This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / Backup Ebox configs to a USB flash drive
« on: November 16, 2009, 05:20:40 am »
Here's a quick HOWTO for backup up your ebox configs to a USB flash drive...
Step 1) Figure out what device to use by inserting your USB drive and issue this command:
The output should look like this:
You will notice linux has recognized the device as /dev/sdb and the main partition is /dev/sdb1.
Step 2) Edit your /etc/fstab and add this line:
Step 3) Mount it
Step 4) Make sure you can backup manually via System-->Backups
Step 1) Figure out what device to use by inserting your USB drive and issue this command:
Code: [Select]
dmesg
The output should look like this:
Code: [Select]
[ 2872.737494] usb-storage: device found at 3
[ 2872.737495] usb-storage: waiting for device to settle before scanning
[ 2877.725965] usb-storage: device scan complete
[ 2877.726716] scsi 6:0:0:0: Direct-Access Ut165 USB2FlashStorage 0.00 PQ: 0 ANSI: 2
[ 2877.731153] sd 6:0:0:0: [sdb] 7897088 512-byte hardware sectors (4043 MB)
[ 2877.734889] sd 6:0:0:0: [sdb] Write Protect is off
[ 2877.734892] sd 6:0:0:0: [sdb] Mode Sense: 00 00 00 00
[ 2877.734894] sd 6:0:0:0: [sdb] Assuming drive cache: write through
[ 2877.745687] sd 6:0:0:0: [sdb] 7897088 512-byte hardware sectors (4043 MB)
[ 2877.746436] sd 6:0:0:0: [sdb] Write Protect is off
[ 2877.746438] sd 6:0:0:0: [sdb] Mode Sense: 00 00 00 00
[ 2877.746439] sd 6:0:0:0: [sdb] Assuming drive cache: write through
[ 2877.746441] sdb: sdb1
[ 2878.303984] sd 6:0:0:0: [sdb] Attached SCSI removable disk
[ 2878.304006] sd 6:0:0:0: Attached scsi generic sg2 type 0
You will notice linux has recognized the device as /dev/sdb and the main partition is /dev/sdb1.
Step 2) Edit your /etc/fstab and add this line:
Code: [Select]
/dev/sdb1 /var/lib/ebox/conf/backups vfat user,auto,exec,rw,umask=000 0 0
Step 3) Mount it
Code: [Select]
mount -a
Step 4) Make sure you can backup manually via System-->Backups
2
Installation and Upgrades / Redirect the "It Works!" page to eBox admin
« on: June 17, 2009, 04:27:47 pm »
For those who are tired of typing in the https:// each time you access the admin page here a quick little trick to do a redirect:
Edit /var/www/index.html
Ideally, ths should work via the .htaccess file, but I can't figure out how to make it work. Anyone have any clues? Here the .htaccess code that should work:
Edit /var/www/index.html
Code: [Select]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Welcome to Ebox</title>
<meta http-equiv="REFRESH" content="0;url=https://<enter your ebox dns name here>"></HEAD>
<BODY>
Please wait while you are being redirected to the eBox administration page...
</BODY>
</HTML>
Ideally, ths should work via the .htaccess file, but I can't figure out how to make it work. Anyone have any clues? Here the .htaccess code that should work:
Code: [Select]
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
3
Installation and Upgrades / DHCP-> Advanced: 'next-server' needs work.
« on: January 12, 2009, 04:35:04 am »
I can't input a filename in the 'next-server' (Thin client section) using an ip address. Ebox assumes I want to upload a file for some reason.
I Created a ticket:
http://trac.ebox-platform.com/ticket/1252
I Created a ticket:
http://trac.ebox-platform.com/ticket/1252
4
Installation and Upgrades / Ebox install HOWTO. (Part 1)
« on: January 06, 2009, 05:01:49 am »
INSTALL EBOX STEP by STEP
Ebox is a fantastic tool once it's up and running. For some, especially those without much linux experience, installing ebox can be somewhat challenging. As a result, I've decided to write a quick HOWTO covering a typical ebox installation.
