Computing Infrastructure
Networks
Internets
Internet connection is provided by Comcast.
More information about the internet connection and trouble shooting can be found here: Internets
To administer the internets use the web interface located at: http://10.1.10.1
Current config owners:
- Nick Ristow
- Tyler Worman
- Nate Yost
WIFI
WIFI is provided by the Mikrotik Router and routed through the Comcast Connection
2 DHCP enabled SSID's are provided.
SSID: ALLHANDSACTIVE
As of: 11/15/2015 ALLHANDSACTIVE is a general use wifi connection.
Password: TheNextGeneration
Future 2/1: This connection to be discontinued.
SSID: AHA-PUBLIC
Throttled AHA public wireless. Defaults to 500k/100k per connection.
Password: TheNextGeneration
SSID: AHA-MEMBERS
Unthrottled AHA public wireless. Login with your AHA LDAP username and password using Enterprise WPA2
Future: To be turned on mid January.
LAN
Router/Switches
Router Main
Mikrotik Routerboard RB2011UiAS-2HnD-IN Router Instructions: (http://wiki.mikrotik.com/wiki/Manual:TOC)
Maintained by:
- Tyler Worman
- Mike Grube
Runs RouterOS 6. Upgrade rights for versions through RouterOS 8 Routerboard RB2011UiAS-2HnD-IN
- IP Address: 10.1.10.3
Workstation Switch
Located in center of workstations
Netgear FS524
Printer
A networked BW Laser Printer
- Model: HP Laserjet 2600N
- IP Address: 10.1.10.2 printer.allhandsactive.org (internal)
BYB Cardswipe
Used for BYB employee's to clock in and out.
- Model: EZ Clocking EC50
- IP Address: 10.1.10.14
- Owner: BYB
NAS
Controls AHA's LDAP server, Radius server, file shares and remote login. The NAS is knows as HUB@AHA. hub.allhandsactive.com:5000 (external)
- Model: Synology DS409
- IP Address: 10.1.10.4 hub.allhandsactive.org (internal)
Maintained by:
- Nick Ristow
- Alex White
- Tyler Worman
More information about this project can be found here: Computing Infrastructure: HUB@AHA
Backups
Machines are fresh installed to same state and are not backed up. The NAS offers recovery in event of a loss of disk but we presently do not do a remote backup of user files.
Mapping drives
Copy setupDrives.vbs to C:\ from \\hub\AHASoftware
In Windows startup Local Group Policy Editor as Admin Under UserConfiguration\Windows Settings\Scripts (Logon/Logoff) add the script as a login script.
LDAP Config
General pGina 3.1.8.0
Setup graphics on main screen
Copy the rhinoblue.bmp from the following directory to C:\ on the local machine and set as the pGINA login graphic. \\hub\AHASoftware\AHA Promo Graphics\rhinoblue.bmp
Config images
Plugin Screen:
Plugin Order Screen:
Plugin LDAP Config Screen:
Plugin LDAP Config Authorization Screen:
Workstations
CNC
This machine is used to run the CNC machine in the back room.
Software
- Windows Vista
- Mach 3 (http://www.machsupport.com/software/mach3/)
- USB SmoothStepper for Mach 3 (http://www.warp9td.com/)
- VCarvePro 6.0 (http://www.vectric.com/products/vcarve.htm)
- Cut3D 1.025 (http://www.vectric.com/products/cut3d.html)
Config
Configs are backed up here: List GIT location
Harware
Specs: List them here, but we really could use a new machine. Connnected to: CNC_Machine
Maintainer
Maintained by: Tyler Worman
Licenses
Licenses to Mach3, VCarve Pro and Cut3D owned by: Tyler Worman
Todo
- Update the tool index in Vcarve and Cut3D
- Backup config for Vcarve and Mach3 to Tyler's GIT/BitBucket repository
- Wipe machine
- Install a Windows 10 license.
- Install CNC software
- Lock machine down to admin and LDAP enabled members (as non-admin accounts!)
