SUSE Linux Enterprise Desktop Administration Chapter 13 Integrate

SUSE Linux Enterprise Desktop Administration Chapter 13 Integrate SUSE Linux Enterprise Desktop 10 into Existing Environments

Objectives • Objective 1—Integrate SUSE Linux Enterprise Desktop 10 into an Open. LDAP Environment • Objective 2—Integrate SUSE Linux Enterprise Desktop 10 into an Active Directory Environment • Objective 3—Integrate SUSE Linux Enterprise Desktop 10 into a Novell e. Directory Environment • Objective 4—Understand the Novell Client for Linux • Objective 5—Install and Configure Novell i. Folder SUSE Linux Enterprise Desktop Administration 2

Objective 1—Integrate SUSE Linux Enterprise Desktop 10 into an Open. LDAP Environment • Open. LDAP • The most popular Open Source LDAP • Provides applications and tools to control and query the server and to develop LDAP-based software • Open. LDAP authentication is frequently combined with NFS (Network File System) for file access SUSE Linux Enterprise Desktop Administration 3

LDAP Basics • Directory – A specialized database that is optimized for reading, browsing, and searching – Contains descriptive, attribute-based information, and then supports sophisticated filtering • Directory services are tuned to give quick response to high-volume lookup or search operations – Directory services can be local or global • LDAP stores information in objects that can be associated to object classes SUSE Linux Enterprise Desktop Administration 4

LDAP Basics (continued) • Classes determine which attributes an object can or must have • By including schemas, you are able to access predefined object classes • Each object is a collection of attributes that has a globally unique distinguished name (DN) • Attributes are typically mnemonic strings – The syntax of values depends on the attribute type • In LDAP, objects are arranged in a hierarchical tree structure SUSE Linux Enterprise Desktop Administration 5

LDAP Basics (continued) • You can distinguish between two kinds of objects: – Container objects – Leaf objects • If you use LDAP for user management, the structure (DIT, Directory Information Tree) normally reflects one of the following: – Organizational structure (See Figure 13 -1) – Domain system (See Figure 13 -2) SUSE Linux Enterprise Desktop Administration 6

Figure 13 -1 LDAP organizational structure SUSE Linux Enterprise Desktop Administration 7

Figure 13 -2 LDAP domain system SUSE Linux Enterprise Desktop Administration 8

Ya. ST LDAP Client Module • Ya. ST makes integrating clients into an existing LDAP structure very easy – Start Ya. ST and select Network Services > LDAP Client – See Figure 13 -3 • When you select Finish, the configuration changes are written to several files on the system, including: – /etc/security/pam_unix 2. conf, /etc/ldap. conf, /etc/nsswitch. conf, and /etc/passwd SUSE Linux Enterprise Desktop Administration 9

Figure 13 -3 Ya. ST LDAP Client Configuration dialog SUSE Linux Enterprise Desktop Administration 10

Import File Systems Using NFS • Network file system basics – NFS is designed for sharing files and directories over a network • Requires configuration of an NFS server and NFS clients – Directories such as /home/, /opt/, and /usr/ are good candidates for export via NFS – Using NFS for home directories only makes sense with central user management – See Figure 13 -4 SUSE Linux Enterprise Desktop Administration 11

Figure 13 -4 Mounting the /home/ directory SUSE Linux Enterprise Desktop Administration 12

Import File Systems Using NFS (continued) • How NFS works – NFS is an RPC (Remote Procedure Call) service – An essential component of RPC services is the portmapper • Manages the services and needs to be started first – When an RPC service starts up, it binds to a port in the system – NFS supports file locking, which means that only one user at a time has write access to files SUSE Linux Enterprise Desktop Administration 13

Import File Systems Using NFS (continued) • Configure NFS client access with Ya. ST – NFS directories exported on a server can be mounted in the file system tree of a client – The easiest way to do this is to use the Ya. ST NFS Client module – To use Ya. ST to configure the NFS client, start the Ya. ST Control Center and then select Network Services >NFS Client – See Figure 13 -5 SUSE Linux Enterprise Desktop Administration 14

Figure 13 -5 Ya. ST NFS Client Configuration dialog SUSE Linux Enterprise Desktop Administration 15

Import File Systems Using NFS (continued) • Exercise 13 -1: Import Network File System (NFS) – In this exercise, create an /import/sled 10 directory and use it as a mount point to import the /export/sled 10 directory from da 1 using NFS – Create an /etc/fstab entry to mount the directory automatically at boot time – You can use the command-line interface or Ya. ST to do this SUSE Linux Enterprise Desktop Administration 16