Prerequisites:
1 Computer or server (old or new)
2 Network cards (They will be referred to as "eth0" and "eth1")
1 EBOX install CD burned from ISO.
1 Active Internet connection (DHCP or static)
1 CD-ROM drive (Set as default boot device)
Assumptions:
This computer will act as the primary gateway for the local network
eth0 will be the WAN connection (Internet facing connection)
eth1 will be the LAN connection (Local Network) with an IP of 192.168.1.1
Ebox hostname will be DEMONET-SRV
Ebox will provide DHCP to the local network with a range of 192.168.1.100-150
Ebox Windows Domain name will be DEMONET
Ebox domain name will be DEMONET.LAN
EBox will allow all outgoing connections
EBox will provide DNS services for the local network
Administrator username: demoadmin
Administrator password: not2forget
Ebox Password: not2forget
Ebox admin port: 443
Initial Install:
Once you have successfully burned an ebox ISO, you are ready to begin installing. Assuming you already have a functioning network in place with DHCP services, the easiest way to install is using DHCP from your existing network. No need to unplug that old linksys router...Not yet anyway.
Plug into your existing DHCP network via the WAN (eth0) port on the server. I know this seems backwards since you are on a local network, but it's easier to setup eBox from the outside->in than it is from the inside-> out.
Next, power-on and boot from the CD-ROM. Select "Install Ubuntu Server" and answer the generic setup options until you are asked to choose a network interface to configure.
Choose eth0 - If your network support dhcps it will automatically configure itself. If it doesn't, perhaps your cable is actually plugged into eth1. If this is the case, go ahead and move the cable to your second port. If it gets an IP be sure to label it eth0 or WAN. Personally I always label my ports WAN and LAN to avoid confusion later.
Choose a hostname: DEMONET-SRV
Choose your timezone: timezone
Partition your Disks: Choose "entire disk" unless you feel comfortable partitioning. Select LVM support if you plan on adding more disk capacity later.
Please note: This configuration does not provide any type of RAID. I generally use hardware RAID cards so it is transparent to the operating system.
After some time the disk(s) will be formated the system will reboot and ebox will begin to download it's packages.
Create an admin user: demoadmin
Create your ebox password: not2forget
Ebox port: 443
Go get a cup of coffee....when you return ebox should boot up normally with a "demonet-srv login:"
Post Install:
Login using the "demoadmin" username and "not2forget" password.
Now verify your eth0 ip address:
In this case the IP of the new ebox is 192.168.1.81
Setup LAN IP address:
Next, from a DIFFERENT computer log into the new ebox via the web interface:
https://192.168.1.81
If all you get is "It works!" then you do not have the https://. Also, you will get certificate errors or warnings depending on your browser, ignore them or "add an exception" if you need to.
Login using the Ebox password: net2forget
Choose Network-> Interfaces from the Admin menu and select eth1 (LAN):
Name: LAN
Method: Static
External: unchecked
IP Address: 192.168.1.1 (Don't worry if you are behind a router with the same IP, it won't matter at this point...nothing is plugged into the port)
Netmask: 255.255.255.0
Select "Change"
Select "Save"
Select "Save changes" in red. (Click the green arrow on any file change requests)
Finally,select "Summary" from the menu and you should be able to verify you LAN interface with the 192.168.1.1 IP address.
Setup NTP
Select Module status->ntp"checked"
System->Date/Time->Time synchronization with NTP servers-> Enabled
Setup DNS
DNS->Add new
Domain: demonet.lan
Active DNS:
Module status->Domain Name System "checked"
Setup DHCP
DHCP->MenuSelect: eth1
Common Options:
Default gateway: eBox
Search doamin: eBox's domain:demonet.lan
Primary nameserver: local eBox DNS
Select "Change"
Under "Ranges" select "Add new"
Name: Workstations
From: 192.168.1.100
To: 192.168.1.150
Select "Add"
Activate DHCP:
Module status>dhcp server "checked"
Setup users and groups:
Groups-> Add group
Group Name: Staff
Comment: Demo Staff
Select "Change"
Users--> Add user
User name: test
Full name: Joe test
Comment: test
Password: not2forget
Group: Staff
Select "Create"
Activate users and groups and file sharing
Module Status->Users and Groups "checked"
Setup Windows File sharing
File Sharing-> General Settings
Working Mode: PDC
Domain Name: DEMONET
Netbios name: DEMONET-SRV
Description: Demo Server
Quota limit: 0
Roaming Profiles: Disabled
Select "Change"
Activate File Sharing:
Module status->File Sharing "checked"
Select the RED save changes to apply all the changes you made above.
Select "Save Configuration"
That completes the local services, we are now ready to let this server stand on it's own!
WAN Setup:
IMPORTANT: Begin by removing the eth0 cable used to configure your eBox on the local network.
