Back to Home Page BuildingALinuxDomain
For our purposes and network structure we required only two items be downloaded. Obviously for a more advanced network you have many more plugins you can implement.
- 1.PGINA v 1.8.4 (1.8.8 had some implementation issues for us) 2.LDAPauth plugin (LDAPauth requires LDAP v3 to run correctly)
The installation went well once we had a stable download and the options to connect to the openLDAP server were fairly simple. This is however where you must know specific details about your network and be exact. The good thing is that you will still be able to log in locally even if you lock yourself out of the network login.
After downloading from http://sourceforge.net you will need to install and configure pGINA which when installed correctly will start up shortly after installation.
*Before you configure this you need to install the ldapauth plugin for it to be successful.* This will open the following window:
- To point the configuration tool towards the plugin you simply need to click on the plugin tab and choose Browse and point the path to where you have it installed at. You then must configure the plugin so it recognizes your network. After clicking on configure you will see the following;
Here is where you need the details for your network. Where you see LDAP Server it is asking for either the name (if statically assigned) or the IP. For the Admin user you need to have the FQDN from LDAP. This includes the CN, and any DC's associated as well as the prepend and append for the local usernames to be included on the machine. NOTE: You do need to add the password for the authorized account that your network can authenticate with.
Another place you need to change is the timeout. It appears if this is not changed the machine wont have the time it needs to contact the LDAP server to authenticate the users. There are three methods of authentication at the top as well; Search Mode, ?MultiMap Mode, and Map Mode. Standard search mode is MAP for LDAP, this refers to the way LDAP will look for the UID and username. The default mode is MAP mode, this allows users to be categorized by username:uid when searching for users.
- For a basic network you will not need any of the more advanced settings such as user, password, or hook configuration. With the other settings in pGINA you can do more advanced things such as placing a message of the day on the logon screen, as well as using a custom Logo. Here you can disable a users ability to turn off or reboot a machine as well. In addition to this there are settings for disabling a user locking their desktop, checking a username, restarting from the config window, etc. You can also set the profiles to be deleted (for say a kiosk) after logging out, similar to a guest account. There are many many more options for configuration as well as setting the drive mapping for profiles included as well.