Problem solve Get help with specific problems with your technologies, process and projects.

Enterprise open source migrations: Dealing with file services

File services look simple enough, but file services are probably the most critical networking service of all, save directory services. Get an overview of the file service options in the open source world and learn how to use them to replace their traditional commercial counterparts.

Problems with sharing and storing files can stymie a migration from Windows or Unix to Linux. Fortunately, a few key open source tools and tried-and-true practices can scale file services roadblocks.

File services look simple enough, but file services are probably the most critical networking service of all, save directory services. Companies need to be able to share and store files over the office network. An employee without access to his or her files or applications can't do much work at all, if any. And of course, companies need a way to restrict access to authorized parties only. File services handle all of this and more.

This article will provide an overview of the file services options in the open source world and how to use them to replace their traditional commercial counterparts.

File services

More on migrating to open source:

Windows, Linux and open source software: Migration & interoperability learning guide

Open source tools for Windows-to-Linux migration

Before deciding on an open source file services alternative, consider your file access and file storage protocols. As you probably know, Samba is the most popular open source file service. It uses Windows' native SMB protocol, meaning it's fairly easy to integrate with Windows workstations.

But Samba isn't the only option; you should consider what would work best with the existing workstations in your network. For example, if you are migrating to open source from a Novell environment, the NCP (Novell NetWare Core) protocol could be a better alternative for workstations with a Novell client. And a network with multiple Unix workstations might need NFS (Network File System), and because NFS support is native to Unix, it also works with Linux. (If you haven't managed to get rid of IPX yet, support for the IPX networking protocol on Linux is available as well.)

File systems

In choosing the best file system to suit your needs, don't forget that a file system does more than store files. Your file system also stores directory information, handles access control and plays a role in transactions on servers.

Linux supports or can be made to support just about any file system ever used in PC networks. But a few, such as NTFS (New Technology File System), can only be accessed on a read-only basis. And of course, the inherent limitations of each file system apply; for example, you'd better forget about meaningful access regulation on a FAT32 file system.

The most common native file systems on Linux are ext2, ext3 and reiserFS. Unless you need to mount existing file systems in other formats (e.g. NTFS), one of these three makes the most logical choices for a file system. But ext2 has a big downside in that it is old and does not support journaling, which is something you really want on a server, so in reality the best choices are ext3 and reiserFS.

Both ext3 and reiserFS support journaling. Ext3 is the successor to the 15-year-old ext2, while reiserFS is a more recent development. Like Novell's NSS (Novell Storage Services), reiserFS is based on a database for file administration. This makes reiserFS suited for servers that handle large amounts of data -- large numbers of files, very large individual files or both. Ext3 is normally used for more general applications. The choice of reiserFS vs. ext3 may also depend on which Linux distribution you have; Red Hat has invested in ext, while SUSE has done the same with reiserFS. The default file system on these distributions reflects that.

File access permissions

At first glance, the Posix-defined access permissions on Linux (and other Unix flavors) probably appear rather coarse and rudimentary. Compared to the fine-grained control of products like Netware, Linux's access permissions are somewhat less user-friendly. In practice, the file access permissions are certainly sufficient, and that's where it counts.

All files and directories have three groups of permissions: one for the file owner, which is called the "user permissions"; one for the other users in the same user group as the file owner, which is called the "group permissions"; and one for everyone else, which is called the "world permissions". Each permission consists of three flags: the read access flag, the write access flag and the execute flag. The latter does not really control access permissions on files but merely indicates whether or not a file is an executable. On directories, this flag indicates whether or not the directory is accessible.

In a migration from Netware or Windows to basic Unix-based file services, one way to achieve the required structure of access permissions is through group memberships. By creating user groups and assigning the appropriate group permissions to a file and directory, all you have to do in order to give a user the necessary permissions is to assign him or her to the appropriate group. Access Control Lists (ACL's) are another option to manage file permissions. Not all file systems support ACL's and not all backup software products will preserve ACL properties. (If you use Samba, you can assign access permissions to volumes and directories, and if you use OpenLDAP, you may also store such permissions in the directory.)

Migrating files

Migrating files to a Linux-based file server is as simple as making the file system available to the network and copying files across. Be prepared to reassign file permissions; other platforms have their own structures of permissions and properties, and porting these on a one-to-one basis is difficult. Replicating the exact permission structure of Netware or Windows on a Unix-based file system will take some serious thought and perhaps experimentation. Eventually you will realize a system to control permissions that is at least on par with that of Windows server and a very workable substitute for Netware.

The easiest way to replace a Windows server with a Samba server overnight is to have the Samba server advertise the same server name as the old Windows server. In this case, no changes have to be made on any workstations.