Next, plug in a cross-over cable or a small switch connected to the LAN (eth1) port of your eBox to a local network desktop or laptop. This device should not be connected to any other networks other than the new ebox network (via eth1) at this point.
If configured properly your laptop/desktop will automatically get an IP address from the new ebox server (Most likely 192.168.1.150).
Now access the ebox server (from the client device) https://192.168.1.1
Select Network-> Interfaces>Tab:eth0
**ENTER YOUR ISP IP INFO HERE**
Name: WAN
Method: Static (Your ISP may be DHCP, but ebox works best with static addresses...DHCP will work though)
IP adress: 10.10.10.1
Netmask: 255.255.255.0
External: "Checked"
Setup a gateway:
Select Network-> Gateways
Select "Add new"
IP address (ISP provided): 10.10.10.2
Interface: eth0
Default: "checked"
Select "Change"
Setup Firewall:
This will allow all outgoing connections to the Internet. (eBox is secure by default, it is up to you how much access you want to give....for this example we will "allow all" outgoing connections)
Activate Firewall:
Module status->Firewall "checked"
Select Firewall->Packet Filter->Filtering rules for internal networks->Configure Rules
Select "Add new"
Decision: Accept
Source: Any
Destination: Any
Service: Any
Description: Allow all outgoing
Select "add"
Go Live
You can now safely remove your old Internet firerwall/gateway and plug you ISP ethernet into your eBox WAN port (eth0). If you everything is correct, you should be able to access the internet and see you new server on the network.
I hope this helps.
-Jim
Ebox is a fantastic tool once it's up and running. For some, especially those without much linux experience, installing ebox can be somewhat challenging. As a result, I've decided to write a quick HOWTO covering a typical ebox installation.
Prerequisites:
1 Computer or server (old or new)
2 Network cards (They will be referred to as "eth0" and "eth1")
1 EBOX install CD burned from ISO.
1 Active Internet connection (DHCP or static)
1 CD-ROM drive (Set as default boot device)
Assumptions:
This computer will act as the primary gateway for the local network
eth0 will be the WAN connection (Internet facing connection)
eth1 will be the LAN connection (Local Network) with an IP of 192.168.1.1
Ebox hostname will be DEMONET-SRV
Ebox will provide DHCP to the local network with a range of 192.168.1.100-150
Ebox Windows Domain name will be DEMONET
Ebox domain name will be DEMONET.LAN
EBox will allow all outgoing connections
EBox will provide DNS services for the local network
Administrator username: demoadmin
Administrator password: not2forget
Ebox Password: not2forget
Ebox admin port: 443
Initial Install:
Once you have successfully burned an ebox ISO, you are ready to begin installing. Assuming you already have a functioning network in place with DHCP services, the easiest way to install is using DHCP from your existing network. No need to unplug that old linksys router...Not yet anyway.
Plug into your existing DHCP network via the WAN (eth0) port on the server. I know this seems backwards since you are on a local network, but it's easier to setup eBox from the outside->in than it is from the inside-> out.
Next, power-on and boot from the CD-ROM. Select "Install Ubuntu Server" and answer the generic setup options until you are asked to choose a network interface to configure.
Choose eth0 - If your network support dhcps it will automatically configure itself. If it doesn't, perhaps your cable is actually plugged into eth1. If this is the case, go ahead and move the cable to your second port. If it gets an IP be sure to label it eth0 or WAN. Personally I always label my ports WAN and LAN to avoid confusion later.
Choose a hostname: DEMONET-SRV
Choose your timezone: timezone
Partition your Disks: Choose "entire disk" unless you feel comfortable partitioning. Select LVM support if you plan on adding more disk capacity later.
Please note: This configuration does not provide any type of RAID. I generally use hardware RAID cards so it is transparent to the operating system.
After some time the disk(s) will be formated the system will reboot and ebox will begin to download it's packages.
Create an admin user: demoadmin
Create your ebox password: not2forget
Ebox port: 443
Go get a cup of coffee....when you return ebox should boot up normally with a "demonet-srv login:"
Post Install:
Login using the "demoadmin" username and "not2forget" password.
Now verify your eth0 ip address:
Code: [Select]
#ifconfig
demoadmin@demonet-srv:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:30:48:b0:a1:20
inet addr:192.168.1.81 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::230:48ff:feb0:a120/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:86 errors:0 dropped:0 overruns:0 frame:0
TX packets:146 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13536 (13.2 KB) TX bytes:19600 (19.1 KB)
Base address:0x4000 Memory:d0a00000-d0a20000
In this case the IP of the new ebox is 192.168.1.81
Setup LAN IP address:
Next, from a DIFFERENT computer log into the new ebox via the web interface:
https://192.168.1.81
If all you get is "It works!" then you do not have the https://. Also, you will get certificate errors or warnings depending on your browser, ignore them or "add an exception" if you need to.
