• No results found

SURE Program Patrick Diez

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "SURE Program Patrick Diez"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

SURE Program 2009

A Windows/Linux Hybrid Network

Patrick Diez

Structural Dynamics and Vibration Laboratory, McGill University

(2)

Contents

1 Initial Setup: Windows Network 2

2 First Attempt: Translated Authentication with Winbind 3

3 Final Attempt: Separate Windows and Linux Authentication 3

4 File Sharing 5

5 Multiuser Environments in Linux 5

1

Initial Setup: Windows Network

The Structural Dynamics and Vibrations Laboratory was setup with high-performance 64-bit computers installed with Windows XP x64, all on the McGill Active Directory (notably the CAMPUS domain). One of these computers was later converted to a Linux workstation (computer 1), and thus was removed from the Active Directory. This setup (see Fig.1) has several disadvantages, notably that the slow access to CAMPUS domain servers, and their lack of storage space, made having accounts and personal data on these computers an inconvenience.

CAMPUS Active Directory Server

McGill Network

computer 2 computer 3 computer 1

Windows network Linux network

(3)

2

First Attempt: Translated Authentication with Winbind

A need for a local, large, high-speed file server quickly became apparent, as lab users were being forced to use specific computers due to the location of their data (which often was tens of gigabytes large). One of the less powerful Pentium 4 HT workstations (computer 3) was setup with three 1 TB hard disks, creating a RAID-5 array 2 TB in size. Originally it was proposed that this computer be installed with Windows XP, but given the non-server nature of the operating system, it was decided to use Linux (notably Debian) instead.

Since this server was required to share data to ideally Windows and Linux computers, it was necessary to use Samba, the Linux server suite for Windows file sharing. Samba provides a medium-sized utility called Winbind allowing to synchronize the user accounts from an Active Directory illustrated in Fig.2. Unfortunately, due to the size of the CAMPUS Active Directory (over 30,000 users) and limitations of Winbind, it quickly became apparent that such a setup would be unfeasible.

CAMPUS Active Directory Server

McGill Network

computer 2 computer 3 computer 1

Windows network Linux network computer 3 replicates

Active Directory Users

toLinux Network

Figure 2 – Lab network: translated authentication with winbind. Blue arrows indicate direct access to the Active Directory, and red arrows indicate ‘translated’ access to the Active Directory via Samba

3

Final Attempt: Separate Windows and Linux Authentication

Unlike the above configuration, the final configuration consisted of two weakly-related sets of user accounts: one on the Active Directory, and another on the Linux file server (computer 3). Keeping these two sets of user accounts synchronized (both in terms of usernames and passwords) assures that users on Windows computer need not reauthenticate when connecting to the Linux server, however this synchronization must be done manually. Note that in this configuration (Fig.3), Linux workstations can authenticate against computer 3 using LDAP, the open-source equivalent of Active Directory. For efficiency, the Samba server (as previously mentioned) is setup with an

(4)

CAMPUS Active Directory Server

McGill Network

computer 2 computer 3 computer 1

Windows network Linux network computer 3 replicates

Active Directory Users

toLinux and Windows Hybrid Networks

Figure 3 – Lab network: separate Windows and Linux authentication. Blue arrows indicate possible means of (direct) authentication against the CAMPUS Active Directory server, and red arrows, possible means of (direct)

authentication against the Linux file server running Samba

LDAP backend, allowing Linux workstations (such as computer 1 and computer 4) to authenticate (and get their user/group information) directly over LDAP, instead of over Samba, which is notably slower. This relationship is illustrated in Fig.4.

LDAP Directory

Contains user and group information for the lab’s local network, duplicated from Active Directory for convenience

Samba Shares user/group information, files/folders to

Windows computers

NFS

Shares files/folders to Linux computers

Files and folders shared by NFS

To Windows Network To Linux Network

LDAP user/group information accessed via Name Service

Switch and PAM

LDAP user/group information translated by Samba

Files and folders shared by Samba

(5)

4

File Sharing

The configuration of a high-capacity file server on the lab’s network allowed for applications to be shared amongst several computers, both Windows and Linux workstations. This not only reduces the storage requirements of the lab computers, allowing for more disk space for simulation data, but also makes software upgrades easier, as only one copy of each software needs to be installed on the server. At present, the following software is shared on the server:

1. ANSYS (for Windows and Linux)

2. MSC Nastran & Patran (for Windows and Linux) 3. Samcef (for Linux)

5

Multiuser Environments in Linux

Unlike Winodws systems software, which requires Windows Terminal Services (available only for Windows Server) to provide a truly multiuser environment (that is, one in which several users can be logged in concurrently), Linux is built from the ground up for multiuser usage. In fact, multiple text and graphics consoles can be used locally on a Linux workstation, and users can login remotely to text consoles via the SSH protocol and graphics consoles via the X11 protocol. In Windows, clients for these protocols are numerous, but PuTTY and Xming are preferred due to their stability and simplicity.

The workstation computer 4 was chosen to be an application server: a computer whose processing power is shared amongst several users on the network, distinguished from a file server (like computer 3) by the fact that an application server does not transfer the executable images of its applications to the workstations accessing it, but instead only transfers the output of said applications. Computer 4 is particularly well-equipped for this task, given that it has two dual-core Netburst architecture processors at 3.73 GHz, and 64 GiB of memory.

In Linux, the preferred method of executing graphical applications remotely is either by launching an XDMCP session (X Display Manager Control Protocol) using XDM or GDM, or by launching individual applications from an SSH session. Similarly, in Windows, Xming supports opening XDMCP sessions (which are similar to Remote Desktop Connections, except that they use the X11 protocol instead of RDP), and can also be used in conjunction with PuTTY with X11 forwarding enabled to launch individual applications from an SSH text console. The result is that users do not need to be physically located at the application server to execute programs on it, and do not need to concern themselves with the activities of other users on the server.

References

Download now ( PDF - 5 Page - 196.08 KB )

Related documents

Congestive Heart Failure Management Program

Community Care’s networks are well designed to improve the health outcomes and quality of life for North Carolina Medicaid’s heart failure population through improving quality of

Analisis Kepuasan Pelanggan Dengan Menggunakan Integrasi Importance Performance Analysis dan Model KANO

Setelah mendapat kategori sesuai dengan integrasi Importance performance Analysis dan model kano maka dari 22 atribut tersebut akan diketahui atribut mana yang

Piloting Linked Open Data for Artists' Books

The Digital Scholarship Services unit (members of which were the main source of expertise for project management, metadata, and systems for the grant) was charged to develop

Technical progress in North and welfare gains in South under nonhomothetic preferences

We have shown that our model can present results that are a priori paradoxical in a Ricardian context: when there is technical progress in North biased towards the most

Samuel Stucker Weir 315 West Margaret Lane; Hillsborough, NC June 16, 1956; Tulsa, Oklahoma Married; two children

 The Carolina Permanente Medical Group, Department of Family Practice, Chapel Hill NC, 1993-2000..  Practicing Physician, Orange Family Medical Center, Hillsborough NC

Side-Channel Protected MPSoC through Secure Real-Time Networks-on-Chip

Third, using an evolutionary optimisation ap- proach, we effectively apply route randomisation while controlling its impact on hard real-time performance guarantees..

What is the Difference Between an Application Server and a Web Server

[r]

1921.pdf

One way in which states and localities are reducing tobacco use is by creating tobacco control policies that act at the point-of-sale (POS). POS policies are those that are