[debian-edu-commits] [Debian Wiki] Update of "DebianEdu/Documentation/Bullseye/HowTo/AdvancedAdministration" by WolfgangSchweer

Debian Wiki wiki at debian.org
Wed Feb 3 20:59:41 GMT 2021


Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Debian Wiki" for change notification.

The "DebianEdu/Documentation/Bullseye/HowTo/AdvancedAdministration" page has been changed by WolfgangSchweer:
https://wiki.debian.org/DebianEdu/Documentation/Bullseye/HowTo/AdvancedAdministration?action=diff&rev1=5&rev2=6

Comment:
LDM is gone with LTSP5

  <<Anchor(AdvancedAdministration--Create_Users_in_Year_Groups)>>
  === Create Users in Year Groups ===
  
- In this example we want to create users in year groups, with common home directories for each group (home0/2014, home0/2015, etc). We want to create the users by csv import.
+ In this example we want to create users in year groups, with common home directories for each group (home0/2024, home0/2026, etc). We want to create the users by csv import.
  
  
  ''(as root on the main server) ''
    * Make the necessary year group directories 
  
- mkdir /skole/tjener/home0/2014
+ mkdir /skole/tjener/home0/2024
  
  ''(as first user in Gosa)''
    * Department
  Main menu: goto 'Directory structure', click the 'Students' department. The 'Base' field should show '/Students'.
  From the drop box 'Actions' choose 'Create'/'Department'.
- Fill in values for Name (2014) and Description fields (students graduating in 2014), leave the Base field as is (should be '/Students'). Save it clicking 'Ok'.
+ Fill in values for Name (2024) and Description fields (students graduating in 2024), leave the Base field as is (should be '/Students'). Save it clicking 'Ok'.
- Now the new department (2014) should show up below  /Students. Click it.
+ Now the new department (2024) should show up below  /Students. Click it.
    * Group
  Choose 'Groups' from the main menu; 'Actions'/Create/Group.
- Enter group name (leave 'Base' as is, should be /Students/2014) and click the check box left of 'Samba group'. 'Ok' to save it.
+ Enter group name (leave 'Base' as is, should be /Students/2024) and 'Ok' to save it.
    * Template
  Choose 'users' from the main menu. Change to 'Students' in the Base
  field. An Entry {{{NewStudent}}} should show up, click it. This is the
  'students' template, not a real user. As you'll have to create such a
  template (to be able to use csv import for your structure) based on this
- one, notice all entries showing up in the Generic, POSIX and Samba tabs,
+ one, notice all entries showing up in the Generic and POSIX tabs,
  maybe take screenshots to have information ready for the new template.
  
- Now change to /Students/2014 in the Base field; choose
+ Now change to /Students/2024 in the Base field; choose
  Create/Template and start to fill in your desired values, first the
- Generic tab (add your new 2014 group under Group Membership, too), then add POSIX and Samba account.
+ Generic tab (add your new 2024 group under Group Membership, too), then add the POSIX account.
  
     * Import users
  Choose your new template when doing csv import; testing it with a few users is recommended.
@@ -160, +160 @@

  
  === Setup with LTSP clients ===
  
- The default LTSP client setup uses ssh connections to the LTSP server.
+ The default LTSP diskless client setup doesn't use ssh connections. Update the SquashFS image on the related LTSP server after the ssh setup has been changed is enough.
+ 
+ !X2Go thin clients are using ssh connections to the related LTSP server. 
  So a different approach using PAM is needed.
   * Enable pam_access.so in the LTSP server's /etc/pam.d/sshd file. 
   * Configure /etc/security/access.conf to allow connections for (sample) users alice, jane, bob and john from everywhere and for all other users only from the internal networks by adding these lines:
@@ -174, +176 @@

  
  === A note for more complex setups ===
  
- If LTSP clients were attached to the backbone network 10.0.0.0/8 (combi 
- server or LTSP cluster setup) things would be even more complicated and 
- maybe only a sophisticated DHCP setup (in LDAP) checking the vendor-class-identifier together with appropriate PAM configuration would allow to disable internal ssh login.
+ If !X2Go clients were attached to the backbone network 10.0.0.0/8, things would be even more complicated and maybe only a sophisticated DHCP setup (in LDAP) checking the vendor-class-identifier together with appropriate PAM configuration would allow to disable internal ssh login.
  
  CategoryPermalink
  



More information about the debian-edu-commits mailing list