Line 6: |
Line 6: |
| | | |
| ==Client configuration== | | ==Client configuration== |
− | SME Server's has been and remains focused on serving windows clients, however Linux clients also work well with SME. | + | {{Level|advanced}} |
| + | |
| + | SME Server's has been and remains focused on serving windows clients, however Linux clients also work well with SME Server. |
| + | |
| + | These instructions are current for Mepis 7.0 and SME Server 7.3 |
| + | |
| + | Client configuration was originally based on http://tech.canterburyschool.org/tech/UbuntuWorkstations. |
| | | |
| ===Domain Login=== | | ===Domain Login=== |
| A Domain login lets users login without admin setting up each user first. | | A Domain login lets users login without admin setting up each user first. |
| | | |
− | You can use these command line instructions or use your GUI tools.<br>
| + | ====Client configuration==== |
− | Comment out the existing setting and paste the new
| |
− | | |
| apt-get install winbind libpam-mount | | apt-get install winbind libpam-mount |
| | | |
| nano -w /etc/samba/smb.conf | | nano -w /etc/samba/smb.conf |
− | . | + | |
− | workgroup = MYDOMAIN #your workgroup is probably correct, you set this during install | + | workgroup = 'Your Windows workgroup' # probably correct, you set this during install |
− | idmap uid = 10000-20000 | + | security = domain # edit, set to user |
− | idmap gid = 10000-20000 | + | wins server 192.168.1.1 # edit, to your server IP |
| + | ;password server = * # remove line |
| + | winbind uid = 10000-20000 |
| + | winbind gid = 10000-20000 |
| template shell = /bin/bash | | template shell = /bin/bash |
| template homedir = /home/%U | | template homedir = /home/%U |
Line 26: |
Line 33: |
| winbind enum groups = yes | | winbind enum groups = yes |
| winbind cache time = 10 | | winbind cache time = 10 |
− | winbind separator = + | + | winbind separator = / |
− | security = domain
| |
− | password server = *
| |
| winbind use default domain = yes | | winbind use default domain = yes |
| + | acl compatibility = winnt |
| | | |
| nano -w /etc/nsswitch.conf | | nano -w /etc/nsswitch.conf |
− | . | + | |
| passwd: compat winbind | | passwd: compat winbind |
| group: compat winbind | | group: compat winbind |
| shadow: compat winbind | | shadow: compat winbind |
| + | hosts: files wins dns |
| | | |
| nano -w /etc/pam.d/common-account | | nano -w /etc/pam.d/common-account |
− | . | + | |
| account sufficient pam_winbind.so | | account sufficient pam_winbind.so |
| account required pam_unix.so | | account required pam_unix.so |
| | | |
| nano -w /etc/pam.d/common-auth | | nano -w /etc/pam.d/common-auth |
− | . | + | |
| auth required pam_mount.so | | auth required pam_mount.so |
− | # | + | |
− | ## use the follolwing "auth" line by itself to restrict local access (a bit paranoid) -
| |
| ## will validate ONLY off of network | | ## will validate ONLY off of network |
| #auth required pam_winbind.so use_first_pass | | #auth required pam_winbind.so use_first_pass |
− | # | + | |
− | ## use the TWO "auth" lines below for either network or local validation -
| |
| ## will validate off of EITHER network or local passwd db | | ## will validate off of EITHER network or local passwd db |
| auth sufficient pam_winbind.so use_first_pass | | auth sufficient pam_winbind.so use_first_pass |
Line 56: |
Line 61: |
| | | |
| nano -w /etc/pam.d/common-session | | nano -w /etc/pam.d/common-session |
− | . | + | |
| session required pam_unix.so | | session required pam_unix.so |
| session required pam_mkhomedir.so umask=0022 skel=/etc/skel/ | | session required pam_mkhomedir.so umask=0022 skel=/etc/skel/ |
| session optional pam_mount.so | | session optional pam_mount.so |
| | | |
− | /etc/init.d/winbind start | + | optional, do later if needed, add to |
− | | + | nano -w /etc/hosts |
− | This is where SME doesn't support linux clients as well as windows, so... logon to your SME Server
| + | 192.168.1.1 YourServername |
− |
| |
− | To check your client values > K menu > Setting Configuration > Internet and Networking > Samba <br>
| |
− | '''ClientName''' is the NetBIOS Name, NOTE: you must add the trailing $ <br>
| |
− | '''Workgroup''' should be your SME Server Workgroup <br>
| |
| | | |
− | signal-event machine-account-create ClientName$ | + | /etc/init.d/samba restart |
− | smbpasswd -a -m ClientName$ | + | /etc/init.d/winbind restart |
| | | |
− | Now back to mepis and join the workgroup/domain
| + | If you misconfigure a file and lock yourself out of the workstation <br> |
− | net rpc join -D WorkGroup -U admin
| + | hit spacebar at the grub prompt <br> |
| + | change to root=(leave as is) single <br> |
| + | login as root and check your config files |
| | | |
− | Ideas borrowed from http://tech.canterburyschool.org/tech/UbuntuWorkstations , Thanks !
