Select Page

The Standard Unix Operating Environment (SUOE) should be an extension of the SOE.  Its purpose should be to provide all the services listed in the SOE to the best of its ability.  Since we currently do not have a good SUOE this is an overview article of what is currently available. As an aside, this should really read “Standard Linux Operating Environment”, because our use of Unix is so low.

The standard set of services

Network

Unix machines will be configured to use DHCP over IPv4 as default.  In some cases IPv6 maybe used.  DHCP information will be edited in either Rincewind or Machine Manager depending on subnet.

Authentication

Unix machines must use a UOA based authentication method.  There are a few to choose from.  There are a few caveats to each method.

  • LDAP and Kerberos
    •  The standard way of giving a Unix machine both Authentication (through Kerberos) and Identity (through LDAP)
  • Just LDAP
    • LDAP can provide Authentication however the benefits of Kerberos allow single sign on where LDAP does not
  • Just Kerberos
    • Kerberos allows for single sign on, however doesn’t contain the wealth of user object information that LDAP does
  • Active Directory
    • Active Directory is Microsofts implementation of Kerberos and LDAP in a single protocol.  There are a few methods to provide it.
      • Likewise-open (examples Ubuntu, Centos).  Which is a free version of the likewise client.  Unfortunately this client dosen’t map UID/GID’s to the domain, so this must be acknowledged when using this method
      • Winbind (typically using the “net ads” command) is the Samba implementation which allows for UID/GID mapping, and is the more feature filled of the two methods.
Currently there is no standard way for Unix machines to be joined to the Domain.  In most cases likewise-open has been used, however this is a piece of free software and as such dosen’t provide some services you may require in your environment.  It would be suggested to use Winbind whenever possible.
PLEASE add a local administrator, with the standard password.

File services (network storage)

Unix provides many different methods for handling network storage (SMB, FTP, NFS to name a few), however the most common connection to our fileservers is SMB (Server Message Block, also known as Common Internet File System).  As listed in the SOE document, Science users typically connect to the following file services.

The linked documentation provides information on how to connect to each service in most cases.

Printing

The CAPS service provides printing to Unix systems but only through its Print and Release method.  This is because the Pharos popup client is not available for Unix at this time.  Documentation for Ubuntu using samba can be found here, and should be applicable to most Linux systems.

Applications

Antivirus

There is currently no known standard Antivirus for Unix within the University.  However, it could be argued that Unix already satisfies the “safe” component of the SOE without Antivirus.

Asset Management

The Sassafras K2 Client must also be installed on Unix based machines, auditing of Unix machines may be of less importance due to the lack of closed-source software not managed by a license server (ie MATLAB), however providing auditing information on the number of machines and users accessing them is useful.

(To be completed)

 

Skip to toolbar