Differences between revisions 4 and 5
Revision 4 as of 2008-10-20 18:54:33
Size: 7313
Comment: update status
Revision 5 as of 2008-10-20 19:22:14
Size: 7846
Comment: update status and links
Deletions are marked like this. Additions are marked like this.
Line 19: Line 19:
||<#7fa0cf>0||<#7fa0cf>Basic infrastructure ||<#cf7fa0>partly accomplished|| ||<#ffcc00>0||<#7fa0cf>Basic infrastructure ||<#ffcc00>partly accomplished||
Line 30: Line 30:
||<#7fa0cf>1||<#7fa0cf>Admin Group ||<#a0cf7f>accomplished|| ||<#a0cf7f>1||<#7fa0cf>Admin Group ||<#a0cf7f>accomplished||
Line 33: Line 33:
||1.3 || save the LDIF of that account in SVN ||<#a0cf7f> link ||
||<#7fa0cf>2||<#7fa0cf> CAT administrator "cipadmin" ||<#cf7fa0>accomplished||
||1.3 || save the LDIF of that account in SVN ||<#a0cf7f> [http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/doc/src/tecdoc/samba/skole-3.1r-after-installation.ldif link] ||
||<#ffcc00>2||<#7fa0cf> CAT administrator "cipadmin" ||<#ffcc00>partly accomplished||
Line 38: Line 38:
||2.4 || save LDIF in SVN ||<#cf7fa0>link || ||2.4 || save LDIF in SVN ||<#a0cf7f>[http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/doc/src/tecdoc/samba/skole-3.1r-after-admin-user-added.ldif link] ||
Line 42: Line 42:
||<#7fa0cf>3||<#7fa0cf>Adoption of CipUX installation on Debian-Edu ||<#cf7fa0>accomplished|| ||<#a0cf7f>3||<#7fa0cf>Adoption of CipUX installation on Debian-Edu ||<#a0cf7f>accomplished||
Line 47: Line 47:
||3.5 || save this in SVN as an example for Debian-Edu || link    || ||3.5 || save this in SVN as an example for Debian-Edu ||<#a0cf7f> [http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/storage/src/doc/debian-edu/cipux-storage-structure.conf link] ||
Line 51: Line 51:
||3.9 || save this in SVN as an example for Debian-Edu || link    ||
||<#7fa0cf>4 ||<#7fa0cf>Some PAM tests: check ... ||<#cf7fa0>accomplished||
||3.9 || save this in SVN as an example for Debian-Edu ||<#a0cf7f>[http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/storage/src/doc/debian-edu/cipux-storage-access.conf link]||
||<#a0cf7f>4 ||<#7fa0cf>Some PAM tests: check ... ||<#a0cf7f>accomplished||
Line 59: Line 59:
||4.7 || save valid machine account as LDIF in SVN || link ||
||
<#7fa0cf>5 ||<#7fa0cf> Samba Users ||<#cf7fa0>accomplished||
||4.7 || save valid machine account as LDIF in SVN ||<#a0cf7f>[http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/doc/src/tecdoc/samba/skole-3.1r-win-client-after-login-to-samba-domain.ldif link] ||
||<#cf7fa0
>5 ||<#7fa0cf> Samba Users ||<#cf7fa0>not accomplished||
Line 62: Line 62:
||5.2 || commit cipux-samba.conf to SVN ||<#cf7fa0>OK||
||5.3 || add 3 auto calc "if" to CipUX::Object::Action::Create ||<#cf7fa0>OK||
||5.4 || commit CipUX::Object::Action::Create to SVN ||<#cf7fa0>OK||
||5.10|| Check if ... ||OK||
||5.11|| ... samba user is created, if cipux-samba is installed ||OK||
||5.12|| ... users are indentical to Skole execpt additional CipUX attr. ||OK||
||5.13|| ... no samba user is creaed, if cipux-samba is not installed ||OK||
||5.14|| ... id <LOGIN> works ||OK||
||5.15||... login with such a user on a windows (within a domain) works ||OK||
||<#7fa0cf>6||<#7fa0cf> Samba Groups ||<#cf7fa0>accomplished||
||5.2 || commit cipux-samba.conf to SVN ||<#cf7fa0>not committed||
||5.3 || add 3 auto calc "if" to CipUX::Object::Action::Create ||<#cf7fa0>work in progress||
||5.4 || commit CipUX::Object::Action::Create to SVN ||<#cf7fa0>not committed||
||5.10|| Check if ... ||not done||
||5.11|| ... samba user is created, if cipux-samba is installed ||not done||
||5.12|| ... users are indentical to Skole execpt additional CipUX attr. ||not done||
||5.13|| ... no samba user is creaed, if cipux-samba is not installed ||not done||
||5.14|| ... id <LOGIN> works ||not done||
||5.15||... login with such a user on a windows (within a domain) works ||not done||
||<#cf7fa0>6||<#7fa0cf> Samba Groups ||<#cf7fa0>not accomplished||
Line 73: Line 73:
||6.2 || find a solution for exporting created groups with samba ||<#cf7fa0>OK||
||6.3 || TODO? ||OK||
||6.4 || TODO? ||OK||
||6.5 || TODO? ||OK
||
||6.10||Check if ... ||OK||
||6.11||... samba group is created if cipux-samba is installed ||OK||
||6.12||... groups are indentical to Skole execpt additional CipUX attr. ||OK||
||6.13||... no samba group is creaed, if cipux-samba is not installed ||OK||
||6.14||... group shows up in PAM ||OK||
||6.15||... if samba group exists, it should be exported to users who are member of this group||OK||
||6.2 || find a solution for exporting created groups with samba ||<#cf7fa0>not done||
||6.10||Check if ... ||not done||
||6.11||... samba group is created if cipux-samba is installed ||not done||
||6.12||... groups are indentical to Skole execpt additional CipUX attr. ||not done||
||6.13||... no samba group is creaed, if cipux-samba is not installed ||not done||
||6.14||... group shows up in PAM ||not done||
||6.15||... if samba group exists, it should be exported to users who are member of this group||not done||

