How should I administor my family network

Now that my children are older I have more than my desktop and laptop on my home network. I want to have a central server that will allow me to maintain their passwords and control their accounts. My experience with servers is limited to share servers and web servers. I believe what I am wanting to do is build a Domain Controller. What else may I need to have running on my network to provide security and monitoring of the devices on my network? Any advice would be appreciated. All of the laptops on the network are running openSUSE LEAP 42.1.

Bryan Sailer

Depends on how much time you want into investing in a new career. :slight_smile:

You might take a look at NIS for some minimal centralized network administration, the fairly standard (today) LDAP/AD is very complex if it’s done properly and unfortunately it doesn’t make too much difference whether you are a 3 machine network or a 50 machine network (There are probably more things to learn as your network is larger).

The alternative to centralized network security is to continue to configure individual security on each machine, but enable some shared resources, this is how probably most people in these Forums configure SAMBA, as a Server in the Workgroup where common, shared resources like files (documents, videos, audio, etc) are stored.

In a Workgroup (unlike network based security) each person logs on to the machine in front of them with a locally stored User account. On each machine, client access is configured for the Server’s required credentials to access shared resources. This is OK for a SOHO (Small Office Home Office) network of about 10 machines and devices, but becomes more difficult to manage as the network grows in size.

At some point, when a Workgroup becomes too much effort to manage (every machine has to be touched), then you can consider something like LDAP/AD where a Domain User account with credentials stored on a Server (Domain Controller) instead of a User account on the local machine… When you log on to any machine in your Domain network, the machine forwards login requests to a Server where credentials are verified and Authentication takes place, and the result is passed back to the machine the User is sitting in front of. By using an account stored on a Domain Controller, a User can log into any machine on the network with the same credentials and access shared network resources on Servers… All without having to touch ordinary machines individually.

TSU

tsu2,

Thank you for the clarification and the Workgroup sounds like the best way forward for me and my home network. I am familiar with Active Directory and Domain Controller on Windows Servers and Windows only networks while in the military. I also thought that setting up a Workgroup was when I had a Windows machine on my network. Setting up each individual machine with their local logon and restricting their capabilities sounds much easier to handle. I was seriously over thinking what I needed to do to control my network.

Bryan