1.0 About this
The goal of this article is to be a base for a complete installarion of GOsa2, it will be used by future articles on what maters with integrating with others services.
2.0 What GOsa2 means?GOsa2 is the constrict form for GOnicus System Administration.
From author’s site gosa-project.org
A mighty System-/Config-management frontend using LDAP as a backend. It is able to manage POSIX, Samba, Mail, Kolab, FAX, Asterisk and many more services.
- A minimal install of CentOS e RedHat 5.3 (This guide is in Portuguese only :( )
- Apache 2.2.x
- PHP 5.2
- Repository yum EPEL
4.0 Instaling pre-requisitesAs said before, I’m assuming that you already have an installation of CentOS or Red Hat, therefore, I’ll be covering the system requisites to get a functional GOsa2.
4.1 Installing the yum EPEL repository
4.2 Setting the repository for GOsa2Go to /etc/yum.repos.d and create the file GOsa2.repo with your favorite text editor.
4.3 Setting the repository for PHP 5.2GOsa2 needs the PHP 5.2 to run, however, there’s no PHP 5.2 on official repository. With that said, we need to set up a third party repository.
For this article I’ll be using the repository from Utter Ramblings. It’s a nice and reliable repo, you can use it with no fear.
Go to /etc/yum.repos.d and with your favorite text editor create a file called utterramblings.repo.
This repo already have a version of Apache 2.2.x (2.2.14 at this momment) that we’ll be using.
4.4 Installing OpenLDAP ServerWe’ll use the offical version (which means the one into the repository or Media).
To accomplish this, execute the following command:
5.0 Installing GOsa2 via yumWith the prerequisites satisfied, continue the installation of GOsa2
There are a couple of plugins availiable from GOsa2 respository, doing a search over it, it is possible to get an idea of which of them you really need to install. Install those that suit to your environment.
WARNING: Avoid to install the package gosa-desktop, as it will install Gnome and X.org as dependence.
Below are the packs that we will use in this article. Feel free to alter it.
5.1 Edit PHP (php.ini) params to suit GOsa2To GOsa2 run happy, it’s necessary to alter 2 parameters in file /etc/php.ini. Edit it and save it.
- expose_php = On
- magic_quotes_gpc = Off
- expose_php = Off
- magic_quotes_gpc = On
5.2 Making sure the services start at boot time
6.0 Setting OpenLDAP to suit GOsa2 needsWith all those work we have done so far, now it’s a critical time, but simple to do.
Will be necessary to suit OpenLDAP to talk to GOsa2, this means showing the right schemas to OpenLDAP.
Make a backup copy from the original slapd.conf file.
To generate the cn=Manager password hash.
The result will be the hash from the entered password, this case I used “fogonacaixadagua”. Keep this hash, we will use it soon.
Now, make your /etc/openldap/slapd.conf look like the one below:
To copy some schemas that aren’t on schemas’ dir:
Create the file /etc/openldap/schema/gosa_custom.schema with the following content:
7.0 Starting OpenLDPWith OpenLDAP server configured and the schemas on the right place, copy DB_CONFIG.example to LDAP’s dir:
Now, you can start OpenLDAP and you can verify if it’s gonna ok.
8.0 Starting ApacheApache was installed with the GOsa2. The GOsa2 package created the config file to apache, this file can be found at /etc/httpd/conf.d/gosa-apache.conf
Isnt’ recommended to edit it, do it only if it’s really necessary.
Time to start Apache:
9.0 Setting GOsa2 through Web interfaceAfter starting Apache, access through of server IP.
9.1 Initial screen of GOsa2 set up
Note the highlighted part on image, it’s necessary to execute the above command to GOsa2 installer know that you have control over server.
After you executed the command, click “Next”.
9.2 Language selection
Pick up the correct one and Click “Next”.
9.3 Environment checking
If you got any error here, get back to: 5.1 Edit PHP (php.ini) params to suit GOsa2.
After all field being marked with Ok, click “Next”.
License agreementThis screen you must accept the license.
After you check it, click “Next.
9.4 LDAP ConnectionHere you set the connection between GOsa2 and OpenLDAP that we configured before.
The parts tha need to be changed are marked in 1 and 2:
1. Put the conext to Manager user: “cn=Manager,dc=FogoNaCaixadAgua”
2. Password hash, “fogonacaixadagua”
9.5 Schema validationYeah!
9.6 Setting GOsa2 1/3Let the default ones and click “Next”.
9.7 Setting GOsa2 2/3Some settings to GOsa2.
Below I’ll explain the changes done, based on the number into above picture, change them as show.
1. the context that will have the Workstations info from Windows Domain.
2. Timezone for GOsa2.
3. Enable Copy & Paster, it’s a nice function, very interesting when you change some entry into an Organizational Unit, for example.
4. Enable snapshots, they are useful to revert some bat change, for example
5. Put the Manager password, “fogonacaixadagua”.
Click “Next” after you finish it.
9.8 Setting GOsa2 3/3Last part on setting GOsa2.
1. Enter your SNMP community, if you have one in your network, otherwise put ‘public’.
2. To enable the SUDO config from GOsa2 Interface
9.9 Inspecting OpenLDAPIn this screen will have a full check to verify if you have some tree in LDAP, as we started from scratch, it have nothing, because of this you see a lot of “Fails”.
Do not worry, soon it will be all Green ;)
To create a root object, click the button as highlighted on pic below:
After clicking “Try to create a root object” look that the things are starting to getting better :D
First click the button “Migrate”, in “Inspecting object classes in root object” then you will be redirected to the following page:
Getting back to LDAP Inspection page, click the unique button shown.
This time it’s to create a password for the user ‘admin’ that will log into GOsa2 interface. Enter a password, here is “fogonacaixadagua” then click “Apply”
All nice and green, as I promised you.
Time to go to the last part. Click “Next”.
9.10 Send a feedbackYou are on your own.
Finnished, click “Next”.
9.11 Almost END
Download the config file to your computer and then copy it to /etc/gosa on server side, apply the permissions as shown by installer.
After, on GOsa2 server
Click “Next” on final step to confirm that the config file is there.
You will be awarded with the login screen, use the ‘admin’ user and the password defined in the install process to login.