Networks

Internets

Internet connection is provided by Comcast.

More information about the internet connection and trouble shooting can be found here: Internets

To administer the internets use the web interface located at: http://10.1.10.1 or http://modem.allhandsactive.org

Current config owners:

• Nick Ristow
• Tyler Worman
• Nate Yost

WIFI

WIFI is provided by the Mikrotik Router and routed through the Comcast Connection

2 DHCP enabled SSID's are provided.

SSID: ALLHANDSACTIVE

As of: 11/15/2015 ALLHANDSACTIVE is a general use wifi connection.

Password: TheNextGeneration

Future 2/1: This connection to be discontinued.

SSID: AHA-PUBLIC

Throttled AHA public wireless. Defaults to 500k/100k per connection.

Password: TheNextGeneration

SSID: AHA-MEMBERS

Unthrottled AHA public wireless. Login with your AHA LDAP username and password using Enterprise WPA2

Future: To be turned on mid January.

LAN

Router/Switches

Router Main

Mikrotik Routerboard RB2011UiAS-2HnD-IN Router Instructions: (http://wiki.mikrotik.com/wiki/Manual:TOC)

Maintained by:

• Tyler Worman
• Mike Grube

Runs RouterOS 6. Upgrade rights for versions through RouterOS 8 Routerboard RB2011UiAS-2HnD-IN Runs DNS server with internal static host names configured and uses google DNS after that. Cable modem points to this DNS server.

• IP Address: 10.1.10.3 router.allhandsactive.org (internal)

Workstation Switch

Located in center of workstations

Netgear FS524

Printer

A networked BW Laser Printer

• Model: HP Laserjet 2600N
• IP Address: 10.1.10.2 printer.allhandsactive.org (internal)

BYB Cardswipe

Used for BYB employee's to clock in and out.

• Model: EZ Clocking EC50
• IP Address: 10.1.10.14
• Owner: BYB

NAS

Controls AHA's LDAP server, Radius server, file shares and remote login. The NAS is knows as HUB@AHA. hub.allhandsactive.com:5000 (external)

• Model: Synology DS409
• IP Address: 10.1.10.4 hub.allhandsactive.org (internal)

Maintained by:

• Nick Ristow
• Alex White
• Tyler Worman

More information about this project can be found here: Computing Infrastructure: HUB@AHA

Backups

Machines are fresh installed to same state and are not backed up. The NAS offers recovery in event of a loss of disk but we presently do not do a remote backup of user files.

Mapping drives

Copy setupDrives.vbs to C:\ from \\hub\AHASoftware

In Windows startup Local Group Policy Editor as Admin Under UserConfiguration\Windows Settings\Scripts (Logon/Logoff) add the script as a login script.

LDAP Config

General pGina 3.1.8.0

Setup graphics on main screen

Copy the rhinoblue.bmp from the following directory to C:\ on the local machine and set as the pGINA login graphic. \\hub\AHASoftware\AHA Promo Graphics\rhinoblue.bmp

Config images

Plugin Screen:

Plugin Order Screen:

Plugin LDAP Config Screen:

Plugin LDAP Config Authorization Screen:

Workstations

CNC

This machine is used to run the CNC machine in the back room.

Software

• Windows Vista
• Mach 3 (http://www.machsupport.com/software/mach3/)
• USB SmoothStepper for Mach 3 (http://www.warp9td.com/)
• VCarvePro 6.0 (http://www.vectric.com/products/vcarve.htm)
• Cut3D 1.025 (http://www.vectric.com/products/cut3d.html)

Config

Configs are backed up here: List GIT location

Harware

Specs: List them here, but we really could use a new machine. Connnected to: CNC_Machine

Maintainer

Maintained by: Tyler Worman

Licenses

Licenses to Mach3, VCarve Pro and Cut3D owned by: Tyler Worman

Todo

• Update the tool index in Vcarve and Cut3D
• Backup config for Vcarve and Mach3 to Tyler's GIT/BitBucket repository
• Wipe machine
• Install a Windows 10 license.
• Install CNC software
• Lock machine down to admin and LDAP enabled members (as non-admin accounts!)

Login

Username: CNC

Password: Ask Tyler

BYB LASER (Big Red/Softdog)

Hardware

Specs: List them here

Software

List software here

Maintainer

Who owns and maintains the PC and it's software?

