Note that while we cannot provide support for self-maintained or unsupported workstations, use the following information as a guide for your workstation.
You also are expected to be aware of and follow the SecurePurdue Guidelines and University IT policies.
Although your workstation may not be maintained by PCN, this does not mean that you cannot print to or use department resources.
On a linux host, install CUPS and then simply point your cups server to us to be able to print like normal.
#/etc/cups/client.conf
ServerName spool.physics.purdue.edu
The various department shares and project directories may be mounted from Gutenberg using samba just like Mac and Windows workstations access those shares.
smb://gutenberg.physics.purdue.edu
If you would like to mount a folder, you can use the below syntax via a terminal window.
#Make sure the location you're mounting to already exists (eg: /mount/UserGutenHome) mount.smbfs -o rw,username=CareerAccount //gutenberg.physics.purdue.edu/Username /mount/UserGutenHome
In the above example, we mounted a home directory on gutenberg to /mount/UserGutenHome.
For more information, please see the Debian System Administor's Guide of this topic.
There are a number of solutions for accessing centralized authentication. We document them here to offer a choice of solutions depending upon users' needs.
It is generally a good idea to match the userid and groupid locally to the department versions to ensure that files created are owned by the same people if the files will be transferred to other workstations. Your userid and groupid can be found via:
> ssh username@bohr.physics.purdue.edu > id uid=12345(username) gid=1234(group) groups=1234(group)
The following setup is best suited for self-maintained users who want the convenience of having centralized authentication while also having the flexibility of an auto-mounted home directory.
The following directions will show how to setup LDAP Authentication with pam_cifs for home directory auto-mounting on an SLC5.3 Linux distribution. These directions assume a completely fresh and default system installation. You may need to tweak these directions for other distributions or system setups.
yum update
yum install pam-devel openldap-devel gcc
cd /root wget http://downloads.sourceforge.net/project/pam-cifs/pam-cifs/pam-cifs-0.5.5/pam-cifs-0.5.5.tgz?use_mirror=cdnetworks-us-1 tar zxvf pam-cifs-0.5.5.tgz cd pam-cifs vim Makefile #Set the following changes: # max_uid = 524288 # min_uid = 5000 # windomain = '"ONEPURDUE"' :wq make all make install
host volta.physics.purdue.edu base dc=physics,dc=purdue,dc=edu uri ldaps://volta.physics.purdue.edu ssl start_tls ssl on ldap_version 3 tls_checkpeer yes tls_cacertfile /usr/share/purple/ca-certs/Thawte_Premium_Server_CA.pem tls_cacertdir /etc/openldap/cacerts # you may need to symlink Thawte_Premium_Server_CA.pem in /etc/openldap/cacerts rootbinddn cn=admin,dc=physics,dc=purdue,dc=edu pam_password md5 #following two lines are additional that may not be required for most setups nss_initgroups_ignoreusers root,ldap tls_reqcert allow binddn cn=unsupported,dc=physics,dc=purdue,dc=edu bindpw ********* #See PCN in-person for bindpw Password #Per University Policy we cannot email/publish passwords
chmod 0600 /etc/ldap.conf
rm /etc/ldap.secret
domain purdue-pcn broadcast
#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth required pam_cifs.so debug auth sufficient pam_ldap.so use_first_pass debug auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_ldap.so debug account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 password sufficient pam_unix.so md5 shadow nis nullok try_first_pass use_authtok password sufficient pam_ldap.so use_authtok debug password required pam_deny.so session required pam_limits.so session required pam_mkhomedir.so umask=077 skel=/etc/skel session required pam_unix.so session optional pam_cifs.so debug background=0 prefix=/home mount_home=1 source=//gutenberg.physics.purdue.edu windomain=ONEPURDUE