SingleSignOn

Requirements and configuration to use FladiAtAccount on Linux desktops and servers. All packages and instructions are tailored for Debian or Ubuntu.

Automatic

This setup uses Puppet to install and configure the required packages for SingleSignOn.

Setup

Just install the puppet package from the Debian repositories: %CODE{"sh"}% aptitude install puppet %ENDCODE% In case that the domain configured for your machine is not fladi.at you need to make sure the puppet server is set to puppet.fladi.at in /etc/puppet/puppet.conf:

[main]
server=puppet.fladi.at

After that just start the puppet client and after it has been signed by the server (has to be done manually by now, so please be patient) it will start to install packages and pull the necessary configuration files.

Configuration Repository

The whole configuration for my PuppetMaster? can be browsed in a central Subversion repository.

By Hand

Packages

To be installed

• libnss-db
• libnss-ldap
• libpam-afs-session
• libpam-ccreds
• libpam-ck-connector
• libpam-cracklib
• libpam-foreground
• libpam-gnome-keyring
• libpam-heimdal
• libpam-ldap
• libpam-mount
• libpam-shield
• libpam-unix2
• nscd
• nss-updatedb
• python-ldap
• subversion

To install them all at once run this as root: %CODE{"sh"}% aptitude install libnss-db libnss-ldap libpam-afs-session libpam-ccreds libpam-ck-connector libpam-cracklib libpam-gnome-keyring libpam-heimdal libpam-ldap libpam-unix2 nscd nss-updatedb python-ldap subversion %ENDCODE% If debconf asks you about various settings for those packages, just use the default-settings as the configuration files are provided in a central location.

Configuration

The current configuration for SingleSignOn is already part of the PuppetMaster repository. Browse it to find the necessary files.