My 1st linux server - help wanted!

[cheesehead]

I'm trying to learn Linux. (I miss OSX's toolbar, and all I ever use my IBM X40 for seems to be SimCity and OpenOffice anyway.) I am, however, still not that proficient with it. Despite my knowlege of hardware, I'm really not that good with software and OS-related issues, and I'm trying to fix that.

Anyway...I need a file server. Preferably, one that's pretty easy to configure.

The hardware is:

700mhz Celeron
256mb or 384mb of SDRAM, depending on how many slots are availible
15gb hard drive, soon to be replaced with a much larger drive, possibly on a PCI SATA controller card.
Integrated video, sound, USB, et cetera. (It's a Dell Optiplex SFF, back from when Dells were well-made.)

The Situation:
I actually want to make three servers: A primary file server, a print server to which everything is also backed up daily, and a third server for the bridged internet connection.

Currently, we're working in an old mini-office complex adjoining a small stripmall. (It's going to be torn down pretty soon, so we get it for the year). It's in the middle of nowhere, but free WiFi can be had with a suitably powerful antenna.

As a result, I think the best way to get internet is to have at least one active WiFi connection on a seperate server, which would in turn act as an internet connection for the rest of the network. Ideally, I'd like to have multiple wifi cards in a server, each connected to a different network - is this possible?

The file servers will be connected to a bunch of routers and switches, to which will be connected almost entirely Windows computers. SMD is necessary, correct?



I have modest experience with Mepis and Ubuntu, and would like to try using Linux - so far, it appears I'm the organization's sysadmin, just because nobody else has bothered to think about it.

Anyone have advice?

 

[DaiShan]

Install Ubuntu Server, and google what you want to do or post on the Ubuntu Forums, they're very friendly : )

 

[Brazen]

So you are wanting 3 duties on this one server, right? I would suggest using VMWare Server to create 3 seperate virtual machines, but with such light hardware, that may be overtaxing it, at least without more RAM.

FIRST AND FOREMOST: Use Debian Stable for your server. The guides for Ubuntu will pretty much carry over to Debian, and their are also a ton of useful guides on Debian, plus the quality control in Debian Stable is lightyears beyond Ubuntu or pretty much any other distro for that matter. If for some reason you need newer packages than are provided in the Debian Stable repos, you can use Backports (www.backports.com). For instance, I am running a file server on Debian Stable but I'm using the samba software from backports because I needed some of the new features in the latest release of samba.

Are you using Active Directory? If so, I have a guide on how I set up our Debian/Samba file server to work with Active Directory. If not, you will probably want to set up Samba as a PDC so you can use centralized user management.

The print server will also be handled by Samba, but if you are willing to use virtual machines, I would highly suggest putting it in it's own virtual server. You don't want to have to reboot your file server because flakey printer drivers caused printing to lock up (a problem we have occassionally on our Windows print server)!

As for the networking thing, I'm didn't quite follow what you are trying to do. If you are wanting some sort of firewall/router though, DEFINATELY put that on a seperate server! I would also highly reccommend using pfsense for a firewall/router applicance. Pfsense is it's own distro (BSD, not linux) tailor made to be a firewall/router.

 

[cheesehead]

Originally posted by: Brazen
So you are wanting 3 duties on this one server, right? I would suggest using VMWare Server to create 3 seperate virtual machines, but with such light hardware, that may be overtaxing it, at least without more RAM.

FIRST AND FOREMOST: Use Debian Stable for your server. The guides for Ubuntu will pretty much carry over to Debian, and their are also a ton of useful guides on Debian, plus the quality control in Debian Stable is lightyears beyond Ubuntu or pretty much any other distro for that matter. If for some reason you need newer packages than are provided in the Debian Stable repos, you can use Backports (www.backports.com). For instance, I am running a file server on Debian Stable but I'm using the samba software from backports because I needed some of the new features in the latest release of samba.

Are you using Active Directory? If so, I have a guide on how I set up our Debian/Samba file server to work with Active Directory. If not, you will probably want to set up Samba as a PDC so you can use centralized user management.

The print server will also be handled by Samba, but if you are willing to use virtual machines, I would highly suggest putting it in it's own virtual server. You don't want to have to reboot your file server because flakey printer drivers caused printing to lock up (a problem we have occassionally on our Windows print server)!

As for the networking thing, I'm didn't quite follow what you are trying to do. If you are wanting some sort of firewall/router though, DEFINATELY put that on a seperate server! I would also highly reccommend using pfsense for a firewall/router applicance. Pfsense is it's own distro (BSD, not linux) tailor made to be a firewall/router.

Duh fuh guh wha?

I'm going to have three seperate servers - now officially known as Harpo, Chico, and Groucho. Harpo would be used for wi-fi and, if I can figure out how, a firewall - nothing else. Groucho is the primary file server. Chico is going to be the print server and the backup server - I'm just going to copy the contents of Harpo's hard drive over to Chico at the end of the day, and it's not going to actually act as a server.

Although I don't know how, I'd like to be able to access all of the servers independently as a terminal - I'm not quite sure what the term for this is.

