Difference between revisions of "Talk:OCS Inventory Tools"

From SME Server
Jump to navigationJump to search
(Future RPM)
 
(117 intermediate revisions by 2 users not shown)
Line 1: Line 1:
===rename page===
+
=known bugs=
to describe the functions provides
+
There are still some bugs in this RPM... Help us to fix them!
 +
==ipdiscover bug==
 +
===ipdiscover on SME===
 +
IpDiscover is not working on SME. Please use another agent to ipdiscover your networks at the moment.
  
Inventory and Deployment ?
+
I've opened a [http://forums.ocsinventory-ng.org/viewtopic.php?pid=5684#p5684 thread] on OCS forum.
  
 +
Let's hope the next version will come out soon!
 +
===ipdiscover-util.pl===
 +
This script used by the web interface do not seem to work too.
  
===ipdiscover bug===
+
First thing to do is to change the password in this file...
We need to confirm that ipdiscover works when the smeserver is the forced client.
+
...
 
+
  my $dbhost = 'localhost';
I Tried the following:
+
my $dbuser = 'ocs';
  ipdiscover eth0 10
+
my $dbpwd = 'ocs'; <==
{{Note box|''Usage : ipdiscover [iface name] [latency in ms]''}}
+
  my $db = 'ocsweb';
 
+
  my $dbp = '3306';
Here's what I got on my server:
+
The password should be dynamical as this is a perl script. We need to use esmith::ConfigDB or something else to retrieve this value... I was unable to handle that.
  <IPDISCOVER>
 
  <H><I>192.168.0.100</I><M>00:xx:xx:xx:xx:xx</M><N>pc-00100.mydomain.com</N></H>
 
<H><I>192.168.0.253</I><M>00:xx:xx:xx:xx:xx</M><N>pc-00253.mydomain.com</N></H>
 
<H><I>192.168.0.254</I><M>00:xx:xx:xx:xx:xx</M><N>pc-00254.mydomain.com</N></H>
 
</IPDISCOVER>
 
Sounds like it's working for me... But IpDiscover discovers nothing when launched by SME OCS' Agent. There must be a problem here!
 
 
 
Windows Agent don't have this problem...
 
  
 +
Also a problem, the script cannot be executed. I try to add script handler for .pl but it didn't worked... Not sure about how this is working, if someone can help, please do!
  
 
Cool34000
 
Cool34000
 
----
 
----
===deployment howto===
 
Draft steps for deployment, it works !!
 
  
SSL Certificates
+
==www/ocs/install.php bugs==
Installed a SSL certificate eg. http://wiki.contribs.org/Custom_CA_Certificate
+
A problem was found in the default imported database. This ends with some ''alter'' errors. This can be fixed by refreshing the web page.
 
below fixes the ssl errors as per http://alufis35.uv.es/OCS-Inventory-Package-Deployment.html
 
this is common, it could be automated, but should we be trusted, probably not ?
 
  
wget http://www.cacert.org/certs/root.crt
+
I took a look on ocsweb database with phpmyadmin before and after using install.php
cp root.crt /home/e-smith/ssl.crt/cacert.pem
 
add fragment to httpd.conf
 
{
 
    #/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL10SSLCACertificateFile
 
    if (-f '/home/e-smith/ssl.crt/cacert.pem')
 
    { $OUT = "SSLCACertificateFile /home/e-smith/ssl.crt/cacert.pem"; }
 
}
 
  
copy cacert.pem to the client ocs folder
+
I noticed that a lot of tables' ''engine type'' were ''MyISAM'' and after using install.php their type was ''InnoDB''!
  
deploying => Activate => activate package
+
So I tried to export a new database (this time with extended parameters), but this new database don't import in ocsweb database: it ends with errors trying to create the 1st table!
complains that the directory and info files don't exist,
 
Just ignore the activate error, the files are visible from clients
 
 
 
deployed a file, optional, run a client update, it should show as notified in ocs
 
  
in => Package activation
+
Help needed!
when you delete a package, ocs complains, but it deletes the files anyway, document later
 
  
 
+
Cool34000
links
 
http://alufis35.uv.es/OCS-Deployment-Tips-and-tricks.html
 
 
 
stephen
 
 
----
 
----
Thank you so much for your help Stefen.
 
