Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
os4e_-_2014_-_fortgeschrittene [2014/07/08 15:45] admin |
os4e_-_2014_-_fortgeschrittene [2014/07/09 11:37] admin [Mittwoch - Vormittag] |
||
---|---|---|---|
Zeile 88: | Zeile 88: | ||
cscript "\Program Files\Microsoft Office\Office14\ospp.vbs" /sethst:kms.voyager.or.at | cscript "\Program Files\Microsoft Office\Office14\ospp.vbs" /sethst:kms.voyager.or.at | ||
cscript "\Program Files\Microsoft Office\Office14\ospp.vbs" /act | cscript "\Program Files\Microsoft Office\Office14\ospp.vbs" /act | ||
- | |||
*Datenrettung | *Datenrettung | ||
+ | * Folien: Stefan | ||
*Virtuelle Festplatte einbinden | *Virtuelle Festplatte einbinden | ||
+ | |||
apt-get install virtualbox-fuse | apt-get install virtualbox-fuse | ||
vdfuse -f /pfad/zum/image.vdi /mountpoint | vdfuse -f /pfad/zum/image.vdi /mountpoint | ||
Zeile 99: | Zeile 100: | ||
umount /mountpoint2 | umount /mountpoint2 | ||
umount /mountpoint | umount /mountpoint | ||
+ | |||
===== Dienstag - Nachmittag ===== | ===== Dienstag - Nachmittag ===== | ||
Zeile 141: | Zeile 143: | ||
*Benutzerprofile | *Benutzerprofile | ||
- | *Datensicherung | + | * Unter Windows: Als Benutzer "profil_schueler" anmelden, um das Profil aller Schüler zu verändern. Als Benutzer "profil_lehrer" anmelden, um das Profil aller Lehrer zu verändern usw. |
- | * rsync | + | * Profil wird am Server gespeichert! |
- | * rsnapshot | + | * Unter Linux: Pro Client als Benutzer "profil" anmelden. Das Profil ist für sämtliche Benutzer gültig. |
- | + | ||
- | *Druckquota | + | |
- | *pykota | + | |
- | + | ||
- | *Netzwerke | + | |
- | *WLAN (Radius Server) | + | |
- | *Cloud/ownCloud | + | |
- | *Zarafa | + | |
- | + | ||
- | zypper in htop rsync mc nmap | + | |
- | + | ||
- | === Zarafa Grundinstallation === | + | |
- | + | ||
- | https://portal.zarafa.com/download-release | + | |
- | + | ||
- | zypper in mysql apache2 libxml2 php5 apache2-mod_php5 php5-gettext php5-zlib php5-mysql xpdf-tools sysstat | + | |
- | + | ||
- | === Postfix === | + | |
- | + | ||
- | <file ini /etc/services> | + | |
- | ... | + | |
- | smtps 465/tcp # Secure SMTP | + | |
- | smtps 465/udp # Secure SMTP | + | |
- | ... | + | |
- | </file> | + | |
- | + | ||
- | <file ini /etc/postfix/main.cf> | + | |
- | unknown_local_recipient_reject_code = 550 | + | |
- | local_recipient_maps = | + | |
- | + | ||
- | mydestination = /etc/postfix/virtual/domains | + | |
- | virtual_alias_maps = hash:/etc/postfix/virtual/addresses | + | |
- | virtual_transport = lmtp:127.0.0.1:2003 | + | |
- | + | ||
- | setgid_group = maildrop | + | |
- | queue_directory = /var/spool/postfix | + | |
- | command_directory = /usr/sbin | + | |
- | daemon_directory = /usr/lib/postfix | + | |
- | data_directory = /var/lib/postfix | + | |
- | mail_owner = postfix | + | |
- | mydomain = mail.bgweiz.at | + | |
- | myhostname = $mydomain | + | |
- | mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 | + | |
- | myorigin = mail.bgweiz.at | + | |
- | alias_maps = hash:/etc/aliases | + | |
- | alias_database = hash:/etc/aliases | + | |
- | relayhost = | + | |
- | relay_domains = $mydestination | + | |
- | mailbox_size_limit = 0 | + | |
- | recipient_delimiter = + | + | |
- | inet_interfaces = all | + | |
- | inet_protocols = ipv4 | + | |
- | + | ||
- | mailbox_command = /usr/bin/zarafa-dagent "$USER" | + | |
- | mailbox_transport = zarafa: | + | |
- | zarafa_destination_recipient_limit = 1 | + | |
- | + | ||
- | ## | + | |
- | smtpd_sasl_authenticated_header = yes | + | |
- | header_checks = regexp:/etc/postfix/header_checks | + | |
- | smtpd_sasl_local_domain = | + | |
- | smtpd_sasl_auth_enable = yes | + | |
- | smtpd_sasl_security_options = noanonymous | + | |
- | broken_sasl_auth_clients = yes | + | |
- | smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination | + | |
- | smtpd_tls_auth_only = no | + | |
