Linux has grown tremendously in the server Operating System market, primarily due to the fact that it is stable and secure. But this growth has been restricted to the bigger corporates, with server farms and data centers, who have the resources to hire former Unix sysadmins and get high-priced consultants to manage migration of their existing IT infrastructure to a Linux-based one. Small and Medium Enterprises till now have generally remained Microsoft customers, because quite often, there is no specialized IT department in such organizations, and Microsoft's server products have GUI interfaces that make it easy for laypersons to set-up and administer services. Besides, Microsoft has tightly integrated services, like Active Directory and Exchange, which is a further incentive to use Microsoft server products.
However, the proliferation of security issues, stability issues and the high cost of user-licenses have forced quite a lot of the SMEs to explore the possibility of using Linux to replace most, if not all the Microsoft server software. IT consultants catering to the SME market are also facing queries from their clients regarding the hype surrounding Linux, and the possible advantages of switching to Linux. The book "Windows to Linux Migration Toolkit" is aimed at this SME segment that is exploring ways to cut costs by switching to Linux.
The book is divided into 11 chapters and 3 appendices, which cover almost all the major services used by SMEs today.
Chapter 1 deals with the planning the roadmap and, keeping its target audience in mind, introduces us to the migration roadmaps of two fictional SMEs : Acme Widgets Manufacturing Inc. and Ballystyx Global Semiconductor Engineering Inc. The authors show how to make an inventory of the servers in an enterprise, create current and post-migration infrastructure diagrams, functional requirements documents and a test plan. While IT consultants may be doing all of these and more for their clients, this chapter is more useful to those do-it-yourself people in small enterprises, who are not trained administrators, but are responsible for their organization's IT infrastructure nonetheless.
Chapter 2 covers DHCP, DNS and NTP (Network Time Synchronization Protocol). These are the easiest services to configure (well DNS isn't that easy) but are often critical to a network functioning properly. Complete configuration files are provided that serve as examples. Advanced topics like dynamic DNS update are also covered. However, I found the coverage of DNS itself to be a little short. While migration from Windows based DNS are explained, coverage of BIND configuration files and zone files is insufficient in my opinion.
Chapter 3 explains Directory Services. The chapter opens with a succinct introduction to LDAP and Directory Structure in general, explaining the concepts of Distinguished Names and Organizational Units in simple terms. Briefly explaining how users are organised into directories in Windows Active Directory, the chapter goes on to explain how to set up OpenLDAP to provide directory services (whit pages) in Linux.
Chapter 4 deals with Authentication Services and is closely associated with Chapter 3. The chapter first covers Windows and Linux authentication mechanisms including LDAP and NSS. Brief coverage of Pluggable Authentication Modules is also provided. The chapter also shows how to use the directory server that was configured in chapter 3 could be extended using Samba to support both Windows and Linux clients. Lots of examples from configuration files used by the fictional companies are given, including how to enable encryption of authentication data.
Chapter 5 ostensibly covers File Services, but hardly has any details on File Services. Most of the information for configuring File Services for Windows clients have been discussed in the previous chapter during the configuration of Samba. Instead this chapter discusses Linux filesystems and data backup tools. Some discussion of Access Control Lists is also provided in order to secure file shares.
Chapter 6 deals with Print Services. This chapter has a brief coverage of the print commands used in Linux. It also discusses setting up CUPS, configuring printers and sharing them with Samba (including how to configure Samba to allow clients to download printer drivers automatically from the server itself).
Email and Messaging services are covered in chapter 7. The authors describe the different pieces of a Linux Messaging System (the Mail Transfer Agent, Mail User Agent, etc.), explain the difference between mbox and maildir mail storage formats and provides the pros and cons of the various mail server software like sendmail, Postfix, Courier Suite and Exim. A section on choosing the most appropriate software for an organisation, helps the reader to decide. E.G. The authors state that since the Courier Suite includes all major components of a messaging system, including the Webmail, POP/IMAP and mailing list manager, it makes sense for small organizations like Acme Widgets to use the Courier Suite, as it provides an integrated suite. But larger organizations like Ballystyx may have more complex requirements, which calls for complex decision making process. The use of Email server component diagram helps to understand how the different pieces of software fit together. Spam and antivirus integration using spamassassin and clamav are discussed, along with migration of user data from Exchange.
