Presentation is loading. Please wait.

Presentation is loading. Please wait.

The University of Akron College of Applied Science & Technology Dept

Published byBilge Acar Modified over 5 years ago

Similar presentations

Presentation on theme: "The University of Akron College of Applied Science & Technology Dept"— Presentation transcript:

1 The University of Akron College of Applied Science & Technology Dept
The University of Akron College of Applied Science & Technology Dept. of Business & Information Technology 2440: 141 Web Site Administration Server Management Instructor: Joseph Nattey

2 Web Administrator's View of Server Management
The Web server software is a product that works with the operating system The server computer can run more than one software product such as and FTP With both a LAN and the Web, access control is very important Server Management

3 Networking Models Two main approaches to networking includes:
Microsoft LAN approach to networking Client/server approach to networking Server Management

4 Microsoft LAN Networking Models
Microsoft Windows LAN is configured using one of these two models: Workgroup Domain The model determines how users are organized Server Management

5 Workgroup Networking Model
A workgroup is a collection of computers on a local area network (LAN) that share common resources and responsibilities. The term is most commonly associated with Microsoft Windows workgroups but also applies in other environments. Microsoft Windows workgroups organize PCs as Windows peer-to-peer local networks that exist to facilitate easier sharing of files, printers and other local network resources.  Each PC that's a member of the group can access the resources being shared by other PCs and in turn can share its own if configured to do so. Windows workgroups can be found in homes, schools and small businesses. Server Management

6 Workgroup Networking Model
Treats each computer in the network as an equal, or peer also called peer-to-peer networking Each computer is a client and a server when you allow others to access resources on your computer, your computer is acting as a server when you access resources on another computer, your computer is acting as a client Server Management

7 Workgroup Networking Model
Workgroups are designed for small LANs in homes, schools, and small businesses. Windows workgroups may contain many computers but work best with smaller numbers (15 or fewer).  As the number of computers increases, a workgroup LAN eventually become very difficult to administer and should be re-organized into multiple networks or a client-server network. Server Management

8 Workgroup Networking Model…
Disadvantages: Most users do not want to administer resources on their computer Need user names and passwords of users who need resources Difficult to keep track of changing passwords Need to setup account and password on each and every machine. Passwords can become out of sync, if changed on one computer and not others Not easily scalable. If using more than 10 computers, the number of accounts to set up increases a lot more More time required to setup for new users Server Management

9 Domain Networking Model
A domain is a form of a computer network in which all user accounts, computers, printers and other security principals, are registered with a central database (called active directory service) located on one or more clusters of central computers known as domain controllers. Authentication takes place on domain controllers. Each person who uses computers within a domain receives a unique user account that can then be assigned access to resources within the domain.  Server Management

10 Client/Server Networking Model
Client represents a program such as a browser or an client Server has a corresponding program that communicates with the client Client and server communicate using a protocol Web browsers (client) and Web servers use HTTP to communicate Networking in Linux follows the client/server model Each computer has its own database of users/passwords Server Management

11 Server Users User account – consists of a username and password to identify each user Usually has a home directory for storing files User owns any files created in the home directory Usually a user’s address (if an service is provided on the system) Users can log in and upload files if an FTP server is running on the machine Users & Documents

12 User Accounts Systems administrators need to maintain user accounts by: Creating new user accounts Maintaining the integrity of user accounts Deleting accounts of users not needing access (ksa) Scripts can be used to speed things up when creating many user accounts Users & Documents

13 Creating User Accounts
Creating an account generally involves: Creating a home directory for a user Setting permissions and groups Installing any login scripts or default directories and files for the user Configuring if necessary Users & Documents

14 Maintaining User Accounts
With many users, the users’ home directories should all be in a partition or drive separate from the core operating system Keeps the server running smoothly even if users fill available space on the drive Users must be given a quota to keep them from taking up too much space Users & Documents

15 Authenticating Users Authentication – the process of determining a user’s true identity Three basic methods What you know – user name and passwords What you have – entry card Who you are – biometrics Windows authentication could be accomplished using: Kerberos – developed at MIT to allow exchange of private information across a network It has become an Internet standard and is supported by Microsoft’s latest network operating system Certificates – guarantees the identify of an organization or user Server Management