Can you help me find a walkthrough for this? I'm afraid that I'm a little clueless with Linux - if I were at all competent, I would'nt have to ask.

Also, can anyone reccomend a distro? These servers will only be up for a few months at most, and will only be on for a few hours a day.

 

[Brazen]

Originally posted by: Cheesehead

Duh fuh guh wha?

I'm going to have three seperate servers - now officially known as Harpo, Chico, and Groucho. Harpo would be used for wi-fi and, if I can figure out how, a firewall - nothing else. Groucho is the primary file server. Chico is going to be the print server and the backup server - I'm just going to copy the contents of Harpo's hard drive over to Chico at the end of the day, and it's not going to actually act as a server.

oh ok, you only gave specs on one server so I assumed that was the one you wanted to put everything on.

Although I don't know how, I'd like to be able to access all of the servers independently as a terminal - I'm not quite sure what the term for this is.

You can access all the servers remotely using ssh, unless I'm misunderstanding what you are saying here.

Can you help me find a walkthrough for this? I'm afraid that I'm a little clueless with Linux - if I were at all competent, I would'nt have to ask.

Again, are you using Active Directory or no? If no, do you want to set up Samba as a PDC or no?

Also, can anyone reccomend a distro? These servers will only be up for a few months at most, and will only be on for a few hours a day.

A few hours? A few months? Wha? I still suggest Debian with the 'stable' repos, but if they will only be used for a few months, Ubuntu would probably be ok, too. If you want a server that you can put in place and use it for the next 10 years without ever breaking, then use Debian Stable.

 

[cheesehead]

Originally posted by: Brazen

Originally posted by: Cheesehead

Duh fuh guh wha?

I'm going to have three seperate servers - now officially known as Harpo, Chico, and Groucho. Harpo would be used for wi-fi and, if I can figure out how, a firewall - nothing else. Groucho is the primary file server. Chico is going to be the print server and the backup server - I'm just going to copy the contents of Harpo's hard drive over to Chico at the end of the day, and it's not going to actually act as a server.

oh ok, you only gave specs on one server so I assumed that was the one you wanted to put everything on.

Although I don't know how, I'd like to be able to access all of the servers independently as a terminal - I'm not quite sure what the term for this is.

You can access all the servers remotely using ssh, unless I'm misunderstanding what you are saying here.

Can you help me find a walkthrough for this? I'm afraid that I'm a little clueless with Linux - if I were at all competent, I would'nt have to ask.

Again, are you using Active Directory or no? If no, do you want to set up Samba as a PDC or no?

Also, can anyone reccomend a distro? These servers will only be up for a few months at most, and will only be on for a few hours a day.

A few hours? A few months? Wha? I still suggest Debian with the 'stable' repos, but if they will only be used for a few months, Ubuntu would probably be ok, too. If you want a server that you can put in place and use it for the next 10 years without ever breaking, then use Debian Stable.

To clarify, I'm probbably only going to have them on for a few hours a day over a period of a few months.

What, exactly, is active directory?

 

[drag]

The Situation:
I actually want to make three servers: A primary file server, a print server to which everything is also backed up daily, and a third server for the bridged internet connection.

For the router use a pre-built routing distro rather then modifying a regular distro. Iptables is not for newbies.
I suggest IPcop. It has a nice web interface and supports many features including DMZ zone for setting up wireless access. There are other such things with similar capabilties, but I like IPcop (color me biased).
http://www.ipcop.org/

It has a very good web interface that is fairly easy to grasp and it allows for most of the functionality you require for small to medium businesses.

You'll need at least 3 nic cards for it. One to connect to the external network. One to connect to the internal LAN. One to connect to the wireless access point.

For the wireless access point get a regular Linksys 'home' style router from the store. Disable dhcp on it if it interfers with the IPcop stuff (which it may not). Just plug the Ipcop box into the regular switch portion of the wireless access point and let that take care of the routing and dhcp assignments. Don't plug it into the 'uplink' stuff, unless that works for you. A little trial and error won't hurt.


For the file and print servers.. Don't bother with having them on seperate machines. Just set SAMBA up to the distro your most familar with and let it do the regular 'windows file and print service' thing. Don't set this up to be access on the wireless access point unless you setup strong authentication and encryption using WPA. (then you may want to put the wireless access point on the same switch as the rest of the LAN and forgo the DMZ zone)

What, exactly, is active directory?

Active Directory is directory services for Windows Machines. A product put out by Microsoft and requires a Windows 2000 or Windows 2003 server. It provides many functions including keeping track of user accounts and authentication allowing things like 'Single Sign On'. It provides a nice UI for managing this sort of thing and for setting up and managing permissions on file and print shares.

Samba is capable of emulating some of features of Active Directory, but AD has much more functionality and integrates well into Windows XP Pro.

The general recommendation for what you want to do if you want to go Windows is to purchase 'Microsoft Windows Small Business Server' which provides for AD and a number of licenses for clients (the base price includes 5, I believe) and they you would purchase a router for it.


(edit: For backups try to see if you can just get away with using a DVD. It is not important to back up the entire server, just your custom configurations and important data files.

