FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Edubuntu User

 
 
LinkBack Thread Tools
 
Old 09-15-2010, 03:45 AM
theluketaylor
 
Default lucid unown user id LTSP user cant loggin

David,

With newer versions of samba it's pretty straight forward to do AD
authentication though there are a couple of tricky steps.

I have found the the documents:

https://help.ubuntu.com/community/Samba/Kerberos
https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto

to be the easiest method to join an edubuntu server to an AD domain,
especially since it doesn't requires changes to the domain itself.
Some of the LDAP and other methods to authenticate against AD require
special AD schema and such and that's hard when you don't control the
domain. You do need to be a domain admin to join the server in the
first place but after that no special rights are required since your
server is a domain member just like every other domain computer.

The first time I joined a linux server to domain it was a bit scary
but it has become somewhat routine from having done it so many times.
I'd recommend installing ubuntu on a spare workstation and practicing
on it until you get it right so your edubuntu system doesn't get all
messed up. The PAM portions are the most confusing so I'd read
through that carefully before proceeding (especially since that
controls the methods the server uses to grant login rights so be sure
to have an open root console to back out any changes in case you make
it impossible to log back in).

Using these 2 documents you'll be able to do everything you described
below. Samba/Winbind will authenticate against the AD controllers and
PAM will create home directories for users who have not logged in
before. This doesn't actually create local unix accounts, it just
maps active directory accounts into the local passwd database. This
means you administrate the accounts from AD. It also means your
domain controller needs to be available for users to be able to log
in. You can use PAM to define what groups are allowed to log into
your server, by default it's anyone in domain member. The other
caveat is users can't change the domain password from your linux
server (at least not in a way I'd be willing to try to explain to high
school students) so if their password is expired it can cause some
grief. I have encouraged my users to change their password before it
expires since that causes problems with all non-windows domain logins
like web UIs and proxy servers.

To make files available from our windows file and print server I also
use pam_mount (http://pam-mount.sourceforge.net/) to mount network
home directories at ~/Documents. I don't mount their network folder
at ~ to avoid lots of .directories being created that show up in
windows and because CIFS doesn't support sockets and many unix
applications create them in home directories.

Hopefully that points you in the right direction. I've had great luck
with this method for the last few years with our edubuntu server using
AD logins.

Luke Taylor

On Tue, Sep 14, 2010 at 10:52 PM, David Groos <djgroos@gmail.com> wrote:
>
> I've been perusing all the threads I could find about LDAP and AD authentication.* I've seen Scott's tutorial mentioned more than once (and thanks David H for sharing how you filled in the 'client install section'--extra examples help).* I'm a teacher and not a techer, and when I look at Scotts instruction well, you can imagine how I feel.
>
> The following is what I'm trying to do.* I just have a couple of admin and test users on my Lucid LTSP server at this time.* What I want to happen is that a student, who doesn't yet have an account on my server BUT has one with the district, be able to:
>
> walk up to a thin client, sit down and upon entering her district username and password, authenticate against the districts Active Directory server.
> I want that to create an account and home folder (as a desktop user) for the user on my Lucid server.
> Thereafter, whenever the student logs in on the thin client, they are authenticated against the district AD server and have access to their Lucid home folder.* I think this is possible, right?
> Question: Would I then manage my users with the standard 'Users and Groups' application that's in the 'Administration' menu, or would I use something else to administer the users?
>
> If a few people have had good luck with Scott's page on Lucid, I'll bring that page to the people in the know at our district and ask for some help following the instructions on that page.
>
> I think using some setup like this is probably a basic need for Edubuntu/LTSP setups in large urban districts.* Thanks for your help,
>
> David G
>
> A
>>
>> I also use LDAP (Openldap). Scott Balneaves wrote up a tutorial on how
>> to get authentication working a while back. *It can be found here:
>> https://wiki.edubuntu.org/Edubuntu/WikiSite/SimpleLDAPSetup
>>
>> Follow the section for Client: install client pieces. *For my systems,
>> I added just the ldap-auth-client. * *I answered the questions. I
>> changed the ldapi:/// to ldap://IP.x.y.z:389/ ... I also entered the
>> correct info for the realm. *I answered yes to the question about
>> having root be able to change passwords, and no for the authentication
>> required to access the database.
>>
>> Next, I copied/pasted the example profile changing given on the above
>> page, only I changed edubuntu to something appropriate for our school
>> and saved it as ncs-ldap-config.
>>
>> I then invoked auth-client-config -a -p ncs
>>
>> Afterwards I was able to use ldap. *I now have 7 servers all
>> authenticating successfully following this approach. Many thanks to
>> Scott for help with that wiki page.
>>
>> Sincerely,
>> Dave Hopkins
>>
>
> --
> edubuntu-users mailing list
> edubuntu-users@lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
>

--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 09-15-2010, 04:45 PM
David Groos
 
Default lucid unown user id LTSP user cant loggin

Thanks Luke for your extensive and informative response.* Your solution sounds like it has even more than I asked for--accessing students' district home folders and not just their edubuntu home folder is a big plus and starts to pave the way of how edubuntu can be integrated with the existing ICT infrastructure at the district level.* I've got a few question--please see below.


On Wed, Sep 15, 2010 at 6:45 AM, theluketaylor <ekul.taylor@gmail.com> wrote:

David,



With newer versions of samba it's pretty straight forward to do AD

authentication though there are a couple of tricky steps.



I have found the the documents:



https://help.ubuntu.com/community/Samba/Kerberos

https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto



to be the easiest method to join an edubuntu server to an AD domain,

especially since it doesn't requires changes to the domain itself.

Some of the LDAP and other methods to authenticate against AD require

special AD schema and such and that's hard when you don't control the

domain. *You do need to be a domain admin to join the server in the

first place but after that no special rights are required since your

server is a domain member just like every other domain computer.



The first time I joined a linux server to domain it was a bit scary

but it has become somewhat routine from having done it so many times.

I'd recommend installing ubuntu on a spare workstation and practicing

on it until you get it right so your edubuntu system doesn't get all

messed up. **Could I just use any Edubuntu Lucid installation to test?* In other words, if students can log in on this test machine that would mean they could also sign in on an LTSP client/server?* Is there some special things to add to the basic edubuntu install that are on the actual LTSP server?