To Do

• Verify with Greg/BYB that it's still okay to LDAP enable the machine login - Yes, it is. Nick checked.
• Get list of valid users from Greg
• Create LDAP group on NAS
• Install pGina on machine
• Fully update machine and software
• lock down login to admin and pGina NAS users.

AHA LASER

Hardware

Specs: List them here

This PC is currently not turned on and is sitting in the loud noise room. It needs to be cleaned. Tyler W. has the registration info for the software.

Software

Inkskape Gimp Retina Engrave

Maintainer

Who owns and maintains the PC and it's software?

To Do

• Clean and move from loud noise room.
• Extract image from machine so we have a backup before wiping. (unsure how authentication of software will go)
• Create LDAP group on NAS for Little laser
• Install pGina on machine
• Fully update machine and software
• lock down login to admin and pGina NAS users.

5 Public Workstations

Current state

Specs:

• PC1 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB - DEMO (LDAP)
• PC2 - Win 7 AMD A10-5800K 3.8GHZ 8GB (MAKER Login)
• PC3 - Win 7 AMD A10-5800K 3.8GHZ 8GB (MAKER Login)
• PC4 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB - Demo (LDAP)
• PC5 - Win 7 AMD A10-5800K 3.8GHZ 8GB (MAKER Login)

Future state

5 Managed Windows 10 workstations. Software updated by Ninite, Windows updates kept up to date by service account script.

1 Local admin account on each machine.

Easy to build a new image from scratch with instructions for doing this here: Computer Infrastructure: Building new Workstation image

Setup Steam

http://download.cnet.com/RunAsGUI/3000-2094_4-10913442.html - Install Runasgui.

To do

• Write script to perform offline, silent, no reboot windows updates for all machines. (https://stackoverflow.com/questions/16180265/automatically-update-windows-fully)
• Write script to move home dirs desktop/my documents to nas/home
• Allow demo of machines until 1/30 by users and during this time provision members with accounts.
• Reset all passwords.
• Explore deleting home dir from local machine after creation
• Explore mapping home dir to the NAS on login.
• Find work around for some steam games that require use to be Admin on the machines to run them.
  • https://superuser.com/questions/99286/selectively-disabling-uac-for-specific-programs-on-windows-7 Maybe this?
  • http://helpdeskgeek.com/windows-7/run-programs-as-administrator-with-full-elevated-rights-in-windows-7/ or this with the change options for all users
  • http://www.howtogeek.com/124087/how-to-create-a-shortcut-that-lets-a-standard-user-run-an-application-as-administrator/ Seems like a security hole
  • Runas-gui lets you create a RAG file that allows one specific program to run as Admin like the Steamservice.exe

AHA installed software

Individual Installed:

pGina	Arduino Studio
OpenSCAD	LibreCAD	FreeCAD	EagleCAD	KiCAD

Ninite installed:

Chrome	Firefox	Steam
DropBox	Google Drive	Skype	VLC	Audacity
Java 8	JDK 8	.Net 4.6	Python
Notepad++	Eclipse
PuTTY	WinSCP	7 ZIP	WinRAR	FileZilla
Gimp	Inkscape	Paint.Net
LibreOffice	PDF Creator

Restore Workstations

Guide here: Computer Infrastructure: Restoring Workstations

The workstation restoration process involves wiping the machine, copying down an image from the NAS and running updates.

Virtual Machines

Future State: HUB@AHA has 1 Ubuntu VirtualBox image that get mounted to the 6 public workstations at login. It's maintained by AHA and configured with default settings for the space. You may clone the image for your personal use.

Todo

• Create base image
• Install additional software
• Configure home directory mount via LDAP.
• Install VirtualBox extensions.
• Mark it read only.
• Share to network via NAS.
• Configure login script to mount this share at login.

Base Image

A base install of the latest LTR Ubuntu image that is reasonably patched.

Additional software

These packages are installed in addition to the base install.

• Arduino
• Eclipse
• JDK
• Inkscape
• Gimp
• Blender
• OpenSCAD

If you need additional packages please contact Tyler Worman to request a base package be added to the distribution.

Usage pattern

Copy the VM to your private folder on the NAS and use as needed. Wipe/Restore from base image as needed.