Cool Solution - Time for kids

From Univention Wiki

Jump to: navigation, search
Produktlogo UCS Version 4.1
Produktlogo UCS@School Version 4.1

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.

Requirements

Please make sure that the software squid is installed on your system. If it currently not installed go to the Univention App Center and install the application squid.

Installation

First of all add the time-for-kids repository in you sources list file. Execute the following command:

echo "deb http://repository.time-for-kids.de/debian7/apt/debian wheezy main" > /etc/apt/sources.list.d/sfp.list

wget -O - http://repository.time-for-kids.de/tfk.gpg.key | apt-key add -


Now it's time to install time-for-kids. Enter the following command on the command line and wait until the installation is finished.

univention-install tfk-schulfilterplus

During the installation, you will be asked if the squid configuration can be override by recommended settings. Accept the request with "y" (yes)


Firewall configuration

To gain access to the for-the-kids webinterface, pleas run the following command and restart the firewall in the further step.

ucr set security/packetfilter/tfk/tcp/83/all="ACCEPT"
invoke-rc.d univention-firewall restart

Congratulation you can access the webinterface of time-for-kids via a browser of your choce with the following URL:

http://<ip of your server>:83

LDAP authentication

Login as the user tfkadmin and the password tfkadmin to open the time-for-kids overview site. Open the directory service module and pick LDAP(others) to configure a LDAP authentication for your UCS system.

Fill out the gaps as the follow:

Option Value
LDAP URL <ip-of-your-server>
LDAP PORT 7389
LDAP BIND USERNAME uid=Administrator,cn=users,LDAP_BASE
LDAP BIND PASSWORT Administrator password
PEOPLE DN cn=users,LDAP_BASE
LDAP FILTER (objectClass=person)
USER ATTRIBUTE uid
GROUPS DN cn=groups,LDAP_BASE
LDAP GROUPS FILTER (objectClass=univentionGroup)
GROUP ATTRIBUTE cn

After applying the above settings, click on "Save" in the bottom left corner.

Cockpit settings

Now that your LDAP Server is synchronized with time-for-kids its neccessary to change the login methode. Go to the time-for-kids overview page and open the cockpit settings module. The default log in method is:

Cockpit-login

change it to:

System-login

This setting allows you, to log in on the webinterface of time-for-kids with a LDAP user.


Last but not least , make sure your proxy settings of your Windows clients are set correctly.

References

Personal tools