book

Linux in a Windows World

by Roderick W Smith

February 2005

Beginner

496 pages

16h 10m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Audience

Where Linux Fits in a Network
Linux Server CapabilitiesTypical Linux Server HardwareTypical Linux Server SoftwarePicking a distribution for server usePicking individual server programs
Linux Server OptionsLinux File and Print ServersLinux Authentication ServersRemote Login ServersMail ServersMiscellaneous Linux Servers
Installing Samba
Configuration File SectionsParameters, Values, and CommentsVariables and Their UsesThe include Parameter
NetBIOS Name OptionsWorkgroup Name OptionsMiscellaneous Identification Options
Password IssuesUsing Cleartext PasswordsUsing Encrypted PasswordsUsing a Password ServerSetting the security modeUsing server-level securityUsing domain-level security
Common File Share OptionsDefining a File ShareSetting Write AccessSetting Filename OptionsSetting Access Control FeaturesSetting Linux ownershipSetting Linux permissionsMapping DOS-style flagsUsing ACLsEnabling Unix extensions
Installing CUPSAdding Printers to CUPSAdjusting CUPS Browsing and Security
File Shares Versus Printer SharesSharing PostScript PrintersSharing Non-PostScript Printers
Picking a DriverDefining Necessary SharesInstalling the Driver on the ServerInstalling drivers from LinuxInstalling drivers from Windows NT/200x/XPInstalling Drivers on Clients
The [homes] ShareA Windows Program ShareFile-Exchange SharesThe [printers] ShareA PDF-Generation Printer Share
Enabling Domain Controller FunctionsThe Role of a Domain ControllerDomain Controller ParametersMaintaining the Password DatabaseConfiguring Machine Trust AccountsCommon Domain Controller File SharesConfiguring domain logon sharesConfiguring roaming profilesConfiguring Windows Clients and Servers as Domain MembersActivating Windows 9x/Me domain membershipActivating Windows NT/200x/XP domain membership
The Role of the NBNS SystemDefining Samba NBNS FunctionsDelivering NBNS Information via DHCPDHCP server configurationWindows client configuration
The Role of the Master BrowserWinning (or Not Winning) Local Master Browser ElectionsConfiguring Samba Domain Master Browser Features
Using NetBIOS Name ResolutionSetting Name Resolution Options in smb.confUsing NetBIOS Name Resolution in Non-Samba Programs
Using smbclientMounting Shares Using smbmountMounting Shares Using mountUsing the smbfs driverUsing the cifs driverEditing /etc/fstabFile Share Access Limitations
Printing Using smbclientDefining SMB/CIFS Printers Using CUPSDefining SMB/CIFS Printers Using LPRng or BSD LPD
A Rundown of GUI Network BrowsersUsing LinNeighborhoodUsing Konqueror
The Principles Behind WinbindThe Problem: Linux Users on an NT DomainLinux’s PAM and NSS SystemsWinbind: Linking PAM and NSS to an NT Domain
Winbind Options in smb.confRunning the Winbind Daemon
NSS and PAM Winbind ModulesConfiguring NSSConfiguring PAM
Testing Winbind OperationWinbind Logins
The Principles Behind LDAPThe Problem: Providing a Network-Accessible DirectoryLDAP Terminology and FeaturesLDAP Software
Obtaining and Installing OpenLDAPBasic OpenLDAP ConfigurationPreparing Keys and CertificatesRunning the Server
Distinguished NamesUnderstanding LDIFCreating the DirectoryAccount Maintenance
LDAP, PAM, and NSSBasic LDAP Client ConfigurationConfiguring the LDAP NSS ModulesConfiguring the LDAP PAM ModulesVerifying Proper Functioning
Obtaining and Installing pGinaRegistering Your CertificateConfiguring pGina for LDAP Client Use
Kerberos FundamentalsThe Problem: Centralized Single-Authentication LoginsAn Overview of Kerberos OperationKerberos Tools for LinuxWindows and Kerberos
Kerberos Realm ConfigurationEditing krb5.confEditing kdc.confCreating a Master KeyRealm AdministrationCreating principalsACL definitionsRunning the KDC
Setting Up KerberosPreparing Application Server PrincipalsRunning the Servers
Preparing Kerberos ClientsInstalling Kerberized ClientsUsing Kerberized ClientsUsing Kerberos for Network LoginsKerberized login toolsKerberos and PAMKerberized account maintenance
Windows Kerberos ImplementationsWindows Kerberized ServersWindows Kerberized ClientsUsing Windows’ KerberosUsing Kerberos Telnet
What Can Text-Mode Logins Do?Remote Text-Mode User AccessRemote Text-Mode AdministrationTools for Remote Text-Mode Access
SSH Server Options for LinuxConfiguring an SSH ServerLaunching an SSH Server
Launching a Telnet ServerTelnet Server Security ConcernsEncryptionControlling access by IP address
Locating Client SoftwareWindows Telnet and SSH Servers
What Can GUI Logins Do?
The X Client/Server ModelX Server OptionsInitiating a Connection from a Text-Mode LoginWindows X Server ConcernsSimplifying Remote X Logins with XDMCPXDMCP basicsConfiguring XDMConfiguring KDMConfiguring GDMConfiguring an XDMCP client
Advantages and Disadvantages of X SSH TunnelingSSH Server OptionsSSH Client Options and Use
VNC VersionsConfiguring a Linux VNC ServerX and VNC interactionsTraditional user VNC server sessionsLinking VNC to an XDMCP serverKDE’s VNC featuresConfiguring a Windows VNC ServerUsing a VNC ClientEncrypting VNC Connections
The Role of Thin Client ComputingTypes of Thin Client ComputingWhen to Use Thin Client Computing
Server RequirementsClient RequirementsNetwork Hardware Requirements
Linux Distribution Selection and ConfigurationXDMCP and VNC OptionsDHCP ConfigurationTFTP Configuration
Distribution Selection and InstallationConfiguring PXESTesting Your PXES ImageBooting a Thin Client from the Network
Linux Mail Server OptionsPush Mail Versus Pull Mail ProtocolsLinux SMTP Server OptionsLinux POP and IMAP Server OptionsMail Security Concerns
Sendmail Configuration FilesSendmail Address OptionsSendmail Relay OptionsConfiguring sendmail to relay mailConfiguring sendmail to use a relayConfiguring sendmail to forward mail
Postfix Configuration FilesPostfix Address OptionsPostfix Relay OptionsConfiguring Postfix to relay mailConfiguring Postfix to use a relayConfiguring Postfix to forward mail
Launching POP and IMAP ServersSetting Authentication OptionsAdditional Options on Advanced Servers
An Antispam and Antivirus Tool RundownSendmail Antispam OptionsPostfix Antispam OptionsUsing ProcmailCalling ProcmailThe Procmail configuration fileCreating Procmail recipesExamples of Procmail recipesUsing SpamAssassinSpamAssassin basicsCalling SpamAssassin from ProcmailCalling SpamAssassin from sendmailUsing BogofilterDiscarding or Quarantining Suspicious Attachments
The Role of FetchmailConfiguring FetchmailRunning Fetchmail
Backup StrategiesBackup HardwareComplete Versus Incremental BackupsLocal Versus Network BackupsClient- Versus Server-Initiated BackupsBackup Pitfalls
A Rundown of Linux Backup PackagesUsing tar for Tape and Disk BackupsBacking Up to Optical MediaRestoring Data Locally
Pluses and Minuses of Samba BackupsUsing a Samba Backup ShareCreating a backup shareUsing a backup shareUsing smbtar for BackupsConfiguring Windows clients to share filesBacking up with smbtarRestoring Data with Samba
AMANDA PrinciplesConfiguring an AMANDA ServerAMANDA server programsSetting AMANDA optionsPreparing tapesDefining dump types and backup setsLinux AMANDA Client ConfigurationWindows AMANDA Client ConfigurationBacking Up and Restoring Data with AMANDA
Delivering IP Addresses with DHCPThe Role of DHCPKernel and Routing Requirements for DHCPDHCP Configuration FilesAssigning AddressesDynamic address assignmentFixed address assignmentTelling Clients to Use DHCP
Principles of DNSBasic Name Server ConfigurationSetting Up a DomainConfiguring forward zone filesConfiguring reverse zone filesRunning the serverPointing Clients at the Name Server
Principles of NTPNTP Server ConfigurationConfiguring Windows ClientsUsing NET SETWindows NTP clients
PAM Principles
PAM Configuration Files and FieldsModule Stacks
Standard PAM ModulesAdditional PAM Modules
Typical Login ServicesPassword ServicesAn Authentication Stack
Linux Desktop Applications for All Occasions
Global Versus User Configuration FilesLocating Configuration FilesCreating Default Desktop ConfigurationsCreating a template configurationCopying the template to be a global configurationAdding an Environment as a Login OptionRunning a GUI login toolPresenting desktop environment options
Why Run Windows Programs in Linux?Options for Running Windows Programs from Linux
Accessing Windows Disks and FilesystemsOffice File Format CompatibilityCreating and Reading PDF FilesManaging Cross-Platform Archive FilesTips for a Smooth Migration
Linux Font-Handling SystemsInstalling X Core FontsPreparing font directoriesSetting the X font pathConfiguring a font serverUsing the fontsInstalling Xft FontsInstalling Fonts in OpenOffice.org

