Computing Infrastructure: Difference between revisions

From All Hands Active Wiki
Jump to navigation Jump to search
Nova1313 (talk | contribs)
Nova1313 (talk | contribs)
Line 205: Line 205:
* Allow demo of machines until 1/30 by users and during this time provision members with accounts.
* Allow demo of machines until 1/30 by users and during this time provision members with accounts.
* Reset all passwords.
* Reset all passwords.
* Explore deleting home dir from local machine after creation
* Explore mapping home dir to the NAS on login.
* Find work around for some steam games that require use to be Admin on the machines to run them.
** https://superuser.com/questions/99286/selectively-disabling-uac-for-specific-programs-on-windows-7 Maybe this?
** http://helpdeskgeek.com/windows-7/run-programs-as-administrator-with-full-elevated-rights-in-windows-7/ or this with the change options for all users
** http://www.howtogeek.com/124087/how-to-create-a-shortcut-that-lets-a-standard-user-run-an-application-as-administrator/ Seems like a security hole
** Runas-gui lets you create a RAG file that allows one specific program to run as Admin like the Steamservice.exe


===AHA installed software===
===AHA installed software===

Revision as of 13:37, 11 January 2016

Networks

Internets

Internet connection is provided by Comcast.

More information about the internet connection and trouble shooting can be found here: Internets

To administer the internets use the web interface located at: http://10.1.10.1

Current config owners:

  • Nick Ristow
  • Tyler Worman
  • Nate Yost

WIFI

WIFI is provided by the Mikrotik Router and routed through the Comcast Connection

2 DHCP enabled SSID's are provided.

SSID: ALLHANDSACTIVE

As of: 11/15/2015 ALLHANDSACTIVE is a general use wifi connection.

Password: TheNextGeneration

Future 2/1: This connection to be discontinued.

SSID: AHA-PUBLIC

Throttled AHA public wireless. Defaults to 500k/100k per connection.

Password: TheNextGeneration

SSID: AHA-MEMBERS

Unthrottled AHA public wireless. Login with your AHA LDAP username and password using Enterprise WPA2

Future: To be turned on mid January.

LAN

Router/Switches

Router Main

Mikrotik Routerboard RB2011UiAS-2HnD-IN Router Instructions: (http://wiki.mikrotik.com/wiki/Manual:TOC)

Maintained by:

  • Tyler Worman
  • Mike Grube

Runs RouterOS 6. Upgrade rights for versions through RouterOS 8 Routerboard RB2011UiAS-2HnD-IN

  • IP Address: 10.1.10.3

Workstation Switch

Located in center of workstations

Netgear FS524

Printer

A networked BW Laser Printer

  • Model: HP Laserjet 2600N
  • IP Address: 10.1.10.2

BYB Cardswipe

Used for BYB employee's to clock in and out.

  • Model: EZ Clocking EC50
  • IP Address: 10.1.10.14
  • Owner: BYB

NAS

Controls AHA's LDAP server, Radius server, file shares and remote login. The NAS is knows as HUB@AHA. hub.allhandsactive.com (external)

  • Model: Synology DS409
  • IP Address: 10.1.10.4

Maintained by:

  • Nick Ristow
  • Alex White
  • Tyler Worman

More information about this project can be found here: Computing Infrastructure: HUB@AHA

Backups

Machines are fresh installed to same state and are not backed up. The NAS offers recovery in event of a loss of disk but we presently do not do a remote backup of user files.

Mapping drives

Copy setupDrives.vbs to C:\ from \\hub\AHASoftware

In Windows startup Local Group Policy Editor as Admin Under UserConfiguration\Windows Settings\Scripts (Logon/Logoff) add the script as a login script.

