2009
06.19

iFolder 3.7.2 on openSUSE 10.3 in VMWare ESX (step 3)

Category: Infrastructure, Linux, Virtualization / Tag:  / Add Comment

Today I had to install a new iFolder server in a VMWare ESX environment. It was a  little more difficult than I expected it to be.  Everything from the mono .Net layer, to openLDAP, to iFolder over SSL had it’s own little challenges.  Hopefully this step by step will help a few of you out getting this very slick personal backup and file sharing solution installed and running.

Step 3 – Finalize the iFolder Web Server

As you’ll recall in (if you don’t recall, don’t miss out on) step 1, we created a very basic OpenSUSE 10.3 installation and converted it to a template before the installation process completed.  Then in step 2 we created the LDAP server. Here we’ll get the web server up and running with iFolder installed.

In the VMWare Infrastructure Client, right-clicking on my OPENSUSE10.3 template, I select “Deploy Virtual Machine from this template…”   The settings you enter in the Deploy Template Wizard will be very specific to your environment so I won’t cover them in detail here.

I made two changes after the deployment process completed.  First, I disconnected the CD / DVD ISO because I won’t be needing it anymore.  Second, I added a second virtual disk to be used as my iFolder data store.  I went with a 250GB virtual disk which should hold all my files, at least for a while anyway.

Power on the virtual machine (mine is named IFOLDERWEB01) and open up the console.

Finish Setup

OpenSUSE will detect that you have not completed the installation process and load up the YaST First run utility.

  1. Set your root password, as always, set a good one.
  2. Hostname and Domain name: This can anything you want, just remember what the settings are.  I always uncheck “Change hostname via DHCP”
  3. Network configuration: You’ll need to set a static IP address, valid DNS servers, and a valid default gateway.
  4. Test Internet Connection: I always skip this
  5. Authentication Method: LDAP
    1. LDAP Client Configuration wizard
    2. Address of LDAP server: Enter the address assigned to your LDAP server from step 2
    3. You can use “Fetch DN” to get the correct base DN
    4. Uncheck LDAP TLS/SSL
    5. Open Advanced Configuration
      1. View Administration Settings
      2. Enter the full Administrator DN as recorded in step 2
      3. Accept
    6. Select Next
    7. Install any missing packages requested by YaST
  6. Release Notes: select Next
  7. Finish

At this point you should have a very basic OpenSUSE server up and running and connected to the Internet.  From here, we’ll install the Web server and iFolder services.  You should be back at the login prompt, so login as root, type “yast” (no quotes) and press enter.

Install required packages

In the YaST2 Control Center select Software -> Sofware Management.  Your system may update it’s cache at this point.  After a few moments you should see a list of installed software.  You’ll want to install the following packages and let YaST handle the dependencies:

  • apache2-worker
  • openssl
  • wget
  • log4net

After those packages are installed, I recomment creating a temp directory somewhere to download the required iFolder RPM files.  I ran the following…

cd ~
mkdir rpmtmp
cd rpmtmp
mkdir ifolder
mkdir mono
cd mono
wget http://ftp.novell.com/pub/mono/download/x86/mono/1.2.6-4/mono-core-1.2.6-4.novell.i586.rpm
wget http://ftp.novell.com/pub/mono/download/x86/mono/1.2.6-4/mono-data-1.2.6-4.novell.i586.rpm
wget http://ftp.novell.com/pub/mono/download/x86/mono/1.2.6-4/mono-data-sqlite-1.2.6-4.novell.i586.rpm
wget http://ftp.novell.com/pub/mono/download/x86/mono/1.2.6-4/mono-web-1.2.6-4.novell.i586.rpm
wget http://ftp.novell.com/pub/mono/download/x86/mono/1.2.6-4/mono-nunit-1.2.6-4.novell.i586.rpm
wget http://ftp.novell.com/pub/mono/download/x86/mono/1.2.6-4/mono-winforms-1.2.6-4.novell.i586.rpm
wget http://ftp.novell.com/pub/mono/download/noarch/xsp/1.2.6-2/xsp-1.2.6-2.novell.noarch.rpm
wget http://ftp.novell.com/pub/mono/download/suse-103-i586/mod_mono/1.2.6-1/apache2-mod_mono-1.2.6-1.suse103.novell.i586.rpm
rpm -Uvh *.rpm
cd ../ifolder/
wget http://superb-west.dl.sourceforge.net/sourceforge/ifolder3/ifolder3-enterprise-3.7.2.9089.1-0.2.i586.rpm
wget http://superb-east.dl.sourceforge.net/sourceforge/ifolder3/ifolder-enterprise-plugins-3.7.2.9089.1-2.i586.rpm
rpm -Uvh *.rpm

