[debian-edu-commits] [Debian Wiki] Update of "DebianEdu/Documentation/Bookworm/HowTo/NetworkClients" by WolfgangSchweer

Debian Wiki wiki at debian.org
Fri Oct 28 09:14:46 BST 2022 

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Debian Wiki" for change notification.

The "DebianEdu/Documentation/Bookworm/HowTo/NetworkClients" page has been changed by WolfgangSchweer:
https://wiki.debian.org/DebianEdu/Documentation/Bookworm/HowTo/NetworkClients?action=diff&rev1=8&rev2=9

Comment:
reword/reformat a bit to be more user and translator friendly

  Please note that configuring end user devices will be a real challenge due to the variety of devices. For Windows devices an installer script could be created, for Apple devices a mobileconfig file. In both cases the freeRADIUS CA certificate can be integrated, but OS specific tools are needed to create the scripts.   
  
  ==  Authorize Windows machine with Debian Edu credentials using pGina LDAP plugin ==
- 
  === Adding pGina user in Debian Edu ===
  To have an ability to use pGina (or any else 3rd party auth-service-application) you should have a special user account used in search inside of LDAP.
  
- Add a special user '''pguser''':''pwd.777'' on https://www/gosa website.
+ Add a special user '''pguser''' with password ''pwd.777'' on https://www/gosa website.
  
  === Install pGina fork ===
  
  Download and install pGina 3.9.9.12 as usual software.
  Take an attention that LDAP plugin persists in pGina plugin folder:
  {{{
- c:\Program Files\pGina.fork\Plugins\pGina.Plugin.Ldap.dll
+ C:\Program Files\pGina.fork\Plugins\pGina.Plugin.Ldap.dll
  }}}
  
  === Configure pGina ===
  
- Considering to Debian Edu settings we must connect to LDAP with SSL by port 636.
+ Considering to Debian Edu settings the connection to LDAP uses SSL by port 636.
  
+ So necessary settings in a pGina LDAP plugin are below<<BR>>
- So necessary settings in a pGina LDAP plugin are below ''(stored in HKEY_LOCAL_MACHINE\SOFTWARE\pGina3.fork\Plugins\0f52390b-c781-43ae-bd62-553c77fa4cf7)''.
+ (these are stored in HKEY_LOCAL_MACHINE\SOFTWARE\pGina3.fork\Plugins\0f52390b-c781-43ae-bd62-553c77fa4cf7).
  
- ==== Main section ====
+ ==== LDAP Plugin main section ====
-   * LDAP Host(s): '''10.0.2.2''' [10.0.3.3] ''//or any else with "space" as a separator''
+   * LDAP Host(s): '''10.0.2.2''' (or any else with "space" as a separator)
-   * LDAP Port: '''636''' // for SSL connections
+   * LDAP Port: '''636''' (for SSL connection)
    * Timeout: 10
-   * Use SSL: '''YES''' ''(v mark)''
-   * Start TLS: '''NO''' ''(empty)''
+   * Use SSL: '''YES''' (tick checkbox)
+   * Start TLS: '''NO''' (don't tick checkbox)
-   * Validate Server Certificate: '''NO''' ''(empty)''
+   * Validate Server Certificate: '''NO''' (don't tick checkbox)
-   * Search DN: '''uid=pguser,ou=people,ou=Students,dc=skole,dc=skolelinux,dc=no''' ''//"pguser" is a user to authenticate in LDAP to search Users in a login session''
-   * Search Passwords: pwd.777 // here is a password of "pguser"
+   * Search DN: '''uid=pguser,ou=people,ou=Students,dc=skole,dc=skolelinux,dc=no'''
+     ("pguser" is a user to authenticate in LDAP to search users in a login session)
+   * Search Password: pwd.777 (this is the "pguser" password)
  
  ==== Authentication block ====
  Bind Tab:
    * Allow Empty Passwords: '''NO'''
-   * Search for DN: '''YES''' (v mark)
+   * Search for DN: '''YES''' (tick checkbox)
    * Search Filter: '''(&(uid=%u)(objectClass=person))'''
          
  ==== Authorization block ====
    * Default: '''Allow'''
-   * Deny when LDAP authentication fails: '''YES''' ''(v mark)''
+   * Deny when LDAP authentication fails: '''YES''' (tick checkbox)
-   * Allow when server is unreachable: '''NO''' ''(empty) //optionally''
+   * Allow when server is unreachable: '''NO''' (don't tick checkbox, optional)
   
  ==== Plugin Selection ====
    * LDAP: Authentication [v], Authorization [v], Gateway[v], Change Password [_]
-   * Local Machine: Authentication [v], Gateway [v] ''// two marks only''
+   * Local Machine: Authentication [v], Gateway [v] (tick only two checkboxes)
   
  ==== Plugin Order ====
    * Authentication: LDAP, Local Machine
@@ -288, +289 @@

  
  Sources:
  
-  * [[DebianEdu/Documentation/Bookworm/GettingStarted#User_Management_with_GOsa.2BALI-| User Management with GOsa²]]
   * http://mutonufoai.github.io/pgina/download.html
   * http://mutonufoai.github.io/pgina/documentation/plugins/ldap.html
   * https://serverfault.com/questions/516072/how-to-configure-pgina-ldap-plugin

More information about the debian-edu-commits mailing list