Linux and Samba in 75 MinutesEverything you need to know (almost)

Presented by Mark Minasi

author, Linux for Windows Administrators

www.minasi.com / help@minasi.com

What this talk is all aboutAs an Windows networking professional, I’ve spent the past ten years doing most of my networking work with Microsoft OSes. But I heard more and more about the Linux phenomenon and by 1999 I was intrigued to learn more about it. But I didn’t want to have to wade through the large books on the shelf that assumed that I knew nothing about networking. I wanted a short overview of what Linux was and what it was good for, how it compared to NT and how it could work with NT – and that didn’t stop to re-explain to me what a file share was.

Well, that book didn’t exist, so I set out to find out more about Linux and write that book. Here’s what I learned.

Overview

Why would (or should) a Windows support professional care about Linux?

How the Linux world works What do people use Linux for as server? What can Linux do on the desktop? Linux and Windows together Linux versus Windows!

Why Care About Linux?

Linux can complement or replace some Microsoft OS functions

Linux is the #2 OS and growing Linux licenses are free, can save money You’ll probably eventually have to deal with

interoperability Demand for Linux admins is growing Linux business model is worth understanding

How the Linux World Works

The Linux Worldwhy it’s “linnix,” not “line-ix”

In the late 80’s a writer built a free micro-Unix for teaching called Minix (“minn-icks”)

Linus Torvalds decided to build a Minix But realized he wanted to do more So he re-named it “Linux” Original Linux very basic, no networking

even Released 5 October 1991

The Linux World it’s free, but it’s not public domain

Torvalds released the OS, source code and all, to the general world, using the GNU Public License

GPL says:– Use Linux and its source in your own products– You can even charge for your product– But you must, in turn, offer your source code– And you cannot restrict others in the use of your source

It’s called “open source”

The Linux WorldBenefits of a GNU approach

To paraphrase Linus, “no bug is hard to find when many eyeballs are looking for it”

Customers can fix the bugs themselves Customers could even prove/disprove the

validity of a vendor’s claims (“UTSL”) “White box” support This isn’t a new idea (MVS, VMS, Unix…)

The Linux Worldare they the only guys?

No, just the ones with a critical mass and no AT&T interference

A similar project, the “FreeBSD” folks, turned out another excellent Unix clone

But an AT&T lawsuit scared many away and lost them time

But it’s still around in Mac OS

The Linux Worldwhy would a vendor do this?

Open source recruits the customers to help find and fix bugs

Then the firm sells support, consulting, certification, training, and other items

You need not be open source to write Linux applications

The Linux Worldthe main point about open source

Open source is the single most compelling thing about Linux.

Period.

If Linux were to accomplish nothing more than forcing others to open their source, then it would be perhaps the most significant event in this industry in decades.

The Linux Worldso how do you make money doing this?

Good question In fact many Linux companies are asking that

question One approach: support for pay (RH, SuSE) Another one: use Linux to sell hardware Novell thinks they’ll make money putting

NetWare atop Linux

Linux as a Server

What Do We Use NT For?

Mail Server, with Exchange or perhaps Notes

Web Server, with IIS Directory service (AD

or NT 4 domains)

There are other uses (routers, firewall, dial-in, mainframe gateway, etc) but they’re not major uses

File Server Print Server Database, with Oracle

or SQL Server Name server (WINS or

DNS) IP infrastructure (DHCP)

What People Use Linux For (server-wise) Web server Mail server DNS server File server Print server Firewall Router

Database server (relatively new but amazingly fast-growing)

Appliance platform

What People Don’t Use Linux For

Nowadays… Almost nothing There is even work on Linux tools using

proprietary Microsoft protocols like MAPI

Linux as a Web Server: Apache

Created as a joint effort by many; result was “a patchy server”

Good for hosting multiple sites Robust Good CGI, programming platform Cannot host Active Server Pages off-the-shelf but

Halcyon and Chilisoft as well as PHP are replacements albeit without VB support

Most popular Web server program on the Net

Linux as a Mail Serversendmail, postfix, qmail

Basic, well-understood Unix mail program Supports SMTP Does not support MAPI Nightmarish to configure Fast and robust Used by countless Unix mail servers Simpler options: postfix and qmail – but still

no picnic

Linux as a mail servergetting the mail to the user

POP3 and IMAP4 tools ship standard Web-based mail available through

SquirrelMail (also free) There are a couple of Outlookalikes; most

significant is probably Ximian Evolution

Linux as a DNS Server: BIND

Again, the standard program in its category Bind is very light on the CPU usage, so you

can put up an enterprise-strength DNS server on a Pentium 100 with 32 MB of RAM

Edit a set of ASCII files called “zone files” to modify the DNS database, or Linuxconf helps

Works flawlessly as a dynamic DNS server for AD

Linux as a Firewallipchains and iptables

ipchains/iptables commands (Kernel 2.2/2.4) Can do NAT (“IP masquerading”) so it could share

a DSL connection throughout the house Like Internet Connection Sharing A bit obtuse setup-wise but just three lines will set it

up Can implement basic security Can support dial-in

Linux as a File/Print ServerIn Windows networks

Free tool called “Samba” But more on that in a minute…

Linux as a File/Print ServerIn Unix networks

Most Unix boxes share volumes using the Network File System, NFS

Linux can be either a client or server for NFS Windows boxes would need an NFS client Printing:

– lpr (client) and lpd (server) included (“tcp/ip printing”)

– NT family has client software to talk to lpd servers

Linux on the Desktop

Can it offer Windows with less pane?

