]> pere.pagekite.me Git - homepage.git/blob - blog/Autodetecting_Client_setup_for_roaming_workstations_in_Debian_Edu.html
projects / homepage.git / blob
? search:


2756c9e436ed9f011e917811e25b0154f16ecb51
[homepage.git] / blog / Autodetecting_Client_setup_for_roaming_workstations_in_Debian_Edu.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
4 <head>
5 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
6 <title>Petter Reinholdtsen: Autodetecting Client setup for roaming workstations in Debian Edu</title>
7 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/style.css" />
8 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/vim.css" />
9
10
11 </head>
12 <body>
13 <div class="title">
14 <h1>
15 <a href="http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen</a>
16
17 </h1>
18
19 </div>
20
21
22 <div class="entry">
23 <div class="title">Autodetecting Client setup for roaming workstations in Debian Edu</div>
24 <div class="date"> 7th August 2010</div>
25 <div class="body"><p>A few days ago, I
26 <a href="http://people.skolelinux.org/pere/blog/Debian_Edu_roaming_workstation___at_the_university_of_Oslo.html">tried
27 to install</a> a Roaming workation profile from Debian Edu/Squeeze
28 while on the university network here at the University of Oslo, and
29 noticed how much had to change to get it operational using the
30 university infrastructure. It was fairly easy, but it occured to me
31 that Debian Edu would improve a lot if I could get the client to
32 connect without any changes at all, and thus let the client configure
33 itself during installation and first boot to use the infrastructure
34 around it. Now I am a huge step further along that road.</p>
35
36 <p>With our current squeeze-test packages, I can select the roaming
37 workstation profile and get a working laptop connecting to the
38 university LDAP server for user and group and our active directory
39 servers for Kerberos authentication. All this without any
40 configuration at all during installation. My users home directory got
41 a bookmark in the KDE menu to mount it via SMB, with the correct URL.
42 In short, openldap and sssd is correctly configured. In addition to
43 this, the client look for http://wpad/wpad.dat to configure a web
44 proxy, and when it fail to find it no proxy settings are stored in
45 /etc/environment and /etc/apt/apt.conf. Iceweasel and KDE is
46 configured to look for the same wpad configuration and also do not use
47 a proxy when at the university network. If the machine is moved to a
48 network with such wpad setup, it would automatically use it when DHCP
49 gave it a IP address.</p>
50
51 <p>The LDAP server is located using DNS, by first looking for the DNS
52 entry ldap.$domain. If this do not exist, it look for the
53 _ldap._tcp.$domain SRV records and use the first one as the LDAP
54 server. Next, it connects to the LDAP server and search all
55 namingContexts entries for posixAccount or posixGroup objects, and
56 pick the first one as the LDAP base. For Kerberos, a similar
57 algorithm is used to locate the LDAP server, and the realm is the
58 uppercase version of $domain.</p>
59
60 <p>So, what is not working, you might ask. SMB mounting my home
61 directory do not work. No idea why, but suspected the incorrect
62 Kerberos settings in /etc/krb5.conf and /etc/samba/smb.conf might be
63 the cause. These are not properly configured during installation, and
64 had to be hand-edited to get the correct Kerberos realm and server,
65 but SMB mounting still do not work. :(</p>
66
67 <p>With this automatic configuration in place, I expect a Debian Edu
68 roaming profile installation would be able to automatically detect and
69 connect to any site using LDAP and Kerberos for NSS directory and PAM
70 authentication. It should also work out of the box in a Active
71 Directory environment providing posixAccount and posixGroup objects
72 with UID and GID values.</p>
73
74 <p>If you want to help out with implementing these things for Debian
75 Edu, please contact us on debian-edu@lists.debian.org.</p>
76 </div>
77
78 <div class="tags">Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.</div>
79
80
81 </div>
82
83
84
85
86 <div id="sidebar">
87
88
89
90 <h2>Archive</h2>
91 <ul>
92
93 <li>2017
94 <ul>
95
96 <li><a href="http://people.skolelinux.org/pere/blog/archive/2017/01/">January (4)</a></li>
97
98 <li><a href="http://people.skolelinux.org/pere/blog/archive/2017/02/">February (3)</a></li>
99
100 <li><a href="http://people.skolelinux.org/pere/blog/archive/2017/03/">March (5)</a></li>
101
102 <li><a href="http://people.skolelinux.org/pere/blog/archive/2017/04/">April (2)</a></li>
103
104 <li><a href="http://people.skolelinux.org/pere/blog/archive/2017/06/">June (5)</a></li>
105
106 <li><a href="http://people.skolelinux.org/pere/blog/archive/2017/07/">July (1)</a></li>
107
108 <li><a href="http://people.skolelinux.org/pere/blog/archive/2017/08/">August (1)</a></li>
109
110 <li><a href="http://people.skolelinux.org/pere/blog/archive/2017/09/">September (2)</a></li>
111
112 </ul></li>
113
114 <li>2016
115 <ul>
116
117 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/01/">January (3)</a></li>
118
119 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/02/">February (2)</a></li>
120
121 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/03/">March (3)</a></li>
122
123 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/04/">April (8)</a></li>
124
125 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/05/">May (8)</a></li>
126
127 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/06/">June (2)</a></li>
128
129 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/07/">July (2)</a></li>
130
131 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/08/">August (5)</a></li>
132
133 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/09/">September (2)</a></li>
134
135 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/10/">October (3)</a></li>
136
137 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/11/">November (8)</a></li>
138
139 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/12/">December (5)</a></li>
140
141 </ul></li>
142
143 <li>2015
144 <ul>
145
146 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/01/">January (7)</a></li>
147
