]> pere.pagekite.me Git - homepage.git/blob - blog/Autodetecting_Client_setup_for_roaming_workstations_in_Debian_Edu.html
projects / homepage.git / blob
? search:


b70d8d71bdf9c2c7c4472161b0e669cb4be914f7
[homepage.git] / blog / Autodetecting_Client_setup_for_roaming_workstations_in_Debian_Edu.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
4 <head>
5 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
6 <title>Petter Reinholdtsen: Autodetecting Client setup for roaming workstations in Debian Edu</title>
7 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/style.css" />
8 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/vim.css" />
9
10
11 </head>
12 <body>
13 <div class="title">
14 <h1>
15 <a href="http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen</a>
16
17 </h1>
18
19 </div>
20
21
22 <div class="entry">
23 <div class="title">Autodetecting Client setup for roaming workstations in Debian Edu</div>
24 <div class="date"> 7th August 2010</div>
25 <div class="body"><p>A few days ago, I
26 <a href="http://people.skolelinux.org/pere/blog/Debian_Edu_roaming_workstation___at_the_university_of_Oslo.html">tried
27 to install</a> a Roaming workation profile from Debian Edu/Squeeze
28 while on the university network here at the University of Oslo, and
29 noticed how much had to change to get it operational using the
30 university infrastructure. It was fairly easy, but it occured to me
31 that Debian Edu would improve a lot if I could get the client to
32 connect without any changes at all, and thus let the client configure
33 itself during installation and first boot to use the infrastructure
34 around it. Now I am a huge step further along that road.</p>
35
36 <p>With our current squeeze-test packages, I can select the roaming
37 workstation profile and get a working laptop connecting to the
38 university LDAP server for user and group and our active directory
39 servers for Kerberos authentication. All this without any
40 configuration at all during installation. My users home directory got
41 a bookmark in the KDE menu to mount it via SMB, with the correct URL.
42 In short, openldap and sssd is correctly configured. In addition to
43 this, the client look for http://wpad/wpad.dat to configure a web
44 proxy, and when it fail to find it no proxy settings are stored in
45 /etc/environment and /etc/apt/apt.conf. Iceweasel and KDE is
46 configured to look for the same wpad configuration and also do not use
47 a proxy when at the university network. If the machine is moved to a
48 network with such wpad setup, it would automatically use it when DHCP
49 gave it a IP address.</p>
50
51 <p>The LDAP server is located using DNS, by first looking for the DNS
52 entry ldap.$domain. If this do not exist, it look for the
53 _ldap._tcp.$domain SRV records and use the first one as the LDAP
54 server. Next, it connects to the LDAP server and search all
55 namingContexts entries for posixAccount or posixGroup objects, and
56 pick the first one as the LDAP base. For Kerberos, a similar
57 algorithm is used to locate the LDAP server, and the realm is the
58 uppercase version of $domain.</p>
59
60 <p>So, what is not working, you might ask. SMB mounting my home
61 directory do not work. No idea why, but suspected the incorrect
62 Kerberos settings in /etc/krb5.conf and /etc/samba/smb.conf might be
63 the cause. These are not properly configured during installation, and
64 had to be hand-edited to get the correct Kerberos realm and server,
65 but SMB mounting still do not work. :(</p>
66
67 <p>With this automatic configuration in place, I expect a Debian Edu
68 roaming profile installation would be able to automatically detect and
69 connect to any site using LDAP and Kerberos for NSS directory and PAM
70 authentication. It should also work out of the box in a Active
71 Directory environment providing posixAccount and posixGroup objects
72 with UID and GID values.</p>
73
74 <p>If you want to help out with implementing these things for Debian
75 Edu, please contact us on debian-edu@lists.debian.org.</p>
76 </div>
77
78 <div class="tags">Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.</div>
79
80
81 </div>
82
83
84
85
86 <div id="sidebar">
87
88
89
90 <h2>Archive</h2>
91 <ul>
92
93 <li>2016
94 <ul>
95
96 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/01/">January (3)</a></li>
97
98 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/02/">February (2)</a></li>
99
100 <li><a href="http://people.skolelinux.org/pere/blog/archive/2016/03/">March (3)</a></li>
101
102 </ul></li>
103
104 <li>2015
105 <ul>
106
107 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/01/">January (7)</a></li>
108
109 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/02/">February (6)</a></li>
110
111 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/03/">March (1)</a></li>
112
113 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/04/">April (4)</a></li>
114
115 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/05/">May (3)</a></li>
116
117 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/06/">June (4)</a></li>
118
119 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/07/">July (6)</a></li>
120
121 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/08/">August (2)</a></li>
122
123 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/09/">September (2)</a></li>
124
125 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/10/">October (9)</a></li>
126
127 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/11/">November (6)</a></li>
128
129 <li><a href="http://people.skolelinux.org/pere/blog/archive/2015/12/">December (3)</a></li>
130
131 </ul></li>
132
133 <li>2014
134 <ul>
135