Login
Username: CNC
Password: Ask Tyler
LASER
Hardware
Specs: List them here
Software
List software here
Maintainer
Who owns and maintains the PC and it's software?
To Do
- Verify with Greg/BYB that it's still okay to LDAP enable the machine login
- Get list of valid users from Greg
- Create LDAP group on NAS
- Install pGina on machine
- Fully update machine and software
- lock down login to admin and pGina NAS users.
5 Public Workstations
Current state
Specs:
- PC1 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB - DEMO (LDAP)
- PC2 - Win 7 AMD A10-5800K 3.8GHZ 8GB (MAKER Login)
- PC3 - Win 7 AMD A10-5800K 3.8GHZ 8GB (MAKER Login)
- PC4 - Win 10 Pro AMD A10-5800K 3.8GHZ 8GB - Demo (LDAP)
- PC5 - Win 7 AMD A10-5800K 3.8GHZ 8GB (MAKER Login)
Future state
5 Managed Windows 10 workstations. Software updated by Ninite, Windows updates kept up to date by service account script.
1 Local admin account on each machine.
User's login via LDAP enabled logins provided by HUB@AHA
Login mount of AHA software (VirtualBox Ubuntu Images)
Login mount of AHA shared folder (see HUB@AHA)
Easy to wipe and restore with documented instructions for doing this located here: Computer Infrastructure: Restoring Workstations
Easy to build a new image from scratch with instructions for doing this here: Computer Infrastructure: Building new Workstation image
To do
- Write script to perform offline, silent, no reboot windows updates for all machines. (https://stackoverflow.com/questions/16180265/automatically-update-windows-fully)
- Write script to move home dirs desktop/my documents to nas/home
- Allow demo of machines until 1/30 by users and during this time provision members with accounts.
- Reset all passwords.
- Explore deleting home dir from local machine after creation
- Explore mapping home dir to the NAS on login.
- Find work around for some steam games that require use to be Admin on the machines to run them.
- https://superuser.com/questions/99286/selectively-disabling-uac-for-specific-programs-on-windows-7 Maybe this?
- http://helpdeskgeek.com/windows-7/run-programs-as-administrator-with-full-elevated-rights-in-windows-7/ or this with the change options for all users
- http://www.howtogeek.com/124087/how-to-create-a-shortcut-that-lets-a-standard-user-run-an-application-as-administrator/ Seems like a security hole
- Runas-gui lets you create a RAG file that allows one specific program to run as Admin like the Steamservice.exe
AHA installed software
Individual Installed:
pGina | Arduino Studio | |||
OpenSCAD | LibreCAD | FreeCAD | EagleCAD | KiCAD |
Ninite installed:
Chrome | Firefox | Steam | ||
DropBox | Google Drive | Skype | VLC | Audacity |
Java 8 | JDK 8 | .Net 4.6 | Python | |
Notepad++ | Eclipse | |||
PuTTY | WinSCP | 7 ZIP | WinRAR | FileZilla |
Gimp | Inkscape | Paint.Net | ||
LibreOffice | PDF Creator |
Restore Workstations
Guide here: Computer Infrastructure: Restoring Workstations
The workstation restoration process involves wiping the machine, copying down an image from the NAS and running updates.
Virtual Machines
Future State: HUB@AHA has 1 Ubuntu VirtualBox image that get mounted to the 6 public workstations at login. It's maintained by AHA and configured with default settings for the space. You may clone the image for your personal use.
Todo
- Create base image
- Install additional software
- Configure home directory mount via LDAP.
- Install VirtualBox extensions.
- Mark it read only.
- Share to network via NAS.
- Configure login script to mount this share at login.
Base Image
A base install of the latest LTR Ubuntu image that is reasonably patched.
Additional software
These packages are installed in addition to the base install.
- Arduino
- Eclipse
- JDK
- Inkscape
- Gimp
- Blender
- OpenSCAD
If you need additional packages please contact Tyler Worman to request a base package be added to the distribution.
Usage pattern
Copy the VM to your private folder on the NAS and use as needed. Wipe/Restore from base image as needed.