Login using the Ebox password: net2forget
Choose Network-> Interfaces from the Admin menu and select eth1 (LAN):
Name: LAN
Method: Static
External: unchecked
IP Address: 192.168.1.1 (Don't worry if you are behind a router with the same IP, it won't matter at this point...nothing is plugged into the port)
Netmask: 255.255.255.0
Select "Change"
Select "Save"
Select "Save changes" in red. (Click the green arrow on any file change requests)
Finally,select "Summary" from the menu and you should be able to verify you LAN interface with the 192.168.1.1 IP address.
Setup NTP
Select Module status->ntp"checked"
System->Date/Time->Time synchronization with NTP servers-> Enabled
Setup DNS
DNS->Add new
Domain: demonet.lan
Active DNS:
Module status->Domain Name System "checked"
Setup DHCP
DHCP->MenuSelect: eth1
Common Options:
Default gateway: eBox
Search doamin: eBox's domain:demonet.lan
Primary nameserver: local eBox DNS
Select "Change"
Under "Ranges" select "Add new"
Name: Workstations
From: 192.168.1.100
To: 192.168.1.150
Select "Add"
Activate DHCP:
Module status>dhcp server "checked"
Setup users and groups:
Groups-> Add group
Group Name: Staff
Comment: Demo Staff
Select "Change"
Users--> Add user
User name: test
Full name: Joe test
Comment: test
Password: not2forget
Group: Staff
Select "Create"
Activate users and groups and file sharing
Module Status->Users and Groups "checked"
Setup Windows File sharing
File Sharing-> General Settings
Working Mode: PDC
Domain Name: DEMONET
Netbios name: DEMONET-SRV
Description: Demo Server
Quota limit: 0
Roaming Profiles: Disabled
Select "Change"
Activate File Sharing:
Module status->File Sharing "checked"
Select the RED save changes to apply all the changes you made above.
Select "Save Configuration"
That completes the local services, we are now ready to let this server stand on it's own!
WAN Setup:
IMPORTANT: Begin by removing the eth0 cable used to configure your eBox on the local network.
Next, plug in a cross-over cable or a small switch connected to the LAN (eth1) port of your eBox to a local network desktop or laptop. This device should not be connected to any other networks other than the new ebox network (via eth1) at this point.
If configured properly your laptop/desktop will automatically get an IP address from the new ebox server (Most likely 192.168.1.150).
Now access the ebox server (from the client device) https://192.168.1.1
Select Network-> Interfaces>Tab:eth0
**ENTER YOUR ISP IP INFO HERE**
Name: WAN
Method: Static (Your ISP may be DHCP, but ebox works best with static addresses...DHCP will work though)
IP adress: 10.10.10.1
Netmask: 255.255.255.0
External: "Checked"
Setup a gateway:
Select Network-> Gateways
Select "Add new"
IP address (ISP provided): 10.10.10.2
Interface: eth0
Default: "checked"
Select "Change"
Setup Firewall:
This will allow all outgoing connections to the Internet. (eBox is secure by default, it is up to you how much access you want to give....for this example we will "allow all" outgoing connections)
Activate Firewall:
Module status->Firewall "checked"
Select Firewall->Packet Filter->Filtering rules for internal networks->Configure Rules
Select "Add new"
Decision: Accept
Source: Any
Destination: Any
Service: Any
Description: Allow all outgoing
Select "add"
Go Live
You can now safely remove your old Internet firerwall/gateway and plug you ISP ethernet into your eBox WAN port (eth0). If you everything is correct, you should be able to access the internet and see you new server on the network.
I hope this helps.
-Jim
5
Installation and Upgrades / Serial port access for your ebox server
« on: December 14, 2008, 10:42:53 pm »
If you are like me, your ebox server is headless in a closet or a rack somewhere. Generally you can access you server via ssh but sometimes networking is messed up and you can't access via IP. Instead of hooking up a monitor and keyboard, you might want to access the old fashioned way - SERIAL!
