iFolder 3.8 telepítése Debian squeeze rendszerre (de lehet hogy jó ubuntu lucid-hoz is).
Ifolder 3.8 server
Elöljáróban:
A beállítások készítésénél ajánlott komótosan válaszolni a feltett kérdésekre, különben hajlamos FAILED-et adni. Én taktikám minden válasz előtt nagy levegő 2x, s a "rohadj meg" mantra ismétlése volt. :)
Csomagok telepítése:
- aptitude install apache2 mono-apache-server libapache2-mod-mono alien
Szükséges Apache modulok engedélyezése:
- a2enmod ssl
- a2enmod mod_mono
- a2ensite default-ssl
- /etc/init.d/apache2 restart
Teszt (kliensgép böngészőből):
http://ifolderserver.hu/
https://ifolderserver.hu/
iFolder-hez szükséges rmp csomagok letöltése:
- mkdir ifolder.src
- cd ifolder.src/
- wget http://sunet.dl.sourceforge.net/project/ifolder/iFolder%20Server%20Plugi...
- wget http://sunet.dl.sourceforge.net/project/ifolder/iFolder%20Server/3.8.0/1...
- wget http://roxen.integrity.hu/pub/opensuse/distribution/11.3/repo/oss/suse/n...
Deb csomagok elkészítése, telepítése:
- alien --scripts *.rpm
- dpkg -i ifolder3-enterprise_3.8.0.9328.1-4.1_i386.deb
- dpkg -i novell-ifolder-enterprise-plugins_3.8.0.9328.1-4.1_i386.deb
- dpkg -i log4net_1.2.10-59.1_all.deb
Server beállítása:
- /usr/bin/simias-server-setup
SIMIAS SERVER SETUP
This script configures a server installation of Simias to setup a new Simias system.
----- SERVER'S DATA PATH -----
Path to the server's data files
Server's Data Path? [/var/simias/data]:
----- SERVER NAME -----
The name of this server
Server Name? [Host1]: iFolder
----- SSL -----
Select SSL/NONSSL communication for this server. Options
are SSL, NONSSL or BOTH
SSL? [SSL]:
----- PUBLIC URL -----
Public URL of this Simias Server
Public URL? [https://localhost/simias10]: https://ifolderserver.hu/simias10
----- PRIVATE URL -----
Private URL of this Simias Server
Private URL? [https://localhost/simias10]: https://ifolderserver.hu/simias10
----- SLAVE SERVER -----
Install into existing Simias Domain
Slave Server? [N]:
----- SYSTEM NAME -----
A name used to identify the Simias system to users.
System Name? [iFolder]:
----- SYSTEM DESCRIPTION -----
A detailed description of the Simias system for users.
System Description? [iFolder Enterprise System]:
----- USE KEY RECOVERY AGENT -----
Use Key Recovery Agents to recovery the encryption
key if the user forgets the pass-phrase used for encryption?
Use Key Recovery Agent? [Y]:
----- RECOVERY AGENT CERTIFICATE PATH -----
Path to the Recovery agent certificate's.
Recovery Agent Certificate Path? [/var/simias/data]:
----- USE LDAP -----
Use LDAP to provision and authenticate users?
Use LDAP? [Y]: N
----- SYSTEM ADMIN -----
The Simias default administrator. If the system is
configured to use an external identity source, the
distinguished name (dn) should be used.
System Admin? [admin]: iFolderAdmin
System Admin Password? [novell]: novell
----- CONFIGURE APACHE -----
Configure Simias to run behind Apache
Configure Apache? [N]: Y
----- APACHE USER -----
Apache User
Apache User? [wwwrun]: www-data
----- APACHE GROUP -----
Apache Group
Apache Group? [www]: www-data
Working...
Configuring /var/simias/data/simias/Simias.config...
SetupSimias - Done
Configuring /etc/apache2/conf.d/simias.conf...
Done
Configuring User Movement plugin..
Setting up Log4Net file...
Done
Setting up permissions...
Done
SUCCESS
Mono path javítása:
- sed -i 's/apache2\/mod_mono.conf/apache2\/mods-enabled\/mod_mono.conf/g' /etc/apache2/conf.d/simias.conf
- mkdir -p /var/www/.config/.mono/
- chown -R www-data:www-data /var/www/.config/
- /etc/init.d/apache2 restart
iFolder web admin beállítása
- /usr/bin/ifolder-admin-setup
IFOLDER WEB ADMIN SETUP
This script configures a server installation of iFolder Web Admin application. The script is intended for testing purposes only.
----- WEB ALIAS -----
Web Alias for iFolder Web Admin
Web Alias? [/admin]:
----- REQUIRE SSL -----
Require a secure connection between the browsers and
the iFolder Web Admin application
Require SSL? [Y]:
----- REQUIRE SERVER SSL -----
Require a secure connection between the iFolder Server
and the iFolder Web Admin application
Require Server SSL? [Y]:
----- IFOLDER URL -----
The host or ip address of the iFolder server that will
be used by the iFolder Web Admin application
iFolder URL? [https://localhost:443/]: https://ifolderserver.hu:443//ifolder
----- REDIRECT URL -----
Redirect URL for iChain / AccessGateway
Redirect URL? []:
----- APACHE USER -----
Apache User to use for providing permissions
Apache User? [wwwrun]: www-data
----- APACHE GROUP -----
Apache Group to use for providing permissions
Apache Group? [www]: www-data
Working...
Configuring /usr/lib/simias/admin/Web.config...Done
Server DATA PATH is set to : /var/simias/data/simias
Configuring /etc/apache2/conf.d/ifolder_admin.conf...Done
Installing certificate...
----- ACCEPT IFOLDER SERVER CERTIFICATE -----
[Subject]
CN=ifolderserver.hu
[Issuer]
CN=ifolderserver.hu
[Not Before]
11/23/2010 14:50:02
[Not After]
11/20/2020 14:50:02
[Thumbprint]
803EFDACE25BC1848566FA22E5EB5ED0AD8EEF06
Accept iFolder Server Certificate? [Y]: y
Done
SUCCESS
iFolder web beállítása
IFOLDER WEB ACCESS SETUP
This script configures a server installation of iFolder Web Access application. The script is intended for testing purposes only.
----- WEB ALIAS -----
Web Alias for iFolder Web Access
Web Alias? [/ifolder]:
----- REQUIRE SSL -----
Require a secure connection between the browsers and
the iFolder Web Access application
Require SSL? [Y]:
----- REQUIRE SERVER SSL -----
Require a secure connection between the iFolder Server
and the iFolder Web Access application
Require Server SSL? [Y]:
----- IFOLDER URL -----
The host or ip address of the iFolder server that will
be used by the iFolder Web Access application
iFolder URL? [https://localhost:443/]: https://ifolderserver.hu:443/
----- REDIRECT URL -----
Redirect URL for iChain / AccessGateway
Redirect URL? []:
----- APACHE USER -----
Apache User to use for providing permissions
Apache User? [wwwrun]: www-data
----- APACHE GROUP -----
Apache Group to use for providing permissions
Apache Group? [www]: www-data
Working...
Configuring /usr/lib/simias/webaccess/Web.config...Done
Server DATA PATH is set to : /var/simias/data/simias
Configuring /etc/apache2/conf.d/ifolder_web.conf...Done
Installing certificate...
