NIS side of things, as well as have the basic file permissions sharted across so that if I need to set up another user for instance, I only have to add a user and give them a hoe directory once rather than in two separate places. Can someone please give me some pointers on what I need to do for this?

Cheers!

/DW

Heheh.. You should buy APC magazine. The July issue saw the first part of the workshop series that I wrote on "Integrating Linux into Windows networks".

First step - decide on what authentication mechanism that you're going to use. If you already have an Active Directory environment set up at home, it's probably easiest to continue using that instead of creating a second NIS authentication realm. Active Directory can actually work really well with Linux once you have extended your AD schema with MS Services for Unix - a free add-on for Win2K3, and already rolled out with Win2K3 R2 installations.

If you don't have an AD, then you may as well go down the NIS route. Again though, you should install MS SFU on your Windows machines as this comes with a NIS client which allows you to log on to yoru windows system using NIS.

In answer to question 1, NIS and NFS is generally used in large-ish Linux/Unix networks - so you're right there. However, it can be a bit too static for small-networks, which tend to be very ad-hoc in structure. In my experience, I think that I've only ever encountered one situation where NFS simply HAD to be set up. In 99% of cases, you can achieve the same thing by just using Samba - plus you get the benefits of more native file sharing support under Windows too.

In answer to question 2, Samab isn't THAT difficult to set up. It can be to secure, but ince you have grasp of the basic directives that you need to put in the config file, it's pretty simple. The authentication side of things you will have the most drama with, hence why your decision about my first point is the most crucial.

Also, I'd probably advise against FC5 - especially for something like a File Server. FC5 is adequate for an end client system, but you want something that is not as bleeding edge and a bit more stable than Fedora for any kind of server. If you like the RedHat way of doing things with Linux, you can't go past CentOS - it's a free clone of RedHat Enterprise Linux which is as relaible as... something that's really reliable.. :p

Heheh.. You should buy APC magazine. The July issue saw the first part of the workshop series that I wrote on "Integrating Linux into Windows networks".

HOLY CRAP DUDE THATS YOU!!!!! i set up my entire linux network based on your 18 part series over the last couple of years.

you fucking rock mate.

/me does mad pelvic thrusts in Jarrods direction

So I can do it entirely through Samba? As in when asked on a Linux workstation to log in, I can configure it to log in using the Samba server so I can have centralised authentication?

Edit: I think i've worked out how to do it ... just go in and start using WinBing to connect the workstation to the Samba domain????

Another vote for CentOS. I'd just get the server install CD, forget the 4cd install bundle, you don't need to download all that shit.

If you've got an AD server you've got two options, either use SECURITY=DOMAIN for much easier, but less flexible authentication, or use winbind / Kerberus realms which can be a bit tricky. There's plenty of info on doing it both ways.

If you don't have an AD server then you'll probably need to keep a smb password file manually syncronised to the windows users. Or you could get samba to work as a very basic domain server which might make things easier. I haven't ever played with samba's domain server stuff so no idea how robust it is.

that reminds me. i must search for the next 2 APCs.

edit: i already have august. just need july and september.

Yeah once i set up samba with cifs for my xp, mac and linux boxen it was a snap. One trick you should know. whatever you set up as the main file server running samba, give it an os level of 65 (this is an option in the main config). This ensures that whenever the network drops out due to machines down etc, that the main server always wins the browsing elections, which is one of the more timewasting aspects of the protocol.

You can actually set up transparent mounting of samba shares in /etc/fstab although you'll need to set up a user and password for them for authentication. For some reason the debian version wouldn't do it in the actual fstab file, I had to use another file with restricted permissions and had mount.cifs look that up for authentication.