The PAM portions are the most confusing so I'd read

through that carefully before proceeding (especially since that

controls the methods the server uses to grant login rights so be sure

to have an open root console to back out any changes in case you make

it impossible to log back in).
*You mean that at another computer I would ssh into the test server and authenticate as root and thus have this access even if I couldn't re-authenticate?





Using these 2 documents you'll be able to do everything you described

below. *Samba/Winbind will authenticate against the AD controllers and

PAM will create home directories for users who have not logged in

before. *This doesn't actually create local unix accounts, it just

maps active directory accounts into the local passwd database. *This

means you administrate the accounts from AD. **I have no permissions on the AD server and while I don't think I would need to administer their accounts, I'm sure I need to be able to create groups of users (by period for example) that don't exist on the district level AD servers.* Is there a way that I can create and manage these groups and their membership?

*
It also means your

domain controller needs to be available for users to be able to log

in. *You can use PAM to define what groups are allowed to log into

your server, by default it's anyone in domain member. *The other

caveat is users can't change the domain password from your linux

server (at least not in a way I'd be willing to try to explain to high

school students) so if their password is expired it can cause some

grief. *I have encouraged my users to change their password before it

expires since that causes problems with all non-windows domain logins

like web UIs and proxy servers.



To make files available from our windows file and print server I also

use pam_mount (http://pam-mount.sourceforge.net/) to mount network

home directories at ~/Documents. *I don't mount their network folder

at ~ to avoid lots of .directories being created that show up in

windows and because CIFS doesn't support sockets and many unix

applications create them in home directories.
*Nice!
*




Hopefully that points you in the right direction. *I've had great luck

with this method for the last few years with our edubuntu server using

AD logins.



Luke Taylor
My final questions are:
Does this affect how I setup squid proxy?How would this system relate to using Sabayon to managing users gconf preferences?Would I go about and set up CUPS differently?

Thanks!
David
*
On Tue, Sep 14, 2010 at 10:52 PM, David Groos <djgroos@gmail.com> wrote:

>

> I've been perusing all the threads I could find about LDAP and AD authentication.* I've seen Scott's tutorial mentioned more than once (and thanks David H for sharing how you filled in the 'client install section'--extra examples help).* I'm a teacher and not a techer, and when I look at Scotts instruction well, you can imagine how I feel.


>

> The following is what I'm trying to do.* I just have a couple of admin and test users on my Lucid LTSP server at this time.* What I want to happen is that a student, who doesn't yet have an account on my server BUT has one with the district, be able to:


>

> walk up to a thin client, sit down and upon entering her district username and password, authenticate against the districts Active Directory server.

> I want that to create an account and home folder (as a desktop user) for the user on my Lucid server.

> Thereafter, whenever the student logs in on the thin client, they are authenticated against the district AD server and have access to their Lucid home folder.* I think this is possible, right?

> Question: Would I then manage my users with the standard 'Users and Groups' application that's in the 'Administration' menu, or would I use something else to administer the users?

>

> If a few people have had good luck with Scott's page on Lucid, I'll bring that page to the people in the know at our district and ask for some help following the instructions on that page.

>

> I think using some setup like this is probably a basic need for Edubuntu/LTSP setups in large urban districts.* Thanks for your help,

>

> David G

>

> A

>>

>> I also use LDAP (Openldap). Scott Balneaves wrote up a tutorial on how

>> to get authentication working a while back. *It can be found here:

>> https://wiki.edubuntu.org/Edubuntu/WikiSite/SimpleLDAPSetup

>>

>> Follow the section for Client: install client pieces. *For my systems,

>> I added just the ldap-auth-client. * *I answered the questions. I

>> changed the ldapi:/// to ldap://IP.x.y.z:389/ ... I also entered the

>> correct info for the realm. *I answered yes to the question about

>> having root be able to change passwords, and no for the authentication

>> required to access the database.

>>

>> Next, I copied/pasted the example profile changing given on the above

>> page, only I changed edubuntu to something appropriate for our school

>> and saved it as ncs-ldap-config.

>>

>> I then invoked auth-client-config -a -p ncs

>>

>> Afterwards I was able to use ldap. *I now have 7 servers all

>> authenticating successfully following this approach. Many thanks to

>> Scott for help with that wiki page.

>>

>> Sincerely,

>> Dave Hopkins

>>

>

> --

> edubuntu-users mailing list

> edubuntu-users@lists.ubuntu.com

> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users

>



--
edubuntu-devel mailing list
edubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-devel
 
Old 09-15-2010, 04:45 PM
David Groos
 
Default lucid unown user id LTSP user cant loggin

Thanks Luke for your extensive and informative response.* Your solution sounds like it has even more than I asked for--accessing students' district home folders and not just their edubuntu home folder is a big plus and starts to pave the way of how edubuntu can be integrated with the existing ICT infrastructure at the district level.* I've got a few question--please see below.


On Wed, Sep 15, 2010 at 6:45 AM, theluketaylor <ekul.taylor@gmail.com> wrote:

David,



With newer versions of samba it's pretty straight forward to do AD

authentication though there are a couple of tricky steps.



I have found the the documents:



https://help.ubuntu.com/community/Samba/Kerberos

https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto



to be the easiest method to join an edubuntu server to an AD domain,

especially since it doesn't requires changes to the domain itself.

Some of the LDAP and other methods to authenticate against AD require

special AD schema and such and that's hard when you don't control the

domain. *You do need to be a domain admin to join the server in the

first place but after that no special rights are required since your

server is a domain member just like every other domain computer.



The first time I joined a linux server to domain it was a bit scary

but it has become somewhat routine from having done it so many times.

I'd recommend installing ubuntu on a spare workstation and practicing

on it until you get it right so your edubuntu system doesn't get all

messed up. **Could I just use any Edubuntu Lucid installation to test?* In other words, if students can log in on this test machine that would mean they could also sign in on an LTSP client/server?* Is there some special things to add to the basic edubuntu install that are on the actual LTSP server?


