|
Size: 2070
Comment: Made a lot of spelling corrections. There may be many more but I didn't want to touch the technical parts since I'm not familiar with Ebox.
|
← Revision 9 as of 2011-11-13 05:58:30 ⇥
Size: 2094
Comment: correct misspellings
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| == Ställa in EBOX == | == Setup the EBOX == |
| Line 4: | Line 4: |
| Before we can use our ebox server and connect other services to it we have to do some setup on the ebox to get it to work | Before we can use our ebox server and connect other services to it, we have to do some setup on the ebox to get it to work. |
| Line 8: | Line 8: |
| Make sure that iptables is off or accepting connections on port 389 from the address on where you want to put your service | Make sure that iptables is off or accepting connections on port 389 from the address on which you want to put your service: |
| Line 23: | Line 23: |
| Should look like this | Should look like this: |
| Line 32: | Line 32: |
| In order that our Ubuntu user should be able to login later we must change the login skel to /bin/bash | In order for the Ubuntu user to be able to login later, we must change the login skel to /bin/bash |
| Line 36: | Line 36: |
| And change so that it looks like | And change so that it looks like: |
| Line 40: | Line 40: |
| this will change the login skel for a new user. But for an existing user you must run | this will change the login skel for a new user. But for an existing user ("matte") you must run: |
| Line 43: | Line 43: |
| }}} | }}} |
| Line 46: | Line 46: |
| '''LDAP Admin uppgifter''' | '''LDAP Admin Information''' |
| Line 48: | Line 48: |
| Sometimes when you connect other services to the ebox ldap you have to enter the ldap admin account. And to get the admin account and password do this | Sometimes when you connect other services to the ebox ldap you have to enter the ldap admin account. And to get the admin account and password do the following; |
| Line 50: | Line 50: |
| get root | get root: |
| Line 54: | Line 54: |
| Get all of the ldap tree | Get all of the ldap tree: |
| Line 58: | Line 58: |
| Search in the output for this entry | Search in the output for this entry: |
| Line 70: | Line 70: |
| Now get the password | Now get the password: |
| Line 79: | Line 78: |
| Test if you have connection to the ebox from an external server | Test if you have connection to the ebox from an external server: |
| Line 83: | Line 82: |
| You should get | You should get: |
| Line 88: | Line 87: |
| Time to get some services to the ebox server | Time to get some services to the ebox server. |
Setup the EBOX
Before we can use our ebox server and connect other services to it, we have to do some setup on the ebox to get it to work.
IPTABLES
Make sure that iptables is off or accepting connections on port 389 from the address on which you want to put your service:
iptables -L
SLAPD
We have to make sure that our ldap server is responding on all interfaces so that we can connect to it from another server.
sudo nano /etc/default/slapd
Should look like this:
SLAPD_SERVICES="ldap://0.0.0.0 ldapi://%2fvar%2frun%2fslapd%2fldapi/????x-mod=0$
Linux Login PAM
In order for the Ubuntu user to be able to login later, we must change the login skel to /bin/bash
sudo nano /etc/ebox/80samba.conf
And change so that it looks like:
login_shell = /bin/bash
this will change the login skel for a new user. But for an existing user ("matte") you must run:
smbldap-userinfo matte
Don't change anything other than the login skel or the user account can break
LDAP Admin Information
Sometimes when you connect other services to the ebox ldap you have to enter the ldap admin account. And to get the admin account and password do the following;
get root:
sudo su
Get all of the ldap tree:
ldapsearch -x -b"dc=kalle,dc=se"
Search in the output for this entry:
# ebox, kalle.se
dn: cn=ebox,dc=kalle,dc=se
objectClass: organizationalRole
objectClass: simpleSecurityObject
description: eBox admin account
cn: eboxSo my admin user is "cn=ebox,dc=kalle,dc=se"
Now get the password:
less /etc/ldap.secret
And there you have your admin account and password for the ldap server.
TEST
Test if you have connection to the ebox from an external server:
telnet ebox-ip 389
You should get:
Connected to localhost.
Escape character is '^]'.Time to get some services to the ebox server.