Chapter 8 provides an overview of the different groupware and calendaring software available for Linux. A basic overview and list of features of the software discussed are listed. More detailed description and installation and configuration instructions for the software discussed would have been ideal, and will possibly be a welcome addition to the second edition.
Chapter 9 discusses Web Services using Apache. Configuration instructions are provided and some advanced topics like SSL/TLS, virtual hosting, .htaccess files, etc. are touched. Some discussion of mod_mono as a means of serving up ASP pages from Apache and migrating websites directly from IIS would have been an interesting addition. Another crucial addition would be a discussion of Content Management Systems.
Chapter 10, on Desktop Migration Roadmap, is probably one of the most important chapters in this book. The authors describe how to grade the users into different types such as kiosk users, knowledge workers, technical workers, etc. helps to isolate the applications needed for day to day work, by the users, and appropriately develop a migration path that minimizes disruption. Desktop asset lists, cataloging file formats and functional requirements specifications are used to estimate the costs of migrating to Linux and the associated cost savings of license fees, and pinpoint areas of possible disruptions during migration. Guidelines for training users on the new environment specify the process of making the migration as painless as possible for the users.
Chapter 11 is an extension of chapter 10, and mainly explores the alternatives to common office applications used on Windows. Lots of screenshots are provided to help people choose their favourite application. Desktop environments are covered along with the most common Linux applications. Products that enable Windows applications to run on Linux are also discussed. One of the most interesting parts of this chapter is the discussion on alternative desktop environments/window managers like XFCE, Busybox, Enlightenment, etc.
The appendices are worthy of being complete chapters unto themselves. Appendix A introduces the reader to Network Analysis, using tcpdump and Ethereal. The authors teach how to capture and analyze network data. Readers are taught how to detect patterns in the data, to catch packet sniffers and identify potential problems with network services. A brief description of the Carnivore system is also provided. Issues with network design are dealt with, and readers are taught the difference between a hub, a switch and a router. The pros and cons of each type of network set-up is explained, security threats assessed, and preventive measures described.
Appendix B deals with Intrusion Detection Systems. The authors provide a general idea of Network, Host-based and Distributed IDS networks with pictures to explain the concepts and provide a lot of theoretical knowledge about IDS. However discussion of how to install and configure IDS on Linux is left untouched. Basic Snort and Tripwire configuration would've been helpful to the readers, especially considering the target audience of the book. The question of recovering data from a server under attack using live CDs is barely touched upon. A book like Knoppix Hacks would be a perfect partner to this section, as it describes how to disinfect a server under virus attack, or to extract user information from the server.
Appendix C contains information on Nessus and Vulnerability Assessment tools. An outline of the assessment process is given, and screenshots are provided to give a fair idea of how to use Nessus to check for security vulnerabilities. Tips are provided to help identify services running on ports identified by Nessus, check for corresponding vulnerabilities and provide a report. Different approaches to automated vulnerability assessment procedure along with their advantages and disadvantages are discussed.
This book is perfect for Windows administrators to use as a reference for developing a migration plan to Linux, ranging in scope from the basic DHCP/DNS server functions to a complete Linux based IT infrastructure. Addition of a few more details and configuration details for topics like BIND, FreeRADIUS and Groupware functions, along with the security and audit tools would make this book an even more valuable addition to the book shelf of a Windows IT consultant.
One minor irritation was that there are quite a number of spelling mistakes in this book. Also, while the pictures were clear and the configuration files readable, however, complete configuration file listings would've been even more useful.
The CD contains scripts that help to extract user data from Microsoft servers and output them into a format that is suitable for entry into their Linux equivalents. All the scripts are under GPL. I have not managed to test the scripts, but first looks indicate that the scripts should be able to handle all configuration quirks of Microsoft servers.
I have not gone through the e-booklets available along with this book, so I'm unable to comment on them.
I highly recommend this book.