The PAM portions are the most confusing so I'd read

through that carefully before proceeding (especially since that

controls the methods the server uses to grant login rights so be sure

to have an open root console to back out any changes in case you make

it impossible to log back in).
*You mean that at another computer I would ssh into the test server and authenticate as root and thus have this access even if I couldn't re-authenticate?





Using these 2 documents you'll be able to do everything you described

below. *Samba/Winbind will authenticate against the AD controllers and

PAM will create home directories for users who have not logged in

before. *This doesn't actually create local unix accounts, it just

maps active directory accounts into the local passwd database. *This

means you administrate the accounts from AD. **I have no permissions on the AD server and while I don't think I would need to administer their accounts, I'm sure I need to be able to create groups of users (by period for example) that don't exist on the district level AD servers.* Is there a way that I can create and manage these groups and their membership?

*
It also means your

domain controller needs to be available for users to be able to log

in. *You can use PAM to define what groups are allowed to log into

your server, by default it's anyone in domain member. *The other

caveat is users can't change the domain password from your linux

server (at least not in a way I'd be willing to try to explain to high

school students) so if their password is expired it can cause some

grief. *I have encouraged my users to change their password before it

expires since that causes problems with all non-windows domain logins

like web UIs and proxy servers.



To make files available from our windows file and print server I also

use pam_mount (http://pam-mount.sourceforge.net/) to mount network

home directories at ~/Documents. *I don't mount their network folder

at ~ to avoid lots of .directories being created that show up in

windows and because CIFS doesn't support sockets and many unix

applications create them in home directories.
*Nice!
*




Hopefully that points you in the right direction. *I've had great luck

with this method for the last few years with our edubuntu server using

AD logins.



Luke Taylor
My final questions are:
Does this affect how I setup squid proxy?How would this system relate to using Sabayon to managing users gconf preferences?Would I go about and set up CUPS differently?

Thanks!
David
*
On Tue, Sep 14, 2010 at 10:52 PM, David Groos <djgroos@gmail.com> wrote:

>

> I've been perusing all the threads I could find about LDAP and AD authentication.* I've seen Scott's tutorial mentioned more than once (and thanks David H for sharing how you filled in the 'client install section'--extra examples help).* I'm a teacher and not a techer, and when I look at Scotts instruction well, you can imagine how I feel.


>

> The following is what I'm trying to do.* I just have a couple of admin and test users on my Lucid LTSP server at this time.* What I want to happen is that a student, who doesn't yet have an account on my server BUT has one with the district, be able to:


>

> walk up to a thin client, sit down and upon entering her district username and password, authenticate against the districts Active Directory server.

> I want that to create an account and home folder (as a desktop user) for the user on my Lucid server.

> Thereafter, whenever the student logs in on the thin client, they are authenticated against the district AD server and have access to their Lucid home folder.* I think this is possible, right?

> Question: Would I then manage my users with the standard 'Users and Groups' application that's in the 'Administration' menu, or would I use something else to administer the users?

>

> If a few people have had good luck with Scott's page on Lucid, I'll bring that page to the people in the know at our district and ask for some help following the instructions on that page.

>

> I think using some setup like this is probably a basic need for Edubuntu/LTSP setups in large urban districts.* Thanks for your help,

>

> David G

>

> A

>>

>> I also use LDAP (Openldap). Scott Balneaves wrote up a tutorial on how

>> to get authentication working a while back. *It can be found here:

>> https://wiki.edubuntu.org/Edubuntu/WikiSite/SimpleLDAPSetup

>>

>> Follow the section for Client: install client pieces. *For my systems,

>> I added just the ldap-auth-client. * *I answered the questions. I

>> changed the ldapi:/// to ldap://IP.x.y.z:389/ ... I also entered the

>> correct info for the realm. *I answered yes to the question about

>> having root be able to change passwords, and no for the authentication

>> required to access the database.

>>

>> Next, I copied/pasted the example profile changing given on the above

>> page, only I changed edubuntu to something appropriate for our school

>> and saved it as ncs-ldap-config.

>>

>> I then invoked auth-client-config -a -p ncs

>>

>> Afterwards I was able to use ldap. *I now have 7 servers all

>> authenticating successfully following this approach. Many thanks to

>> Scott for help with that wiki page.

>>

>> Sincerely,

>> Dave Hopkins

>>

>

> --

> edubuntu-users mailing list

> edubuntu-users@lists.ubuntu.com

> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users

>



--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 09-15-2010, 05:22 PM
theluketaylor
 
Default lucid unown user id LTSP user cant loggin

David,

Hopefully my answers shed some more light

On Wed, Sep 15, 2010 at 12:45 PM, David Groos <djgroos@gmail.com> wrote:
> Thanks Luke for your extensive and informative response.* Your solution
> sounds like it has even more than I asked for--accessing students' district
> home folders and not just their edubuntu home folder is a big plus and
> starts to pave the way of how edubuntu can be integrated with the existing
> ICT infrastructure at the district level.* I've got a few question--please
> see below.
>
> On Wed, Sep 15, 2010 at 6:45 AM, theluketaylor <ekul.taylor@gmail.com>
> wrote:
>>
>> David,
>>
>> With newer versions of samba it's pretty straight forward to do AD
>> authentication though there are a couple of tricky steps.
>>
>> I have found the the documents:
>>
>> https://help.ubuntu.com/community/Samba/Kerberos
>> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
>>
>> to be the easiest method to join an edubuntu server to an AD domain,
>> especially since it doesn't requires changes to the domain itself.
>> Some of the LDAP and other methods to authenticate against AD require
>> special AD schema and such and that's hard when you don't control the
>> domain. *You do need to be a domain admin to join the server in the
>> first place but after that no special rights are required since your
>> server is a domain member just like every other domain computer.
>>
>> The first time I joined a linux server to domain it was a bit scary
>> but it has become somewhat routine from having done it so many times.
>> I'd recommend installing ubuntu on a spare workstation and practicing
>> on it until you get it right so your edubuntu system doesn't get all
>> messed up.
>
>
> Could I just use any Edubuntu Lucid installation to test?* In other words,
> if students can log in on this test machine that would mean they could also
> sign in on an LTSP client/server?* Is there some special things to add to
> the basic edubuntu install that are on the actual LTSP server?

