diff options
Diffstat (limited to 'docs/docbook/projdoc/AdvancedNetworkAdmin.xml')
| -rw-r--r-- | docs/docbook/projdoc/AdvancedNetworkAdmin.xml | 348 |
1 files changed, 0 insertions, 348 deletions
diff --git a/docs/docbook/projdoc/AdvancedNetworkAdmin.xml b/docs/docbook/projdoc/AdvancedNetworkAdmin.xml deleted file mode 100644 index 3534074b2c..0000000000 --- a/docs/docbook/projdoc/AdvancedNetworkAdmin.xml +++ /dev/null @@ -1,348 +0,0 @@ -<chapter id="AdvancedNetworkManagement"> -<chapterinfo> - &author.jht; - <pubdate>April 3 2003</pubdate> -</chapterinfo> - -<title>Advanced Network Management</title> - -<para> -This section documents peripheral issues that are of great importance to network -administrators who want to improve network resource access control, to automate the user -environment and to make their lives a little easier. -</para> - -<sect1> -<title>Features and Benefits</title> - -<para> -Often the difference between a working network environment and a well appreciated one can -best be measured by the <emphasis>little things</emphasis> that make everything work more -harmoniously. A key part of every network environment solution is the -ability to remotely -manage MS Windows workstations, remotely access the Samba server, provide customized -logon scripts, as well as other housekeeping activities that help to sustain more reliable -network operations. -</para> - -<para> -This chapter presents information on each of these areas. They are placed here, and not in -other chapters, for ease of reference. -</para> - -</sect1> - -<sect1> -<title>Remote Server Administration</title> - - -<para><quote>How do I get `User Manager' and `Server Manager'?</quote></para> - -<para> -<indexterm><primary>User Manager</primary></indexterm> -<indexterm><primary>Server Manager</primary></indexterm> -<indexterm><primary>Event Viewer</primary></indexterm> -Since I do not need to buy an <application>NT4 Server</application>, how do I get the `User Manager for Domains' -and the `Server Manager'? -</para> - -<para> -<indexterm><primary>Nexus.exe</primary></indexterm> -Microsoft distributes a version of these tools called <filename>Nexus.exe</filename> for installation -on <application>Windows 9x/Me</application> systems. The tools set includes: -</para> - -<itemizedlist> - <listitem><para>Server Manager</para></listitem> - <listitem><para>User Manager for Domains</para></listitem> - <listitem><para>Event Viewer</para></listitem> -</itemizedlist> - -<para> -Download the archived file at <ulink noescape="1" url="ftp://ftp.microsoft.com/Softlib/MSLFILES/NEXUS.EXE">ftp://ftp.microsoft.com/Softlib/MSLFILES/NEXUS.EXE.</ulink> -</para> - -<para> -<indexterm><primary>SRVTOOLS.EXE</primary></indexterm> -The <application>Windows NT 4.0</application> version of the `User Manager for -Domains' and `Server Manager' are available from Microsoft <ulink url="ftp://ftp.microsoft.com/Softlib/MSLFILES/SRVTOOLS.EXE">via ftp</ulink>. -</para> - -</sect1> - -<sect1> -<title>Remote Desktop Management</title> - -<para> -There are a number of possible remote desktop management solutions that range from free -through costly. Do not let that put you off. Sometimes the most costly solution is the -most cost effective. In any case, you will need to draw your own conclusions as to which -is the best tool in your network environment. -</para> - - <sect2> - <title>Remote Management from NoMachine.Com</title> - - <para> - <indexterm><primary>NoMachine.Com</primary></indexterm> - The following information was posted to the Samba mailing list at Apr 3 23:33:50 GMT 2003. - It is presented in slightly edited form (with author details omitted for privacy reasons). - The entire answer is reproduced below with some comments removed. - </para> - - <para><quote> - I have a wonderful Linux/Samba server running as pdc for a network. Now I would like to add remote - desktop capabilities so users outside could login to the system and get their desktop up from home or - another country. - </quote></para> - - <para><quote> - Is there a way to accomplish this? Do I need a Windows Terminal Server? Do I need to configure it so - it is a member of the domain or a BDC,PDC? Are there any hacks for MS Windows XP to enable remote login - even if the computer is in a domain? - </quote></para> - - <para> - Answer provided: Check