/srv/irclogs.ubuntu.com/2007/06/24/#edubuntu.txt

=== Kalle [n=Kalle@157.230.95.91.static.ter-blg.siw.siwnet.net] has joined #Edubuntu
=== jack_wyt [n=jack@124.64.105.110] has joined #edubuntu
=== merriam [n=merriam@85-211-239-240.dyn.gotadsl.co.uk] has joined #edubuntu
=== effie_jayx [n=valles@ubuntu/member/effie-jayx] has joined #edubuntu
=== andrupal [n=chatzill@user-12ld7dv.cable.mindspring.com] has joined #edubuntu
andrupal	anyone around who can provide some guidance through a fresh LDAP installation? I've been getting stuck and falling down rabbit holes in poorly written tutorials for the past week...I need a samba client authentication setup that will work with thin, thick and windows clients.	03:14
Burgundavia	hello again	03:15
andrupal	Howdy...perfect, it's you!	03:15
Burgundavia	alright	03:15
andrupal	I've got a clean server install, and have just done apt-get install slapd	03:16
Burgundavia	ok	03:17
andrupal	I began editing slapd.conf, changing the with the dc info	03:17
Burgundavia	did debconf not ask you for basic information?	03:18
Burgundavia	sudo dpkg-reconfigure slapd	03:18
Burgundavia	try that	03:18
andrupal	OK...I'm not omitting, Q1, correct?	03:19
Burgundavia	q1?	03:19
andrupal	It asks "Omit OpenLDAP server configuration?" I'm replying No	03:19
Burgundavia	yes	03:19
Burgundavia	no is the correct answer	03:20
Burgundavia	geez, I need to setup this myself	03:20
Burgundavia	it has been so long	03:20
andrupal	it asks for DNS domain name and automatically fills in earthlink.net, my ISP...I assume I should change this to something else...in previous installs I've been using "example.net" since this is just a test server.	03:21
Burgundavia	no, leave that	03:22
andrupal	leave earthlink.net it says it will use this to construct the base DN of the LDAP directory. I want this called earthlink.net?	03:23
andrupal	Hundreds of thousands of new yorkers have earthlink.net as their ISP...it seems odd to use this as my LDAP base DN...	03:25
Burgundavia	no	03:29
Burgundavia	let me run through the questions on my machine	03:29
andrupal	It asks which database backend to use: BDB or HDB ...BDB is what I have done on previous installs. Ok I'll let you catch up. I recognize this is detailed stuff.	03:30
Burgundavia	right, ok	03:31
Burgundavia	so for the dns one, fill in example.net	03:31
Burgundavia	for the org, fill in example	03:31
andrupal	how can I go back?	03:31
andrupal	I just ran dpkg again...	03:32
Burgundavia	run it again	03:33
andrupal	Do I want the database to be removed when purged? I'm saying yes, for now...	03:33
andrupal	ALlow LDAPvs protocol. I've said no in previous installs...	03:34
Burgundavia	say no	03:34
Burgundavia	ldap v2 is dead	03:34
andrupal	Unfortunately the first config process seems to have created a backup that prevents the old database from being moved...the process says "giving up"	03:35
andrupal	Shall I delete the file that's getting in the way?	03:35
Burgundavia	yep	03:36
Burgundavia	you should now be up and running	03:38
andrupal	rm -r removes a directory, no?	03:38
Burgundavia	yes, but you should be very careful	03:39
Burgundavia	might be better to purge slapd	03:39
andrupal	how again? apt-get purge slapd	03:39
andrupal	?	03:39
Burgundavia	--purge remove	03:40
andrupal	same problem...old backup exists...process gives up	03:43
=== gnomefreak is now known as buttons
Burgundavia	huh?	03:45
andrupal	Ok I removed the directory that was giving the error and dpkg runs fine, with successful output	03:45
Burgundavia	ok	03:45
andrupal	slaptest succeeds	03:45
andrupal	I've gotten this far before, however...we're not to the hard stuff yet.	03:46
Burgundavia	well, now all you need to do is populate it	03:46
andrupal	Ok how is this done?	03:47
Burgundavia	ldap uses what is called an ldif file	03:47
Burgundavia	https://help.ubuntu.com/community/OpenLDAPServer	03:47
Burgundavia	I would just create one account via a text file as per that page and then slapadd it	03:47
andrupal	I should use the dummy file provided?	03:48
andrupal	OK I just used the dummy file and saved as init.ldif on my desktop	03:50
=== buttons is now known as gnomefreak
andrupal	Shall I follow the instructions that follow the init.ldif file provided on the link you provided?	03:51
Burgundavia	no, that is too much	03:51
Burgundavia	just create a single user	03:51
andrupal	So delete everything except one entry that has "ou=people" in it?	03:52
Burgundavia	no, you need to add a single person	03:53
Burgundavia	a person starts with the line:	03:53
Burgundavia	dn: uid=lionel,ou=people,dc=example,dc=com	03:53
andrupal	OK...so I'm deleting everything except this part of the ldif file.	03:54
Burgundavia	sorry, have to run	03:54
Burgundavia	look at how the ldif file is constructed and make a similar file	03:54
andrupal	OK no problem...I'll continue with this tutorial...Thanks for your help!	03:55
=== jinty [n=jinty@25.Red-83-56-154.dynamicIP.rima-tde.net] has joined #edubuntu
Burgundavia	don;t follow that wiki page exactly	03:56
Burgundavia	after you have added somebody, try and setup a client to auth against the ldap server	03:56
andrupal	The client needs configuration as well...no? Can you point to reliable documentation on this?	03:57
andrupal	I'm getting an error using slapadd...value of naming attribute 'uid' is not present in entry. The init.ldif file has a uid, however...	04:02
andrupal	ldapsearch returns ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)	04:09
=== superseth [n=smarinel@adsl-75-15-114-199.dsl.snlo01.sbcglobal.net] has joined #edubuntu
andrupal	ldapsearch returns "ldap_bind: Can't contact LDAP server (-1)" error...help anyone	04:17
sbalneav	Big topic you need help with there.	04:18
sbalneav	How about you tell me a little about what you've got set up?	04:19
andrupal	Just went through a clean server install, clean slapd install. Ran dpkg. Attempted to populate using an ldif file...can't search LDAP	04:20
andrupal	slaptest succeeds	04:21
andrupal	tutorials all say different things about how to approach setup...I was following Burgundavia's lead but he had to go...	04:22
sbalneav	what does your /etc/ldap/ldap.conf file look like?	04:22
sbalneav	Paste it to the pastebin	04:23
andrupal	Where's the pastebin?	04:23
sbalneav	!pastebin	04:23
ubotu	pastebin is a service to post large texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the #ubuntu channel topic)	04:23
=== jack_wyt [n=jack@124.64.105.110] has joined #edubuntu
andrupal	Ok see http://paste.ubuntu-nl.org/26960/	04:25
sbalneav	that's the slapd.conf	04:26
andrupal	woops.	04:26
sbalneav	It's ok, we'll need it too :)	04:27
andrupal	Ok see http://paste.ubuntu-nl.org/26961/	04:28
andrupal	I'm now seeing that example.com is an error...this should be example.net to match slapd.conf, no?	04:28
sbalneav	Should be NEITHER example.com or example.net.	04:29
sbalneav	Should be YOUR domain name :)	04:29
andrupal	Yes, in this case I'm running a test server, example.net	04:29
sbalneav	You're talking the rootdn?	04:30
andrupal	I guess...I've been consistently using example.net throughout LDAP setup...the machine name is UBUNTU, however...that's not the issue though, right?	04:30
sbalneav	In your ldap.conf, what's your URI set to?	04:31
andrupal	It was ldap://ldap.example.com ldap://ldap-master.example.com:666	04:32
andrupal	now com = net	04:32
sbalneav	That's going to try to contact the host ldap.example.com	04:32
andrupal	so I should take our ldap	04:32
andrupal	out	04:32
sbalneav	Where's the ldap server running, on the same machine?	04:34
andrupal	Yes	04:34
sbalneav	If so, you'll probably want a URI like ldap://localhost	04:34
andrupal	why are there two entries?	04:35
andrupal	should I remove the 2nd, with port?	04:35
sbalneav	Failover. If you have multiple ldap servers for redundancy, it will try one, then the other.	04:35
sbalneav	yes	04:36
sbalneav	since you've only got one ldap server	04:36
andrupal	Ok with changes I'm still getting ldap_bind: Can't contact server (-1)	04:37
sbalneav	you still haven't actually pasted your ldap.conf file to the pastebin.	04:38
sbalneav	Oh, wait	04:39
sbalneav	you did, missed it.	04:39
andrupal	It's different now...	04:39
sbalneav	They still got the # in front of URI and BASE?	04:39
andrupal	Snikes!	04:40
andrupal	Ok removed #	04:41
sbalneav	That should help somewhat	04:41
andrupal	;)	04:41
andrupal	still getting the error	04:43
andrupal	does slapd.conf need my password?	04:43
sbalneav	Can't contact server means it isn't even getting connected	04:43
sbalneav	Is slapd running?	04:44
sbalneav	ps -ef \| grep slapd	04:44
sbalneav	should have probably 4 of them	04:44
=== Knightlust [n=Dax@ubuntu/member/knightlust] has joined #edubuntu
andrupal	it outputs root 12445 9398 0 22:44 pts/0 00:00:00 grep slapd	04:45
sbalneav	So, your slapd isn't running	04:46
andrupal	Yet I get no errors when I start it?	04:47
sbalneav	how are you starting it?	04:47
LaserJock	sbalneav: so what did you do to fix nbd?	04:47
sbalneav	LaserJock: Turned out to be easier than I thought.	04:47
sbalneav	it's prolly a 4 line patch.	04:48
LaserJock	oh, nice	04:48
sbalneav	What's the BEST way to produce a patch to send to you?	04:48
LaserJock	sbalneav: debdiff is nice	04:48
sbalneav	Keeping in mind that I'm good at coding, but NOT good at packaging things, how would I go about doing that?	04:49
sbalneav	:)	04:49
LaserJock	heh	04:49
sbalneav	I'm sure my motu-and-main-friend can gimme a quick pointer :)	04:50
sbalneav	andrupal: How are you starting slapd?	04:50
andrupal	using init.d	04:51
sbalneav	Try this:	04:51
sbalneav	invoke-rc.d slapd start	04:51
LaserJock	sbalneav: quick version: get source packge, make changes, add changelog entry with dch -i, then debuild -S to create new source package	04:52
sbalneav	ok	04:52
LaserJock	version should be 1:2.9.3-3ubuntu1 and gutsy the release in the changelog	04:52
LaserJock	I gotta run an errand	04:52
LaserJock	I'll be back in a little bit	04:52
andrupal	sbalneav: tried it, no difference in grep results	04:53
sbalneav	LaserJock: ok	04:54
sbalneav	ping me	04:54
sbalneav	andrupal: ok, so, something's not kosher with your slapd setup.	04:54
sbalneav	First, go have a look in either /var/log/messages, or /var/log/daemon.log	04:54
sbalneav	if slapd's unhappy with something, it should be in there.	04:55
andrupal	neither log shows anything recent...	04:56
andrupal	should I purge and reinstall slapd?	04:58
=== effie_jayx [n=valles@ubuntu/member/effie-jayx] has joined #edubuntu
sbalneav	No	04:59
sbalneav	Hmm	04:59
sbalneav	take a look in /var/log/syslog	04:59
andrupal	Ok there it is...	04:59
andrupal	Hang on...I need to log into chat on the same machine...	05:00
=== andrew____ [n=chatzill@user-12ld7dv.cable.mindspring.com] has joined #edubuntu
andrew____	Andrew is same as andrupal	05:02
andrew____	Here's the log message: Jun 23 22:51:55 ubuntu slapd[12665] : @(#) $OpenLDAP: slapd 2.3.30 (Dec 13 2006 15:54:43) $ ^Ibuildd@palmer:/build/buildd/openldap2.3-2.3.30/debian/build/servers/slapd	05:03
andrew____	Nothing else shows up relevant to ldap	05:03
sbalneav	anything in /var/lib/ldap?	05:06
andrupal	it's a directory full of files	05:07
sbalneav	Did you do an initial slapadd?	05:10
andrupal	Yes, using an ldiff file..I think some of them took, though there were errors...	05:10
sbalneav	ok	05:12
sbalneav	blow away everything in /var/lib/ldap	05:12
sbalneav	re-run the slapadd	05:12
sbalneav	and paste me the errors you get.	05:12
Burgundavia	yay for ldap	05:13
andrew____	#/etc/ldap/slapd.conf: line 102: rootdn is always granted unlimited privileges.	05:16
andrew____	#/etc/ldap/slapd.conf: line 119: rootdn is always granted unlimited privileges.	05:16
andrew____	#Error, entries missing!	05:16
andrew____	# entry 1: dc=example,dc=net	05:16
andrupal	Ok fixed slapd.conf	05:18
sbalneav	Hmmm, big thunderstorm going on here.	05:18
sbalneav	If I drop offline, that's what it is.	05:18
andrew____	see http://paste.ubuntu-nl.org/26966/ for new errors	05:19
andrew____	OK having deleted all from /var/lib/ldap, the only error I get is Error, entries missing!	05:22
andrew____	entry 1: dc=example,dc=net	05:22
sbalneav	You have to re-blow away everything in /var/lib/ldap again	05:24
andrupal	OK I got ldapadd to run without error...now an ldapsearch for one of these users yeilds same ldap_bind: Can't contact LDAP server	05:24
sbalneav	is slapd running?	05:25
andrupal	No, grep gives same as before	05:25
sbalneav	Have you tried to re-start it?	05:26
andrupal	just did	05:26
sbalneav	So, it's still not running.	05:26
sbalneav	until you get that fixed, ldap search is not going to work	05:26
andrupal	no...but also no error upon restart	05:27
sbalneav	What's in /etc/default/slapd?	05:27
andrew____	See http://paste.ubuntu-nl.org/26967/	05:28
sbalneav	Do this: which slapd	05:31
andrew____	returns # /usr/sbin/slapd	05:32
sbalneav	k	05:32
sbalneav	/usr/sbin/slapd	05:32
sbalneav	we'll run it directly from the command line	05:32
sbalneav	What does that do?	05:32
andrew____	root 13972 1 0 23:33 ? 00:00:00 /usr/sbin/slapd	05:33
andrew____	root 13977 9398 0 23:33 pts/0 00:00:00 grep slapd	05:33
sbalneav	ok	05:33
andrew____	is what grep returns	05:34
sbalneav	so, now you got a running slapd	05:34
andrew____	whew...what a grunt.	05:34
sbalneav	Lets leave the fact that there's something wrong with your init script	05:34
sbalneav	and see if your ldapsearch runs now	05:34
andrew____	yippee...searching my name gives me back my info!	05:35
sbalneav	Well, we've still got the problem of why your slapd isn't working	05:35
sbalneav	properly	05:35
andrew____	(aside: Is there something wrong only with MY init script, or is this a bug, perhaps...? )	05:36
andrew____	Now what?	05:36
sbalneav	I doubt it's a but	05:36
sbalneav	bug	05:36
sbalneav	probably a step that got missed somewhere	05:36
sbalneav	lets do this	05:36
sbalneav	pkill slapd	05:36
sbalneav	then edit /etc/default/slapd	05:37
sbalneav	edit the line that says: SLAPD_USER="openldap"	05:37
sbalneav	make it look like:	05:37
sbalneav	SLAPD_USER=""	05:37
sbalneav	then lets see if you can start it with invoke-rc.d slapd start	05:37
andrew____	ok, done	05:38
andrew____	grep gives	05:38
andrew____	root 14126 1 0 23:38 ? 00:00:00 /usr/sbin/slapd -g openldap	05:38
andrew____	root 14137 9398 0 23:38 pts/0 00:00:00 grep slapd	05:38
sbalneav	try your ldapsearch now	05:39
andrew____	works	05:39
sbalneav	ok	05:39
sbalneav	congrats, you're working	05:39
andrew____	!!	05:39
andrew____	This is a huge help...as far as a roadmap for setting up samba, I've seen a few tutorials around...does Ubuntu have anything worth following?	05:40
sbalneav	Off the top of my head, I dont know	05:41
sbalneav	Google is your friend.	05:41
andrew____	Yes...I thought so...but then I spent a week following tutorials that didn't work	05:42
sbalneav	There's lots of good info out there, but every ldap setup's slightly different.	05:42
sbalneav	There's no "do this and everything will work" tutorial out there, that I've ever seen.	05:43
sbalneav	Single sign-on's a big, complicated topic :()	05:43
andrew____	Yes...it doesn't help that I'm totally new to Linux...a bit kamikaze...I'm fumbling around in the dark and learning quite a lot as I go...but not gracefully!	05:43
sbalneav	You're doing thin client as well?	05:44
andrew____	That's the hope. I've had that working on its own...but I'll need to authenticate it against LDAP	05:44
sbalneav	So, lemme get this straight, you're new to linux, and decided to pick arguably the two most COMPLICATED end user tasks, thin client and ldap, to do first? :)	05:45
sbalneav	Dude, run it as a desktop for a few months, at least, get your feet wet :)	05:46
sbalneav	No rush, we'll still be here :)	05:46
andrew____	That's what the job calls for...it's a school network and I've got to make some decisions about whether to really try going for Open Source or stick to the safety of Windows GUIs	05:46
andrew____	This is a big test to see how feasible it all is...I'm taking the summer to backtrack and really learn what the hell I'm doing...	05:48
sbalneav	I converted my organization 7 years ago to Linux on the desktop. Trust me, it's feasible :)	05:48
sbalneav	We use ldap	05:49
sbalneav	Do you have Active Directory now?	05:49
Burgundavia	ldap has a nasty learning curve	05:49
sbalneav	it does	05:49
andrew____	No infrastructure at all...actually. We're just starting up.	05:49
Burgundavia	where do you live?	05:50
sbalneav	Ah, well then, if you're just starting up, and don't have any windows boxen, then you won't need samba	05:50
sbalneav	How many desktops are you planning on supporting?	05:50
andrew____	45 thin clients, 15 laptops, 10 desktops	05:51
andrew____	I'm inside the NYCDOE and the larger network is Windows centric...we can't even buy machines without it pre-installed!	05:51
sbalneav	Well, for thin clients, you won't need to buy new	05:52
sbalneav	Betcha the school division has a "used computer" reclaimation centre?	05:52
andrew____	we've already got some great Optiplex G270s being donated by Columbia...	05:53
sbalneav	What are they, pentium II's?	05:53
andrew____	Pentium 4! Is this a waste of a machine?	05:53
sbalneav	Um, yeah :)	05:54
sbalneav	I got 165 desktops that are 500mhz celeron-equiv	05:54
andrew____	So we should run these as thick clients instead?	05:54
sbalneav	they're via edens.	05:54
sbalneav	Well, if that's what you got, they'll make great thin clients. The REAL savings with a thin client's in the lack of management.	05:55
sbalneav	But you can get away with a lot less.	05:55
sbalneav	Anything Pentium II 600 or better is going to do great.	05:55
andrew____	Yes, that was the draw for me...that and the centralized desktop control in the classroom...being a teacher.	05:56
andrew____	These puppies even have gigabit ethernet.	05:56
sbalneav	I guess what I'm saying is, if it's a case of getting 20 of the P4's or a 100 of a PII, go for the 100 :)	05:57
andrew____	Right...I don't think we have those choices...but I love the idea of working with students to refurbish and recycle old machines.	05:57
sbalneav	LaserJock: back from your errand?	05:57
andrew____	this is a math, science, and eng school.	05:57
sbalneav	Ah, lots of good stuff for you then. What the heck's the name of the OSS program that's like Mathematica? Hmmm.	05:58
sbalneav	There's also a GNU stats pack program	05:58
andrew____	I'll keep poking around...I've been playing with much of the ed freeware, and thus far it seems kind of hit or miss...to be expected I guess. I'm interested in TI Labview but they make you pay gads for it, even the Linux version...	06:00
andrew____	I need to go to bed, but I thank you profusely for your help...great to have this channel! Will definitely be back..hopefully I'll help another...far in the future.	06:01
sbalneav	No problem.	06:02
andrew____	Cheers!	06:02
sbalneav	You'll find me here and in #ltsp	06:02
sbalneav	cheers	06:02
=== andrew____ [n=chatzill@user-12ld7dv.cable.mindspring.com] has left #edubuntu []
=== sbalneav [n=sbalneav@S0106000b6a5631f9.wp.shawcable.net] has joined #edubuntu
LaserJock	sbalneav: I am for a sec	06:37
sbalneav	hey hey	06:37
LaserJock	were you able to get a debdiff	06:38
sbalneav	ok, I did the debbuild -uc -us -S	06:38
LaserJock	k	06:38
sbalneav	What next	06:38
LaserJock	debuild <oldpackage>.dsc <newpackage>.dsc	06:39
LaserJock	sorry, debdiff	06:39
sbalneav	Puuurty	06:40
sbalneav	Mail that to you?	06:40
LaserJock	yep	06:41
sbalneav	addy?	06:41
LaserJock	mantha at ubuntu.com	06:41
LaserJock	brb	06:41
sbalneav	sent	06:44
Burgundavia	http://education.zdnet.com/?p=1118	06:52
sbalneav	Well, it's been a long day weeding the garden, and fixing nbd	07:00
sbalneav	night all	07:00
LaserJock	bah, just missed him	07:02
Burgundavia	hmm, Userful finally turned off my email and remote access	07:03
LaserJock	Burgundavia: what do you make of that zdnet article?	07:04
Burgundavia	somebody got sucked in to test stuff	07:04
Burgundavia	nothing much	07:04
=== Knightlust [n=Dax@ubuntu/member/knightlust] has joined #edubuntu
=== jbrefort [n=jean@pot44-1-88-172-65-1.fbx.proxad.net] has joined #edubuntu
=== Burgundavia [n=corey@ubuntu/member/burgundavia] has joined #edubuntu
=== jsgotangco [n=jsg123@ubuntu/member/jsgotangco] has joined #edubuntu
=== sc0tt_ [n=sc0tt@cpc1-stok5-0-0-cust150.bagu.cable.ntl.com] has joined #edubuntu
=== sc0tt_ is now known as sc0tt
=== jinty [n=jinty@25.Red-83-56-154.dynamicIP.rima-tde.net] has joined #edubuntu
=== Castigador [n=Alfredo@88.Red-80-38-9.staticIP.rima-tde.net] has joined #edubuntu
=== juliux [n=juliux@ubuntu/member/juliux] has joined #edubuntu
=== ludoRA [n=Ludovic@121.10.101-84.rev.gaoland.net] has joined #Edubuntu
=== bdoin [n=coudoin@home.gcompris.net] has joined #edubuntu
=== effie_jayx [n=valles@ubuntu/member/effie-jayx] has joined #edubuntu
=== effie_jayx [n=valles@ubuntu/member/effie-jayx] has joined #edubuntu
=== pauljw [n=paul@pool181.dial1-clec.newalb.win.net] has joined #edubuntu
=== pauljw [n=paul@pool181.dial1-clec.newalb.win.net] has joined #edubuntu
=== ogra_ smiles http://people.ubuntu.com/~ogra/ltspfs-hal-root.png
=== ogra_ is now known as ogra
=== sbalneav [n=sbalneav@S0106000b6a5631f9.wp.shawcable.net] has joined #edubuntu
sbalneav	Morning	04:54
sbalneav	ogra: ping	04:54
ogra	http://people.ubuntu.com/~ogra/ltspfs-hal-root.png	04:54
ogra	sbalneav, hey hey :)	04:54
ogra	any news on the nbd front ?	04:54
sbalneav	Fixed	04:54
ogra	really ?? o_O	04:55
ogra	woah	04:55
sbalneav	Sent off a debdiff to LaserJock last night	04:55
=== Mez [n=Mez@ubuntu/member/mez] has joined #edubuntu
sbalneav	But I forgot something	04:55
ogra	hmm, no upload	04:55
sbalneav	In nbdrootd	04:55
sbalneav	you need to change the nbd-server line to:	04:55
ogra	thats ltsp side	04:55
sbalneav	right	04:55
sbalneav	nbd-server 0 $1 -C /dev/null > /dev/null 2>&1	04:56
sbalneav	the -C /dev/null is to give it an empty config file	04:56
=== happywithed [n=administ@210.81.218.130] has joined #edubuntu
sbalneav	the redirect to /dev/null's because then it barfs out a glib "WARNING: empty config file bla blah"	04:57
happywithed	Hello there	04:57
sbalneav	since inetd just uses socket 0 (stdin) and internally, the program closes stdou, and stderr, you can just ignore the warings.	04:58
sbalneav	that fixes the problem.	04:58
sbalneav	And Wouter's off my christmas card list this year :)	04:58
happywithed	Is it possible to connect an edubuntu desktop with the NFS and LDAP installed in the classroom server?	04:59
sbalneav	Yes	04:59
sbalneav	ogra: Cool on the hal! What'd you have to do for that?	05:00
ogra	sbalneav, well, if he adds it upstream you can add him back ;)	05:00
ogra	sbalneav, http://paste.ubuntu-nl.org/27019/	05:00
happywithed	I have a classroom setup with 15 light clients, but would like to connect an additional edubuntu desktop	05:00
happywithed	sbalneav: how do I do that?	05:00
happywithed	I am running Feisty Fawn on both the classroom server and the desktop	05:01
ogra	sbalneav, if hal wouldnt be so ugly to have on clients, we could just punt the output of lshal from the client through the tunnel into the servers hal ... and omit the /dev and sysfs entries, that way we have access to all info	05:02
sbalneav	happywithed: https://help.ubuntu.com/community/LDAPClientAuthentication should get you started	05:02
sbalneav	ogra: Yeah, we'll need to properly get HAL going on the clients eventually.	05:03
ogra	thats no prob	05:03
ogra	just install it :)	05:03
happywithed	sbalneav: thanks, I'll check it out. How about the NFS? Any pointers there?	05:03
ogra	with the unionfs it will run like a charm	05:03
ogra	but its eating ram :/	05:03
sbalneav	happywithed: Google is your friend. Add you /home dir to /etc/exports on the server, then an fstab entry on the "client" to mount it.	05:04
sbalneav	I'm pretty happy with the nbd thing.	05:04
ogra	its tempting to be able to just move all info 1:1 into the sessions hal...	05:04
sbalneav	yeah	05:05
happywithed	sbalneav: thanks	05:05
sbalneav	Hopefully, we should be able to make tribe 2	05:06
ogra	sbalneav, so why hasnt the debdiff been uploaded ?	05:06
sbalneav	Dunno, I sent it to LaserJock late last night	05:07
sbalneav	want me to send it to you now?	05:07
ogra	yeah	05:07
ogra	we need it fixed for the tribe cd	05:07
sbalneav	k	05:07
happywithed	BTW, is it possible to completely take out the LDAP server from the Classroom client to place it in its own dedicated physical server? That way I can use the LDAP server for other classrooms.	05:07
sbalneav	gimme 2 seconds	05:07
ogra	freeze is ahead, i dont want to have endless discussions about the patch because i upload during a freeze...	05:08
sbalneav	happywithed: have a separate sever for ldap? Easy enough, but with only a few clients, ldap's not going to overload anything	05:08
=== sbalneav_ [n=sbalneav@S0106000b6a5631f9.wp.shawcable.net] has joined #edubuntu
stgraber	ogra: when is the freeze ? Monday, Tuesday ?	05:10
happywithed	sbalneav: Yes, you are right, but my server is not powerful enough to handle another classroom. So I am going to setup another server for the second classroom and would like both servers to share the same LDAP server.	05:10
ogra	Monday i think	05:10
sbalneav_	Evil me	05:10
stgraber	I also think so as henrik asked me to have a working tracker by Monday :)	05:10
ogra	we should see that we have the big chunk of chages in before ..	05:10
ogra	small changes to fix bugs we find are no problem during freezes	05:11
ogra	but adding 500 lines or so is a prob	05:11
sbalneav_	Sorry, that line should be:	05:11
sbalneav_	/bin/nbd-server 0 $1 -r -C /dev/null > /dev/null 2>&1	05:11
ogra	yep	05:11
sbalneav	forgot the -r	05:12
ogra	i understand ... i already changed it locally while trying to get 2.9 running	05:12
ogra	indeed it didnt help :)	05:12
sbalneav	Check your mail there, ogra	05:12
stgraber	sbalneav: Mind sending me a copy of the debdiff ? so I can play with it here :)	05:13
ogra	err	05:13
ogra	thats all ???	05:13
sbalneav	I did have an email from LaserJock, saidhe got into a discussion and couldn't get it uploaded. Said the email should be changed so that I get credit for the fix. I couldn't care less about that, just do the fix as yourself ogra.	05:13
sbalneav	yeah	05:13
sbalneav	Turned out to be easier than I thought	05:14
ogra	lol	05:14
sbalneav	took me 3 hours of tracing to come up with that, though :)	05:14
ogra	1h for every added line	05:14
sbalneav	One wonders WHY he took it out.	05:14
sbalneav	since it's SO F****** SIMPLE to leave in	05:15
sbalneav	stgraber: Sure, what's yer addy?	05:15
stgraber	stgraber@ubuntu.com	05:15
sbalneav	1 sec	05:15
sbalneav	sent	05:16
sbalneav	make sure you patch your nbdrootd in /usr/sbin as well with that line I pasted.	05:17
=== Mirrakor [n=michael@p57B2FA88.dip.t-dialin.net] has joined #edubuntu
=== stgraber loves that kind of patch :)
sbalneav	ogra: tried it yet?	05:23
ogra	building the package	05:24
ogra	perfect !	05:28
ogra	uploaded	05:29
sbalneav	It work?	05:31
=== sbalneav crosses fingers
=== bluekuja [n=andrea@ubuntu/member/bluekuja] has joined #edubuntu
ogra	sure	05:33
ogra	you should have a reciept mail from launchpad for the upload	05:33
sbalneav	cool	05:35
=== sbalneav breathes sight of relief
ogra	https://launchpad.net/ubuntu/gutsy/+queue?queue_state=2&queue_text=nbd	05:35
ogra	there we go	05:35
sbalneav	glad we got THAT one sorted	05:36
ogra	yeah	05:36
ogra	2.9.3-3ubuntu1 should be in the archive in about 2h	05:36
ogra	i'll fix nbdrootd alongside	05:36
sbalneav	ok	05:40
sbalneav	Well, kiddies want some breakfast.	05:41
=== Yagisan [n=Yagisan@doomsday/developer/Yagisan] has joined #edubuntu
sbalneav	I'll be on later tonight, get back to ldm :)	05:41
sbalneav	Laster all!	05:41
sbalneav	thx ogra	05:41
Yagisan	highvoltage, you here ?	05:42
highvoltage	Yagisan: indeed	05:47
Yagisan	great	05:47
Yagisan	was browsing through the wiki, and saw your name next too masochists interested in FullyAutomaticSwapServer	05:48
Yagisan	thats was speced for edgy - did that get implemented in feisty ?	05:48
=== Yagisan has come into a few boxes that really really need network swap
Yagisan	as in firefox freezes on them O_O	05:49
Yagisan	I've killed him! noooooo!	05:52
=== mpytasz [n=dduck@81.219.176.52] has joined #edubuntu
highvoltage	Yagisan: yes, it did	05:54
=== mpytasz [n=dduck@81.219.176.52] has joined #edubuntu
stgraber	cool, nbd-server now works just fine, I just can't open a session (greater then black screen with waiting-cursor ...)	06:02
stgraber	maybe a ssh problem somewhere	06:02
Yagisan	highvoltage, oh ? what magic incantation do I need to pass to ltsp-build-client	06:03
highvoltage	Yagisan: afaik, it should work out of the box	06:04
highvoltage	Yagisan: have you checked whether it made a swap file?	06:04
Yagisan	highvoltage, I'm not an out of the box guy - I have been taking stock ubuntu and addind the ltsp packages to them	06:04
highvoltage	Yagisan: eesh, I don't know then	06:06
=== Yagisan remembers a time when he would have known exactly where to find all this and not be the one sking for help
=== andrew____ [n=chatzill@user-12ld7dv.cable.mindspring.com] has joined #edubuntu
andrew____	I have a client that I was trying to set up with LDAP authentication and I must have messed up the libnss-ldap.conf file (I think I forgot to make bind-policy soft) and now it hangs during boot. How can I bypass the desktop and go straight to command line to fix this?	06:10
=== Yagisan blows away the chroot and starts again
andrew____	I should speecify...this is a thick client...	06:12
=== pitux [n=pitux@22-95-20-190.adsl.terra.cl] has joined #edubuntu
pitux	#ubuntu-cl	06:13
=== Mez [n=Mez@ubuntu/member/mez] has joined #edubuntu
stgraber	hi andrew____	06:14
andrew____	howdy! back at it.	06:15
stgraber	ok, I think you'll have the exact same problem using the shell as using gdm as it's probably the nss/pam that cause the problem	06:16
stgraber	if switching to tty1 (ctrl+alt+f1) doesn't help, you may want to boot a livecd to fix the config files, then reboot	06:16
andrew____	by livecd you mean a CD image of ubuntu-desktop?	06:17
stgraber	yes	06:18
andrew____	Should I use the "rescue a broken system" option?	06:19
stgraber	this one is more for MBR issues, simply boot the CD	06:20
andrew____	Having trouble getting it to simply boot from disk...may be a bad cd burn	06:22
andrew____	Ok found a good copy...starting in "safe graphics mode"	06:26
stgraber	got to go for a moment, once on the desktop, simply double-click your harddisk in a nautilus window, it'll mount it and let you see its content	06:30
=== andrupal [n=chatzill@user-12ld7dv.cable.mindspring.com] has joined #edubuntu
andrupal	OK having some trouble editing the libnss-ldap.conf file in safe mode...	06:34
andrupal	The file appears to to exist...	06:34
andrupal	not to exist, rather	06:34
andrupal	Am I missing something obvious here?	06:35
Yagisan	O_O error: LTSP client installation ended abnormally	06:35
stgraber	andrupal: ok, open a terminal and become root (sudo -s)	06:44
stgraber	andrupal: then mount your root partition : mount /dev/hda1 /mnt (assuming it's hda1, it can also be sda1)	06:45
andrupal	I've already started a reinstall of desktop...perhaps hasty...	06:46
stgraber	ok :)	06:46
stgraber	Just a small tip, when you are editing the network auth stuff, always keep a root shell opened somewhere and don't reboot before you are sure everything is working :)	06:47
andrupal	not entirely sure how to do this yet...how do you test boot authentication without rebooting?	06:50
stgraber	you can use : login	06:53
stgraber	from a root shell	06:53
=== ananas [n=Kai@xdslcs061.osnanet.de] has joined #edubuntu
=== n2diy [n=darryl@wlk-barre-208-103-148-187.dynamic-dialup.coretel.net] has joined #edubuntu
highvoltage	9/win 11	07:08
=== pauljw [n=paul@pool181.dial1-clec.newalb.win.net] has joined #edubuntu
=== mpytasz [n=dduck@staticline17096.toya.net.pl] has joined #edubuntu
andrupal	ack...just had the same thing happen again while editing libnss-ldap.conf it seems I'm locked out of the client	08:23
andrupal	I went to search getent group example and the shell froze up...	08:25
andrupal	Now I'm running desktop from livecd...how do I get into the libnss-ldap.conf file to edit?	08:27
=== Amaranth [n=travis@ubuntu/member/Amaranth] has joined #edubuntu
=== sc0tt_ [n=sc0tt@cpc1-stok5-0-0-cust150.bagu.cable.ntl.com] has joined #edubuntu
=== sc0tt_ is now known as sc0tt
andrupal	trying to add users in LDAP Administration Tool and it fails, saying "Strong Authentication Required"	09:18
andrupal	any clue as to why?	09:18
=== gnomefreak [n=gnomefre@ubuntu/member/gnomefreak] has joined #edubuntu
=== Mirrakor [n=michael@p57B2DF5A.dip.t-dialin.net] has joined #edubuntu
=== pauljw [n=paul@pool123.dial1-clec.newalb.win.net] has joined #edubuntu
=== cliebow2 [n=cliebow2@c-68-38-0-92.hsd1.nj.comcast.net] has joined #edubuntu
=== ath [n=ath@c-68-62-50-110.hsd1.mi.comcast.net] has joined #edubuntu
=== sbalneav [n=sbalneav@mail.legalaid.mb.ca] has joined #edubuntu
sbalneav	Afternoon all	10:20
andrupal	Howdy	10:20
andrupal	Still slogging away at LDAP here	10:20
sbalneav	Got my own problems	10:20
sbalneav	Air con died in machine room sometime last night.	10:21
sbalneav	Got a call this Am, and came in.	10:21
andrupal	Yikes	10:21
sbalneav	96 degrees in the core room	10:21
sbalneav	I'm picking up the pieces now.	10:21
andrupal	I can tell you how a compressor creates cold	10:22
sbalneav	That's ok, I know how refrigeration works.	10:23
andrupal	About all I have to offer at this point;)	10:23
andrupal	I'm getting stuck adding new users to slapd : database already in use errors...	10:26
sbalneav	how are you adding them?	10:27
andrupal	tried a GUI "LDAP Administration Tool" to no avail (strong authentication required errors) now back using init.ldif	10:28
sbalneav	You're not using slapadd, are you?	10:28
andrupal	yes	10:28
sbalneav	bzzt.	10:29
sbalneav	from the slapadd manpage:	10:29
sbalneav	"Your slapd server should not be running when performing slapadds"	10:29
sbalneav	use gq	10:29
sbalneav	apt-get install gq	10:29
andrupal	It seems already to be installed	10:30
sbalneav	start it up then,	10:30
sbalneav	add your server	10:30
sbalneav	(localhost)	10:30
sbalneav	you got a book on LDAP?	10:31
andrupal	Sort of...I've got some chapters in an O'Reilly Linux System Admin book....and a Samba book	10:32
sbalneav	O'Reilly has a couple of good ones. "LDAP systems administration" is highly recommended/	10:32
ath	do you get an LDAP if you install ltsp server?	10:32
sbalneav	LDAP is a huge, HUGE topic	10:32
sbalneav	ath: no	10:32
sbalneav	if you want, you can GET ldap going for users with LTSP	10:32
andrupal	i.e. I should install ltsp?	10:33
ath	because I am looking to set up a network for our small school and I am considering edubuntu but I don't want to use gnomw	10:33
ath	gnome	10:33
sbalneav	gnome's got nothing to do with LDAP	10:34
sbalneav	LDAP's a Lightweight Directory Access Protocol	10:34
andrupal	sbalneav: does gq add users or is it just a browser	10:34
ath	I know but I need a graphical way of doing things	10:34
sbalneav	GQ can add	10:34
sbalneav	ath: so use GQ	10:34
ath	what is GQ	10:35
sbalneav	A graphical interface to ldap	10:35
ath	oh, neat	10:35
=== pauljw [n=paul@pool123.dial1-clec.newalb.win.net] has joined #edubuntu
andrupal	So it try adding a user in gq and it says modifications require authentication	10:36
ath	is LDAP better than using edubuntu because I don't really want all the programs that come with it	10:36
andrupal	Again: stronger authentication required	10:37
sbalneav	andrupal: you need to bind to LDAP as the ldap owner ID	10:37
andrupal	I see, so that means if "andrew" is the user, "andrew" also needs to be the ldap owner?	10:37
sbalneav	As part of setting up the database, you should have created a user, like ldapadmin, or admin, that has write access to the database	10:37
sbalneav	You need to bind to ldap as that user.	10:38
sbalneav	no	10:38
andrupal	Do I need to create a user in Ubuntu called "admin" and then login as this user?	10:38
sbalneav	andrew would be a regular user	10:38
sbalneav	You need to bind as your ldap "root" user, so you have write access.	10:38
andrupal	How can I get the desktop apps to bind as "admin"	10:38
sbalneav	You set that up in the binddn in gq	10:39
ath	is edubuntu ldap then?	10:39
sbalneav	ath: no	10:39
sbalneav	ldap is a subsystem that can be installed and set up	10:40
andrupal	Where's binddn in gq?	10:40
sbalneav	it's not there by default	10:40
ath	I see	10:40
sbalneav	andrupal: in the server setup	10:40
sbalneav	my binddn's cn=ldapadmin,dc=legalaid,dc=mb,dc=ca	10:41
sbalneav	where ldapadmin's the userid that's the owner	10:41
andrupal	I don't see a "server setup" ...is this in a config file or part of the GUI?	10:41
andrupal	Oh... in the DN for example.net?	10:42
sbalneav	in your slapd.conf, you set the rootdn with the rootdn keyword, and it's password with the rootpw keyword	10:42
sbalneav	andrupal: I don't have gq runing right now.	10:42
sbalneav	So I can't tell you exactly where it is.	10:43
andrupal	right...but then you're saying gq has a setting for this as well?	10:43
sbalneav	yes	10:43
sbalneav	it does	10:43
sbalneav	I know, because I use it.	10:43
andrupal	I believe you...so far you have done me right!	10:44
sbalneav	what's the value of your "rootdn" and "rootpw" keywords in your slapd.conf?	10:45
andrupal	admin and the rootw is an SSHA string	10:46
sbalneav	just "admin"?	10:46
andrupal	yes	10:46
sbalneav	That's not right.	10:46
sbalneav	You'll need something like:	10:46
sbalneav	"cd=admin,dc=example,dc=net"	10:47
andrupal	Oh yes,,,that's what it says.	10:47
andrupal	I think I found the place in gq where this is set.	10:47
sbalneav	brb, gotta bring another piece of the puzzle back online.	10:48
=== pauljw [n=paul@pool123.dial1-clec.newalb.win.net] has joined #edubuntu
=== ogra [n=ogra@ubuntu/member/ogra] has joined #edubuntu
sbalneav	back	11:10
andrupal	helluva time getting gq to authenticate the root user for LDAP...anyone know this beast (LDAP) well enought to tame it?	11:10
andrupal	howdy sbalneav	11:11
andrupal	Tried setting up the server settings in gq to no avail	11:11
andrupal	under servers->localhost	11:12
andrupal	->edit I set the dn identical to that in slapd.conf	11:12
andrupal	What authentication (bind type) am I using...simple, kerberos, or sasl?	11:14
=== cliebow2 [n=cliebow2@c-68-37-128-111.hsd1.nj.comcast.net] has joined #edubuntu
sbalneav	simple	11:16
cliebow2	complex	11:16
andrupal	even if rootpw is SSHA string?	11:16
cliebow2	simple to you is..well..	11:17
andrupal	After all is submitted, I'm getting: server "localhost" not found, errors.	11:18
LaserJock	sbalneav: around?	11:23
sbalneav	LaserJock yep	11:24
sbalneav	andrupal: ok, lets try this	11:24
sbalneav	your base dn's dc=example,dc=com, right?	11:24
sbalneav	or is it net?	11:24
sbalneav	I can't remember	11:24
sbalneav	lets do this:	11:25
sbalneav	ldapsearch -h localhost -b "dc=example,dc=net	11:25
sbalneav	ldapsearch -h localhost -b "dc=example,dc=net" -x "(uid=*)"	11:26
sbalneav	sorry the second one	11:26
sbalneav	LaserJock: What's up? Saw your email, I sent it on to ollie	11:26
sbalneav	it's been uploaded \o/!	11:26
sbalneav	LaserJock: I'm in at work. Aircon died in the system room, I'm nursing 20+ servers back to life.	11:27
sbalneav	andrupal: did that command work?	11:27
andrupal	OK a nice output with ldif-looking stuff, including all I added from init.ldif	11:27
sbalneav	ok	11:28
sbalneav	so, that was an anonymous bind	11:28
sbalneav	Now we'll try a bind as the ldap admin.	11:28
LaserJock	sbalneav: so did ollie upload it?	11:28
sbalneav	gimme a sec to test.	11:28
sbalneav	LaserJock: Yep!	11:28
sbalneav	Done like dinner.	11:28
sbalneav	ldapsearch -h localhost -b "dc=example,dc=net" -D -x "(uid=*)"	11:29
sbalneav	ldapsearch -h localhost -b "dc=example,dc=net" -D "cn=admin,dc=example,dc=net" -w XXYOURPASSWDXX -x "(uid=*)"	11:30
sbalneav	where XXYOURPASSWDXX is the password it asked you for when you installed ldap	11:30
LaserJock	sbalneav: awesome, great	11:30
LaserJock	I'm glad that was such an easy fix	11:31
sbalneav	LaserJock: it's a load off my mind, let me tell you."	11:31
sbalneav	It was 3 hours of digging into the source.	11:31
sbalneav	I've got to see if Wouter will accept it upstream	11:31
sbalneav	I'm hoping since it's so simple, he will.	11:31
andrupal	sbalneav, the 2nd you gave returns similar output	11:32
andrupal	the first gives invalid dn syntax error	11:33
sbalneav	that was a mistype	11:34
andrupal	ok	11:34
sbalneav	ok, so that means that you can bind as the binddn, with the right password.	11:34
sbalneav	so it should work within gq	11:34
sbalneav	if not, you can use the command ldapadd	11:35
sbalneav	not slapadd, but ldapadd	11:35
sbalneav	that will actually do a bind to the database	11:35
sbalneav	slapadd just tries to write the database files directly	11:36
andrupal	Oh how I would prefer a GUI for this type of thing, though...	11:38
andrupal	Just to confirm...I'm setting up file->preferences->servers->localhost in gq	11:39
sbalneav	Dude, like I say, I don't have access to it at the moment.	11:40
andrupal	OK...no prb	11:40
sbalneav	When in doubt, read the manual, and google.	11:40
sbalneav	brb, next server ready to online	11:43
=== Feldegast [n=feldegas@C-61-68-60-52.hay.connect.net.au] has joined #edubuntu
andrupal	so strange...I can get gq to browse when it doesn't have any bind dn entered...but as soon as I include the bind dn and password in the server setup info, it just hangs up during the search...	11:57
=== etank [n=etank@ubuntu/member/etank] has joined #edubuntu
etank	is there a mata package that can be used to install all of the educational apps that come by default with an edubuntu install?	12:04
etank	but without installing gnome	12:08
etank	i want to get all of the default apps for edubuntu loaded on a xubuntu box	12:09
etank	the easiest way possible	12:09
LaserJock	hmm	12:12
LaserJock	you might just use the Edubuntu addon cd	12:12
LaserJock	we're going to get better metapackage sets for gutsy	12:13
etank	no big deal	12:14
etank	i just have to do it once	12:14
etank	and then replicate it to the rest of the boxes that i have	12:14
LaserJock	which apps are you interested in?	12:15
etank	all of the educational stuff	12:15
etank	gcompris, tuxmath, etc	12:15
LaserJock	heh, that's kinda broad :-)	12:15
=== Knightlust [n=Dax@ubuntu/member/knightlust] has joined #edubuntu
etank	https://wiki.ubuntu.com/KentuckyTeam/CharityProject/PackageList <---- that sums it up :)	12:16
sbalneav	back	12:16
etank	of course that was taken from the edubuntu site though	12:16
andrupal	any ideas why "dc=example,dc=net" would be giving an invalid dn syntax in LDAP administration tool?	12:18
sbalneav	andrupal: hold on, I've got enough back up to get x going, I'll head upstairs and get gq fire up	12:19

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!