Import File Systems Using NFS (continued) • Mount home directories automatically – The /usr/sbin/automount program • Mounts directories when needed and unmounts them after some time when not needed any longer – The primary configuration of automount is contained in /etc/auto. master – The /etc/auto. misc file shows what can be configured – To start autofs, enter (as root) in a terminal window the rcautofs start command – rcautofs status lists the configured and the active mount points SUSE Linux Enterprise Desktop Administration 17

Import File Systems Using NFS (continued) • Mount home directories automatically (continued) – The automounter creates the /misc directory when it is started – The automounter can be used for home directories as well SUSE Linux Enterprise Desktop Administration 18

Open. LDAP and Automounter • The automounter usually reads its information from the /etc/auto. master file – As well as the files referenced within that file • Using files on clients is cumbersome when changes affecting many clients need to be made – The files on all clients have to be modified • If the information is kept within the LDAP directory, the information must be updated in only one place • The automounter queries the LDAP directory for automount information SUSE Linux Enterprise Desktop Administration 19

Exercise 13 -2: Integrate a SLED 10 into an LDAP Environment • In this exercise, you integrate your SUSE Linux Enterprise Desktop 10 into an LDAP environment for authentication and activate the automounter SUSE Linux Enterprise Desktop Administration 20

Objective 2—Integrate SUSE Linux Enterprise Desktop 10 into an Active Directory Environment • Microsoft Active Directory (AD) – A directory service based on LDAP, Kerberos, and other services – Used by Microsoft Windows to manage resources, services, and people – Provides information on these objects, restricts access to them, and enforces policies • Shares provided by Windows file servers use the Server Message Block (SMB) protocol – Can be accessed with the help of Samba SUSE Linux Enterprise Desktop Administration 21

Use Active Directory to Authenticate Users • Benefits of using SLED in an Active Directory environment – Offline authentication – Windows password change – Single-sign-on through Kerberized applications • Background information for Linux AD support – The most common components needed are shown in Figure 13 -7 SUSE Linux Enterprise Desktop Administration 22

Figure 13 -7 The most common components for Linux AD support SUSE Linux Enterprise Desktop Administration 23

Use Active Directory to Authenticate Users (continued) • Background information for Linux AD support (continued) – Protocols shared by the client with the server: • LDAP • Kerberos – Client components process account and authentication data: • Winbind • NSS (Name Service Switch) • PAM (Pluggable Authentication Modules) SUSE Linux Enterprise Desktop Administration 24

Use Active Directory to Authenticate Users (continued) • Join an Active Directory domain – During domain join, the server and the client establish a secure relationship – The following tasks need to be performed: • The Windows domain controller providing both LDAP and KDC (Key Distribution Center) services is located • A machine account for the joining client is created in the directory service • An initial ticket granting ticket (TGT) is obtained for the client and stored in its local Kerberos credential cache • NSS and PAM configurations are adjusted to enable the client to authenticate against the domain controller SUSE Linux Enterprise Desktop Administration 25

Use Active Directory to Authenticate Users (continued) • Join an Active Directory Domain (continued) – Domain login and user homes • The login managers of GNOME and KDE have been extended to allow the handling of AD domain login • User authentication is mediated by a number of PAM modules • The Windows error codes are translated into appropriate user-readable error messages – Offline service and policy support • To enable users to log in to a disconnected machine, extensive caching was integrated into the winbind daemon SUSE Linux Enterprise Desktop Administration 26

Use Active Directory to Authenticate Users (continued) • Configure a Linux client for Active Directory – Before your client can join an AD domain, you must make some adjustments to your network setup • To ensure a flawless interaction of client and server – These adjustments affect: • • • DNS NTP DHCP Firewall AD account SUSE Linux Enterprise Desktop Administration 27

Use Active Directory to Authenticate Users (continued) • Log in to an AD domain – If your machine has been configured to authenticate against Active Directory and you have a valid Windows user identity: • You can log in to your machine using the AD credentials – Login is supported for both desktop environments (GNOME and KDE), the console, SSH, and any other PAM-aware application SUSE Linux Enterprise Desktop Administration 28

Use Active Directory to Authenticate Users (continued) • Change passwords – SLED 10 has the ability to help a user choose a suitable new password • Must meet the corporate security policy – The underlying PAM module retrieves the current password policy settings from the domain controller – GDM and KDM provide feedback about password expiration and prompt for new passwords – To change your Windows password, you can use the standard Linux utility, passwd • Instead of having to manipulate this data on the server SUSE Linux Enterprise Desktop Administration 29

