Title: Managing a Server
1Chapter 5
2Overview
- Server management
- Examine networking models
- Learn how users are authenticated
- Manage users and groups
- Manage file system permissions
3Managing a Server
- Managing a server
- Access to the server
- Who has permission to access
- Access restrictions to the server and its
resource - File, printer, etc.
- Access control schemes can be through
- LAN
- Internet
4Network Models
- Network model
- How the server is configured and interact with
the network - Two basic network models
- Microsoft LAN Approach
- LAN Domain
- Working Group
- Client/Server
5Microsoft LAN Networking Models-Workgroup
- Treats each computer in the network as an equal
or peer - Also called peer-to-peer networking
- Each computer can be a client and a server
- When you allow others to access resources on your
computer, your computer is acting as a server - When you access resources on another computer,
your computer is acting as a client
6Microsoft LAN Networking Models-Workgroup
- Appropriate for networks with 10 or less
computers - A number of disadvantages
- Need user names and passwords of users who need
resources - Difficult to keep track of changing passwords
- Most users do not want to administer resources on
their computer
7Microsoft LAN Networking Models-Domain
- One or more centralized servers (single domain)
- Single, centralized logon
- Single point of control
- Users can be given access to resources anywhere
in the domain
8Client/Server Networking Model
- Networking in Linux follows the client/server
model - Server provides the resource (web server)
- Client talks to the server (browser, e-mail
program) - Server has a corresponding program that
communicates with the client (runs in the
background) - In Windows the server program called service
- In Linux the server program called daemon in Linux
9A Brief History Open Platform
- The good old days
- Octopus-like mainframes
- Only a few venders to choose from
- Farms of disks where required
- Applications were specific for each machine
- Open platform
- New client/server architecture
- Open system allowed mix-and-match
- Different application technologies could be
purchased from different venders - Examples server platform, client platform,
network protocols, middleware software, etc.
10What is Client/Server (C/S) Computing
- It started as PCs became more powerful
- PCs were no longer dumb terminals
- Provides an open and flexible environment
- C/S is considered as a form of distributed
software
11Distinct characteristics of C/S
- Server provides the service
- Client is considered as the customer requesting
the service - The server service can be shared among a number
of clients - Clients must request or initiate the service
- The location of the server in the network is
transparent to clients - Transaction between C/S is message-passing based
- C/S architecture is scalable
- horizontally (more clients can added)
- Vertically (more servers can be added)
- The server is centrally maintained where as
clients are independent of each other
12Systems with C/S Architecture
- File servers
- File sharing and file processing
- Data base servers
- Passing file results
- Example Query in DBMS server
- Typically one single request/reply
- Transaction servers
- Transaction server includes DBMS and transaction
monitoring - Server has remote procedures run online by the
client - web servers
- Superfat servers and thin clients
- Uses HTTP protocol
- Java was first to introduce interactive C/S forms
Internet
Application
Client HTML
Server
Client JAVA
13Client/Server Models
- Where to push the application to
- Fat clients
- The bulk of the application is running on the
client - The client knows how the data is organized and
where it is - Different clients access the same applications
different ways - Fat servers
- The server more complicated
- The clients are less complex
- More of the code runs on the server
- The network interaction is minimized
Application
Server
Client
14Middleware Software
- It is the (/) between client and server which
glues them together - Allowing the client request for a service and the
server providing it - Middleware can also be between server/server
- Two broad classes
- General
- LAN servers, TCP/IP, Communication stacks,
Queuing services, etc. - Application specific
- Used to accomplish a specific task
- Groupware specific SMTP
- Internet specific HTTP
- Database specific SQL
15Two-Tier vs. Three-Tier Architecture
- Same basic idea as fat-client versus fat-server
- Depends on how the application is divided between
the server and the client - Two-tier servers
- Examples file servers and database server
- In this case the process (application logic) is
