2440: 141 Web Site Administration Server Management Instructor:
Enoch E. Damson
Slide 2
Web Administrator's View of Server Management The Web server
software is a product that works with the operating system The
server computer can run more than one software product such as
e-mail and FTP With both a LAN and the Web, access control is very
important Server Management2
Slide 3
Networking Models Two main approaches to networking includes:
Microsoft LAN approach to networking Client/server approach to
networking Server Management3
Slide 4
Microsoft LAN Networking Models Microsoft Windows LAN is
configured using one of these two models: Workgroup Domain The
model determines how users are organized Server Management4
Slide 5
Workgroup Networking Model Treats each computer in the network
as an equal, or peer Also called peer-to-peer networking Each
computer is a client and a server When you allow others to access
resources on your computer, your computer is acting as a server
When you access resources on another computer, your computer is
acting as a client Appropriate for networks with 10 or less
computers Server Management5
Slide 6
Workgroup Networking Model Disadvantages: Most users do not
want to administer resources on their computer Need user names and
passwords of users who need resources Difficult to keep track of
changing passwords Server Management6
Slide 7
Domain Networking Model One or more servers centralize control
Computers are part of a domain Single, centralized logon Single
point of control Users can be given access to resources anywhere in
the domain Server Management7
Slide 8
Client/Server Networking Model Client represents a program such
as a browser or an e-mail client Server has a corresponding program
that communicates with the client Client and server communicate
using a protocol Web browsers (client) and Web servers use HTTP to
communicate Access to servers controlled by a service/daemon
Networking in Linux follows the client/server model Each computer
has its own database of users/passwords Server Management8
Slide 9
Server Users User account consists of a username and password
to identify each user Usually has a home directory for storing
files User owns any files created in the home directory Usually a
users email address (if an email service is provide on the system)
Users can log in and upload files if an FTP server is running on
the machine Users & Documents9
Slide 10
User Accounts Systems administrators need to maintain user
accounts by: Creating new user accounts Maintaining the integrity
of user accounts Deleting accounts of users not needing access
Scripts can be used to speed things up when creating many user
accounts Users & Documents10
Slide 11
Creating User Accounts Creating an account generally involves:
Creating a home directory for a user Setting permissions and groups
Installing any login scripts or default directories and files for
the user Configuring e-mail if necessary Users &
Documents11
Slide 12
Maintaining User Accounts With many users, the users home
directories should all be in a partition or drive separate from the
core operating system Keeps the server running smoothly even if
users fill available space on the drive Users must be given a quota
to keep them from taking up too much space Users &
Documents12
Slide 13
Authenticating Users Authentication the process of determining
a users true identity Process of determining a user's true identity
Three basic methods What you know user name and passwords What you
have entry card Who you are biometrics Windows authentication could
be accomplished using: Kerberos developed at MIT to allow exchange
of private information across a network Certificates guarantees the
identify of an organization or user Server Management13
Slide 14
Managing Users and Groups Users need accounts to access
resources on a server On a Web server there is a restricted account
that is used on behalf of Internet users In a LAN, users with
common resource needs are put in a group, and the group is given
access to the resource Server Management14
Slide 15
Managing Users and Groups Windows has an account called system
It represents the operating system and it has many of the same
privileges of the administrator Often needed by server programs
Linux typically uses unique accounts for each daemon Server
Management15
Slide 16
Users and Groups in Windows Local accounts exist on a single
computer and can be used to control resources only on that computer
Domain accounts can be used to control resources on all the
computers that are part of the domain Active Directory (AD) allows
domains to be grouped into a forest Server Management16
Slide 17
Groups in Windows Domain local groups have members from the
same domain Assign permissions to resources in the same domain
Global groups have members from the same domain Can be used to
assign permissions to resources in any domain Universal groups can
have members from any domain Can be used to assign permissions to
resources in any domain Server Management17
Slide 18
Users and Groups in Linux Properties of user accounts
ItemDescription User nameLogon name of the user Full nameThe full
name of the user or any comment PasswordThe password must be at
least six characters Home directoryThe default is /home/username
GroupThe default is to create a group with the same name as the
