Resource Sharing Over a Network

advertisement
Resource Sharing Over a
Network
Guide to Operating Systems
Third Edition
Objectives
After reading this chapter and completing
the exercises you will be able to:
• Explain the principles behind sharing disks and
files on a network
• Set up accounts, groups, security, and disk and
file sharing on network server operating systems
Guide to Operating Systems, Third Edition
2
Objectives (continued)
After reading this chapter and completing
the exercises you will be able to:
• Set up disk and file sharing on client operating
systems
• Set up printer sharing on server and client
operating systems
• Discuss how network and Internet servers are
used for vast information-sharing networks
Guide to Operating Systems, Third Edition
3
Sharing Disks, Files and
Printers
• One of the first reasons for linking a
workstation’s operating system onto a network
• NetWare was early on the scene to enable file
sharing through a server
– by downloading a file from a file server
– by purchasing third-party software to create a
special shared drive
Guide to Operating Systems, Third Edition
4
Sharing Disks, Files and
Printers (continued)
• Share entire applications over the network
– Download the entire executable
– Only one version needed on the server
• Mapping
– enables a client workstation to attach to the shared
drive of another workstation or server
– drive letter assigned
Guide to Operating Systems, Third Edition
5
Sharing Disks, Files and
Printers (continued)
• Mounted volume
– term used in UNIX/Linux and Mac OS X for a mapped
drive
Guide to Operating Systems, Third Edition
6
Securing Shared Resources
• Potential security risk for non-authorized users
to access a file or use a printer
• Operating systems discussed in this book offer
security measures
Guide to Operating Systems, Third Edition
7
Sharing Disks and Files
Through Server Network
Operating Systems
• Examples of server network operating systems
that share disks and files over a network
– Windows 2000 Server
– Windows Server 2003
– UNIX/Linux
– Mac OS X Server
– NetWare
Guide to Operating Systems, Third Edition
8
Sharing Disks and Files
Through Server Network
Operating Systems
• Network administrator may establish security
– by assigning accounts, account passwords, groups,
and access privileges
Guide to Operating Systems, Third Edition
9
Windows 2000 Server and
Windows Server 2003
• Uses accounts, groups, and permissions
• Steps involved include setting up the following:
– Groups
– User accounts
– Account policies
– Permissions
– Shared disk and folders
Guide to Operating Systems, Third Edition
10
Windows 2000 Server and
Windows Server 2003
(continued)
• Use groups to manage resources and
permissions
– Local
– Domain local
– Global
– Universal
Guide to Operating Systems, Third Edition
11
Windows 2000 Server and
Windows Server 2003
(continued)
• Groups are defined as security or
distribution groups
• Security groups
– used to enable access to resources on a
standalone server or in Active Directory
• Distribution groups
– used for e-mail or telephone
Guide to Operating Systems, Third Edition
12
Windows 2000 Server and
Windows Server 2003
(continued)
• Container object
– entity that is used to group together resources in a
directory service
• Tree
– consists of one or more domains
• Forest
– houses one or more trees
Guide to Operating Systems, Third Edition
13
Windows 2000 Server and
Windows Server 2003
(continued)
• Universal group guidelines
– use global groups to hold user accounts as
members
– use domain local groups to provide access to
resources in a specific domain
– use universal groups to provide extensive access
to resources
– manage user accounts access
Guide to Operating Systems, Third Edition
14
Windows NT Server
• Trusted domain
– such as college.edu
– granted access to the resources in another
domain such as research.college.edu
• Trusting domain
– research.college.edu allows access to its
resources to college.edu
Guide to Operating Systems, Third Edition
15
Windows 2000 Server and
Windows Server 2003
(continued)
• Before any accounts are created, it is wise to
establish the account policies
• Three categories:
– Password security
– Account Lockout
– Kerberos security
Guide to Operating Systems, Third Edition
16
Windows 2000 Server and
Windows Server 2003
(continued)
• Password security options:
– enforce password history
– maximum password age
– minimum password age
– minimum password length
– password complexity requirements
– password storage using reversible encryption
Guide to Operating Systems, Third Edition
17
Windows 2000 Server and
Windows Server 2003
(continued)
• Account lockout options:
– account lockout duration
– account lockout threshold
– reset account lockout count
Guide to Operating Systems, Third Edition
18
Windows 2000 Server and
Windows Server 2003
(continued)
• Kerberos options:
– enforce user logon restrictions
