Difference between revisions of "Base Linux"
Jump to navigation
Jump to search
| (5 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
*During '''Software Selection''' Make sure to select the '''OpenSSH server''' | *During '''Software Selection''' Make sure to select the '''OpenSSH server''' | ||
*After the install is done update the repos and make sure all the apps are up to date. | *After the install is done update the repos and make sure all the apps are up to date. | ||
<pre>sudo apt- | <pre>sudo apt update && sudo apt upgrade -y && sudo apt autoremove -y</pre> | ||
*Make sure you have a static IP set. <pre>cat /etc/netplan/ | *Make sure you have a static IP set. <pre>cat /etc/netplan/00-installer-config.yaml | ||
</pre> | |||
*You will have to delete the '''/etc/netplan/50-cloud-init.yaml''' | *You will have to delete the '''/etc/netplan/50-cloud-init.yaml''' | ||
*Below is what the end of the file should look similar too. Please any '''X'''s with correct information for this server. You may have to change DHCP to static | *Below is what the end of the file should look similar too. Please any '''X'''s with correct information for this server. You may have to change DHCP to static | ||
| Line 46: | Line 47: | ||
*We need new users to get Home directories so run <code>sudo nano /etc/pam.d/common-session</code> and add to the '''TOP''' <code>session required pam_mkhomedir.so skel=/etc/skel/ umask=0022</code> | *We need new users to get Home directories so run <code>sudo nano /etc/pam.d/common-session</code> and add to the '''TOP''' <code>session required pam_mkhomedir.so skel=/etc/skel/ umask=0022</code> | ||
=== | ===Old Network Interface=== | ||
<pre> | |||
iface ensXX inet static | |||
address 192.168.2.XXX | |||
netmask 255.255.255.0 | |||
gateway 192.168.2.244 | |||
dns-search psc.horizon.com pscnaturalfoods.com | |||
dns-nameservers 192.168.2.225 192.168.2.226 8.8.8.8 | |||
</pre> | |||
OU=PSC User Redirect,OU=PSC Natural Foods,DC=psc,DC=horizon,DC=com | |||
<pre>sudo sed -i 's,http://ca.archive.ubuntu.com/ubuntu,http://old-releases.ubuntu.com/ubuntu,g' /etc/apt/sources.list</pre> | |||
Latest revision as of 17:13, 14 August 2022
- Install the latest LTS from Ubuntu
- During Software Selection Make sure to select the OpenSSH server
- After the install is done update the repos and make sure all the apps are up to date.
sudo apt update && sudo apt upgrade -y && sudo apt autoremove -y
- Make sure you have a static IP set.
cat /etc/netplan/00-installer-config.yaml
- You will have to delete the /etc/netplan/50-cloud-init.yaml
- Below is what the end of the file should look similar too. Please any Xs with correct information for this server. You may have to change DHCP to static
- That includes the information to get DNS information from PSC DNSes servers. SPACE IS EXTREMELY IMPORTANT (YAML Sucks)
network:
version: 2
renderer: networkd
ethernets:
ens18:
dhcp4: no
# Ser IP address & subnet mask
addresses: [192.168.2.xxx/24]
# Set default gateway
gateway4: 192.168.2.244
nameservers:
search: [psc.horizon.com,pscnaturalfoods.com]
# Set DNS name servers
addresses: [192.168.2.225,192.168.2.226,8.8.8.8]
dhcp6: no
- If its not a VM its more likely using ethX You shouldn't need to change that part just the DHCP to static.
iface ethX inet static
Joining Domain
So the idea here, is to add the server to the domain. The point being you will be able to login using AD credentials.
- Its not really needed but its make it nice and unified. This would also give Horizon access. I used the instructions from http://www.kiloroot.com/add-ubuntu-14-04-server-or-desktop-to-microsoft-active-directory-domain-login-to-unity-with-domain-credentials/
- Now we need to install the software to link up to AD.
sudo apt-get install realmd sssd samba-common samba-common-bin samba-libs sssd-tools krb5-user adcli packagekit vim -y
- If you are prompted for the domain enter in all caps PSC.HORIZON.COM
- Next run
sudo kinit -V USERNAMEReplacing USERNAME with a domain admin account.- This should prompt for a password, enter the password. Which should return Authenticated to Kerberos v5
- From here we will now actually join the domain.
sudo realm --verbose join -U USERNAME psc.horizon.comReplace USERNAME with the same domain admin account.- If this hangs on Resolving required packages then your packagekit is out of date and you need the one from proposed sub repo.
- You should have seen something like * Successfully enrolled machine in realm following that run
realm listand you should see psc.horizon.com in the output a few times - Now we will want to
id USERNAME@psc.horizon.comreplace USERNAME with a user name to check that its working right. - Assuming we don't every job blow user logging in run
sudo realm deny -R psc.horizon.com -a - And now we need to allow groups to log in.
sudo realm permit -R psc.horizon.com -g Domain\ Admins LinuxAdmins - We need to give sudo power to these groups.
sudo nano /etc/sudoers - Add the code section below to the end of the file **IMPORTANT** There must be a tab between the .com and ALL=
%domain\ admins@psc.horizon.com ALL=(ALL:ALL) ALL
%linuxadmins@psc.horizon.com ALL=(ALL:ALL) ALL
- We need new users to get Home directories so run
sudo nano /etc/pam.d/common-sessionand add to the TOPsession required pam_mkhomedir.so skel=/etc/skel/ umask=0022
Old Network Interface
iface ensXX inet static
address 192.168.2.XXX
netmask 255.255.255.0
gateway 192.168.2.244
dns-search psc.horizon.com pscnaturalfoods.com
dns-nameservers 192.168.2.225 192.168.2.226 8.8.8.8
OU=PSC User Redirect,OU=PSC Natural Foods,DC=psc,DC=horizon,DC=com
sudo sed -i 's,http://ca.archive.ubuntu.com/ubuntu,http://old-releases.ubuntu.com/ubuntu,g' /etc/apt/sources.list