16 Managing Users and Groups
Users need accounts to access resources on a server even when the resource is a Web page, the Web server has a default user account that it uses on your behalf. the default account has restricted access, but at least allows you to view the Web page. In a LAN, users with common resource needs are put in a group, and the group is given access to the resource Access to resources such as printers and files are controlled based on user accounts. Server Management

17 Managing Users and Groups
Windows has an account called system It represents the operating system and it has many of the same privileges of the administrator Often needed by server programs This powerful account is a favorite of hackers Linux typically uses unique accounts for each daemon Server Management

18 Users and Groups in Windows
You need to create user accounts for individuals that need access to your resources. Windows has two types of user accounts. Local accounts exist on a single computer and can be used to control resources only on that computer they must authenticate themselves before they can access network resources. Domain accounts can be used to control resources on all the computers that are part of the domain Server Management

19 Users and Groups in Linux
Properties of user accounts Setting up user accounts in Linux is simpler than in Windows When you add a user in Linux, you specify the properties of the user account as shown below. Item Description User name Logon name of the user Full name The full name of the user or any comment Password The password must be at least six characters Home directory The default is /home/username Group The default is to create a group with the same name as the user Login shell The default is /bin/bash, which determines the characteristic of the shell environment Server Management

20 File System Permissions
Permissions allow you to control access to the resources on a computer. A resource may be a Web page, a document, a program, or a printer. You give permissions to users and groups. In Windows, the NTFS (New Technology File System) file system is required in order to assign permissions All Linux file systems incorporate permissions Server Management

21 File System Permissions
File system permissions in windows offer more detailed control than their counterparts in Linux. You can set security permissions on files and folders. These permissions grant or deny access to the files and folders. When a permission is set at a folder level, the permission applies, by default, to the files in the folder and is inherited by all subfolders. Server Management

22 File System Permissions in Windows
Meaning for Folders Meaning for Files Read Permits viewing and listing of files and subfolders Permits viewing or accessing of the file's contents Write Permits adding of files and subfolders Permits writing to a file Read & Execute Permits viewing and listing of files and subfolders as well as executing of files; inherited by files and folders Permits viewing and accessing of the file's contents as well as executing of the file List Folder Contents Permits viewing and listing of files and subfolders as well as executing of files; inherited by folders only N/A Modify Permits reading and writing of files and subfolders; allows deletion of the folder Permits reading and writing of the file; allows deletion of the file Full Control Permits reading, writing, changing, and deleting of files and subfolders Permits reading, writing, changing and deleting of the file Server Management

23 File System Permissions in Linux
Linux files are setup so access to them is controlled. There are three types of access: read, write, execute Each file belongs to a specific user and group. Access to the files is controlled by user, and group, and what is called other. The term, other, is used to refer to someone who is not the user (owner) of the file, nor is the person a member of the group the file belongs to. Server Management

24 File System Permissions in Linux
Used on Files Used on Directories Read (r) Read a file or copy a file List the contents of a directory Write (w) Write to the file, including deleting the file Create files Execute (x) Execute programs and shell scripts, which are text files containing Linux commands Modify the file permissions Server Management

25 Linux File Permission Commands
The following commands are used for Linux permissions: UMASK (User Mask or User file creation MASK) is the default permission or base permissions given when a new file (even folder too, as Linux treats everything as files) is created on a Linux machine. Most of the Linux distros give 022 (0022) as default UMASK. In other words, it is a system default permissions for newly created files/folders in the machine. chmod – changes the access permissions of a file or directory When using chmod, you need to be aware that there are three types of Linux users that you are setting permissions for. Therefore, when setting permissions, you are assigning them for: Owner, Group, World Therefore, when setting permissions on a file, you will want to assign all three levels of permissions, and not just one user. Server Management

26 Linux File Permission Commands
The following commands are used for Linux permissions: chgrp – changes the group ownership associated with a file The first thing you will need to provide this command is the group which you want to change the file or directory to. After that you can list a single file or directory to be changed or list separate entities separated by spaces. chown – changes the owner associated with a file or directly. chgrp examples chgrp hope file.txt Change the owning group of the file file.txt to the group named hope. Server Management

