Difference between revisions of "Linux@WUR"
(Removed secrets on request from TomvB)
|Line 363:||Line 363:|
IPSec gateway mol01.wur.nl
IPSec gateway mol01.wur.nl
IPSec secret -
Xauth username <your wur userid>
Xauth username <your wur userid>
Xauth password <your wur password>
Xauth password <your wur password>
Revision as of 13:35, 19 July 2011
- 1 Linux@wur settings
- 1.1 Using an email client
- 1.2 using Thunderbird as mail client
- 1.3 Using DavMail (at WUR or at home!)
- 1.4 Using the department printserver
- 1.5 Using the department fileserver
- 1.6 Accessing files on the DFS-Root
- 1.7 Connecting to your computer from home
- 1.8 Changing Your Password
- 1.9 Using VMWare or Virtualbox
- 1.10 Using LaTeX
- 1.11 Other Services
- 1.12 Registering with the wurnet dns
- 1.13 Using your iOS device
- 1.14 Useful?
Using an email client
Use an email client that can do IMAPS, SMTP with STARTTLS and authentication and LDAP. Sylpheed is a nice client http://sylpheed.good-day.net/ as is the mailer that comes with Mozilla. For the console die hards there is the MuttMailer! Receiving email:
- Server for receiving: imap.wur.nl
- Use SSL for IMAP connection
- Use port 993
- The IMAP login and password is simply your wur account, for example annie001 and annie
Sometimes it is necessary to show also the unsubscribed folders to see all your mail folders (it is in the advanced options in Thunderbird).
- Server for sending: smtp.wur.nl
- Use TLS (sometimes called STARTTLS) for SMTP connection
- Use port 25
- The SMTP password is simply your wur account, for example annie001 and annie
Using this server you can only send email if your from adress is a @wur.nl adress.
- In Evolution 184.108.40.206: authentication type NTLM/SPA works. [Don't know if this setting shows up in any other mail client, but here it was necessary so I added this FYI - Raoul]
If you want to send email using a from address that is not a @wur.nl adress you can use:
- Server for sending: net.wur.nl
- No TLS.
- No username or password.
See also WURImapForDummies for an elaborate example installing Mozilla mail.
Since Evolution 2.x has also an exchange connector it is really nice to use it. And setting it up is really easy!
- Open the preferences window -> Mail Accounts -> Add
- Push Forward
- Fill in your Name and E-mail Address (it is not used for the connection so you can use the complete one)
- Choose the Microsoft Exchange server type
- Fill in your username e.g. annie001 and the OWA Url: https://webmail.wur.nl/exchange/.
- Push Authenticate
- Fill in your password (check the remind box if you like to)
- Check the automatically check box
- For the Global Catalog use 10.110.10.2
- You can leave the responses limit and password warning boxes checked (although I do not know whether it works)
- Give your account a name
- Find a timezone, if it is your first account
- Push apply!
To search in the phone directory (which has all email addresses as well) use the following:
- LDAP server: ldap.wau./nl
- search base: o=Wageningen UR,c=NL
- portnumber: 389
- ssl: off
With Mozilla mail select edit-preferences -> Addressing -> Directory server and fill in above settings. It is nice - now you magically see all E-mail addresses appear when typing!
To search in the active directory:
- LDAP server (hostname): 10.110.10.2
- search base (base DN): DC=wurnet,DC=nl
- port number: 389
- bind DN: firstname.lastname@example.org (yes that is your email address!)
- bind password: your wur password
- ssl: off
- in thunderbird: advanced -> subtree -> searchfilter: (objectclass=User)
This server can be extremely slow, so I advice you to get a cup of coffee when you are using this one...
However if you connect to this server via the Exchange connector in Evolution, it works quite well instead!
Use the following .fetchmailrc file
poll imap.wur.nl protocol imap username "yourname" password "yourpassword" ssl
And here the one I use (Pjotr):
poll imap.wur.nl with proto IMAP port 993 user 'yourname' there is 'account' here ssl fetchall keep mda "/usr/bin/procmail -d %T"
mutt with IMAPs example
mutt -f imaps://email@example.com
using Thunderbird as mail client
Most of the IMAP settings explained above apply.
- Server name: imap.wur.nl
- Port: 993
- Security: SSL
Optional (my preference)
- When I delete: move to trash
- Clean up ("expunge") inbox on exit
Setting correct folder names
The WUR exzchange server uses non-default folder names for the trash, sent items, etc. Some of these can be set from within Thunderbird: (Account settings -> Copies and Folders)
- Place a copy in: other: Verzonden items on WUR account
- Keep message drafts in: other: Concepten on WUR account.
The location of the trash folder cannot be modified from within Thunderbird. This has to be done by editing the "prefs.js" configuration file. Mine is located at:
The line that reads
user_pref("mail.server.server2.trash_folder_name", "Deleted items");
or similar should be changed into
user_pref("mail.server.server2.trash_folder_name", "Verwijderde items");
That will do.
Auto-compaction of folders
Deleted mails are not really deleted, they are only marked as deleted. This is not visible from within Thunderbird, but it is from e.g. webmail. To prevent this, folders need to be compacted.
- Go to edit -> preferences -> advanced -> network & disk space
- Mark "compact folders when it will save over" 100 kb
Using DavMail (at WUR or at home!)
DavMail connects to the Outlook Web Access and sets up some local servers you can connect to from most mail clients. It also supports calendar and ldap.
On the DavMail website you can find an extensive description on how to configure DavMail with some of the most common mail clients.
When setting up DavMail use the following values:
- For "OWA (Exchange) URL" fill in: https://webmail.wur.nl/exchange/
- When asked for a username by your mail client upon connection to the local servers created by DavMail, fill in: "wur\" followed by your short login name
Remember to setup the custom folder names as described above!
Sometimes DavMail gives the error "Set socket timeout to 115 seconds" in the tooltip of the icon. This problem should be solved soon, but until then you can use this quickfix to remove the swt class from the classpath in the script that runs davmail. In my case this script is located at:
Change the following line:
java -Xmx512M -cp /usr/share/davmail/davmail.jar:/usr/share/java/swt.jar:$CLASSPATH davmail.DavGateway "$@"
java -Xmx512M -cp /usr/share/davmail/davmail.jar:$CLASSPATH davmail.DavGateway "$@"
Now it should work again, although it looks a bit ugly
Using the department printserver
Using the department fileserver
In order to use the guides below, you'll have to know on which servers the windows shares reside. The easiest way is to use a Windows PC, start up Explorer, got to the share and look at the Properties.
Alternatively, you can use smbclient to find all shares on a server:
- smbclient -I <server>.wurnet.nl -W wurnet.nl -U yourname001 -L <server>
Where <server> is scomp0300 for PSG and scomp0291 for ESG.
Using smbmount (normal user)
Suppose the server your personal share is located on is called sdep001 and your username is annie001, your password is annie, and you want to mount this share on ~/mnt If you do not know this information you can get it out of the ActiveDirectoryServer or from the "My Computer" screen of a windows machine.
- smbmount '//sdep001/annie001$' ~/mnt/ -o username=annie001,password=annie,workgroup=WUR
if you leave out the password, the program will ask you for your password during the mounting:
- smbmount '//sdep001/annie001$' ~/mnt/ -o username=annie001,workgroup=WUR
Using mount (as root) =
you can also do this using regular mount, as Stephan Verrips writes:
- mount -t smbfs -o username=verri001,workgroup=wurnet.nl //sdpw0001.wurnet.nl/verri001$ ~/mnt
Alternatively, the (newer) CIFS protocol can be used instead of SMB. The following example connects to the 'webdocs' share where web related files can be stored.
- mkdir /mnt/webdocs
- mount -t cifs -o username=annie001,workgroup=wurnet.nl //skgr0004.wurnet.nl/webdocs$ /mnt/webdocs
Automatically mounting at boot (/etc/fstab)
Add the following line to the file /etc/fstab
//sdep001/annie001$ /mnt/wur smbfs username=annie001,password=annie,workgroup=WUR,uid=502 0 0
or a really working example for a shared network drive (for DPW - note the odd spaces in the name using \040):
//scomp0300/PSG~DPW\040Laboratory\040of\040Nematology$ /mnt/wur smbfs username=annie001,password=annie,workgroup=WUR,uid=501 0 0
//scomp0300/PSG~DPW\040Laboratory\040of\040Nematology$ /mnt/wur smbfs //username=annie001,password=annie,workgroup=WUR,uid=501 0 0
The uid represents the user id you use - check your id with the id command:
it is also possible to use a gid (group id) to share the mounted drive with multiple users on one system.
Note: since it contains your password this option is not so secure!
Safer is to use a separate password file:
- cd ~
- echo username=annie001 > .smbpassword
- echo password=annie >> .smbpassword
- chmod 600 .smbpassword
This created a hidden password file that can only be read by you or the root
Change the line in the /etc/fstab into
- //sdep001/annie001$ /mnt/wur smbfs credentials=/home/annie/.smbpassword,workgroup=WUR,uid=502 0 0
Note: you set the uid to your user id (see 'man id') so you can write/read from your normal account.
Another example, again using the CIFS protocol instead of SMB, to automatically connect to the 'webdocs' share:
- //skgr0004.wurnet.nl/webdocs$ /mnt/webdocs cifs credentials=/home/annie/.smbpassword,workgroup=wurnet.nl,uid=502 0 0
Windows shares can also be accessed, without any mounting, with the SMB kio slave (KDE). The SMB kio slave can be used in Konqueror but also in other KDE applications.
The format of the url is:
- username: wur\annie001
- hostname: sdep001.wur.nl
- sharename: annie001$
If you get the error "Connection to .... failed" and you are sure you typed the server name correctly, you have to manually set the wins server in /etc/samba/smb.conf. Find the line that reads like:
- ; wins server = <something>
Remove the ; and change the <something>:
- wins server = 10.110.10.3
You can also connect to the fileservers with WebDAV. GNOME and KDE both provide GUI's for doing that. In GNOME you can open the GUI with Connect to server... under Locations. In KDE you have to open konqueror and type "remote:/". Then click on the "Add a Network Folder"-icon.
