{"id":812,"date":"2015-10-02T19:59:39","date_gmt":"2015-10-02T17:59:39","guid":{"rendered":"http:\/\/bakman.nl\/tech\/?p=812"},"modified":"2015-10-04T10:22:56","modified_gmt":"2015-10-04T08:22:56","slug":"clearos-7-nas","status":"publish","type":"post","link":"http:\/\/bakman.nl\/tech\/?p=812","title":{"rendered":"ClearOS 7 NAS Part 1"},"content":{"rendered":"<div id=\"toc_container\" class=\"no_bullets\"><p class=\"toc_title\">Inhoud<\/p><ul class=\"toc_list\"><li><a href=\"#Post_Installation_Wizard\"><span class=\"toc_number toc_depth_1\">1<\/span> Post Installation Wizard<\/a><ul><li><a href=\"#Install_Packages\"><span class=\"toc_number toc_depth_2\">1.1<\/span> Install Packages<\/a><\/li><\/ul><\/li><li><a href=\"#LDAP_and_PDC\"><span class=\"toc_number toc_depth_1\">2<\/span> LDAP and PDC<\/a><ul><li><a href=\"#LDAP_setup\"><span class=\"toc_number toc_depth_2\">2.1<\/span> LDAP setup<\/a><\/li><li><a href=\"#LDAP_users_and_groups\"><span class=\"toc_number toc_depth_2\">2.2<\/span> LDAP users and groups<\/a><\/li><li><a href=\"#PDC_setup\"><span class=\"toc_number toc_depth_2\">2.3<\/span> PDC setup<\/a><\/li><\/ul><\/li><li><a href=\"#Database_and_Webservices\"><span class=\"toc_number toc_depth_1\">3<\/span> Database and Webservices<\/a><ul><li><a href=\"#Database_tweaks\"><span class=\"toc_number toc_depth_2\">3.1<\/span> Database tweaks<\/a><\/li><li><a href=\"#Improve_security_MariaDB\"><span class=\"toc_number toc_depth_2\">3.2<\/span> Improve security MariaDB<\/a><\/li><li><a href=\"#Webserver_setup\"><span class=\"toc_number toc_depth_2\">3.3<\/span> Webserver setup<\/a><\/li><\/ul><\/li><\/ul><\/div>\n<p>I have build a tutorial in my native, Dutch language for building your own private NAS-like, mediaserver. I&#8217;ve choosen this route instead of the well known Synology or QNAP one. I found them too restricted, I prefer having full control. That was done for ClearOS 6. Now the Release Canditate of ClearOS 7 is out. Let&#8217;s build a new machine which can do the same (and more) for your NAS needs. This time &#8211; by popular demand &#8211; I&#8217;m doing it in English. Let&#8217;s start.<\/p>\n<h2><span id=\"Post_Installation_Wizard\">Post Installation Wizard<\/span><\/h2>\n<p>After installation on your hardware (bare metal or VM), the post install wizard of ClearOS starts. Every page has a <strong>Previous<\/strong> and <strong>Next<\/strong> button on top. Fill in all the details (see\u00a0screenshots below) and click <strong>Next<\/strong>. It will be over in a minute. Click for a larger image on the specific screenshot.<\/p>\n<div id='gallery-1' class='gallery galleryid-812 gallery-columns-2 gallery-size-large'><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_32_27.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_32_27-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-813\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_32_27-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_32_27-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_32_27.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-813'>\n\t\t\t\tThe wizard is getting started. Can you see the difference with ClearOS 6?\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_34_25.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_34_25-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-814\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_34_25-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_34_25-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_34_25.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-814'>\n\t\t\t\tWe&#8217;ll choose Private Server Mode for our home (office) installation.\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_35_44.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_35_44-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-815\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_35_44-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_35_44-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_35_44.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-815'>\n\t\t\t\tCheck if your network card is getting an ip address. It must be, otherwise you won&#8217;t be able to access the web interface&#8230;\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_36_39.