Part three of a six part series looking at ClearOS, one of the major commercial alternatives to Small Business Server. In this post I look at the operation aspects of the server, primarily focusing on domain join and file sharing. Be sure to read part one for an overview of ClearOS and part two for an introduction to the installation process.
Part Three: General Operation
I have set up and installed a ClearOS server to see if I would be willing to use it to replace a Windows server environment. Previously in part two I detailed the installation process. Now I want to dive into the actual operation of the server. I am working with a Windows Vista Client on this network. I actually chose Vista for a specific reason. It is the “red-headed step child “of the Windows Client OS’s . If Vista works, anything will work. The first thing I did was log into the machine with a local account and check my IP address and network connectivity. I have an IP address from the ClearOS server, DNS points to the ClearOS server, NSlookup resolves clearos.linux.local (my server and domain name) . Everything here is looking good. I attempted to join it to the domain as I would if there was a Windows domain controller on the network. System – Properties, Domain, Change: linux. I entered my Winadmin Credentials, waited for a second, and received the positive news: Welcome to the LINUX domain.
I rebooted the Vista machine and at the login prompt I entered LINUX\Winadmin and my password and I logged in. Domain Join worked, worked properly, and was painless. There was no difference here than vs. joining a Windows domain.
I had a domain admin account, I can log in to my client machine. The next testing step is to create some users and file shares. Creating a user is done under the System tab of the ClearOs web interface. There is nothing new or unusual about this setup. You choose users, add, and add the user.
Enter the user’s information, and at the bottom of the page you have the option to add them to security groups if you have already created any. If you choose to install the Messaging application Zarafa, the options are here to set up the SMTP address, set the mail quota, and add aliases. I did not include a screen shot as it’s a really long form, but it’s a simple web page form, with everything you need for adding a user on one page.
As expected, limited and domain admin accounts work as they should on the Vista client. The Domain Admin account can install software and make system configuration changes. A limited user account can not. There is no difference here compared to a Windows domain. You are able to make limited domain users ‘local admins’ and assign them the right to log in via remote desktop.
The next thing I wanted to do was to create a share, and make sure that my users can access it. This is where I hit a wall. I clicked around for a bit on the different tabs, Server, File, no where can I create a share. Network, nope, it’s not there. I needed to find out how to create a share. I realized that this is an OS where nothing is installed, unless I choose to install it. To the MarketPlace! It turns out that I missed installing the application FlexShare when I did my initial install from the MarketPlace.
Flexshares are flexible share resources that allow an administrator to quickly and easily define data sharing, collaboration and access areas via web, file, FTP and/or e-mail (as attachments).
I quickly installed Flexshares and then went to create my share.
The actual next step is to enable the Share as a Windows File Share:
Going back to my Vista machine, I still can’t see the HR share, nor can I browse to it. I go back to the Flex Share, choose edit, and look at it:
Notice the Top Status is: “Disabled”. In the first screen shot, it is “enabled”
Once you set this back to Enabled, you can successfully browse the share from the Vista client. This seems to be a minor bug, or it could also be user error, as I was not able to recreate it consistently. This might just be something to be aware of when creating your shares. Another major consideration with the default implementation of Flex Shares in ClearOS is that using FlexShares, there is no way to dictate where your share is located in the file system. You can make changes in the system configuration files from a shell session, but this is not available in the web interface and changing it in the configuration files is not intuitive or simple. By default, FlexShares stores all data on the root partition. This is important to consider when you are sizing your server.
The next question is how to map these drives on a consistent basis. ClearOS provides for Login Scripts to be run. In the administration interface, browse to the Server, Windows Networking, mode. Make sure the logon script is enabled. By default, the file is called login.cmd, you can change it as necessary if you want to run a different name, or a VB Script. From a client workstation, you can open the share \\servername\Netlogon and upload the batch file to map drives. This is a hidden share, so you need to navigate to it directly. You can also set a Drive Letter Mapping for users home directories in this location as well.
There of course are no group policies to lock down the workstation, or to install software, or even to configure the firewall. Advanced configuration could be done with a login script; however, completely managing client workstations from a script could become cumbersome. The basic functionality of file and printer set up can be done with ease.
Domain join and file sharing work better than I could ever have hoped out of the box. The native support for home directories and logon scripts is a big positive aspect when choosing to use ClearOS. I tested several of my day to day tasks on domain joined machines and all of them worked. I was able to remotely manage the machine, log on via RDP and limit user access. Logon Scripts work, and I was able to use a VB script based on user group membership to map drives successfully. Clear OS is a complete file sharing solution. User and group set up is fast, easy and straight forward. It truly does ‘just work’. As a file server alone, that requires centralized administration, I would have no problem recommending ClearOS.