Navigáció átugrása.
Címlap

iFolder 3.8 telepítése Debian squeeze rendszerre (de lehet hogy jó ubuntu lucid-hoz is).

Ifolder 3.8 server

Elöljáróban:
A beállítások készítésénél ajánlott komótosan válaszolni a feltett kérdésekre, különben hajlamos FAILED-et adni. Én taktikám minden válasz előtt nagy levegő 2x, s a "rohadj meg" mantra ismétlése volt. :)

Csomagok telepítése:

  • aptitude install apache2 mono-apache-server libapache2-mod-mono alien

Szükséges Apache modulok engedélyezése:

  • a2enmod ssl
  • a2enmod mod_mono
  • a2ensite default-ssl
  • /etc/init.d/apache2 restart

Teszt (kliensgép böngészőből):

http://ifolderserver.hu/
https://ifolderserver.hu/

iFolder-hez szükséges rmp csomagok letöltése:

Deb csomagok elkészítése, telepítése:

  • alien --scripts *.rpm
  • dpkg -i ifolder3-enterprise_3.8.0.9328.1-4.1_i386.deb
  • dpkg -i novell-ifolder-enterprise-plugins_3.8.0.9328.1-4.1_i386.deb
  • dpkg -i log4net_1.2.10-59.1_all.deb

Server beállítása:

  • /usr/bin/simias-server-setup


SIMIAS SERVER SETUP

This script configures a server installation of Simias to setup a new Simias system.

----- SERVER'S DATA PATH -----
Path to the server's data files

Server's Data Path? [/var/simias/data]:

----- SERVER NAME -----
The name of this server

Server Name? [Host1]: iFolder

----- SSL -----
Select SSL/NONSSL communication for this server. Options
are SSL, NONSSL or BOTH

SSL? [SSL]:

----- PUBLIC URL -----
Public URL of this Simias Server

Public URL? [https://localhost/simias10]: https://ifolderserver.hu/simias10

----- PRIVATE URL -----
Private URL of this Simias Server

Private URL? [https://localhost/simias10]: https://ifolderserver.hu/simias10

----- SLAVE SERVER -----
Install into existing Simias Domain

Slave Server? [N]:

----- SYSTEM NAME -----
A name used to identify the Simias system to users.

System Name? [iFolder]:

----- SYSTEM DESCRIPTION -----
A detailed description of the Simias system for users.

System Description? [iFolder Enterprise System]:

----- USE KEY RECOVERY AGENT -----
Use Key Recovery Agents to recovery the encryption
key if the user forgets the pass-phrase used for encryption?

Use Key Recovery Agent? [Y]:

----- RECOVERY AGENT CERTIFICATE PATH -----
Path to the Recovery agent certificate's.

Recovery Agent Certificate Path? [/var/simias/data]:

----- USE LDAP -----
Use LDAP to provision and authenticate users?

Use LDAP? [Y]: N

----- SYSTEM ADMIN -----
The Simias default administrator. If the system is
configured to use an external identity source, the
distinguished name (dn) should be used.

System Admin? [admin]: iFolderAdmin
System Admin Password? [novell]: novell

----- CONFIGURE APACHE -----
Configure Simias to run behind Apache

Configure Apache? [N]: Y

----- APACHE USER -----
Apache User

Apache User? [wwwrun]: www-data

----- APACHE GROUP -----
Apache Group

Apache Group? [www]: www-data

Working...

Configuring /var/simias/data/simias/Simias.config...
SetupSimias - Done
Configuring /etc/apache2/conf.d/simias.conf...
Done
Configuring User Movement plugin..

Setting up Log4Net file...
Done
Setting up permissions...
Done

SUCCESS

Mono path javítása:

  • sed -i 's/apache2\/mod_mono.conf/apache2\/mods-enabled\/mod_mono.conf/g' /etc/apache2/conf.d/simias.conf
  • mkdir -p /var/www/.config/.mono/
  • chown -R www-data:www-data /var/www/.config/
  • /etc/init.d/apache2 restart

iFolder web admin beállítása

  • /usr/bin/ifolder-admin-setup


IFOLDER WEB ADMIN SETUP

This script configures a server installation of iFolder Web Admin application. The script is intended for testing purposes only.

----- WEB ALIAS -----
Web Alias for iFolder Web Admin

Web Alias? [/admin]:

----- REQUIRE SSL -----
Require a secure connection between the browsers and
the iFolder Web Admin application

Require SSL? [Y]:

----- REQUIRE SERVER SSL -----
Require a secure connection between the iFolder Server
and the iFolder Web Admin application

Require Server SSL? [Y]:

----- IFOLDER URL -----
The host or ip address of the iFolder server that will
be used by the iFolder Web Admin application

iFolder URL? [https://localhost:443/]: https://ifolderserver.hu:443//ifolder

----- REDIRECT URL -----
Redirect URL for iChain / AccessGateway

Redirect URL? []:

----- APACHE USER -----
Apache User to use for providing permissions

Apache User? [wwwrun]: www-data

----- APACHE GROUP -----
Apache Group to use for providing permissions

Apache Group? [www]: www-data

Working...