27 Linux File Permissions
Permissions are set for three types of users: Letter Meaning u The user who owns the file (this means “you.”) g The group the file belongs to. o The other users a all of the above (an abbreviation for ugo) The three permissions (with their numeric values) are: Read (r) = 4, Write (w) = 2, Execute (x) = 1 r Permission to read the file. w Permission to write (or delete) the file. x Permission to execute the file, or, in the case of a directory, search it. Linux permissions may be set using the chmod command in two ways: Numeric values Mnemonics Server Management

28 Linux File Permissions
Table 5.1. Numeric Equivalents for Mnemonic Permissions MNEMONIC (RWX) PERMISSIONS BINARY EQUIVALENT NUMERIC EQUIVALENT --- 000 --x 001 1 -w- 010 2 -wx 011 3 r- 100 4 r-x 101 5 rw- 110 6 rwx 111 7 Server Management

29 Mnemonic Characters for Linux File Permissions
Types of users: a  all u  user g  group o  other Permissions: d  directory r  read (4) w  write (2) x  execute (1) -  none (0) Server Management

30 Linux File Permission Examples Using umask
Below are the permissions and its values used by UMASK. 0 –Full permissions (Read, Write, Execute) 1 –Write and read 2 –Read and execute 3 –Read only 4 –Write and execute 5 –Write only 6 –Execute onlyadminadmin 7 –No permissions Server Management

31 Linux File Permission Examples Using umask
Setting default file permissions for all three categories of users (user, group, others) to have all (read, write and execute) permissions umask 000 Setting default file permissions for all three categories of users (user, group, others) to have none of the permissions (read, write and execute) umask 777 Server Management

32 Setting Linux Default File Permissions
Command Default Permissions User Group Other umask 011 rwx rw- umask 233 r-x r-- umask 000 Below are the permissions and its values used by UMASK. 0 –Full permissions (Read, Write, Execute) 1 –Write and read –Read and execute 3 –Read only –Write and execute 5 –Write only –Execute onlyadminadmin 7 –No permissions Server Management

33 Linux File Permission Examples Using chmod
You need to add up the numbers to get other types of permissions... 7 = (read/write/execute) 6 = 4+2 (read/write) 5 = 4+1 (read/execute) 4 = 4 (read) 3 = 2+1 (write/execute) 2 = 2 (write) 1 = 1 (execute) chmod 666 mydoc.txt read/write by anybody! (the hacker loves this one!) chmod 755 mydoc.txt rwx for owner, rx for group and rx for the world chmod 777 mydoc.txt read, write, execute for all! (may not be the best plan in the world...) You will need to convert the word read or write or execute into the numeric equivalent (octal) based on the table below. 4 read (r) 2 write (w) 1 execute (x) Practical Examples chmod 400 mydoc.txt read by owner chmod 040 mydoc.txt read by group chmod 004 mydoc.txt read by anybody (other) chmod 200 mydoc.txt write by owner chmod 020 mydoc.txt write by group chmod 002 mydoc.txt write by anybody chmod 100 mydoc.txt execute by owner chmod 010 mydoc.txt execute by group chmod 001 mydoc.txt execute by anybody Server Management

34 Linux File Permission Examples Using chmod
To change the mode of a file, use the chmod command. The general form is chmod file1 file2 ... where: X is any combination of the letters `u' (for owner), `g' (for group), `o' (for others), `a' (for all; that is, for is either `+' to add permissions, `-' to remove permissions, or `=' to assign permissions absolutely; and Y is any combination of `r', `w', `x'. Following are some examples: chmod u=rx file (Give the owner rx permissions, not w) chmod go-rwx file (Deny rwx permission for group, others) chmod g+w file (Give write permission to the group) chmod a+x file1 file2 (Give execute permission to everybody) chmod g+rx,o+x file (OK to combine like this with a comma) Server Management

35 Linux File Permission Examples Using chmod
Assigning read, write and execute permissions to all users on a file: chmod a=rwx file chmod ugo=rwx file chmod u=rwx,g=rwx,o=rwx file chmod 777 file Assigning read, write permissions to user and execute permission to group and other users on a file: chmod u=rw,go=x file chmod 611 file 6 = 4+2 (read/write) 1 = 1 (execute) Adding read, write permissions to all users on a file: chmod ugo+rw file chmod a+rw Adding read, write permissions to user and group; and execute permission to other users on a file: chmod ug+rw,o+x file Removing read, write permissions from all users: chmod a-rw file chmod ugo-rw file Removing write permission from group and other users: chmod go-w file Server Management