Content preview from Linux in a Windows World

PAM and NSS Winbind Options

Getting the Winbind daemon up and running is only part of the configuration required on the domain member server. Once Winbind is functioning, you must configure PAM and NSS to use Winbind to authenticate users and return additional account information to programs that need it. These tasks are handled by special modules and configuration of these two subsystems. You may also want to configure Linux to create home directories automatically when they don’t exist.

NSS and PAM Winbind Modules

PAM and NSS both rely on modules to interface with Winbind. These module files, pam_winbind.so and libnss_winbind.so , are usually installed as part of a Samba package, such as samba-common. The pam_winbind.so file usually appears in /lib/security or /usr/lib/security. The libnss_winbind.so file usually resides in /lib and is linked to another file, libnss_winbind.so.2 (either file may be a symbolic link to the other).

If you’ve installed Samba from source code, you may need to install these libraries independently. The source code appears in the source/nsswitch subdirectory of the Samba source code package, and the compiled libraries should appear there after you build the main Samba package. (These files appear only if you select the --with-pam configure option.) Copy the files to appropriate directories, and create an appropriate link for the libnss_winbind.so file. You can then type ldconfig to force Linux to reexamine the library directories and register the new ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Learn Windows Subsystem for Linux: A Practical Guide for Developers and IT Professionals

Publisher Resources

ISBN: 0596007582

Linux in a Windows World

by Roderick W Smith

PAM and NSS Winbind Options

NSS and PAM Winbind Modules

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Learn Windows Subsystem for Linux: A Practical Guide for Developers and IT Professionals

Linux Networking Cookbook

Ubuntu 20.04 Essentials

Basic Linux Terminal Tips and Tricks: Learn to Work Quickly on the Command Line

Publisher Resources

PAM and NSS Winbind Options

NSS and PAM Winbind Modules

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Learn Windows Subsystem for Linux: A Practical Guide for Developers and IT Professionals

Linux Networking Cookbook

Ubuntu 20.04 Essentials

Basic Linux Terminal Tips and Tricks: Learn to Work Quickly on the Command Line

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.