148 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/02/">February (6)</a></li>
149
150 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/03/">March (1)</a></li>
151
152 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/04/">April (4)</a></li>
153
154 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/05/">May (3)</a></li>
155
156 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/06/">June (4)</a></li>
157
158 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/07/">July (6)</a></li>
159
160 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/08/">August (2)</a></li>
161
162 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/09/">September (2)</a></li>
163
164 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/10/">October (9)</a></li>
165
166 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/11/">November (6)</a></li>
167
168 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/12/">December (3)</a></li>
169
170 </ul></li>
171
172 <li>2014
173 <ul>
174
175 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/01/">January (2)</a></li>
176
177 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/02/">February (3)</a></li>
178
179 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (8)</a></li>
180
181 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/04/">April (7)</a></li>
182
183 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/05/">May (1)</a></li>
184
185 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/06/">June (2)</a></li>
186
187 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/07/">July (2)</a></li>
188
189 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/08/">August (2)</a></li>
190
191 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/09/">September (5)</a></li>
192
193 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/10/">October (6)</a></li>
194
195 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/11/">November (3)</a></li>
196
197 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/12/">December (5)</a></li>
198
199 </ul></li>
200
201 <li>2013
202 <ul>
203
204 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/01/">January (11)</a></li>
205
206 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/02/">February (9)</a></li>
207
208 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/03/">March (9)</a></li>
209
210 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/04/">April (6)</a></li>
211
212 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/05/">May (9)</a></li>
213
214 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/06/">June (10)</a></li>
215
216 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/07/">July (7)</a></li>
217
218 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/08/">August (3)</a></li>
219
220 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/09/">September (5)</a></li>
221
222 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/10/">October (7)</a></li>
223
224 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/11/">November (9)</a></li>
225
226 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/12/">December (3)</a></li>
227
228 </ul></li>
229
230 <li>2012
231 <ul>
232
233 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/01/">January (7)</a></li>
234
235 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/02/">February (10)</a></li>
236
237 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/03/">March (17)</a></li>
238
239 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/04/">April (12)</a></li>
240
241 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/05/">May (12)</a></li>
242
243 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/06/">June (20)</a></li>
244
245 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/07/">July (17)</a></li>
246
247 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/08/">August (6)</a></li>
248
249 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/09/">September (9)</a></li>
250
251 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/10/">October (17)</a></li>
252
253 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/11/">November (10)</a></li>
254
255 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/12/">December (7)</a></li>
256
257 </ul></li>
258
259 <li>2011
260 <ul>
261
262 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/01/">January (16)</a></li>
263
264 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/02/">February (6)</a></li>
265
266 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/03/">March (6)</a></li>
267
268 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/04/">April (7)</a></li>
269
270 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/05/">May (3)</a></li>
271
272 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/06/">June (2)</a></li>
273
274 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/07/">July (7)</a></li>
275
276 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/08/">August (6)</a></li>
277
278 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/09/">September (4)</a></li>
279
280 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/10/">October (2)</a></li>
281
282 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/11/">November (3)</a></li>
283
284 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/12/">December (1)</a></li>
285
286 </ul></li>
287
288 <li>2010
289 <ul>
290
291 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/01/">January (2)</a></li>
292
293 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/02/">February (1)</a></li>
294
295 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/03/">March (3)</a></li>
296
297 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/04/">April (3)</a></li>
298
299 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/05/">May (9)</a></li>
300
301 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/06/">June (14)</a></li>
302
303 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/07/">July (12)</a></li>
304
305 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/08/">August (13)</a></li>
306
307 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/09/">September (7)</a></li>
308
309 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/10/">October (9)</a></li>
310
311 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/11/">November (13)</a></li>