There, iFolder is installed. It’s not too bad once you get the right list of mono packages.  Next we need to configure the iFolder server and link it to our LDAP server. As the ifolder RPM indicates, “Run /usr/bin/simias-server-setup to configure the server”.  But wait, before we do that, that new virtual disk I created in VMWare needs to be formatted so it’s ready to go.

YaST -> System -> Partitioner

  1. Create a new Disk
  2. Select the disk you created, in my case, /dev/sdb
  3. Primary Partition
  4. Leave the format defaults as they are.  Note, iFolder requires an Ext3 or Reiser filesystem
  5. Leave the size with it’s defaults
  6. Set the Mount Point to, /data
  7. Select, OK
  8. Back in the main partitioner window, select Apply
  9. Confirm the changes by selecting Apply again.  Note: I’ve found selecting Finish often ends up requiring a reboot for some reason, so I shy away from it now.
  10. Also note, don’t screw this part up or you’ll be starting over by deploying your VM from template again.
  11. When the formatting is complete, select Quit to exit the Partitioner wizard

Now, back to the iFolder setup process, here is what I did:

/usr/bin/simias-server-setup
Server Data Path: /data/simias
Server Name: ifolderweb01
SSL: NONSSL
Public URL: http://myip/simias10
Private URL: http://myip/simias10
System Name: ifolder
System Description: iFolder Enterprise System
Use Key Recovery Agent? Y
Recovery Agent Certificate Path? /var/simias/data
Use LDAP? Y
LDAP Server? your ldap server IP
LDAP Secure? N
LDAP Admin DN? This is the full Administrator DN as recorded in step 2
LDAP Admin Password? Your password
System Admin? cn=admin,dc=yourdomain,dc=com (this is a little tricky, just use the same full Administrator DN you used, except swap, admin, in place of, administrator
System Admin Password? whatever you want
LDAP Proxy DN? cn=SimiasProxy,dc=yourdomain,dc=com
LDAP Proxy Password? whatever you want
LDAP Search Context? cn=iFolderUsers,ou=group,dc=mynightowl,dc=com
Naming Attribute? mail
Configure Apache? Y
Ldap Groups Plugin? Y

Whew, you have no idea how many times I ran the setup process to get that to work. The problem is all the default values are for non LDAP installations, and while I’ve very familiar with Windows and Active Directory, I don’t spend a lot of time looking at what all the specific Distinguished Names are in an LDAP directory.

Web Server Configuration

  • /usr/bin/ifolder-web-setup
    • Web Alias? /ifolder
    • Require SSL? N
    • Require Server SSL? N
    • iFolder URL? http://youripaddress:80/
    • Redirect URL? leave blank
  • /usr/bin/ifolder-admin-setup
    • Web Alias? /admin
    • Require SSL? N
    • Require Server SSL? N
    • iFolder URL?  http://youripaddress:80/
    • Redirect URL? leave blank
  • /sbin/chkconfig apache2 on
  • /etc/init.d/apache2 start

That is it.  You’re up and running.  Visit the addresses below in your web browser and start clicking around.  Keep in kind, I disabled ALL encryption for this installation.  In my particular case, all traffic will be contained to a trusted local area network.  If you’re doing anything over the Internet you’ll of course want to enable encryption.

I plan to follow up here with a special Step on enabling public encryption.  But up next in this series are the Windows and Mac OS desktop clients for iFolder.  This is where things get really useful.  Check back soon, follow me on Twitter @goodbadtech, or subscribe to Feedburner email notifications to stay informed of new posts.

