Setup

x2go Client

x2go Thin Client

Adding Servers

Adding Applications

Administration

NICS and EPROMs

Setup

Obtain the x2go packages for LDAP usage:

aptitude install x2goldaptools x2gouseradministration
x2gohostadministration x2gosystemadministration x2gogroupadministration x2gomail

A lot of questions will come up to query you about the default values for the Debian LDAP installation. DO NOT ANSWER them. They will be overwritten by the x2go ldap scripts. Just hit the RETURN key until all messages are gone.

The Linux4Afrika Mastersolution does NOT include a DNS server, because most schools don't have internet access. That's why a manual entry needs to be inserted into /etc/hosts.

During the x2go Server installation the following default names have been choosen:

hostname: x2goserver
domain: linux4afrika.local

Those values will be added into /etc/hosts:

echo "192.168.0.250 x2goserver.linux4afrika.local x2goserver" >> /etc/hosts

The Linux4Afrika Mastersolution will also provide Samba features with LDAP support. LDAP does NOT iinclude a samba schema by default. You have to copy it from the smbladptools into /etc/ldap:

cp /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz /etc/ldap/schema
cd /etc/ldap/schema
gunzip samba.schema.gz

Go to

cd /usr/share/x2goldaptools/config/

Execute command ./genconf with your values

./genconf (your computer name) linux4afrika tz x2gogroup (your computer name)
(your computer name) is x2goserver

./genconf x2goserver linux4afrika local x2gogroup x2goserver

During the next steps many files in /etc will be modified. Therefore you should make a backup of all files in /etc prior:

tar cfvz backup_of_real_etc.tar.gz /etc/

Rename /etc/pam_ldap.conf because a new file will be created:

mv /etc/pam_ldap.conf /etc/pam_ldap.bak

Copy the generated config files to etc:

cp -r /usr/share/x2goldaptools/config/etc/ /

Change to script folder

cd /usr/share/x2goldaptools/script/

and execute

./makeCA

CA certificate filename (or enter to create)
Making CA certificate ...
Generating a 1024 bit RSA private key
......++++++
...................................................................++++++
writing new private key to './demoCA/private/./cakey.pem'
Enter PEM pass phrase:*****
Verifying - Enter PEM pass phrase:*****
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:de
State or Province Name (full name) [Some-State]:freiburg
Locality Name (eg, city) []:march
Organization Name (eg, company) [Internet Widgits Pty Ltd]:freioss
Organizational Unit Name (eg, section) []:linux4afrika
Common Name (eg, YOUR name) []:x2goserver
Email Address []:info@yyyyyy.net
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /usr/lib/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/./cakey.pem:*****
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 0 (0x0)
Validity
...
...
Write out database with 1 new entries
Data Base Updated

./makenewcert

Generating a 1024 bit RSA private key
...++++++
.........++++++
writing new private key to 'newreq.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:de
State or Province Name (full name) [Some-State]:freiburg
Locality Name (eg, city) []:march
Organization Name (eg, company) [Internet Widgits Pty Ltd]:freioss
Organizational Unit Name (eg, section) []:linux4afrika
Common Name (eg, YOUR name) []:x2goserver
Email Address []:info@yyyyyy.net
Please enter the following 'extra' attributesto be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /usr/lib/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem:*****
Check that the request matches the signature
Signature ok
Certificate Details:

Execute following command for every x2goserver on the network:

/etc/init.d/slapd restart
./initsystem
ldap.addserver x2goserver 192.168.0.250

ssh-keygen -t dsa
cd /root/.ssh/
ls
id_dsa id_dsa.pub known_hosts

cat id_dsa.pub >>authorized_keys
mv id_dsa x2go_dsa

Installation of Luma Browsr:

aptitude install luma

Authentication:
Bind as:

cn=ldapadmin,o=linux4afrika,c=local

Starting Control Centre with root:

kcontrol

« Vorheriges | Nächste »