-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05-Jul-2002/01:13 -0700, Scott Bower <[EMAIL PROTECTED]> wrote: >This possible environment would look something like this, a homogenous >environment running a locked-down Windows NT 4 Desktop with Roaming >Profiles running various productivity software including Lotus Notes, >Microsoft Office and Outlook, Visio, etc. authenticating to Windows 2000 >Servers sporting Exchange and Terminal Services...
I don't think there's a Notes client or a Visio equivalent for Linux. I've used Mozilla and Evolution to access Exchange mail via IMAP. Mozilla's LDAP support provides auto-complete while addressing email messages. Evolution has a more Outlook-like interface and can import/export vCard files. I have had occasional problems with Evolution v1.01 accessing Exchange servers via IMAP. I had a message that appeared to be duplicated, but I could not access the second "copy". After closing and reopening Evolution, all the mail in my Inbox was gone. After that incident, I started filing read mail into a local folder. Assuming the user will always access mail using a Linux desktop and their home directory is NFS mounted, storing mail "locally" may be a good practice. >Savvy as I might be with Linux, I'll be treading new ground in various >areas of emulating basic actions of NT in Domain Logon, Dynamic CIFS >Resource mapping, Roaming Profiles (can that be done?) and population of >Desktop and Menu items for equivalent productivity software. I've been using Linux as my desktop in Windows environments for about two years, so I can tackle some of your questions. >1 - is there a way to emulate the more intrinsic characteristics of the >NT S.O.E. lockdown features including some sort of parsing emulation of >the 'netlogon.bat', I read somewhere that Samba 2.2.2 allowed a Windows >Domain Logon at a Linux Workstation (!!!ESPECIALLY!!! Want to get docs on >This!) and Login scripts - ------------- On my RH72 system running gdm, both /etc/profile and ~/.bash_profile run at login. Just treat /etc/profile as a systemwide netlogon script. This script also calls each script in /etc/profile.d/ so you can put small scripts in that directory for manageability. A central login script could be put on an NFS share or downloaded from an intranet web server using wget. Domain login - ------------ My RH72 systems ship with pam_smb_auth, which allows Linux to use an existing PDC for authentication. See the docs in <file:///usr/share/doc/pam_smb-1.1.6/> on your machine. IIRC there is a way to set it up so that users do not need a local account on the Linux box. An account on the domain would be sufficient. The machines I had setup to use pam_smb_auth never had more than a half-dozen or so users, so I just created local accounts. I never needed to enable logins for domain accounts. >2 - is there a way to present network resources and automounting >floppys/CD's in a similar manner as a regular NT desktop Mounting network shares - ----------------------- CIFS shares can be mounted in /etc/profile, but the challenge is to find a way to provide the user's password to smbmount. According to the smbmount man page, you can specify the password on the command line (not recommended; anyone can look at command lines using "ps -aux"). Or you can put the username and password in a credentials file and specify that file on the command line, or you can figure out a way to put the password into the $PASSWD environment variable. One inelegant solution would be to have the login script use 'dialog' in an xterm to ask for the password and use it to set $PASSWD and run smbmount for each standard CIFS share. After you figure out how to provide the password, you'll need to figure out where to add the shares to the file system. An easily understood scheme for Windows users might be to create a ~/Network_Drives/ directory for the shares, then create 22 subdirectories "E:" thru "Z:". Letters A-D could be used, but they are normally local drives on Winboxes. You'd only confuse your users by listing them as network drives. If your Windows users have a standard shared drive "P:", then you could add a command like this to /etc/profile to mount it smbmount //ntserver/sharename ~/Network_Drives/P: This directory structure and any other files you want to create for all users would go into /etc/skel. The system copies that directory into the home directory when creating a new user. Network browsing - ---------------- The Nautilus file manager lets you browse the local workgroup. Just type "smb://" in the location bar. As you might expect, smb://servername/sharename will display the contents of a CIFS share. I have not tested this using password protected shares, but I would be surprised if it didn't prompt for a username and/or password and proceed with the connection. Nautilus is a resource hog. I much prefer GMC because of it's speed, but you may find that the CIFS browsing function of Nautilus is a must-have feature. Printing - -------- configuring printers is a systemwide config task, so you'll have to configure printers for each machine. Some apps save printer preferences and some don't. The user may have to select one of the configured printers each time they print, if they don't want to use the default printer that you specified for that machine. One good feature of Red Hat's printconf system is that the printer configs can be created on one machine, exported to an XML file and imported on another machine. See "printconf-tui --help". >3 - is there somewhere I can read up on idiot proofing Linux so that >changes would only stick to their NT Roaming Profile (...again, if this >could be done) and not to the system. This is default behavior on Linux systems. Users do not have the required permissions to make changes to systemwide configurations. Any changes they make are only saved in config files in their own directory. The real trick will be to have pam_smb_auth allow logins for users without a local Linux account and be able to specify that the user's home directory is on an NFS share. Actually, if all the home directories are on a single server, then /home on each workstation could be the NFS exported /home on the server. Then the user's home directory would be already be mounted. You could set it up so that the home directories for a set of work areas are on one server and all the workstations in those work areas mount /home from that server. In this scenario users would only be able to access their files from workstations served by their home server. >Any help provided would be much appreciated. In particular, hyperlinks, >whitepapers and contacts of people who have been here and done this. You might join or check the archives of these mailing lists: Red Hat Migration list <https://listman.redhat.com/mailman/listinfo/redhat-migration-list> Server-Linux list <http://lists.netspace.org/cgi-bin/wa?SUBED1=server-linux&A=1> If you make concrete progress, you might consider completing the survey at <http://www.redhat.com/solutions/migration/>. In any case, any significant success could be the foundation of a Linux Magazine or Linux Gazette article. Tony - -- Anthony E. Greene <mailto:[EMAIL PROTECTED]> OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Messenger: TonyG05 HomePage: <http://www.pobox.com/~agreene/> Linux. The choice of a GNU generation <http://www.linux.org/> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene <mailto:[EMAIL PROTECTED]> 0x6C94239D iD8DBQE9KIxWpCpg3WyUI50RAiOuAJ4mZCrQpI3y3JJpwMyP02gegc5taACdGPRp oCTO+F1F0RG26q2J4sdxZRE= =Ay0y -----END PGP SIGNATURE-----
network-drives.png
Description: PNG image