| + | ====Connect to domain==== |
| + | on SME 7.3 and above |
| | | |
− | ===Mounting Shares===
| + | On the client [''Workgroup'' is your SME Server Workgroup] |
− | You have two options, pam_mount will work if you use domain logins, smb4k will work with or without
| + | and admin may be any user in the 'domain-admin' group |
| + | net rpc join -D '''WorkGroup''' -U admin |
| | | |
− | ====pam_mount.conf====
| + | Log out, and now you should have all your SME Users in your login 'user list' |
− | edit /etc/security/pam_mount.conf <br>
| |
− | as per step 5. in the canturbury ubuntu howto <br>
| |
− | the permissions need work, please update here with better values
| |
| | | |
− | ====smb4k==== | + | ====Mounting Shares==== |
− | Mount any Samba share in you local network with smb4k
| + | pam_mount works well if you use domain logins, other methods are too much trouble. |
| | | |
− | K menu > Internet > Connection > Smb4k File Browser
| + | mount your server home directory and ibays |
| | | |
− | Create a password for your Kwallet
| + | nano -w /etc/security/pam_mount.conf |
− | | + | |
− | Settings > Configure, and configure to suit
| + | volume * smbfs servername & /home/&/Desktop/& uid=&,gid=10000,dmask=0700 - - |
− | | + | volume * smbfs servername ibay1 /home/&/Desktop/ibay1 uid=&,gid=10000,dmask=0700 - - |
− | Click on your Server and the share you wish to mount
| |
− | | |
− | To have smb4k run on startup
| |
− | | |
− | Right click, send to desktop, K menu > Internet > Connection > Smb4k File Browser
| |
− | | |
− | Open your documents folder, menu > view > show hidden files
| |
− | | |
− | Drag the shortcut to the folder /home/stephen/.kde/Autostart, create if neccesary
| |
| | | |
| ===Printing=== | | ===Printing=== |
| Printing to your SME Server depends on your printers being supported by cups | | Printing to your SME Server depends on your printers being supported by cups |
| | | |
− | ====cupsd====
| + | '''cupsd''' |
| + | |
| When you install mepis, when asked you should elect to run cupsd | | When you install mepis, when asked you should elect to run cupsd |
| | | |
− | check with | + | check and if necessary change with |
| ls -la /etc/rc5.d/???cupsys | | ls -la /etc/rc5.d/???cupsys |
− | if necessary
| |
| cd /etc/rc5.d | | cd /etc/rc5.d |
− | mv K19cupsys S19cupsys | + | mv K??cupsys S20cupsys |
| + | |
| + | '''Configure printer''' |
| | | |
− | ====Configure printer====
| |
| K menu > Settings > Peripherals > Printers | | K menu > Settings > Peripherals > Printers |
| | | |
Line 131: |
Line 125: |
| You can monitor your cups printers at YourClientIP:631 | | You can monitor your cups printers at YourClientIP:631 |
| | | |
| + | ===Ident=== |
| + | If using Ident Authentication for browsing |
| + | apt-get install ident2 |
| + | |
| + | |
| + | ===PPTP Connection=== |
| + | When you install mepis, when asked you should elect to run ppp |
| + | |
| + | To Connect to a remote SME Server |
| + | apt-get install pptp-linux kvpnc |
| + | |
| + | K menu > Internet > Connection > VPN Client |
| + | |
| + | ===Applications=== |
| + | *Install VMware, http://www.mepis.org/docs/en/index.php/VMWare#MEPIS_7.0 |
| + | |
| + | *Install a subversion client, synaptic -> kdesvn |
| + | |
| + | *Enable mp3 & multimedia |
| + | :Synaptic > settings > repositories. Activate the repository for Debian-Multimedia |
| + | :Then install Libdvdcss2 and w32codecs |
| + | |
| + | ===Settings=== |
| + | *Thunderbird, to enable links in email |
| + | :Advance,General,Config Editor, Right Click, New > String |
| + | : preference=network.protocol-handler.app.http, string=firefox |
| + | : preference=network.protocol-handler.app.https, string=firefox |
| + | |
| + | *Enable Numlocks |
| + | :http://www.mepis.org/node/6937 |
| | | |
| + | ---- |
| [[Category:Howto]] | | [[Category:Howto]] |
| + | [[Category:Administration]] |