LTSP + OpenDirectory

Finally got the LTSP server running properly! The missing piece was to re-enable compression in the /etc/ltsp/ltsp-update-image.conf file. What a pain… At first, everything was working well. The LTSP installation went smoothly, the clients were built, the images were created… Then it all went south from there. The thin clients wouldn’t get to the login screen, or if they did get there, they would just keep going back to the login screen after someone tries to login. Argh…

So here’s the setup:

  • Apple Xserve, OSX 10.6 running OpenDirectory
  • Ubuntu 10.04 LTSP Server, i386
  • HP T5135 thin clients

It was easy enough to get the LTSP server running. The following packages were installed onto an existing Ubuntu server:

  • ubuntu-desktop (for the GUI)
  • libpam-ldap (for OD authentication)
  • libnss-ldap (for OD authentication)
  • ltsp-server (for LTSP functionality, not ltsp-server-standalone because we have DHCP on another server)
  • nfs-common (for nfs functionality)

Some LDAP specifics for this particular installation:

  1. in /etc/ldap.conf:
    • set the base dn: cn=users,dc=server,dc=example,dc=net
    • change nss_base_group: cn=groups,dc=server,dc=example,dc=net?one
    • add line at the end of ldap.conf: pam_filter !(uid=root)
  1. in /etc/nsswitch.conf

Here’s the kicker. Recent Ubuntu releases have had issues with NBD. At first it was thought that the NBD compression was the problem, so they added NO_COMP to the /etc/ltsp/ltsp-update-image.conf file

( Turns out it was actually nbd-proxy that was causing the problems, so compression can be allowed. Just comment out the NO_COMP line or delete it. With the NO_COMP line uncommented, the HP T5135 and T5515 clients either couldn’t successfully log in or couldn’t even get to the login screen. Interestingly enough, higher-powered computers that I tried using as thin clients had no problem logging in. It was just the low-powered thin clients that couldn’t deal with the uncompressed data.

Here is the additional DHCP settings to get the thin clients to find the LTSP server:

next-server [server ip address]; filename "/ltsp/i386/pxelinux.0"; option root-path "/opt/ltsp/i386";

So now everything seems to be working fine now. Users can log into the thin clients, their user profiles are loaded via nfs, and we’re good to go. Next step might be trying to get iTALC on LTSP and being able to view the thin clients from a master computer that is not part of LTSP.

    • change “compat” to “files ldap”