===== Install needed =====
sudo apt-get install libpam-ldap libnss-ldap portmap openssh-server sendmail nfs-common
===== LDAP =====
Edit files for LDAP (128.178.70.40 / lthcserv1.epfl.ch - dc=lost - bind_policy soft)
/etc/libnss-ldap.conf
/etc/nss-ldap.conf
/etc/pam_ldap.conf
===== PAM & NSS =====
Edit files for pam & nss see [[http://doc.ubuntu-fr.org/applications/ldapclient]]
/etc/nsswitch.conf
/etc/pam.d/common-account
/etc/pam.d/common-auth
/etc/pam.d/common-password
/etc/pam.d/common-session
===== NFS =====
Edit files for NFS (///etc/fstab//) and add
lthcserv4.epfl.ch:/vol/vol0/home///username// /home///username// nfs rw,nfsvers=3,rsize=8192,wsize=8192,timeo=14,intr,addr=128.178.70.90 0 0
lthcserv1.epfl.ch:/export/opt /opt/new nfs rw,rsize=8192,wsize=8192 0 0
lthcserv1.epfl.ch:/export/texmf /opt/texmf nfs ro,rsize=8192,wsize=8192 0 0
lthcserv1.epfl.ch:/export/asis/usr.local /opt/ul nfs rw,rsize=8192,wsize=8192 0 0
lthcserv1.epfl.ch:/export/asis/asis.local /opt/al nfs rw,rsize=8192,wsize=8192 0 0
And exec :
sudo mkdir /home///username//
sudo mkdir /opt
sudo mkdir /opt/new
sudo mkdir /opt/texmf
sudo mkdir /opt/ul
sudo mkdir /opt/al
in "~/.bashrc" add "/opt/new/bin" to the "PATH".
===== Mail config ====
(///etc/main/sendmail.cf//) the line start with D replace by**
Dlthmail.epfl.ch
===== Cups =====
Edit files for cups activate browsing
/etc/cups/cupsd.conf
add
Browsing On
===== give admin access =====
sudo addgroupe //user// admin
sudo addgroupe damir admin
===== Fun Install =====
sudo apt-get install yakuake katapult
===== Add to /etc/hosts =====
192.168.1.3 students
192.168.1.11 radio1
192.168.1.12 radio2
192.168.1.13 radio3
192.168.1.2 fileserver
===== Route for labs =====
sudo route add -net 192.168.1.0 netmask 255.255.255.0 gw lcmpc10.epfl.ch
===== Log =====
change the /etc/logrotate.conf to monthly cadence and maintain the last 12
months records for every log file.
you can remove the bluetooth subsystem, you don't need it, and it's
unuseful also the check on the frequency, the fans are not controlled by
the chipset.
you can stop the hp daemons they are used only to discover/use the HP
printers directly, our printers accept to print only from the printers
servers
===== SSH =====
edit file ///etc/ssh/sshd_config//
change //PermitRootLogin yes// by
PermitRootLogin no
change //X11Forwarding no// by
X11Forwarding yes