buried within the client or server (or both) - Three-tier servers
- Examples Web and distributed objects
- In this case the process is run on the
middle-tier separated from the user and data
interface - They can integrate the data from multiple sources
- More robust and more scalable
16Client/Server Building Blocks
- Purpose
- How to divide the application between the client
and server - What are different functionalities of client and
server - Basic client server model
- Fits various applications
- Small office
- Small business
- Enterprise
- Global
Single Machine
Middle ware
Client
Server
Middle ware
Server
Client
Server
Client
Middle ware
C/S
C/S
C/S
C/S
17Server Scalability
18Server Scalability
- Superserver
- A very powerful server
- Single-server or multiserver
- Each server can have a single processor or
multiprocessor - Multiprocessing can be Asymmetric or Symmetric
- Multiprocessing
- Asymmetric each processor is dedicated to a
specific task - Fully symmetric (SMP) applications are divided
into threads and threads are sent to available
processors - Examples 32-bit NT, Unix, NetWare
- Requires 3 basic functionalities
- Global scheduling
- I/O sharing structure
- OS access sharing
- Multiservers
- Pool of servers, providing more processing power
(also called a cluster) - They divide the task between different servers
- Server lite
- As opposed to full blown servers
- Provides a background process on the client
machine that can accept unsolicited networks
request (refreshing database, synchronizing time,
etc.)
19Authenticating Users
- Process of determining a user's true identity
- Three basic methods
- What you know user name and passwords
- What you have entry card
- Who you are biometrics
20Implementing an Authentication System
- If a Windows network has older computers running
NT, 95, or 98, the server must use NTLM - It is not as secure as Kerberos, which is the
default for Windows 2000, 2003, and XP - Authentication system developed by MIT
- Allows two parties exchange private information
- Uses the ticket (key) mechanism
21Managing Users and Groups
- Users need accounts to access resources on a
server - On a Web server there is a restricted account
that is used on behalf of Internet users - In a LAN, users with common resource needs are
put in a group and the group is given access to
the resource
22Users and Groups in Windows
- Local accounts exist on a single computer and can
be used to control resources only on that
computer - Domain accounts can be used to control resources
on all the computers that are part of the domain - Active Directory (AD) allows domains to be
grouped into a forest - Microsoft Exchange requires AD
Forest
Domain
Domain
Local Acc.
23Groups in Windows
- Domain local groups have members from the same
domain - Assign permissions to resources in the same
domain - Global groups have members from the same domain
- Can be used to assign permissions to resources in
any domain - Universal groups can have members from any domain
- Can be used to assign permissions to resources in
any domain
24File System Permissions
- Permission allow you to control access to the
resources on a computer such as a Web page, a
document, or a program - In Windows, the NTFS file system is required in
order to assign permissions - All Linux file systems incorporate permissions
25File System Permissions in Windows
Permission Description
Full Control Full Control includes all other permissions and allows you to take ownership of the file or folder and change the attributes of a file
Modify Allows read, write, and delete
Read With this permission, you can read files but cannot execute them
Write When set on a file, this permission allows you to write to files when set on a folder, you can write to the folder
Read Execute Read files and run programs
List Folder Contents This permission allows you to view the contents of a folder
26File System Permissions in Linux
Permission type When used with files When used with directories
Read Read a file or copy a file List the contents of a directory
Write Write to the file, including deleting the file Create files
Execute Execute programs and shell scripts, which are text files containing Linux commands Modify the file permissions
27Linux Permissions
- Permissions are set for user, group, and others
- Each permission is set with a single digit from 0
to 7 based on the combination of permissions - read 4
- write 2
- execute 1
28Using chmod to Set Permissions
Command Permissions Permissions Permissions
Command Owner Group Other
chmod 755 myfile rwx r-x r-x
chmod 540 myfile r-x r-- ---
chmod 744 myfile rwx r-- r--
29Do the following labs
- Project 5-5 to 5-8 using Linux
- Giving control to groups