CipUX Samba

Status of the project:

Name:

cipux-samba

Concept:

ChristianKuelker

Programmers:

AlexejPastuchow

Status:

implentation

Start:

2008-05-22

End:

2008-10-27

Planned-release:

3.4.0

Alpha-release:

-

Beta-release:

-

Stable-release:

-

This task are for Skolelinux/Debian-Edu:

Task

Status

0

Basic infrastructure

partly accomplished

0.1

We use the hole Skolelinux LDAP tree

OK

0.2

Install Skolelinux

installed

0.3

create image (t0) from Skolelinux

link to t0 missing

0.4

Functional test of Skolelinux: Can Clients join domain?

yes

0.5

If yes: create image (t1)

restored

0.6

If yes: restore to image (t0)

yes

0.7

Is t0 OK?

yes

0.8

yes t0 is OK: install packages CipUX

installed

0.9

if t0 OK: create image (t2) from Skolelinux SVN CipUX

link to t2 missing

0.10

Pam should already be configured

OK

1

Admin Group

accomplished

1.1

Exists cn=admins,ou=Group,dc=skole,dc=skolelinux,dc=no?

yes

1.2

If no, create it with LDIF

created

1.3

save the LDIF of that account in SVN

[http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/doc/src/tecdoc/samba/skole-3.1r-after-installation.ldif link]

2

CAT administrator "cipadmin"

partly accomplished

2.1

create that account via LWAT with relevant samba attr.

created

2.2

The account has all samba entries

yes

2.3

The account has all CipUX entries

yes

2.4

save LDIF in SVN

[http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/doc/src/tecdoc/samba/skole-3.1r-after-admin-user-added.ldif link]

2.5

add "cipadmin" to "admins" via LDIF

added

2.6

save the LDIF in SVN

link

2.7

"cipadmin" can be used to add win clients to domains

yes

3

Adoption of CipUX installation on Debian-Edu

accomplished

3.1

The trust account for CipUX under DebianEdu is cn=admin,ou=People

OK

3.2

Can cn=admin access all needed attributes: check ACL.

yes

3.3

Create a different cipux-storage-structure.conf

created

3.4

Change relevant RDN in this file ou=User -> ou=People

OK

3.5

save this in SVN as an example for Debian-Edu

[http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/storage/src/doc/debian-edu/cipux-storage-structure.conf link]

3.6

create a seperate cipux-storage-access.conf

created

3.7

change the Tree in this file:

OK

3.8

change or check the URL in this file

OK

3.9

save this in SVN as an example for Debian-Edu

[http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/storage/src/doc/debian-edu/cipux-storage-access.conf link]

4

Some PAM tests: check ...

accomplished

4.1

... if "id admins" works

OK

4.2

... if "id cipadmin" works

OK

4.3

... if "cipadmin" is in "admins" group

OK

4.4

... if cipadmin can login from console (not terminal)

OK

4.5

... if cipadmin can add a windows machines to a domain

OK

4.6

... if he can make image (t3)

OK

4.7

save valid machine account as LDIF in SVN

[http://svn.debian.org/viewsvn/*checkout*/cipux/trunk/cipux-core/doc/src/tecdoc/samba/skole-3.1r-win-client-after-login-to-samba-domain.ldif link]

5

Samba Users

not accomplished

5.1

add samba LDAP configuration cipux-samba.conf

OK

5.2

commit cipux-samba.conf to SVN

not committed

5.3

add 3 auto calc "if" to CipUX::Object::Action::Create

work in progress

5.4

commit CipUX::Object::Action::Create to SVN

not committed

5.10

Check if ...

not done

5.11

... samba user is created, if cipux-samba is installed

not done

5.12

... users are indentical to Skole execpt additional CipUX attr.

not done

5.13

... no samba user is creaed, if cipux-samba is not installed

not done

5.14

... id <LOGIN> works

not done

5.15

... login with such a user on a windows (within a domain) works

not done

6

Samba Groups

not accomplished

6.1

add samba LDAP configuration cipux-samba.conf (if any)

OK

6.2

find a solution for exporting created groups with samba

not done

6.10

Check if ...

not done

6.11

... samba group is created if cipux-samba is installed

not done

6.12

... groups are indentical to Skole execpt additional CipUX attr.

not done

6.13

... no samba group is creaed, if cipux-samba is not installed

not done

6.14

... group shows up in PAM

not done

6.15

... if samba group exists, it should be exported to users who are member of this group

not done

Todo for Future:

=> Fuer die Zukunft muss ein neues CipUX Object oder eine CipUX Object Erweiterung in den Konfigurations Dateien erstellt werden, mit der man diese Admin Groups anlegen kann. Im Moment koennen wir das hardgecoded lassen.