From: Petter Reinholdtsen <pere@hungry.com>
Date: Sat, 7 Aug 2010 12:47:11 +0000 (+0000)
Subject: Add link.
X-Git-Url: https://pere.pagekite.me/gitweb/homepage.git/commitdiff_plain/fda196f937299486eb9daa1888f92ad1f64d6963?ds=inline

Add link.
---

diff --git a/blog/data/2010-08-07-edu-autoconf.txt b/blog/data/2010-08-07-edu-autoconf.txt
new file mode 100644
index 0000000000..4bfb969d1c
--- /dev/null
+++ b/blog/data/2010-08-07-edu-autoconf.txt
@@ -0,0 +1,45 @@
+Title: Autodetecting Client setup for roaming workstations in Debian Edu
+Tags: english, nuug, debian edu
+Date: 2010-08-07 14:45
+
+<p>A few days ago, I
+<a href="http://people.skolelinux.org/pere/blog/Debian_Edu_roaming_workstation___at_the_university_of_Oslo.html">tried
+to install</a> a Roaming workation profile from Debian Edu/Squeeze
+while on the university network here at the University of Oslo, and
+noticed how much had to change to get it operational using the
+university infrastructure.  It was fairly easy, but it occured to me
+that Debian Edu would improve a lot if I could get the client to
+connect without any changes at all, and thus let the client configure
+itself during installation and first boot to use the infrastructure
+around it.  Now I am a huge step further along that road.</p>
+
+<p>With our current squeeze-test packages, I can select the roaming
+workstation profile and get a working laptop connecting to the
+university LDAP server for user and group and our active directory
+servers for Kerberos authentication.  My users home directory got a
+bookmark in the KDE menu to mount it via SMB, with the correct URL.
+In short, openldap and sssd is correctly configured.  In addition to
+this, the client look for http://wpad/wpad.dat to configure a web
+proxy, and when it fail to find it no proxy settings are stored in
+/etc/environment and /etc/apt/apt.conf.  Iceweasel and KDE is
+configured to look for the same wpad configuration and also do not use
+a proxy when at the university network.  If the machine is moved to a
+network with such wpad setup, it would automatically use it when DHCP
+gave it a IP address.</p>
+
+<p>So, what is not working, you might ask.  SMB mounting my home
+directory do not work.  No idea why, but suspected the incorrect
+Kerberos settings in /etc/krb5.conf and /etc/samba/smb.conf might be
+the cause.  These are not properly configured during installation, and
+had to be hand-edited to get the correct Kerberos realm and server,
+but SMB mounting still do not work. :(</p>
+
+<p>With this automatic configuration in place, I expect a Debian Edu
+roaming profile installation would be able to automatically detect and
+connect to any site using LDAP and Kerberos for NSS directory and PAM
+authentication.  It should also work out of the box in a Active
+Directory environment providing posixAccount and posixGroup objects
+with UID and GID values.</p>
+
+<p>If you want to help out with implementing these things for Debian
+Edu, please contact us on debian-edu@lists.debian.org.</p>