network confusion

They have: 36 posts

Joined: Oct 2004

I am so mixed-up now that its hard to even figure out what i need to know, so let me tell you a story.....

It started about a week ago, when i first started on the server configuration module of my CIW course. I began to get confused concerning the topic of permissions and access levels in IIS 5. Because of this confusion i started to backtrack what i actually knew (or rather, what i thought i knew) about networks. I now find myself realizing that i am not even sure about the basic
types of networks. Anyway, thank you for your patience so far, and without further a-do here comes the obligatory questions.

I thought that a peer to peer network was any network without a dedicated server, so the hosts (computers) on the network communicated with each other directly. I also thought that once you added a server to the network, all the shares that were once stored on the individual computers are now moved to the server, and that the individual hosts no longer actually communicate with each other to access files, printers, etc.

However, now I am starting to think that i am wrong about this, and that the hosts may indeed still keep some shares on themselves to be accessed by the other hosts on the network.

It is this method of ACCESS that is confusing me.

QUESTION 1
Do the hosts now have to ask the server to fetch the shares on the other hosts, or can each host still have direct access to any other host?

QUESTION 2
A book i have states "a peer-to-peer network does not regulate user access from a central point". To me, this implies that using a server on the network somehow centralizes access, BUT ACCESS TO WHAT??. Does this mean access to the server that has just been installed, or that the server is responsible for giving permission for host "A" to connect to host "B" to access the shares stored on host "B

QUESTION 3
The same book also states (regarding user-level-access and some kind of access list)...."this access list can be central to a particular server or to an entire network"
WHAT THE HELL DOES THAT MEAN???
Does it mean that this list can be either stored on the SERVER (CENTRAL) or EACH HOST("entire network").

I hope one of you guys can figure out,at least, where i am getting confused because the more i read the more i seem to tie myself up

Thanks in advance if you had the patience to read this mammoth post.
Stuart

Abhishek Reddy's picture

He has: 3,348 posts

Joined: Jul 2001

You do seem to have some preconceptions that may cause confusion. You're still sort of on the right track though.

Here are some basic ideas, in a client-server network model.

When a node in a network shares data that other nodes ask for, it is acting as a server. The nodes making requests are clients. For example, when you load a web page, your computer is the client, as it makes the HTTP request; and the remote host is the web server, as it listens and responds to your request.

A node can be a server and a client at the same time. In a P2P network, all nodes can ask for data, and all nodes can share data. That means every node is potentially a client or server, simultaneously.

That means any number of servers could be added into the mix, and it won't stop any nodes sharing data in a truly P2P way (it depends on the protocol). In fact, they couldn't do it without at least one server.

However, centralised servers may be needed for some purposes, like password/key or database services. By juggling keys, you could, for instance, have a P2P network with centralised authentication but decentralised data communication.

So all your data wouldn't have to go through the central server, that would just mediate your connection. The remote host and you will have to mutually identify yourselves to the server (and perhaps fetch keys to decrypt each other's packets). This is how many instant messaging chat applications operate. Again, it depends on the protocol.

I hope that hasn't confused you more. Smiling

They have: 36 posts

Joined: Oct 2004

Thanks Abhishek. you have answered a KEY point regarding access permissions for the network (which just so happens to be the exact principle im having problems with).

If you have a second or two, maybe you could clear up my confusion regarding "Access Control Lists" that are used for "User-Level Access" (i.e. where a shared "object" contains information regarding the user or group "permissions" for the object in question), as opposed to simple password protection for a share.

The primary text im quoting from is "CIW network administration, Sybex (2002)".
The book says...

"A network using the user-level access model allows users to obtain access to resources only if they belong to a centralised access list. This access list can be centralised to a particular server or to an entire network"

Im not sure what the text in Bold means.

If possible could you also translate this for me as well...

"Operatin systems that provide both centralised and local user-level server access include the following: Win2000 server......"

An answer for these points will probably clear up my confusion altogether and i will be writing you into my will.

Thanks

Stuart.

Abhishek Reddy's picture

He has: 3,348 posts

Joined: Jul 2001

StuPeas;214899 wrote: "A network using the user-level access model allows users to obtain access to resources only if they belong to a centralised access list. This access list can be centralised to a particular server or to an entire network"

I think it refers to the fact that the list of users and their access priorities are stored and served in some central node. Any nodes sharing resources under these permissions will check with the central server before exposing them to a requesting user.

Say, if you ask to read a particular shared file, its host will check if you're permitted to do so through the ACLs given by the central server, before allowing or denying you access. The ACL definition may permit you to read only, but not write or delete, etc.

StuPeas;214899 wrote: "Operatin systems that provide both centralised and local user-level server access include the following: Win2000 server......"

I presume this means that the ACLs can be managed at either a central server as above or just on the local host. It's a little bit ambiguous to me, sorry.

Smiling

They have: 36 posts

Joined: Oct 2004

O.K, Thanks Abhishek, It is very ambiguous, and its supposted to be for newcomers to the topic!!

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.