Halier Server idea


Most computer users use Windows as their operating system on their computers, but some users choose som variant of GNU/Linux. Users usually don't care about the operating system on the server. Administrators choose operating system on the servers, some administrators prefer Windows, some prefer GNU/Linux

If an administrator chooses Windows as his server operating system, he usually don't have to make any more choises. He just adds or removes server roles from his server using Microsofts tool for this. Every role he/she installs works together with his server by default. BUT if he/she wants to do something other than the Microsoft way, he will be on his own...

GNU/Linux systems on the other hand is very flexible, too flexible. An GNU/Linux administrator will have many descisions to make before he can start installing his server. He will have to choose a distribution, he will have to choose how to store his user data, how to authenticate his users, choose webserver, choose mail transfer agent, choose POP or IMAP-server. There are an huge amount of ways to do things. This is the strength of GNU/Linux (and the whole open source movement ).

I would like a GNU/Linux solution were I don't have to make all descisions. I don't say i would like GNU/Linux to become more like Windows, but I would like a better way to administer several GNU/Linux servers and clients.

My idea

This is how I would like a computer system to work.
Some of the things here are inspired by the way Active Directory works on windows servers.
My solution are based on the assumtion that there will be only GNU/Linux servers and no Windows servers, but both GNU/Linux clients and windows clients.

How will it work

The plan is to use existing software as far as possible (don't reinvent the weel).

Other interesting software:
All server functions are configured with data from the directory service. If a computer is added to the domain, then BIND and the DHCP-server are updated accordingly.
If an additional DNS server is added to the domain, then all clients will automaticly use this one as well since the DHCP server(s) inform the clients about the new nameserver.
If the same function is provided by more than one server, they will be configured to work together by using load balancing, failover or what is suitable for the function in question.

Example of functions a server might have
Sub-functions like IMAP-server may be installed without installing the entire Mail function.
All servers and clients shall have a minimum set of software installed, like ssh-server

GNU/Linux clients
There will be an agent running on all GNU/Linux clients, the agent will be responsible for checking the LDAP directory for changes and apply them.
The agent authenticate against the directory using kerberos and the computers machine account. (Principal host/fqdn@DOMAIN.TLD)
Windows clients



This is my dream. I may however probably never make this come true by myself, perhaps if i get some help!
Interested? Send a mail to Linus

Feel free to make comments to this document.

Useful tools

Apache DS studio

Useful documentation

Ubuntu documentation - AdvancedOpenSSH
Ubuntu documentation - SingleSignOn
Ubuntu documentation - OpenLDAPServer

Valid XHTML :: Valid CSS: :: Powered by WikkaWiki