  
I'm so happy that deployment works!!! That's really great news!
+
=wiki page=
  
  
A solution was also given on the forum: http://forums.contribs.org/index.php?topic=37359.msg178135#msg178135
 
  
It looks easier (no need of CACert). What do you think of the other solution?
+
==5.3.2 Deployment menu==
  
 +
there must be a lot of ways this could be used,
 +
why make everyone think of them themselves when it could be spelled out
  
Cool34
+
this could be a new page, [[:Application deployment]]
----
 
  
copying the existing .crt didn't work for me, try both ways and find out what works for you,  
+
this could include other ways to deploy, eg using netlogon.bat
using the existing cert would be simpler, the windows ocs update command produces a good log file in the ocs directory showing any SSL errors
 
  
setting up a CA Certificate doesn't take long and is 'a good idea'
+
others can work on this cool34000 has done enough
  
stephen
+
Stefen
 
----
 
----
 +
Here's the way I've always used OCS... First I import the standard ''ocsagent.exe'' in MySQL.
  
I'm just looking for the better way to integrate it to the new RPM. So I want to integrate it as far as I can... But not too much!
+
I don't like to install a service when it's not needed, so I use the standalone executable. I also don't use OCS deployment feature (I'm using GPOs for that)
  
Yes, using existing cert would be easier, but maybe having a seperate cert could be better. Should we let this choice to the end-user? I guess yes...
+
It is so fast to use against the need of installing the Agent: put OcsLogon.exe in a share folder and simply launch it with a one command line batch script each time a session is opened.
 +
@echo off
 +
\\server\share\mydomain.com.exe /np /debug /tag:my_tag
 +
That's all!
  
=> Add your proposed ''35SSL10SSLCACertificateFile'' in the RPM
+
Of course, more can be done...
  
=> Add to OCS' deployment section that cacert.pem must be created and propose both methods if they both work.
+
*Install the Agent silently in a script
 
+
*Use GPOs (deploy, install, update)
=> Add detailled documentation for deployment
+
*Create your own ''ocsagent.exe''
 
+
People need to read the guide! It's well documented.
=> Maybe add a script to create the cacert automatically, so that the end-user can create it in one shot after the RPM install...
 
 
 
Do you agree?
 
  
 +
If someone can take some time to document that, it would be nice!
  
 
Cool34000
 
Cool34000
 
----
 
----
  
===ParserDetails.ini===
+
==glpi==
http://bugs.contribs.org/show_bug.cgi?id=3525#c2
 
  
charlie said just make it ([http://bugs.contribs.org/show_bug.cgi?id=3464 as you now do]), so lets close opened bugs
+
someone who uses this may like to add some more information on how to use it, some link to more docs at least
 
 
== Future RPM ==
 
 
 
===Next RPM version===
 
Quick sumarry of what will change on the next release... This is just suggestions, let's discuss about it!
 
====New Apache template====
 
As suggested by Stefen:
 
 
 
Content of '''''/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL10SSLCACertificateFile'''''
 
   
 
# OCS Inventory NG Certificate
 
{
 
    if (-f '/home/e-smith/ssl.crt/cacert.pem')
 
      { $OUT = "SSLCACertificateFile /home/e-smith/ssl.crt/cacert.pem"; }
 
    else
 
      { $OUT = "# File /home/e-smith/ssl.crt/cacert.pem not present, deployment will not be possible"; }
 