312
313 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/12/">December (12)</a></li>
314
315 </ul></li>
316
317 <li>2009
318 <ul>
319
320 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/01/">January (8)</a></li>
321
322 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/02/">February (8)</a></li>
323
324 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/03/">March (12)</a></li>
325
326 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/04/">April (10)</a></li>
327
328 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/05/">May (9)</a></li>
329
330 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/06/">June (3)</a></li>
331
332 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/07/">July (4)</a></li>
333
334 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/08/">August (3)</a></li>
335
336 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/09/">September (1)</a></li>
337
338 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/10/">October (2)</a></li>
339
340 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/11/">November (3)</a></li>
341
342 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/12/">December (3)</a></li>
343
344 </ul></li>
345
346 <li>2008
347 <ul>
348
349 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/11/">November (5)</a></li>
350
351 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/12/">December (7)</a></li>
352
353 </ul></li>
354
355 </ul>
356
357
358
359 <h2>Tags</h2>
360 <ul>
361
362 <li><a href="http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (13)</a></li>
363
364 <li><a href="http://people.skolelinux.org/pere/blog/tags/amiga">amiga (1)</a></li>
365
366 <li><a href="http://people.skolelinux.org/pere/blog/tags/aros">aros (1)</a></li>
367
368 <li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (4)</a></li>
369
370 <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (9)</a></li>
371
372 <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (16)</a></li>
373
374 <li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>
375
376 <li><a href="http://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>
377
378 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (152)</a></li>
379
380 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (158)</a></li>
381
382 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian-handbook">debian-handbook (4)</a></li>
383
384 <li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>
385
386 <li><a href="http://people.skolelinux.org/pere/blog/tags/dld">dld (17)</a></li>
387
388 <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (24)</a></li>
389
390 <li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
391
392 <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (352)</a></li>
393
394 <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (23)</a></li>
395
396 <li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>
397
398 <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (30)</a></li>
399
400 <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (9)</a></li>
401
402 <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (18)</a></li>
403
404 <li><a href="http://people.skolelinux.org/pere/blog/tags/h264">h264 (20)</a></li>
405
406 <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (42)</a></li>
407
408 <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (15)</a></li>
409
410 <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (20)</a></li>
411
412 <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (9)</a></li>
413
414 <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (8)</a></li>
415
416 <li><a href="http://people.skolelinux.org/pere/blog/tags/lsdvd">lsdvd (2)</a></li>
417
418 <li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
419
420 <li><a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network (8)</a></li>
421
422 <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (39)</a></li>
423
424 <li><a href="http://people.skolelinux.org/pere/blog/tags/nice free software">nice free software (9)</a></li>
425
426 <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (292)</a></li>
427
428 <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (189)</a></li>
429
430 <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (33)</a></li>
431
432 <li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>
433
434 <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (64)</a></li>
435
436 <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (103)</a></li>
437
438 <li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>
439
440 <li><a href="http://people.skolelinux.org/pere/blog/tags/reactos">reactos (1)</a></li>
441
442 <li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
443
444 <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (3)</a></li>
445
446 <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (10)</a></li>
447
448 <li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>
449
450 <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (5)</a></li>
451
452 <li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
453
454 <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (53)</a></li>
455
456 <li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
457
458 <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (5)</a></li>
459
460 <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (55)</a></li>
461
462 <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (6)</a></li>
463
464 <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (12)</a></li>
465
466 <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (51)</a></li>
467
468 <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (3)</a></li>
469
470 <li><a href="http://people.skolelinux.org/pere/blog/tags/usenix">usenix (2)</a></li>
471
472 <li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (9)</a></li>
473
474 <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (59)</a></li>
475
476 <li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
477
478 <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (40)</a></li>
479
480 </ul>
481
482
483 </div>
484 <p style="text-align: right">
485 Created by <a href="http://steve.org.uk/Software/chronicle">Chronicle v4.6</a>
486 </p>
487
488 </body>
489 </html>
Nettsider og blogg.