Exercise 13 -3: Join an Active Directory Domain • In this exercise, set your DNS name resolution to point to the Windows 2003 Server and join an Active Directory Domain using your SUSE Linux Enterprise Desktop 10 computer SUSE Linux Enterprise Desktop Administration 30

Import File Systems Using Samba • Understand Samba – Server Message Block (SMB) protocol • A network protocol that provides file and print services in a Windows network – Samba enables Linux to use SMB so that Linux can be integrated in a Windows environment – SMB services are provided by the Net. BIOS protocol – Net. BIOS makes its own namespace available • Can be accessed with the Universal Naming Convention (UNC) notation SUSE Linux Enterprise Desktop Administration 31

Import File Systems Using Samba (continued) • Understand Samba (continued) – You can use Samba for the following purposes: • Browse shared files and folders with SMB • Share files and folders with SMB • Access and manipulate user data on the Windows Server • Use Nautilus to access and create Samba shares – Use Nautilus to access Samba shares • See Figure 13 -10 SUSE Linux Enterprise Desktop Administration 32

Figure 13 -10 Use Nautilus to access Samba shares SUSE Linux Enterprise Desktop Administration 33

Import File Systems Using Samba (continued) • Use Nautilus to access and create Samba shares (continued) – Use Nautilus to share directories using Samba • Samba needs to run on the computer and the Samba configuration has to permit users to share directories • To start Samba, enter rcnmb start; rcsmb start • Now a user can share directories that he or she owns – See Figures 13 -12 and 13 -14 SUSE Linux Enterprise Desktop Administration 34

Figure 13 -12 Sharing directories with the Nautilus file manager SUSE Linux Enterprise Desktop Administration 35

Import File Systems Using Samba (continued) Figure 13 -14 Dialog informs you if changes to the permissions of the directory are necessary SUSE Linux Enterprise Desktop Administration 36

Import File Systems Using Samba (continued) • Use Nautilus to access and create Samba shares (continued) – Use Samba command-line tools to access shares • Use nmblookup – You can resolve Net. BIOS names into IP addresses with the nmblookup tool • Use smbclient – You can access SMB shares on the network with the smbclient tool – Browse shares provided by an SMB server – Access files provided by an SMB server SUSE Linux Enterprise Desktop Administration 37

Import File Systems Using Samba (continued) • Use Nautilus to access and create Samba shares (continued) – Use Samba command-line tools to access shares (continued) • Mount SMB shares into the Linux file system – You can mount a share into the file system like a hard disk partition or a CD-ROM drive – The basic mount command: mount -t cifs //Fileserver/data /mnt SUSE Linux Enterprise Desktop Administration 38

Exercise 13 -4: Mount Geeko’s Share • In this exercise, you mount a Samba share on a Linux system • Mount the home directory on da 1 of Geeko to the /mnt directory on your computer SUSE Linux Enterprise Desktop Administration 39

Objective 3—Integrate SUSE Linux Enterprise Desktop 10 into a Novell e. Directory Environment • You can use Novell Linux User Management (LUM) to configure SLED 10 workstations on your network – Users can log in to them using their Novell e. Directory usernames and passwords • Using LUM and e. Directory to manage user login information – Eliminates the need to create local users in the /etc/passwd and /etc/shadow files • The user account information stored in e. Directory lets users access file and printer resources SUSE Linux Enterprise Desktop Administration 40

Set Up e. Directory Authentication • Activate Linux User Management on workstations – Before users can use their e. Directory usernames and passwords to log in • You must configure the SUSE Linux Enterprise Desktop workstation with Linux User Management components – See Figure 13 -16 • Use Novell i. Manager to enable users for e. Directory Authentication – Use e. Directory and Novell i. Manager to specify which users can access SUSE Linux Enterprise Desktop computers on the network SUSE Linux Enterprise Desktop Administration 41

Figure 13 -16 The User Authentication Method page SUSE Linux Enterprise Desktop Administration 42

Set Up e. Directory Authentication (continued) • Use Novell i. Manager to enable users for e. Directory authentication (continued) – Novell i. Manager • The browser-based utility for managing e. Directory objects • Runs in a network browser such as Mozilla Firefox, Netscape Navigator, or Internet Explorer – When you create user or group accounts in Novell i. Manager • You are prompted to ‘‘LUM enable’’ the User object or Group object SUSE Linux Enterprise Desktop Administration 43

