Re: Security in Mixed Linux Windows Environment

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MCharlie Bullen at <-
MCharlie Bullen at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Craig White
Date:  
To: plug-discuss
Subject: Re: Security in Mixed Linux Windows Environment
On Thu, 2004-07-08 at 10:15, Charlie Bullen wrote:
> Hi, I have been thinking of a way to minimize the use of windows
> desktops in an environment where certian programs running on windows are
> mission criticle. Here is the configuration I am thinking of.
>
> 1 windows 2K server, upon which the windows programs run. This will have
> terminal services activated. No activities requiring internet access
> will run on the win 2k server.
>
> Several linux desktops. At least one of the linux desktops will be
> running Samba.
>
> All data for all windows applications will live on the linux box running
> Samba.
>
> The win 2k server will be frequently backed up to the Samba server,
> which itself will be backed up to some other media, possibly a Snap
> applience.
>
> The linux desktops will use rdesktop to connect to the win 2k terminal
> server to run the windows only programs. General office work such as
> word processing, spreadsheeting, email , browsing will be run directly
> on the linux desktops.
>
> All internet traffic will be routed through a firewall running linux.
>
> As a possible cost saving measure we could have 1 powerfull linux box
> running LTSP with the rest of the workstations old outmoded boxes, so
> that we don't have to buy any new computers.
----
I have wrestled with this concept several times the past few years and
have gone back and forth on the worth.

If you use the Linux Remote Desktop client, then you need to purchase
client licenses for them on WTS. If you use Win2K or WinXP Professional
clients, the client license is included. Most people are more
comfortable with Windows client - even if they use OpenOffice.org In
these instances, I keep the users at minimal local security levels
(i.e., they are neither Administrators nor Power Users of their own
machines). Roaming profiles is rather easy to set up.

That being said, if the desire at the top is to ultimately remove
Windows from the network entirely, I think that you have the right
concept, but recognize that the implementation will probably take longer
unless you are experienced in LTSP. I would also recommend that you
consider using openldap for SSO authentication to all resources,
windows/linux.

Craig

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: How to achieve menu access to edit text files?Re: How to achieve menu access to edit text files?->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)