[K12OSN] Need advice on network setup for school
kyle at caliberis.com
kyle at caliberis.com
Mon Jul 24 12:14:18 UTC 2006
This looks like some great info. I'm going to have to go read up on
Samba/LDAP. Do you recommend starting from a K12LTSP install or my FC5
From: "David Trask" <dtrask at vcsvikings.org>
Sent: Sun, July 23, 2006 10:41 pm
To: kyle at caliberis.com
Cc: K12OSN at redhat.com
Subject: Re: [K12OSN] Need advice on network setup for school
kyle at caliberis.com on Sunday, July 23, 2006 at 9:53 PM +0000 wrote:
>1) Centralized authentication and authorization - This was the main
>benefit we received initially from moving away from computers that were
>connected in a "workgroup" mode and implementing a Windows domain and
>allows for much better control over the management of the workstations.
Samba/LDAP will be your best bet here IMHO. It's what I use....one server
serves both platforms. It serves as the domain controller for Windows
(and can do roaming profiles if you're using 2000 or XP) and it also
serves as the authentication for the Linux side as well and can store the
users home directories and export them via NFS to mount on the K12LTSP
server (transparently....home=home). http://www.majen.net/smbldap
>2) Controlled access to Internet resources. The organization is a school
>and the potential exists to be held liable for situations where children
>access inaproppriate content if it's determined that the school did not at
>least attempt to put adequate controls in place.
Dansguardian....and it's available in many ways....you can run it on the
K12LTSP machine...or better yet...grab another smaller server (I use a P4
with a gig of RAM and a 20gb HD). You can run it on SME server
(www.contribs.org) or even better for you might be IPCop www.ipcop.org
>3) Secured files - There is a subset of the documents in the organization
>which must be protected.
Put those in a folder with access designated only to a certain group
>4) Reasonably sensitive management - The administrator at the school is
>not an IT professional and should be able to manage the day-to-day
>operations of the network without advanced knowledge.
There will be a small amount of learning needed....from a classroom mgmt
>(would be nice)
>5) Terminal services - The school has a lot of older machines that could
>yield additional value to the school if they were able to be utilized as
>thin clients. Also, I suspect that replacing machines with LTSP Terminals
>(available on eBay for $50-$150) would have a lot less administrative
>overhead than supporting a standard PC.
You are right here....you can also use older PC's and simply turn them
>6) Virtualization - The move of clients to Linux could go much quicker if
>an environment was available in which to run those Windows applications
>for which no alternatives have been found if they could be run in a
>virtual machine. I believe that I can achieve this using the free VMWare
>server as a host for Windows 98 and that the licensing of the Windows
>operating system allows for the machine code to execute on a single
>machine with no restrictions of the number of instances of code that can
>run on the single machine.
Not sure you are right here....major licensing issues. I run a Windows
Terminal Server for this purpose and simply connect to it via the Linux
desktop using "rdesktop".....however you need a license for each
machine....your best bet is to phase out the windows programs.....what are
some of the windows programs holding you back? Maybe we can help you find
the alternatives or at least another method of distribution.
>The things that I have at my disposal to implement a solution:
>1) A cable Internet connection
>2) A DLink broadband router - I use this because I've never been able to
>successfully plug a Linux machine directly into a cable modem. This also
>acts as a firewall and I've defined no virtual servers.
>3) Three identically configured Compaq 6400R servers. These servers have
>4GB RAM, three 18GB drives, and 4 500Mhz PIII Xeon processors.
These servers should do well.
>4) Two network attached printers that support PostScript
Great...this will make printing a snap!
>5) Approximately 50 client computers at varying stages of decay ranging
>from 450Mhz machines with 128MB RAM (more typical) to a 2.4Ghz machine
>with 1GB RAM (the outlyer)
fine....but you can rob the RAM out of the 1 gb machines....generally 64mb
RAM is plenty.
>6) No money (although when all other options have been exhausted some can
>be located at times)
David N. Trask
Vassalboro Community School
dtrask at vcsvikings.org
More information about the K12OSN