|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Saturday, 18 March 2000||Author: Scott Nipp|
|Published to: featured_articles/Featured Articles||Page: 1/1 - [Std View]|
User Administration on Linux
Changing passwords, creating accounts, removing accounts, and helping users figure out why they can't access what they need or want through their account is what User Administration is about. Almost all companies, save for the absolute smallest, have multiple users who need to have access to the company's computer resources.
The Network Information Service (NIS) is implemented under most Unix variants, Linux included. NIS helps to make user administration much easier by propagating user account information to all systems across the network. This means that with Linux you need create only one account per user, and the user can then use this account to logon to virtually any Linux computer on your network. The ability to logon to a computer is still configured locally on each system, and it is therefore quite easy to prevent users from logging on to restricted systems. This single account also means that the user only has a single password to remember, and the administrator only has to worry about one account for each user. NIS makes it practical to administer a large network of computers because without NIS an administrator would have to manually propagate account information across the entire network.
User accounts under Linux are identical to those of the big commercial Unix variants. A user has a user ID, group ID, home directory, and so on. This similarity means that users and administrators alike who are already familiar with some version of Unix will have a very easy learning curve when it comes to working with Unix user accounts. The group and user IDs help to make system and file security under Linux much easier to implement. The user ID not only grants primary control of that user's files, but also is the key component in granting login access to a system. Group IDs provide an extremely convenient way of securely sharing files or applications between a large number of users. User accounts provide users access to the systems that they need in order to function, and through the user and group Ids, user accounts provide administrators a method of establishing security and tracking of both problems and security issues in some cases.
The Network File System (NFS), like NIS, is implemented under Linux and virtually all other Unix variants. NFS also provides a great service with regard to user administration, and this is namely the ability to share a user's home directory across the network. NFS allows for an administrator to setup a user's account such that regardless of which specific system the user logs into, his home directory is always in exactly the same place. This consistency is provided in a completely transparent fashion to the end user, and can also be used to mount other shared file systems in the same transparent manner. The end user is then able to login to any system without concern for where his files are, or not being able to get to the project his group is working on or the application he needs which may not be installed on every system. NFS helps to provide users a consistent file system across multiple machines, which can greatly reduce potential support calls concerning file location or drive mapping.
These are just some of the ways that Linux can make user administration in a large environment much easier. This is not to mention the various tools used for actual account creation. This does also not discuss the ability to configure scripts and cron jobs such that the administrator can essentially make it possible for a manager to create accounts for new employees with a simple e-mail. The power and flexibility for which Linux has become so popular is present in even the most basic of its concepts, user administration. User administration is just one more shining example of how administering Linux in a large environment can be just as easy as any other operating system, and in many cases even easier.
Scott Nipp is a Technical Solutions Consultant at Sprint Enterprise Network Services.
The views, information and opinions provided in this article are expressed and held solely by the author. Neither Sprint Enterprise Network Services nor Sprint Corporation or any of its affiliates assume any responsibility for any opinion or statement of fact presented in this article.