That way you can keep a record of everything.. So you can do things like if Bob the Boss deletes a file on 4 weeks ago and all of a sudden realises he needs it then you can go back to your backup from 4 weeks ago and get it for him.

Just label them and keep them in a safe place (like a clearly marked shoebox in a nice dry dark cool closet.)

Also see if you can get some offsite storage going. Hire a professional place you can send the disks to or setup some rsync server on a different location.

Backups are the most important thing to get right. You need ot make sure that you get everything you need to get the stuff running again. You do this by testing it and seeing if you can actually use the backups your making..

I beleive a stat I heard was that 2/3rds of businesses that suffer a catastrophic data loss (fire, buglary, etc) are out of business within 9 months.

But backing up to DVD gets difficult once you get past one disk capacity.)

 

[Brazen]

This should help you out. It's for Ubuntu 5.10, but should be pretty much the same for Ubuntu 6.10 or Debian. I would suggest setting up Samba as a Domain controller (which is what this guide is for, in addition to file and print serving), but without knowing the scope or purpose behind what all you are doing, a domain controller may or may not be a good idea.

Also, just for the record, since this will only be in place a short while, combining print and file server would be ok, but for anything long-term I definately would split up duties onto separate servers for the reason I previously mentioned: you don't want one problematic service to bring down your whole operation.

 

[Hyperblaze]

File server, I recommend using a software called "samba". Works great!

Print server. same thing.

Firewall/gateway, I'd suggest shorewall.

As for Linux distro. I'd suggest Fedora Core. (you'll never hear me recommend Ubuntu).

 

[drag]

Originally posted by: Brazen
This should help you out. It's for Ubuntu 5.10, but should be pretty much the same for Ubuntu 6.10 or Debian. I would suggest setting up Samba as a Domain controller (which is what this guide is for, in addition to file and print serving), but without knowing the scope or purpose behind what all you are doing, a domain controller may or may not be a good idea.

It usually isn't.

What you want the domain controller for is a way to manage user accounts. On LANs with less then 20 computers or so it's just easier to setup local accounts and manage them that way.

People like the domain controller thing like a religion and most of the time it's pretty pointless unless you have a fairly complex network.

 

[skyking]

Originally posted by: drag

Originally posted by: Brazen
This should help you out. It's for Ubuntu 5.10, but should be pretty much the same for Ubuntu 6.10 or Debian. I would suggest setting up Samba as a Domain controller (which is what this guide is for, in addition to file and print serving), but without knowing the scope or purpose behind what all you are doing, a domain controller may or may not be a good idea.

It usually isn't.

What you want the domain controller for is a way to manage user accounts. On LANs with less then 20 computers or so it's just easier to setup local accounts and manage them that way.

People like the domain controller thing like a religion and most of the time it's pretty pointless unless you have a fairly complex network.

I will be migrating one of my clients to a domain not because of the number of computers, but the number of users. There are about 2 users per computer ,and of course I need to have every user in every machine, Just In Case.....
It's getting old chasing around with remote protocols and updating the users every time there is a staff change.

 

[Brazen]

Originally posted by: drag

Originally posted by: Brazen
This should help you out. It's for Ubuntu 5.10, but should be pretty much the same for Ubuntu 6.10 or Debian. I would suggest setting up Samba as a Domain controller (which is what this guide is for, in addition to file and print serving), but without knowing the scope or purpose behind what all you are doing, a domain controller may or may not be a good idea.

It usually isn't.

What you want the domain controller for is a way to manage user accounts. On LANs with less then 20 computers or so it's just easier to setup local accounts and manage them that way.

People like the domain controller thing like a religion and most of the time it's pretty pointless unless you have a fairly complex network.

Usually, if you're complex enough to need a file server, you are complex enough to take advantage of a domain controller.

 

[drag]

Ya well you have to realise that there are issues that your setting yourself up with.

If you have to take your domain controller down that pretty much eliminates the ability for people to do their job, eh? Then you have to have local accounts anyways. And what about security? If the domain controller gets rooted then your entire network is screwed. Everything that relies on it for authentication has to be considured rooted also. A big mess.

I figure it's best just to keep it as simple as possible unless you have a real need for this stuff. For a file server it simplifies things a lot since you can centralize backups. People put their stuff on the 'Z' drive if they want to save it, simple.

So I am a big fan of 'KISS'.

 

[Brazen]

Originally posted by: drag
Ya well you have to realise that there are issues that your setting yourself up with.

If you have to take your domain controller down that pretty much eliminates the ability for people to do their job, eh?

No, Windows workstations will cache credentials and allow logins even when the DC is not accessible.

If the domain controller gets rooted then your entire network is screwed. Everything that relies on it for authentication has to be considured rooted also. A big mess.

Well, if your DC can be rooted, then so can your file server, which pretty much gives the attacker everything they would probably want anyway, in addition to a gateway to root the workstations.

So I am a big fan of 'KISS'.

So do I. To me it just seems simpler to keep all your user account control in one place instead of juggling user accounts across workstations and servers.