QCD's InterStructures plug-ins mind the OS gap

It might be heresy to try to manage a Linux server from a Microsoft platform . But that is what QCD Microsystems has attempted with its InterStructures Microsoft Management Console (MMC)-based series of applets. With these plug-ins, Linux services such as DHCP, DNS, SAMBA and Squid Web proxy (and soon Apache 2.0), are managed from the familiar look and feel offered by the MMC. Our tests showed that the InterStructures modules are simple to install, and provide a single, convenient, drag-and-drop interface to manage a combined Windows/Linux infrastructure.

The MMC approach makes sense both in centralized and distributed infrastucture where Microsoft's Active Directory components live, as Active Directory requires Dynamic Domain Name Service to be cohesive with other DNS deployments. When branch offices, private networks or server farms comprise a heterogeneous deployment, it can be difficult to synchronize DNS.

The same is true when SAMBA, the Linux to Active Directory proxy, is used as a file sharing method between Windows and Linux hosts. Linux distribution makers and others have made applications to control SAMBA in great detail, but these don't control nor do they address administration and configuration of Active Directory and its allied services, such as DNS, DHCP and Internet Information Server. The InterStructures modules flip the control back to Microsoft platforms, and a user interface known to almost every Microsoft systems administrator.

The InterStructures modules (all of which are downloaded from the vendor's site) fall into two categories: Windows-hosted MMC snap-ins installed on Windows workstation or server used as the MMC console; and modules that connect with a single host daemon running on target Linux hosts. We tried three hosts - SuSE Linux Enterprise Server 9 (SLES9), Red Hat Advanced Server 4 (RHAS4) and Fedora Core - certified by InterStructures for use with its product.

Installation onto a Linux server requires momentary root access, and processes run as root or at the level of the daemons they cover (such as DNS and Squid). The installation instructions are incorrect but the process is understandable. We had no difficulties installing the software under RHAS4 and Fedora Core, but were required to install Perl on SLES9. Once the configuration modules and core daemon are installed in target servers, the daemon restarts automatically. Windows-side installation takes a few moments.

The communications process uses an underlying combination of SSL (128-bit), Simple Object Access Protocol and Java 2 Platform Enterprise Edition - all of which are hidden transports between the MMC and the target applications/services. Administrators don't see the underlying communications components. Changes to Active Directory are made to SAMBA authenticating hosts during normal synchronizing periods. It took about 10 minutes for our Linux servers to join and synchronize with our 300-user Active Directory data.

We brought several Linux servers immediately into the control of the MMC. After initial synchronization, we were able to create groups and users within the newly distributed Active Directory/SAMBA directory, delete them, and watch them subsequently appear and disappear as required. Major changes, such as making large groups or massively deleting users, sometimes took a bit longer than we expected, especially when a mixture of changes was applied.

Because Linux has fewer usable group names and characters from which to derive names, it's important to know what characters are legal to use in both environments. DNS and DHCP configuration was just as easy as the SAMBA/Active Directory process, but these settings are infrequently changed.