out the new offer from NoMachine, <quote>NX</quote> software: - <ulink noescape="1" url="http://www.nomachine.com/">http://www.nomachine.com/</ulink>. - </para> - - <para> - It implements an easy-to-use interface to the Remote X protocol as - well as incorporating VNC/RFB and rdesktop/RDP into it, but at a speed - performance much better than anything you may have ever seen. - </para> - - <para> - Remote X is not new at all, but what they did achieve successfully is - a new way of compression and caching technologies that makes the thing - fast enough to run even over slow modem/ISDN connections. - </para> - - <para> - I could test drive their (public) Red Hat machine in Italy, over a loaded - Internet connection, with enabled thumbnail previews in KDE konqueror - which popped up immediately on <quote>mouse-over</quote>. From inside that (remote X) - session I started a rdesktop session on another, a Windows XP machine. - To test the performance, I played Pinball. I am proud to announce - that my score was 631750 points at first try. - </para> - - <para> - NX performs better on my local LAN than any of the other <quote>pure</quote> - connection methods I am using from time to time: TightVNC, rdesktop or - Remote X. It is even faster than a direct crosslink connection between - two nodes. - </para> - - <para> - I even got sound playing from the Remote X app to my local boxes, and - had a working <quote>copy'n'paste</quote> from an NX window (running a KDE session - in Italy) to my Mozilla mailing agent. These guys are certainly doing - something right! - </para> - - <para> - I recommend to test drive NX to anybody with a only a passing interest in remote computing - <ulink noescape="1" url="http://www.nomachine.com/testdrive.php">http://www.nomachine.com/testdrive.php</ulink>. - </para> - - <para> - Just download the free of charge client software (available for Red Hat, - SuSE, Debian and Windows) and be up and running within five minutes (they - need to send you your account data, though, because you are assigned - a real UNIX account on their testdrive.nomachine.com box. - </para> - - <para> - They plan to get to the point were you can have NX application servers - running as a cluster of nodes, and users simply start an NX session locally, - and can select applications to run transparently (apps may even run on - another NX node, but pretend to be on the same as used for initial login, - because it displays in the same window. You also can run it - fullscreen, and after a short time you forget that it is a remote session - at all). - </para> - - <para> - Now the best thing for last: All the core compression and caching - technologies are released under the GPL and available as source code - to anybody who wants to build on it! These technologies are working, - albeit started from the command line only (and very inconvenient to - use in order to get a fully running remote X session up and running.) - </para> - - <para> - To answer your questions: - </para> - - <itemizedlist> - <listitem><para> - You do not need to install a terminal server; XP has RDP support built in. - </para></listitem> - - <listitem><para> - NX is much cheaper than Citrix &smbmdash; and comparable in performance, probably faster. - </para></listitem> - - <listitem><para> - You do not need to hack XP &smbmdash; it just works. - </para></listitem> - - <listitem><para> - You log into the XP box from remote transparently (and I think there is no - need to change anything to get a connection, even if authentication is against a domain). - </para></listitem> - - <listitem><para> - The NX core technologies are all Open Source and released under the GPL &smbmdash; - you can now use a (very inconvenient) commandline at no cost, - but you can buy a comfortable (proprietary) NX GUI frontend for money. - </para></listitem> - - <listitem><para> - NoMachine are encouraging and offering help to OSS/Free Software implementations - for such a frontend too, even if it means competition to them (they have written - to this effect even to the LTSP, KDE and GNOME developer mailing lists). - </para></listitem> - </itemizedlist> - - </sect2> - -</sect1> - -<sect1> -<title>Network Logon Script Magic</title> - -<para> -There are several opportunities for creating a custom network startup configuration environment. -</para> - -<itemizedlist> - <listitem><para>No Logon Script.</para></listitem> - <listitem><para>Simple universal Logon Script that applies to all users.</para></listitem> - <listitem><para>Use of a conditional Logon Script that applies per user or per group attributes.</para></listitem> - <listitem><para>Use of Samba's preexec and postexec functions on access to the NETLOGON share to create - a custom logon script and then execute it.</para></listitem> - <listitem><para>User of a tool such as KixStart.</para></listitem> -</itemizedlist> - -<para> -The Samba source code tree includes two logon script generation/execution tools. -See <filename>examples</filename> directory <filename>genlogon</filename> and -<filename>ntlogon</filename> subdirectories. -</para> - -<para> -The following listings are from the genlogon directory. -</para> - - -<para> -<indexterm><primary>genlogon.pl</primary></indexterm> -This is the <filename>genlogon.pl</filename> file: - -<programlisting> - #!/usr/bin/perl - # - # genlogon.pl - # - # Perl script to generate user logon scripts on the fly, when users - # connect from a Windows client. This script should be called from - # smb.conf with the %U, %G and %L parameters. I.e: - # - # root preexec = genlogon.pl %U %G %L - # - # The script generated will perform - # the following: - # - # 1. Log the user connection to /var/log/samba/netlogon.log - # 2. Set the PC's time to the Linux server time (which is maintained - # daily to the National Institute of Standard's Atomic clock on the - # internet. - # 3. Connect the user's home drive to H: (H for Home). - # 4. Connect common drives that everyone uses. - # 5. Connect group-specific drives for certain user groups. - # 6. Connect user-specific drives for certain users. - # 7. Connect network printers. - - # Log client connection - #($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); - ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); - open LOG, ">>/var/log/samba/netlogon.log"; - print LOG "$mon/$mday/$year $hour:$min:$sec"; - print LOG " - User $ARGV[0] logged into $ARGV[1]\n"; - close LOG; - - # Start generating logon script - open LOGON, ">/shared/netlogon/$ARGV[0].bat"; - print LOGON "\@ECHO OFF\r\n"; - - # Connect shares just use by Software Development group - if ($ARGV[1] eq "SOFTDEV" || $ARGV[0] eq "softdev") - { - print LOGON "NET USE M: \\\\$ARGV[2]\\SOURCE\r\n"; - } - - # Connect shares just use by Technical Support staff - if ($ARGV[1] eq "SUPPORT" || $ARGV[0] eq "support") - { - print LOGON "NET USE S: \\\\$ARGV[2]\\SUPPORT\r\n"; - } - - # Connect shares just used by Administration staff - If ($ARGV[1] eq "ADMIN" || $ARGV[0] eq "admin") - { - print LOGON "NET USE L: \\\\$ARGV[2]\\ADMIN\r\n"; - print LOGON "NET USE K: \\\\$ARGV[2]\\MKTING\r\n"; - } - - # Now connect Printers. We handle just two or three users a little - # differently, because they are the exceptions that have desktop - # printers on LPT1: - all other user's go to the LaserJet on the - # server. - if ($ARGV[0] eq 'jim' - || $ARGV[0] eq 'yvonne') - { - print LOGON "NET USE LPT2: \\\\$ARGV[2]\\LJET3\r\n"; - print LOGON "NET USE LPT3: \\\\$ARGV[2]\\FAXQ\r\n"; - } - else - { - print LOGON "NET USE LPT1: \\\\$ARGV[2]\\LJET3\r\n"; - print LOGON "NET USE LPT3: \\\\$ARGV[2]\\FAXQ\r\n"; - } - - # All done! Close the output file. - close LOGON; -</programlisting> -</para> - -<para> -Those wishing to use more elaborate or capable logon processing system should check out these sites: -</para> - -<itemizedlist> - <listitem><para><ulink noescape="1" url="http://www.craigelachi.e.org/rhacer/ntlogon">http://www.craigelachi.e.org/rhacer/ntlogon</ulink></para></listitem> - <listitem><para><ulink noescape="1" url="http://www.kixtart.org">http://www.kixtart.org</ulink></para></listitem> -</itemizedlist> - -<sect2> -<title>Adding Printers without User Intervention</title> - - -<para> -<indexterm><primary>rundll32</primary></indexterm> -Printers may be added automatically during logon script processing through the use of: - -<screen> -&dosprompt;<userinput>rundll32 printui.dll,PrintUIEntry /?</userinput> -</screen> - -See the documentation in the <ulink url="http://support.microsoft.com/default.asp?scid=kb;en-us;189105">Microsoft knowledgebase article 189105.</ulink> -</para> -</sect2> - -</sect1> - -</chapter> |