Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Wilheim on March 28, 2005, 08:37:00 AM
-
Hi all.
I am having issues with logging on to a SME server with a Linux workstation. The scenario I am trying to effect here is to use a bank of Linux workstations with KDE or GNOME for the workers, but have the logons at the workstations authenticated at the server- essentially like a domain logon using Windows.
Can anyone help? There should be some logging involved as the workers are in fact, in gaol, some of them for computer-related offences.
An alternative is to get LTSP, the Linux Terminal Services project to function off an SME server. Any suggestions?
-
Hi
I posted a similar question for using fedora as a workststion and i could not get to the user home share, I did not have much joy, the only versions of linux that I found would do it easy were mepis (using smb4k) and xandros (done it out of the box user logs in and gets straight to shares that they have permisson to through xandros file manager) In xandros it is easy to mount the shares as a network drive it comes up as a folder in the home directory. There was another discussion on getting suse to work but it was above me :)
-
It's not a question of home directories etc, although those would be useful, it's getting a user, upon sitting down and booting up, to log onto any workstation using a username/password combination, have it authenticated at a server, as much like logging onto a Windows domain as possible. Answers should be as plain English as possible, as they will be forwarded to novices without Internet access...
Thanks in advance...
-
Try Xandros for the workstations. Designed to be connected to a Windows domain/network virtually out of the box.
-
I too would try the Xandros solution.
You can get a free copy of the OCE (Open Circulation Edition) from:
http://www.xandros.com/products/home/desktopoc/dsk_oc_download.html
You need bittorrent to get it free - otherwise it's $10
Hope this helps.
-
Tried Xandros, and am very impressed, however it STILL DOESN'T AUTHENTICATE AGAINST A SERVER! It's possible to log in locally and use the Internet! The users are stored locally: I have 100+ students and I'm not going to enter all onto each workstation.
I want to be able to force users to log onto a network BEFORE getting access to the computer, in the same way Win2k/NT on a domain won't let you into a machine if there's no account on the domain controller...
Looks like the infinitely more complex prospect of LTSP is becoming the preferred option... if I can find a beefy enough server...
-
Here is where it gets a bit complex. In order to authenticate linux user logins with a server you will need NIS functionality on the SME server and the client. A really good howto is: http://sme.swerts-knudsen.dk/index.html?frame=http%3A//sme.swerts-knudsen.dk/howtos/howto_8.htm
After that, the Xandros distro or any other should be well able to handle the Samba file sharing aspect.
-
Think you meant this link......
http://sme.swerts-knudsen.dk/howtos/howto_31.htm
-
Yes, you are correct. Thanks for the correction.
But then the site is so good, you really do need to peruse the HowTo's from time to time to stay current!!
LOL
-
Your welcome
I ran into the same thing you did trying copy/paste the link.
Have a good day
-
edit
-
I have a Mandrake 9 box at home that does domain logons to SME.
I think that it's winbind that does the work - I chose something during setup and it all got configured, though blowed if I can remember now.
Only had a problem with it when I changed the server domain name and had a bit of head scratching to reconfigure it. Apart from that it seems to work fine.
-
I think you're right: Winbind doing a domain logon to Samba indeed is the best path to follow in this case. It's a bit of a cheat, emulating a Windows logon onto an emulated Windows domain. NIS, I think is the native Linux version... but not part of e-smith (why?)
Ironically, Xandros Business Edition does domain logons out of the box, but it costs the same as WinXP in an educational environment... perhaps it's time to contribute my own how-to...
-
Look at the k12ltsp.org project. It is a terminal server for linux. You can always still use SME for mail or whatever, however the termserver works great.
-
Very interesting discussion. Please keep us posted with your results!
-
I have nutted out the authentication problem: NIS does the trick. Except, now I have to map user's home directories to the SME server using NFS. Once this is done, I will attempt a how-to. Very exciting...
-
I've done it! How-to to follow as soon as I can remember the steps to get to the finished product...