You can use any of the ubuntu flavours with the howtos I linked,
edubuntu included. Once you can login to the server itself with AD
you can log into any thin client, no additional steps. This is a real
advantage of the server/thin client setups since only the server needs
to be added to the domain, not each client. You can use any edubuntu
installation to test, I just recommended a fresh install on spare
hardware to test since there is no telling how smoothly it will go.
In terms of software that needs to be added, it all goes on the LTSP
server. You have to install:
samba
winbind
kerberos
along with the necessary dependencies. Looking through the documents
to confirm what all needed to be installed I realized the kerberos
document has been changed and isn't quite as helpful as before.
https://help.ubuntu.com/community/Samba/Kerberos?action=recall&rev=10
is the one I have successfully used in the past

>
>> The PAM portions are the most confusing so I'd read
>> through that carefully before proceeding (especially since that
>> controls the methods the server uses to grant login rights so be sure
>> to have an open root console to back out any changes in case you make
>> it impossible to log back in).
>
>
> You mean that at another computer I would ssh into the test server and
> authenticate as root and thus have this access even if I couldn't
> re-authenticate?

or just have a root terminal open on the test server. Either way
works. If you mess up your PAM config in certain ways you won't be
able to create new sessions (which also means sudo is out) but
existing sessions will work.; You'll be logging in and out to test
the config so you need to be sure you have a lifeline in case
something goes wrong. Also don't reboot the server until you're sure
you can login correctly.

>
>>
>> Using these 2 documents you'll be able to do everything you described
>> below. *Samba/Winbind will authenticate against the AD controllers and
>> PAM will create home directories for users who have not logged in
>> before. *This doesn't actually create local unix accounts, it just
>> maps active directory accounts into the local passwd database. *This
>> means you administrate the accounts from AD.
>
>
> I have no permissions on the AD server and while I don't think I would need
> to administer their accounts, I'm sure I need to be able to create groups of
> users (by period for example) that don't exist on the district level AD
> servers.* Is there a way that I can create and manage these groups and their
> membership?
>
As I said you will need to be a member of Domain Admin in order to
join the server to the domain which is a critical step.
While I just use AD to manage memberships it is possible to add AD
users to local unix groups. Having never had to do it myself I can`t
speak to how easy it would be but I`m not sure you`d be able to use
the graphical user and groups gnome tool. I do know the command line
addgroup scripts work fine though

>>
>> It also means your
>> domain controller needs to be available for users to be able to log
>> in. *You can use PAM to define what groups are allowed to log into
>> your server, by default it's anyone in domain member. *The other
>>
>> caveat is users can't change the domain password from your linux
>> server (at least not in a way I'd be willing to try to explain to high
>> school students) so if their password is expired it can cause some
>> grief. *I have encouraged my users to change their password before it
>> expires since that causes problems with all non-windows domain logins
>> like web UIs and proxy servers.
>>
>> To make files available from our windows file and print server I also
>> use pam_mount (http://pam-mount.sourceforge.net/) to mount network
>> home directories at ~/Documents. *I don't mount their network folder
>> at ~ to avoid lots of .directories being created that show up in
>> windows and because CIFS doesn't support sockets and many unix
>> applications create them in home directories.
>
>
> Nice!
pam_mount was a bit of a pain to setup but now that it's working it
hums along nicely. There is slightly annoying issue that gnome
sessions don't quite clean themselves up enough to allow pam_mount to
unmount on log out but I just run a nightly script that unmounts all
CIFS shares and that does the trick. pam_mount is smart enough now
not to mount something that's already mounted so it isn't a huge
issue.

>
>>
>> Hopefully that points you in the right direction. *I've had great luck
>> with this method for the last few years with our edubuntu server using
>> AD logins.
>>
>> Luke Taylor
>
> My final questions are:
>
> Does this affect how I setup squid proxy?
Depends on if you use transparent or authenticated mode. We have a
school-wide authenticated squid proxy. I have added a global setting
to firefox on our edubuntu server (found in /etc/firefox-3.6/default
or something like that) to define the proxy server settings so when
users open firefox the first time the setting is automatically added.
If you use transparent mode you shouldn't have to do anything

> How would this system relate to using Sabayon to managing users gconf
> preferences?
Integrating AD into PAM means as far as applications are concerned AD
users are local unix users. So you can use sabayon just as before,
you can even have it use AD groups to choose what settings to apply.
I have one profile for an AD group called students_g and one for
teachers_g but you could go as fine-grained as you like.

> Would I go about and set up CUPS differently?
It depends on how you have cups set up now but I doubt you would make
any changes.

> Thanks!
> David
>
>>
>> On Tue, Sep 14, 2010 at 10:52 PM, David Groos <djgroos@gmail.com> wrote:
>> >
>> > I've been perusing all the threads I could find about LDAP and AD
>> > authentication.* I've seen Scott's tutorial mentioned more than once (and
>> > thanks David H for sharing how you filled in the 'client install
>> > section'--extra examples help).* I'm a teacher and not a techer, and when I
>> > look at Scotts instruction well, you can imagine how I feel.
>> >
>> > The following is what I'm trying to do.* I just have a couple of admin
>> > and test users on my Lucid LTSP server at this time.* What I want to happen
>> > is that a student, who doesn't yet have an account on my server BUT has one
>> > with the district, be able to:
>> >
>> > walk up to a thin client, sit down and upon entering her district
>> > username and password, authenticate against the districts Active Directory
>> > server.
>> > I want that to create an account and home folder (as a desktop user) for
>> > the user on my Lucid server.
>> > Thereafter, whenever the student logs in on the thin client, they are
>> > authenticated against the district AD server and have access to their Lucid
>> > home folder.* I think this is possible, right?
>> > Question: Would I then manage my users with the standard 'Users and
>> > Groups' application that's in the 'Administration' menu, or would I use
>> > something else to administer the users?
>> >
>> > If a few people have had good luck with Scott's page on Lucid, I'll
>> > bring that page to the people in the know at our district and ask for some
>> > help following the instructions on that page.
>> >
>> > I think using some setup like this is probably a basic need for
>> > Edubuntu/LTSP setups in large urban districts.* Thanks for your help,
>> >
>> > David G
>> >
>> > A
>> >>
>> >> I also use LDAP (Openldap). Scott Balneaves wrote up a tutorial on how
>> >> to get authentication working a while back. *It can be found here:
>> >> https://wiki.edubuntu.org/Edubuntu/WikiSite/SimpleLDAPSetup
>> >>
>> >> Follow the section for Client: install client pieces. *For my systems,
>> >> I added just the ldap-auth-client. * *I answered the questions. I
>> >> changed the ldapi:/// to ldap://IP.x.y.z:389/ ... I also entered the
>> >> correct info for the realm. *I answered yes to the question about
>> >> having root be able to change passwords, and no for the authentication
>> >> required to access the database.
>> >>
>> >> Next, I copied/pasted the example profile changing given on the above
>> >> page, only I changed edubuntu to something appropriate for our school
>> >> and saved it as ncs-ldap-config.
>> >>
>> >> I then invoked auth-client-config -a -p ncs
>> >>
>> >> Afterwards I was able to use ldap. *I now have 7 servers all
>> >> authenticating successfully following this approach. Many thanks to
>> >> Scott for help with that wiki page.
>> >>
>> >> Sincerely,
>> >> Dave Hopkins
>> >>
>> >
>> > --
>> > edubuntu-users mailing list
>> > edubuntu-users@lists.ubuntu.com
>> > Modify settings or unsubscribe at:
>> > https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
>> >
>
>

