Hello friends!. We begin a series of articles that will help us to Introduce ourselves in How to Implement a Business Network based entirely on Free Software. Those who have followed previous articles on Samba, they verified that we stopped at the Binding a Debian to a Microsoft Windows NT-style Domain Controller.
Why?
Because we believe that if we continue with the Union of Microsoft Domains, undeniably scattered in most of the SME Networks (Small and Medium Enterprises) at least in my country, Cuba, we would NOT be helping the use and development of equivalent free systems and of proven effectiveness in practice such as ClearOS, Zentyal and others.
Practice is the Best Criterion of Truth.
I have collaborated in the installation in 4 companies of the ClearOS 5.2sp1, one of them with more than a year of operation. The largest number of users and teams in one of them is a little more than 50. In all cases, ClearOS runs in virtual machines, and clients range from XP, Seven, Windows 2003 server, and some that another station with Debian or Ubuntu.
In all cases, administrators prefer it to a Microsoft Active Directory because of:
- Simple administration through a web interface
- Stability
- Possibility of implementing several services in an extremely simple way on a single computer, such as: Firewall, Proxy server, Mail server, etc.
- Ease of restoring the entire system in the event of a total server failure.
We chose ClearOS over Zentyal because of personal preference. There are no mysteries. 🙂
Presentation of ClearOS
According to the official website of ClearOS, this is nothing more than an Operating System for computers, which provides application services and network security at the enterprise level, to the market of small or medium-sized Business Companies.
Allows the organization to protect against external threats; imposes exit policies, and grants greater productivity through the use of integrated services.
Since the release Clear OS 6.1, the distribution is that of an operating system for servers and workstations, built from the sources of Red Hat Enterprise Linux, according to Wikipedia.
The latest stable distribution of ClearOS is 6.4sp1, and its version for 32 bits can be downloaded here.
Its main characteristics according to Wikipedia in English, are:
- Firewall (iptables).
- Intruder prevention and detention system. (Snort).
- Virtual Private Networks (PPTP, OpenVPN).
- Web proxy with content filter and antivirus (Squid and DansGuardian).
- Mail server (Webmail, Postfix, SMTP, POP3 / S, IMAP / S).
- Groupware (collab).
- Database and web server (easy to implement a LAMP server).
- Share printers and files. Domain Controller. (Samba and CUPS).
- «flexshares»O Multi Protocol Storage which supports CIFS, HTTP / S, FTP / S, and SMTP.
- MultiWAN (Fault Tolerant Internet Design).
- Reports on system statistics and services (MRTG and others).
- Total administration through web interface.
¿How to install ClearOS? There is a lot of documentation, unfortunately in English, on its official website.
Its installation is as easy as that of a Zentyal, and much easier than that of a well installed and configured Microsoft Active Directory.
After you arrive at the Dashboard, you can manage your ClearOS through a browser, pointing to the address https://centos.amigos.cu:81.
I can also do a step-by-step of 6.4, if Elav downloads that version for me. 🙂
The version used to make the articles is the ClearOS Enterprise 5.2sp1. And don't tell me it's old, because it's from 2010, and at least in Cuba Windows 2000, 2003 and even 2008 are still used a lot! 🙂
Yes friends, because I have noticed that the versionitis It is a disease of the majority of Free Software users.
At the business level, many times we cannot afford to suffer from versionitis. And the story of the Guatemalan Augusto Monterroso is fully fulfilled, which I will modify very slightly with the permission of its Author: «When he woke up, the dinosaur XP was still there«. :-).
Millions of Chinese will soon swap XP for Ubuntu according to comments in the WWW Village.
Let's enable the possibility of assigning the shell / bin / bash to any user in our ClearOS BEFORE creating the first one.
To protect the server from the possibility that any of its users can start a session through the console or through ssh, by default assigns the shell / sbin / nologin to any user that is created.
To change that characteristic we must do the following:
- After installing and configuring the services that we select, and BEFORE creating the first user in the Directory, on the server itself we press Ctrl+Alt+F2 to start a console session as the root user.
- We edit the file / etc / system / webconfig via editor dwarf, and add the following line to the end:
allow_shell = 1
- We save the changes with Ctrl + or and we left the editor with ctrl + x
- We restart the service webconfig
/etc/init.d/webconfig restart
- To protect access to the server by SSH, we edit the file / Etc / ssh / sshd_config, and add the following line at the end:
AllowUsers root
- After saving the changes, we restart the service sshd
/etc/init.d/sshd restart
- We close the session and return to the web console using Ctrl + Alt + F7.
- We go to «Directory» Accounts »Users», and when we create a new user, we will see that at the end of the properties page we are shown a drop-down list through which we can choose which will be shell of the user in question.
In the next installments we will see:
- SWL Network (II): Ubuntu 12.04 and ClearOS. LDAP authentication.
- Red SWL (III): Wheezy and ClearOS. LDAP authentication.
- Red SWL (IV): Wheezy and ClearOS. Work Offline on Laptops and mobile equipment.
- Red SWL (V): File server through Samba.
- Join Windows XP and Windows Seven to a ClearOS Domain Controller.
- And others …
And the activity for today is over, Friends !!!.
Interesting ... The truth is that RHEL / CentOS is quite controversial in terms of its distribution in banned countries, but there is no doubt that it is very on par with Debian and Slackware, so these derivatives can save our skin on many occasions.
Excellent article .. I am waiting for the next installment .. but I have questions about it ..
How to implement the bulky series of prohibitions of the 127?…., Because with the AD of MS it is very easy to put users by the hoop.
The information you are providing is very interesting, I will be waiting for your next deliveries.
Very good article 🙂
Dear friends, I am always looking for new solutions at the micro-enterprise level and it is a real pleasure to read them every day.
Pd: repair the link of the installation manual.
Yes sir, Clear OS, I have a 5.4 running for 2 years in a network of about 40 computers without any problem.
I have also installed 6.3 (I think) for a few months and perfect
Fico, you who must have tried Zentyal and now ClearOS, what is your opinion comparing these two?
Difficult question, but I prefer ClearOS because if I modify settings at the console level, the webmin respects them. At least, until Zentyal 3.0, which was the last one I tried, if I change any configuration at the console level, Zentyal overwrites it when it saves the changes in the web administration console.
ClearOS 5.2 won awards for two consecutive years. Check it out on Wikipedia in English.
KZKG ^ Gaara, I prefer ClearOS and have actually installed it in 4 production companies. Hopefully and I can tie myself with a 6.4
Also both are designed so that you do not have to touch the terminal at any time. With Zentyal it has not been bad for me, it is no less true that the "templates" are somewhat complex to configure, but generally only for squid (define proxy_parent).
And yes, I want to use ClearOS, since I haven't played a .deb for a few months 😀
ke good paints this series of articles and I wait for the next deliveries!
Thank you all for your comments !!!
The link about step by step installation is wrong.
Greetings.
Wow, that good information, the only thing I knew was Zentyal and I had a pleasant impression with ClearOs ..
Too interesting, I'm looking forward to the second part. Greetings from Peru!!
Well, the second one came out in https://blog.desdelinux.net/red-swl-ii-ubuntu-12-04-y-clearos-autenticacion-ldap. Did you download Step by Step in images? The compacted one is light and helps to understand the domain name, user names, IP, etc. that I use in the articles.
The link to download the installation images is wrong, it only has: "http: //instalacion.tar.gz/"
Have if they can correct it.
Thank you very much.
Good night everyone =).
I was wondering if anyone has a link where there is a tutorial similar to this but using Zentyal.
Thank you very much.
@ KZKG ^ Gaara: My initial response was a bit diplomatic, but personally I consider ClearOS a more Professional product than Zentyal. In fact, I repeat that I have it installed in 4 companies in production. I have not installed any Zentyal. If I have tried it, from version 2 to 3.0.1 amd-64bits and it does not convince me at all. The least I want is a flameware on the subject. Each one to use the one that suits them best.
@Emanuel Acuña: On the official Zentyal website there is abundant documentation and in Spanish - Zentyal is developed by mostly Spanish people - that you can consult or download. I downloaded very good documentation from there myself.
However, on ClearOS, the best documentation is in English.
Goodnight
The article is very interesting but the step by step manual does not appear, could you upload it again please or send it to my email andresperafan@hotmail.com
Thank you
Good morning Camilo !!!. If they don't fix the link, I'll pass it on to you tonight. Is that right now I do not have the images. And thanks for your comment.
could you upload on how to create plugins or packages for clearos? please I need it very much.
How do I upload the iso of the ClearOs 6.4 SP1
very good comments and clearOS is the best at least I like it and it is the one I use
How do I upload the ClearOS 6.4 SP1
I have the iso
where it is easier and faster to upload the iso of the clearos 6.4 sp1 I have it
where it is easier and faster to upload the iso of the clearos 6.4 sp1 I have the iso