Turn Off e. Directory Authentication • You can permanently turn off the ability to accept logins from e. Directory – By removing the LUM software from the workstation • You can temporarily disable e. Directory authentication by stopping the namcd daemon • To stop namcd, open a shell window and enter rcnamed stop • To turn on e. Directory authentication and LUM, open a shell window and enter rcnamed start SUSE Linux Enterprise Desktop Administration 44

Objective 4—Understand the Novell Client for Linux • This section contains the following information: – Understanding the Novell Client for Linux Virtual File System – Configuring the Novell Client for Linux – Using Configuration Files to Preconfigure the Novell Client SUSE Linux Enterprise Desktop Administration 45

Understanding the Novell Client for Linux Virtual File System • The Novell Client for Linux has a Virtual File System – Consists of a kernel module (novfs. ko) that runs as part of the Linux kernel and a daemon (novfsd) that runs in the user space • Both components must be running on the workstation for the client to connect to the network SUSE Linux Enterprise Desktop Administration 46

Using the Novell Client Tray Application • Starting and stopping the Novell Client Tray application – Select to see the menu Figure 13 -17 Novell Client Tray menu SUSE Linux Enterprise Desktop Administration 47

Using the Novell Client Tray Application (continued) • Logging in to the network – When you log in to the network, you gain access to directories and files • As well as other services provided by network servers – See Figure 13 -18 • Running Novell login scripts during login – When you successfully log in to the network, one or more login scripts are executed – Login scripts can be used to automatically map drives and search drives to directories, display messages, set environment variables, and execute programs SUSE Linux Enterprise Desktop Administration 48

Figure 13 -18 Novell Client for Linux login dialog SUSE Linux Enterprise Desktop Administration 49

Using the Novell Client Tray Application (continued) • Logging out of a network location (server or tree) – You can log out of a network location in either of the following ways: • To log out of all existing connections, select >Novell Logout >Logout • If you are logged in to multiple trees and want to log out of a specific server or tree, select > Novell Connections, select the tree or server that you want to log out of, and then select Detach • Viewing your network connections – Novell Connections allows you to see what servers and trees you are logged in to SUSE Linux Enterprise Desktop Administration 50

Figure 13 -19 Novell Connections SUSE Linux Enterprise Desktop Administration 51

Using the Novell Client Tray Application (continued) • Changing your network password – – – Select > Change Password In the Old Password field, type your current password In the New Password field, type your new password In the Confirm field, type the new password again Select OK • Mapping network directories – When you map a directory, you create a symbolic link or shortcut to a path on the network and assign it a name and location on your workstation – You can use the symbolic link to access the resource SUSE Linux Enterprise Desktop Administration 52

Figure 13 -20 Novell Map directory SUSE Linux Enterprise Desktop Administration 53

Using the Novell Client Tray Application (continued) • Disconnecting a mapped directory – Select > Disconnect Novell Mapped Directory – Select the mapped directory that you want to disconnect from; then select Disconnect • Editing your login script – Edit or create the personal login script that runs when you log in – Check with your network administrator before creating or changing a login script SUSE Linux Enterprise Desktop Administration 54

Figure 13 -21 Edit a login script SUSE Linux Enterprise Desktop Administration 55

Configuring the Novell Client for Linux • Using the Novell Client Configuration Wizard – See Figure 13 -22 • Configuring login settings – Use the Login Settings page in the Novell Client Configuration Wizard – See Figure 13 -23 • Configuring map settings – Use the Map Settings page in the Novell Client Configuration Wizard – See Figure 13 -24 SUSE Linux Enterprise Desktop Administration 56

Figure 13 -22 Novell Client Configuration Wizard SUSE Linux Enterprise Desktop Administration 57

Figure 13 -23 Configuring Login Settings SUSE Linux Enterprise Desktop Administration 58

Figure 13 -24 Configuring Map Settings SUSE Linux Enterprise Desktop Administration 59

Configuring the Novell Client for Linux (continued) • Configuring protocol settings – Use the Protocol Settings page – See Figure 13 -25 • Configuring tray application settings – Use the Tray Application Settings page – See Figure 13 -26 • Configuring file browser settings – Use the File Browser Settings page – See Figure 13 -27 SUSE Linux Enterprise Desktop Administration 60

Figure 13 -25 Configuring Protocol Settings SUSE Linux Enterprise Desktop Administration 61

Figure 13 -26 Configuring Tray Application Settings SUSE Linux Enterprise Desktop Administration 62