--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 09-15-2010, 09:57 PM
David Groos
 
Default lucid unown user id LTSP user cant loggin

Thanks Luke for further details...

On Wed, Sep 15, 2010 at 12:22 PM, theluketaylor <ekul.taylor@gmail.com> wrote:

David,



Hopefully my answers shed some more light
The flashlight continues to shine into corners...






or just have a root terminal open on the test server. *Either way

works. *If you mess up your PAM config in certain ways you won't be

able to create new sessions (which also means sudo is out) but

existing sessions will work.; *You'll be logging in and out to test

the config so you need to be sure you have a lifeline in case

something goes wrong. *Also don't reboot the server until you're sure

you can login correctly.
I kind of get this but not sure of details--So I call the session with something like Control-Alt-F2?* And it's always in the background as long as I don't reboot the computer?





While I just use AD to manage memberships it is possible to add AD

users to local unix groups. *Having never had to do it myself I can`t

speak to how easy it would be but I`m not sure you`d be able to use

the graphical user and groups gnome tool. *I do know the command line

addgroup scripts work fine though
I think I'll open a new thread up for this question--it is key.






> Does this affect how I setup squid proxy?

*Depends on if you use transparent or authenticated mode. *We have a


school-wide authenticated squid proxy. *I have added a global setting

to firefox on our edubuntu server (found in /etc/firefox-3.6/default

or something like that) to define the proxy server settings so when

users open firefox the first time the setting is automatically added.

If you use transparent mode you shouldn't have to do anything
I'd like to use authenticated as it leaves an accountability trail for users--Glad this works.




> How would this system relate to using Sabayon to managing users gconf

> preferences?

Integrating AD into PAM means as far as applications are concerned AD

users are local unix users. *So you can use sabayon just as before,

you can even have it use AD groups to choose what settings to apply.

I have one profile for an AD group called students_g and one for

teachers_g but you could go as fine-grained as you like.
This is why I need groups on my computer--the district doesn't have fine-grain grouping.


I'll dive in to this after I've cleared up about local user accounts.



David



--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 09-02-2011, 01:31 PM
David Groos
 
Default lucid unown user id LTSP user cant loggin

Instead of starting a new thread, I'm resurrecting this elder thread to continue to build on it and not re-create the great info already here.

My focused question is, what is the minimal server set-up so that just the following 2 behaviors occur:

The first time a user sits at one of my fatclients, types in her user/pass, she will be authenticated via our districts AD setup AND a home directory on my server will be created for her.Thereafter when she sits down, types in her user/pass, she is authenticated by our district AD server AND her local (on the LTSP server) home folder is mounted.
Luke has provided great resources and I'm looking for the minimal set-up to accomplish the 2 behaviors described above, at this time, JUST those 2 behaviors.* With the resources/strategies he described, and the answer to the question in this post, I'm confident that I can make this work.


Thanks,
David

On Wed, Sep 15, 2010 at 12:22 PM, theluketaylor <ekul.taylor@gmail.com> wrote:

David,



Hopefully my answers shed some more light



On Wed, Sep 15, 2010 at 12:45 PM, David Groos <djgroos@gmail.com> wrote:

> Thanks Luke for your extensive and informative response.* Your solution

> sounds like it has even more than I asked for--accessing students' district

> home folders and not just their edubuntu home folder is a big plus and

> starts to pave the way of how edubuntu can be integrated with the existing

> ICT infrastructure at the district level.* I've got a few question--please

> see below.

>

> On Wed, Sep 15, 2010 at 6:45 AM, theluketaylor <ekul.taylor@gmail.com>

> wrote:

>>

>> David,

>>

>> With newer versions of samba it's pretty straight forward to do AD

>> authentication though there are a couple of tricky steps.

>>

>> I have found the the documents:

>>

>> https://help.ubuntu.com/community/Samba/Kerberos

>> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto

>>

>> to be the easiest method to join an edubuntu server to an AD domain,

>> especially since it doesn't requires changes to the domain itself.

>> Some of the LDAP and other methods to authenticate against AD require

>> special AD schema and such and that's hard when you don't control the

>> domain. *You do need to be a domain admin to join the server in the

>> first place but after that no special rights are required since your

>> server is a domain member just like every other domain computer.

>>

>> The first time I joined a linux server to domain it was a bit scary

>> but it has become somewhat routine from having done it so many times.

>> I'd recommend installing ubuntu on a spare workstation and practicing

>> on it until you get it right so your edubuntu system doesn't get all

>> messed up.

>

>

> Could I just use any Edubuntu Lucid installation to test?* In other words,

> if students can log in on this test machine that would mean they could also

> sign in on an LTSP client/server?* Is there some special things to add to

> the basic edubuntu install that are on the actual LTSP server?