Linux and GUIs

GUI exists but is (mostly) optional Several GUIs available; simplified:

– KDE more common– GNOME competes, newer, from the GNU folks

You shouldn’t have to put a GUI on but some Linuxes misguidedly mandate it

In general a Linux GUI app that works on KDE works on GNOME and vice versa

Do I have to use a GUI?windows icons mice & pull-down menus = WIMP interface

No, Linux has a long tradition of command line tools, very powerful ones

Called a “shell” program Linux uses “bash,” the Bourne Again SHell Great power lies in its script-ability Once more powerful than Windows scripting

but MSH and WSH change that

Are there apps for Linux?now that I’ve got the GUI up…

The good news: several application suites– Star Office– OpenOffice– Some great free ones, including a Pilot organizer

The bad news: they’re just not as good as the Windows offerings, lack the “fit and finish,” and the integration

Worse, most are spottily improved – no “corporate presence” to keep things going for years

Making It Work

What will I need to run it?

Making it WorkWhere do I get Linux?

Many, many Linux “distros” Two big players:

– RedHat: $180-2500/year/system– SuSE: $110/desktop, $800/server, $1250 for

“open exchange” server w/10 CALs– Many more at www.linux.org/dist/list.html

Making it WorkWill Linux Work On My Hardware?

Maybe; drivers are written by volunteers Really new stuff and expensive stuff may lack

drivers Video configuration can be a nightmare although

it’s gotten better PCMCIA NIC configuration fails on many systems Laptops offer more challenges than desktops Printer drivers can be hard to find

Making it WorkHmmm, then what about support?

Who’s going to support a free operating system? The idea is that you give away the software and

charge for support Again, all support people have source code access

in the Linux world, not just a few Linux firms offer answer-all-questions annual fees

that can be reasonable But it’s not like they’re going to write drivers for you And if you want a chuckle, pull down the HCL

What about free support?

There are a lot of “howto” documents at ldp.org, the Linux Documentation Project

Google Groups has often answered questions for me

What about asking questions on Linux newsgroups?

My advice: assume a female screen name and claim to be 22 years old

Interoperating with Microsoft

InteropCan Linux Co-exist With MS OSes?

It can read and write FAT and FAT32 Can read NTFS, writing’s dicey Most need a special “EXT3” partition and a

“Linux swap” partition Strongly recommend Partition Magic! Can dual-boot using LILO or GRUB Flexible and powerful but not always

implemented well

Interopcan I run Microsoft apps on it?

An old tool called dosemu will run many DOS apps For Windows apps, the news isn’t as good A tool called WINE looked pretty good in 1999 But in the middle of a revamping it sort of faded

away There are RDP clients for Linux; one answer Or there’s VMWare

Interopwhat about Samba?

Very significant tool that just keeps getting better

Started out as a project to support interop with Digital PathWorks

Basic goal is to implement file server and client tools using the Server Message Block (SMB) protocols and now CIF

Sambaclient-side

Linux boxes can do the equivalent of a NET USE to a Windows server

Tools: smbmount and smbclient SMB signing may be an issue but honestly

even Microsoft is having trouble with it and Samba 3.0 seems to have it licked

Sambawhat the server can do

Make a Linux box act as a– Workgroup server– NT 4 or AD domain member server– WINS server– NT 4 PDC

Support LM, NTLM, NTLMv2, Kerberos Usually significantly faster than Windows at

file sharing

Sambaconfiguring it

Controlled with a text configuration file /etc/samba/smb.conf

Or use a Web-based configuration tool called swat (“Samba Web administration tool”)

Sambathe hard part… integrating accounts

Once a Samba box is part of a domain then we can do the usual permissions and authentications

Relatively new tool Winbind makes this much simpler

Once installed, any domain member can sit down at a Linux box and log in using domain credentials, with no corresponding local account on the Linux box

Bottom Line:Windows vs Linux

let’s see, I put that asbestos suit somewhere…

Linux Pros

Faster SMB file server than NT Basic Internet infrastructure (Web, mail,

DNS, firewall, router) tools excellent Inexpensive, the perfect second DNS server Open source model may offer better quality

overall Uptime: you can often change a driver

without rebooting

More Linux Pros

Most tools that come out for various Unixes will run on Linux

Although there are many versions, they’re all compatible

It’s possible to refine a copy of Linux to do just one thing, and do it amazingly quickly – rip out the stuff you don’t need, crank the buffer sizes, and get knock-your-socks-off performance

Per-system license costs may be very low

Linux Cons

A real challenge to set up Drivers and apps are scarcer Often can’t support MS standards like MAPI

or Active Server Pages Not as good at multiprocessor as NT Retraining – ever recompiled a kernel? Less flexible permissions structure

More Linux Cons

GUI is less polished than Windows I believe that the Linux developer community

is, in general, not committed to the kind of hand-holding that Windows does as a matter of course

Recommendationsfirst steps

Get it and start playing with it! Get several distributions, although I

recommend SuSE at the moment Consider setting up a Samba server as a

domain member, or perhaps a DNS, Web or mail server

Thanks!

I hope you enjoyed this talk Questions? I’m at help@minasi.com I invite you to sign up for my free e-

newsletter at www.minasi.com Please consider buying The NT Expert’s

Guide to Linux when it’s finished www.minasi.com/linux for PPT

Linux and Security

Linux and Security

One point where Linux and Unix differ Uses permissions & user accounts, as in NT But you don’t make users admins; rather,

they all just share the “root” password You can only set permissions for one user

account and one group Then you set “world” permissions for anyone

who’s not that user or in that group

Interop Areas

Coexistence– Bind, Apache, Sendmail, ftp

Mimicry– Samba, LPR/LPD, RDP clients for Linux

Directory Sync– Some products, none shipping yet

Emulation– dosemu, wine