Solved

Remote Desktop Connection to Ubuntu 11.04 - Kiosk Only

Posted on 2012-03-15
4
891 Views
Last Modified: 2012-03-28
Hi,

Forgive my ignorance, as I'm coming from a Windows background.

I have  a Ubuntu 11.04 server.  I need to do the following:

1. Enable remote access for about 1,500 users.  They will be accessing the desktop via a VNC or RDP app on their iPhones, iPads, and Android devices.

2. Allow them (via the mobile devices) to open and manipulate a web browser on the Ubuntu desktop.  The Ubuntu browser must have support for the JRE, e.g., Firefox or the browser included with Ubuntu.  Ideally they should only be able to browse to a specific web site I authorize and do nothing else with the computer.

3.  Should not be able to shut down computer, open any other programs, screw it up for other users, etc.

4.  I need to be able to easily add/edit/delete users w/o too much hassle. I.e., set up a login account, assign passwords, etc.

I realize this sounds crazy.  However, there's a special web app they need to run that REQUIRES the JRE and this doesn't seem possible to use the JRE on iphone, android, etc.  They are using their mobile devices (I can't change this) and need to be able to interact with a specific web site app that requires the JRE.

I'm not very familiar with Linux but have thus far set up Gnome and RDC---and have logged in and gotten this to work with one or two user accounts.  However, it's a hassle to configure all the desktop settings, security, etc. for each account I set up in Gnome so I'm thinking there must be an easier way.

Let me know if you need more info.

Thank you in advance,

Chris
0
Comment
Question by:jumpseatnews
  • 2
  • 2
4 Comments
 
LVL 18

Expert Comment

by:TobiasHolm
ID: 37730470
Hi!

Where do you have your users today? In a Microsoft AD? Then you can join the Ubuntu to the AD. Here's an example how to join the AD: http://youtu.be/Y3TFPDT9uic

Example how to disable users to shut down the computer: http://embraceubuntu.com/2006/03/20/disable-shutdown-for-normal-users/

Here's some idéas how to prevent users from running certain apps: http://ubuntuforums.org/showthread.php?t=941659

Regards, Tobias
0
 

Author Comment

by:jumpseatnews
ID: 37730541
Hi Tobias,

Currently, there are no users, as it has not been set up yet.  I was originally going to go the windows route but the licenses are too expensive for Terminal Services on a Windows server.

The article about Firefox is helpful in theory but goes on the assumption that there is one assigned user---I'm needed to create 1,500 actual user account, each with their own login but share a same set of access privileges.  

There is something in Ubuntu called user groups but I'm not sure if it's possible to set privileges at the group level like you can in Windows.  For example, what might work would be to create a group called 'public' and then assign all desktop preferences, layout, security to that specific group.  Then, when I sudo to add a new user, I would just assign them to that group and everything else would be taken care of.

Chris
0
 
LVL 18

Accepted Solution

by:
TobiasHolm earned 500 total points
ID: 37731283
I agree with Microsoft licenses are too expensive. Better with Free and Open Source! ;)

I was thinking about this in the Firefox example: "I recommend dragging the applications you want them to have access to directly onto the panel and then completely remove the Application/Places/System menu. Then, hit Alt-F2 and type gconf-editor. Navigate to /apps/panel/global and check locked_down and disable the Alt-F2 run key. Also go to /desktop/gnome/lockdown and check the relevant options to lock down. That should make that user extremely limited in what they are able to run.". You could use this to control what apps your users can see.

You can put a Linux user in groups, but the groups doesn't control all the things you want. The groups control the file system access. Read more here: http://www.unix.com/tips-tutorials/19060-unix-file-permissions.html (long post)

You can use this script to create 1,500 users on your Ubuntu server:
# adduser.sh   Tobias Holm   2012-03-16
#
# Usage: adduser.sh username password
# Script must be run as root.
# To create multiple users, create a textfile with the username and passwords
#   with one user and password on each line. The run this command:
# while read LINE; do sudo ./adduser.sh $LINE; done < users.txt

user=$1
password=$2

adduser --ingroup users --disabled-password --gecos $user $user

# Set password
tmpdir=/tmp/pwddir$$
mkdir -p $tmpdir
chmod og-rx $tmpdir
echo $password > $tmpdir/pwd
encrypted=`mkpasswd -s < $tmpdir/pwd`
usermod -p $encrypted $user
rm -rf $tmpdir

# For debug, remove if you like
echo user: $user
echo pass: $password
echo -----------------------

Open in new window


Regards, Tobias
0
 

Author Closing Comment

by:jumpseatnews
ID: 37779758
Thank you Tobias!!! Awesome answer!
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
remote desktop services 3 35
Upgrade BIOS / EUFI at Scale 4 55
Linux Real Time Memory on Distinct 24 Cycle 7 29
LINUX Field Separators 7 38
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
In this article, I'll explain how to setup a Plex Media Server (https://plex.tv/) on a Redhat (Centos) 7 based NAS with screenshots to help those looking for assistance.  What is Plex? If you aren't familiar with Plex, it’s a DLNA media serv…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question