CompTIA Linux+ XK0-005 – Unit 11 – Interoperability

1. Interoperability

All right, so in this unit we’re going to talk about interoperability. What does that mean? It’s a nice way of saying that we want Linux and Windows or somebody else to play well together. So we’re going to look at a tool that was designed, called Samba to be able to do just that and how we can configure it and manage it so that Linux and Windows can talk to each other. We’re then going to get into some other methods of being able to make connections to not necessarily play as well together, but to be able to remotely control PCs by using the remote desktop and VNC as methods of gaining access, bringing that desktop to your Linux and being able to work with other operating systems. 

2. Topic A: Network Interoperability

All right, so in our first section, we’re going to talk about what can we do to get some network interoperability. Now, we already know that according to the networking protocols, we can communicate through TCP. We can exchange files and information. So some people say, well, then that’s good enough. Isn’t that all we need? Well, okay, let’s take it a little beyond that. I mean, yeah, if my Windows system was running an FTP server and you connect through FTP, you could download stuff, you might be able to upload stuff.

But I want to go beyond that. I actually want to look at my Windows network neighborhood, and I want to see your Linux machine right now. Without something like Samba, I can’t I want to be able to connect to your shared folders without needing to necessarily have NFS running and vice versa. And so that’s what we’re kind of talking about as a way around the initial differences of communications and protocols that exist between Linux, Windows, and maybe some other systems.

3. Samba

So here comes Samba. Now, this was designed to be a Windows compatible networking program a third party, if you would, to allow file imprint services to exist between Linux machines and Windows machines. In fact, it was supposed to do so well that I could use it to connect to a Windows share and then replace that Windows machine with a Linux machine. But everybody connecting through Samba wouldn’t never have known the difference. So that’s what it’s designed to be is to kind of make invisible what’s happening in the background. So it’s a way of getting file and print services. It supported naming conventions like Net, BIOS names for browsing, domain support, Kerberos authentication and all of those things that we have in Windows.

Now, as a package, samba comes with a core package called Samba that you would install. And in there you would have the Samba commons, the common files that are used by the server and client packages. You had management tools that would be called the Samba tools. The SMB client, which is a client tool, by the way, SMB was that client that you would need to talk to a Windows machine. We call that the server message block. And you have SWAT, which is the Samba Web Administration tool to make actually setting it up quite easy rather than going through config files or through command lines.

4. Demo – Installing Samba

All right, we are going to install Samba. And to do that, I’m going to open up the packet manager snappedic package manager, and we’re going to install all of the different versions or options that we see for Samba. Let’s see if I can find it just by scrolling. I haven’t had a lot of success in scrolling because there’s just so many packages that I probably shouldn’t be wasting your time watching you have having you watch me do this, but I could have just done a quick little search. Well, here we are. So I’m going to install the Samba, the Samba Common, the documents for it as well. All right. We also want to install some of the clients that’s the SMB clients.

So, again, I’m just kind of taking the slow road here. It’s scrolling down just because I keep thinking that soon I’m going to run out of there we go of options for what I’m putting in there. And I don’t remember if I saw the samba tool. So I’m just going to type in the search after all and make sure that we have, oh, I need SWAT as well, the Web Administration tool, because we certainly want to play with that. And let’s go ahead and take the Samba accounts scripts as well to manage those stored on LDAP. Even though we’re not using LDAP, I’m just going to grab most of the tools that we have and go from there and I’m going to apply that and click apply.

And it might take a few more seconds as we download up to 19 files to put this in. But once we have this set up, then of course, the next thing we’re going to have to do is restart our Internet services. Damon and that’s especially true because we’re going to be using SWAT, the Web Administration tool. That is the name of the workgroup that we’re using here. So I’m going to stick with that. And we’re not going to use Winds. No Windows Internet Name services. So I’ll leave that there and I’m going to leave this. Open up the details again, because a lot of times some of you like to see the status of the data as it’s being installed.

So we’re going to let this install and hopefully we’ll get a little close here pretty soon that allows me to move on and then do the restart again of the Internet services. Damon all right, let me close this down and close down the package manager. We’ll reopen up our command line and from here we’re going use the init daemon here, the open BSD in it D and restart. I love that tab key. I’m telling you, it makes life so much easier for us. And just like that, we’re done. We have Samba installed and Interoperability is ready to begin.

5. Samba Configuration

So when it comes to the configuration, as I said you could go, as we’ve been with doing with all Linux right to the command line, open up a config file and be able to make changes. Now. The file is called SMB config or CNF. Where it’s located kind of depends on the distribution that you’re using. So I don’t have an absolute path to tell you this is where you go. But that’s okay. We know about Find, we know about Grep. You can locate this file easy enough. The other tool, of course, I said was the Samba Web Administration Tool SWAT which allows you to connect through a browser, through the local host entry if you want to, to configure this, or of course, any GUI tool that comes with a part of the installation of this package of Samba. 