Select the encrypted WebDAV(s)-type Then fill in the fields
- Server = wic2.wur.nl
- Port = 443 (or use encryption)
- Folder = ANNIE001_annie001
- User = annie001
- Name = anything you like
Accessing files through the web
Accessing files on the DFS-Root
What is the DFS-Root
DFS is Microsoft's Distributed File System. The purpose of a distributed file system is that the user can access files without knowing on which server the files are locates. The root of a distributed files system is called the DFS-Root. In the DFS-Root are virtual directories which are actual 'links' to shares on some servers.
In WURNET there is one wur-wide DFS-Root \\wur\dfs-root usually mapped to the W:-drive in windows.
The samba client is unable to directly access files in the DFS-Root, instead you have to connect to the actual underlying shares.
DFS-Root directory mappings
If you have access a file or directory in the format:
\\wur\dfs-root\dir\rest\of\path or W:\dir\rest\of\path
then you must substitute \\wur\dfs-root\dir or W:\dir according the following table (Dir -> share):
- AFSG = //ATO0001C/AFSG$
- APPS = //SCOMP0025/apps
- ASG = //LD010s/ASG$
- ATV = //SATVF0001/shares
- BC = //SCOMP0064/BC
- DPT-DIER = //SCOMP0064/DIER
- DPT-MAATSCHAPPIJ = //SCOMP0063/MAATSCHAPPIJ
- FB = //SCOMP0064/FB
- LEI = //LEIDH017S/SHARES
- PLANT PROJECTS = //SPRI0010/PLANTPROJECTS$
- RIKILT = //SCOMP0063/RIKILT
- STUDENT = //SCOMP0064/STUDENT
The spaces in the names have to be escaped, using \040.
Connecting to your computer from home
If you need access to your computer at the university. The simple way: get your computer into the public VLAN, you will get a fixed 137.224 IP address and you can connect to your computer from home using ssh. The system administrators from the departments can do this for you.
Once you are on the VLAN you can even use IMAP mail from home through ssh tunneling, using for example:
ssh -L 1993:imap.wur.nl:993 -f -N 137.224.xx.xx mutt -f imaps://yourlogin@localhost:1993/INBOX
using the VPN
Another, more complicated way, is to use VPN access. There are two clients for the VPN hardware in use at the university: a client from Cisco, and a native client called 'vpnc'. The native vpnc client is standard available in Debian Sid (apt-get install vpnc), I cannot say for other distributions. The cisco client can be downloaded from the university
the Cisco vpnclient
Note: this currently does not work with kernel 2.6!
- download the Linux client and the Profile from http://www.wur.nl/wurnet/deelprojecten/coax_vervanging_netwerkactualisering/index_vpn.html
- unpack the zip
- unpack the tgz
- run ./vpn_install
- run /etc/init.d/vpnclient_init start
- copy WUR.pcf from Profile zip file to /etc/CiscoSystemsVPNClient/Profiles/
- start with 'vpnclient connect WUR user blabl001' (blabl001 is your wur account)
the native vpnc
Note: recently vpnc stopped working
- unpack the tarball
- run 'make && make install'
- make a config file /etc/vpnc.conf containing:
IPSec gateway mol01.wur.nl IPSec ID <get the relevant ID from FB-IT> IPSec secret <get the relevant secret from FB-IT> Xauth username <your wur userid> Xauth password <your wur password>
- beware, vpnc is very picky, you cannot have two spaces, or a tab, or any appending spaces or something like that in the file
- create the tun device ('mknod c 10 200 /dev/tun')
- modprobe tun
- start vpnc
- route add -net 10.0.0.0/8 dev tun
Changing Your Password
You can change your WURNET password with samba's client:
smbpasswd -r scomp0001.wurnet.nl -U annie0001
Passwords expire in 90 days - so make sure you reset it within that period. (Note: it is possible to keep your old password by running this command twice - setting it back the second run).
echo -e "$preferred_password\n$temporary_password\n$temporary_password" | smbpasswd -s -r $server -U $user
echo -e "$temporary_password\n$preferred_password\n$preferred_password" | smbpasswd -s -r $server -U $user
Using VMWare or Virtualbox
Some webservices of WUR have problems with non-IE browsers. Check BrowserIssues for a list.
Registering with the wurnet dns
The wur dhcp server can automatically register your linux box in the dns. For this to work, the dhcpclient needs to send the hostname in netbios format to the dhcp server. If you host is called 'linux001', enter the following line in /etc/dhclient-eth0.conf:
- send host-name "LINUX001";
Your host will be known as linux001.wurnet.nl. Make sure you set your hostname accordingly using the hostname command:
- # hostname linux001.wurnet.nl
Using your iOS device
For more information, look at the iOS page.
If this information was useful to you please click ThisWasUseful!