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_36_39-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-816\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_36_39-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_36_39-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_36_39.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-816'>\n\t\t\t\tWait and see; y will  see your server&#8217;s doing some DNS checking. This must be succesfull.\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_37_08.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_37_08-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-817\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_37_08-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_37_08-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-01-09_37_08.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-817'>\n\t\t\t\tChoose Community Edition. Home is not yet available at the time. It will also cost you $$. Community is free.\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_47_56.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_47_56-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-818\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_47_56-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_47_56-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_47_56.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-818'>\n\t\t\t\tLogin or create an ClearCenter account. \n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_49_23.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_49_23-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-819\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_49_23-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_49_23-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_49_23.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-819'>\n\t\t\t\tYes, the installation is registered!\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_50_58.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_50_58-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-820\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_50_58-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_50_58-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_50_58.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-820'>\n\t\t\t\tThe system will check if there are updates available. If available, install all of them.\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_09.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_09-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-821\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_09-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_09-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_09.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-821'>\n\t\t\t\tType a name to blend in with your existing network. \n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_32.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_32-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-822\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_32-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_32-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_32.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-822'>\n\t\t\t\tThe hostnames are automatically filled. If you want to change it, do it now, this is the moment.\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_44.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_44-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-823\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_44-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_44-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_52_44.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-823'>\n\t\t\t\tIf ip and dns is working, default will be fine.\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_54_18.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_54_18-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-824\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_54_18-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_54_18-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_54_18.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-824'>\n\t\t\t\tFor now, choose Skip Wizard. We will install packages later.\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_55_17.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_55_17-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-825\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_55_17-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_55_17-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_55_17.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-825'>\n\t\t\t\tNow, this one is new in ClearOS 7. We will go with the Default.\n\t\t\t\t<\/figcaption><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_57_58.png'><img width=\"660\" height=\"371\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_57_58-1024x576.png\" class=\"attachment-large size-large\" alt=\"\" loading=\"lazy\" aria-describedby=\"gallery-1-826\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_57_58-1024x576.png 1024w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_57_58-300x169.png 300w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-11_57_58.png 1366w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a>\n\t\t\t<\/div>\n\t\t\t\t<figcaption class='wp-caption-text gallery-caption' id='gallery-1-826'>\n\t\t\t\tChoose the items you like to fill the default Dashboard grid.\n\t\t\t\t<\/figcaption><\/figure>\n\t\t<\/div>\n\n<p>You&#8217;re done! The installation is finished. Let&#8217;s start building this NAS.<\/p>\n<h3><span id=\"Install_Packages\">Install Packages<\/span><\/h3>\n<p>Let&#8217;s try and isntall a bunch of packges we need. Open a PuTTY session from your Windows machine to the new server&#8217;s ip address or hostname. Logon as root and type (or copy\/paste) the following command and press Enter:<\/p>\n<pre># yum -y install \\\r\napp-openldap-directory \\\r\napp-samba \\\r\napp-flexshare \\\r\napp-mariadb \\\r\napp-web-server \\\r\napp-antivirus \\\r\napp-file-scan \\\r\napp-shell-extension-core \\\r\napp-services \\\r\napp-system-report \\\r\napp-process-viewer \\\r\napp-resource-report \\\r\napp-network-report \\\r\napp-network-visualiser \\\r\napp-log-viewer \\\r\napp-software-repository<\/pre>\n<p>This will download and install around 200 MB of packages. Sit back, relax and watch the show.<\/p>\n<pre>[...]\r\nTransaction Summary\r\n==========================================================================\r\nInstall 13 Packages (+81 Dependent packages)\r\n\r\nTotal download size: 164 M\r\nInstalled size: 408 M\r\n[...]<\/pre>\n<p>Just to be safe, restart your server.<\/p>\n<pre># shutdown -r now<\/pre>\n<p>Your PuTTY session will disconnect.<\/p>\n<h2><span id=\"LDAP_and_PDC\">LDAP and PDC<\/span><\/h2>\n<h3><span id=\"LDAP_setup\">LDAP setup<\/span><\/h3>\n<p>Logon to the ClearOS webinterface https:\/\/&lt;ipaddress&gt;:81 and go to <strong>Server<\/strong> &#8211; <strong>Directory<\/strong> &#8211; <strong>Directory Server<\/strong> in the left menu. In the right pane enter the base domain details you want the LDAP to use i.e. &#8220;home.lan&#8221; or &#8220;&lt;yourname&gt;.lan&#8221;. Click the <strong>Initialize<\/strong> button when ready.<\/p>\n<p><img loading=\"lazy\" class=\"alignnone size-full wp-image-828\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_27_10.png\" alt=\"ClearOS 7 LDAP Base Domain \" width=\"926\" height=\"361\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_27_10.png 926w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_27_10-300x117.png 300w\" sizes=\"(max-width: 926px) 100vw, 926px\" \/><\/p>\n<figure id=\"attachment_829\" aria-describedby=\"caption-attachment-829\" style=\"width: 669px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" class=\"wp-image-829 size-full\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_35_13.png\" alt=\"Initializing LDAP\" width=\"669\" height=\"124\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_35_13.png 669w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_35_13-300x56.png 300w\" sizes=\"(max-width: 669px) 100vw, 669px\" \/><figcaption id=\"caption-attachment-829\" class=\"wp-caption-text\">Initializing LDAP settings<\/figcaption><\/figure>\n<p>After a few seconds your LDAP has\u00a0initialized it&#8217;s database. All LDAP details are shown.