You can use any of the ubuntu flavours with the howtos I linked,

edubuntu included. *Once you can login to the server itself with AD

you can log into any thin client, no additional steps. *This is a real

advantage of the server/thin client setups since only the server needs

to be added to the domain, not each client. *You can use any edubuntu

installation to test, I just recommended a fresh install on spare

hardware to test since there is no telling how smoothly it will go.

In terms of software that needs to be added, it all goes on the LTSP

server. *You have to install:

samba

winbind

kerberos

along with the necessary dependencies. *Looking through the documents

to confirm what all needed to be installed I realized the kerberos

document has been changed and isn't quite as helpful as before.

https://help.ubuntu.com/community/Samba/Kerberos?action="">

is the one I have successfully used in the past



>

>> The PAM portions are the most confusing so I'd read

>> through that carefully before proceeding (especially since that

>> controls the methods the server uses to grant login rights so be sure

>> to have an open root console to back out any changes in case you make

>> it impossible to log back in).

>

>

> You mean that at another computer I would ssh into the test server and

> authenticate as root and thus have this access even if I couldn't

> re-authenticate?



or just have a root terminal open on the test server. *Either way

works. *If you mess up your PAM config in certain ways you won't be

able to create new sessions (which also means sudo is out) but

existing sessions will work.; *You'll be logging in and out to test

the config so you need to be sure you have a lifeline in case

something goes wrong. *Also don't reboot the server until you're sure

you can login correctly.



>

>>

>> Using these 2 documents you'll be able to do everything you described

>> below. *Samba/Winbind will authenticate against the AD controllers and

>> PAM will create home directories for users who have not logged in

>> before. *This doesn't actually create local unix accounts, it just

>> maps active directory accounts into the local passwd database. *This

>> means you administrate the accounts from AD.

>

>

> I have no permissions on the AD server and while I don't think I would need

> to administer their accounts, I'm sure I need to be able to create groups of

> users (by period for example) that don't exist on the district level AD

> servers.* Is there a way that I can create and manage these groups and their

> membership?

>

As I said you will need to be a member of Domain Admin in order to

join the server to the domain which is a critical step.

While I just use AD to manage memberships it is possible to add AD

users to local unix groups. *Having never had to do it myself I can`t

speak to how easy it would be but I`m not sure you`d be able to use

the graphical user and groups gnome tool. *I do know the command line

addgroup scripts work fine though



>>

>> It also means your

>> domain controller needs to be available for users to be able to log

>> in. *You can use PAM to define what groups are allowed to log into

>> your server, by default it's anyone in domain member. *The other

>>

>> caveat is users can't change the domain password from your linux

>> server (at least not in a way I'd be willing to try to explain to high

>> school students) so if their password is expired it can cause some

>> grief. *I have encouraged my users to change their password before it

>> expires since that causes problems with all non-windows domain logins

>> like web UIs and proxy servers.

>>

>> To make files available from our windows file and print server I also

>> use pam_mount (http://pam-mount.sourceforge.net/) to mount network

>> home directories at ~/Documents. *I don't mount their network folder

>> at ~ to avoid lots of .directories being created that show up in

>> windows and because CIFS doesn't support sockets and many unix

>> applications create them in home directories.

>

>

> Nice!

pam_mount was a bit of a pain to setup but now that it's working it

hums along nicely. *There is slightly annoying issue that gnome

sessions don't quite clean themselves up enough to allow pam_mount to

unmount on log out but I just run a nightly script that unmounts all

CIFS shares and that does the trick. *pam_mount is smart enough now

not to mount something that's already mounted so it isn't a huge

issue.



>

>>

>> Hopefully that points you in the right direction. *I've had great luck

>> with this method for the last few years with our edubuntu server using

>> AD logins.

>>

>> Luke Taylor

>

> My final questions are:

>

> Does this affect how I setup squid proxy?

Depends on if you use transparent or authenticated mode. *We have a

school-wide authenticated squid proxy. *I have added a global setting

to firefox on our edubuntu server (found in /etc/firefox-3.6/default

or something like that) to define the proxy server settings so when

users open firefox the first time the setting is automatically added.

If you use transparent mode you shouldn't have to do anything



> How would this system relate to using Sabayon to managing users gconf

> preferences?

Integrating AD into PAM means as far as applications are concerned AD

users are local unix users. *So you can use sabayon just as before,

you can even have it use AD groups to choose what settings to apply.

I have one profile for an AD group called students_g and one for

teachers_g but you could go as fine-grained as you like.



> Would I go about and set up CUPS differently?

It depends on how you have cups set up now but I doubt you would make

any changes.



> Thanks!

> David

>

>>

>> On Tue, Sep 14, 2010 at 10:52 PM, David Groos <djgroos@gmail.com> wrote:

>> >

>> > I've been perusing all the threads I could find about LDAP and AD

>> > authentication.* I've seen Scott's tutorial mentioned more than once (and

>> > thanks David H for sharing how you filled in the 'client install

>> > section'--extra examples help).* I'm a teacher and not a techer, and when I

>> > look at Scotts instruction well, you can imagine how I feel.

>> >

>> > The following is what I'm trying to do.* I just have a couple of admin

>> > and test users on my Lucid LTSP server at this time.* What I want to happen

>> > is that a student, who doesn't yet have an account on my server BUT has one

>> > with the district, be able to:

>> >

>> > walk up to a thin client, sit down and upon entering her district

>> > username and password, authenticate against the districts Active Directory

>> > server.

>> > I want that to create an account and home folder (as a desktop user) for

>> > the user on my Lucid server.

>> > Thereafter, whenever the student logs in on the thin client, they are

>> > authenticated against the district AD server and have access to their Lucid

>> > home folder.* I think this is possible, right?

>> > Question: Would I then manage my users with the standard 'Users and

>> > Groups' application that's in the 'Administration' menu, or would I use

>> > something else to administer the users?

>> >

>> > If a few people have had good luck with Scott's page on Lucid, I'll

>> > bring that page to the people in the know at our district and ask for some

>> > help following the instructions on that page.

