== Setup the EBOX ==


Before we can use our ebox server and connect other services to it, we have to do some setup on the ebox to get it to work.

'''IPTABLES'''

Make sure that iptables is off or accepting connections on port 389 from the address on which you want to put your service:

{{{
    iptables -L
}}}




'''SLAPD'''

We have to make sure that our ldap server is responding on all interfaces so that we can connect to it from another server.
{{{
    sudo nano /etc/default/slapd
}}}
Should look like this:
{{{
    SLAPD_SERVICES="ldap://0.0.0.0 ldapi://%2fvar%2frun%2fslapd%2fldapi/????x-mod=0$
}}}



'''Linux Login PAM'''

In order for the Ubuntu user to be able to login later, we must change the login skel to /bin/bash
{{{
    sudo nano /etc/ebox/80samba.conf
}}}    
And change so that it looks like:
{{{
    login_shell = /bin/bash
}}}
this will change the login skel for a new user. But for an existing user ("matte") you must run:
{{{
    smbldap-userinfo matte
}}}
Don't change anything other than the login skel or the user account can break

'''LDAP Admin Information'''

Sometimes when you connect other services to the ebox ldap you have to enter the ldap admin account. And to get the admin account and password do the following;

get root:
{{{
    sudo su
}}}
Get all of the ldap tree:
{{{
    ldapsearch -x -b"dc=kalle,dc=se"
}}}
Search in the output for this entry:
{{{    
    # ebox, kalle.se
    dn: cn=ebox,dc=kalle,dc=se
    objectClass: organizationalRole
    objectClass: simpleSecurityObject
    description: eBox admin account
    cn: ebox
}}}

So my admin user is '''"cn=ebox,dc=kalle,dc=se"'''

Now get the password:
{{{    
    less /etc/ldap.secret
}}}
And there you have your admin account and password for the ldap server.

'''TEST'''

Test if you have connection to the ebox from an external server:
{{{
    telnet ebox-ip 389
}}}
You should get:
{{{
    Connected to localhost.
    Escape character is '^]'.
}}}

Time to get some services to the ebox server.