}
 
 
====Specification File====
 
I suggest adding following code in the '''''.spec''''' file in the '''%post''' section
 
if [ ! -e /home/e-smith/ssl.crt/cacert.pem ]; then
 
  cp /home/e-smith/ssl.crt/$SRVNAME.$DOMAIN.crt /home/e-smith/ssl.crt/cacert.pem
 
fi
 
''$SRVNAME'' and ''$DOMAIN'' are already gathered with following code in the '''''.spec''''' file:
 
DOMAIN=$(/sbin/e-smith/db configuration get DomainName)
 
SRVNAME=$(/sbin/e-smith/db configuration get SystemName)
 
 
 
This way, if the certificate doesn't exist, it's "generated" by the RPM install and uses SME's one. This method should be safe...
 
 
 
Users can try using this one, and if it don't work, they can follow up your instructions with Shad's CACERT howto and replace the existing file!
 
 
 
By the way, I had some problem using the certificate untill I fixed DNS issues (I use NO-IP and this free service don't allow wildcards!)
 
 
 
This ends with some errors in Apache log file:
 
[warn] RSA server certificate CommonName (CN) `servername.mydomain.no-ip.com' does NOT match server name!?
 
Here's how I fixed my problem:
 
config setprop modSSL CommonName mydomain.no-ip.com    # It would be www.mydomain.no-ip.com if NO-IP had allowed wildcards like dyndns services)
 
expand-template /home/e-smith/ssl.crt/crt 2> /dev/null
 
signal-event domain-modify
 
signal-event email-update
 
 
 
 
 
Cool34000
 
----
 

Latest revision as of 00:57, 11 November 2007

known bugs

There are still some bugs in this RPM... Help us to fix them!

ipdiscover bug

ipdiscover on SME

IpDiscover is not working on SME. Please use another agent to ipdiscover your networks at the moment.

I've opened a thread on OCS forum.

Let's hope the next version will come out soon!

ipdiscover-util.pl

This script used by the web interface do not seem to work too.

First thing to do is to change the password in this file...

...
my $dbhost = 'localhost';
my $dbuser = 'ocs';
my $dbpwd = 'ocs'; <==
my $db = 'ocsweb';
my $dbp = '3306';

The password should be dynamical as this is a perl script. We need to use esmith::ConfigDB or something else to retrieve this value... I was unable to handle that.

Also a problem, the script cannot be executed. I try to add script handler for .pl but it didn't worked... Not sure about how this is working, if someone can help, please do!

Cool34000


www/ocs/install.php bugs

A problem was found in the default imported database. This ends with some alter errors. This can be fixed by refreshing the web page.

I took a look on ocsweb database with phpmyadmin before and after using install.php

I noticed that a lot of tables' engine type were MyISAM and after using install.php their type was InnoDB!

So I tried to export a new database (this time with extended parameters), but this new database don't import in ocsweb database: it ends with errors trying to create the 1st table!

Help needed!

Cool34000


wiki page

5.3.2 Deployment menu

there must be a lot of ways this could be used, why make everyone think of them themselves when it could be spelled out

this could be a new page, Application deployment

this could include other ways to deploy, eg using netlogon.bat

others can work on this cool34000 has done enough

Stefen


Here's the way I've always used OCS... First I import the standard ocsagent.exe in MySQL.

I don't like to install a service when it's not needed, so I use the standalone executable. I also don't use OCS deployment feature (I'm using GPOs for that)

It is so fast to use against the need of installing the Agent: put OcsLogon.exe in a share folder and simply launch it with a one command line batch script each time a session is opened.

@echo off
\\server\share\mydomain.com.exe /np /debug /tag:my_tag

That's all!

Of course, more can be done...

  • Install the Agent silently in a script
  • Use GPOs (deploy, install, update)
  • Create your own ocsagent.exe

People need to read the guide! It's well documented.

If someone can take some time to document that, it would be nice!

Cool34000


glpi

someone who uses this may like to add some more information on how to use it, some link to more docs at least