<\/p>\n<figure id=\"attachment_830\" aria-describedby=\"caption-attachment-830\" style=\"width: 652px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" class=\"wp-image-830 size-full\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_38_05-e1443789667400.png\" alt=\"LDAP details\" width=\"652\" height=\"691\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_38_05-e1443789667400.png 652w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_38_05-e1443789667400-283x300.png 283w\" sizes=\"(max-width: 652px) 100vw, 652px\" \/><figcaption id=\"caption-attachment-830\" class=\"wp-caption-text\">LDAP details<\/figcaption><\/figure>\n<h3><span id=\"LDAP_users_and_groups\">LDAP users and groups<\/span><\/h3>\n<p>Now it&#8217;s time to fill the LDAP with users their information.<br \/>\nGot the menu <strong>System<\/strong> &#8211; <strong>Accounts<\/strong> &#8211; <strong>Users<\/strong> and click the Add button on the User Manager page to add a new user.<\/p>\n<p><img loading=\"lazy\" class=\"alignnone wp-image-832 size-full\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_46_45.png\" alt=\"\" width=\"235\" height=\"165\" \/><\/p>\n<p>Keep adding new users untill you had enough. If you want the users to access bash with PuTTY or within scripts, choose <strong>&#8216;\/usr\/bin\/bash&#8217;<\/strong> at <strong>Login Shell<\/strong>.<br \/>\nNote: Also add a user called &#8216;<strong>nzbuser<\/strong>&#8216;<\/p>\n<p><img loading=\"lazy\" class=\"alignnone size-full wp-image-833\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_56_53.png\" alt=\"Add user info\" width=\"656\" height=\"570\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_56_53.png 656w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-14_56_53-300x261.png 300w\" sizes=\"(max-width: 656px) 100vw, 656px\" \/><\/p>\n<h3><span id=\"PDC_setup\">PDC setup<\/span><\/h3>\n<p>For PDC to work for the users we just created, we need to setup Samba the right way. Go to <strong>Server<\/strong> &#8211; <strong>File<\/strong> &#8211; <strong>Windows Networking (Samba)<\/strong> in the left menu.<\/p>\n<figure id=\"attachment_835\" aria-describedby=\"caption-attachment-835\" style=\"width: 235px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" class=\"size-full wp-image-835\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-15_04_05.png\" alt=\"Windows Networking\" width=\"235\" height=\"322\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-15_04_05.png 235w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-15_04_05-219x300.png 219w\" sizes=\"(max-width: 235px) 100vw, 235px\" \/><figcaption id=\"caption-attachment-835\" class=\"wp-caption-text\">Windows Networking<\/figcaption><\/figure>\n<p>Enter the server machine name and the domain you want your Windows clients to use. Also enter the password of the administrator of the domain. Remember this account &#8216;<strong>winadmin<\/strong>&#8216; and it&#8217;s password. You need it when you add Windows clients to the domain controller.<\/p>\n<figure id=\"attachment_836\" aria-describedby=\"caption-attachment-836\" style=\"width: 646px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" class=\"size-full wp-image-836\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-15_08_23.png\" alt=\"Windows Networking setup\" width=\"646\" height=\"463\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-15_08_23.png 646w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-15_08_23-300x215.png 300w\" sizes=\"(max-width: 646px) 100vw, 646px\" \/><figcaption id=\"caption-attachment-836\" class=\"wp-caption-text\">Windows Networking setup<\/figcaption><\/figure>\n<p>When done hit the Initialize button and let the magic happen.<\/p>\n<figure id=\"attachment_838\" aria-describedby=\"caption-attachment-838\" style=\"width: 414px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" class=\"size-full wp-image-838\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-15_13_31.png\" alt=\"It's magic\" width=\"414\" height=\"89\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-15_13_31.png 414w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-15_13_31-300x64.png 300w\" sizes=\"(max-width: 414px) 100vw, 414px\" \/><figcaption id=\"caption-attachment-838\" class=\"wp-caption-text\">It&#8217;s magic<\/figcaption><\/figure>\n<p>After a few minutes\/seconds the initializing finishes and you&#8217;ll see the details of your PDC setup.<\/p>\n<p>LDAP and PDC are now ready.<\/p>\n<h2><span id=\"Database_and_Webservices\"><span id=\"Database_en_Webservice\">Database and Webservices<\/span><\/span><\/h2>\n<h3><span id=\"Database_tweaks\">Database tweaks<\/span><\/h3>\n<p>First change some of the configuration of the MariaDB database. Logon as root with PuTTY and type:<\/p>\n<pre># vi \/etc\/my.cnf<\/pre>\n<p>Add a new line, see below, line 11:<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">[mysqld]\r\ndatadir=\/var\/lib\/mysql\r\nsocket=\/var\/lib\/mysql\/mysql.sock\r\n# Disabling symbolic-links is recommended to prevent assorted security risks\r\nsymbolic-links=0\r\n# Settings user and group are ignored when systemd is used.\r\n# If you need to run mysqld under a different user or group,\r\n# customize your systemd unit file for mariadb according to the\r\n# instructions in http:\/\/fedoraproject.org\/wiki\/Systemd\r\n#\r\ncharacter-set-server=utf8\r\n#\r\n...<\/pre>\n<p>Save the file and start the database for the first time.<\/p>\n<pre># service mariadb start<\/pre>\n<p>The database should now sucessfully start. When checking it&#8217;s status, it shows:<\/p>\n<pre># service mariadb status\r\nRedirecting to \/bin\/systemctl status mariadb.service\r\nmariadb.service - MariaDB database server\r\n Loaded: loaded (\/usr\/lib\/systemd\/system\/mariadb.service; disabled)\r\n Active: <span style=\"color: #00ff00;\"><strong>active (running)<\/strong><\/span> since Fri 2015-10-02 15:42:14 CEST; 1min 52s ago\r\n Process: 24230 ExecStartPost=\/usr\/libexec\/mariadb-wait-ready $MAINPID (code=exited, status=0\/SUCCESS)\r\n Process: 24202 ExecStartPre=\/usr\/libexec\/mariadb-prepare-db-dir %n (code=exited, status=0\/SUCCESS)\r\n Main PID: 24229 (mysqld_safe)\r\n CGroup: \/system.slice\/mariadb.service\r\n \u251c\u250024229 \/bin\/sh \/usr\/bin\/mysqld_safe --basedir=\/usr\r\n \u2514\u250024399 \/usr\/libexec\/mysqld --basedir=\/usr --datadir=\/var\/lib\/mysql --plugin-dir=...\r\n\r\n<\/pre>\n<p>We need to enable the database to start automatically with every boot of the machine, so:<\/p>\n<pre># chkconfig mariadb on<\/pre>\n<h3><span id=\"Improve_security_MariaDB\">Improve security MariaDB<\/span><\/h3>\n<p>Run the script &#8220;<code>mysql_secure_installation\"<\/code>\u00a0to make MariaDB a saver place. The script will:<\/p>\n<ol>\n<li>make a root password<\/li>\n<li>disable anonymous user logon<\/li>\n<li>lock down remote root logon<\/li>\n<li>delete the test database<\/li>\n<\/ol>\n<p>Go to your PuTTY session and enter:<\/p>\n<pre># mysql_secure_installation<\/pre>\n<p>Example:<\/p>\n<pre># mysql_secure_installation\r\n\r\n\r\nNOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL\r\n      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!\r\n\r\nIn order to log into MariaDB to secure it, we'll need the current\r\npassword for the root user.  If you've just installed MariaDB, and\r\nyou haven't set the root password yet, the password will be blank,\r\nso you should just press enter here.\r\n\r\nEnter current password for root (enter for none): <strong>&lt;enter&gt;<\/strong>\r\nOK, successfully used password, moving on...\r\n\r\nSetting the root password ensures that nobody can log into the MariaDB\r\nroot user without the proper authorisation.\r\n\r\nSet root password? [Y\/n] <strong>Y<\/strong>\r\nNew password: <strong>&lt;password&gt;<\/strong>\r\nRe-enter new password: <strong>&lt;same password&gt;<\/strong>\r\nPassword updated successfully!\r\nReloading privilege tables..\r\n ... Success!\r\n\r\n\r\nBy default, a MariaDB installation has an anonymous user, allowing anyone\r\nto log into MariaDB without having to have a user account created for\r\nthem.  This is intended only for testing, and to make the installation\r\ngo a bit smoother.  You should remove them before moving into a\r\nproduction environment.\r\n\r\nRemove anonymous users? [Y\/n] <strong>Y<\/strong>\r\n ... Success!\r\n\r\nNormally, root should only be allowed to connect from 'localhost'.  This\r\nensures that someone cannot guess at the root password from the network.\r\n\r\nDisallow root login remotely? [Y\/n] <strong>Y<\/strong>\r\n ... Success!\r\n\r\nBy default, MariaDB comes with a database named 'test' that anyone can\r\naccess.  This is also intended only for testing, and should be removed\r\nbefore moving into a production environment.\r\n\r\nRemove test database and access to it? [Y\/n] <strong>Y<\/strong>\r\n - Dropping test database...\r\n ... Success!\r\n - Removing privileges on test database...\r\n ... Success!\r\n\r\nReloading the privilege tables will ensure that all changes made so far\r\nwill take effect immediately.