Section 5.8. Key Points Learned

5.8. Key Points Learned

This chapter introduced many new concepts. Is it a sad fact that the example presented deliberately avoided any consideration of security. Security does not just happen; you must design it into your total network. Security begins with a systems design and implementation that anticipates hostile behavior from users both inside and outside the organization. Hostile and malicious intruders do not respect barriers; they accept them as challenges. For that reason, if not simply from a desire to establish safe networking practices, you must not deploy the design presented in this book in an environment where there is risk of compromise.

As a minimum, the LDAP server must be protected by way of Access Control Lists (ACLs), and it must be configured to use secure protocols for all communications over the network. Of course, secure networking does not result just from systems design and implementation but involves constant user education training and, above all, disciplined attention to detail and constant searching for signs of unfriendly or alien activities. Security is itself a topic for a whole book. Please do consult appropriate sources. Jerry Carter's book LDAP System Administration[24] is a good place to start reading about OpenLDAP as well as security considerations.

[24] <>

The substance of this chapter that has been deserving of particular attention includes:

  • Implementation of an OpenLDAP-based passwd backend, necessary to support distributed domain control.

  • Implementation of Samba primary and secondary domain controllers with a common LDAP backend for user and group accounts that is shared with the UNIX system through the PADL nss_ldap and pam_ldap tool-sets.

  • Use of the Idealx smbldap-tools scripts for UNIX (POSIX) account management as well as to manage Samba Windows user and group accounts.

  • The basics of implementation of Group Policy controls for Windows network clients.

  • Control over roaming profiles, with particular focus on folder redirection to network drives.

  • Use of the CUPS printing system together with Samba-based printer driver autodownload.

    Samba-3 by Example. Practical Exercises to Successful Deployment
    Samba-3 by Example: Practical Exercises to Successful Deployment (2nd Edition)
    ISBN: 013188221X
    EAN: 2147483647
    Year: 2005
    Pages: 142 © 2008-2017.
    If you may any questions please contact us: