Install Java SDK: See Java SDK download and Linux install
Web Browser Configuration: Mozilla Firefox/SeaMonkey
- Browser Java VM support:
- x86_64: ln -s /usr/java/latest/jre/lib/amd64/libnpjp2.so /usr/lib64/mozilla/plugins/
- i386: ln -s /usr/java/latest/jre/plugin/i386/ns7/libjavaplugin_oji.so /usr/lib/mozilla/plugins/
(Required for Microsoft Exchange OWA webmail support.)
Note: The installation of the plugin "plugger" will generate the directory /usr/lib/mozilla/plugins/. Typically the Mozilla browser installation will create a directory but with the browser version as part of the name. (i.e. mozilla-1.2.1/) This will typically change with each upgrade and I avoid using it for plugins. - Browser Proxy configuration: Many corporate networks rely on SOCKS proxy servers for access to the internet. Typically a Proxy Auto Configuration (PAC) script is issued to be registered with the browser. These scripts are usually targeted to Microsoft Explorer or Firefox specifically. Try the proxy script: "Edit" + "Preferences" and select "Advanced (+)" and "Proxies" + "Automatic proxy configuration URL", enter the script location and select the "Reload" button. If it works, great your ready to surf. If your corporation uses a proxy directly, enter it under "Manual proxy configuration". If using a script and it does not work, use the command "wget http://proxy-url.domain.com/proxy-script.pac" to download the proxy script. Examine the file proxy-script.pac. Buried in the logic of the script is usually the explicit listing of a proxy server which can be entered under the Mozilla manual configuration. If you are at a corporation using a firewall and have direct access, I'm jealous and you have no need for proxy configuration.
- Helper Application configuration for various file types:
GNOME Desktop Proxy configuration: (required by Ximian Evolution below)
See YoLinux GNOME Desktop tutorial: Proxy configuration
Accessing MS/Windows file servers:
MS/Windows file shares are accessed using a MS/Windows login and
password thus I mount the file systems in user directories as they are
user resources. Check to see if the proper SAMBA packages are
installed: rpm -qa | grep samba. The packages samba-common, samba-client and samba should be installed.
Mount points: The local Linux system mount point choice and method of access is actually important. If it is a multiuser system and the file server is using user privileges to mount and access the file then it might be prudent to use a mount point local to the user. If the system is owned and used solely by the user then I recommend creating a directory in /mnt and using it as a mount point. In either case a soft link (ln -s) to the $HOME/.gnome-desktop/ (RH 7-9) directory will create a nice user interface icon for access purposes. (Fedora Core 3: Use the directory $HOME/Desktop/)
[Potential Pitfall]: The mount point to the user's home directory MUST be recognized by the admin as a potential pitfall. When removing a user from the system, the command "userdel -r" will recursively delete files and directories found below the home directory. The command "rm -R" will NOT follow sym links thus sym links to $HOME/.gnome-desktop/ are safe. The directories mounted to directories below the $HOME/ path may not be safe from mass deletion.
Create the desktop mount point which will provide a desktop icon and app link to the Nautilus file manager to view files on the server:
- System mount point: /mnt/
[root]# mkdir $HOME/.gnome-desktop/MS-SERVER-NAME [root]# mkdir /mnt/MS-SERVER-NAME [root]# mkdir /mnt/MS-SERVER-NAME/MS-Windows-Share [root]# ln -s /mnt/MS-SERVER-NAME/MS-Windows-Share $HOME/.gnome-desktop/MS-SERVER-NAME
Note Fedora Core 3: $HOME/Desktop/
or - User mount point: $HOME/
[root]# mkdir $HOME/.gnome-desktop/MS-SERVER-NAME [root]# mkdir $HOME/MS-SERVER-NAME [root]# mkdir $HOME/MS-SERVER-NAME/MS-Windows-Share [root]# ln -s $HOME/MS-SERVER-NAME/MS-Windows-Share $HOME/.gnome-desktop/MS-SERVER-NAME
See "Potential Pitfall" above before using your home directory as a mount point!!
- Directly and upon system boot, mount MS/Windows file server:
Create file ~/.smbpassword (chmod 400 $HOME/.smbpassword)username = ms-windows-login-name password = ****
Edit file: /etc/fstab
(you need to be root to edit this file.) and add the following line: (one line. May be shown here as word-wrapped)
CIFS://MS-SERVER-NAME/MS-Windows-Share /mnt/MS-SERVER-NAME/MS-Windows-Share cifs credentials=/home/linux-user-id/.smbpassword,workgroup=MS-WINDOWS-DOMAIN,uid=linux-user-id,gid=linux-user-group-name 0 0
or SMBFS://MS-SERVER-NAME/MS-Windows-Share /mnt/MS-SERVER-NAME/MS-Windows-Share smbfs credentials=/home/linux-user-id/.smbpassword,workgroup=MS-WINDOWS-DOMAIN,uid=linux-user-id,gid=linux-user-group-name 0 0
Mount: [root]# mount /mnt/MS-SERVER-NAME/MS-Windows-Share
Unmount: [root]# umount /mnt/MS-SERVER-NAME/MS-Windows-Share
Note:- "cifs" is a newer virtual file system supporting locking, Unicode, hardlinks, etc while "smbfs" (Server Message Block) is an older less advanced protocol.
CIFS man pages: - If the uid and gid are omitted you may only have read access to the MS/Windows server. The uid/gid may be the alphanumeric name or the system user/group numbers.
- "cifs" is a newer virtual file system supporting locking, Unicode, hardlinks, etc while "smbfs" (Server Message Block) is an older less advanced protocol.
- Directly mount MS/Windows file server: (as root) (one line - may be shown wordwrapped)
[root]# mount -t smbfs -o username=ms-windows-user-id,workgroup=MS-WINDOWS-DOMAIN,uid=linux-user-id,gid=linux-user-group-name //MS-SERVER-NAME/MS-Windows-Share /mnt/MS-SERVER-NAME/MS-Windows-Share password: [root]# umount /mnt/MS-SERVER-NAME/MS-Windows-Share
Password can also be specified on the command line:
- username=ms-windows-user-id,password=supersecret
- username=ms-windows-user-id,password=
(This will specify a "null" password.)
Note that enterprise systems may be using higher levels of security in which case a mount may look more like the following:
[root]# mount -t cifs -o user=WinDomain/userid -o sec=ntlmv2 //MS-SERVER-NAME/MS-Windows-Share-name /mnt/local-linux-mount-point
Note:- The option ",_netdev" may be added after the user to delay mounting until the network has been enabled.
- The CIFS filesystem was introduced as a sucessor to the SMBFS file system and is more feature rich to support MS/Windows applications and OS security.
- Use Samba smbmount: (as root) (one line - may be shown wordwrapped)
[root]#smbmount //MS-SERVER-NAME/MS-Windows-Share /mnt/MS-SERVER-NAME/MS-Windows-Share -o username=ms-windows-login-name,workgroup=MS-WINDOWS-DOMAIN Password: [root]#smbumount /mnt/MS-SERVER-NAME/MS-Windows-Share
- Use Samba shell: (non-root user)
smbclient //MS-SERVER-NAME/MS-Windows-Share -U MS-WINDOWS-DOMAIN/ms-windows-login-name
Password:
This places you in a shell mounted to the MS/Windows server. You can enter commands such as ls, put and get like in an ftp client. Type ? for a full list of commands.
Note: If the share is a hidden share append a "$" to the name of the share. i.e.: //MS-SERVER-NAME/MS-Windows-Share$
[Potential Pitfall]: If the Microsoft login password is changed, unmount the drive, change the $HOME/.smbpasswd password entry and remount the drive.
[Potential Pitfall]: Spaces in share names are often problematic. Escape with "\040".
Example: //HOSTNAME/share\040name
[Potential Pitfall]: Using OpenOffice to edit an MS/Word document on a cifs mounted file system. OpenOffice Writer may freeze when editing the document when performing a "saving as" on the file as it does not use cisf byte range locks. Fix using the cisf mount option nobrl.
GUI Mount/Configuration Tools:
- Gnomba
- KNetMon
- smbclient:
smbclient -u winlogin -W MsWindowsDomain -L MsWindowsServer
This will list all available servers in the domain and all the shares on the MS/Windows server specified.Man Pages:
- File browser access: The system browsers
Gnome/Nautilus
and newer versions of KDE/Konqueror can also browse the Microsoft file
servers using the URL "smb://"
Start Nautilus ("Start Here" icon on desktop) and use URL "smb://"
Choose Domain folders then "Shares" folders. Login as MS-WINDOWS-DOMAIN\ms-windows-user-id and password. - SMB4k: Sourceforge: SMB4K
Scan for active workgroups, hosts and shares, mount/unmount, access files (using Konqueror), printer shares, ...
Requires QT libraries 3.1+. (RH 9.0 uses QT3.1 thus OK) Binaries for Fedora, SUSE and Debian.
Note: Requires root access to dynamically mount MS/Windows shares. To give users this privilege, apply the "sticky bit" to smbmnt:
chmod a+t /usr/bin/smbmnt
- Also see:
- Davenport - JAVA applet for CIFS/SMB file server access.
- jCIFS.samba.org - jCIFS home page
This procedure is common for dual boot systems and for those who wish to access legacy data. The NTFS file system is used with MS/Windows NT, 2000 and XP. Read only access is available with the NTFS kernel module. The default Red Hat compiled kernels support these NTFS modules. If compiling from source be sure to set the following in kernel-XXXXX.config: CONFIG_NTFS_FS=m (read-only NTFS support. Write support is at your own risk: CONFIG_NTFS_RW=y)
- Tuxera.com: Linux NTFS driver - included in all Linux 2.6 kernels
- Download the appropriate NTFS driver source: Tuxera.com NTFS-3G community download
The find the version of the kernel you are running, use the command: uname -r -p or cat /proc/version.
Determine the target processor with the command uname -p - Install rpm as root: rpm -ivh kernel-ntfs-2.4.XXX.iX86.rpm
- Load module: /sbin/modprobe ntfs
- Check for errors: dmesg | grep NTFS
- Verify: cat /proc/filesystems
or modprobe -l | grep ntfs - Create mount point: mkdir /mnt/windows
- Add line to /etc/fstab:
/dev/hda1 /mnt/windows ntfs ro,umask=0222,uid=Linux-Login-ID 0 0
- Uid is the Linux user login id which is allowed exclusive access to MS/Windows drive. Remove this to allow all system users access to the drive.
- Device reflects that of the MS/Windows hard drive. First SCSI drive would be /dev/sda1. See YoLinux SCSI tutorial for more info.
- mount /mnt/windows
or
mount -t ntfs -o nls=utf8 /dev/hdXX /mnt/windows
Note: DOS and MS/Windows 3.1, 95, 98 or 2000ME can be mounted for read/write using file system types, msdos, umsdos, vfat with no additional kernel module installation required. (NTFS requires extra module) Example for MS/Windows 95:
/dev/hda1 /mnt/win95 vfat defaults 0 0
For more information see the man pages for: modprobe, dmesg, mount, umount, fstab, dump and fs.
Many external drives and USB thumb drives can be found to be preformatted with NTFS. This requires a NTFS userspace driver.
Use NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS driver for Linux developed by TuxeraRed Hat/Fedora/CentOS RPM based systems will require the following RPM packages:
- ntfsprogs-gnomevfs - NTFS GNOME virtual filesystem module
- ntfsprogs - NTFS filesystem libraries and utilities
- ntfs-3g - Linux NTFS userspace driver
- dkms - Dynamic Kernel Module Support Framework
[Potential Pitfall]: Without the proper driver you will get the following error:
Unable to mount Drive Error mounting: mount: unknown filesystem type 'ntfs'
Email, Calendar, Outlook and Microsoft Exchange: Use (1) MS/Outlook on Linux, (2) MS/OWA webmail or (3) Linux Outlook clone, Ximian
- Run MS/Outlook on Linux:
Run the Codeweavers Crossover commercial version of Wine and run Microsoft Outlook on Linux. See the YoLinux Tutorial on Installing Crossover and Outlook. - MS/Exchange OWA webmail:
Use your browser: http://webmail.megacorp.com (Company specific)
Note: Java JVM must be installed and browser JVM support must be configured as described above to enable full appointment calendar functionality. - Microsoft Exchange Access with Ximian Evolution email client and Ximian Connector: - Novell CONNECTOR REQUIRES EXCHANGE SERVER 2000! It does not work with MS/Exchange 5.5.
Install Instructions: http://www.novell.com/products/connector/
Red Hat Linux 8.0 comes with the Novell/Ximian/Evolution version 1.0 email client. The Novel MS/Exchange connector requires Evolution version 1.2.- Download Novell Red-Carpet, Novell/Ximian Evolution 1.2 and Novell/Ximian Connector:
- Red Carpet:
- Download: http://www.novell.com/products/desktop/update.html
- Install: rpm -ivh red-carpet-1.4.3-1.ximian.4.i386.rpm
- Download Ximian Evolution 1.2 and Ximian Connector:
- Run: /usr/bin/red-carpet
- Configure HTTP Proxy if required.
- You will be presented with packages to update. Select "Update Now".
- Choose "Unsubscribed Channels"
- Select "Ximian Connector" + "Subscribe" button (lower right)
+ "Install" icon (upper right) + select the "check" box.
This will install the connector and update Ximian Evolution (V1.2). - Select "OK" + "File" + "Exit".
- Install License:
- File: connector-key.txt
Place in directory: /home/user-dir/evolution/
- File: connector-key.txt
- Ximian Evolution Configuration:
- Start Ximian Evolution email client: (Select envelope icon on the Linux desktop tool bar.)
- Select "Tool" + "Setting"
- Select the "Mail Accounts" icon (left hand panel) + "Add" button on right.
- Exchange OWA server: webmail.megacorp.com
- Uses webdav protocol to a OWA (Outlook Web Access) server to support email, address book and calendar functions.
- Ximian connector requires MS/Exchange server 2000 or better.
- KDE KMail and appointment calendar:
Use KDE KMail and appointment calendar which interface with MS/Exchange 2000 using webdav interface. - OMC: Open Message and Collaboration - MS/Exchange 5.5+ connector and Brutus development MAPI to CORBA framework.
Lotus Notes:
On 07/10/2006, IBM announced Lotus Notes client for Linux.Installation: Notes 7.0.1 client on Red Hat Enterprise 4/CentOS 4
- IBM customers can download the licensed C93D1NA.zip from the IBM "Partnerworld program", "Passport Advantage" to a working directory. i.e. Lotus7.0.1
- Perform this step as root - create target install directory: mkdir /opt/IBM/Workplace Managed Client
chmod +w /opt/IBM/Workplace Managed Client - Uncompress: unzip C93D1NA.zip
Results in Personality.zip, readme.pdf, setuplinux.bin - Uncompress: unzip Personality.zip
- Set permissions: chmod +x setup_wct_platform.bin setuplinux.bin
- cp setuplinux.bin updateSite/features/com.ibm.workplace.notesinstall.linux.feature_7.0.1.0000-0900/bin/linux/
- Run install program: ./setup_wct_platform.bin
- Accept license and specify target directory: /opt/IBM/Workplace Managed Client (default)
- Select "Finish"
#!/bin/bash NOTESBIN=~/notes NOTESDATA=~/notes/data NOTESDIR=~/notes/data LD_LIBRARY_PATH=$NOTESBIN:$NOTESBIN/jvm/bin/classic:$NOTESBIN/jvm/bin:$LD_LIBRARY_PATH PATH=$NOTESBIN/jvm/bin:$NOTESBIN:$PATH CLASSPATH=./:$NOTESBIN/:$CLASSPATH export NOTESBIN NOTESDATA NOTESDIR LD_LIBRARY_PATH PATH CLASSPATH # Command to start Lotus Notes: /opt/IBM/Workplace\ Managed\ Client/rcp/richclient \ -personality com.ibm.workplace.noteswc.standalone.linux.personality
Lotus Sametime:
"Meanwhile" is an IBM/Lotus Sametime plugin which is available for the Linux IM client Gaim. Use the following RPM packages:- gaim
- gaim-meanwhile
Connect with the user id (LDAP format): CN=Joe R Blow/OU=US/O=MegaCorp and regular Sametime password.
Links:
The current and latest Linux printing system is the Common UNIX Printing System which supports the Internet Printing Protocol (IPP), MS/Windows printing via SAMBA (SMB), networked UNIX (lpd), networked Novell (NCP), HP JetDirect (App Socket), etc. This allows Linux to print directly to network or attached printers, independant of a Microsoft print server environment. the printer configuration GUI tools are sufficient and simple to use. Using CUPS is the preferred printer configuration but it should be known that Linux can be configured to work with Microsoft Windows print servers. CUPS has been available since RH 9.
Accessing The Local Microsoft Printer Network:
Configuring the printer and lpr command: (lprNG)
- As root run the CUPS GUI configuration tool command: /usr/bin/system-config-printer (RHEL 5/6 and Ubuntu 14.04) (older Red Hat systems: /usr/bin/redhat-config-printer)
- Select the "New" icon + "Next".
- Give it a Queue name. (Make up your own name.)
Select "Windows Printer".
Select "Forward". - Enter Ms/Windows info:
(This example is for a Windows network printer.)
Share: \\MS-SERVER-NAME\MS-Windows-Print-Share
Host IP: XXX.XXX.XXX.XXX
Workgroup: WORKGROUP-NAME
User: Your MS/Windows login name
Password: Your MS/Windows password - Select a driver: If it is not listed, pick the closest you can find. Typically there will be an emulation mode for ljet4 or some other popular mode.
- Select "Apply"
- Select "File" + "Save Changes".
- Select "File" + "Quit".
Find the "Host IP" address with the command:
- host MS-SERVER-NAME
or
- smbclient:
[prompt]$ smbclient //MS-SERVER-NAME/
added interface ip=your-ip-address bcast=XXX.XXX.XXX.255 nmask=255.255.255.0 Got a positive name query response from ip-address-of-MS-SERVER ( ip-address-of-MS-SERVER )
Password:
When multiple printers have been defined, use this gui to select the default. the command "lpr file-name" will use the default printer. Use the "-P queue-name" flag to specify a non-default printer.
When sending print jobs directly to an HP network printer (instead of through a MS/Windows print server), configure the queue to use TCP/IP port 9100.
The default Mozilla printer device specification: lpr ${MOZ_PRINTER_NAME:+'-P'}${MOZ_PRINTER_NAME} will print to the default unless modified.
Printing uses the following configuration files:
- /etc/printcap - lpr config file (Generated by GUI. You don't
need to understand it.)
or $HOME/.printcapjoeshp:\ :ml#0:\ :mx#0:\ :sd=/var/spool/lpd/joeshp:\ :af=/var/spool/lpd/joeshp/joeshp.acct:\ :sh:\ :lp=|/usr/share/printconf/util/smbprint:\ :lpd_bounce=true:\ :if=/usr/share/printconf/util/mf_wrapper:
- /etc/printcap.local
- /usr/share/printconf/util/smbprint - Red Hat 8.0/9.0 shell script
Linux Printer Man pages:
- lpr - print files
- lpstat - print cups status information
- lpq - show printer queue status
- lprm - cancel print jobs
- cancel - cancel existing print jobs
- lpadmin - configure cups printers and classes
- lpoptions - display or set printer options and defaults
- printers.conf - printer configuration file for cups
- cupsd - cups scheduler
- cupsd.conf - server configuration file for cups
- classes.conf - print class configuration file for cups
Links:
Create a script to print:
- Use smbclient shell:
smbclient //MS-PRINT-SERVER/printer-share -U MS-WINDOWS-DOMAIN/ms-windows-login-name
Use the command: smb: \> print file-name - Command line: smbclient //MS-PRINT-SERVER/printer-share windows-login-password -N -U ms-windows-login-name -W MS-WINDOWS-DOMAIN -c "print file-to-print.ps"
- Shell script to print a PostScript or printer ready file:
$HOME/bin/print
#!/bin/sh /usr/bin/smbclient //MS-PRINT-SERVER/printer-share windows-login-password \ -N \ -U ms-windows-login-name \ -W MS-WINDOWS-DOMAIN \ -c "print $1" echo "Printing file $1"
- Shell script to print a text file: $HOME/bin/printTXT
#!/bin/bash BASENAME=`/bin/basename $1` /usr/bin/enscript -o /tmp/$BASENAME.ps $1 /usr/bin/smbclient //MS-PRINT-SERVER/printer-share windows-login-password \ -N \ -U ms-windows-login-name \ -W MS-WINDOWS-DOMAIN \ -c "print /tmp/$BASENAME.ps" echo "Printing file $1"
Links:
To turn on telnet and ftp access, edit the files /etc/xinetd.d/telnet and /etc/xinetd.d/ftp and change the line:
disable = yesto:
disable = noRestart xinetd: service xinetd restart (or: /etc/init.d/xinetd restart)
Man pages:
Also see YoLinux tutorials on the following:- Xinetd services configuration
- ssh server configuration - ssh is preferred over telnet for a secure connection
- FTP server configuration
There are three basic ways to access your Linux system remotely:
- Text terminal with telnet or SSH
- Text terminal with telnet or SSH to launch individual X-Window applications displayed by the local X-server.
- Full Linux desktop access using XDMCP by MS/Windows PC running the local X-server.
Remote X-Windows access by a MS/Windows PC requires the installation of X-Windows server software:
Open Source MS/Windows PC X-Windows server software:
- Xming - [instructions] - X-Windows for MS/Windows - My preferred choice!
- Cygwin/X: Described below
Commercial MS/Windows PC X-Windows server software:
- OpenText: Exceed (was Hummingbird Exceed)
complementary XDK product is a VC++ library SDK for porting native X and Motif applications to MS/Windows. - Attachmate: Reflection X
- Starnet.com
- LabF.com
Grant Linux access to remote users. See xinetd configuration above.
Telnet and SHH text terminal client programs for MS/Windows:
- Putty
[Download putty.exe to your desktop]
Putty: SSH configuration. Select from LHS:- Session >> Port 22 and SSH
- Connection + SSH >> "Preferred SSH protocol version:" >> "2"
- Cygwin - MS/Windows text terminal shell with telnet and ssh client (and an entire Linux shell environment with applications).
For SSHd server configuration see the YoLinux.com Internet security SSH server configuration tutorial.
For more information on xinetd, see the YoLinux.com Networking and xinetd configuration tutorial.
[Potential Pitfall]: When trying to connect to the Linux system using Putty we got the following error with Red Hat Enterprise 6.1:
Could not chdir to home directory /home/user1: Permission denied /usr/bin/xauth: timeout in locking authority file /home/user1/.Xauthority
also check the Linux log file /var/log/secure error
Oct 3 15:57:44 sil-lab sshd[25965]: Accepted password for user1 from 192.168.1.64 port 53950 ssh2 Oct 3 15:57:44 sil-lab sshd[25965]: pam_unix(sshd:session): session opened for user user1 by (uid=0) Oct 3 15:58:04 sil-lab login: pam_securetty(login:auth): Error opening /etc/securetty: Permission deniedThe temporary fix was to turn off SELinux: setenforce 0 For more on SELinux see the YoLinux Systems Administrations tutorial: SELinux.
Steps:
- Launch X-Windows server: (Cygwin or XMing)
Cygwin:
Start X server on MS/Win32: C:\cygwin\lib\Singular\startxserver.bat
X-Windows applications will be launched individually from the text terminal console.
or
Start X-server from a Cygwin shell: xwin -multiwindow -unixkill -multimonitors
where:- -multiwindow: specifies the use of the MS/Windows window manager
- -multimonitors: implied use of both monitors on dual headed displays
- -unixkill: Ctrl+Alt+Backspace exits the server
If your application requires the Motif Window Manager (mwm): xwin -rootless -unixkill -multimonitors
Then start the Cygwin Motif Window Manager: /usr/bin/mwm &
Then start your application.Note that the default Cygwin terminal window is not very X aware. The Cygwin rxvt terminal is superior and will set your X DISPLAY environment variables.
Xming - [instructions] - X-Windows for MS/Windows
Note that "Xming-mesa" has Open-GL 3D support while basic "Xming" has 2D X-windows support only. You don't need both.
Configure: Programs + Xming + XLaunch
- Select "Multiple windows" + next
- Select "Start no client" + next
- Select "No Access Control" (this allows remote Linux system to write to your local Xming X-server) + next
Set remote access control to your local X-server:
Note that the default setting blocks remote access to your local X-server.
- Configure terminal and shell DISPLAY variable:
- Putty: SSH configuration
Select from LHS:- Session >> Port 22 and SSH
- Connection + SSH >> "Preferred SSH protocol version:" >> "2"
- Connection + SSH >> "Enable X11 forwarding"
- Configure your environment to support display to remote X-server.
Create script: /opt/bin/setip#!/bin/bash clientip=`echo $SSH_CLIENT | cut -d' ' -f1 | sed -e 's,::ffff:,,'` # Test for servers with hostname prefix server and gateway address if [[ ! ($clientip =~ "^server|^192.168.0.1") ]]; then export DISPLAY=$clientip:0.0 echo DISPLAY set to SSH Client $DISPLAY else echo Server to Server SSH Detected. Keeping DISPLAY set to $DISPLAY fi
- Do NOT add this to your ~/.bashrc as it will prevent XDMCP access as well as Linux console access.
- Before switching to a root account ("sudo su -" or "su -") allow the existing display to accept X protocol: xhost +
A regular ssh connected user will often use display :10.0 while root will use :0.0
- Putty: SSH configuration
Granting X-Window access to your PC using Xming (or Cygwin, ReflectionX, HummingBird Exceed):
To allow a full Linux login screen (GDM or XDM) and Linux desktop access to another Linux system or to a MS/Windows system requires allowing remote GDM (or XDM) and XDMCP X-Windows access. First configure the Linux system to allow remote access, then use X-Windows software to remotely access the system from MS/Windows (or another Linux system).
Step 1:
Allow remote XDMCP access- See the YoLinux GDM and XDMCP tutorial on configuring Linux to allow remote access.
or
You can use the config tool /usr/sbin/gdmsetup to configure GDM (Gnome login screen) and XDMCP (X-Windows remote full screen access). - You can test the GDM login screen locally: X -query localhost :1
Step 2:
Use X-Window software which runs on MS/WindowsUsing XMing on your PC to connect to full Linux GUI desktop with XDMCP:
Xming - [instructions] - X-Windows for MS/Windows
Note that Xming-mesa has Open-GL 3D support while basic Xming has 2D X-windows support only. You don't need both.
Configure Xming: Programs + Xming + XLaunch
- Select "Full screen" + next
- Select "Open session via XDMCP" + Next
- Select "Connect to host" and enter IP address (or node name) of Linux system + next
- next
- Finish
Click (left mouse button) on the toolbar "X" icon to restore the session.
Click (right mouse button) on the toolbar "X" icon to terminate the session.
Using Cygwin on your PC to connect to full Linux GUI desktop with XDMCP:
- Download XFree86 for MS/Windows and install. Be sure to select the "loop" graphic to change from "Default" to "Install" to install all packages. The default is to exclude the X-window server. Packages to install may be selected individually.
- Start Cygwin: Windows 2000 menu: "Start" + "Programs" + "Cygwin" + "Cygwin Bash Shell"
- Start MS/Windows X-Server for XDMCP connection: (/usr/X11R6/bin/xwin)
- xwin -query Ip-address-of-Unix-computer
Used to display Linux desktop on MS/Windows PC. - xwin -multiplemonitors -scrollbars -indirect Ip-address-of-Unix-computer
Used to display Linux desktop on MS/Windows with multiple monitors. - xwin -ac -multiwindow Ip-address-of-Unix-computer
Starts X server but does not generate a desktop window. Each Linux application will create its' own window. In a shell set your display environment to the IP address of your PC and individual applications will be displayed to your MS/Windows desktop.
In cygwin remote ssh or telnet shell: export DISPLAY=ip-of-local-pc:0.0
The local IP address can be obtained on MS/Windows through the DOS command: IPCONFIG
- xwin -query Ip-address-of-Unix-computer
- [Potential Pitfall]: If your Cygwin bash shell command line prompt is "i have no name" then it is because your uid in the file /etc/passwd is too large. It must be less than the 16 bit limit of 65536. The uid is the third field demarked by the colon (":"). Change the uid to an integer value less than 65536. This will also fix X/Server problems which arise when trying to connect to other computers using X.
One may graphically connect to a Microsoft Windows Terminal NT Server, server 2000 or a Microsoft Windows XP system (Professional and Home edition) with a Microsoft Windows Terminal RDP (Remote Desktop Protocol) client for Linux known as "rdesktop". Use version 1.2 or later (which comes with Red Hat 9.0 or later). Version 1.1 which ships with Red Hat Linux 8.0 is buggy.
Note that Microsoft Windows XP uses RDP 5.2 (an extension to the ITU-T T.128 application sharing protocol) using 24 bit color and supports sound. The older RDP 4.0 only supported 8 bit color and did not support sound.
If there is an active rdesktop session, MS/Windows XP will not allow one to login at the console. You will get an error message which states that the system is locked. Only one active MS/Windows desktop is allowed. MS/Windows terminal server is required for more than one simultaneous user login.
Configure MS/Windows to allow a remote RDP connection:
- MS/Windows 7 configuration to allow remote RDP connections:
- Click Windows start icon and select "Computer":
- Select the "Remote settings" option:
- Select the "Remote" tab
In the "Remote Desktop" section, check "Allow conections ..."
- MS/Windows XP configuration to allow remote RDP connections:
- Right click "My Computer" desktop icon.
- Select "Properties".
- Select "Remote" tab
Check "Remote Desktop": "Allow users to connect remotely to this computer".
OK
Using the Linux RDP rdesktop client:
- Red Hat/CentOS/Fedora: Install RPM: rpm -ivh rdesktop-X.X.X-X.i386.rpm
Note: Red Hat 8.0 (old) or other distributions of Linux which do not offer a binary package: Download source, untar, configure, make, make install. - Launch Linux desktop client:
rdesktop -u windows-user-id -p windows-password -g 1200x950 ms-windows-terminal-server-host-name
orrdesktop -u windows-user-id -g 1240x992 ms-windows-terminal-server-host-name
option Description -a Color depth: 8, 16, 24 -r Device redirection. i.e. Redirect sound on remote machine to local device.
i.e. -0 -r sound (MS/Windows 2003)-g Geometry: widthxheight or 70% screen percentage. -p Use -p - to receive password prompt. -d Use -d - to specify a domain. No space is allowed between the "-d" and the domain name (V1.3.1). - I can also connect to my dual monitor MS/Windows system from my dual monitor Linux system and display the full two monitors. I use the following geometry directive: -g 2540x992
- To toggle rdesktop between full screen and the displayed window size, use the following keystroke: ctrl-alt-enter
Links:
- http://www.rdesktop.org/ - rDesktop Home Page
- Apache Guacamole - web browser based VNC, RDP, and SSH
- Remmina: Terminal Services Client - remote desktop client written in GTK+ (RDP, VNC, SPICE, NX, XDMCP)
Citrix Winframe ICA Client for Linux:
(ICA: Independent Computing Architecture)
- Download: https://www.citrix.com/downloads/citrix-receiver/linux/receiver-for-linux-latest.html
(Citrix ICA is now Citrix Receiver)- Select "RPM Packages", "Debian Packages" or "Tarball Packages"
- Select: "Download File"
- As root Install: [root]# rpm -ivh ICAClient-8.0-1.i386.rpm
- Run/Configure (as user) ICA Client Manager: /usr/lib/ICAClient/wfcmgr
Note: This tool allows full capabilities to configure and run the ICA Citrix winframe client.
- Select "Options" + "Settings..." [screenshot]
- Select from pull-down menu: "Server Locations"
- Network Protocol: TCP/IP
- Server Group: Primary
- Address List: (Auto-Locate)
- Select "Entry" + "New..."
- Select (default option showing: Network) radio button "Published Application"
- Select button to the right "...".
- Select "Citrix-App"
- Select "Options" + "Settings..." [screenshot]
- Test Application:
- Select the "Lightning Bolt" icon to connect.
- This will bring up the Microsoft NT server login dialog box.
- User name: NT-Login-Name
- Password: NT-Password
- Domain: MS-WINDOWS-DOMAIN
- As a Linux user, run Citrix ICA Client only: First Citrix Application
This will bring up the specified ICA application where the "description" is defined in $HOME/.ICAClient/appsrv.ini section heading. i.e. "Citrix-App"
You can also create a desktop launcher icon: right click on a free area of the desktop and select "New Launcher". Use icon /usr/lib/ICAClient/icons/citrix48.xpm
Application Command: /usr/lib/ICAClient/wfica -desc "Citrix-App" -username NT-Login-Name -password NT-Password -domain MS-WINDOWS-DOMAIN - ICA Client: Second, Third,... Citrix Application
- Configure:
- Start ICA manager: /usr/lib/ICAClient/wfcmgr
- Select "New" Icon (or "Entry" + "New")
- Network:
- Network Protocol: TCP/IP
- Server Location: MS-NT-CITRIX-SERVER
- Select "Server" radio button
- Description: Application/Server Description
- Server: MS-NT-CITRIX-SERVER
- Login:
- Username: ms-windows-login-name
- Domain: MS-WINDOWS-DOMAIN
- Password:
- Select "Apply"
- Network:
- Run Application:
- Launch command:
# /usr/lib/ICAClient/wfica -desc "Application/Server Description" -username ms-windows-login-name -password your-password-goes-here -domain MS-WINDOWS-DOMAIN
Other password options:- Option "-clearpassword" may need to be used instead.
- The password may also be held in the Citrix configuration. Set the configuration with /usr/lib/ICAClient/wfcmgr and select "Connection" + "Properties" + "login" to store the password.
- Use icon /usr/lib/ICAClient/icons/citrix48.xpm
- Launch command:
- Configure:
- FYI:
- Help: wfica -h
- If running programs where you have to share files with the Citrix Metaframe server, use SAMBA to export a MS/Windows NT share.
- ICA client product number for Linux client: 81/7
- Config files:
- $HOME/.ICAClient/*.ini
- /usr/lib/ICAClient/config/*.ini (not used)
- /usr/lib/ICAClient/.config/*.ini (not used)
- Launching from a browser: (Using ICA Citrix plug-in)
- Mime type: application/x-ica
- Application: /usr/lib/ICAClient/wfica -file %s
- File: .mailcap: application/x-ica; /usr/lib/ICAClient/wfica -file %s; x-mozilla-flags=plugin:Citrix ICA
- Graphics capture utility: /usr/lib/ICAClient/util/xcapture
Select window (middle mouse button), select region (corner to corner drag with left mouse button) or cancel (right mouse button).
