Weekly Course Overview

R. Craig Collins >CPMT 2449 > Overview 7

Overview 7 © R. Craig Collins, 2005/11

•Items that should be accomplished before the beginning of the current time frame:
•Read Chapter 9

Items to accomplish during the current course time frame:
Lab 5 quiz Answer questions at the end of chapter 8-9
Lab 5 dropbox screenshots of setting up users, groups, and controlling access in Windows and Linux

Overview of steps
(Collect screenshots along the way;
Windows [PrtScn] then paste into a file;
Linux Application button/Accessories/Print Screen)

Create Students and Groups

Create a group called student
Create a group called faculty
Create a user, add them to the student group (in Windows must also be a server operator)
Repeat for faculty

See Overview 6 for Windows process.

Create a folder in the already existing shared folder
• Windows us Start/Computer to access c:\users, right click New\Folder, rename it student
• Llinux use command prompt: su, then cd /, then mkdir /home/student for example
Repeat for faculty

Place a file in each folder, for later testing. (win us Notepad; linux use command prompt su, then cd /, then touch /home/faculty/test.txt for example)

Limit access to folders
Goal: Faculty members have full control of student and faculty folder
Goal: Student members have full control of student and list and read for faculty folder

• Windows, right click the folder, use Security to Edit, then add groups, and set what they can do

• Linux, use command prompt to change ownership chgrp faculty /home/faculty for example
• Linux, use command propmt to change permissions chmod 775 /home/faculty which give user full control, group full control, and others (students) RX
• Linux, use command propmt to change permissions chmod 777 /home/student which give user full control, group full control, and others (faculty) RWX

Test both users, verify faculty can see and change both files, but
students can see both files, but only change the student file.

Preview of next discussion

INTERESTING DETAILS FOR REVIEW

•Read Creating Users, below

Must supply:

log on
details
password
  *assigned, never change
  *assigned, allow change (how often?)
  *assigned, force change (when?)
contact info
group
  *as we have yet to discuss creating groups, we must assume there are some already created. They are
    -administrators: lots of rights, that can't be adjusted
    -guests: few of rights, that can't be adjusted
    -users: everyone is a member of this group
  *We can create other groups as well.
    -distribution groups, just for group emailing
    -security groups: every other kind of group is a security related group
  *Since 2003 can be a domain, among trees or among forests, group members must match. They are
    -domain local groups: permission in the local domain they are placed in
    -global groups: permission in the trees of other trusted domains
    -universal groups: permission in the whole forest

Organizational units can be used to subdivide the domain, so you may create groups to logically organize certain users, or to control resources for that group, using a group policy.

• Examples of Advanced Techniques: Adding a user in Linux using the command line

Options:

-d home directory
-s starting program (shell)
-p password
-g (primary group assigned to the users)
-G (Other groups the user belongs to)
-m (Create the user's home directory

Example: To add a new user with

starting shell /bin/bash
password of Password2
home directory of linux02a
create home directory
a login name of linux02a

useradd linux02a -s /bin/bash -p Password2 -d /home/linux02a -m linux02a

• Examples of Advanced Techniques: Users and Templates Windows

If you wanted to Manually add user Windows
Specifications
1. In Windows Server command prompt
  dsadd /?
2. To create one user using DSADD, named Kent C Deforest
  dsadd user "cn=Kent C Deforest,cn=users,dc=your domain,[dc=522,]dc=templejc,dc=edu"
  Note: Other DSADD options you may add:
  -pwd value - memberof "cn=value" -profile "\\server\profiles\value" -disabled no
  Other DS related command DSMOD and DSMOVE and DSQUERY
  dsmod /?
  dsmove /?
  dsquery /?
Graphically add user Windows
1. Click Start, select Administrative Tools, and then click Active Directory Users and Computers
  Right Click the Users container, and select New, and click User
2. Example
  Create one user graphically, named Warren Peese;
  username wpeese,
  password Password1
3. Right click the users and to Memberof add Server Operators, not full administrator
  (in this class, all users need to be server operators or administrators in order to 'sit at' this machine.)
Automating user creation, by creating a template with all memberof, dialin, etc., already set
1. Creating a user Template
  Example
  - Right Click the Users container, and select New, and click User
  - In the New Object-User dialog box, type _Template in the First name text box
    (the _ ensures the templat account appears at the top of the user listing)
  - Press Tab four times to reach the User Logon name field. Type template and choose Next.
  - In the Password text box, type Password1, and again for the confirm password.
  - Right click the _Template user account, and choose Properties
  - In the description text box on the General tab, type typical user
  - Click the Profile tab, for the path \\your server's name\profiles\%username%
    (this will automatically create profiles based on the user name
  - Click the Memberof tab and add the template as a memberof Server Operators
- To Create one user via Template, named Ima Clone
  Specifications
  - Right click the _Template user account and click copy
  - User name Ima Clone, and username iclone, password Password1
Note: record username, password, and group information in your notes

