Tuesday, January 23, 2007

Setting up Sun Rays on Solaris 10

I am committing a bunch of notes to blog. Somebody, somewhere may find this useful, and they won't find it if it's locked away in my $HOME.

  1. Install Solaris 10

  2. Apply latest cluster patch

  3. Install latest PC/SC SRCOM Bypass package (available to download from the Sun download Center http://www.sun.com/download/products.xml?id=42c5d3d9 ). This was not obvious in the supplied installation documentation. This must be installed for smartcards and hot-desking to work. This is only required for Solaris 10.

  4. download and unzip the latest Sun Ray Server Software from http://www.sun.com/software/sunray/getit.jsp

  5. run srss3.1/utinstall – this will install the software

  6. reboot

  7. connect up Sun Ray DTU's

  8. It seems that if you only have one NIC on your server box then you can only do a shared network configuration. So run: /opt/SUNWut/sbin/utadm -A

  9. The defaults values looked incomplete to me, so I suggest not accepting them. Instead, go through all the questions and answer them with the correct information.

bash-3.00# ./utadm -A bge0 Error: unable to resolve network name: "bge0"
bash-3.00# ./utadm -A 192.168.1.0
### Configuring /etc/nsswitch.conf
### Configuring Service information for Sun Ray
### Disabling Routing
Selected values for subnetwork "192.168.1.0"
net mask: 255.255.255.0
no IP addresses offered
auth server list: 192.168.1.10
firmware server: 192.168.1.10
Accept as is? ([Y]/N): n
netmask: 255.255.255.0 (cannot be changed - system defined netmask)
Do you want to offer IP addresses for this subnet? (Y/[N]): y
new first Sun Ray address: [192.168.1.245] 192.168.1.100
number of Sun Ray addresses to allocate: [155] 10
auth server list: 192.168.1.10
To read auth server list from file, enter file name:
Auth server IP address (enter to end list): 192.168.1.10
Auth server IP address (enter to end list):
If no server in the auth server list responds,
should an auth server be located by broadcasting on the network? ([Y]/N):
new firmware server: [192.168.1.10]
new router: [192.168.1.1]
Selected values for subnetwork "192.168.1.0"
net mask: 255.255.255.0
first unit address: 192.168.1.100
last unit address: 192.168.1.109
auth server list: 192.168.1.10
firmware server: 192.168.1.10
router: 192.168.1.1
Accept as is? ([Y]/N): y
### Configuring firmware version for Sun Ray
### Successfully enabled tftp for firmware downloads
All the units served by "demo" on the 192.168.1.0
network interface, running firmware other than version
"3.1_32,REV=2005.08.24.08.55" will be upgraded at their next power-on.
### Configuring Sun Ray Logging Functions
### Turning on Sun Ray LAN connection NOTE:
utrestart must be run before LAN connections will be allowed
DHCP is not currently running, should I start it? ([Y]/N): y
  1. run /opt/SUNWut/sbin/utconfig

bash-3.00# ./utconfig Configuration of Sun Ray server Software
This script automates the configuration of the Sun Ray server software
and related software products.
Before proceeding, you should have read the Sun Ray server 3.1 Installation
Guide and filled out the Configuration Worksheet.
This script will prompt you for the values you filled out on the Worksheet.
For your convenience, default values (where applicable) are shown in brackets.
Continue ([y]/n)?
Enter Sun Ray admin password:
Re-enter Sun Ray admin password:
  1. This script will automatically set up apache as the admikn console for you.
    If you are already using apache for something else, then answer no here.
Configure Sun Ray Web Administration? ([y]/n)? y
An installation of Apache Web Server version 1.3 has been detected at /etc/apache.
This script can configure the Apache server on this server for you.
Warning: if you choose to configure Apache, the existing Apache configuration
file will be over-written.
If this server is presently configured as a Webserver and you want to preserve your
current configuration, you must answer "NO" and merge the configuration file manually
by following the instructions in the Administration Guide on how to configure the
Apache server.
Would you like to configure this server to host the Sun Ray Web Administration? ([y]/n)? y
Enter port number [1660]:
Enter CGI username [utwww]:
Enable remote server administration? (y/[n])?
  1. Controlled Access Mode is the Sun Ray term for kiosk mode. If you wish to use it, you must say yes here. If you say no and change your mind, then you need to come back and rerun utconfig. Same goes for failover groups.