User Access:  http://youripaddress/ifolder
Admin Access: http://youripaddress/admin

Authentication

The admin user you created has a username of, cn=admin,dc=yourdomain,dc=com, I know that’s a little unusual, but it’s just the default admin.  All other users you add to your LDAP directory will login using their email address.  I suggest logging in as cn=admin,dc=yourdomain,dc=com, then setting that first LDAP user you created as an iFolder admin, then you can use that for administering the system instead of the admin user with the complete distinguished name.

11 comments so far

Add Your Comment
  1. Reply
    Karsten Schmidt said: 2009.06.30 06:48

    Hi!
    Great tutorial, it works.
    But i need some helt to contact the iFolder wit the windows ifolder-client.
    i use 3.7.2.0 and after inserting server ( http://myip ) Username (mymailadress) and password (LDAP) there ist this errormessage:
    System.Web.Services.Protocols.SoapException: Die Anforderung konnte vom Server nicht verarbeitet werden. —> System.ArgumentNullException: Der Schlüssel darf nicht NULL sein.
    Parametername: key
    bei System.Collections.Hashtable.ContainsKey(Object key)
    bei Simias.WebState..ctor(String DomainID)
    bei Simias.DomainServices.DomainAgent.Login(Uri host, String domainID, NetworkCredential networkCredential, Boolean calledRecursive)
    bei Simias.DomainServices.DomainAgent.Attach(String host, String user, String password)
    bei Simias.Web.SimiasService.ConnectToDomain(String UserName, String Password, String Host)
    — Ende der internen Ausnahmestapelüberwachung —

    • Reply
      /good/bad/tech said: 2009.06.30 08:59

      First, make sure you’ve rebooted your windows desktop before connecting to the ifolder server. I know that’s annoying but the client software won’t run until after a reboot. Also, can you access ifolder through the web interface and login okay? http://yourip/ifolder or http://yourip/admin ?

  2. Reply
    Karsten Schmidt said: 2009.08.06 02:25

    Hi !
    >>Also, can you access ifolder through the web interface and login okay?http://yourip/ifolder or http://yourip/admin ?
    Yes, this part works. local on server and from all machines in our network.
    Only the client dosn´t work :-(
     
     

  3. Reply
    Bondok said: 2009.09.27 17:20

    Great tutorial.
    But one thing though, to avoid troubles with the client not connecting, you need to enable SSL in simias-server-setup by choosing either BOTH or SSL, don’t use NONSSL.
    Also, don’t use default data folder location, specify another one and let ifolder create it for you to enable proper permissions.

    • Reply
      /good/bad/tech said: 2009.10.02 10:40

      Excellent tip. Thanks Bondok.

  4. Reply
    Gary said: 2009.10.06 14:15

    I can access the admin & user web interfaces but can’t find the Windows XP client to install.  I am new to the Linux world so it’s very possible I missed a step some where.  Any help with this would be greatly appreciated.

  5. Reply
    Gary said: 2009.10.07 08:44

    Update.  I have installed the windows xp client 3.7.2 but get the following error:

    Server is old.  Cannot connect to the server

    Any ideas would be greatly appreciated.

  6. Reply
    /good/bad/tech said: 2009.10.07 09:21

    @Gary, sorry, I’m not sure what might cause that error.  Do you know for sure you have the 3.7.2 version of iFolder server installed?  There are some older versions out there.  Can you run, “rpm -q ifolder3-enterprise” on your Linux server to double check the version?

  7. Reply
    Gary said: 2009.10.07 11:48

    Thanks for the quick response.  Here’s the results of the command:

    ifolder3-enterprise-3.7.2.9224.1-7.1

  8. Reply
    Gary said: 2009.10.07 12:05

    Update.  I turned off LDAP (I couldn’t get it configured correctly anyway) and changed my public url to https instead of http and my client connected successfully.  My next step to get LDAP turned on to authenticate to our AD server.

    • Reply
      /good/bad/tech said: 2009.10.08 13:45

      If you think of it, let me know how the AD integration goes. I haven’t tried that yet. Also, this tool from Apache (http://directory.apache.org/studio/) can be very helpful testing LDAP authentication and determining distinguished names.

Your Comment

/Good/Bad/Tech