David Partingtin wrote:
Bob, Yes I read your AMGH Blog, but I simply don't understand the concept of how to set it up yet. I have three failover groups supporting 500 DTU's with servers in three different buildings. 270 of the DTU's are on dedicated interconnects with two entire Class C VLANS. The rest of the DTU's are bootp relayed to any servers located in any of the three failover groups located in the three buildings with Sun Ray Servers. All I want to do with AMGH is to allow Smart Card CAM Mode session mobility to any of the 500 Sun Rays located in 8 different buildings. I will go back and review your blog, and figure it out myself; I thank you for your time. I now realize I incorrectly used the forum for engineering help, which is not the proper method for support.
Dave, I'm perfectly happy to provide what support I can on a time-permitting basis in this forum. One advantage of a forum is that others can read the issues and solutions and perhaps apply them to their own situation. But I do request that you do your homework first and make your best effort before requesting help. Once that's done, feel free to ask questions. As you'll see from my blog, AMGH was not initially designed to work with our current CAM offering. I have however provided an unsupported PAM client that you can add into your CAM sessions to invoke the AMGH service. After that the simplest approach would be to use the reference script, and create a back_end_db that lists all your smartcard CUIDs and the FOGs they "belong to" (usually the one which can provide the best service to the location the user most commonly uses). Put the file into an NFS shared location, mount it everywhere, and modify the reference script to point to it. Add the AMGH PAM client into your CAM sessions. Then just run utamghadm to configure the reference script. Refinements worth considering are: - Write your own script similar to the reference script, but that is more robust/hardened. The input parsing in the reference script is really stupid and simple, because the goal was to provide reference code to learn about AMGH, and input parsing is irrelevant to that goal so we didn't want to clutter the example. - Use something with better RAS characteristics or that is better integrated with your site's data sources than an NFS share, such as LDAP. Modify the reference script to use ldapsearch commands or similar. -Bob _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