136 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/01/">January (2)</a></li>
137
138 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/02/">February (3)</a></li>
139
140 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (8)</a></li>
141
142 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/04/">April (7)</a></li>
143
144 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/05/">May (1)</a></li>
145
146 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/06/">June (2)</a></li>
147
148 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/07/">July (2)</a></li>
149
150 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/08/">August (2)</a></li>
151
152 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/09/">September (5)</a></li>
153
154 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/10/">October (6)</a></li>
155
156 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/11/">November (3)</a></li>
157
158 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/12/">December (5)</a></li>
159
160 </ul></li>
161
162 <li>2013
163 <ul>
164
165 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/01/">January (11)</a></li>
166
167 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/02/">February (9)</a></li>
168
169 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/03/">March (9)</a></li>
170
171 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/04/">April (6)</a></li>
172
173 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/05/">May (9)</a></li>
174
175 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/06/">June (10)</a></li>
176
177 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/07/">July (7)</a></li>
178
179 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/08/">August (3)</a></li>
180
181 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/09/">September (5)</a></li>
182
183 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/10/">October (7)</a></li>
184
185 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/11/">November (9)</a></li>
186
187 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/12/">December (3)</a></li>
188
189 </ul></li>
190
191 <li>2012
192 <ul>
193
194 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/01/">January (7)</a></li>
195
196 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/02/">February (10)</a></li>
197
198 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/03/">March (17)</a></li>
199
200 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/04/">April (12)</a></li>
201
202 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/05/">May (12)</a></li>
203
204 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/06/">June (20)</a></li>
205
206 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/07/">July (17)</a></li>
207
208 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/08/">August (6)</a></li>
209
210 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/09/">September (9)</a></li>
211
212 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/10/">October (17)</a></li>
213
214 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/11/">November (10)</a></li>
215
216 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/12/">December (7)</a></li>
217
218 </ul></li>
219
220 <li>2011
221 <ul>
222
223 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/01/">January (16)</a></li>
224
225 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/02/">February (6)</a></li>
226
227 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/03/">March (6)</a></li>
228
229 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/04/">April (7)</a></li>
230
231 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/05/">May (3)</a></li>
232
233 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/06/">June (2)</a></li>
234
235 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/07/">July (7)</a></li>
236
237 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/08/">August (6)</a></li>
238
239 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/09/">September (4)</a></li>
240
241 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/10/">October (2)</a></li>
242
243 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/11/">November (3)</a></li>
244
245 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/12/">December (1)</a></li>
246
247 </ul></li>
248
249 <li>2010
250 <ul>
251
252 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/01/">January (2)</a></li>
253
254 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/02/">February (1)</a></li>
255
256 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/03/">March (3)</a></li>
257
258 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/04/">April (3)</a></li>
259
260 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/05/">May (9)</a></li>
261
262 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/06/">June (14)</a></li>
263
264 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/07/">July (12)</a></li>
265
266 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/08/">August (13)</a></li>
267
268 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/09/">September (7)</a></li>
269
270 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/10/">October (9)</a></li>
271
272 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/11/">November (13)</a></li>
273
274 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/12/">December (12)</a></li>
275
276 </ul></li>
277
278 <li>2009
279 <ul>
280
281 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/01/">January (8)</a></li>
282
283 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/02/">February (8)</a></li>
284
285 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/03/">March (12)</a></li>
286
