Suggestion: Rename page to -> FremdDistro
Integration of Ubuntu into Skolelinux/Debian-Edu
German Version: /AufDeutsch
BitteTesten ob das funktioniert
Running Ubuntu 5.04 as a Skolelinux 1.0 workstation
WARNING! This is not official, just some work I did to experiment.
I do not recomend to use it in production. This is not a good way of doing things, It's just an ugly hack.
- - Jarle O. Vågen, Tue May 31 2005
All below is done on the ubuntu workstation, except the netgroup step which can be done from any browser.
- Install Ubuntu 5.04
- modify '/etc/apt/sources.list' to include universe
- the 'libnss-ldap' package is in universe
- Run 'apt-get update'
- Run 'apt-get install libnss-ldap libpam-ldap autofs autofs-ldap nfs-common'
I just accepted the standard values in the configuration, since I'm going to use config files from a Skolelinux 1.0 workstation later.
replace the file '/etc/libnss-ldap.conf' with a Skolelinux 1.0 workstation '/etc/libnss-ldap.conf'
replace the file '/etc/pam_ldap.conf' with a Skolelinux 1.0 workstation '/etc/pam_ldap.conf'
replace the file '/etc/nsswitch.conf' with a Skolelinux 1.0 workstation '/etc/nsswitch.conf'
- replace the directory '/etc/ldap/' with a Skolelinux 1.0 workstation '/etc/ldap/'
- replace the directory '/etc/pam.d/ with a Skolelinux 1.0 workstation '/etc/pam.d'
- make symbolic links for gdm and xscreensaver (tips: look at kdm and kscreensaver).
- Run 'mkdir /tjener'
- remove the file '/etc/auto.master'
replace the file '/etc/default/autofs' with a Skolelinux 1.0 workstation '/etc/default/autofs'
replace the file '/etc/init.d/autofs' with a Skolelinux 1.0 workstation '/etc/init.d/autofs'
- I don't know what goes wrong with the ubuntu version, but the slx version works with slx mainserver.
put your ubuntu workstation in the workstation netgroup, using WLUS ('https://tjener.intern:10000')
- Run '/etc/init.d/autofs restart'
Additions from another mail on Debian-Edu mailing list
If I remember correctly, it's using self-signed certificates. Try cut'n'paste this into a terminal as root: echo "TLS_REQCERT allow" >> /etc/ldap.conf
This will enable your client to work with ldapservers using self-signed certificates.
Another thing. The commonName in the server-certificate is maybe ldap.intern and not just ldap - so contacting the server by hostname 'ldap.intern' might also solve your problem - since you always should contact the ssl-/tls-enabled server by the (set) of commonName(s) it uses.
You can check any ssl-certificate service by using the utils in OpenSSL.
E.g.: openssl s_client -showcerts <hostname>:<port> which would print out all certificates in the certificate-chain the the remote service holds.
The s_client command has other nice options you can play with as well.
ToDo: Original-Dateien einer (Woody-)Installation als Anhang anhängen
Uptdated Howto by Klaus-Ade for Sarge (incl. conf-files)
Last year in July, I wrote a *very* quick guide on integrating a "foreign" Linux distribution into the Skolelinux/Debian ldap/autofs setup, here:
Lately people have told me that they haven't had any success following the instructions in that mail.
So, I though I'd try following those instructions myself, and see how well that goes, success, and here is how. (I might add that this Howto worked very nice also on a normal Debian Sarge worksation.)
Last time I used a Knoppix installed to hardrive as "foreign" Linux distribution, this time I'll use Ubuntu 5.10, I will not comment on Ubuntu itself.
The server is based on Skolelinux/debian-edu pr05, which is Sarge based.
First on the Ubuntu machine, you must enable the universe package repository, by adding/uncommenting these lines to your /etc/apt/sources.list
deb http://no.archive.ubuntu.com/ubuntu breezy universe deb http://security.ubuntu.com/ubuntu breezy-security universe
Then do your apt-get update
You need some packages installed on Ubuntu for all this to work:
apt-get install autofs-ldap ldap-utils libldap2 libnss-ldap libpam-ldap nscd
Also install ssh, as that is very handy to have installed, and Ubuntu doesn't install it as default:
apt-get install ssh
Just press [Enter] and accept whatere default you are presented with regarding ldap and so on, we will take care of the configuration files later.
From a Skolelinux/Debian-edu (in this case based on pr05) workstation take the following files/directories:
/etc/pam.d /etc/nsswitch.conf /etc/libnss-ldap.conf /etc/nscd.conf /etc/default/autofs /etc/init.d/autofs /etc/ldap /etc/pam_ldap.conf /etc/auto.master
There might be files included here, that is not necessary for making ldap/autofs work, someone should comment on that, please.
For those without a Skolelinux/debian-edu workstation, I've uploaded these files to http://www.skolelinux.no/~klaus/skolelinux.ldap.autofs.tgz
You should also take a backup copy of these files on your Ubuntu machine, before installing these files from Skolelinux/Debian-edu: this is a handy way of doing that:( \ means one long line)
tar zcvf Ubuntu.ldap.autofs.backup.tgz \ /etc/pam.d \ /etc/nsswitch.conf \ /etc/libnss-ldap.conf \ /etc/nscd.conf \ /etc/default/autofs \ /etc/init.d/autofs \ /etc/ldap \ /etc/pam_ldap.conf \ /etc/auto.master
It's almost the same way for copying these files from the Skolelinux/Debian-edu machine:( \ means one long line)
tar zcvf skolelinux.ldap.autofs.tgz \ /etc/pam.d \ /etc/nsswitch.conf \ /etc/libnss-ldap.conf \ /etc/nscd.conf \ /etc/default/autofs \ /etc/init.d/autofs \ /etc/ldap \ /etc/pam_ldap.conf \ /etc/auto.master
Transfer this archive Skolelinux.ldap.autofs.tgz over to the Ubuntu machine somehow, maybe with scp scp skolelinux.ldap.autofs.tgz username@ubuntumachine:~/
Become root, then unpack the archive skolelinux.ldap.autofs.tgz
tar zvxf skolelinux.ldap.autofs.tgz -C /
Create the automount point on Ubuntu
Unless you add your Ubuntu machine to the Skolelinux/debian edu netgroups, it's won't be able to mount your home-dirs, have a look at http://www.skolelinux.no/~klaus/newnotater/x2097.html
When this is all done, reboot the Ubuntu machine.
When it starts again, you should be able to verify that ldap is working in Ubuntu by running: getent passwd and seeing all your Skolelinux/debian-edu ldap-users
Running su - username should let you become that user, and that users home-dir should now automatically be mounted from Skolelinux/debian-edu.
If the process of mounting takes very loooong, several minutes, and you simultaneously see this messages in syslog on the Ubuntu machine:
nfs warning: mount version older than kernel server localhost not responding, timed out nsm_mon_unmon: rpc failed, status=-5 lockd: cannot monitor 10.0.2.2 lockd: failed to monitor 10.0.2.2
Recommended: Additionally install nfs-commom on your client: # apt-get install nfs-common
Not recommended (long delays) - not necessary if you installed nfs-commom on your client:
Then you might want to add the option nolock to ldap on your server, this does that on the Skolelinux/debian-edu server: # ldapsearch -LLLx objectClass=automount automountInformation | sed -e "s:intr tjener:intr,nolock tjener:g" | ldapmodify -xWZD cn=admin,ou=People,dc=skole,dc=Skolelinux,dc=no After this you must restart ldap: # /etc/init.d/slapd restart
You should now be able to login, with you username/password and homedir from Skolelinux/debian-edu.
Please drop me an email if this works, and if this doesn't work.
There might be a more layout friendly verson of this mail included in the upcoming Sarge version of newdriftbook;
Applying this how-to in a desktop install of debian etch resulted in the dhcp client acting up. During boot it would receive and lose it's ip address. The culprint was the package "network-manager". Removing this package with "aptitude remove network-manager" fixed the problem
...Ubuntu 8.04 (Hardy Heron)... noticed following changes in ubuntu:
- -libnns-ldap is replaced by libnss-ldapd
-libldap2 is replaced by libldap-2.4-2