opsi manual opsi version 4.0.2 - opsi Download - uib

More documents

Recommendations

Info

opsi manual opsi version 4.0.2 If you configure an admin networks parameter, all administrative accesses are restricted to these network(s). 97 / 193 Setting the option [global] admin networks at the /etc/opsi/opsiconfd.conf will restrict the administrative access to the opsiconfd to connections coming from the specified network address(es). You may give multiple addresses separated by comma. Non administrative access may also come from other networks. The default is: admin networks = 0.0.0.0/0 and allows administrative access from all networks. A configuration like e.g. admin networks = 127.0.0.1/32, 10.1.1.0/24 restricts administrative access to the server itself and to the network 10.1.1.0/24. 12.9 The user pcpatch With opsi 4 the user pcpatch is used just by the opsi-client-agent to mount the depot shares (and at the moment by the netboot products ntfs-write-image and ntfs-restore-image to read and write the image files via ssh). The password of the user pcpatch is usually stored and transmitted encrypted. Under special circumstances it might be possible to catch the clear password. To reduce risks arising from that, you should do the following: Deny for the user pcpatch the access to all other shares than the opsi_depot share. You should do this by adding the following entry to all share definitions (besides the opsi_depot) at the /etc/samba/smb.conf: invalid users = root pcpatch Alternative At the /etc/samba/smb.conf restrict privileges for the user pcpatch to global read only by setting in the [global] section: read list = pcpatch As an additional task you should frequently change the password of the user pcpatch. You may set the password to a random string which no one knows (besides opsi). You may do this by calling the following command e.g by a cronjob: opsi-admin -d task setPcpatchPassword $(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c16) If you do not plan to use the netboot products ntfs-write-image or ntfs-restore-image, you may deny a unix logon for the user pcpatch by setting at the /etc/passwd the shell /bin/false for the user pcpatch. 13 opsi-backup 13.1 Introduction Your opsi-server should be backuped (like any other important system). This chapter shows what to backup and how. And of course - how to restore. 13.2 Preconditions for a backup You should run the opsi-backup command as root. You have to install the mysqldump program before you can use the opsi-backup in connection with the mysql backend. Usually this program is part of the mysql client packages.
opsi manual opsi version 4.0.2 13.3 Quick Start Create a backup: opsi-backup create opsi_backup.tar.bz2 98 / 193 Creates a backup of the used backends and all configuration data at the current directory with the name opsi_backup.tar.bz2. Restore a backup: opsi-backup restore --backends=all --configuration opsi_backup.tar.bz2 Restores the data from the backup file opsi_backup.tar.bz2, which is searched for in the current directory. 13.4 Basic parts of opsi opsi may be devided in five different parts which may be backuped or not. The location where to find this part may vary (by Linux distribution, version and configuration). 13.4.1 Opsi configuration The most important part of opsi is the configuration. You will find it at /etc/opsi. This part will be backed up by opsi-backup. 13.4.2 Opsi backends The data about the managed clients and the products might be stored in different backends. The most important backends are: Table 1: opsi backends Backend Description file-Backend File based backend (default backend) mysql-Backend MySQL based backend (since opsi 4 for all configuration data) ldap Stores configuration data at the ldap univention Special ldap backend for Univention Corporate Server dhcp Special backend which is used in combination with a dhcpd at the opsi-server Different backends may be used for different purposes at the same time. So you should have a look at the /etc/opsi/backendManager/dispatch.conf to see which backends you are using. This part will be backed up by opsi-backup. 13.4.3 opsi depot share At the opsi depot share you will find the installation files of the software to be installed on the clients by opsi. The directories which contain these files (Local boot products and netboot products) are located at /opt/pcbin/install or /var/lib/opsi/depot.
