Ubuntu 14 Instructions: Difference between revisions

From CSLLabWiki
Jump to navigation Jump to search
Line 88: Line 88:
**    uri ldap://10.20.3.8 (should be set already)
**    uri ldap://10.20.3.8 (should be set already)
**    bind_policy soft
**    bind_policy soft
*Edit /etc/ldap/ldap.conf
**    BASE dc=cs,dc=transy,dc=edu
**    URI ldap://10.20.3.8
* Edit /etc/auth-client-config/profile.d/transy
<code><pre>
[transy]
nss_passwd=passwd: ldap files
nss_group=group: ldap files
nss_shadow=shadow: ldap files
nss_netgroup=netgroup: ldap files
pam_auth=auth      required    pam_env.so
        auth      sufficient  pam_unix.so likeauth nullok
        auth      sufficient  pam_ldap.so use_first_pass
        auth      required    pam_deny.so
pam_account=account    sufficient  pam_unix.so
        account    sufficient  pam_ldap.so
        account    required    pam_deny.so
pam_password=password  sufficient  pam_unix.so nullok md5 shadow use_authtok
        password  sufficient  pam_ldap.so use_first_pass
        password  required    pam_deny.so
pam_session=session    required    pam_limits.so
        session    required    pam_unix.so
        session    optional    pam_ldap.so
</pre></code>
* auth-client-config -a -p transy

Revision as of 16:15, 17 September 2014

Installation

WARNING: The pre-packaged installer does not handle RAID well. GParted does. If partitioning is necessary, try it on live and use GParted to partition prior to installing using the below steps.

1. Select "English"

2. Select "Install Ubuntu"

3. Select "Install this Third Party Software" and "Download Updates while Installing"

4. Wait

5. IF NO OTHER OPERATING SYSTEMS: Erase Disk and Install Ubuntu.

5b. IF OTHER OSes: Something else - Select a drive; set to ext3, mountpoint: /, install.

6. Where are you? New York. 7. English, English (US)

8. Your name: Lab - Pick a username: lab - Password: qazzaq - Do not encrypt home folder.

Restart now.

Configuration

- SSH does not come preinstalled in Ubuntu 14! You *must* go to the machine and physically log in as lab to do:

- apt-get install ssh

- Reboot

- You still can't ssh in as root.


Setting up root SSH

- sudo vi /etc/ssh/sshd_config

- PermitRootLogin no -> PermitRootLogin yes

- sudo service ssh restart


Removing the 'lab' generic account and changing root password

- ssh root@ipaddress

- sudo su -

- passwd root (set the current root password)

- exit

- exit

- ssh root@ipaddress

- userdel lab

- rm -rf /home/lab

Update / Upgrade

  • apt-get update
  • apt-get upgrade
  • apt-get dist-upgrade

LDAP / GDM

  • apt-get install gdm
  • Switch to GDM
  • apt-get install auth-client-config libpam-ldap libnss-ldap ldap-auth-client ldap-auth-config
    • LDAP server Uniform Resource Identifier: ldap://10.20.3.8
    • Distinguished name of the search base: dc=cs,dc=transy,dc=edu
    • LDAP version to use: 3
    • Make local root Database admin: NO
    • Does the LDAP database require login?: NO
  • Edit /etc/ldap.conf and change / check the following values:
    • host 10.20.3.8
    • base dc=cs,dc=transy,dc=edu (should be set already)
    • uri ldap://10.20.3.8 (should be set already)
    • bind_policy soft
  • Edit /etc/ldap/ldap.conf
    • BASE dc=cs,dc=transy,dc=edu
    • URI ldap://10.20.3.8
  • Edit /etc/auth-client-config/profile.d/transy
[transy]
nss_passwd=passwd: ldap files
nss_group=group: ldap files
nss_shadow=shadow: ldap files
nss_netgroup=netgroup: ldap files
pam_auth=auth       required     pam_env.so
        auth       sufficient   pam_unix.so likeauth nullok
        auth       sufficient   pam_ldap.so use_first_pass
        auth       required     pam_deny.so
pam_account=account    sufficient   pam_unix.so
        account    sufficient   pam_ldap.so
        account    required     pam_deny.so
pam_password=password   sufficient   pam_unix.so nullok md5 shadow use_authtok
        password   sufficient   pam_ldap.so use_first_pass
        password   required     pam_deny.so
pam_session=session    required     pam_limits.so
        session    required     pam_unix.so
        session    optional     pam_ldap.so

  • auth-client-config -a -p transy