Installation Glpi Windows Server 2003

1. Comment Installer Glpi Sous Windows Server 2003

Taking another stab at setting up RSync and SSH on our Windows 2003 servers. The goal is that we can upload web files to a central server and then have it synchronize the other servers in the array. Note: These directions are works-in-progress. In fact, they might not even work at all. I got side-tracked before I could finish this and will re-visit it at some point in the future.The folks who created cwRSync have now released a package called copSSH which is basically SSH for windows and works with cwRSync.

I'll be refering back to my old post about. The latest version I have is from late April 2005 and includes bug fixes for Windows Server 2003.Also see the.These steps are for installing rsync in a server configuration (meaning that it will be listening on the listed ports). Since the install process needs to (optionally) create an user account and create a new service, you'll need administrative access to the machine that you are using. (I'm not sure whether members of the Power Users group have enough privileges.).

Download cwRSync, open up the ZIP file, then extract/run cwRsyncx.x.xInstaller.exe. Click 'Next' to begin the install. Read and agree to the licence. Make sure that both the client and server components are checked off and click 'Next'. Choose your installation location. I prefer to put mine in a custom location (C:bincwRsync). Click 'Install' to begin the installation.

The default user account is 'cwrsync' (with a random password) and it will be installed as a service. You will probably want to change the password to something stronger and adjust the properties of the service in Computer Management.

Specifically, I changed the Recovery tab to auto-restart the service after 5 minutes if it dies. I've left the 'auto-start' setting to 'manual' until I've finished configuration and testing.

By default, the newly created 'cwRSync' folder grants permissions to the Administrators group (full control), the CWRSYNC user account (full control) and the Users account (read/execute). Now you should configure your rsyncd.conf file.Now we need to install copSSH. Download copSSH, open up the ZIP file, then extract/run copSSHx.x.xInstaller.exe. Click 'Next' to begin the install. Read and agree to the licence. Change the install folder to match where you installed cwRSync (C:bincwRsync). (This is according to the FAQ on the itefix.no web site.).

This creates a new service called 'OpenSSH SSHD' with a default users account of 'SvcCOPSSH'. You will probably want to change the password to something stronger and adjust the properties of the service in Computer Management. Specifically, I changed the Recovery tab to auto-restart the service after 5 minutes if it dies. I've changed the 'auto-start' setting to 'manual' until I've finished configuration and testing. Notice that the copSSH installation blows away existing permissions on the c:bincwRSync folder.

This may require fixing (I have to test first). Re-start the SSHD service in manual mode (if you stopped it earlier).Labels. Source links:(a wiki topic about the cygwin installation)Note: The following probably doesn't work (probably missing a package, or the fact that I have GNU's unix tools for Win32 installed is problematic), but I might come back and make it work later so I'm leaving it here for now. I ran into trouble when trying to configure SSH. Right now, I've gone back to my original plan of either and manually copying only the DLLs and EXEs that I need or using the.1. Run the file and start the instllation. I chose to install to 'c:bincygwin', but left the rest of the options 'as-is'.

Pick your mirror (use the to find one close to you).2. On the 'Select Packages' screen, select the 'Curr' option and make sure it says 'Category' next to the 'View' button at the top. The installation dialog is (finally) re-sizeable, so stretch it out or maximize it so you can see all of the columns.3. Beside the '+All' category, it will say 'Install', 'Uninstall'. Click on the word until all of the categories say 'Uninstall'. (Note: These steps assume that you're doing a new Cygwin install and that you don't already have Cygwin installed.) Now we can start picking the minimum number of packages required to setup SSH and RSync.4a. Under the '+Admin' category, you'll need to install the 'cygrunsrv' package (click once on the 'Skip' indicator under the 'New' column).

