Howto install Xerte Online Toolkits

education

(Markus Neuberger) #1

This howto is about installing Xerte Online Toolkits.

Get the zip file from the xerte homepage - I couldn’t wget it, maybe someone has a hint for me…I downloaded it on a client and uploaded to Nethserver.

Installation

# Install prerequisites, maybe some php dependencies are missing here...
yum -y install unzip nethserver-mysql

# Extract and put xerte to right location
unzip xertetoolkits_3.6.zip -d xerte
mv xerte /usr/share/

# Set owner for xerte
chown -R apache:apache /usr/share/xerte

# Create database and db user, change SECRET to your desired password
mysql
create database toolkits_data character set utf8 collate utf8_bin;
grant all privileges on toolkits_data.* to xerte@localhost identified by 'SECRET';
exit;

# Create httpd conf file
cat << EOL > /etc/httpd/conf.d/xerte.conf
Alias /xerte /usr/share/xerte
<Directory /usr/share/xerte>
  Require all granted
</Directory>
EOL

# Create php ini file
cat << EOL >  /etc/php.d/xerte.ini
upload_tmp_dir = /tmp
EOL

# Apply settings
systemctl restart httpd

Browse to https://NETHSERVER/xerte and follow the setup assistant

When finished, delete the setup dir:

rm -Rf /usr/share/xerte/setup

Authentication

Local authentication works, remote LDAP didn’t work in first tests and remote AD is yet untested.

To make it work for Nethserver DC you need to disable strong auth or a valid certificate (untested with xerte).

Authentication settings:

In the site administration (https://NETHSERVER/xerte/management.php) under Site/Authentication settings you need to set “LDAP”.

Under LDAP settings you need to setup AD/LDAP.

You can get the necessary infos on your Nethservers Accounts provider page or on command line with account-provider-test dump.

The AD/ LDAP users are imported to the database after first login so don’t change the LDAP main filter after users have logged in otherwise you have doubled users.

LDAP settings for AD:

The ldap host is: ad.domain.local
The ldap port is: 389
The ldap password is: your ldapservice password
The ldap base is: dc=ad,dc=domain,dc=local
The ldap bind is: cn=ldapservice,cn=Users,dc=ad,dc=domain,dc=local
The LDAP main filter is: cn (to login as user without domain; use userPrincipalName to login as user@domain.local)
The LDAP second filter is: cn (seems not to be used, reserved?)

LDAP settings for OpenLDAP:

The ldap host is: localhost
The ldap port is: 389
The ldap password is: your ldapservice password
The ldap base is: dc=directory,dc=nh
The ldap bind is: cn=ldapservice,dc=directory,dc=nh
The LDAP main filter is: uid (to login as user without domain; use Email to login as user@domain.local)

Next steps:

  • add probably missing php deps
  • change howto to create vhost à la Nethserver
  • remote LDAP/AD
  • Testing

Join QNAP-NAS to NethServer LDAP Directory?
Education applications wishlist
(Rob Bosch) #2

You have to be logged in with a useraccount on the xerte website to be able to download the zip. The only way to directly get the files is through github and git clone the files.

You can confiure Xerte through https://NETHSERVER/xerte/management.php
default user is admin
default password is admin (or at least it is with the implementation on Karoshi server, where I run Xerte on)

Change the default password ASAP (especially if your server is internet facing)

/edit: Question to @mrmarkuz Why install in /usr/share and not create a virtualhost and go from there? Then create the xerte vhost and unzip to /var/lib/nethserver/vhost/xerte

/edit2: Reading the notes in the install screen, the default dir for a xerte install is /usr/share… would have been nice though, if it could be installed the ‘nethserver’ way.


Xerte Online Toolkits
(Markus Neuberger) #3

Would be possible too and maybe a better approach for a howto. I didn’t think of a virtualhost in the first step. I put it to /usr/share/xerte like /usr/share/nextcloud. You could add the virtualhost config in the xerte.conf even if xerte is located in /usr/share/nextcloud.


(Rob Bosch) #4

I tried to get Xerte to authenticate against Samba4 AD account provider, but it does not seem to work. Did you try this?
Looks like Ubuntu Server settings are different from CentOS, since the settings I posted above are from an Ubuntu based server. Biggest difference is that Samba4 is installed on the same server/IP address as where Xerte is running, so the domain is at localhost for that Ubuntu instance.


(Markus Neuberger) #5

I added it to the howto, it’s about the usual suspect: valid cert/samba ldap auth.