Understanding User Accounts and Directory Services in Network Computing
Explore the role of user accounts and directory services in network-centric computing infrastructure. Learn about Directory Servers, User Administration in Unix, and the concept of Group Accounts in Unix. Discover how Directory Services provide centralized repositories for managing information, enabling secure access to enterprise and Internet services.
Uploaded on Sep 20, 2024 | 0 Views
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
Lecture 5: User Accounts & Directory Service Instructor: Dr. Najla Al-Nabhan 2014 1
Directory Service and Directory Server Directory Server provides a central repository for storing and managing information. Almost any kind of information can be stored, from identity profiles and access privileges to information about application and network resources, printers, network devices and manufactured parts. Information stored in Directory Server can be used for the authentication and authorization of users to enable secure access to enterprise and Internet services and applications.
Directory services Directory services are an essential part of today's network-centric computing infrastructure. A NOS directory is used to administer a NOS allowing intranet users to log in once for all network file and printing requirements. The user population for a NOS directory ranges from 20 to 20,000 users, The NOS directory provides a single point of integrated administration and management for the network and the most important characteristics of this directory role are the tight integration with the NOS and sophisticated management tools for clients and servers.
Directory Server Directory Server contains a basic directory information tree at installation time. This tree mirrors the tree model used by most file systems, with the tree's root, or first entry, appearing at the top of the hierarchy. The root of this tree is called the root suffix. At installation time the directory contains three subtrees under the root suffix:
User Administration in Unix There are three types of accounts on a Unix system: Root account:This is also called superuser and would have complete and unfettered control of the system. A superuser can run any commands without any restriction. This user should be assumed as a system administrator. System accounts: System accounts are those needed for the operation of system-specific components for example mail accounts and the sshd accounts. These accounts are usually needed for some specific function on your system, and any modifications to them could adversely affect the system. User accounts: User accounts provide interactive access to the system for users and groups of users. General users are typically assigned to these accounts and usually have limited access to critical system files and directories.
Unix Group Account Unix supports a concept of Group Account which logically groups a number of accounts. Every account would be a part of any group account. Unix groups plays important role in handling file permissions and process management.
Managing Users and Groups There are three main user administration files: /etc/passwd: Keeps user account and password information. This file holds the majority of information about accounts on the Unix system. /etc/shadow: Holds the encrypted password of the corresponding account. Not all the system support this file. /etc/group:This file contains the group information for each account. /etc/gshadow:This file contains secure group account information.
Managing Users and Groups Following are commands available on the majority of Unix systems to create and manage accounts and groups: