Web Server Administration Chapter 5 Managing a Server
Overview <ul><li>Understand the Web server administrator's view of server management </li></ul><ul><li>Examine networking ...
Overview <ul><li>Manage file system permissions </li></ul><ul><li>Share resources in a network </li></ul><ul><li>Enforce n...
Web Administrator's View of Server Management <ul><li>Web server software is a product that works with the operating syste...
Microsoft LAN Networking Models- Workgroup <ul><li>Treats each computer in the network as an equal, or peer </li></ul><ul>...
Microsoft LAN Networking Models- Workgroup <ul><li>Appropriate for networks with 10 or less computers </li></ul><ul><li>A ...
Microsoft LAN Networking Models- Domain <ul><li>One or more servers centralize control </li></ul><ul><li>Computers are par...
Client/Server Networking Model <ul><li>Client represents a program such as a browser or an e-mail client </li></ul><ul><li...
Authenticating Users <ul><li>Process of determining a user's true identity </li></ul><ul><li>Three basic methods </li></ul...
Implementing an Authentication System <ul><li>If a Windows network has older computers running NT, 95, or 98, the server m...
Managing Users and Groups <ul><li>Users need accounts to access resources on a server </li></ul><ul><ul><li>On a Web serve...
Managing Users and Groups in Windows <ul><li>Windows has an account called system </li></ul><ul><ul><li>It represents the ...
Users and Groups in Windows <ul><li>Local accounts exist on a single computer and can be used to control resources only on...
Groups in Windows <ul><li>Domain local groups have members from the same domain </li></ul><ul><ul><li>Assign permissions t...
Users and Groups in Linux <ul><li>Properties of user accounts </li></ul>The default is /bin/bash, which determines the cha...
File System Permissions <ul><li>Permission allow you to control access to the resources on a computer such as a Web page, ...
File System Permissions in Windows This is not a specific permission; under the list of permissions for users, when this p...
File System Permissions in Linux Modify the file permissions Execute programs and shell scripts,  which are text files con...
Linux Permissions <ul><li>Permissions are set for user, group, and others </li></ul><ul><li>Each permission is set with a ...
Using chmod to Set Permissions r-- r-- rwx chmod 744 myfile --- r-- r-x chmod 540 myfile r-x r-x rwx chmod 755 myfile Othe...
Sharing Resources in a Windows Network <ul><li>Shared folders require permissions </li></ul><ul><li>When comparing share p...
Enforcing Network Policies <ul><li>You can control a number of policies in both Windows and Linux  </li></ul><ul><li>Windo...
Summary <ul><li>The Web server has a guest user account that is used to access Web pages </li></ul><ul><li>Windows LAN mod...
Upcoming SlideShare
Loading in …5
×

Web Server Administration

434 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
434
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Web Server Administration

  1. 1. Web Server Administration Chapter 5 Managing a Server
  2. 2. Overview <ul><li>Understand the Web server administrator's view of server management </li></ul><ul><li>Examine networking models </li></ul><ul><li>Learn how users are authenticated </li></ul><ul><li>Manage users and groups </li></ul>
  3. 3. Overview <ul><li>Manage file system permissions </li></ul><ul><li>Share resources in a network </li></ul><ul><li>Enforce network policies </li></ul>
  4. 4. Web Administrator's View of Server Management <ul><li>Web server software is a product that works with the operating system </li></ul><ul><li>The server computer can run more than one software product such as e-mail and FTP </li></ul><ul><li>With both a LAN and the Web, controlling access is very important </li></ul><ul><li>The Web server can be part of the LAN </li></ul><ul><li>Web communication and LAN communication are different </li></ul>
  5. 5. Microsoft LAN Networking Models- Workgroup <ul><li>Treats each computer in the network as an equal, or peer </li></ul><ul><ul><li>Also called peer-to-peer networking </li></ul></ul><ul><li>Each computer is a client and a server </li></ul><ul><ul><li>When you allow others to access resources on your computer, your computer is acting as a server </li></ul></ul><ul><ul><li>When you access resources on another computer, your computer is acting as a client </li></ul></ul>
  6. 6. Microsoft LAN Networking Models- Workgroup <ul><li>Appropriate for networks with 10 or less computers </li></ul><ul><li>A number of disadvantages </li></ul><ul><ul><li>Most users do not want to administer resources on their computer </li></ul></ul><ul><ul><li>Need user names and passwords of users who need resources </li></ul></ul><ul><ul><li>Difficult to keep track of changing passwords </li></ul></ul>
  7. 7. Microsoft LAN Networking Models- Domain <ul><li>One or more servers centralize control </li></ul><ul><li>Computers are part of a domain </li></ul><ul><ul><li>Single, centralized logon </li></ul></ul><ul><ul><li>Single point of control </li></ul></ul><ul><ul><li>Users can be given access to resources anywhere in the domain </li></ul></ul>
  8. 8. Client/Server Networking Model <ul><li>Client represents a program such as a browser or an e-mail client </li></ul><ul><li>Server has a corresponding program that communicates with the client </li></ul><ul><ul><li>Server program known as a service in Windows or a daemon in Linux </li></ul></ul><ul><li>Networking in Linux follows the client/server model </li></ul><ul><ul><li>Telnet is used to log on to another computer </li></ul></ul>
  9. 9. Authenticating Users <ul><li>Process of determining a user's true identity </li></ul><ul><li>Three basic methods </li></ul><ul><ul><li>What you know – user name and passwords </li></ul></ul><ul><ul><li>What you have – entry card </li></ul></ul><ul><ul><li>Who you are – biometrics </li></ul></ul>
  10. 10. Implementing an Authentication System <ul><li>If a Windows network has older computers running NT, 95, or 98, the server must use NTLM </li></ul><ul><li>It is not as secure as Kerberos, which is the default for Windows 2000, 2003, and XP </li></ul>
  11. 11. Managing Users and Groups <ul><li>Users need accounts to access resources on a server </li></ul><ul><ul><li>On a Web server there is a restricted account that is used on behalf of Internet users </li></ul></ul><ul><li>In a LAN, users with common resource needs are put in a group, and the group is given access to the resource </li></ul>
  12. 12. Managing Users and Groups in Windows <ul><li>Windows has an account called system </li></ul><ul><ul><li>It represents the operating system and it has many of the same privileges of the administrator </li></ul></ul><ul><ul><li>Often needed by server programs </li></ul></ul><ul><li>Linux typically uses unique accounts for each daemon </li></ul>
  13. 13. Users and Groups in Windows <ul><li>Local accounts exist on a single computer and can be used to control resources only on that computer </li></ul><ul><li>Domain accounts can be used to control resources on all the computers that are part of the domain </li></ul><ul><li>Active Directory (AD) allows domains to be grouped into a forest </li></ul><ul><ul><li>Microsoft Exchange requires AD </li></ul></ul>
  14. 14. Groups in Windows <ul><li>Domain local groups have members from the same domain </li></ul><ul><ul><li>Assign permissions to resources in the same domain </li></ul></ul><ul><li>Global groups have members from the same domain </li></ul><ul><ul><li>Can be used to assign permissions to resources in any domain </li></ul></ul><ul><li>Universal groups can have members from any domain </li></ul><ul><ul><li>Can be used to assign permissions to resources in any domain </li></ul></ul>
  15. 15. Users and Groups in Linux <ul><li>Properties of user accounts </li></ul>The default is /bin/bash, which determines the characteristic of the shell environment Login shell The default is to create a group with the same name as the user Group The default is /home/ username Home directory The password must be at least six characters Password The full name of the user or any comment Full name Logon name of the user User name Description Item
  16. 16. File System Permissions <ul><li>Permission allow you to control access to the resources on a computer such as a Web page, a document, or a program </li></ul><ul><li>In Windows, the NTFS file system is required in order to assign permissions </li></ul><ul><li>All Linux file systems incorporate permissions </li></ul>
  17. 17. File System Permissions in Windows This is not a specific permission; under the list of permissions for users, when this permission is checked, it means that this user has one or more of the 14 individual permissions set Special Permissions (Windows 2003 only) This permission allows you to view the contents of a folder List Folder Contents Read files and run programs Read & Execute When set on a file, this permission allows you to write to files; when set on a folder, you can write to the folder Write With this permission, you can read files but cannot execute them Read Allows read, write, and delete Modify Full Control includes all other permissions and allows you to take ownership of the file or folder and change the attributes of a file Full Control Description Permission
  18. 18. File System Permissions in Linux Modify the file permissions Execute programs and shell scripts, which are text files containing Linux commands Execute Create files Write to the file, including deleting the file Write List the contents of a directory Read a file or copy a file Read When used with directories When used with files Permission type
  19. 19. Linux Permissions <ul><li>Permissions are set for user, group, and others </li></ul><ul><li>Each permission is set with a single digit from 0 to 7 based on the combination of permissions </li></ul><ul><ul><li>read = 4 </li></ul></ul><ul><ul><li>write = 2 </li></ul></ul><ul><ul><li>execute = 1 </li></ul></ul>
  20. 20. Using chmod to Set Permissions r-- r-- rwx chmod 744 myfile --- r-- r-x chmod 540 myfile r-x r-x rwx chmod 755 myfile Other Group Owner Permissions Command
  21. 21. Sharing Resources in a Windows Network <ul><li>Shared folders require permissions </li></ul><ul><li>When comparing share permissions and NTFS permissions, the most restrictive permission takes precedence </li></ul>Can only read files Read Allow existing files to be written to Change Allow files to be added, deleted, changed, and read Full Control Description Permission
  22. 22. Enforcing Network Policies <ul><li>You can control a number of policies in both Windows and Linux </li></ul><ul><li>Windows has many more policies but the majority are appropriate for LANs </li></ul><ul><li>A common policy involves passwords </li></ul><ul><ul><li>Number of days before change allowed </li></ul></ul><ul><ul><li>Number of days before change required </li></ul></ul>
  23. 23. Summary <ul><li>The Web server has a guest user account that is used to access Web pages </li></ul><ul><li>Windows LAN models include the workgroup and domain models </li></ul><ul><li>Linux only uses the client/server model </li></ul><ul><li>Authentication is based on what you know, what you have, and who you are </li></ul><ul><li>Core of security incorporates users, groups, and permissions </li></ul>

×