Feeds

User Data: Here, there, everywhere

But rarely where you need it

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Blog Every computer user in the world has heard tales of “the computer that ate my files”. Perhaps the magical write-limit fairy arrived and turned your SSD back into a pumpkin. The infamous “someone, definitely not me” could have opened an infected email or Facebooked up an infected flash ad, corrupting the OS and causing all sorts of merriment.

The reasons all vary, but the result is always the same: there are no backups, and you had just put some incredible amount of time into a project on that computer which is absolutely crucial to your personal survival in the modern world. Since computer components eventually die, what can possibly be done to prevent this?

The single most important measure of preventative digital medicine (ironically also that which is most frequently ignored) is to back up your data. The second most important item is to make your data fault tolerant. In a business IT environment both of these can usually be accomplished in one fell swoop: put all of the user data on the servers, not the local computers. The servers are regularly backed up, have RAID and other goodies for fault tolerance, and are looked after by a cadre of good looking, witty, intelligent well paid systems administrators. (Well, I hope the servers at least have a RAID and scheduled back ups.)

How then do we get the user data onto the servers? User data is generally stored in two locations: the user’s profile, and their homefolder. In Windows, these are most often separate concepts. In Linux, Unix or OSX the profile is most often a part of the homefolder. When talking about a scenario where all of your users are always connected to the same network (ie no roaming or VPN users) then Linux, Unix and Mac admins have it easy. They configure their server to post an NFS share, map /home (or its equivalent) to the server, and this whole mess of trying to get user data to live on the server is done and dusted.

Windows doesn’t offer anything quite so simple. Windows has at its disposal “roaming profiles” and “folder redirection”, neither of which is a complete solution. Folder redirection is simple enough: you can tell certain pre-determined folders that they exist on the server, not on the local computer.

In a Windows environment, homefolder remapping is the canonical example of this practice. The limitation being that you can not arbitrarily remap any folder you choose; Microsoft has determined that there are a limited set of folders to which you may do this.

Most importantly, you can not redirect the entirety of a user’s profile to the server, thus preventing a Unix-like easy approach to this problem. Both the Unix approach of mapping the homefolder/profile set entirely to the server and the Windows approach of very selectively synchronising or redirecting folders to the server completely break down when you start talking about remote (VPN or laptop) users or individuals who log onto multiple machines.

If you look at the traditional Unix approach to keeping the user’s data on the servers, the instant the connection between the user’s computer and the server is severed, the user loses all access to that information. A laptop user can then do nothing without a VPN connection; there is no local copy of the data on his laptop. There are some attempts to get around this, but the really short answer is that there is no nice and clean solution. If you are using Unix, then either your users' information lives on their system, or it lives on the server. Attempts to bridge the gap in Unix are…generally very complicated.

Security for virtualized datacentres

More from The Register

next story
Wanna keep your data for 1,000 YEARS? No? Hard luck, HDS wants you to anyway
Combine Blu-ray and M-DISC and you get this monster
US boffins demo 'twisted radio' mux
OAM takes wireless signals to 32 Gbps
Apple flops out 2FA for iCloud in bid to stop future nude selfie leaks
Millions of 4chan users howl with laughter as Cupertino slams stable door
No biggie: EMC's XtremIO firmware upgrade 'will wipe data'
But it'll have no impact and will be seamless, we're told
Students playing with impressive racks? Yes, it's cluster comp time
The most comprehensive coverage the world has ever seen. Ever
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.