Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - jcanfield

Pages: 1 2 3 [4] 5 6
46
I guess you could do this, but why?  Under normal circumstances, the ldap backed will never be seen by the clients, with the exception of authentication on the linux machines.  You would have to change all the entries in the ebox back-end as well, as there are several modules that are dependent on the expected EBOX distinguished name.

Personally, I think this will only create problems for you down the road as ebox evolves/updates. 

-Jim


47
Installation and Upgrades / Re: Partitioning eBox for RAID1?
« on: May 25, 2008, 04:18:48 pm »


I'm building an eBox system with RAID1 that will mainly be used a file server. Can anyone suggest a good partitioning scheme for it?


For a file server, you will only need a separate partition for /home. 

48
Installation and Upgrades / Re: Logon scripts
« on: May 08, 2008, 04:39:10 am »
The NT resource kit comes with a utility called IFMEMBER.EXE.    Google it, you will find many useful ways of mapping group shares via logon scripts. 

Note:  Remember to use unix2dos utilty on your scripts after editing on your ebox server.


Here's a script I snipped from the net some time ago....

Code: [Select]
rem check for resource utility
IF NOT EXIST %windir%\IFMEMBER.EXE copy \\PDC\netlogon\ifmember.exe %windir%

rem this section maps the G: and H: drives
rem to the appropriate directories on Mercury28 for Premis.
IFMEMBER premis
IF NOT %errorlevel% EQU 1 GOTO OPTIKA
net use G: \\mercury28\ndc$ /persistent:no
net use H: \\mercury28\purge$ /persistent:no

:OPTIKA
REM MAP DRIVE FOR Optika O: Drive
IFMEMBER optika
IF NOT %errorlevel% EQU 1 GOTO MIDAS
NET USE O: \\ATHENA15\Optika$ /PERSISTENT:NO

:MIDAS
rem This section maps M: to the mids share
IFMEMBER mids_group
IF NOT %errorlevel% EQU 1 GOTO DONE
net use M: \\athena15\Mids /PERSISTENT:NO

:DONE
EXIT

49
sorry to be such a pain, but how and where would I add the ftp option to this file below:



Javi is right, it's the subnet.mas file that needs to be edited.

Add this line to your subnet.

Code: [Select]
option shoretel-server code 156 = string;
option shoretel-server "ftpserver=10.1.1.245";


Be careful where you add the option line:

Code: [Select]
                range <% $range->{'from'} %> <% $range->{'to'} %>;
%       }
<----ADD LINES HERE---->
        }

I grabbed this from a quick google [1] of shoretel dhcp config...I can't verify the accuracy.

[1] http://www.shoretelforums.com/forums/administrators/1266-how-configure-option-156-linux-dhcpd.html



50
You will want to edit he dhcp.conf.mas file and add the ftp option.  Be warned this will be overwritten when you update ebox so back it up.

Personally, i would run a separate dhcp server on my viop server and vlan the phones.

   

51
Quote
Sorry, I am still not following.  I can authenticate to the server and I am able to access the network shares without joining the domain.  If I use  the "mount -t cifs" command I am able to access my shares.  I am running Ebox as a PDC with roaming profiles.

...but you have to access the share via authentication (some you have no access at all) every time you need access.  As a domain member, you do not have to authenticate.  Does that make sense?  Try browsing the windows network as a domain member vs a non-member.

52
Client user authentication works using the LDAP guide linked above along with some tampering, however,  the rest of this page shows you how to join the domain.  What benefits are there of joining the domain?  I can authenticate whether I join the domain or not through LDAP so what is the point?

When you join the domain the primary benefit is Domain access, just as the windows machines gain rights to the domain shares and machines.  True, you can authenticate w/o domain membership...but what fun is that if you are a second class citizen on the network?  :)

See: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html#id350259

Also, You are right about having to make some changes that aren't covered in the howto, in fact, there are sereral things I would do differently.  I have a rough set of notes from my hardy install, i just haven't gotten around to creating an updated howto.  Feel free to post any necessary changes you made.

Hope this helps.

Jim


53

Thank you guys for reporting and helping fix this.



Wow, that was quick work. Thanks Javi!  Shouldn't you be asleep?

54

Code: [Select]
...
sambaProfilePath \\EBOX\profiles\Martin
...


I'm curious if the LDAP profile entry is being created after the user logs in or if this exists because roaming profiles were enabled previously?

Try this:

Delete the sambaProfilePath LDAP entry and try to log in again. Make sure you delete the cached version of the profile on the client PC before logging in.  It might be easier to create a new user in ebox so you can be certain you don't have cached info. If roaming profiles are enabled and this entry doesn't exist, it will be created automatically.

Let me know,

Jim

 

 

55
Installation and Upgrades / Re: adding disk question
« on: April 04, 2008, 03:30:50 am »
Now my next step is to figure out how to upgrade to a RAID5 array with a hostspare...

In my experience, trying to implement RAID after that fact is not a fun task.  Combined with your desire to have a second partition for /home directories, I would recommend a ground up install with both in mind.  With hardy due out in a few short weeks...it might be perfect timing.  :)

Good luck,

Jim   

56
Installation and Upgrades / Re: another editor than Vi
« on: April 04, 2008, 03:23:28 am »
Nano always works well. 

57
What changes are you making to smb.conf?

What entries are you removing from the ldap tree?

This is definitely one of those issues that needs to be addressed.  IMHO, roaming profiles should be disabled in the default configuration simply because they can be a complete mess if you do not know what you are doing.  Too many client side changes are required for roaming profiles to work properly.

Ebox should take SME Server's lead on this one and have it disabled by default.

http://wiki.contribs.org/Image:Workgroup.png

Update:

I forgot to mention how to disable roaming profiles...

They can be disabled on samba by leaving the following two options undefined in your smb.conf. Do not comment them out,  just leave them unassigned.

logon path =
logon home =

Personally,  I tend to only "blank out" 'logon path' because I like the users to continue to have an auto-mounted home drive on the server.


59
Does /home/User exist?  If so, what are the privs? 

60
Hello,

What you are wanting is not a simple task if you are unfamiliar with linux in general. You need a couple things in place.  Here's a quick list of things you will need to do.

Authentication:

Your linux workstations must be able to authenticate to the ebox server. Unfortunately, debian/ubuntu are not nearly as mature as distributions like Redhat in the this area.  See this link for detailed instructions:
https://help.ubuntu.com/community/LDAPClientAuthentication

Automount home directories:

I actually discourage this.  Using remote home directories, especially in ubuntu is not wise, since so much of what you do as a user looks to /home entries...firefox settings for example.   I would recommend using a tool like rsync to keep all the /home partitions on each computer matching, this works well in a smaller environment.  In a larger environment, you would need a log-in script that automatically moves all your files over, much like windows roaming profiles.












Pages: 1 2 3 [4] 5 6