Client / Server Integration

[Ashley Bye]

I am trying to teach myself how to run a linux server. I don't have a lot of background in IT but am a bit of a hobbyist. A bit of background on the type of system I am trying to setup (similar to that at work in a MS flavour):

- Authenticated logon into Unity (lets assume I am going to be using Ubuntu 14.04 LTS).
- Network home directory.
- Limit what packages can be installed on client machine.
- Mail server with global address list.
- Something similar to SharePoint.
- Network automated install / rebuild of clients.

This list isn't exhaustive, but gives an idea of the types of service I am after. I have a server and client installed in a virtual network and they can talk to each other. I have set up a local domain using bind9 and have followed the Ubuntu Server Guide to installing LDAP. However, I cannot access the server due to public key issues and there is no option to use the server to authenticate logon. Do I perhaps need to use Kerberos for this?

What I would like (in an ideal world is a step by step tutorial on how to set this up) is an idea of what services I need to install, in what order and on what machine (server vs client). I have read a lot of tutorials to try and get this far but they all seem to be slightly different and it's starting to give me a very messy system. The Ubuntu guide is helpful but doesn't seem to give the final detail to get the functionality (but this might be my lack of understanding of what LDAP does).

Can anybody help point me in the right direction?

(And if this needs moving to the Networking forum then please do).

Thanks.

 

[JD P]

There isn't just 1 way to accomplish your list of things. Lots of decisions need to be made.
"Authenticated login"? What sort of authentication do you want? There's a PAM module for many options. You can layer and prioritize it. You can use a yubikey, 2FA, OAuth2, passwords, LDAP, LDAP+Kerberos ... WikiD ... lots of options. Which do you want?

Network home directories will be NFS. Which version do you want. Is kerberos desired? Do you want to use static mounts or automounts?

A mail server doesn't have anything to do with an addressbook in the Unix/Linux world. Addressbooks are often implemented in LDAP and mail servers are usually an MTA and some other program for email clients to communicate via IMAP or POP3.

Sharepoint ... there really isn't anything like it. There are more enterprise solutions like Alfresco and there are more web-centric solutions like drupal, joomla, or others.

Network installs - Cobbler is an option. I use ansible to maintain settings, packages, and force changed settings to stay within policy - DevOps. I've never needed this, so my knowledge is extremely limited.

Don't know of any single step-by-step guide for this stuff. Sorry. In the ubuntu forums (server subforum), there is a new script that was posted a few weeks ago for LDAP+Kerberos and automount HOMEs, I think. Sometimes the Ubuntu guides at help.ubuntu.com are great. In this case, they are not.

 

[ryanvade]

(OLD thread but for reference to new viewers)
https://help.ubuntu.com/community/OpenLDAPServer
http://www.tldp.org/HOWTO/LDAP-HOWTO/
https://wiki.ubuntu.com/LDAPAuthentication

https://landscape.canonical.com

http://dovecot.org

https://owncloud.com/products/enterprise/

https://github.com/pennmanor/FLDT