1.Add a domain controller ubuntu+samba+bind+
2.on all machines in network keep only root local account, protect by password
3.on each machine, keep the home folder in separate disk/partition
4.keep a disk for public file sharing
5.keep a disk for nfs rootfs, single machine with chroot environment can drive N machines
6.So all machines have kernel with basic chroot + rootfs, single master server have matured chroot + optional rootfs
7.All machines in the domain uses account in master dc for login,users are created in
dc and supplied to respective machines
8.ring of kernel + nwdriver + nfs client driver machines AND ring of kernel + nfs server rootfs
9.dc uses dns name for each machine on nw
10.looks like local admin account should setup dns prefix and domain name
11.use rsync to backup client periodically
12.radius server for multipurpose can coexist with vpn server, using localhost as link b/w
13.domain controller preferably is on another machine,openradius for auth
No comments:
Post a Comment