]> pere.pagekite.me Git - homepage.git/blob - blog/Autodetecting_Client_setup_for_roaming_workstations_in_Debian_Edu.html
projects / homepage.git / blob
? search:


ab38a3a38b875c9a542a1db7d3e03dba03efdf05
[homepage.git] / blog / Autodetecting_Client_setup_for_roaming_workstations_in_Debian_Edu.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
4 <head>
5 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
6 <title>Petter Reinholdtsen: Autodetecting Client setup for roaming workstations in Debian Edu</title>
7 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/style.css" />
8 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/vim.css" />
9 </head>
10 <body>
11 <div class="title">
12 <h1>
13 <a href="http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen</a>
14
15 </h1>
16
17 </div>
18
19
20 <div class="entry">
21 <div class="title">Autodetecting Client setup for roaming workstations in Debian Edu</div>
22 <div class="date"> 7th August 2010</div>
23 <div class="body"><p>A few days ago, I
24 <a href="http://people.skolelinux.org/pere/blog/Debian_Edu_roaming_workstation___at_the_university_of_Oslo.html">tried
25 to install</a> a Roaming workation profile from Debian Edu/Squeeze
26 while on the university network here at the University of Oslo, and
27 noticed how much had to change to get it operational using the
28 university infrastructure. It was fairly easy, but it occured to me
29 that Debian Edu would improve a lot if I could get the client to
30 connect without any changes at all, and thus let the client configure
31 itself during installation and first boot to use the infrastructure
32 around it. Now I am a huge step further along that road.</p>
33
34 <p>With our current squeeze-test packages, I can select the roaming
35 workstation profile and get a working laptop connecting to the
36 university LDAP server for user and group and our active directory
37 servers for Kerberos authentication. All this without any
38 configuration at all during installation. My users home directory got
39 a bookmark in the KDE menu to mount it via SMB, with the correct URL.
40 In short, openldap and sssd is correctly configured. In addition to
41 this, the client look for http://wpad/wpad.dat to configure a web
42 proxy, and when it fail to find it no proxy settings are stored in
43 /etc/environment and /etc/apt/apt.conf. Iceweasel and KDE is
44 configured to look for the same wpad configuration and also do not use
45 a proxy when at the university network. If the machine is moved to a
46 network with such wpad setup, it would automatically use it when DHCP
47 gave it a IP address.</p>
48
49 <p>The LDAP server is located using DNS, by first looking for the DNS
50 entry ldap.$domain. If this do not exist, it look for the
51 _ldap._tcp.$domain SRV records and use the first one as the LDAP
52 server. Next, it connects to the LDAP server and search all
53 namingContexts entries for posixAccount or posixGroup objects, and
54 pick the first one as the LDAP base. For Kerberos, a similar
55 algorithm is used to locate the LDAP server, and the realm is the
56 uppercase version of $domain.</p>
57
58 <p>So, what is not working, you might ask. SMB mounting my home
59 directory do not work. No idea why, but suspected the incorrect
60 Kerberos settings in /etc/krb5.conf and /etc/samba/smb.conf might be
61 the cause. These are not properly configured during installation, and
62 had to be hand-edited to get the correct Kerberos realm and server,
63 but SMB mounting still do not work. :(</p>
64
65 <p>With this automatic configuration in place, I expect a Debian Edu
66 roaming profile installation would be able to automatically detect and
67 connect to any site using LDAP and Kerberos for NSS directory and PAM
68 authentication. It should also work out of the box in a Active
69 Directory environment providing posixAccount and posixGroup objects
70 with UID and GID values.</p>
71
72 <p>If you want to help out with implementing these things for Debian
73 Edu, please contact us on debian-edu@lists.debian.org.</p>
74 </div>
75
76 <div class="tags">Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.</div>
77
78
79 </div>
80
81
82
83
84 <div id="sidebar">
85
86
87
88 <h2>Archive</h2>
89 <ul>
90
91 <li>2012
92 <ul>
93
94 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/01/">January (7)</a></li>
95
96 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/02/">February (10)</a></li>
97
98 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/03/">March (17)</a></li>
99
100 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/04/">April (12)</a></li>
101
102 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/05/">May (12)</a></li>
103
104 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/06/">June (20)</a></li>
105
106 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/07/">July (17)</a></li>
107
108 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/08/">August (6)</a></li>
109
110 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/09/">September (9)</a></li>
111
112 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/10/">October (17)</a></li>
113
114 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/11/">November (10)</a></li>
115
116 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/12/">December (2)</a></li>
117
118 </ul></li>
119
120 <li>2011
121 <ul>
122
123 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/01/">January (16)</a></li>
124
125 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/02/">February (6)</a></li>
126
127 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/03/">March (6)</a></li>
128
129 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/04/">April (7)</a></li>
130
131 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/05/">May (3)</a></li>
132
133 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/06/">June (2)</a></li>
134
135 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/07/">July (7)</a></li>
136
137 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/08/">August (6)</a></li>
138
139 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/09/">September (4)</a></li>
140
141 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/10/">October (2)</a></li>
142
143 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/11/">November (3)</a></li>
144