Page 1 and 2:
opsi manual opsi version 4.0.2 Stan
Page 3 and 4:
opsi manual opsi version 4.0.2 4.3.
Page 5 and 6:
opsi manual opsi version 4.0.2 8 Lo
Page 7 and 8:
opsi manual opsi version 4.0.2 14 o
Page 9 and 10:
opsi manual opsi version 4.0.2 20 o
Page 11 and 12:
opsi manual opsi version 4.0.2 24.6
Page 13 and 14:
opsi manual opsi version 4.0.2 3 Ov
Page 15 and 16:
opsi manual opsi version 4.0.2 More
Page 17 and 18:
Page 19 and 20:
opsi manual opsi version 4.0.2 prod
Page 21 and 22:
opsi manual opsi version 4.0.2 4.3.
Page 23 and 24:
opsi manual opsi version 4.0.2 12 /
Page 25 and 26:
opsi manual opsi version 4.0.2 Basi
Page 27 and 28:
opsi manual opsi version 4.0.2 Send
Page 29 and 30:
opsi manual opsi version 4.0.2 Dele
Page 31 and 32:
opsi manual opsi version 4.0.2 20 /
Page 33 and 34:
opsi manual opsi version 4.0.2 Figu
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
opsi manual opsi version 4.0.2 The
Page 41 and 42:
opsi manual opsi version 4.0.2 -p,
Page 43 and 44:
Page 45 and 46:
opsi manual opsi version 4.0.2 •
Page 47 and 48:
opsi manual opsi version 4.0.2 meth
Page 49 and 50:
opsi manual opsi version 4.0.2 Note
Page 51 and 52:
opsi manual opsi version 4.0.2 prod
Page 53 and 54:
] opsi manual opsi version 4.0.2 {
Page 55 and 56:
opsi manual opsi version 4.0.2 (...
Page 57 and 58: opsi manual opsi version 4.0.2 soft
Page 59 and 60: opsi manual opsi version 4.0.2 meth
Page 61 and 62: opsi manual opsi version 4.0.2 Supp
Page 63 and 64: opsi manual opsi version 4.0.2 Supp
Page 65 and 66: opsi manual opsi version 4.0.2 6 Ac
Page 67 and 68: opsi manual opsi version 4.0.2 7.3
Page 69 and 70: opsi manual opsi version 4.0.2 shut
Page 71 and 72: opsi manual opsi version 4.0.2 60 /
Page 73 and 74: opsi manual opsi version 4.0.2 7.3.
Page 75 and 76: opsi manual opsi version 4.0.2 veri
Page 77 and 78: opsi manual opsi version 4.0.2 even
Page 79 and 80: opsi manual opsi version 4.0.2 [eve
Page 83 and 84: opsi manual opsi version 4.0.2 Figu
Page 85 and 86: opsi manual opsi version 4.0.2 At t
Page 91 and 92: opsi manual opsi version 4.0.2 - Ch
Page 93 and 94: opsi manual opsi version 4.0.2 82 /
Page 95 and 96: opsi manual opsi version 4.0.2 Call
Page 97 and 98: opsi manual opsi version 4.0.2 imag
Page 101 and 102: opsi manual opsi version 4.0.2 { "C
Page 107: opsi manual opsi version 4.0.2 96 /
Page 121 and 122: opsi manual opsi version 4.0.2 The
Page 125 and 126: opsi manual opsi version 4.0.2 114
Page 127 and 128: opsi manual opsi version 4.0.2 Tabl
Page 133 and 134: opsi manual opsi version 4.0.2 The
Page 135 and 136: opsi manual opsi version 4.0.2 •
Page 139 and 140: opsi manual opsi version 4.0.2 [5]
Page 145 and 146: opsi manual opsi version 4.0.2 ’
Page 147 and 148: opsi manual opsi version 4.0.2 18 o
Page 157 and 158: opsi manual opsi version 4.0.2 Show
Page 159 and 160:
opsi manual opsi version 4.0.2 148
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
opsi manual opsi version 4.0.2 On R
Page 167 and 168:
opsi manual opsi version 4.0.2 Chec
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
opsi manual opsi version 4.0.2 serv
Page 181 and 182:
Page 183 and 184:
opsi manual opsi version 4.0.2 HARD
Page 185 and 186:
opsi manual opsi version 4.0.2 •
Page 187 and 188:
Page 189 and 190:
opsi manual opsi version 4.0.2 -h s
Page 191 and 192:
opsi manual opsi version 4.0.2 set
Page 193 and 194:
Page 195 and 196:
Page 197 and 198:
opsi manual opsi version 4.0.2 [rep
Page 199 and 200:
Page 201 and 202:
opsi manual opsi version 4.0.2 Devi
Page 203 and 204:
show all

opsi manual opsi version 4.0.2 - opsi Download - uib

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?