Figure 13 -27 Configuring File Browser Settings SUSE Linux Enterprise Desktop Administration 63

Configuring the Novell Client for Linux (continued) • Configuring Open. SLP settings – Use the Service Location Protocol (Open. SLP) Settings page – See Figure 13 -28 SUSE Linux Enterprise Desktop Administration 64

Figure 13 -28 Configuring Open. SLP Settings SUSE Linux Enterprise Desktop Administration 65

Using Configuration Files to Preconfigure the Novell Client • The Novell Client for Linux allows you to apply preconfigured client settings – Contained in one or more configuration (. conf) files • Preconfiguring the Novell Client for Linux requires the novell-client-conf. spec file and the make_novellclient-conf_rpm Bash script – Located in the /add-on/novell-client-conf subdirectory SUSE Linux Enterprise Desktop Administration 66

Using Configuration Files to Preconfigure the Novell Client (continued) Table 13 -1 Configuration files SUSE Linux Enterprise Desktop Administration 67

Exercise 13 -5: Install and Configure the Novell Client for Linux • In this exercise, you install and configure the Novell Client for Linux SUSE Linux Enterprise Desktop Administration 68

Objective 5—Install and Configure Novell i. Folder • In this objective, you learn how to install, configure, and use Novell i. Folder 3. x on SUSE Linux Enterprise Desktop 10 SUSE Linux Enterprise Desktop Administration 69

Overview of Novell i. Folder • Novell i. Folder – A file-sharing application for Linux and Windows clients • You can share files in multiple Novell i. Folders, each with a different group of users • Benefits of Novell i. Folder – – Integrates with your native desktop environment Highly scalable and flexible Supports data encryption Offers enhanced Web access console SUSE Linux Enterprise Desktop Administration 70

Overview of Novell i. Folder (continued) • Benefits of Novell i. Folder (continued) – Allows you to easily and selectively share personal and business files – Allows you to control the access level of member users – Transparently updates your files to member Novell i. Folders on multiple workstations – Offers offline logging and synchronization – Provides secure authentication of members – Offers an alternative to exchanging files via e-mail SUSE Linux Enterprise Desktop Administration 71

Overview of Novell i. Folder (continued) • Key features of Novell i. Folder – – – – The Novell i. Folder client Novell i. Folder account Improved shared Novell i. Folders Novell i. Folder access rights File synchronization and data management Encryption Enhanced Web access Synchronization log SUSE Linux Enterprise Desktop Administration 72

Installing the Novell i. Folder Client • You can install the Novell i. Folder client on your SUSE Linux Enterprise Desktop 10 computer – By using command-line instructions – Example: rpm -ivh *. rpm SUSE Linux Enterprise Desktop Administration 73

Starting the Novell i. Folder Client • When Novell i. Folder is running, the Novell i. Folder Services icon appears in the Notification area of the taskbar • Novell i. Folder is integrated in the desktop environment – The Novell i. Folder emblem (green ‘‘i’’) appears on Novell i. Folders when they are viewed in a file manager, on the desktop, or in the Novell i. Folder browser – The encrypted Novell i. Folder is indicated by the locked folder emblem on the Novell i. Folder SUSE Linux Enterprise Desktop Administration 74

Starting the Novell i. Folder Client (continued) • Start Novell i. Folder automatically on login – See Figure 13 -32 • Start Novell i. Folder on demand – Log in to your computer with the local Linux user identity you want to use – Use one of the following to start Novell i. Folder: • In the taskbar, open the Applications menu, select More Applications, right-click Novell i. Folder 3, and then select Start i. Folder 3 • Open a terminal shell; then enter /opt/novell/ifolder 3/bin/ifolder SUSE Linux Enterprise Desktop Administration 75

Exiting the Novell i. Folder Client • To exit the Novell i. Folder client, right-click the Novell i. Folder Services icon in the Notification area – Then select Quit • Files are synchronized with your Novell i. Folder server account – Only when you are connected to the Novell i. Folder server • You can stop synchronization by logging out of an account SUSE Linux Enterprise Desktop Administration 76

Configuring a Novell i. Folder Account • Use the Novell i. Folder Account Assistant to add and configure a new account • You can create only one account for any given Novell i. Folder host service – But you may have multiple accounts • Multiple users with different local login identities can have Novell i. Folders on the same computer SUSE Linux Enterprise Desktop Administration 77

Configuring a Novell i. Folder Account (continued) Figure 13 -34 Configuring a Novell i. Folder account SUSE Linux Enterprise Desktop Administration 78

Table 13 -2 Values used to configure a Novell i. Folder account SUSE Linux Enterprise Desktop Administration 79

Logging in to a Novell i. Folder Account • You can work locally with files in the Novell i. Folder directories at any time • You must be logged in to a Novell i. Folder account to synchronize it • You can log in separately and be logged in concurrently to multiple accounts • Use one of the following login methods for each account: – Log in automatically – Log in as needed SUSE Linux Enterprise Desktop Administration 80

Logging out of a Novell i. Folder Account • Right-click the Novell i. Folder Services icon in the Notification area – Then open the Novell i. Folder Preferences dialog from the Accounts tab by selecting Account Settings • Locate the account you want to manage – Then disconnect from the Novell i. Folder server by deselecting the Online check box • Close the Novell i. Folders Preferences dialog box by selecting Close SUSE Linux Enterprise Desktop Administration 81

Viewing and Modifying Novell i. Folder Account Settings • Right-click the Novell i. Folder Services icon in the Notification area – Then open Novell i. Folder Preferences from the Accounts tab by selecting Account Settings • In the Accounts report, you can manage the parameters in Table 13 -3 for each account SUSE Linux Enterprise Desktop Administration 82

Table 13 -3 Parameters for each Novell i. Folder account SUSE Linux Enterprise Desktop Administration 83

Deleting a Novell i. Folder Account • If you remove a Novell i. Folder account only from your computer: – The local Novell i. Folders for this account are reverted to normal folders – You can continue to access the Novell i. Folders from other computers with the Novell i. Folder client – When the Novell i. Folder client is used with a Novell i. Folder 3. x enterprise server, you can also access files from anywhere with Novell i. Folder 3. x Web access SUSE Linux Enterprise Desktop Administration 84

Deleting a Novell i. Folder Account (continued) • If you remove your Novell i. Folder account from the server: – All of the Novell i. Folders you own are unshared – The local copies of Novell i. Folders on member computers are reverted to normal folders – The Novell i. Folder and its contents are removed from the server – You are removed as a member of Novell i. Folders that others shared with you – The account is removed from the local computer SUSE Linux Enterprise Desktop Administration 85

Deleting a Novell i. Folder Account (continued) • To delete a Novell i. Folder account: – Right-click the Novell i. Folder Services icon ( ) in the Notification area • Then open Novell i. Folder Preferences from the Accounts tab by selecting Account Settings – Select the Novell i. Folder account you want to delete; then select Delete – A message prompts you to determine the extent of the delete action SUSE Linux Enterprise Desktop Administration 86

Configuring Novell i. Folder Preferences for the Client • Right-click the Novell i. Folder Services icon in the Notification area – Then open Novell i. Folder Preferences from the General tab by selecting Preferences • Specify your preferences • When you are done, close the Novell i. Folder Preferences dialog box SUSE Linux Enterprise Desktop Administration 87

Exercise 13 -6: Set Up and Use the Novell i. Folder Client on the SLED 10 Workstation • In this exercise, you set up and use the Novell i. Folder client on your DAxx SUSE Linux Enterprise Desktop 10 workstation SUSE Linux Enterprise Desktop Administration 88

Summary • The cross-platform LDAP directory service allows network users to query information for a wide range of uses • LDAP resources are organized into a hierarchical tree structure • Ya. ST can be used to configure a client connection to an LDAP service • An NFS server shares directories to NFS clients using RPCs and the portmapper service • You can configure your computer to connect to remote NFS shared directories using Ya. ST SUSE Linux Enterprise Desktop Administration 89

Summary (continued) • The Automounter service can be used to automatically mount home directories • Windows networks typically use the Active Directory service to provide centralized authentication and resource access using LDAP and Kerberos • You can configure your SUSE Linux system to use Active Directory using Ya. ST • You can share file and printer resources with Windows computers using Samba • Most shared resources on Windows computers are accessed by Net. BIOS name using UNCs SUSE Linux Enterprise Desktop Administration 90

Summary (continued) • Nautilus can be used to create Samba shares as well as access Windows shares on the network • Novell networks typically use the e. Directory service to provide centralized authentication and resource access using LDAP • To access all e. Directory services, you must configure the Novell Client for Linux • You can access the Novell Client for Linux by clicking on the Novell Client tray application • Novell i. Folder can be used to share files on Linux and Windows systems SUSE Linux Enterprise Desktop Administration 91