6. The smb.conf File

Now, if we were to take a look at the configuration file, what you would see listed is a bunch of local variables and global variables that talk about how this Samba should be set up and working. For instance, globally you might include a workgroup information. So now let’s think about Windows for just a second. Windows has a browsing service. They always have. That is case where everybody in my local area network kind of periodically broadcast information about who they are to a central browser. Now that central browser is a service that somebody is elected. It used to be stuff that we always talked about in Windows. A lot of times we’re actually turning off some of that functionality because of security.

But anyway, we would advertise what workgroup or what domain we were in, what our host name was. So that when you went to your network neighborhood on your Windows machine, it would show you a list of everybody in your local area network. It would only be people on your land, not people on the other side of your gateway. That was part of the browsing service. Part of that information was the workgroup or domain that you belong to. Also we needed to know whether or not we supported Wins because in the older versions of Windows, which is by the way, this was developed in the days of the Windows 31 days Land Manager before it became Windows Nt OS two by IBM.

So this was originally developed in some old days of computing networking that we had. So we still supported Net BIOS naming conventions and I talked about that when we talked about DNS. But you could also globally say yes or no, whether I support it. Now, there are many other global variables. If you don’t list them specifically, then they’re going to take on the default configurations that I would encourage you to look at the man pages and say what are the defaults? So that you can make some decisions about whether you like them or not. And then of course, we can have some local information about some of the things we’re sharing.

So we define a section that says here’s the path of what I’m sharing, in this case a folder called Tim in the home directory, whether I want it to be available browsable publicly known, meaning I’m going to advertise it in the browsing service and whether I want it to be writable. All of that information we put in there so we can say here is my configuration for this particular thing I’m sharing through Samba. So again, that was one way we can configure information was through our command line opening up the text file, the config file and making those changes.

7. SWAT

Now, you could also open up a web browser and navigate to http localhost. Remember, that meant yourself port 901. So you type in localhost colon 901 and that would take you to the web administration tool for Samba. Now, once you’re there, you can then navigate through what I think is a particularly easy intuitive page to be able to set things up. Fact, you even have a button, a toolbar that’s labeled wizards. What’s nice about a wizard? You don’t have to know anything technical. You just have to answer a couple of questions. Work group names, shares, all that kind of stuff. You can view the status of your shares, you can view information about your printers, all of those things, all through this web page to generally put in the same information that I just talked about putting into the config file.

8. GUI Tools

Now, we also have GUI tools, graphical user interfaces available on your desktop environment for Configuring Samba. So some of you might say, okay, so why am I going to do this GUI tool? If I got the web administration tool, which should I use? Well, a couple of ways of responding. Number one, whatever you’re comfortable with. But if you are configuring Samba on the server that you’re able to touch and log into, you can use the GUI or the web. But if the server is actually somewhere else remote from you, your GUI tool is not your choice. You’re going to use the web administration, putting in the URL or host name that is hosting the server and making that connection. So that’s probably your biggest differentiating choice about when to use the GUI or when to use the web. Obviously, the web is also what you’re going to use over configuration files if the server is remote from you.

9. Browsing for Linux Resources

Now that you have that ability to be able to make Samba run, the cool thing is you can go to your Windows machine, hit your network places, and you can actually browse and find those Linux resources that would have otherwise been invisible. Now, I said invisible. That means it doesn’t automatically show up in the Windows or Microsoft browsing service. It doesn’t mean that you could not have made the connection to some Linux server. As long as you knew the URL you were capable of using NFS for communications. You could have also made that connection. What we’re talking about is actually seeing something in your work group show up on your list. And that’s kind of cool because that suddenly opens up a whole new world for the Windows clients to be able to make communications, make connections, and utilize resources in a Linux world without having to memorize stuff.

10. Demo – Configuring Samba Shares

Alright, we are going to talk a little bit more about our Samba and including creating some of the shares. And we’re going to use the command SMBD. Now again, you have to be root and I’m already in as root here on the system. And that of course is going to help me in trying to locate these. But I’m going to use the Grep command to make sure that I’m actually finding the SMB configuration file. That’s kind of what I want to see. So the goal here is that this command is going to find the locations of the configuration files and there they are under probably what I would have said was a normal path, which is the Etsy directory or the etc, but just not the et cetera. Okay, so let’s take a look at that command. We’ll use the Less and we’ll use the Etsy, Samba and SMB config file.

And this is as it says here in the main configuration file. And if I start paging down, you’ll see a browsing identification changing it to an Nt domain or a workgroup. Right now we have it as a workgroup and you can kind of see if we wanted to, we’d have some Wind servers information, but we’re not using it, we’re not doing any DNS proxy. All right. And we’re certainly not using any LM hosts, which is an old school. And again, remember this utility was written way back when everybody was younger and brand new to this whole thing. So just a couple of things showing you some locations, login drives, login paths, and it was just designed to kind of give you an idea how it is the base configured and that you might want to go in there and do some changes.

Or perhaps you might like using the web administration tool. We’ll figure that part out here in a second. Now we’re going to take a look to see if I have an LM host file. The LM host was the Land manager host file and that meant Net BIOS was the naming convention for the computers and it used a communication protocol called Net buoy. And now we’re talking 80s early ninety s. And so those protocols are pretty much dead and all looks good. We’ve got Samba installed, we have a configuration, we have not changed the defaults. So we’re going to try to do web connectivity to it. So I’m going to open up Ice Weasel and we’re going to connect to our local host. And on the local host we’re going to connect to port 90 one this time nine one.

And here it’s asking me for the username and passwords. And so I’ll try root and I’ll use my super secret root password and there’s Samba. So now that I’m here and I’ve made this connectivity and fortunately, the screen is wide enough for us to see things and we can kind of scroll down client tools, diagnostics, utilities, books to read, all sorts of fun stuff. But we’re going to kind of stick with this little toolbar and we’re just going to go ahead and click on shares. And the current view information is basic. We can switch our view to Advanced. But really all I’m going to do is just click on Create Share. And now that I’ve clicked on Create Share, actually, I probably actually need to put in a path for the Share that I want to create.

So we can just put in the Home Trainer Oops as our path that I’ll click on Create. And so just like that, you can see that we can create shares. And then of course, here they have some other options. Invalid Users, Valid Users, read List, read Only, which, by the way, you can see is the default as it’s set up. And as we go through, we say, okay, well, that looks all pretty good. We see the choose the share here. The home trainer is the one I have. And then if I would like it, I’m going to click on Commit Changes. And once I’ve done that, then I should have that share created and that it’s ready to go. And again, remember, there are some options down here that I can play around with.

Now I’m going to click view. Now this view is designed to kind of show you how we’ve changed the file, the configuration file. So we have an idea that we’ve created this new location or this new Share. And of course, if I wanted to, we click Full View so we can get a better idea of seeing all of the settings, including those ones that we just kind of completely ignored on that page as we’re putting this information in. So there’s quite a bit of information you can gather from the Web GUI that will help you. And of course, making shares, I think is a lot easier than going through and doing a little bit of VI to that actual configuration file. So there’s a quick tour of working with Samba and creating a share and utilizing the SWAT, the Samba Web Administration Tool.

11. Topic B: Remote Desktop Access

Now, another way we can achieve interoperability, I think is kind of a cheating way of saying this, but it’s the remote desktop. Now, the reason I say it’s cheating is because we actually aren’t connecting to a server per se a file share. We’re just taking over some Windows machine. So we’re going to talk about how we can do that, which is fine. It gives me access. It’s basically a way of having a Windows desktop on your Linux machine.

12. rdesktop

So one of the ways you do that is through a utility called Our Desktop that is basically the Remote Desktop client that runs on Linux and it supports the Remote Desktop Protocol that is running on Windows. It basically supports the RDP connection to Windows through Terminal services for almost all versions of Windows Server and even for Windows XP Professional, but not the home version. It is installed on your system by default and it is as easy to run as it is to run RDP on Windows. It’s going to be asking for basics the address or name of the host, your login information and you’re basically good to go. Now, you can launch it through the command line or you can launch it through a Gui just like everything else that we’ve seen with Linux.

13. rdesktop Command

Now, if you’re going to run it through the command line, the command is pretty straightforward. Our desktop add whatever options you want the name of the server or address of the server colon and the port on that server that you’re using to make the connection. Now, your options could be something like your color depth because that, by the way, is important. Do you want to run full 32 bit color over a very slow connection or can you do with a little less color depth to get a better back and forth? Because we don’t like having a lot of what I call lag time between when you want something done on the desktop and it actually responds. Do you want it to launch into full screen mode? That’s the dash F. What resolution do you want? And then, of course, if that Windows machine requires you log in, you can supply the U username and the P password for making that connection.

14. GUI Clients

If you’re using the GUI client, I think it’s even easier because there you open up this little box. You provided everything that you would have done by the command line, the name of the computer, the protocol, RDP. In this case, usernames passwords, maybe domain information. You can go to the options and the displays and all of those things that we just talked about and configure. Color resolution, full screen or not, the resolution of the size of the window on your desktop. All those things that we had before.