----- ACCEPT IFOLDER SERVER CERTIFICATE -----
[Subject]
CN=ifolderserver.hu
[Issuer]
CN=ifolderserver.hu
[Not Before]
11/23/2010 14:50:02
[Not After]
11/20/2020 14:50:02
[Thumbprint]
803EFDACE25BC1848566FA22E5EB5ED0AD8EEF06
Accept iFolder Server Certificate? [Y]: y
Done
SUCCESS
Végső simítások:
- sed -i 's/apache2\/mod_mono.conf/apache2\/mods-enabled\/mod_mono.conf/g' /etc/apache2/conf.d/ifolder_admin.conf
- sed -i 's/apache2\/mod_mono.conf/apache2\/mods-enabled\/mod_mono.conf/g' /etc/apache2/conf.d/ifolder_web.conf
- /etc/init.d/apache2 restart
Tesztelés, és a szerver beállítása:
Lépjünk be a telepítésnél beállított felhasználó/jelszó párossal, és vegyünk fel legalább 1 teszt user-t.
Ifolder 3.8 kliens
A munka oroszlánrésze szerencsére el van végezve. Igy már csak telepíteni kell repóból.
Apt forrás hozzáadás
- sudo mcedit /etc/apt/sources.list
- sudo apt-key advanced --keyserver wwwkeys.eu.pgp.net --recv-keys ED649F97DE6BFD99
- sudo aptitude update
- sudo aptitude install ifolder3
- ifolder3
deb http://ppa.launchpad.net/marceloshima/ifolder/ubuntu lucid main
Az admin felületen beállított teszt felhasználót álltjuk be.
Webes elérés:
Megjegyzések:
Ha telepítés közben error van általában a libglade2.0-cil és/vagy libgtk2.0-cil reinstall jó esetben aptitude install -f segít(het).
Ebben a repóban van server deb csomag is (ifolder3-enterprise), de az nálam nem muzsikált stabilan.
LDAP auth MS AD
Ez nem működik, :) de ---fixme---.
.....
----- USE LDAP -----
Use LDAP to provision and authenticate users?
Use LDAP? [Y]:
----- LDAP SERVER -----
The host or ip address of an LDAP server. The server
will be searched for users to provision into Simias
and will be used by Simias for authentication.
LDAP Server? [xxx.xxx.xxx.xxx]: 192.168.1.1
----- LDAP SECURE -----
Require a secure connection between the LDAP server
and the Simias server
LDAP Secure? [Y]: n
----- LDAP ADMIN DN -----
An existing LDAP user, used by this script only, to
connect to the LDAP server and create and/or check
required LDAP users for Simias.
LDAP Admin DN? [cn=admin,o=novell]: CN=Admin,OU=Users,DC=example,DC=com
LDAP Admin Password? [novell]: adminpassword
----- SYSTEM ADMIN -----
The Simias default administrator. If the system is
configured to use an external identity source, the
distinguished name (dn) should be used.
System Admin? : CN=iFolder Admin,OU=Users,DC=example,DC=com
System Admin Password? [novell]: passvord
----- LDAP PROXY DN -----
An LDAP user that will be used to provision the users
between Simias and the LDAP server. If this user
does not already exist in the LDAP tree it will be
created and granted read rights at the root of the
tree. The user's dn and password are stored by Simias.
LDAP Proxy DN? : CN=Simias Proxy,OU=Users,DC=example,DC=com
LDAP Proxy Password? [novell]: proxypassword
----- LDAP SEARCH CONTEXT -----
A list of LDAP tree contexts (delimited by '#') that
will be searched for users to provision into Simias.
LDAP Search Context? [o=novell]: OU=Users,DC=example,DC=com
----- NAMING ATTRIBUTE -----
The LDAP attribute you want all users to login using.
I.E. 'cn' or 'email'.
Naming Attribute? [cn]: sAMAccountName
----- CONFIGURE APACHE -----
Configure Simias to run behind Apache
Configure Apache? [N]:
----- LDAP GROUPS PLUGIN -----
Configure Ldap Groups Plugin
Ldap Groups Plugin? [N]:
....
Ezekkel a beállításokkal lefut hiba nélkül a konfig (már amikor :)), de bejelentkezéskor tcpdump-al nem látszik forgalom a DC felé.
- sysadmin's blog
- A hozzászóláshoz belépés szükséges