Understand the Web server administrator's view of server management Examine networking models Learn how users are authenticated Manage users and groups... Microsoft LAN Network
Trang 1Web Server Administration
Chapter 5 Managing a Server
Trang 2 Understand the Web server
administrator's view of server
management
Examine networking models
Learn how users are authenticated
Manage users and groups
Trang 3 Manage file system permissions
Share resources in a network
Enforce network policies
Trang 4Web Administrator's View
of Server Management
Web server software is a product that
works with the operating system
The server computer can run more than one software product such as e-mail and FTP
With both a LAN and the Web, controlling access is very important
The Web server can be part of the LAN
Web communication and LAN
communication are different
Trang 5Microsoft LAN Networking
Models-Workgroup
Treats each computer in the network as
an equal, or peer
Also called peer-to-peer networking
Each computer is a client and a server
When you allow others to access resources
on your computer, your computer is acting as
a server
When you access resources on another
computer, your computer is acting as a client
Trang 6Microsoft LAN Networking
Need user names and passwords of
users who need resources
Difficult to keep track of changing
passwords
Trang 7Microsoft LAN Networking
Models-Domain
One or more servers centralize control
Computers are part of a domain
Single, centralized logon
Single point of control
Users can be given access to
resources anywhere in the domain
Trang 8Client/Server Networking Model
Client represents a program such as a browser or an e-mail client
Server has a corresponding program
that communicates with the client
Server program known as a service in
Windows or a daemon in Linux
Networking in Linux follows the
client/server model
Telnet is used to log on to another computer
Trang 9Authenticating Users
Process of determining a user's true identity
Three basic methods
What you know – user name and passwords
What you have – entry card
Who you are – biometrics
Trang 10Implementing an
Authentication System
If a Windows network has older computers running NT, 95, or 98, the server must use NTLM
It is not as secure as Kerberos,
which is the default for Windows
2000, 2003, and XP
Trang 11Managing Users and
Groups
resources on a server
On a Web server there is a restricted
account that is used on behalf of Internet users
needs are put in a group, and the
group is given access to the resource
Trang 12Managing Users and
privileges of the administrator
Often needed by server programs
Linux typically uses unique
accounts for each daemon
Trang 13Users and Groups in
Windows
Local accounts exist on a single
computer and can be used to control
resources only on that computer
Domain accounts can be used to control resources on all the computers that are part of the domain
Active Directory (AD) allows domains to
be grouped into a forest
Microsoft Exchange requires AD
Trang 15Users and Groups in Linux
Properties of user accounts
Item Description
User name Logon name of the user
Full name The full name of the user or any comment
Password The password must be at least six characters
Home directory The default is /home/username
Group The default is to create a group with the same name as the user
Login shell The default is /bin/bash, which determines the characteristic of the
shell environment
Trang 16File System Permissions
Permissions allow you to control access
to the resources on a computer such
as a Web page, a document, or a
program
In Windows, the NTFS file system is
required in order to assign permissions
All Linux file systems incorporate
permissions
Trang 17File System Permissions in Windows
Permission Description
Full Control Full Control includes all other permissions and allows you to take
ownership of the file or folder and change the attributes of a file Modify Allows read, write, and delete
Read With this permission, you can read files but cannot execute them
Write When set on a file, this permission allows you to write to files; when
set on a folder, you can write to the folderRead & Execute Read files and run programs
List Folder Contents This permission allows you to view the contents of a folder
Trang 18File System Permissions in Linux
Permission
type When used with files When used with directories
Read Read a file or copy a file List the contents of a
directory
Write Write to the file, including deleting
Execute Execute programs and shell scripts,
which are text files containing Linux commands
Modify the file permissions enter directory
Trang 20Using chmod to Set
Trang 21r Sharing Resources in a Windows Network
Shared folders require permissions
When comparing share permissions and NTFS permissions, the most
restrictive permission takes
Trang 22Enforcing Network Policies
in both Windows and Linux
the majority are appropriate for
LANs
Number of days before change allowed
Number of days before change required
Trang 23 The Web server has a guest user account that is used to access Web pages
Windows LAN models include the
workgroup and domain models
Linux only uses the client/server model
Authentication is based on what you
know, what you have, and who you are
Core of security incorporates users,
groups, and permissions