Linux Enterprise Desktops

[Robert Meyer]

Well, I'm not feeling well today, but here goes an attempt to put together a
cohesive thought process...

I worked with a mess of NT systems and Unix servers at UB.  We had a system set
up where a user could log on anywhere and get access to the capabilities of
both NT and Unix things.

The key to the whole thing is the ability to replicate mount home directories
whereever the user logged in.

Start with a good NIS/NIS+ domain with all of your users entered in the
database.  Remember that your machine names cannot match your user names in
Windows space since machines and users live in the same namespace.

The next step is to utilize the automounter in Linux/Unix to handle home
directories (and application directories if you desire).  Make the automounter
configuration file an NIS map so that it can be modified in one place.

Now you have removed the need for administering password files and home
directories on an individual basis on the Linux/Unix systems.

Create a global 'local' file system that can be mounted/automounted on all of
the unix workstations.  Create 'etc', 'lib', 'bin' directories in this tree. 
The next bit is where you use your enterprise skills to build a global
'profile'/'cshrc'/'bashrc'/whatever set of scripts that each user will get in
Unixland.  You will modify the '/etc/(whatever shell users use)' on the
workstations (probably in your default install process) that sources the files
from the '/usr/local' (or whatever you called it) file system.  This way, you
have a single place to change what the user gets in his startup.  This
replicates the 'login.cmd' from NT that would be pulled from the PDC.

You will probably want to make a spot to stuff applications and make an NIS(+)
automounter map to locate programs so that you don't have to install every
application on every machine.

There are a number of other things that can be done to consolidate the Unix
environment that escape me now but you get the idea.

You will not be able to get rid of windows for the moment, since there are a
lot of apps that your users will want that won't have equivalents in Unixland,
yet.  As has been mentioned before, set up a Win2K system with Citrix Metaframe
and make sure that you have the Citrix client available on all of the Unix
machines, either through the automounted utility file system (preferred) or
install on each machine.  This will enable your users to access the Windows
apps that you intend to use.

Set up Samba as a PDC on your Unix/Linux server and teach it how to find the
users' home directories.  You can set up a standard 'login.cmd' to 'net use H:
\\sambaserver\homes' to get them automounted on NT.  Point the Win2K box to
that as your PDC and things should go swimmingly.  I would recommend turning on
the 'EnablePlainTextPassword' feature in the NT registry or find a way to sync
the Linux/Unix passwords with the NT passwords.  There are a myriad of ways to
do this but I never had the opportunity to try them.

You might also want to put roving profiles in the users' home directories, too.
 Not a hard thing to do in Samba.

You can also bind NT boxes to the Samba server using the same parameters and
you will have a situation where an NT box or a Citrix connection will look the
same.

On NT systems, I recommend using Hummingbird eXceed (sp?) as an Xserver that
will allow you to remotely display X applications from Unixland to the NT
machines.  The obvious advantage here is that devout Windows users can be
introduced to X apps in a more familiar environment.

You can install Star Office with the '/net' flag that will enable you to
install the package in an NFS file system that all of the Linux boxes will be
able to access.  You can modify your system install process with some scripts
to make sure that the Star Office icons get put on all of the machines (or you
could also make '/usr/share' a mounted file system and put everything there).

As for Mac users, I have successfully used the Columbia AppleTalk package to
enable home directory and printer access but I haven't gone so far as to try to
do any serious level of integration of the Mac environment.  This might be
obviated with MacOS X :-)

NTP is easy to implement.  Just make a cron entry to do an 'ntpupdate'
periodically and at boot time.

As far as BDC capabilities, I'm not sure about newer versions of NIS but Sun's
NIS used to support 'master' and 'slave' servers.  All replication was pushed
to the slave servers and updates occurred on the master.  All of the local
filesystems, etc. could be replicated to the backup servers via 'rdist' or some
such to maintain consistency.

As with any enterprise environment, it pays to do your infrastructure design
and build first, before deploying too many workstations.  It is easier to make
changes before things start rolling out as you learn and modify the
environment. Start small on the workstation roll out and use the same methods
as software development (alpha and beta stations first to make sure things are
OK and then deployment).

I'm sure I've missed a bunch of stuff, here.  Implementation is left as an
exercise for the reader :-)

Maybe this will get the discussion rolling.

Cheers!

Bob
--- "Michael R. James" <mrjames at localnet.com> wrote:
> Having spent over 6 years as a network administrator with approximately 1200 
> users spread across the US in a multi-site WAN, I was charged with seriously 
> looking at Linux for the desktop and server environments.  I have experience 
> with Microsoft NT, and Novell Netware servers.  Based on my experience, along
> 
> with the research I completed, I believe that Linux can successfully control 
> the desktops.  There must, however, be some prerequisites completed first.  
> Enterprises won't just drop Windows (or Netware) and migrate to Linux on a 
> whim.    There has to be some type of blueprint available, allowing them a 
> smooth transition from one to the other.  I've scoured the web and found very
> 
> little documentation in transitioning existing networks to Linux solutions. 
> I 
> propose that the administrators in this forum share their experiences, both
> the 
> problems encountered and the solutions implemented.  
> 
> Windows NT allows for either a workgroup configuration, where every
> workstation 
> maintains it's own user id's and passwords, or for central authentication,
> the 
> Primary Domain Controller.  The workgroup environment is easily mimicked with
> 
> Linux, as every Linux workstation would maintain it's own list of users and 
> passwords.  The Primary Domain Controller could also be mimicked, using a NIS
> 
> server.  The question is how to implement Backup Domain Controllers?  Could
> the 
> NIS database be securely replicated to other servers?  Common "home" 
> directories could be maintained as NFS exports from a central server. 
> Printing 
> is a no brainer, using LPR/LPD.  Star Office could be used as the 
> wordprocessor, spreadsheet, etc application.  What services are absolutely 
> necessary for the Linux workstations?  Certainly, each and every workstation 
> wouldn't need MySQL or Apache running as a service.  How would one implement 
> NTP for standard time synchronization on the network?  How would one plan and
> 
> implement a heterogeneous network, with Linux, Window, and Mac clients?  What
> 
> obstacles are now forced on the plan?  Certainly an enterprise migrating to 
> Linux would not do so in a day.  They would be much more receptive to a
> phased 
> transition, which would ultimately mean heterogeneous clients on the network.
> 
> Until a "blueprint" or outline for the transition is detailed, I fail to see 
> Linux being implemented in the Enterprise on a grand scale.  I believe all
> the 
> pieces are present for this eventuality.  They just need to be orchestrated 
> into a reasonable solution.  Perhaps we, as a group, could contribute to
> this.
> 
> Thoughts, ideas are welcome.
> 
> 
> Michael R. James, CNE
> mrjames at localnet.com
> 
> 
> 
> 


=====
Bob Meyer
Knightwing Communications, Inc.
36 Cayuga Blvd
Depew, NY 14043
Phone: 716-308-8931 or 716-681-0076
Meyer_RM at Yahoo.com

__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/