36 Setting Linux File Permissions Using Numeric Values
Command Permissions User Group Other chmod 755 myfile rwx r-x chmod 540 myfile r-- --- chmod 744 myfile 7 = (read/write/execute) 6 = 4+2 (read/write) = 4+1 (read/execute) 4 = 4 (read) = 2+1 (write/execute) 2 = 2 (write) = 1 (execute) Server Management

37 Setting Linux File Permissions Using Mnemomics
Command Permissions User Group Other chmod u=rwx,go=rx myfile rwx r-x chmod u=rx,g=r,o= myfile r-- --- chmod u=rwx,go=r myfile Server Management

38 Sharing Resources in a Windows Network
Shared folders require permissions When comparing share permissions and NTFS permissions, the most restrictive permission takes precedence Share and NTFS are the two types of file permissions used on Windows computers. They function completely separate from each other but serve the same purpose: preventing unauthorized access. Permission Description Full Control Allow files to be added, deleted, changed, and read Change Allow existing files to be written to Read Can only read files Server Management

39 Enforcing Network Policies
“Network Policy Enforcement” is the application of some sort of network access control mechanism to control access to a network. The criteria for whether an end system is allowed to access the network are specified in a set of rules or parameters known as a “policy”. The process of policy enforcement consists of three steps: Examine the system’s “posture” to determine if it is compliant with the policy. Using a Policy Enforcement Point, make a decision regarding which parts of the network, if any, that the device should be allowed to access. Allow the device to access the network as decided. Server Management

40 Enforcing Network Policies
Examples of Network Policy An end user can only connect to the network if they are running the corporate-specified anti-virus product, and they are running the latest virus definition update A laptop must be running a personal firewall to connect to the corporate network (because it was mobile and was recently used on the road in an Internet Café) All users in the Sales department connect only to the Sales VLAN A bank teller can only connect their computer to the bank network during business hours while the bank is open A common policy involves passwords Server Management

41 Document Hierarchy Files and directories on Web servers are organized in a file system. File system – determines: Where files are stored on a computer’s hard drive How many letters a filename can contain The security of files stored on the computer There are many different file systems and most modern operating systems can support more than one Users & Documents

42 Common File Systems Some of the most common file systems are:
FAT32 – Microsoft file system NTFS – Windows NT file system UFS – UNIX file system ext3, ext4 – Linux file system HFS – Macintosh hierarchical file system NFS – Network file system Users & Documents

Download ppt "The University of Akron College of Applied Science & Technology Dept"

Similar presentations

File Server Organization and Best Practices IT Partners June, 02, 2010.

File Server Organization and Best Practices IT Partners June, 02, 2010.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
1 Preparing Windows 2000 installation (Week 3, Wednesday 2/25/2006) © Abdou Illia, Spring 2006.

1 Preparing Windows 2000 installation (Week 3, Wednesday 2/25/2006) © Abdou Illia, Spring 2006.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Chapter 5 Managing a Server. Overview  Server management  Examine networking models  Learn how users are authenticated  Manage users and groups 

Chapter 5 Managing a Server. Overview  Server management  Examine networking models  Learn how users are authenticated  Manage users and groups 
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW  Create and manage file system shares and work.
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.

By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
Chapter 5 Managing a Server. Overview  Server management  Examine networking models  Learn how users are authenticated  Manage users and groups 

Chapter 5 Managing a Server. Overview  Server management  Examine networking models  Learn how users are authenticated  Manage users and groups 
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
Group Accounts; Securing Resources with Permissions

Group Accounts; Securing Resources with Permissions
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.

2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.
Lesson 7-Creating Network File Systems. Overview Understand Novell’s network file system (NFS). Understand Windows file storage. Utilization of NFS.

Lesson 7-Creating Network File Systems. Overview Understand Novell’s network file system (NFS). Understand Windows file storage. Utilization of NFS.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.

11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Web Server Administration Chapter 5 Managing a Server.

Web Server Administration Chapter 5 Managing a Server.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
The University of Akron Summit College Business Technology Dept.

The University of Akron Summit College Business Technology Dept.

Similar presentations

Ads by Google