>> >

>> > I think using some setup like this is probably a basic need for

>> > Edubuntu/LTSP setups in large urban districts.* Thanks for your help,

>> >

>> > David G

>> >

>> > A

>> >>

>> >> I also use LDAP (Openldap). Scott Balneaves wrote up a tutorial on how

>> >> to get authentication working a while back. *It can be found here:

>> >> https://wiki.edubuntu.org/Edubuntu/WikiSite/SimpleLDAPSetup

>> >>

>> >> Follow the section for Client: install client pieces. *For my systems,

>> >> I added just the ldap-auth-client. * *I answered the questions. I

>> >> changed the ldapi:/// to ldap://IP.x.y.z:389/ ... I also entered the

>> >> correct info for the realm. *I answered yes to the question about

>> >> having root be able to change passwords, and no for the authentication

>> >> required to access the database.

>> >>

>> >> Next, I copied/pasted the example profile changing given on the above

>> >> page, only I changed edubuntu to something appropriate for our school

>> >> and saved it as ncs-ldap-config.

>> >>

>> >> I then invoked auth-client-config -a -p ncs

>> >>

>> >> Afterwards I was able to use ldap. *I now have 7 servers all

>> >> authenticating successfully following this approach. Many thanks to

>> >> Scott for help with that wiki page.

>> >>

>> >> Sincerely,

>> >> Dave Hopkins

>> >>

>> >

>> > --

>> > edubuntu-users mailing list

>> > edubuntu-users@lists.ubuntu.com

>> > Modify settings or unsubscribe at:

>> > https://lists.ubuntu.com/mailman/listinfo/edubuntu-users

>> >

>

>



--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 09-13-2011, 02:37 AM
David Groos
 
Default lucid unown user id LTSP user cant loggin

To put a final nail in this coffin, I finally got the LDAP authentication/ home directory creation working on my fat clients on 2 servers.* My directions are quite sloppy (as I finally got it working but not sure what are the essential, minimum steps) so I'll not put them on the Ubuntu or Edubuntu wiki, but as a source of detailed ideas/things to try I did put them on my blog, here: http://groosd.blogspot.com/2011/09/making-lucid-authenticate-via-district.html.* It sure is nice now that it works.


David

On Fri, Sep 2, 2011 at 8:31 AM, David Groos <djgroos@gmail.com> wrote:

Instead of starting a new thread, I'm resurrecting this elder thread to continue to build on it and not re-create the great info already here.

My focused question is, what is the minimal server set-up so that just the following 2 behaviors occur:


The first time a user sits at one of my fatclients, types in her user/pass, she will be authenticated via our districts AD setup AND a home directory on my server will be created for her.Thereafter when she sits down, types in her user/pass, she is authenticated by our district AD server AND her local (on the LTSP server) home folder is mounted.

Luke has provided great resources and I'm looking for the minimal set-up to accomplish the 2 behaviors described above, at this time, JUST those 2 behaviors.* With the resources/strategies he described, and the answer to the question in this post, I'm confident that I can make this work.



Thanks,
David

On Wed, Sep 15, 2010 at 12:22 PM, theluketaylor <ekul.taylor@gmail.com> wrote:


David,



Hopefully my answers shed some more light



On Wed, Sep 15, 2010 at 12:45 PM, David Groos <djgroos@gmail.com> wrote:

> Thanks Luke for your extensive and informative response.* Your solution

> sounds like it has even more than I asked for--accessing students' district

> home folders and not just their edubuntu home folder is a big plus and

> starts to pave the way of how edubuntu can be integrated with the existing

> ICT infrastructure at the district level.* I've got a few question--please

> see below.

>

> On Wed, Sep 15, 2010 at 6:45 AM, theluketaylor <ekul.taylor@gmail.com>

> wrote:

>>

>> David,

>>

>> With newer versions of samba it's pretty straight forward to do AD

>> authentication though there are a couple of tricky steps.

>>

>> I have found the the documents:

>>

>> https://help.ubuntu.com/community/Samba/Kerberos

>> https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto

>>

>> to be the easiest method to join an edubuntu server to an AD domain,

>> especially since it doesn't requires changes to the domain itself.

>> Some of the LDAP and other methods to authenticate against AD require

>> special AD schema and such and that's hard when you don't control the

>> domain. *You do need to be a domain admin to join the server in the

>> first place but after that no special rights are required since your

>> server is a domain member just like every other domain computer.

>>

>> The first time I joined a linux server to domain it was a bit scary

>> but it has become somewhat routine from having done it so many times.

>> I'd recommend installing ubuntu on a spare workstation and practicing

>> on it until you get it right so your edubuntu system doesn't get all

>> messed up.

>

>

> Could I just use any Edubuntu Lucid installation to test?* In other words,

> if students can log in on this test machine that would mean they could also

> sign in on an LTSP client/server?* Is there some special things to add to

> the basic edubuntu install that are on the actual LTSP server?



You can use any of the ubuntu flavours with the howtos I linked,

edubuntu included. *Once you can login to the server itself with AD

you can log into any thin client, no additional steps. *This is a real

advantage of the server/thin client setups since only the server needs

to be added to the domain, not each client. *You can use any edubuntu

installation to test, I just recommended a fresh install on spare

hardware to test since there is no telling how smoothly it will go.

In terms of software that needs to be added, it all goes on the LTSP

server. *You have to install:

samba

winbind

kerberos

along with the necessary dependencies. *Looking through the documents

to confirm what all needed to be installed I realized the kerberos

document has been changed and isn't quite as helpful as before.

https://help.ubuntu.com/community/Samba/Kerberos?action="">

is the one I have successfully used in the past



>

>> The PAM portions are the most confusing so I'd read

>> through that carefully before proceeding (especially since that

>> controls the methods the server uses to grant login rights so be sure

>> to have an open root console to back out any changes in case you make

>> it impossible to log back in).

>

>

> You mean that at another computer I would ssh into the test server and

> authenticate as root and thus have this access even if I couldn't

> re-authenticate?



or just have a root terminal open on the test server. *Either way

works. *If you mess up your PAM config in certain ways you won't be

able to create new sessions (which also means sudo is out) but

existing sessions will work.; *You'll be logging in and out to test

the config so you need to be sure you have a lifeline in case

something goes wrong. *Also don't reboot the server until you're sure

you can login correctly.



