October 3, 2006

Managing Security in Mixed Windows/Linux Networks

Nickolas Greising writes "Directory services play a critical role in ensuring computer networks are properly secured and efficiently managed. While Linux machines running in Microsoft Windows networks can interoperate with Active Directory, configuration is complicated - especially for administrators lacking Linux expertise. Managing authentication between Windows and Linux systems just got easier.

Linux systems, as shipped, include support for Kerberos, LDAP and other security/authentication protocols, but don't typically come ready to perform single-sign on Linux by buying specialized, proprietary software. It is possible to partially implement Active Directory-based single sign-on on Linux systems without any additional software. Many IT's who have use the open source software Samba know that it can be used to join Linux machines and Active Directory and perform authentication using AD domain controllers. Samba can also provide shared file services and verify that incoming connections to shared files or printers are authenticated with Active Directory. Finally, Samba can interact with Linux file systems to ensure that access control lists (ACLs) can be specified for Active Directory users, and that they are respected.

Unfortunately, configuring Samba to perform these operations is not a trivial task - it requires configuring Linux systems' firewalls, Kerberos, and PAM subsystems in addition to specifying the Samba configuration. It may also require downloading and installing newer versions of some packages to ensure everything functions properly.

Centeris has developed a new generation of tools specifically designed to simplify this process and automate configuration and management tasks. The Likewise 2.0 software released earlier this year, allows system administrators to remotely and rapidly install agent software on Linux-based machines to simplify Active Directory-based single sign-on.

The software can also be used to remotely manage Linux machines (and their associated file, print, and Web services) from a standard Windows console. When shared file and print resources are created, Likewise software supports publishing this information to Active Directory.

Likewise can also be used to set up Linux Apache servers to authenticate intranet Web browser users against Active Directory permissions information.

While managing authentication, directory services and security in mixed networks is possible with the tools and protocols described in this article, these tasks can be daunting and cumbersome (not to mention time-consuming and expensive) for administrators who lack Linux expertise. New tools like Centeris Likewise greatly simplify these tasks, as well as easing day-to-day management of Linux servers, reducing the amount of time network administrators must devote to configuring Linux to work well with Windows.

For more information about the Centeris Likewise software visit the official Centeris site at http://www.centeris.com. Or check out some of the reviews at the links below.

Centeris at Network World
Centeris at eWeek"

Link: centeris.com

Click Here!