Ubuntu switched to upstart so you have to create a file in event.d like so:
Ubuntu switched to upstart so you have to create a file in event.d like so:
Code: [Select]
# /etc/event.d/ttyS0
start on runlevel 2
start on runlevel 3
start on runlevel 4
start on runlevel 5
stop on runlevel 0
respawn
exec /sbin/getty 9600 ttyS0
Assuming your serial port is is ttyS0...and you have a null modem cable, you can now access an ebox console for troubleshooting. This works great for me since I always have my laptop handy.6
Installation and Upgrades / Untangle...wtf?
« on: November 10, 2008, 05:58:28 am »
Tonight I stumbled onto something I found a bit troublesome....it pissed me off actually. Untangle is actually bidding for google adds directly marketing against ebox. Sure it's all business, but honestly, I thought we were playing on the same team here.
7
Installation and Upgrades / Add-On: FreeRadius request.
« on: December 28, 2007, 10:02:33 pm »
FreeRadius reconfigured to the LDAP backend would be great. This will allow radius authentication to the user database as well as allow for mare advanced EBOX features such as 802.1x authentication.
http://vuksan.com/linux/dot1x/802-1x-LDAP.html
http://vuksan.com/linux/dot1x/802-1x-LDAP.html
8
Installation and Upgrades / Joining and authenticating a linux machine to an ebox domain.
« on: December 27, 2007, 05:33:14 am »
I don't see much documentation on this, so I though I would write a quick HOWTO to join a linux box (ubuntu in the case) to an ebox samba domain. This is intended to be a rough draft, please feel free to add to it, perhaps we can find a more appropriate place like the wiki soon.
SERVER (EBOX):
1. Create a user with admin rights (Ex: admin)....remember the password!
2. Enable Samba as PDC
3. Gather the following info:
Base dn: dc=ebox
Admin dn: cn=admin,dc=ebox
Admin Pass: ebox2611130574 (This may vary...verify in /etc/ldap/slapd.conf)
Domain Name: EBOX (Whatever you set it to when you setup Samba as PDC)
Ebox Server IP/hostname: 192.168.1.1 (If you setup dns a hostname.domain would be better but an IP will work)
Client (DESKTOP-PC):
1. Install samba, ldap, etc...see ubuntu instructions:
https://help.ubuntu.com/community/LDAPClientAuthentication
2. copy your old smb.conf to a safe place
3. Edit smb.conf. Erase everything and add the following:
4. Test your new config.
...you should see
5. Restart Samba.
6. Join the domain
7. That's it...welcome to the EBOX domain!
SERVER (EBOX):
1. Create a user with admin rights (Ex: admin)....remember the password!
2. Enable Samba as PDC
3. Gather the following info:
Base dn: dc=ebox
Admin dn: cn=admin,dc=ebox
Admin Pass: ebox2611130574 (This may vary...verify in /etc/ldap/slapd.conf)
Domain Name: EBOX (Whatever you set it to when you setup Samba as PDC)
Ebox Server IP/hostname: 192.168.1.1 (If you setup dns a hostname.domain would be better but an IP will work)
Client (DESKTOP-PC):
1. Install samba, ldap, etc...see ubuntu instructions:
https://help.ubuntu.com/community/LDAPClientAuthentication
2. copy your old smb.conf to a safe place
Code: [Select]
cp /etc/samba/smb.conf{,.orig}
3. Edit smb.conf. Erase everything and add the following:
Code: [Select]
[global]
unix charset = LOCALE
workgroup = EBOX
security = DOMAIN
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 137 138 139 445
name resolve order = wins bcast hosts
printcap name = CUPS
wins server = 192.168.1.1
ldap admin dn = cn=admin,dc=ebox
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Users
ldap suffix = dc=ebox
ldap user suffix = ou=Users
idmap backend = ldap:ldap://192.168.1.1
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind trusted domains only = Yes
printing = cups
print command =
lpq command = %p
lprm command =
4. Test your new config.
Code: [Select]
#testparm
...you should see
Code: [Select]
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
5. Restart Samba.
Code: [Select]
/etc/init.d/samba restart
6. Join the domain
Code: [Select]
net join -U admin
Password: [admin password]
You should then see.Code: [Select]
Joined domain EBOX
7. That's it...welcome to the EBOX domain!
9
Installation and Upgrades / Big thanks!!
« on: December 18, 2007, 12:26:53 am »
I just wanted to take a moment and tell the Warp guys know how much I appreciate your work. Adding this forum will be a great help to many I'm sure. I've been watching e-box evolve for quite some time...it's fantastic! I'll try to do my part and help here on the forums.
Thanks again,
Jim
Thanks again,
Jim
Pages: [1]