user Login shellThe default is /bin/bash, which determines the
characteristic of the shell environment Server Management18
Slide 19
File System Permissions Permission allow you to control access
to the resources on a computer such as a Web page, a document, or a
program In Windows, the NTFS file system is required in order to
assign permissions All Linux file systems incorporate permissions
Server Management19
Slide 20
File System Permissions in Windows PermissionDescription Full
ControlIncludes all other permissions and allows ownership of the
file or folder and change the attributes of a file ModifyAllows
read, write, and delete ReadRead files but cannot execute them
WriteWrite to files or folders Read & ExecuteRead files and run
programs Special PermissionsView the contents of a folder Server
Management20
Slide 21
File System Permissions in Linux PermissionUsed on FilesUsed on
Directories Read (r)Read a file or copy a fileList the contents of
a directory Write (w)Write to the file, including deleting the file
Create files Execute (x)Execute programs and shell scripts, which
are text files containing Linux commands Modify the file
permissions Server Management21
Slide 22
Linux File Permission Commands The following commands are used
for Linux permissions: umask sets the default file/directory
permission chmod changes the access permissions of a file or
directory chgrp changes the group associated with a file chown
changes the owner associated with a file Server Management22
Slide 23
Linux File Permissions Permissions are set for three types of
users: User (u) Group (g) Others (o) The three permissions (with
their numeric values) are: Read (r) = 4 Write (w) = 2 Execute (x) =
1 Linux permissions may be set using the chmod command in two ways:
Numeric values Mnemonics Server Management23
Slide 24
Mnemonic Characters for Linux File Permissions Types of users:
a all u user g group o other Permissions: d directory r read (4) w
write (2) x execute (1) - none (0) Actions: = assigns permission +
adds permission - removes permission Use commas to separate
assignment units, with no spaces Server Management24
Slide 25
Linux File Permission Examples Using umask The umask command
uses the numeric values for read (4), write (2) and execute (1)
permissions to determine which ones will be unavailable to the
category of users (user, group, others) when a file is created
Setting default file permissions for all three categories of users
(user, group, others) to have all (read, write and execute)
permissions umask 000 Setting default file permissions for all
three categories of users (user, group, others) to have none of the
permissions (read, write and execute) umask 777 Server
Management25
Slide 26
Setting Linux Default File Permissions CommandDefault
Permissions UserGroupOther umask 011 rwxrw- umask 233 r-xr-- umask
000 rwx Server Management26
Slide 27
Linux File Permission Examples Using chmod Assigning read,
write and execute permissions to all users on a file: chmod a=rwx
file chmod ugo=rwx file chmod u=rwx,g=rwx,o=rwx file chmod 777 file
Assigning read, write permissions to user and execute permission to
group and other users on a file: chmod u=rw,go=x file chmod 611
file Adding read, write permissions to all users on a file: chmod
ugo+rw file chmod a+rw Adding read, write permissions to user and
group; and execute permission to other users on a file: chmod
ug+rw,o+x file Removing read, write permissions from all users:
chmod a-rw file chmod ugo-rw file Removing write permission from
group and other users: chmod go-w file Server Management27
Slide 28
Setting Linux File Permissions Using Numeric Values
CommandPermissions UserGroupOther chmod 755 myfile rwxr-x chmod 540
myfile r-xr----- chmod 744 myfile rwxr-- Server Management28
http://permissions-calculator.org
Slide 29
Setting Linux File Permissions Using Mnemomics
CommandPermissions UserGroupOther chmod u=rwx,go=rx myfile rwxr-x
chmod u=rx,g=r,o= myfile r-xr----- chmod u=rwx,go=r myfile rwxr--
Server Management29 http://permissions-calculator.org
Slide 30
Sharing Resources in a Windows Network Shared folders require
permissions When comparing share permissions and NTFS permissions,
the most restrictive permission takes precedence
PermissionDescription Full ControlAllow files to be added, deleted,
changed, and read ChangeAllow existing files to be written to
ReadCan only read files Server Management30
Slide 31
Enforcing Network Policies You can control a number of policies
in both Windows and Linux Windows has many more policies but the
majority are appropriate for LANs A common policy involves
passwords Number of days before change allowed Number of days
before change required Server Management31
Slide 32
Document Hierarchy Files and directories on Web servers are
organized in a file system. File system determines: Where files are
stored on a computers hard drive How many letters a filename can
contain The security of files stored on the computer There are many
different file systems and most modern operating systems can
support more than one Users & Documents32
Slide 33
Common File Systems Some of the most common file systems are:
FAT32 Microsoft file system NTFS Windows NT file system UFS UNIX
file system ext3, ext4 Linux file system HFS Macintosh hierarchical
file system NFS Network file system Users & Documents33