[NTLUG:Discuss] Re: Necessary Reading and so on.. -- RHEL v. CL, Bash, Samba

Mon Nov 1 13:12:18 CST 2004

On Mon, 2004-11-01 at 13:42, Andrew Brown wrote:
> I am a relatively new Linux user... LOVE it by the way. I have finished
> spending the last few months loading and configuring both Red Hat E3 and
> SuSe 9.0 and now have moved into Fedora 2.

Just FYI, understand how Red Hat's "Community Linux" (which I call CL
collectively to represent both Fedora Core and Red Hat Linux) maps to
its "Enterprise Linux" (EL, or Red Hat Enterprise Linux):  
http://www.vaporwarelabs.com/files/temp/RH-Distribution-FAQ-3.html#ss3.1  

> I am really enjoying the process but need some direction. I have started
> learning BASH scripting and would like to know of some good resources
> to dive into for getting more tuned into Linux.

Bash Guide for Beginners:  
http://www.tldp.org/LDP/Bash-Beginners-Guide/html/  

BASH Programming - Introduction HOW-TO:  
http://www.tldp.org/HOWTO/Bash-Prog-Intro-HOWTO.html  

Advanced Bash-Scripting Guide (ABSG):  
http://www.tldp.org/LDP/abs/html/

> I have an interest in getting into Networking and setting up a Server
> on my home box.

One thing you'll quickly notice about UNIX in general is that the term
"server" and "client" is used to define services on boxes, not so much a
specific box.  The roles are blended in the UNIX world.

> Samba looks cool,

Samba is a service that provides support for:  

- The largely undocumented Common Internet Filesystem (CIFS) protocol
aka the collective system of "Windows Networking"

- This includes the also largely undocumented Server Message Block (SMB)
protocol (hence where SaMBa gets its name).

- v3 also includes Kerberos for network authentication and ticketing,
with support for MS-Kerberos extensions including either be the
authentication server _replacing_ native Windows Server 2000/2003
ActiveDirectory Service (ADS) _or_ as a "member server" in a native
ADS-2000/2003 (although it cannot be a peer Domain Controller, DC, to
native ADS-2000/2003).

- v3 (and v2.2 to a limited extent) also include OpenLDAP schema,
offering the same "replace" or "member server" arrangement with native
ADS-2000/2003 (but not a peer DC).

Understand that servers that rely on extending the ADS-2000/2003 schema
require _native_ ADS-2000/2003.  It is very unlikely that this will
_ever_ be emulated (at least not without WINE and various legal
issues).  ADS-2000/2003 rely on Win32-specific implementations of
MDAC/ADO features and non-LDAP services (yes, it essentially uses MS
Access underneath ;-).

> but as I read the intros to the resources I have found, they seem to
> be for users with some expertise that I do not think I have yet.

Microsoft has changed the CIFS/SMB protocols regularly, often in
_conflicting_ ways.  Samba can emulated just about _any_ version of the
protocol, from old LAN Manager for DOS and OS/2 up through Windows
Server 2003.  In fact, Samba exposed a lot of the inter-design problems
with most CIFS/SMB "false security" approaches, as well as flat out
broken ones (IPSec, SMB Signing, etc...).

Because of all the issues, Microsoft no longer even bothers making
Windows Server 2003 very compatible and well-performing with pre-Windows
XP clients.  In other words, as both IDG and Ziff-Davis publications
have found, if you are running Windows Server 2003, you'd better be
moved to all XP clients or expect issues (let alone performance
concerns).

Samba's "learning curve" is largely due to its _complete_ emulation of
_all_ the various forks of the MS CIFS/SMB protocol.  But typically it
is self-detecting of clients and accommodates each.  The "Cool
Thing"(TM) about learning Samba is that the knowledge of the protocols
are _directly_applicable_ to _native_ Windows Networking clients and
servers as well.

About the only time that is a "negative" is when you take MS exams.  You
must "deprogram" yourself from how the protocol actually works and
answer the questions on how the protocol _should_ work (ideally/as
stated in marketing/training materials ;-).

Also, understand Samba is only _one_ system that is largely designed for
_Windows_ clients.  Don't try to shouve it down the throat of UNIX
clients, because not only is Linux about the _only_ UNIX flavor with SMB
"filesystem" support, but you'll typically run into case and codepage
issues if you use it (especially with legacy UNIX code).

For more of a "long intro" on networking authentication, directory and
filesystem buzzwords/information, see my February 2004 LEAP post:  

"INTRO: Name, Authentication and Full Directory Services on a Network" 
http://lists.leap-cf.org/pipermail/leaplist/2004-February/037989.html 

> What are some good steps for a newbie to take so that I can join the
> fun!?

There are countless Samba books, but the best one is from the team,
"Samba By Example."  It is a set of "cookbook" configurations:  
  http://www.tldp.org/LDP/Bash-Beginners-Guide/html/  

Once you start getting really into Samba, then you'll want to hit
portions of "The Official Samba-3 HOWTO and Reference Guide":  
  http://us4.samba.org/samba/docs/man/Samba-HOWTO-Collection/  

An older book that can be found cheap is the mammoth 1,248 page "Samba
Unleashed."  Although it is written by a guy that has never deployed
Samba in a corporate environment**, a good half of the book is written
by contribution authors who have (including the founder of Gentoo as
well as myself -- half of what I did was in a weekend just before the
book was published because the author didn't know some of the
material):  
  http://www.amazon.com/exec/obidos/tg/detail/-/0672318628/  

> Fedora Fan

Ditto.  I'm a general Red Hat fan from the standpoint of their
continuing GPL/community-focused development model.  Nothing has
changed, although its funny to see the media and competitors act like it
has.  Fedora Core is everything we loved about Red Hat Linux before,
only more.

-- Bryan J. Smith
   Independent Technical Author, Consultant and Trainer

**NOTE:  My opinion of the main author is very biased, and you're only
hearing one side of it.  I have a long history with whim where he has
plagerized my work, asked me to write him scripts and help him complete
work (only not to be compensated), turn around and presented my ideas as
his own and, in general, done as much damage to my career as possible
(he is not above calling my employers or even even accusing me of
hacking his server).  Again, this is one-sided, and I'm far from
innocent with the author (i.e., I've reamed him publicly enough in
return, although never in an unethical/illegal fashion), but the book is
still quite good as a whole.

-- 
Bryan J. Smith                                  b.j.smith at ieee.org 
------------------------------------------------------------------ 
"Communities don't have rights. Only individuals in the community
 have rights. ... That idea of community rights is firmly rooted
 in the 'Communist Manifesto.'" -- Michael Badnarik