[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Pinch me...



On the question about home directories. . .

Here, we use first name, last initial, and grad year, like
dougs06

This makes this student an account and home directory that will last until 
he graduates (unless he fails, in which case you'd have to do some 
changing), whatever year that is.  This may be easier to keep up with than 
the other.

Then, I use a script given graciously by members of one of these lists 
that will just delete directories with a certain year in their name.

Doug

On 6 Jul 2003, Shawn Powers wrote:

> I remember last year, that it was difficult for me to convince the
> school to purchase a subscription to Linux Journal... and now...
> 
> In a recent unexpected turn of events at my school district, the school
> board was overwhelmingly in favor of switching to open-source based
> servers.  Amazingly enough, my presentation focused on the money saved,
> and the businessmen and businesswomen on the board actually *understood*
> linux.  At least enough to like the moneysaving aspect of it. :)
> 
> I turn to this group of open-source advocates for some help, as I have
> done in the past.  I have been given a one-shot budget for servers,
> networking equipment, and even man-hours (mine, I'm actually getting
> paid this summer!!!) to implement an entirely new infrastructure.  The
> catch is that my reputation, credibility, job, and likely
> mortgage-paying-ability are at stake. :o)
> 
> I hope that a number of you are willing to answer some of my
> implementation questions based on experiences (good and bad) that you've
> had.  Keep in mind that only the servers are being changed, workstations
> are still going to be a combination of mac, windows, and linux.
> 
> I plan to fully document the progress of our district into the foray of
> open-source software.  If this year proves to be much smoother than
> last, with less money being spent -- I can see even more adoption of
> linux, both in lab and classroom settings.  It's a unique experience I
> have this summer to completely start from scratch with servers, and not
> have to "wedge" linux into an already existing system.
> 
> Ok, here's round (1) of my inquiries.  If I start to seem like I'm
> overusing the "group" this summer, I apologize ahead of time.
> 
> 1) Not a question, but a simple description of the hardware that will be
> involved.  We have a handful of public IP addresses coming into the
> district via a licensed wireless link from our ISD.  I will have a
> computer with 2 or 3 NICs acting as the firewall/masquerading box.  This
> will most likely run IPCOP.  Connected to that machine, in the DMZ will
> be a XEON machine with mirrored-RAID IDE drives for web/internet
> services.  Inside the private LAN, I will have 2 other servers.  One
> will be a PIII with 9GB SCSI drive running squidgard/dansguardian.  The
> other will be a PIII/PIV with RAID5 SCSI drives acting as the fileserver
> for the district.  Ok, there's a simplistic picture of the hardware I
> have to work with.
> 
> 2) LDAP.  I can't think of a reason to *not* use LDAP for
> authentication.  Everything seems to be able to authenticate via LDAP,
> plus the addressbook side-effect you get, it would be silly for me NOT
> to use it.  My question:  What has proven to be the best way for users
> to change their password?  Usermin?  Does whatever method you fancy
> allow for a hierarchy of "who can change what"  ?   It would be
> wonderful if I could delegate a small group of users (teachers) that
> could change passwords for students, but NOT change the passwords of the
> principals...  Any help with the "in use" nuances of LDAP would be
> appreciated.  This list has generated a great deal of info regarding
> setting up a server, and I thank all involved for that. :)
> 
> 3) home directory structure.  I know this has much to do with personal
> preference, but I wonder if anyone has any pros/cons of different
> structures.  My plan is to base it on graduation year, like:
> 
> /home/2004/user1
> /home/2004/user2
> /home/2005/user3
> /home/2005/user4
> /home/staff/user5
> /home/staff/user6
> 
> I picture that this will give me an easy way to delete accounts at the
> end of a year...  Just change the home directories for those students
> that failed, and then with a simple bash script loop -- remove all the
> users that graduated.  Does anyone have better ideas for this?
> 
> 4) Chicken-and-Egg scenario.  I can't think of a perfect order for
> setting up servers.  I plan to start with the LDAP server, because
> everthing else I set up will need to have user authentication.  The LDAP
> server will reside on the "web/internet services" machine mentioned in
> question 1.  I should be able to set this up internally on a private IP,
> and have the appropriate ports forwarded through the firewall to it. 
> The only problem with setting this machine up first, is that I will
> eventually want the /home directory mounted from the fileserver via
> NFS.  Since that server doesnt' exist yet -- I'm hoping that when the
> time comes, I can just empty the /home folder that will exist, and mount
> the NFS box.  If I'm offbase in that thought, please slap me
> accordingly.
> 
> 5) I am replacing our current proprietary email/groupware server
> (FirstClass) with linux based alternatives.  One feature I have been
> unable to pin down is the ability to have multiple email connections to
> a single box.  This seems like a silly need, but I can't stand it when
> my computer at work disconnects my mutt session by polling for new
> mail.  I check mail from many many computers in a day, and I play
> "broken IMAP connection" tag all day...  I know the IMAP server isn't
> tied directly into the MTA I use -- but a combination that works well
> for you would be greatly appreciated.   (BTW, does anyone else have
> problems with the "server disconnected" problem with their IMAP server
> using multiple machines, or is it just me?)
> 
> 6) Ok, last question for today. :o)  Since I'm replacing our groupware
> server (see #5) -- I need an alternative.  Does anyone have a web based
> system that has worked well in their educational situation?  Mind you,
> it needs to authenticate from the same LDAP server.  Luckily, the
> proprietary system is so poor in design, that I don't have very big
> shoes to fill -- and phpBB may suffice if it LDAP authenticates.  I just
> wanted to throw the question out there to see if anyone has the "killer
> web app" for thier teachers to collaborate with.
> 
> THANK YOU all for even reading this far.  I'm very excited about this
> summer, but want to make sure I make the best decisions possible.  Thank
> you for any advice/experience you are willing to share.  Our district
> has influence over a lot of schools (never really thought of myself as
> influential, but alas linux geeks shine when the economy turns sour) and
> I want to make sure we set a good example. :)
> 
> -Shawn
> 
> --
> Shawn Powers
> Inland Lakes Schools
> Indian River, MI 49749
> 231-238-6868
> http://techcorner.inland.k12.mi.us
> 
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN redhat com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
> 

-- 
Doug Simpson
Technology Specialist
DeQueen Public Schools
DeQueen, AR 71832
simpsond leopards k12 ar us
Tux for President!




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]