In brief, I:
1) Installed NIS using the how-to found on this site.
2) installed "e-smith-nfs" rpm
3) Edited the /etc/exports file to export the /home/e-smith/files/users directory. Note that this is where the home directories are defined in the server's /etc/passwd file, this is important later
4) Installed the 'e-smith-usershellaccess' rpm. This may be a security issue since it gives shell access to the server... allow shell access to the users through the server manager page.
5) Setup the Xandros OC edition workstation (based on Debian Sarge for reference purposes) to use NIS authentication
6) As root, edit /etc/fstab to mount the server's exported filesystem in, and this is important,
/home/e-smith/files/users - create this path manually if neccesary.
7) All good! Obviously there's missed steps here, but I'll wipe my Xandros install at some point and try and recreate it logically, writing down as I go. The SME server is running my house right now, so I can't wipe that.
But, since this works, and Xandros is similar enough to Windoze to fool most of the people most of the time, there is the possibility to save some serious cash... at my work we have a proposed network of 15 PC's, so we save ($150X15 for workstation +$1500 for server + too much for the MCP dickhead to install it =) over $5000... plus have that warm fuzzy feeling that we're sticking it to Bill.
-
Will be very interested to read the howto Wilheim - the ability to do proper logon no matter what workstation being used is a must have.
We have not really used any Linux desktop in a production environment but all our tests with various flavours of desktop have suggested that Xandros coupled with Crossover Office is the closest to what we need.
Note the only reason for adding crossover office into the equation is to run Lotus Notes which on the last test carried out worked seamlessly in this environment. We already run our internal Domino servers (and some customer ones) on SME utilising Qmail as an anti-virus/anti-spam front end to the Domino SMTP server running on a dedicated IP as does Apache etc.
With IBM Domino Express licencing at only £95 a head we can build a true SME server incl domain logon, file & print, a/v, anti-spam, full backup and REAL groupware that absolutely kills M$ Small Business Server when you cost up all the bits of software you would need to achieve the same result.
Lets see that howto
-
Hi all
I'm about to wipe my SME box (some f#cker hacked it, I think, else I did too much experimenting and it fell into a giggling heap...) and recreate the NIS/NFS thing... documenting as I go.
But, I need a question answered first: how does one get /etc/fstab to run before login, ie at bootup? The issue at hand is the scheme I have works fine, but I have to log in as root first to mount the nfs share containing the e-smith home directories before login to KDE will work on the Xandros w/s.
bye bye for now.
-
I've done the how-to, but where to put it?
Is there a place on this site where I can dump the html file then link to it?
please help!!!
-
it's up :-D : at http://no.longer.valid/phpwiki/index.php/NIS%20Authenticated%20Linux%20workstation%20on%20an%20e-smith%20server
Please feel free to help with the detail, although the issues such as the sound card not working are probably due to permissions on the Xandros box and as such are outside the scope of this forum. Incidentally, I fixed the sound issue by
chmod 777 /dev/dsp
but I'm sure there's a more elegant way.
-
I'm amazed that people still don't know how to search the forms and end up reinventing the wheel.
See http://forums.contribs.org/index.php?topic=25381.0
I know it's more of an adventure to work it out yourself and you will remember it more clearly that way, but still, search before you post :o)
Damian
-
Ah Damian. Damian damian damian.
I read your form (sic) and I will use the information collected later on, especially the automount stuff. A collated how-to is what I really wanted when I started down this dark path...
I'm amazed that people still don't know how to search the forms and end up reinventing the wheel.
See http://forums.contribs.org/index.php?topic=25381.0
I know it's more of an adventure to work it out yourself and you will remember it more clearly that way, but still, search before you post :o)
Damian
The problem is, that despite the semi-religious fanaticism regarding Linux, it's NOT easy to reproduce the domain-style authentication possible with M$ crud. There is a distinct lack of comprehensible data on this style of networking we're discussing here, hence, 'reinventing the wheel', as you say. Not everyone's a guru, please remember that when you give discipline to others.