Print services

In the bad old days, Unix-based printers required a lot of cumbersome hassle with termcap files and ldp server processes. Today, things are much easier with the Common Unix Print System (CUPS). CUPS printers can be local printers attached to the server, or they can be networked printers. CUPS can work with printers attached to other Unix systems (as long as they support the IPP protocol), as well as with printers on Windows workstations or servers, Novell NCP printers, JetDirect printer servers and printers that have an onboard network interface.

Several GUI-based configuration tools for CUPS printers are available. Setting up and managing printers, managing the associated spool queues and making the printers available to the network are a matter of a few mouse clicks. CUPS printers are essentially based on IPP (Internet Printing Protocol) but can also use the older Unix printer protocols or be integrated into Samba. The latter is the most common; this allows Windows workstations to use the printers as normal, Windows-based network printers.

Controlling access from Windows workstations to printers is most easily done in Samba and optionally in the OpenLDAP-based directory. If you do not use Samba, things become a bit more challenging. Although NFS and the NCP tools for Linux do offer the basic services required, they are far less luxurious when it comes to management tools. In most situations, however, you'll want to offer print services from Linux to Windows-based workstations, which means you will probably want to use Samba.

Offering all CUPS printers to the entire network via Samba is easy. Include the following in your smb.conf file:

 printing = cups
 printcap name = cups
 guest account = nobody
 load printers = yes

Access control to certain printers is easy too. To share an individual printer (e.g. one called 'accounting_lj4), include the following:

 printable = yes
 writeable = no
 path = /var/spool/samba
 guest ok = yes
 printer = LP123
 create mask = 700
 browseable = yes

The line 'printable = yes' indicates a printer share to which users may send print jobs. The line 'printer = LP123' refers to the name under which the printer has been created in CUPS; in this case, the printer has been named LP123 in the CUPS configuration. The line 'browseable = yes' makes the printer visible for Windows users who browse the network looking for available printers.

Groupware: collaboration and communication

On the Netware platform, the choice for a messaging and groupware product is relatively simple: GroupWise is your only option. In a Windows environment, Exchange is generally the first product to be considered, with Lotus Domino as an alternative. (The latter also runs on several Unix flavors.) All these packages provide the typical groupware services: email, contacts, notes, calendaring, etc.

On Linux, the choice requires more thought -- not because of a lack of open source options but rather because of an embarrassment of riches. Quite a few packages are available, but they are not all equally good. For example, Hula (an open source project supported by Novell) was once touted as the future open source equivalent of GroupWise, but recent developments have been disappointing. Hula is currently profiled as a Calendaring and Mail product, but it doesn't have support for Outlook and probably won't get it anytime soon.

In order to ensure present and future compatibility, be sure to consider which standards a groupware product should adhere to. Sufficient support for industry standards means sufficient support for industry standard clients. Today, the standard in calendaring and scheduling with the best support is iCalendar. A derivative of WebDAV (a protocol to share folders over the Internet) has been proposed to share calendaring data. While the various open source groupware development teams have made commitments to this standard (called CalDAV), support has not yet been widely implemented. GroupDAV has recently emerged as a simple protocol to connect open source groupware clients to open source groupware servers. It concentrates on supporting KDE Kontact, Novell Evolution and Mozilla Sunbird. It uses the iCalendar standard and supports the vCard standard.

Mail is the most central feature in any groupware solution. Most companies already have a good email solution in place and would like to add groupware features to it. One way to do this is to implement the Courier mail server, which not only acts as a Mail Transfer Agent but also offers Web-based email and several groupware functions such as mailing lists, calendaring and scheduling. One easy way to migrate from Exchange to Courier is to migrate IMAP mailboxes from Exchange to Courier. (Scripts to do this are available from various sources).

A complete overview of the proliferation of open source groupware products is beyond the scope of this article. Apart from the ones mentioned above, you might want to take a look at, Citadel and Open-Xchange and select the most suitable one depending on your particular needs.


If you rely heavily on ERP software, names like Oracle and SAP are probably very familiar to you. If you need a unified application (or set of applications) to support every aspect of a company's business process, there's a lot to be said for working with trusted names.

But while open source products are not yet prominent in this market, they are certainly gaining momentum. Much of the high cost of ERP software goes into the army of business and programming consultants needed to customize commercial software for individual business operations. This is where open source software really comes into its own; in-house customization can be performed on the freely available source code with relative ease.

One of the most prominent products for this application comes from Compiere. Compiere's ERP software provides fully integrated ERP, CRM, supply chain management and accounting features. Even more important, support for customizing and extending its functions is freely available from independent consultants around the world.

Another product worth looking at is WebERP, which is especially suited for financial and inventory applications and sports a highly customizable Web-based front end. ERP5 also deserves your attention if you are considering open source ERP or CRM software. It is also available on a LiveCD, which means that you can test-drive the software without having to install it; it will run directly from CD.


Dig Deeper on Linux servers

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.