145 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/12/">December (1)</a></li>
146
147 </ul></li>
148
149 <li>2010
150 <ul>
151
152 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/01/">January (2)</a></li>
153
154 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/02/">February (1)</a></li>
155
156 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/03/">March (3)</a></li>
157
158 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/04/">April (3)</a></li>
159
160 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/05/">May (9)</a></li>
161
162 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/06/">June (14)</a></li>
163
164 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/07/">July (12)</a></li>
165
166 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/08/">August (13)</a></li>
167
168 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/09/">September (7)</a></li>
169
170 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/10/">October (9)</a></li>
171
172 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/11/">November (13)</a></li>
173
174 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/12/">December (12)</a></li>
175
176 </ul></li>
177
178 <li>2009
179 <ul>
180
181 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/01/">January (8)</a></li>
182
183 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/02/">February (8)</a></li>
184
185 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/03/">March (12)</a></li>
186
187 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/04/">April (10)</a></li>
188
189 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/05/">May (9)</a></li>
190
191 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/06/">June (3)</a></li>
192
193 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/07/">July (4)</a></li>
194
195 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/08/">August (3)</a></li>
196
197 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/09/">September (1)</a></li>
198
199 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/10/">October (2)</a></li>
200
201 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/11/">November (3)</a></li>
202
203 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/12/">December (3)</a></li>
204
205 </ul></li>
206
207 <li>2008
208 <ul>
209
210 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/11/">November (5)</a></li>
211
212 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/12/">December (7)</a></li>
213
214 </ul></li>
215
216 </ul>
217
218
219
220 <h2>Tags</h2>
221 <ul>
222
223 <li><a href="http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (13)</a></li>
224
225 <li><a href="http://people.skolelinux.org/pere/blog/tags/amiga">amiga (1)</a></li>
226
227 <li><a href="http://people.skolelinux.org/pere/blog/tags/aros">aros (1)</a></li>
228
229 <li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (3)</a></li>
230
231 <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (3)</a></li>
232
233 <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (12)</a></li>
234
235 <li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>
236
237 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (57)</a></li>
238
239 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (116)</a></li>
240
241 <li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (9)</a></li>
242
243 <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (7)</a></li>
244
245 <li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
246
247 <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (161)</a></li>
248
249 <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>
250
251 <li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>
252
253 <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (9)</a></li>
254
255 <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (9)</a></li>
256
257 <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (32)</a></li>
258
259 <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (17)</a></li>
260
261 <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (8)</a></li>
262
263 <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (5)</a></li>
264
265 <li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
266
267 <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (25)</a></li>
268
269 <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (217)</a></li>
270
271 <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (147)</a></li>
272
273 <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (6)</a></li>
274
275 <li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>
276
277 <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (39)</a></li>
278
279 <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (60)</a></li>
280
281 <li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>
282
283 <li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
284
285 <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (2)</a></li>
286
287 <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (4)</a></li>
288
289 <li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>
290
291 <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (4)</a></li>
292
293 <li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
294
295 <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (28)</a></li>
296
297 <li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
298
299 <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (4)</a></li>
300
301 <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (39)</a></li>
302
303 <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (3)</a></li>
304
305 <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (5)</a></li>
306
307 <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (12)</a></li>
308
309 <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (1)</a></li>
310
311 <li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (7)</a></li>
312
313 <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (35)</a></li>
314
315 <li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
316
317 <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (26)</a></li>
318
319 </ul>
320
321
322 </div>
323 <p style="text-align: right">
324 Created by <a href="http://steve.org.uk/Software/chronicle">Chronicle v4.4</a>
325 </p>
326
327 </body>
328 </html>
Nettsider og blogg.