At work I’m putting together a couple of fresh Windows 2000 servers, mostly just to be fancy ldap servers, but that’s another story. I wanted to note what software (and version as of this writing) I’m installing so that I’ll have it around if I ever (please NO!) have to do this again.
- During the Windows install
- Included DNS, Internet Authentication Service (radius support) and WINS under ‘Networking Services’.
- Included Print Services for Unix under ‘Other Network File and Print Services’.
- Go through Windows Update madness. It’s no fun, takes forever, but you’ve got to do it. Now that I’m thinking about it, why isn’t there an option for your windows box to email you when it has downloaded a new critical update?
- Anti-Virus Software. At work we’ve purchased McAfee.
- Firefox version 0.9. IE is really only good for the Windows Update service, after that it is Firefox all the way.
- SSH Client. There are a couple of different options, since we are attached to CSU Sacramento I’ve been using SSH Communications ssh client under their non-commercial license. Looks like licensing may have changed for version 4 of their product, so were are sticking with version 3.2.9. There are other Windows ssh clients out there, Putty is probably the next in line.
- WinZip. Work purchased licenses ages ago, so I’ve been using that version, 8.0.
- TightVNC for remote admin. I’m even living on the edge by using version 1.3-dev5 with the DFMirage driver.
- Optional: Install Active Directory if this server is going to hold domain user accounts. With this particular install that is the case.
- I selected ‘Permissions compatible with pre-Windows 2000 servers’ on the permissions screen in the wizard. I believe this makes life a little easier when getting Samba to play nice with Active Directory. It’s also the default option.
- Optional: Install Windows Services for Unix version 3.5. There are all softs of goodies in here. In my case the only part that I’m interested in is the ‘Server for NIS’ because that extends the Active Directory ldap schema for users. That allows me to use things like nss_ldap on un*x boxes.
- To just get ‘Server for NIS’, do a customer install of SFU and make sure that everything is deselected (X’ed out) except for ‘Server for NIS’.
As I mentioned, these Windows servers will just be storing user accounts so I’ve kept everything to a minimum. Ideally I’d like to have all of our users accounts stored on a unix box somewhere, but to make all of the Windows client systems and servers happy, having a ‘real’ Windows server seems to be the only way. Don’t get me wrong, Samba has come a long way, and I’ll continue to use it, just not for holding domain user accounts. In the end the most important goal is now able to be meet: keeping one set of user and group accounts. With NSS support in FreeBSD 5.x making use of those accounts is now possible, thanks to nss_ldap and pam_ldap.