- | smtp_tls_note_starttls_offer = yes | + | |
- | smtp_tls_security_level = may | + | |
- | smtpd_tls_security_level = may | + | |
- | smtpd_tls_cert_file = /etc/zarafa/ssl/server.crt | + | |
- | smtpd_tls_key_file = /etc/zarafa/ssl/server.key | + | |
- | smtp_tls_CApath = /etc/ssl/certs | + | |
- | smtpd_tls_loglevel = 1 | + | |
- | smtpd_tls_received_header = yes | + | |
- | </file> | + | |
- | + | ||
- | <file ini /etc/postfix/master.cf> | + | |
- | # | + | |
- | # Postfix master process configuration file. For details on the format | + | |
- | # of the file, see the Postfix master(5) manual page. | + | |
- | # | + | |
- | # ========================================================================== | + | |
- | # service type private unpriv chroot wakeup maxproc command + args | + | |
- | # (yes) (yes) (yes) (never) (100) | + | |
- | # ========================================================================== | + | |
- | smtp inet n - n - - smtpd | + | |
- | #submission inet n - n - - smtpd | + | |
- | # -o smtpd_etrn_restrictions=reject | + | |
- | # -o smtpd_client_restrictions=permit_sasl_authenticated,reject | + | |
- | smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes | + | |
- | -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes | + | |
- | #submission inet n - n - - smtpd | + | |
- | # -o smtpd_etrn_restrictions=reject | + | |
- | # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes | + | |
- | #628 inet n - n - - qmqpd | + | |
- | pickup fifo n - n 60 1 pickup | + | |
- | cleanup unix n - n - 0 cleanup | + | |
- | qmgr fifo n - n 300 1 qmgr | + | |
- | #qmgr fifo n - n 300 1 oqmgr | + | |
- | tlsmgr unix - - n 1000? 1 tlsmgr | + | |
- | rewrite unix - - n - - trivial-rewrite | + | |
- | bounce unix - - n - 0 bounce | + | |
- | defer unix - - n - 0 bounce | + | |
- | trace unix - - n - 0 bounce | + | |
- | verify unix - - n - 1 verify | + | |
- | flush unix n - n 1000? 0 flush | + | |
- | proxymap unix - - n - - proxymap | + | |
- | smtp unix - - n - - smtp | + | |
- | # When relaying mail as backup MX, disable fallback_relay to avoid MX loops | + | |
- | relay unix - - n - - smtp | + | |
- | -o fallback_relay= | + | |
- | # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 | + | |
- | showq unix n - n - - showq | + | |
- | error unix - - n - - error | + | |
- | discard unix - - n - - discard | + | |
- | local unix - n n - - local | + | |
- | virtual unix - n n - - virtual | + | |
- | lmtp unix - - n - - lmtp | + | |
- | anvil unix - - n - 1 anvil | + | |
- | #localhost:10025 inet n - n - - smtpd -o content_filter= | + | |
- | scache unix - - n - 1 scache | + | |
- | # | + | |
- | # ==================================================================== | + | |
- | # Interfaces to non-Postfix software. Be sure to examine the manual | + | |
- | # pages of the non-Postfix software to find out what options it wants. | + | |
- | # | + | |
- | # Many of the following services use the Postfix pipe(8) delivery | + | |
- | # agent. See the pipe(8) man page for information about ${recipient} | + | |
- | # and other message envelope options. | + | |
- | # ==================================================================== | + | |
- | # | + | |
- | # maildrop. See the Postfix MAILDROP_README file for details. | + | |
- | # Also specify in main.cf: maildrop_destination_recipient_limit=1 | + | |
- | # | + | |
- | maildrop unix - n n - - pipe | + | |
- | flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} | + | |
- | cyrus unix - n n - - pipe | + | |
- | user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} | + | |
- | uucp unix - n n - - pipe | + | |
- | flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) | + | |
- | ifmail unix - n n - - pipe | + | |
- | flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) | + | |
- | bsmtp unix - n n - - pipe | + | |
- | flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient | + | |
- | procmail unix - n n - - pipe | + | |
- | flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient} | + | |
- | retry unix - - n - - error | + | |
- | proxywrite unix - - n - 1 proxymap | + | |
- | + | ||
- | # Zarafa | + | |
- | #zarafa unix - n n - 10 pipe | + | |
- | # flags=DRhu user=vmail argv=/usr/bin/zarafa-dagent -R ${recipient} | + | |
- | #zarafa unix - n n - - pipe | + | |
- | # flags= user=mail argv=/usr/bin/procmail -a ${user} | + | |
- | zarafa unix - n n - 10 pipe | + | |
- | flags= user=mail argv=/usr/bin/zarafa-dagent ${user} | + | |
- | </file> | + | |
- | + | ||
- | <file ini /etc/postfix/virtual/domains> | + | |
- | bgweiz.at | + | |
- | mail.bgweiz.at | + | |
- | d4e.at | + | |
- | mail.d4e.at | + | |
- | </file> | + | |
- | + | ||
- | <file ini /etc/postfix/virtual/addresses> | + | |
- | #bgweiz.at DOMAIN | + | |
- | direktion@bgweiz.at direktion | + | |
- | matthias.praunegger@bgweiz.at matthias | + | |
- | + | ||
- | #d4e.at DOMAIN | + | |
- | info@d4e.at info | + | |
- | + | ||
- | </file> | + | |
- | + | ||
- | postmap /etc/postfix/virtual/addresses | + | |
- | + | ||
- | /etc/init.d/postfix restart | + | |
- | + | ||
- | === Zarafa-Konfiguration === | + | |
- | + | ||
- | <file ini /etc/sysconfig/zarafa> | + | |
- | ZARAFA_LOCALE="de_DE.UTF-8" | + | |
- | ZARAFA_USERSCRIPT_LOCALE="de_DE.UTF-8" | + | |
- | </file> | + | |
- | + | ||
- | <file ini /etc/zarafa/server.cfg> | + | |
- | ... | + | |
- | local_admin_users = root mail | + | |
- | mysql_password = mysqlpasswort | + | |
- | server_ssl_enabled = yes | + | |
- | server_ssl_key_pass = sslpasswort | + | |
- | server_ssl_ca_file = /etc/zarafa/ssl/ca.pem | + | |
- | user_plugin_config = | + | |
- | #/etc/zarafa/ldap.cfg | + | |
- | disabled_features = pop3 | + | |
- | ... | + | |
- | </file> | + | |
- | + | ||
- | mkdir /etc/zarafa/ssl | + | |
- | cd /etc/zarafa/ssl | + | |
- | wget http://www.startssl.com/certs/ca.pem | + | |
- | wget http://www.startssl.com/certs/sub.class1.server.ca.pem | + | |
- | cat server.crt server.key > server.pem | + | |
- | + | ||
- | mkdir /etc/apache2/ssl | + | |
- | cd /etc/apache2/ssl | + | |
- | wget http://www.startssl.com/certs/ca.pem | + | |
- | wget http://www.startssl.com/certs/sub.class1.server.ca.pem | + | |
- | + | ||
- | <file ini /etc/zarafa/gateway.cfg> | + | |
- | ... | + | |
- | pop3_enable = no | + | |
- | imaps_enable = yes | + | |
- | ssl_private_key_file = /etc/zarafa/ssl/server.key | + | |
- | ssl_certificate_file = /etc/zarafa/ssl/server.crt | + | |
- | ... | + | |
- | </file> | + | |
- | + | ||
- | + | ||
- | <file ini /etc/sysconfig/apache2> | + | |
- | ... | + | |
- | APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_default authz_user authn_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir php5 proxy headers rewrite" | + | |
- | ... | + | |
- | </file> | + | |
- | + | ||
- | <file ini /etc/apache2/listen.conf> | + | |
- | Listen 443 | + | |
- | Listen 80 | + | |
- | + | ||
- | NameVirtualHost *:443 | + | |
- | </file> | + | |
- | + | ||
- | <file ini /etc/apache2/vhosts.d/zarafa.conf> | + | |
- | <VirtualHost *:443> | + | |
- | DocumentRoot "/srv/www/htdocs" | + | |
- | ServerName mail.bgweiz.at:443 | + | |
- | ServerAdmin webmaster@bgweiz.at | + | |
- | ErrorLog /var/log/apache2/bgweiz.at-ssl-error_log | + | |
- | TransferLog /var/log/apache2/bgweiz.at-ssl-access_log | + | |
- | + | ||
- | SSLEngine on | + | |
- | SSLProtocol all -SSLv2 | + | |
- | SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM | + | |
- | + | ||
- | SSLCertificateFile /etc/apache2/ssl/server.crt | + | |
- | SSLCertificateKeyFile /etc/apache2/ssl/server.key | + | |
- | SSLCertificateChainFile /etc/apache2/ssl/sub.class1.server.ca.pem | + | |
- | SSLCACertificateFile /etc/apache2/ssl/ca.pem | + | |
- | SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown | + | |
- | CustomLog /var/log/apache2/bgweiz.at-ssl-custom_log \ | + | |
- | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | + | |
- | + | ||
- | RewriteEngine On | + | |
- | RewriteCond %{SERVER_PORT} 80 | + | |
- | RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L] | + | |
- | </VirtualHost> | + | |
- | </file> | + | |
- | + | ||
- | <file ini /etc/apache2/conf.d/zarafa-webaccess.conf> | + | |
- | Alias /webaccess /usr/share/zarafa-webaccess | + | |
- | + | ||
- | RewriteEngine On | + | |
- | RewriteCond %{SERVER_PORT} 80 | + | |
- | RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L] | + | |
- | + | ||
- | <Directory /usr/share/zarafa-webaccess/> | + | |
- | DirectoryIndex index.php | + | |
- | Options -Indexes +FollowSymLinks | + | |
- | AllowOverride Options | + | |
- | + | ||
- | Order allow,deny | + | |
- | Allow from all | + | |
- | </Directory> | + | |
- | </file> | + | |
- | + | ||
- | <file ini /etc/apache2/conf.d/z-push.conf> | + | |
- | Alias /Microsoft-Server-ActiveSync /usr/share/z-push/index.php | + | |
- | + | ||
- | RewriteEngine On | + | |
- | RewriteCond %{SERVER_PORT} 80 | + | |
- | RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L] | + | |
- | + | ||
- | <Directory /usr/share/z-push/> | + | |
- | DirectoryIndex index.php | + | |
- | Options -Indexes +FollowSymLinks | + | |
- | AllowOverride Options | + | |
- | + | ||
- | Order allow,deny | + | |
- | Allow from all | + | |
- | </Directory> | + | |
- | </file> | + | |
- | + | ||
- | cd /raid/zarafa | + | |
- | wget http://zarafa-deutschland.de/z-push-download/final/2.0/z-push-2.0.5-1541.tar.gz | + | |
- | tar xvfz z-push-2.0.5-1541.tar.gz | + | |
- | cp -av z-push-2.0.5-1541 /usr/share/z-push | + | |
- | chown -R wwwrun:www /usr/share/z-push/ | + | |
- | + | ||
- | <file ini /usr/share/z-push/.htaccess> | + | |
- | php_flag magic_quotes_gpc off | + | |
- | php_flag register_globals off | + | |
- | php_flag magic_quotes_runtime off | + | |
- | php_flag short_open_tag on | + | |
- | </file> | + | |
- | + | ||
- | <file php /usr/share/z-push/config.php> | + | |
- | ... | + | |
- | define('TIMEZONE', 'Europe/Vienna'); | + | |
- | ... | + | |
- | </file> | + | |
- | + | ||
- | <file ini /srv/www/htdocs/.htaccess> | + | |
- | RewriteEngine On | + | |
- | RewriteCond %{SERVER_PORT} 80 | + | |
- | RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L] | + | |
- | </file> | + | |
- | + | ||
- | <file php /srv/www/htdocs/index.php> | + | |
- | <?php | + | |
- | header("Location: /webaccess"); | + | |
- | ?> | + | |
- | </file> | + | |
- | + | ||
- | mkdir /var/log/z-push/ | + | |
- | chown -R wwwrun:www /var/log/z-push/ | + | |
- | mkdir /var/lib/z-push/ | ||
- | chmod 777 /var/lib/z-push/ | ||
- | |||
- | /etc/init.d/apache2 restart | ||
- | /etc/init.d/zarafa-gateway restart | ||
- | /etc/init.d/zarafa-server restart | ||
- | |||
===== Dienstag - Abendprogramm ===== | ===== Dienstag - Abendprogramm ===== | ||
Zeile 490: | Zeile 159: | ||
===== Mittwoch - Vormittag ===== | ===== Mittwoch - Vormittag ===== | ||
+ | |||
+ | *PXE-Server | ||
+ | *Datensicherung | ||
+ | * rsync | ||
+ | * rsnapshot | ||
+ | * Windows Sicherung | ||
+ | |||
+ | *Druckquota | ||
+ | *pykota | ||
+ | |||
+ | *Netzwerke | ||
+ | *WLAN (Radius Server) am s4e | ||
+ | * /etc/raddb/clients.conf | ||
+ | * Pro Subnetz ein Kennwort setzen | ||
+ | * /etc/raddb/modules/ldap | ||
+ | * Am AccessPoint: WPA-Enterprise, Server=s4e Port=1812, Kennwort: wie oben | ||
+ | |||
+ | *Cloud/ownCloud | ||
+ | *[[Zarafa]] | ||
* Produktiv Arbeiten mit OpenSource Werkzeugen | * Produktiv Arbeiten mit OpenSource Werkzeugen | ||
Zeile 496: | Zeile 184: | ||
===== Mittwoch - Nachmittag ===== | ===== Mittwoch - Nachmittag ===== | ||
- | ---- | + | *[[v_lizedlab|vlizedlab4education]] |
- | [[v_lizedlab]] | + |