Configuring /usr/lib/simias/admin/Web.config...Done
Server DATA PATH is set to : /var/simias/data/simias
Configuring /etc/apache2/conf.d/ifolder_admin.conf...Done
Installing certificate...
----- ACCEPT IFOLDER SERVER CERTIFICATE -----
[Subject]

CN=ifolderserver.hu

[Issuer]

CN=ifolderserver.hu

[Not Before]

11/23/2010 14:50:02

[Not After]

11/20/2020 14:50:02

[Thumbprint]

803EFDACE25BC1848566FA22E5EB5ED0AD8EEF06

Accept iFolder Server Certificate? [Y]: y
Done

SUCCESS

iFolder web beállítása


IFOLDER WEB ACCESS SETUP

This script configures a server installation of iFolder Web Access application. The script is intended for testing purposes only.

----- WEB ALIAS -----
Web Alias for iFolder Web Access

Web Alias? [/ifolder]:
----- REQUIRE SSL -----
Require a secure connection between the browsers and
the iFolder Web Access application

Require SSL? [Y]:

----- REQUIRE SERVER SSL -----
Require a secure connection between the iFolder Server
and the iFolder Web Access application

Require Server SSL? [Y]:
----- IFOLDER URL -----
The host or ip address of the iFolder server that will
be used by the iFolder Web Access application

iFolder URL? [https://localhost:443/]: https://ifolderserver.hu:443/

----- REDIRECT URL -----
Redirect URL for iChain / AccessGateway

Redirect URL? []:

----- APACHE USER -----
Apache User to use for providing permissions

Apache User? [wwwrun]: www-data

----- APACHE GROUP -----
Apache Group to use for providing permissions

Apache Group? [www]: www-data

Working...

Configuring /usr/lib/simias/webaccess/Web.config...Done
Server DATA PATH is set to : /var/simias/data/simias
Configuring /etc/apache2/conf.d/ifolder_web.conf...Done
Installing certificate...
----- ACCEPT IFOLDER SERVER CERTIFICATE -----
[Subject]

CN=ifolderserver.hu

[Issuer]

CN=ifolderserver.hu

[Not Before]

11/23/2010 14:50:02

[Not After]

11/20/2020 14:50:02

[Thumbprint]

803EFDACE25BC1848566FA22E5EB5ED0AD8EEF06

Accept iFolder Server Certificate? [Y]: y
Done

SUCCESS

Végső simítások:

  • sed -i 's/apache2\/mod_mono.conf/apache2\/mods-enabled\/mod_mono.conf/g' /etc/apache2/conf.d/ifolder_admin.conf
  • sed -i 's/apache2\/mod_mono.conf/apache2\/mods-enabled\/mod_mono.conf/g' /etc/apache2/conf.d/ifolder_web.conf
  • /etc/init.d/apache2 restart

Tesztelés, és a szerver beállítása:

Lépjünk be a telepítésnél beállított felhasználó/jelszó párossal, és vegyünk fel legalább 1 teszt user-t.

Ifolder 3.8 kliens

A munka oroszlánrésze szerencsére el van végezve. Igy már csak telepíteni kell repóból.

Apt forrás hozzáadás

Az admin felületen beállított teszt felhasználót álltjuk be.

Webes elérés:

Megjegyzések:
Ha telepítés közben error van általában a libglade2.0-cil és/vagy libgtk2.0-cil reinstall jó esetben aptitude install -f segít(het).
Ebben a repóban van server deb csomag is (ifolder3-enterprise), de az nálam nem muzsikált stabilan.

LDAP auth MS AD


Ez nem működik, :) de ---fixme---.

.....

----- USE LDAP -----
Use LDAP to provision and authenticate users?

Use LDAP? [Y]:

----- LDAP SERVER -----
The host or ip address of an LDAP server. The server
will be searched for users to provision into Simias
and will be used by Simias for authentication.

LDAP Server? [xxx.xxx.xxx.xxx]: 192.168.1.1

----- LDAP SECURE -----
Require a secure connection between the LDAP server
and the Simias server

LDAP Secure? [Y]: n

----- LDAP ADMIN DN -----
An existing LDAP user, used by this script only, to
connect to the LDAP server and create and/or check
required LDAP users for Simias.

LDAP Admin DN? [cn=admin,o=novell]: CN=Admin,OU=Users,DC=example,DC=com
LDAP Admin Password? [novell]: adminpassword

----- SYSTEM ADMIN -----
The Simias default administrator. If the system is
configured to use an external identity source, the
distinguished name (dn) should be used.

System Admin? : CN=iFolder Admin,OU=Users,DC=example,DC=com
System Admin Password? [novell]: passvord

----- LDAP PROXY DN -----
An LDAP user that will be used to provision the users
between Simias and the LDAP server. If this user
does not already exist in the LDAP tree it will be
created and granted read rights at the root of the
tree. The user's dn and password are stored by Simias.

LDAP Proxy DN? : CN=Simias Proxy,OU=Users,DC=example,DC=com
LDAP Proxy Password? [novell]: proxypassword

----- LDAP SEARCH CONTEXT -----
A list of LDAP tree contexts (delimited by '#') that
will be searched for users to provision into Simias.

LDAP Search Context? [o=novell]: OU=Users,DC=example,DC=com

----- NAMING ATTRIBUTE -----
The LDAP attribute you want all users to login using.
I.E. 'cn' or 'email'.

Naming Attribute? [cn]: sAMAccountName

----- CONFIGURE APACHE -----
Configure Simias to run behind Apache

Configure Apache? [N]:

----- LDAP GROUPS PLUGIN -----
Configure Ldap Groups Plugin

Ldap Groups Plugin? [N]:

....

Ezekkel a beállításokkal lefut hiba nélkül a konfig (már amikor :)), de bejelentkezéskor tcpdump-al nem látszik forgalom a DC felé.