= OMF Login Aggregate Manager = Login aggregate manager (AM) is an OMF service that is used to manage testbed users and groups, schedule access to resources and provide support for resource access control. It is distributed as a Debian package targeted for Ubuntu 10.10 (but it might work with other distributions as well). == Prerequisites == === DHCP and DHS server === {{{ apt-get install dhcp3-server }}} === Apache WEB server === {{{ apt-get install apache2 }}} === LDAP server === Decide on the organizational structure for ldap: orbit-lab.org => dc=orbit-lab,dc=org Install the server and utilities: {{{ apt-get install slapd, ldap-utils, phpldapadmin, }}} Configure the ldap service by editing /etc/ldap/slapd.conf Start the service: {{{ /etc/init.d/slapd start }}} {{{ slappasswd }}} Make sure it is running by checking that ldap server is listening on both ports: {{{ netstat -an | grep 389 netstat -an | grep 636 }}} Stop the service: {{{ /etc/init.d/slapd stop }}} Import initial content (first group and account that will be used as administrators for the login service): {{{ slapadd -l init.ldif -f /etc/ldap/slapd.conf chown openldap:openldap /var/lib/ldap/* }}} Start the service: {{{ /etc/init.d/slapd start }}} make sure you can access the service with admin credentials: {{{ ldapsearch -x localhost -D "uid=jsingh,ou=WINLAB,dc=orbit-org,dc=edu" -W -b "dc=orbit-lab,dc=org" uid=* }}} === Login service === server_name – how you access your server externally host - internal server name port - by default is 5052 === Example: Orbit parameters: === => www.orbit-lab.org => internal1.orbit-lab.org => 5052 These parameters are used in login.yam and to configure apache. === login.yaml === registration: baseURL: 'http:///userManagement' publicURL: 'http:///status/orbit' === Apache configuration === In order to use proxy you will have to install apache's proxy package and enable it.[[BR]] {{{ apt-get install libapache2-mod-proxy-html a2enmod proxy a2enmod proxy_http }}} {{{ a2enmod ssl }}} /etc/apache2/sites-available/default !ServerName !ProxyPass /status/orbit "http://:/public_html/" !ProxyPass /userManagement "http://:/login/userManagement" Note: If you change baseURL and publicURL in login.yaml it is necessary to change corresponding values in apache default file. /etc/apache2/sites-available/default-ssl !ProxyPass /schedule/ http://:/login/ShowScheduler !ProxyPass /loginService/ http://:/login/ :5052/login/*> !AllowOverride None order allow,deny allow from all === Database === To create database run login.sql script file which is attached to this page. Resources table need to be fill out with data manually. === Example: === INSERT into resources (machid,name,location,rphone,notes,minRes,maxRes) VALUES ('sc1431b400c5f130', 'grid', 'Orbit Facility', '(732) 932-6857', 'Main 400 node grid,30,120) * machid – unique resource identifier * name – resource name * rphone – phone number * notes – resource description * minRes – minimal reservation length in minutes * maxRes – maximal reservation length in minutes === How to access login service === 1. Scheduler: https:///schedule/ This is how scheduler is mapped in default-ssl. This is not obligatory, so it is possible to change this link. But, it is necessary to keep “/loginService” link name 2. !ControlPanel – for administrators; to View, Approve and Delete reservation, to Administrate Users and Groups etc. https:///loginService/ControlPanel 3. User Registration http:///userManagement/register ( userManagement same as one in login.yaml and apache default) 4. !Group/Organization Registration http:///userManagement/orgReg ( userManagement same as one in login.yaml and apache default) Note: There is file /usr/share/omf-aggmgr-5.2/omf-aggmgr/public_html/template/ogs_login/orbit_banner.png, used for user management pages. Replace content of that file to show your logo.