>

>>

>> Using these 2 documents you'll be able to do everything you described

>> below. *Samba/Winbind will authenticate against the AD controllers and

>> PAM will create home directories for users who have not logged in

>> before. *This doesn't actually create local unix accounts, it just

>> maps active directory accounts into the local passwd database. *This

>> means you administrate the accounts from AD.

>

>

> I have no permissions on the AD server and while I don't think I would need

> to administer their accounts, I'm sure I need to be able to create groups of

> users (by period for example) that don't exist on the district level AD

> servers.* Is there a way that I can create and manage these groups and their

> membership?

>

As I said you will need to be a member of Domain Admin in order to

join the server to the domain which is a critical step.

While I just use AD to manage memberships it is possible to add AD

users to local unix groups. *Having never had to do it myself I can`t

speak to how easy it would be but I`m not sure you`d be able to use

the graphical user and groups gnome tool. *I do know the command line

addgroup scripts work fine though



>>

>> It also means your

>> domain controller needs to be available for users to be able to log

>> in. *You can use PAM to define what groups are allowed to log into

>> your server, by default it's anyone in domain member. *The other

>>

>> caveat is users can't change the domain password from your linux

>> server (at least not in a way I'd be willing to try to explain to high

>> school students) so if their password is expired it can cause some

>> grief. *I have encouraged my users to change their password before it

>> expires since that causes problems with all non-windows domain logins

>> like web UIs and proxy servers.

>>

>> To make files available from our windows file and print server I also

>> use pam_mount (http://pam-mount.sourceforge.net/) to mount network

>> home directories at ~/Documents. *I don't mount their network folder

>> at ~ to avoid lots of .directories being created that show up in

>> windows and because CIFS doesn't support sockets and many unix

>> applications create them in home directories.

>

>

> Nice!

pam_mount was a bit of a pain to setup but now that it's working it

hums along nicely. *There is slightly annoying issue that gnome

sessions don't quite clean themselves up enough to allow pam_mount to

unmount on log out but I just run a nightly script that unmounts all

CIFS shares and that does the trick. *pam_mount is smart enough now

not to mount something that's already mounted so it isn't a huge

issue.



>

>>

>> Hopefully that points you in the right direction. *I've had great luck

>> with this method for the last few years with our edubuntu server using

>> AD logins.

>>

>> Luke Taylor

>

> My final questions are:

>

> Does this affect how I setup squid proxy?

Depends on if you use transparent or authenticated mode. *We have a

school-wide authenticated squid proxy. *I have added a global setting

to firefox on our edubuntu server (found in /etc/firefox-3.6/default

or something like that) to define the proxy server settings so when

users open firefox the first time the setting is automatically added.

If you use transparent mode you shouldn't have to do anything



> How would this system relate to using Sabayon to managing users gconf

> preferences?

Integrating AD into PAM means as far as applications are concerned AD

users are local unix users. *So you can use sabayon just as before,

you can even have it use AD groups to choose what settings to apply.

I have one profile for an AD group called students_g and one for

teachers_g but you could go as fine-grained as you like.



> Would I go about and set up CUPS differently?

It depends on how you have cups set up now but I doubt you would make

any changes.



> Thanks!

> David

>

>>

>> On Tue, Sep 14, 2010 at 10:52 PM, David Groos <djgroos@gmail.com> wrote:

>> >

>> > I've been perusing all the threads I could find about LDAP and AD

>> > authentication.* I've seen Scott's tutorial mentioned more than once (and

>> > thanks David H for sharing how you filled in the 'client install

>> > section'--extra examples help).* I'm a teacher and not a techer, and when I

>> > look at Scotts instruction well, you can imagine how I feel.

>> >

>> > The following is what I'm trying to do.* I just have a couple of admin

>> > and test users on my Lucid LTSP server at this time.* What I want to happen

>> > is that a student, who doesn't yet have an account on my server BUT has one

>> > with the district, be able to:

>> >

>> > walk up to a thin client, sit down and upon entering her district

>> > username and password, authenticate against the districts Active Directory

>> > server.

>> > I want that to create an account and home folder (as a desktop user) for

>> > the user on my Lucid server.

>> > Thereafter, whenever the student logs in on the thin client, they are

>> > authenticated against the district AD server and have access to their Lucid

>> > home folder.* I think this is possible, right?

>> > Question: Would I then manage my users with the standard 'Users and

>> > Groups' application that's in the 'Administration' menu, or would I use

>> > something else to administer the users?

>> >

>> > If a few people have had good luck with Scott's page on Lucid, I'll

>> > bring that page to the people in the know at our district and ask for some

>> > help following the instructions on that page.

>> >

>> > I think using some setup like this is probably a basic need for

>> > Edubuntu/LTSP setups in large urban districts.* Thanks for your help,

>> >

>> > David G

>> >

>> > A

>> >>

>> >> I also use LDAP (Openldap). Scott Balneaves wrote up a tutorial on how

>> >> to get authentication working a while back. *It can be found here:

>> >> https://wiki.edubuntu.org/Edubuntu/WikiSite/SimpleLDAPSetup

>> >>

>> >> Follow the section for Client: install client pieces. *For my systems,

>> >> I added just the ldap-auth-client. * *I answered the questions. I

>> >> changed the ldapi:/// to ldap://IP.x.y.z:389/ ... I also entered the

>> >> correct info for the realm. *I answered yes to the question about

>> >> having root be able to change passwords, and no for the authentication

>> >> required to access the database.

>> >>

>> >> Next, I copied/pasted the example profile changing given on the above

>> >> page, only I changed edubuntu to something appropriate for our school

>> >> and saved it as ncs-ldap-config.

>> >>

>> >> I then invoked auth-client-config -a -p ncs

>> >>

>> >> Afterwards I was able to use ldap. *I now have 7 servers all

>> >> authenticating successfully following this approach. Many thanks to

>> >> Scott for help with that wiki page.

>> >>

>> >> Sincerely,

>> >> Dave Hopkins

>> >>

>> >

>> > --

>> > edubuntu-users mailing list

>> > edubuntu-users@lists.ubuntu.com

>> > Modify settings or unsubscribe at:

>> > https://lists.ubuntu.com/mailman/listinfo/edubuntu-users

>> >

>

>





--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 

Thread Tools




All times are GMT. The time now is 08:04 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org