287 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/04/">April (10)</a></li>
288
289 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/05/">May (9)</a></li>
290
291 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/06/">June (3)</a></li>
292
293 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/07/">July (4)</a></li>
294
295 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/08/">August (3)</a></li>
296
297 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/09/">September (1)</a></li>
298
299 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/10/">October (2)</a></li>
300
301 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/11/">November (3)</a></li>
302
303 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/12/">December (3)</a></li>
304
305 </ul></li>
306
307 <li>2008
308 <ul>
309
310 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/11/">November (5)</a></li>
311
312 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/12/">December (7)</a></li>
313
314 </ul></li>
315
316 </ul>
317
318
319
320 <h2>Tags</h2>
321 <ul>
322
323 <li><a href="http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (13)</a></li>
324
325 <li><a href="http://people.skolelinux.org/pere/blog/tags/amiga">amiga (1)</a></li>
326
327 <li><a href="http://people.skolelinux.org/pere/blog/tags/aros">aros (1)</a></li>
328
329 <li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (4)</a></li>
330
331 <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (9)</a></li>
332
333 <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (15)</a></li>
334
335 <li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>
336
337 <li><a href="http://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>
338
339 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (122)</a></li>
340
341 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (154)</a></li>
342
343 <li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>
344
345 <li><a href="http://people.skolelinux.org/pere/blog/tags/dld">dld (15)</a></li>
346
347 <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (20)</a></li>
348
349 <li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
350
351 <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (305)</a></li>
352
353 <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (23)</a></li>
354
355 <li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>
356
357 <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (25)</a></li>
358
359 <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (9)</a></li>
360
361 <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (16)</a></li>
362
363 <li><a href="http://people.skolelinux.org/pere/blog/tags/h264">h264 (20)</a></li>
364
365 <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (42)</a></li>
366
367 <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (11)</a></li>
368
369 <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (19)</a></li>
370
371 <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (9)</a></li>
372
373 <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (8)</a></li>
374
375 <li><a href="http://people.skolelinux.org/pere/blog/tags/lsdvd">lsdvd (2)</a></li>
376
377 <li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
378
379 <li><a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network (8)</a></li>
380
381 <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (37)</a></li>
382
383 <li><a href="http://people.skolelinux.org/pere/blog/tags/nice free software">nice free software (7)</a></li>
384
385 <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (273)</a></li>
386
387 <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (177)</a></li>
388
389 <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (22)</a></li>
390
391 <li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>
392
393 <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (58)</a></li>
394
395 <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (92)</a></li>
396
397 <li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>
398
399 <li><a href="http://people.skolelinux.org/pere/blog/tags/reactos">reactos (1)</a></li>
400
401 <li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
402
403 <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (3)</a></li>
404
405 <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (9)</a></li>
406
407 <li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>
408
409 <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (4)</a></li>
410
411 <li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
412
413 <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (45)</a></li>
414
415 <li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
416
417 <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (4)</a></li>
418
419 <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (49)</a></li>
420
421 <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (3)</a></li>
422
423 <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (10)</a></li>
424
425 <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (36)</a></li>
426
427 <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (2)</a></li>
428
429 <li><a href="http://people.skolelinux.org/pere/blog/tags/usenix">usenix (2)</a></li>
430
431 <li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (8)</a></li>
432
433 <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (55)</a></li>
434
435 <li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
436
437 <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (38)</a></li>
438
439 </ul>
440
441
442 </div>
443 <p style="text-align: right">
444 Created by <a href="http://steve.org.uk/Software/chronicle">Chronicle v4.6</a>
445 </p>
446
447 </body>
448 </html>
Nettsider og blogg.