This will turn on a few other packages that this package depends on (mostly under the '+Base', '+Libs', and '+Shells' categories).4b. Open up the '+Net' category and select the 'rsync' and 'openssh' packages. You'll also end up with 'openssl' which is required in order to use 'openssh'.5. Click the 'Next' button to start downloading and installing the packages. If the download fails, choose another mirror, double-check your package selections (my copy remembered which packages I had already selected), and try again. The base install size required around 7MB of downloads and expanded out to 24MB (34MB actual due to a 4KB cluster size).6. Fire up the cygwin shell, you should see a command-line window open with a '$' prompt.

Comment Installer Glpi Sous Windows Server 2003

Try out a few unix commands (pwd, ls, whoami) to see if things are working.7. Further steps. (I'll cover these in future posts)a) Setup your rsync.conf file (in the 'etc' folder)b) create a service account for use by the rsync servicec) create a Windows service using the 'cygrunsvc' toold) setup OpenSSH and then re-configure rsync to use itLabels.

Based on what I've read elsewhere (links in my ), I think I can pull the relevant pieces out of the. I'll try to keep good notes as to what worked and what didn't, but let me know if you find any errors.

Seems to be a good starting point for which DLLs and files I'll need to pull out of the standard Cygwin release.You can download the files off of any of the. This is a follow-up to my previous post about. We were using the ', but when running in server mode it doesn't know how to talk to clients over an SSH-encrypted connection. Which isn't a big deal if you're only talking to other servers on the local network, but is problematic in cases where you have to be wary of eavesdropping (across WiFi links or untrusted networks like the internet).

So I've been looking off-and-on over the past month at figuring out how to get an rsync service running using SSH on a Windows server.One option is to install the full package. Which is a bit much for a server (or rather, I'm not comfortable installing Cygwin on a server. Yet).Another option seems to be the project at SourceForge. That doesn't include rsync though, just scp. So I might look at ' which requires an absolute bare minimum of files to be installed. However, the files at that location are from Jan 2002, which is a bit old and the.Labels.

At the office we're working on setting up on the web server array to push the daily web/ftp/smtp log files back to a central point for archiving. Right now, since all of the web servers are on the same LAN segment at the hosting facility, we're just sending the plain text data across the wire to the rsync port (tcp/873). Since the previous solution was to use FTP to move the log files around, it's no worse then the old solution from a security standpoint. (It is, however, much faster and more efficient.) Security is handled solely thorugh the rsyncd.conf 'hosts allow' setting (only the internal IP addresses are allowed to be used to transfer the data) with no passwords or shared keys.However, since the next step is that we want to setup pulling those log files automatically back to the main office, we need to look into locking it down further and putting encryption in place (e.g.

Routing rsync traffic over an ssh tunnel).After digging around a bit here's what I've found:The cwRSync Service, so there's no way to connect securely to a rsync server that is using cwRSync as its daemon. Future releases are expected to add. Locking down through IP address and username/password is the limit of what you can do for security, all traffic is in the clear (unless you have IPSec between the two machines).However, you can use cwRSync in a client-configuration and route the traffic over SSH to a SSH-capable rsync server.That being said, I'm going to explore some other packages. All of which will either require that cygwin be installed, or at least that certain cygwin DLLs be installed.Links:- Uses the cygwin DLLs, but doesn't require a full cygwin install, includes SSH.Labels. Installing cwRSync on Windows 2000 The instructions over at are a bit vague, so I'm going to jot down the steps that I use. These steps are for installing rsync in a server configuration.

Since the install process needs to (optionally) create an user account and create a new service, you'll need administrative access to the machine that you are using. (I'm not sure whether members of the Power Users group have enough privileges.).

Download cwRSync, open up the ZIP file, then extract/run cwRsyncx.x.xInstaller.exe. Answer 'Yes' when asked if you want to continue with the install. Answer 'Yes' when asked if you want to install cwRSync as a Windows Service. Specify the installation folder where you want to install cwRSync.

