[K12OSN] $275 of $750 Pledged Re: Pledge Drive for K12Linux EL6

Wed May 18 05:26:59 UTC 2011

On May 17, 2011, at 3:36 PM, Warren Togami Jr. wrote:
> 
> On 5/17/2011 6:09 AM, Steven Santos wrote:
>> I will pledge $50 towards this.
>> 
>> Warren, how much would it cost me to get you to make EL6LTSP default
>> to an LDAP server w/client option as the user back end?
> 
> I am not fully versed in LDAP integration, but I suspect that it is a matter of standard system administration involving the LTSP server using a designated LDAP server as the authentication source, and mounting /home over the network to share the common home directories.  This can be fragile and/or insecure if not configured properly, and it is outside the scope of what LTSP provides.
> 
> If you cannot figure out how to deploy that type of network yourself from documentation/books, then you may need to hire a Linux consultant to configure it properly for your organization.  I may know Linux experts in your area (I used to work from the Westford, MA Red Hat office).
> 
> How big is your deployment?  Do you already have a LDAP server and NFS server with all the home directories?

If you are looking for a solution on RH/Fedora.
http://directory.fedoraproject.org/
There is some good documentation there.

Also the debian guys over at Skolelinux have a setup much like this, if you need something that works more or less "out of the box."

If your install is big enough to need LDAP/NFS/SMB (You have multiple LTSP servers or you want workstations, some possibly with other OSes, to use the same central authentication and storage), you might be better off doing NFS/LDAP on a separate box anyway, since the hardware you want for LTSP is very different from what you want for something like NIS/NFS/LDAP/SMB. 

As you can guess, you don't need lots of CPU power for LDAP/NIS/NFS/SMB. What you need here is very reliable hardware with lots of disk and network I/O, which means a RAID setup with lots of storage and multiple gigE network connections. For that reason I tend to recommend putting your /home shares (NFS, SMB, etc) and NIS or LDAP on older server grade hardware, and using a desktop PC with a blazing CPU and tons of RAM (not much need for a fast GPU though) for your LTSP server. If an LTSP server has trouble, then at least it's cheep to replace (or to have multiple servers that can "failover" clients with a simple reboot), and it doesn't take down your workstations that are using the network authentication and storage. 