View
223
Download
2
Tags:
Embed Size (px)
Citation preview
Chapter 5Managing a Server
Overview Server management Examine networking models Learn how users are authenticated Manage users and groups Manage file system permissions
Managing a Server Managing a server
Access to the server Who has permission to access
Access restrictions to the server and its resource File, printer, etc.
Access control schemes can be through LAN Internet
Network Models Network model
How the server is configured and interact with the network
Two basic network models Microsoft LAN Approach
LAN Domain Working Group
Client/Server
Microsoft LAN Networking Models-Workgroup Treats each computer in the network as an
equal or peer Also called peer-to-peer networking
Each computer can be a client and a server When you allow others to access resources on
your computer, your computer is acting as a server
When you access resources on another computer, your computer is acting as a client
Microsoft LAN Networking Models-Workgroup Appropriate for networks with 10 or less
computers A number of disadvantages
Need user names and passwords of users who need resources
Difficult to keep track of changing passwords Most users do not want to administer resources
on their computer
Microsoft LAN Networking Models-Domain
One or more centralized servers (single domain) Single, centralized logon Single point of control Users can be given access to resources anywhere in
the domain
Client/Server Networking Model Networking in Linux follows the client/server model
Server provides the resource (web server) Client talks to the server (browser, e-mail program)
Server has a corresponding program that communicates with the client (runs in the background) In Windows the server program called service In Linux the server program called daemon in Linux
A Brief History: Open Platform The good old days
Octopus-like mainframes Only a few venders to choose from Farms of disks where required Applications were specific for each machine
Open platform New client/server architecture Open system allowed mix-and-match
Different application technologies could be purchased from different venders
Examples: server platform, client platform, network protocols, middleware software, etc.
What is Client/Server (C/S) Computing It started as PCs became more powerful
PCs were no longer dumb terminals Provides an open and flexible environment C/S is considered as a form of distributed
software
Distinct characteristics of C/S Server provides the service Client is considered as the customer requesting the service The server service can be shared among a number of clients Clients must request or initiate the service The location of the server in the network is transparent to
clients Transaction between C/S is message-passing based C/S architecture is scalable
horizontally (more clients can added) Vertically (more servers can be added)
The server is centrally maintained where as clients are independent of each other
Systems with C/S Architecture File servers
File sharing and file processing Data base servers
Passing file results Example: Query in DBMS server Typically one single request/reply
Transaction servers Transaction server includes DBMS and transaction monitoring Server has remote procedures run online by the client
web servers Superfat servers and thin clients Uses HTTP protocol Java was first to introduce interactive C/S forms
Client
Client
Server
Server
Internet
Client JAVA
ClientHTML
Application
Client/Server Models Where to push the application to Fat clients
The bulk of the application is running on the client The client knows how the data is organized and where it is Different clients access the same applications different ways
Fat servers The server more complicated The clients are less complex More of the code runs on the server The network interaction is minimized
ServerClient
Application
Middleware Software It is the (/) between client and server which glues them
together Allowing the client request for a service and the server
providing it Middleware can also be between server/server Two broad classes
General LAN servers, TCP/IP, Communication stacks, Queuing services, etc.
Application specific Used to accomplish a specific task Groupware specific: SMTP Internet specific: HTTP Database specific: SQL
Two-Tier vs. Three-Tier Architecture Same basic idea as fat-client versus fat-server Depends on how the application is divided between the server
and the client Two-tier servers
Examples: file servers and database server In this case the process (application logic) is buried within the
client or server (or both) Three-tier servers
Examples: Web and distributed objects In this case the process is run on the middle-tier – separated
from the user and data interface They can integrate the data from multiple sources More robust and more scalable
Client/Server Building Blocks Purpose
How to divide the application between the client and server
What are different functionalities of client and server
Basic client server model Fits various applications
Small office Small business Enterprise Global
Client
Server
Server
Client ServerMiddleware
Single Machine
Client Server
Middleware
Client Middleware
C/SMiddleware
C/S
C/S
C/S
Server Scalability
PC Server
Asymmetric Multi-processing Superserver
symmetric Multi-processing Superserver
Multiservers
Server Scalability Superserver
A very powerful server Single-server or multiserver Each server can have a single processor or multiprocessor Multiprocessing can be Asymmetric or Symmetric
Multiprocessing Asymmetric: each processor is dedicated to a specific task Fully symmetric (SMP): applications are divided into threads and threads are sent to available processors
Examples: 32-bit NT, Unix, NetWare Requires 3 basic functionalities:
Global scheduling I/O sharing structure OS access sharing
Multiservers Pool of servers, providing more processing power (also called a cluster) They divide the task between different servers
Server lite As opposed to full blown servers Provides a background process on the client machine that can accept unsolicited networks request
(refreshing database, synchronizing time, etc.)
Managing Users and Groups Users need accounts to access resources on a
server On a Web server there is a restricted account that
is used on behalf of Internet users In a LAN, users with common resource needs
are put in a group and the group is given access to the resource
Domain Domain
Users and Groups in Windows Local accounts exist on a single computer and can
be used to control resources only on that computer Domain accounts can be used to control resources
on all the computers that are part of the domain Active Directory (AD) allows domains to be
grouped into a forest Microsoft Exchange requires AD
Local Acc.
Forest
Groups in Windows Domain local groups have members from the same
domain Assign permissions to resources in the same domain
Global groups have members from the same domain Can be used to assign permissions to resources in any
domain Universal groups can have members from any
domain Can be used to assign permissions to resources in any
domain
File System Permissions
Permission allow you to control access to the resources on a computer such as a Web page, a document, or a program
In Windows, the NTFS file system is required in order to assign permissions
All Linux file systems incorporate permissions
File System Permissions in Windows
Permission Description
Full Control Full Control includes all other permissions and allows you to take ownership of the file or folder and change the attributes of a file
Modify Allows read, write, and delete
Read With this permission, you can read files but cannot execute them
Write When set on a file, this permission allows you to write to files; when set on a folder, you can write to the folder
Read & Execute Read files and run programs
List Folder Contents This permission allows you to view the contents of a folder
File System Permissions in Linux
Permissiontype
When used with files When used with directories
Read Read a file or copy a file List the contents of a directory
Write Write to the file, including deleting the file
Create files
Execute Execute programs and shell scripts, which are text files containing Linux commands
Modify the file permissions
Using chmod to Set Permissions
Command Permissions
Owner Group Other
chmod 755 myfile rwx r-x r-x
chmod 540 myfile r-x r-- ---
chmod 744 myfile rwx r-- r--
Do the following labs
Project 5-5 to 5-8 using Linux Giving control to groups