LDAP Config

General pGina 3.1.8.0

Setup graphics on main screen

Copy the rhinoblue.bmp from the following directory to C:\ on the local machine and set as the pGINA login graphic. \\hub\AHASoftware\AHA Promo Graphics\rhinoblue.bmp

Config images

Plugin Screen:

Plugin Order Screen:

Plugin LDAP Config Screen:

Plugin LDAP Config Authorization Screen:

Workstations

CNC

This machine is used to run the CNC machine in the back room.

Software

Config

Configs are backed up here: List GIT location

Harware

Specs: List them here, but we really could use a new machine. Connnected to: CNC_Machine

Maintainer

Maintained by: Tyler Worman

Licenses

Licenses to Mach3, VCarve Pro and Cut3D owned by: Tyler Worman

Todo

  • Update the tool index in Vcarve and Cut3D
  • Backup config for Vcarve and Mach3 to Tyler's GIT/BitBucket repository
  • Wipe machine
  • Install a Windows 10 license.
  • Install CNC software
  • Lock machine down to admin and LDAP enabled members (as non-admin accounts!)

Login

Username: CNC

Password: Ask Tyler

LASER

Hardware

Specs: List them here

Software

List software here

Maintainer

Who owns and maintains the PC and it's software?

To Do

  • Verify with Greg/BYB that it's still okay to LDAP enable the machine login
  • Get list of valid users from Greg
  • Create LDAP group on NAS
  • Install pGina on machine
  • Fully update machine and software
  • lock down login to admin and pGina NAS users.

5 Public Workstations

Current state

Specs:

  • PC1 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB - DEMO (LDAP)
  • PC2 - Win 7 AMD A10-5800K 3.8GHZ 8GB (MAKER Login)
  • PC3 - Win 7 AMD A10-5800K 3.8GHZ 8GB (MAKER Login)
  • PC4 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB - Demo (LDAP)
  • PC5 - Win 7 AMD A10-5800K 3.8GHZ 8GB (MAKER Login)

Future state

5 Managed Windows 10 workstations. Software updated by Ninite, Windows updates kept up to date by service account script.

1 Local admin account on each machine.

User's login via LDAP enabled logins provided by HUB@AHA

Login mount of AHA software (VirtualBox Ubuntu Images)

Login mount of AHA shared folder (see HUB@AHA)

Easy to wipe and restore with documented instructions for doing this located here: Computer Infrastructure: Restoring Workstations

Easy to build a new image from scratch with instructions for doing this here: Computer Infrastructure: Building new Workstation image

To do

AHA installed software

Individual Installed:

pGina Arduino Studio
OpenSCAD LibreCAD FreeCAD EagleCAD KiCAD

Ninite installed:

Chrome Firefox Steam
DropBox Google Drive Skype VLC Audacity
Java 8 JDK 8 .Net 4.6 Python
Notepad++ Eclipse
PuTTY WinSCP 7 ZIP WinRAR FileZilla
Gimp Inkscape Paint.Net
LibreOffice PDF Creator

Restore Workstations

Guide here: Computer Infrastructure: Restoring Workstations

The workstation restoration process involves wiping the machine, copying down an image from the NAS and running updates.

Virtual Machines

Future State: HUB@AHA has 1 Ubuntu VirtualBox image that get mounted to the 6 public workstations at login. It's maintained by AHA and configured with default settings for the space. You may clone the image for your personal use.

Todo

  • Create base image
  • Install additional software
  • Configure home directory mount via LDAP.
  • Install VirtualBox extensions.
  • Mark it read only.
  • Share to network via NAS.
  • Configure login script to mount this share at login.

Base Image

A base install of the latest LTR Ubuntu image that is reasonably patched.

Additional software

These packages are installed in addition to the base install.

  • Arduino
  • Eclipse
  • JDK
  • Inkscape
  • Gimp
  • Blender
  • OpenSCAD


If you need additional packages please contact Tyler Worman to request a base package be added to the distribution.

Usage pattern

Copy the VM to your private folder on the NAS and use as needed. Wipe/Restore from base image as needed.