These are just a few questions that system administrators must answer when piecing together a strategy for network architecture implementation, and you can rest assured that small- to medium-sized businesses must make some rather tough calls when the decision to implement a Windows server architecture has been made. However, is there a way for system administrators to have their cake and eat it too? In fact, they can. In this case the sweet treat in network architecture is a Linux distribution.
3 Most Popular DistrosLinux distributions are the snowflakes of the IT world. From afar, each distribution looks the same, but upon closer inspection of the finer details, it's clear that every distribution offers something different.
According to http://distro watch.com/, the three most popular Linux distributions for the six-month period leading up to January 28, 2012 were:
One could call the Linux Mint distribution the Microsoft Windows of the Linux world. Mint’s primary purpose is to be out-of-the-box user friendly, and its multimedia features are as numerous as they are easy to use. Mint’s website claims that the Mint OS is the fourth most popular operating system in the world behind Windows, Apple, and Canonical’s Ubuntu.
But to say that Ubuntu is No.2 on the popularity list is really a misnomer. Mint, along with several other Linux distributions, are rooted heavily in Ubuntu, which makes Ubuntu and Ubuntu-based operating systems far and away the most common of all of the Linux distributions. In terms of intuitiveness, aesthetically pleasing graphics and overall functionality, Ubuntu is perhaps the most robust of all of the Linux distributions.
Rounding out the top three is the Fedora distribution. Whereas Mint and Ubuntu are Debian-based in terms of package management and repositories, Fedora is Red Hat Package Manager-based, and it fits rather nicely into a Red Hat enterprise environment. Fedora is currently the open-source version of the Red Hat Linux distribution.
The Wonderful World of PermissionsWhile working on a network at home, one may or may not give any thought to file, group, or individual permissions. Just sign on as root and let Ker rip, right? Well, this may be satisfactory at home, where there are very few nodes to keep track of, but what about in an enterprise environment?
One of the reasons Linux is so appealing in an enterprise environment (aside from its cost) is the obsessive way that each Linux distribution implements permissions. In a Windows environment, a differentiation may be made between administrators and everyone else, but non-administrators are often able to create and/or manipulate the infamous dynamic-link libraries. Linux tends to place more isolation between its shared libraries, as well as more separation between application-level processes and background processes.
When assigning permissions to groups or individuals, system administrators may choose between owner, group and all users. When assigning permissions to actual files, administrators can categorize a user’s options as read, write or execute. (To learn more check out this Linux tutorial on understanding file permissions.)
To a system administrator with any semblance of Linux experience, this should seem like a simple review of the fundamentals, but therein lies the genius of Linux permissions - their simplicity! Does the system administrator want Group A to run certain executables as opposed to reading and writing them? Or maybe the administrator would like User B to simply read the contents of certain files. The possible combinations are almost too numerous to count, while the level of understanding needed to assign permissions is no more than what's required to play "Angry Birds" on an iPhone.
Conversely, if a system administrator can understand the many intricacies of Windows permissions categories such as full control, modify, list folder contents, etc., and if she can fully grasp the many nuances of the group policy object, then it may be possible to accurately say that she’s smarter than everyone else. The question is, is the network secure?
An Open Mind Regarding OpenLDAPAccording to RFC 1960, the Lightweight Directory Access Protocol (LDAP) defines a network representation of a search filter transmitted to an LDAP server. Basically, when a client needs to locate information on an LDAP server, certain naming conventions are practiced that allow for the location of certain information within certain folders on a server. LDAP works rather similarly to the way DNS works, and the level of complexity is roughly the same. Windows servers typically intertwine Active Directory with LDAP, and as far as Windows products are concerned, the level of granularity and restrictive access to users is fairly robust. However, the premise here is freedom, and a natural extension of that is affordability.
Fortunately for the enterprising system administrator, LDAP is not a proprietary standard, so the naming conventions from platform to platform will remain roughly the same. Furthermore, most current Linux distributions offer their own version of an LDAP client, which should allow for a smoother implementation in the enterprise. So, for those who are ready to dive into the realm of OpenLDAP, they need only download the open-source software, and begin the install.