- Uninstall: (rpm -e) Manually delete cache: /usr/lib/ICAClient/cache/
Send a WinPopup Message:
MS/Windows can send a message to another MS/Windows PC which will pop-up (using "WinPopup" protocol) and appear in a dialog box. This is used by admins for notification purposes. The DOS command is:NET SEND NetBIOS-computer-name "Message to send to user"
Linux can send the same message to a MS/Windows PC using the command:
[prompt]$ smbclient -M NetBIOS-computer-name Message to send to user ctrl-d
Notes:
- Message limit is 1600 bytes.
- Alternate method: cat mymessage.txt | smbclient -M NetBIOS-computer-name
Receive a WinPopup Message:
To handle incoming " WinPopup" messages on Linux, set the "message command" parameter in the smb.conf.
message command = csh -c 'xedit %s;rm %s' &This will use the application "xedit" to display the message. The message is then removed.
- %s : The filename containing the message.
- %t : Message destination (computer or server to which it was sent.)
- %f : Message sender.
Notes:
- Using mail to relay the incoming message. Linux smb.conf:
message command = /bin/mail -s 'message from %f on %m' root < %s; rm %s
- To handle incoming " WinPopup" messages on MS/Windows, copy WinPopup into the startup group on your WfWg PC.
- /etc/samba/lmhosts - NETBIOS name resolution
Also see LinPopUp available from LittleIgloo.org.
The following approaches are available:
- Use a software package such as Likewise Open which allows the Linux system to connect to the MS/Active Directory in Microsoft native protocols.
- Use "Microsoft's Unix services for Windows" to enhance AD to include Linux and Unix support. This will support NIS or LDAP protocols. LDAP can be used with
or without Kerberos. Thus we have the following three options:
- Standard NIS authentication
- Standard LDAP authentication (with or without SSL)
- Kerberos authentication with LDAP
The following shows a basic LDAP only configuration.
This requires that the Microsoft Active Directory server have
its schema enhanced to support Unix/Linux systems, specifically the uid
and gid which are numerical representations of the user and group id.
This requires installing Microsoft's Unix services for Windows server 2003 (and earlier) or for server 2008, Microsoft's "Cross platform authentication utilites":
Unix services for Windows Info and download
On the Linux system it requires adding the following /etc/ldap.conf file which defines the translation between native Linux LDAP attribute names and those used by Microsoft Active Directory:
host XXX.XXX.XXX.XXX XXX.XXX.XXX.XXXNote:
base dc=megacorp,dc=com binddn cn=SysAdmin,dc=megacorp,dc=com bindpw bindPassword scope sub ssl no nss_base_passwd ou=accounts,dc=megacorp,dc=com nss_base_shadow ou=accounts,dc=megacorp,dc=com nss_base_group ou=accounts,dc=megacorp,dc=com nss_map_objectclass posixAccount user nss_map_objectclass shadowAccount user nss_map_objectclass posixGroup Group nss_map_attribute uid sAMAccountName nss_map_attribute uidNumber msSFU30UidNumber nss_map_attribute gidNumber msSFU30GidNumber nss_map_attribute loginShell msSFU30LoginShell nss_map_attribute gecos name nss_map_attribute userPassword msSFU30Password nss_map_attribute homeDirectory msSFU30HomeDirectory nss_map_attribute uniqueMember msSFU30PosixMember nss_map_attribute cn cn nss_login_attribute sAMAccountName pam_member_attribute msSFU30PosixMember
- The "host" statement lists the primary and failover AD servers.
See the YoLinux LDAP authentication tutorial
Edit /etc/nsswitch.conf so that Linux will authenticate to the Active Directory server using LDAP.
.. ... passwd files ldap shadow files ldap group files ldap ... ..
This is the simplest authentication configuration. The prefered configuration will include Kerberos and SSL. (not covered here - yet) Microsoft's Unix services for Windows also supports the use of Active directory as an NIS server although the LDAP configuration is more current and when used with SSL and Kerberos, it is also more secure.
- YoLinux.com Tutorials:
- Using VNC to export an MS/Windows desktop to display on the Linux Desktop
- YoLinux: Authenticating MS/Windows logins with a Linux OpenLDAP server
- YoLinux: Using DOS floppies with Linux
- YoLinux: Comparison of Microsoft DOS shell commands and Linux/Unix shell commands
- YoLinux: Linux Office Suites - List and comparison of Office Suites for Linux.
- YoLinux: Running Microsoft DOS and Windows Executables
- YoLinux: Linux for the IBM Mainframe user
- RDesktop.org - MSTSC (Microsoft Terminal Services Client) (Default port 3389)
- NETBIOS Name resolution:
"Linux in a Windows World"
by Roderick W. Smith ISBN #0596007582, Oreilly
|
|