Configure Controlled Access Mode? (y/[n])? n
Configure this server for a failover group? (y/[n])? n
About to configure the following software products:
Sun Ray Data Store 2.1
Hostname: demo
Sun Ray root entry: o=utdata
Sun Ray root name: utdata
Sun Ray utdata admin password: (not shown)
SRDS 'rootdn': cn=admin,o=utdata
Apache Web Server 1.3
Apache Web Server port number: 1660
Remote server administration: no
CGI username: utwww Sun Ray server 3.1
Failover group: no
Controlled Access Mode: no
Continue ([y]/n)? y
Updating Sun Ray Data Store schema ...
Updating Sun Ray Data Store ACL's ...
Creating Sun Ray Data Store Datastore ...
Restarting Sun Ray Data Store ...
Starting Sun Ray Data Store daemon .
Mon Oct 16 15:23 : utdsd starting
Loading Sun Ray Data Store ...
Executing '/usr/bin/ldapadd -p 7012 -D cn=admin,o=utdata' ...
adding new entry o=utdata adding new entry o=v1,o=utdata
adding new entry utname=demo,o=v1,o=utdata
adding new entry utname=desktops,utname=demo,o=v1,o=utdata
adding new entry utname=users,utname=demo,o=v1,o=utdata
adding new entry utname=logicalTokens,utname=demo,o=v1,o=utdata
adding new entry utname=rawTokens,utname=demo,o=v1,o=utdata
adding new entry utname=multihead,utname=demo,o=v1,o=utdata
adding new entry utname=container,utname=demo,o=v1,o=utdata
adding new entry utname=properties,utname=demo,o=v1,o=utdata
adding new entry cn=utadmin,utname=demo,o=v1,o=utdata
adding new entry utname=smartCards,utname=demo,o=v1,o=utdata
adding new entry utordername=probeorder,utname=smartCards,utname=demo,o=v1,o=utdata
adding new entry utname=policy,utname=demo,o=v1,o=utdata
adding new entry utname=resDefs,utname=demo,o=v1,o=utdata
adding new entry utname=prefs,utname=demo,o=v1,o=utdata
adding new entry utPrefType=resolution,utname=prefs,utname=demo,o=v1,o=utdata
adding new entry utPrefClass=advisory,utPrefType=resolution,utname=prefs,utname=demo,o=v1,o=utdata
Added 18 new LDAP entries.
Creating Sun Ray server Configuration ...
Adding user account for 'utwww' (ut admin web server cgi user) ...
/usr/apache/bin/apachectl restart: httpd not running,
trying to start /usr/apache/bin/apachectl restart: httpd started
Unique "/etc/opt/SUNWut/gmSignature" has been generated.
Restarting Sun Ray Data Store ...
Stopping Sun Ray Data Store daemon .Sun Ray Data Store daemon stopped
Starting Sun Ray Data Store daemon .
Mon Oct 16 15:23 : utdsd starting
Adding user admin ...
User(s) added successfully!
***********************************************************
The current policy has been modified.
You must restart the authentication manager to activate the changes.
***********************************************************
Configuration of Sun Ray server has completed.
Please check the log file, /var/adm/log/utconfig.2006_10_16_15:16:55.log,
for errors.
bash-3.00#
  1. Synchronise the firmwares on the DTU's.

bash-3.00# ./utfwsync
Stopping Authentication Managers on demo ...
Will restart Authentication Managers in 5 seconds
Restarting Authentication Managers ...
bash-3.00#
  1. Reboot the server


Other points of Note


If you need to change anything in utconfig, then you get a cleaner change by unconfiguring and then reconfiguring from scratch:


/opt/SUNWut/sbin/utconfig -u /opt/SUNWut/sbin/utconfig 
 

No comments: