Chapter 5Managing a Server

Overview Server management Examine networking models Learn how users are authenticated Manage users and groups Manage file system permissions

Managing a Server Managing a server

Access to the server Who has permission to access

Access restrictions to the server and its resource File, printer, etc.

Access control schemes can be through LAN Internet

Network Models Network model

How the server is configured and interact with the network

Two basic network models Microsoft LAN Approach

LAN Domain Working Group

Client/Server

Microsoft LAN Networking Models-Workgroup Treats each computer in the network as an

equal or peer Also called peer-to-peer networking

Each computer can be a client and a server When you allow others to access resources on

your computer, your computer is acting as a server

When you access resources on another computer, your computer is acting as a client

Microsoft LAN Networking Models-Workgroup Appropriate for networks with 10 or less

computers A number of disadvantages

Need user names and passwords of users who need resources

Difficult to keep track of changing passwords Most users do not want to administer resources

on their computer

Microsoft LAN Networking Models-Domain

One or more centralized servers (single domain) Single, centralized logon Single point of control Users can be given access to resources anywhere in

the domain

Client/Server Networking Model Networking in Linux follows the client/server model

Server provides the resource (web server) Client talks to the server (browser, e-mail program)

Server has a corresponding program that communicates with the client (runs in the background) In Windows the server program called service In Linux the server program called daemon in Linux

A Brief History: Open Platform The good old days

Octopus-like mainframes Only a few venders to choose from Farms of disks where required Applications were specific for each machine

Open platform New client/server architecture Open system allowed mix-and-match

Different application technologies could be purchased from different venders

Examples: server platform, client platform, network protocols, middleware software, etc.

What is Client/Server (C/S) Computing It started as PCs became more powerful

PCs were no longer dumb terminals Provides an open and flexible environment C/S is considered as a form of distributed

software

Distinct characteristics of C/S Server provides the service Client is considered as the customer requesting the service The server service can be shared among a number of clients Clients must request or initiate the service The location of the server in the network is transparent to

clients Transaction between C/S is message-passing based C/S architecture is scalable

horizontally (more clients can added) Vertically (more servers can be added)

The server is centrally maintained where as clients are independent of each other

Systems with C/S Architecture File servers

File sharing and file processing Data base servers

Passing file results Example: Query in DBMS server Typically one single request/reply

Transaction servers Transaction server includes DBMS and transaction monitoring Server has remote procedures run online by the client

web servers Superfat servers and thin clients Uses HTTP protocol Java was first to introduce interactive C/S forms

Client

Client

Server

Server

Internet

Client JAVA

ClientHTML

Application

Client/Server Models Where to push the application to Fat clients

The bulk of the application is running on the client The client knows how the data is organized and where it is Different clients access the same applications different ways

Fat servers The server more complicated The clients are less complex More of the code runs on the server The network interaction is minimized

ServerClient

Application

Middleware Software It is the (/) between client and server which glues them

together Allowing the client request for a service and the server

providing it Middleware can also be between server/server Two broad classes

General LAN servers, TCP/IP, Communication stacks, Queuing services, etc.

Application specific Used to accomplish a specific task Groupware specific: SMTP Internet specific: HTTP Database specific: SQL

Two-Tier vs. Three-Tier Architecture Same basic idea as fat-client versus fat-server Depends on how the application is divided between the server

and the client Two-tier servers

Examples: file servers and database server In this case the process (application logic) is buried within the

client or server (or both) Three-tier servers

Examples: Web and distributed objects In this case the process is run on the middle-tier – separated

from the user and data interface They can integrate the data from multiple sources More robust and more scalable

Client/Server Building Blocks Purpose

How to divide the application between the client and server

What are different functionalities of client and server

Basic client server model Fits various applications

Small office Small business Enterprise Global

Client

Server

Server

Client ServerMiddleware

Single Machine

Client Server

Middleware

Client Middleware

C/SMiddleware

C/S

C/S

C/S

Server Scalability

PC Server

Asymmetric Multi-processing Superserver

symmetric Multi-processing Superserver

Multiservers

Server Scalability Superserver

A very powerful server Single-server or multiserver Each server can have a single processor or multiprocessor Multiprocessing can be Asymmetric or Symmetric

Multiprocessing Asymmetric: each processor is dedicated to a specific task Fully symmetric (SMP): applications are divided into threads and threads are sent to available processors

Examples: 32-bit NT, Unix, NetWare Requires 3 basic functionalities:

Global scheduling I/O sharing structure OS access sharing

Multiservers Pool of servers, providing more processing power (also called a cluster) They divide the task between different servers

Server lite As opposed to full blown servers Provides a background process on the client machine that can accept unsolicited networks request

(refreshing database, synchronizing time, etc.)

Managing Users and Groups Users need accounts to access resources on a

server On a Web server there is a restricted account that

is used on behalf of Internet users In a LAN, users with common resource needs

are put in a group and the group is given access to the resource

Domain Domain

Users and Groups in Windows Local accounts exist on a single computer and can

be used to control resources only on that computer Domain accounts can be used to control resources

on all the computers that are part of the domain Active Directory (AD) allows domains to be

grouped into a forest Microsoft Exchange requires AD

Local Acc.

Forest

Groups in Windows Domain local groups have members from the same

domain Assign permissions to resources in the same domain

Global groups have members from the same domain Can be used to assign permissions to resources in any

domain Universal groups can have members from any

domain Can be used to assign permissions to resources in any

domain

File System Permissions

Permission allow you to control access to the resources on a computer such as a Web page, a document, or a program

In Windows, the NTFS file system is required in order to assign permissions

All Linux file systems incorporate permissions

File System Permissions in Windows

Permission Description

Full Control Full Control includes all other permissions and allows you to take ownership of the file or folder and change the attributes of a file

Modify Allows read, write, and delete

Read With this permission, you can read files but cannot execute them

Write When set on a file, this permission allows you to write to files; when set on a folder, you can write to the folder

Read & Execute Read files and run programs

List Folder Contents This permission allows you to view the contents of a folder

File System Permissions in Linux

Permissiontype

When used with files When used with directories

Read Read a file or copy a file List the contents of a directory

Write Write to the file, including deleting the file

Create files

Execute Execute programs and shell scripts, which are text files containing Linux commands

Modify the file permissions

Using chmod to Set Permissions

Command Permissions

Owner Group Other

chmod 755 myfile rwx r-x r-x

chmod 540 myfile r-x r-- ---

chmod 744 myfile rwx r-- r--

Do the following labs

Project 5-5 to 5-8 using Linux Giving control to groups