15. VNC

Now there is another option called VNC that you can use to provide remote connectivity. Now VNC called Virtual Network Computing is a program that runs on Windows and or on Linux or both if you want to. It is independent of the actual RDP services that Windows has meaning that it is designed to be independent. That means it’s not installed by default on Windows, and it’s usually though installed on your Linux systems, by default it provides a client and a server, which is cool, because what it means is you can load the server on the machine you want to connect to load the client on yours, and you can connect. It’s multiplatform capable. The versions you would use on Windows might be things like the real VNC or type VNC and you can download those for free. Most often this is just stuff that you can get for free called Shareware freeware or anything else. You download it, you install it on the machine and then you can install the client and make your connection.

16. Debian’s VNC Server

Now, Debian has got its own builtin VNC server. It can also be a client. As I said, with most of our Linux distributions, it’s there. You can go to the GUI and basically turn it on. Do you want to be a server? Do you want to allow people to connect to you? If you do, do you want to make them log in or prove who they are? Or are you going to connect as a client? It’s just a straightforward set of configurations of whether or not you want VC running. Do you want remote desktop connectivity to your machine?

17. TightVNC on Windows XP

On windows. It’s very similar. If you install type VNC or Real VNC on that machine, you open up that GUI and you make the decisions. If you’re going to be a server, if you’re going to allow remote connections and deal with issues about password, connectivity, authentication and everything else just as we talked about with Remote Desktop, you might see a few different options depending on the current version of VNC that you you have. But to be the server just means that you are going to allow the remote connection into your system from somewhere else.

18. A Linux Desktop on Windows

Now when you do this of course you can open up basically a Linux desktop on your Windows machine which is the opposite of what we’re talking about with RDP. That means very simply that if you run VNC as a client on Windows you can connect to a Linux box running VNC as a server and before you know it you now have Linux on top of Windows as opposed to our other discussion about having Windows windows on top of Linux. Now you can also have windows on windows. Linux on Linux. I mean, this is just remote connectivity, remote desktop stuff.

It doesn’t matter who is the server as long as it runs VNC server and as long as you have the client you can have remote connectivity. So it can be you running or connecting to whatever system that supports VNC server. That’s one of the great strengths about using that software.Now, let me get on my bit of a security kick again. You got to be careful with remote access out there because people know the default ports. And they’re going to be scanning your networks to see if you allow these remote connections. And if you do, then they’re going to start trying to hit you with passwords brute force.

So I do want to make sure I point out to all of you that even though it’s really cool that you have it, you may want to consider controlling real outside access from your firewalls to let people make connections. And especially if you’re running this from home. Because there are people are out there scanning your networks no matter who you are looking for ways in because they want to take machines over. So do be careful when you do configure yourself as a server that you are making sure you monitor it and try to keep it as secure as you can to keep people from visiting you and taking your desktop without your knowledge.

19. A Windows Desktop on Linux Part1

Again, as I said, you can have a Windows desktop sitting on Linux. A Linux on top of windows. It’s cool. You can make all of those connections just as you’ve done before with Remote Desktop. So again, your choice. How you want to set it up. Now, a lot of the reasons people like doing this is that they don’t want to have perhaps virtual machines, let’s say, where I can virtually run Linux and Windows on the same system. Or there may be applications running on your Windows machine that I need to have access to. And again, I don’t want to boot up to a Windows environment. I mean, I can go on and on and on. Again, for reasons why this is great. It could just be that I have a central location for all of the things through terminal services that I want you to have available to you without having to install of software on every machine.

20. A Windows Desktop on Linux Part2

In other words, back in the days when we just talked about Windows connecting to Windows, we’d say, look, if you need to run an office application, use Terminal Services, connect to this Windows server and run the application there. That way I had it installed on one machine and not on a billion machines out there. And likewise, we could use similar reasonings for the reasons we do this in our Linux to Windows Interoperability. I’m just trying to throw out ideas of what solution you’re trying to achieve by using Remote Desktop. You may decide this is absolutely no business need for you and just ignore what I’m talking about. That’s fine too. It’s just another tool out there in your toolbox that you should be aware of and know how to make it work.

21. Unit 11 Review

So our goal in this unit was to talk about interoperability, and we approached it from two sides, having this thirdparty software like Samba out there installed so that we can pretend to be a part of the Windows network supplying SMB CIFS client software, or to be able to connect remotely through things like Remote Desktop or VNC. All of these were designed to be able to help my Linux and Windows environments work together to give me a better business solution than I would have had if I kept them separate. It also allows me more choice because now I can choose Linux in some networks or Windows in some networks and still be able to have communications.

I think that is imperative. The whole reason we have networks is so that we have that type of interoperability. Now again, I did verify by saying upfront that you don’t need either of these because of the use of network protocols and programs like Web Services or FTP. We’ve always had some aspect of interoperability to begin with that was a part of the network protocols. This was going beyond those protocols to give us even better types of options to be able to interoperate.