My personal preference is 'c:bincwrsync' instead of the default since our servers already have various command line tools installed under c:bin. Enter the account name and password of the local user account that you are going to use for the cwRSync service. It's a good idea to use a seperate account for the cwRSync service, but you may also specify an existing account name. The upload area can be set to anything. In fact, you'll probably be removing whatever you set here when you. For now, set it to be a sub-folder under where you installed the cwRSync executables to. Click the 'Install' button.

The installer will then create the folder where cwRSync is being installed to, (optionally) create the user account for the cwRSync service, and it will set restrictive permissions on the install folder so that only the service's user account has rights. That takes care of the basics. If you want, view the installation details prior to exiting the install program and cleaning up. Read the instructions on the popup dialog.Next, we need to finish setting up the RSync service in Windows. Right-click on My Computer, pick 'Manage'. In the left panel, scroll down and open up the 'Services and Applications' tree, then select 'Services'. Locate the 'RsyncServer' service and double-click to open up the properties dialog.

'General' tab: Change the 'Startup type' setting to 'Automatic'. 'Log On' tab: Re-type the password for the user account that you're using. Click the 'Apply' button to save your changes and Windows will popup a notification that the user account has been granted the rights to logon as a service.

'Recovery' tab: Change these to match your preferences. My personal preference is to restart the service on the first two failures, do nothing on subsequent failures, reseting the fail count after 1 day and restarting the service after a delay of 30 minutes.

Click 'OK' to save and exit. Don't start the service yet, the rsyncd.conf file needs to be configured first.You need to configure the rsyncd.conf file and set up your first 'module' (a.k.a. A share path). Find your rsyncd.conf file (it's in the folder where you installed cwRSync to) and open it up in a text editor (NotePad works). Now, go read the. Read it twice if it's your first time, because it's possible to put a very large gaping security hole into your setup if you're not careful. The default settings at the top of the file are fine, but you may wish to change the 'hosts allow =.'

to 'hosts allow = (your client machine IPs)' as a preventative first step. Then, even if you screw up the other security mechanisms, you've at least limited which IP addresses an attacker can base an attack from. (You can test this by telnet'ing to port 873 and seeing whether the rsync service drops your connection.)Next, we need to start setting up 'modules' in the rsyncd.conf file.

'Modules' are basically the same concept as a Windows share, except that you have to use rsync to access the files within the 'module'. Ignore what it says on the about rsync modules having to be sub-directories under the cwrsync folder. If you grant correct directory permissions to the cwRSync service account, then the service daemon will be able to read or read/write to the target folders without problems.The default module installed is called 'test'.

Go ahead and comment it out with '#' symbols and save the file. From my (limited) testing, it does not appear to be necessary to restart the rsync service in order for it to see changes in the rsyncd.conf file.testpath = /cygdrive/c/cwrsync/dataread only = falsetransfer logging = yesThere are two basic ways to use rsync and this will affect how you grant permissions to the rsync service account.The first is a read-only ('pull') setup, where the clients can only pull files from the rsync server.

The rsync service account should only have Read & Execute / List Folder Contents / Read permissions for the folder tree that you are going to publish. In addition, when you setup your module in the configuration file, you should specify 'read only = true' as a setting.The second is a 'push' setup where clients are writing changes to the rsync server. The rsync service account will require 'modify' permissions for the shared directory tree. Under your module configuration section in the rsyncd.conf file, a 'push' setup must have 'read only = false'.Now, for every directory tree on the rsync server that you wish to share, create a new module section (e.g. 'logs' or 'web' or 'joesbackup'). Verify that the cwRSync service account has proper permissions to the file system tree. Then add the following options (at a minimum) below the module section name:joesbackuppath = /cygdrive/e/backup/joeread only = falseThat allows any client who manages to authenticate with the rsync service to write the E:BackupJoe on the rsync server.

That is not exactly secure and you should take additional steps to lock it down through the use of 'hosts allow', 'auth users', 'secrets file' and perhaps ssh. Securing your box is a bit beyond the scope of this post. It's also a bit beyond my experience level since I'm just getting started with rsync.(Update: See.)Labels.