CoC-GTAD Swiki
CoC to GTAD conversion notes
Keith's GTAD Integration Notes
Goals:
1. Logon to CoC academic lab machines with authentication and authorization from GTAD.
2. Mount users home directory (long range goal is to use pass through authentication to auto-mount the user home directory).
Solutions:
1. Use a logon script to mount the users home directory which will require the user to enter their password a second time.
2. Use SGD so the students can get remote access to a system for class related software development (this does not provide a Mac development environment).
3. Long range use pam_mount to do pass through authentication to auto-mount the user home directory (Peter will help OIT review the security for this module).
Issues:
A. Users campus UID/GID is needed (OIT can add this to GTAD).
B. Pass through authentication for auto-mounting users home directory.
C. How will the system know the location of the users home directory.
D. If UID/GID is not in GTAD then we will have to use random UID/GID. SSH/SCP will work without user collisions but will multiple sessions for the same user have the same UID/GID.
E. Students need a shared class folder. T-Squared or a file server that uses GTAD to determine access.
F. With random UID/GID /tmp and /var/tmp will have to be cleared when user logs off to prevent unauthorized users possible accessing tmp files containing sensitive data.
G. Linux connection to GTAD is intermittent. After about an hour it stops working. Need OIT's assistance to fix this.
H. Need to finalize Linux build for labs that includes GTAD auth method.
I. May need to add lab machines to GTAD DNS for authentication and authorization to work correctly.
J. DNS names of machine need to match NETBIOS names. Recommend machines names be in the format of cc-machine.ad.gatech.edu.
| Goals | Issues | |
| Windows | 1,2 | C,I,J |
| Linux | 2 | A,B,C,D,E,F,G,H,I,J |
| Mac | 1,2 | A,B,C,D,E,F,I,J |