<h3>Entries tagged "ldap".</h3>
+ <div class="entry">
+ <div class="title">
+ <a href="http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html">How to add extra storage servers in Debian Edu / Skolelinux</a>
+ </div>
+ <div class="date">
+ 12th March 2014
+ </div>
+ <div class="body">
+ <p>On larger sites, it is useful to use a dedicated storage server for
+storing user home directories and data. The design for handling this
+in <a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a>, is
+to update the automount rules in LDAP and let the automount daemon on
+the clients take care of the rest. I was reminded about the need to
+document this better when one of the customers of
+<a href="http://www.slxdrift.no/">Skolelinux Drift AS</a>, where I am
+on the board of directors, asked about how to do this. The steps to
+get this working are the following:</p>
+
+<p><ol>
+
+<li>Add new storage server in DNS. I use nas-server.intern as the
+example host here.</li>
+
+<li>Add automoun LDAP information about this server in LDAP, to allow
+all clients to automatically mount it on reqeust.</li>
+
+<li>Add the relevant entries in tjener.intern:/etc/fstab, because
+tjener.intern do not use automount to avoid mounting loops.</li>
+
+</ol></p>
+
+<p>DNS entries are added in GOsa², and not described here. Follow the
+<a href="https://wiki.debian.org/DebianEdu/Documentation/Wheezy/GettingStarted">instructions
+in the manual</a> (Machine Management with GOsa² in section Getting
+started).</p>
+
+<p>Ensure that the NFS export points on the server are exported to the
+relevant subnets or machines:</p>
+
+<p><blockquote><pre>
+root@tjener:~# showmount -e nas-server
+Export list for nas-server:
+/storage 10.0.0.0/8
+root@tjener:~#
+</pre></blockquote></p>
+
+<p>Here everything on the backbone network is granted access to the
+/storage export. With NFSv3 it is slightly better to limit it to
+netgroup membership or single IP addresses to have some limits on the
+NFS access.</p>
+
+<p>The next step is to update LDAP. This can not be done using GOsa²,
+because it lack a module for automount. Instead, use ldapvi and add
+the required LDAP objects using an editor.</p>
+
+<p><blockquote><pre>
+ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no
+</pre></blockquote></p>
+
+<p>When the editor show up, add the following LDAP objects at the
+bottom of the document. The "/&" part in the last LDAP object is a
+wild card matching everything the nas-server exports, removing the
+need to list individual mount points in LDAP.</p>
+
+<p><blockquote><pre>
+add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: automount
+cn: nas-server
+automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+
+add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: top
+objectClass: automountMap
+ou: auto.nas-server
+
+add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: automount
+cn: /
+automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/&
+</pre></blockquote></p>
+
+<p>The last step to remember is to mount the relevant mount points in
+tjener.intern by adding them to /etc/fstab, creating the mount
+directories using mkdir and running "mount -a" to mount them.</p>
+
+<p>When this is done, your users should be able to access the files on
+the storage server directly by just visiting the
+/tjener/nas-server/storage/ directory using any application on any
+workstation, LTSP client or LTSP server.</p>
+
+ </div>
+ <div class="tags">
+
+
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap</a>.
+
+
+ </div>
+ </div>
+ <div class="padding"></div>
+
<div class="entry">
<div class="title">
<a href="http://people.skolelinux.org/pere/blog/What_are_they_searching_for___PowerDNS_and_ISC_DHCP_in_LDAP.html">What are they searching for - PowerDNS and ISC DHCP in LDAP</a>
<h2>Archive</h2>
<ul>
+<li>2015
+<ul>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/01/">January (7)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/02/">February (6)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/03/">March (1)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/04/">April (4)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/05/">May (3)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/06/">June (4)</a></li>
+
+</ul></li>
+
+<li>2014
+<ul>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/01/">January (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/02/">February (3)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (8)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/04/">April (7)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/05/">May (1)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/06/">June (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/07/">July (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/08/">August (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/09/">September (5)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/10/">October (6)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/11/">November (3)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/12/">December (5)</a></li>
+
+</ul></li>
+
<li>2013
<ul>
<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/11/">November (9)</a></li>
-<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/12/">December (1)</a></li>
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2013/12/">December (3)</a></li>
</ul></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (7)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (8)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (13)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (15)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (91)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (143)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (109)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (153)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (10)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/dld">dld (15)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (13)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (231)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (279)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (23)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (12)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (15)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (9)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (5)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (15)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (11)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/h264">h264 (19)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (38)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (42)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (7)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (10)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (18)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (19)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (8)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (9)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (6)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (8)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/lsdvd">lsdvd (2)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network (6)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network (8)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (25)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (34)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (238)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (263)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (160)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (176)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (9)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (18)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (45)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (52)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (67)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (86)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/reactos">reactos (1)</a></li>
+
<li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (2)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (3)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (9)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (33)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (41)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (44)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (47)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (3)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (9)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (21)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (33)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (1)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/usenix">usenix (2)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (8)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (39)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (52)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (28)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (36)</a></li>
</ul>
projects / homepage.git / blobdiff