Solved

Remote Desktop Connection to Ubuntu 11.04 - Kiosk Only

Posted on 2012-03-15
4
868 Views
Last Modified: 2012-03-28
Hi,

Forgive my ignorance, as I'm coming from a Windows background.

I have  a Ubuntu 11.04 server.  I need to do the following:

1. Enable remote access for about 1,500 users.  They will be accessing the desktop via a VNC or RDP app on their iPhones, iPads, and Android devices.

2. Allow them (via the mobile devices) to open and manipulate a web browser on the Ubuntu desktop.  The Ubuntu browser must have support for the JRE, e.g., Firefox or the browser included with Ubuntu.  Ideally they should only be able to browse to a specific web site I authorize and do nothing else with the computer.

3.  Should not be able to shut down computer, open any other programs, screw it up for other users, etc.

4.  I need to be able to easily add/edit/delete users w/o too much hassle. I.e., set up a login account, assign passwords, etc.

I realize this sounds crazy.  However, there's a special web app they need to run that REQUIRES the JRE and this doesn't seem possible to use the JRE on iphone, android, etc.  They are using their mobile devices (I can't change this) and need to be able to interact with a specific web site app that requires the JRE.

I'm not very familiar with Linux but have thus far set up Gnome and RDC---and have logged in and gotten this to work with one or two user accounts.  However, it's a hassle to configure all the desktop settings, security, etc. for each account I set up in Gnome so I'm thinking there must be an easier way.

Let me know if you need more info.

Thank you in advance,

Chris
0
Comment
Question by:jumpseatnews
  • 2
  • 2
4 Comments
 
LVL 18

Expert Comment

by:TobiasHolm
ID: 37730470
Hi!

Where do you have your users today? In a Microsoft AD? Then you can join the Ubuntu to the AD. Here's an example how to join the AD: http://youtu.be/Y3TFPDT9uic

Example how to disable users to shut down the computer: http://embraceubuntu.com/2006/03/20/disable-shutdown-for-normal-users/

Here's some idéas how to prevent users from running certain apps: http://ubuntuforums.org/showthread.php?t=941659

Regards, Tobias
0
 

Author Comment

by:jumpseatnews
ID: 37730541
Hi Tobias,

Currently, there are no users, as it has not been set up yet.  I was originally going to go the windows route but the licenses are too expensive for Terminal Services on a Windows server.

The article about Firefox is helpful in theory but goes on the assumption that there is one assigned user---I'm needed to create 1,500 actual user account, each with their own login but share a same set of access privileges.  

There is something in Ubuntu called user groups but I'm not sure if it's possible to set privileges at the group level like you can in Windows.  For example, what might work would be to create a group called 'public' and then assign all desktop preferences, layout, security to that specific group.  Then, when I sudo to add a new user, I would just assign them to that group and everything else would be taken care of.

Chris
0
 
LVL 18

Accepted Solution

by:
TobiasHolm earned 500 total points
ID: 37731283
I agree with Microsoft licenses are too expensive. Better with Free and Open Source! ;)

I was thinking about this in the Firefox example: "I recommend dragging the applications you want them to have access to directly onto the panel and then completely remove the Application/Places/System menu. Then, hit Alt-F2 and type gconf-editor. Navigate to /apps/panel/global and check locked_down and disable the Alt-F2 run key. Also go to /desktop/gnome/lockdown and check the relevant options to lock down. That should make that user extremely limited in what they are able to run.". You could use this to control what apps your users can see.

You can put a Linux user in groups, but the groups doesn't control all the things you want. The groups control the file system access. Read more here: http://www.unix.com/tips-tutorials/19060-unix-file-permissions.html (long post)

You can use this script to create 1,500 users on your Ubuntu server:
# adduser.sh   Tobias Holm   2012-03-16
#
# Usage: adduser.sh username password
# Script must be run as root.
# To create multiple users, create a textfile with the username and passwords
#   with one user and password on each line. The run this command:
# while read LINE; do sudo ./adduser.sh $LINE; done < users.txt

user=$1
password=$2

adduser --ingroup users --disabled-password --gecos $user $user

# Set password
tmpdir=/tmp/pwddir$$
mkdir -p $tmpdir
chmod og-rx $tmpdir
echo $password > $tmpdir/pwd
encrypted=`mkpasswd -s < $tmpdir/pwd`
usermod -p $encrypted $user
rm -rf $tmpdir

# For debug, remove if you like
echo user: $user
echo pass: $password
echo -----------------------

Open in new window


Regards, Tobias
0
 

Author Closing Comment

by:jumpseatnews
ID: 37779758
Thank you Tobias!!! Awesome answer!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Remote Desktop Connections allow you to control remote host machines via the magic of the Internet and RDP (Remote Desktop Protocol). For the purposes of this article we will assume you are connecting from your home PC or laptop to a remote offic…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now