\r\n\r\nReload privilege tables now? [Y\/n] <strong>Y<\/strong>\r\n ... Success!\r\n\r\nCleaning up...\r\n\r\nAll done!  If you've completed all of the above steps, your MariaDB\r\ninstallation should now be secure.\r\n\r\nThanks for using MariaDB!\r\n<\/pre>\n<h3><span id=\"Webserver_setup\">Webserver setup<\/span><\/h3>\n<p>Logon to the ClearOS webinterface https:\/\/&lt;ipaddress&gt;:81 and go to <strong>Server<\/strong> &#8211; <strong>Web<\/strong> &#8211; <strong>Web Server<\/strong> in the left menu. Click the big green button telling you to <strong>Configure Security Certificates<\/strong>. You just need to.<\/p>\n<p><img loading=\"lazy\" class=\"alignnone wp-image-847 size-full\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-16_09_46.png\" alt=\"\" width=\"646\" height=\"461\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-16_09_46.png 646w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-16_09_46-300x214.png 300w\" sizes=\"(max-width: 646px) 100vw, 646px\" \/><\/p>\n<p>When done click the <strong>Create Certificate<\/strong> button. Done.<br \/>\nWhat&#8230; wait&#8230; you are now suddenly somewhere else in the menu structure. Don&#8217;t panic, just go back to the Web Server menu item. Click on the <strong>Configure Default Web Site<\/strong> button.<\/p>\n<p>Enter a hostname and alias for your default web site and click <strong>Add<\/strong>.<\/p>\n<p><img loading=\"lazy\" class=\"alignnone size-full wp-image-848\" src=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-16_17_13.png\" alt=\"Default Web Site details\" width=\"484\" height=\"687\" srcset=\"http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-16_17_13.png 484w, http:\/\/bakman.nl\/tech\/wp-content\/uploads\/2015\/10\/2015-10-02-16_17_13-211x300.png 211w\" sizes=\"(max-width: 484px) 100vw, 484px\" \/><\/p>\n<p>Done. Let&#8217;s test the default website.<br \/>\nStart a session in PuTTY, logon as root. Create a simple php page:<\/p>\n<pre># vi \/var\/www\/html\/index.php<\/pre>\n<p>Take the following code<\/p>\n<pre class=\"brush: php; title: ; notranslate\" title=\"\">\r\n&lt;?php \r\n\r\n\/\/ Show all information, defaults to INFO_ALL phpinfo(); \r\n\r\n?&gt;\r\n<\/pre>\n<p>paste it in your vi editor and save the file.<br \/>\nOpen a web browser on your client machine and enter\u00a0the ip or hostname of\u00a0your server. You should see the PHP version page.<\/p>\n<p>http:\/\/&lt;ipaddress&gt; or &lt;http:\/\/hostname&gt;<\/p>\n<p>You should now see the default webpage.<\/p>\n<p><strong>Note<\/strong>: If you see the default congratulations from ClearOS (with it&#8217;s logo), you can rename or remove\u00a0the\u00a0<code>\/var\/www\/html\/index.html<\/code> file. Or, instead, add &#8220;index.php&#8221; to the\u00a0<code>DirectoryIndex<\/code>\u00a0part of the file\u00a0<code>\/etc\/httpd\/conf\/httpd.conf<\/code>.<\/p>\n<p>Things get beefed up in\u00a0the next chapter&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Inhoud1 Post Installation Wizard1.1 Install Packages2 LDAP and PDC2.1 LDAP setup2.2 LDAP users and groups2.3 PDC setup3 Database and Webservices3.1 Database tweaks3.2 Improve security MariaDB3.3 Webserver setup I have build a tutorial in my native, Dutch language for building your own private NAS-like, mediaserver. I&#8217;ve choosen this route instead of the well known Synology or &hellip; <a href=\"http:\/\/bakman.nl\/tech\/?p=812\" class=\"more-link\">Lees verder <span class=\"screen-reader-text\">ClearOS 7 NAS Part 1<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[19,6],"tags":[8,3,24,2,22,20,21,7,23],"_links":{"self":[{"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=\/wp\/v2\/posts\/812"}],"collection":[{"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=812"}],"version-history":[{"count":23,"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=\/wp\/v2\/posts\/812\/revisions"}],"predecessor-version":[{"id":863,"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=\/wp\/v2\/posts\/812\/revisions\/863"}],"wp:attachment":[{"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=812"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=812"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bakman.nl\/tech\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=812"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}