OK...Let me back up the bus a little. I'm not a *nix admin although I try. My background is in M$. And my area of expertise has been primary LAN based.
Design primer: I have two win2003 servers and two winXP workstations. One server is essentially a dedicated file server that also runs Clipper applications for back-end processing of data. The other server is running IIS6 for public http, asp, php access; mysql for back-end database to asp and php front-end. The two machine communicated via SMB shares. I have configured the IPSEC policy to only allow ingress/egress communication on the LAN. Access to shares is limited to local accts/groups and authentication is via NTLMv2. I currently have a given account/password setup on each box, like in peer-to-peer sharing. Each server will only allow http/https/ssh from public access. The winXP workstation are used for front-end processing. They connect to the file server through shares. Again, I have a limited IPSEC policy for these as well. For remote access I have installed the bitwise ssh server daemon on each of these workstations. >From the remote desktop, we setup an ssh tunnel to the workstation, then rdp in through the tunnel to run front-end processing scripts. All four computers are in a workgroup called "test" All four computers have two separate accounts, admin/administrators group, and processing/power user group The preocessing account has the same password for each computer. When creating permanent shares between boxes, I have to specify computername\account & password. I am setting up OpenFiler for the ability to centrally store data files from each server as backups. I was planning on doing batch RSYNC from the windows servers -to- the OpenFiler server as a nightly service inlieu of relying on tape backup. The purpose of my original question: >From reading the Openfiler doc's , as I understand it, will not allow you to use local accounts for network access. OpenFiler relies on some sort of central account management service. Not wanting to either install a DC/AD server, nor make one of the existing servers a DC/AD server, I was inquiring to the possibilty of using LDAP on the OpenFiler server. In a nutshell...I am stumbling through what I think I need in order to make OpenFiler work in this environment. Thanks again, Don _______________________________________________ Openfiler-users mailing list [email protected] https://lists.openfiler.com/mailman/listinfo/openfiler-users
