Linux in a Windows Workstation Environment, Part II: Local Network Support

The computer club's Web site is used to publish scheduling information for classes, meetings and presentations. The navigation bar of this site also contains links to some popular sites, including the Web mail sites for AOL, Juno, Hotmail and Yahoo, as well as the search sites for Google and Hotbot. Because this site is used as the home page for all computers in the lab, it is accessed many, many times per day. To reduce bandwidth on the external line, a Web server has been configured to serve a local copy of this site. The effort has been minimal, as we do not use any CGI scripting nor do we need any logging.

By storing the Web content locally, our Web master can edit changing content without connecting to the external site. Each evening cron, the Linux version of the task scheduler, starts a script that produces a list of the Web site files that have been altered within the past 24 hours. It then transfers them to the external site using using the wput command, an indirect way to use FTP. To insure controlled write access to the Web material, it is stored in a password-protected Samba share, to be discussed later.

I use the Apache Web server as the server for our intranet. Although the latest version, 2.0, implements a number of new security features, my initial attempts to use the newest software failed. We use only simple Web pages and have no security issues, as the server is accessed only from the internal network. Therefore, I am using the older V1.3 release. The control file, httpd.conf, can include a large number of parameters; however, only a small number needed to be tailored for my system. The first of these is the server type. Under Linux, the daemon can be triggered by the Internet super daemon, inetd, or it can be started as a standalone program. I chose the latter option.

ServerType standalone

The next parameter to be configured is the root directory for the configuration, error and log files.

ServerRoot "/usr/local/apache"

We also specify the IP address and port. If this parameter was not specified, the program would listen on all interfaces. However, I explicitly wish to exclude the external interface but use the standard port.

Listen 10.10.10.1:80

We also need to specify the directory in which our Web pages are stored, as well as a Directory stanza to allow everyone to access that material.

DocumentRoot "/home/web"
<Directory "/home/web">
Order allow,deny
    Allow from all
</Directory>

The combination of local home page serving and the cache-only name server greatly decrease the workstation response time and cut the traffic on the external network. The benefits of each greatly outweigh the minimal effort required to set them up.

To supply file and print services for the Windows workstations, we use Samba. To quote samba.org, "Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients. Samba is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients." Using this package, our Linux computer offers printer shares for both printers and three distinct file shares.

The Samba configuration file, which normally is /etc/samba/smb.conf, contains definitions for global parameters in a section named [global]. In this section, I have annotated the parameters defined on our system:

[global]
   max smbd processes = 40        # one server process for each workstation
   workgroup = MRLAB              # name reported to network browser
   netbios name = server          # NetBIOS name reported by server
   security = share               # needed for guest services to work
   hosts allow = 10.10.10.0/24    # limit to our network
   guest account = nobody         # the guest has the privileges of this user
   log file = /usr/local/samba/var/log
   smb passwd file = /usr/local/samba/lib/smbpasswd
   max log size = 500             # size in kB
   preferred master = yes         # this machine is master for net
   domain master = yes            # we have no other domain servers
   deadtime = 5                   # no. of minutes till connection expires
   server string = Samba          # name in printer comment box on Windows
   interfaces = 10.10.10.1/24     # serve only our internal network
   wins support = No              # no Wins name resolution
   show add printer wizard = yes  # Wizard is shown on NT/XP/2K clients
   max print jobs = 20            # number of simultaneous print jobs
   printer admin = root           # only the superuser can manipulate printers
   null passwords = yes           # we want to have no password for some users
   load printers = no             # do not create shares automatically
   printing = bsd                 # BSD-type printing