– maximum lifetime for a service ticket
– maximum lifetime for a user ticket
– maximum lifetime for a user ticket renewal
– maximum tolerance for a computer clock
synchronization
Guide to Operating Systems, Third Edition
19
Windows 2000 Server and
Windows Server 2003
(continued)
• Share
– an object given a name and made visible to network
users
• Disk or folder - shared through its properties
Guide to Operating Systems, Third Edition
20
Windows 2000 Server and
Windows Server 2003 (continued)
• Share permissions:
– Read
– Change
– Full Control
Guide to Operating Systems, Third Edition
21
Windows 2000 Server and
Windows Server 2003 (continued)
• Dialog box in Figure 9-6 has a caching button
• Caching
– enables you to set up a folder so that it can be
accessed by a client, even when the client is not
connected to the network
• Web sharing
– files available on a Web server for HTML or FTP
access
– See Tables 9-2 and 9-3
Guide to Operating Systems, Third Edition
22
Windows 2000 Server and
Windows Server 2003 (continued)
Guide to Operating Systems, Third Edition
23
Windows 2000 Server and
Windows Server 2003
(continued)
Guide to Operating Systems, Third Edition
24
Windows 2000 Server and
Windows Server 2003 (continued)
• Troubleshooting a security conflict:
– review folder and share permissions
– take into account what happens when a folder or
files are copied or moved
– inherited properties
Guide to Operating Systems, Third Edition
25
UNIX and Linux
• User identification number (UID)
– each user account in UNIX is associated with a UID
• Group identification number (GID)
– users who have common access needs
Guide to Operating Systems, Third Edition
26
UNIX and Linux (continued)
• The password file (/etc/passwd) contains :
–
–
–
–
–
–
–
user name
encrypted password or a reference to the shadow file
UID
GID
information about the user
location of the user’s home directory
which shell to use
Guide to Operating Systems, Third Edition
27
UNIX and Linux (continued)
• Shadow file (/etc/shadow) contains password
restriction information :
– minimum and the maximum number of days
between password changes
– Information on when last changed
– Warning information about password expiration
– Amount of time that the account can be inactive
before access is prohibited
Guide to Operating Systems, Third Edition
28
UNIX and Linux (continued)
• Home directories
– areas on the server in which users store data
• Information about groups is typically stored in
the /etc/group file
Guide to Operating Systems, Third Edition
29
UNIX and Linux (continued)
• Permissions are granted on the basis of
– ownership
– group membership
– other (or World)
– all (all is not used in every version of UNIX, but is included in
Red Hat Enterprise Linux)
• Permissions are set up by using the chmod command
• Chmod has two different formats, symbolic and octal
Guide to Operating Systems, Third Edition
30
NetWare
• Novell NetWare server installation
– first task is to design a file structure
• Default directories:
– SYSTEM
– PUBLIC
– LOGIN
– HOME
– APPS
– DATA
Guide to Operating Systems, Third Edition
31
NetWare (continued)
• Net Administrator tasks:
– Set security on each directory, subdirectory, and on
particular files
– Create an account and account password for each
user
– Set up groups as a way to provide shortcuts for
managing security
Guide to Operating Systems, Third Edition
32
NetWare (continued)
• Search drive
– given drive letters such as S1 for the first drive, S2
for the second drive, and so on
• Difference between a mapped network drive
and a mapped search drive
– NetWare can execute a file on a search drive,
whether the file is in the main directory or in a
subdirectory under the search drive
Guide to Operating Systems, Third Edition
33
NetWare (continued)
• A login script is a file of commands associated with an
account or a group of accounts
Guide to Operating Systems, Third Edition
34
NetWare (continued)
• A user account can be set up in ConsoleOne
using several kinds of restrictions:
– Requiring a password
– Setting a minimum password length
– Requiring that a password is changed within a
specified interval of time
– The remainder are listed on page 453 of the textbook
Guide to Operating Systems, Third Edition
35
NetWare (continued)
• Administrator can grant rights to access
specific directories, subdirectories, and
files
• The rights control the ability to:
– Perform a directory listing
– Create a new directory, subdirectory, or file
– Read contents of a directory, subdirectory, or
file
– Write to the contents of a file
– Refer to the list on page 454 of the textbook for
the rest
Guide to Operating Systems, Third Edition
36
NetWare (continued)
• Objects
– such as user accounts, groups, printers, directories,
subdirectories, files, and other resources
• Novell Directory Services (NDS)
– stores information about objects
• Leaf objects
– store information about clients
Guide to Operating Systems, Third Edition
37
Mac OS X Server
• The Mac OS X Server is designed as a true server
– file sharing
– printer sharing
– managing network users and groups
– providing Web services
• Mac OS X Server
– can support up to several thousand users
– includes the Apache Web server software
– supports TCP/IP and AppleTalk
Guide to Operating Systems, Third Edition
38
Mac OS X Server
(continued)
• Included tools
– Server Admin
– Macintosh Manager
• Share points
– shared resources on a server
Guide to Operating Systems, Third Edition
39
Mac OS X Server
(continued)
• Logging of events can include:
– Login and Logout events
– Opened files
– Newly created files
– Newly created folders
– Deleted files and folders
Guide to Operating Systems, Third Edition
40
Accessing and Sharing
Disks and Files Through Client
Network Operating Systems
• Many operating systems
– include the ability to act as clients
– to map to disks and directories on servers
Guide to Operating Systems, Third Edition
41
Accessing and Sharing Resources
in Windows 2000 Professional
• Windows 2000 Professional
– Access a shared drive over the network
– Map the drive using My Network Places
• The steps for mapping a drive are shown on
page 457
• Same process for Windows 2000 Server
Guide to Operating Systems, Third Edition
42
Accessing and Sharing
Resources in Windows XP
• Uses My Network Places to locate and map
network drives
• Fastest way to access My Network Places is to
use the steps on page 458
Guide to Operating Systems, Third Edition
43
Accessing and Sharing
Resources in Windows XP
(continued)
Guide to Operating Systems, Third Edition
44
Accessing Shared Resources
via UNIX/Linux and Specialized
Utilities
• Network File System (NFS)
– provides file transfer capabilities
• NFS in Red Hat Enterprise Linux 3.0
– enable portmap
– enable rpc.mountd
– enable rpc.nfsd
Guide to Operating Systems, Third Edition
45
Accessing Shared Resources
via UNIX/Linux and Specialized
Utilities (continued)
• UNIX/Linux can access share Windows
2000/XP/Server 2003 with Samba
Guide to Operating Systems, Third Edition
46
Accessing and
Sharing Resources via Mac
OS X
• In Mac OS X, you connect to another computer that is sharing a
disk or folder by using the Go menu
• To mount a shared drive
– open the Go menu
– select Connect To
Server
– enter address of
server
Guide to Operating Systems, Third Edition
47
Accessing and
Sharing Resources via Mac OS X
(continued)
• Establish the network
identity and turn on
file sharing through
System Preferences
• Privileges are set in
order to enable
access
Guide to Operating Systems, Third Edition
48
Sharing Printing Devices
• Operating systems discussed in this
book have the ability to share printers as
well as disks, directories, and files
Guide to Operating Systems, Third Edition
49
Windows-based Systems
• Configure printing by using the Add
Printer Wizard
• Once a printer is set up, it appears in the
Printers folder
• In Windows XP and Windows Server 2003,
click Start, and click Printers and Faxes
• Right-click the printer to access menu
options
Guide to Operating Systems, Third Edition
50
Windows-based Systems
(continued)
• Windows 2000/XP/Server 2003 share
permissions:
– Print
– Manage Documents
– Manage Printers
– Special permissions
Guide to Operating Systems, Third Edition
51
UNIX/Linux
• UNIX printing
– log on to the UNIX server and printing to one of its
printers
– set up to use the BSD or the SVR4 spooling system
as describe in Chapter 5
• Red Hat Enterprise Linux 3.0
– GNOME Print Manager tool
Guide to Operating Systems, Third Edition
52
NetWare
• Shared printing
– queue-based printing
– Novell Distributed Print Services (NDPS)
Guide to Operating Systems, Third Edition
53
Mac OS X
• Methods of printer sharing
– can make a connected local printer available to
other computers running the Mac OS on a
network
– can attach to a shared printer offered by another
workstation on the network
Guide to Operating Systems, Third Edition
54
Network and
Internet Resource Servers
• Resource Servers
– NetWare
– UNIX/Linux
– Windows 2000/Server 2003
– Mac OS X servers
Guide to Operating Systems, Third Edition
55
Network and
Internet Resource Servers
• Functions
– e-mail
– e-commerce
– video-conferencing
– multimedia
– client/server applications
– web servers
Guide to Operating Systems, Third Edition
56
Summary
• Resource sharing is why networks exist and
are thriving
• Security is important for network resources
• Groups, user accounts, and permissions
permit or restrict access as determined by
the administrator
Guide to Operating Systems, Third Edition
57
Summary (continued)
• Client operating systems have utilities to
enable access or share resources over the
network
• Network server operating systems continue to
provide more and more ways to share
resources
Guide to Operating Systems, Third Edition
58
Download