•Examples of Advanced Techniques: Users and Templates Linux
1. Optional Manually add user Linux
Specifications

In Linux Server command prompt
whatis useradd
To create one user using useradd, named Kent C Deforest

PS Don’t name your user faculty, then your group faculty, and then a folder faculty. This will lead to confusion later, use different, meaningful names.

2. Open up the Linux equivalent of (My) Computer, and browse to the ‘home’ folder.

As you can no longer log in as the root user, recall that you have to log in as a student or log in as a faculty member to do the activity in this fashion

(to change which owner (user) a file belongs to, use chown
chown ownername file or folder)

Browse to the home folder, then right click the folder in question... choose Properties, then choose Permissions

Linux folder permissions

Back in the GUI, right click the StudentStuff folder and make sure
Others have Read and Right
Others in this case is the Faculty group

You could also do this with
chmod 775 /home/StudentStuff

right click the FacultyStuff folder and make sure Others have Read
Others in this case is the Student group

   •review chmod here
    chmod rwx ugo file or folder
        •chmod g refers to changing permissions for the file or folders current group

Preview of next discussion
•Controlling not just the folders, but the drive the folders are saved on: Dynamic Disks

RAID concepts

RAID 0: minimum two disks, stripped without parity-no fault tolerance
RAID 1; minimum two disks, mirrored without parity-basic fault tolerance
RAID 3,4; minimum three disks, with dedicated parity- parity drive can fail-fault tolerance
RAID 5; minimum three disks, with striped parity- any drive can fail- fault tolerance
RAID 6; minimum four disks, with striped parity- any two drives can fail- fault tolerance

Microsoft How to:Dynamic Disks http://support.microsoft.com/kb/323442

Disks are divided into partitions, disks can be aggregated with volumes that span disks
   • to http://support.microsoft.com/kb/816307
Start/Administrative Tools/Computer Management/Disk Management
Right clickbasic disk that you want to change, and then click Convert to Dynamic Disk
     the gray area that contains the disk title, such as Disk 0
Creating a Simple Volume
Right click unallocated space, then choose New Volume
   • to http://support.microsoft.com/kb/323442

•Complete
   •Lab 5:
      •Create Groups and Users in both Linux and Windows
      •Create Faculty Folder and Files
         •Give Faculty full control in both,
          give students full control in the student folder, and read list in faculty
   •Lab 6*:
      •Study Dynamic Disks
            Microsoft How to:Dynamic Disks  http://support.microsoft.com/kb/323442
      •Remote Access

•Submit
   •Lab 5 ( dropbox)
   •MUD (My Understanding, Details) respond as directed to the following:
      What topics, if any, during this time frame do you feel very comfortable with? Why?
      What topics, if any, during this time frame do you not feel comfortable with?
   •Class Discussion/BFO (Blinding Flash of the Obvious): respond as directed to the following:
      Discuss file and folder permissions

for Labs that require files to be electronically submitted
• select all the files required, or better, select the folder that contains all the files
• zip the required file(s) and/or folder(s)
• rename the zipped file to reflect your name and the lab being turned in
       •Example: yourname-lab1 or yourname-lab1.zip (if your extensions are visible)
       (For additional help on selecting, zipping, or renaming files, see Windows Crash Course)

If submitting by Temple College Desire2Learn:
       •Log into D2L, scroll to the bottom, and choose the correct course
       •When the Course Home Page appears, click on the desired tool link.
        D2L navigation
       eLearning Tour; elearning Tour Tutorial on Discussions; eLearning Tour Tutorial on Dropbox; eLearning Tour Tutorial on Quizzes

•For the next time frame, read:
•Chapter 10

•Each test has a review; you may wish to write out pertinent information from the readings and activities

•After completing this overview, you may wish to start on the next Overview material, and preview Lab 6