Edge Hill University’s open access Sunray implementation – Part 2

So how does it all work then?

The whole system is based on multiple Unix shell scripts. The Sunray kiosk mode (which in our case is set open a “Generic X Session” launches a shell script called “kiosk.sh” which firstly launches Mozilla Firefox from the Sunray server the terminal has connected to with a Firefox kiosk mode add in called r-kiosk making Firefox open full screen mode.

When launching Firefox we also open a simple locally stored html document. This html document contains an iframe which opens page stored on a web server, this is where you store your centrally managed content, and a java button which will simply exit the browser.

In the event that a user presses the “Edge Hill University Login” button the browser will exit and the next command in the script is executed, in this case a shell script to launch a menu adapted from our staff Sunray implementation using “wish8.3” called “menu.sh”.

If the user selects “University Network Login” from the menu a script is executed that will open an RDP connection to a Windows 2003 Terminal server allowing the user to login to the Edge Hill University computer network using the full Novell client. This gives users access to their home and shared folders and a range of desktop applications. When the user logs off the “menu.sh” process is terminated returning the user to the original “kiosk.sh” process,.

Full Edge Hill Unuversity Desktop

If the user selects “Browse The Internet” a script is executed that will open an RDP connection to a different Windows 2003 Terminal server, this time the user authenticates using LDAP rather than the full Novell client but launches only Microsoft Internet Explorer. When the users closes the browser the “menu.sh” process is terminated returning the user to the original “kiosk.sh” process.

Just Browse the internet

The “System Preference” option allows the user to set their desired screen resolution, but how this is achieved on the Sunray system a subject for another blog.

The physical setup

This student Sunray implementation, currently in an evaluation phase is fully virtualised on a cluster of VMWare ESX Servers, there will initially be two Sunray Servers running on Solaris 10, two student terminal servers running on windows server 2003 standard with the full Novell Client and two Windows 2003 terminal servers using the pGina client with the LDAPauth plug in to provide light weight authentication against our eDirectory tree for the browser only delivery.

The pGina / LDAPauth based terminal servers double as application servers for our Sun Secure Global Desktop implementation which is also within a trail phase, which again is a subject for another blog.

Student Sunray Network Diagram

How do you run two separate Sunray environments?

There are a number of ways to achieve this, some more complex than others. In this case I took a fairly simple approach. The student Sunrays terminal firmware is updated with the gui version which should available when you install your Sunray server software. This allows them to be configured to connect to a specific Sunray server rather than the default as used by our staff implementation.

This allows us to provide a completely different selection of services for our students from out staff whilst the Sunray terminals themselves are connected to the same psychical network and use the same DHCP and DNS servers.

How do I update the firmware on a specified Sunray terminal?

To update a sunray terminal with the “gui” firmware login as root on one of you default sunray servers and enter:

/opt/SUNWut/sbin/utfwadm -A -e mac_addr_of_sunray -f /opt/SUNWut/lib/firmware_gui

Next time that Sunray terminal is rebooted it will be updated with the gui firmware. Once this firmware update process is complete you can press “stop” + “m”, this will give you access t the Sunray’s configuration menu where you can specify a different Sunray server.

How do I setup Mozilla Firefox to display my content?

To launch Mozilla Firefox from a shell script while opening a local html document is a simple command however, when you do this from a Sunray session you will most likely need to address number of issues. The first is that Firefox will always ask you if it should be the default browser, by default the close browser java button in your html document will not work and your r-kiosk addin needs installed for the Sunray kiosk sessions.

To resolve these issues I did the following:

* Login to you sunray server as root.

* Open Mozilla Firefox.

* Enter “about:config” in the address bar and change the following settings:

dom.allow_scripts_to_close_windows true
browser.shell.checkDefaultBrowser false

Install your r-kiosk or any other required Firefox plugins and set any requited preferences and exit Firefox. All your preferences are now set for root, not your Sunray kiosk users so you need to copy them so they are part of the default profile for your kiosk sessions.

The Sunray kiosk sessions seemed to be generated, at least in our implementation, based on “/etc/opt/SUNWkio/prototypes/generic-session”, an educated guess at the time, so copying roots Firefox preferences there seemed like a good bet, and low and behold it works.

Copy root’s Firefox preferences to the kiosk users:
cp -R /.mozilla /etc/opt/SUNWkio/prototypes/generic-session

To launch Firefox form a script opening a local html document:
/usr/bin/firefox -url file:///opt/SUNWutMenu/info.html

And finally to undo all restrictions you have just applied to root’s browser sessions launch Firefox on safe mode and disable them:

/usr/lib/firefox -safe-mode

I don’t have the option “Generic X Session” for my kiosk mode?

It should be noted that when configuring “kiosk” mode within the Sunray administration interface the session type “Generic X Session” dose not appear to be available by default, in this case I copied the session type from our staff implementation.

The kiosk session types and session type configuration files however are located at /etc/opt/SUNWkio/prototypes and /etc/opt/SUNWkio/sessions. You can create a new kiosk session type by copying and re-naming an existing session type and editing the corresponding configuration files. If you require assistance with configuring the kiosk session types you should contact your Sunray support provider.

Our “Generic X Session” configuration file “generic.conf” looks like this:

KIOSK_SESSION_DESCRIPTION=”Provides a blank X session for running a Kiosk script.”

That all sounds cool but what about a look at the scripts?

Some of the scripts I’m using at the time of writing this blog are Available on the downloads page (see the tabs at the top of the page), if they provide some inspiration for anyone then you are welcome however you do use them at you own risk.

This entry was posted in Green Computing, Team News. Bookmark the permalink.

3 Responses to Edge Hill University’s open access Sunray implementation – Part 2

  1. Mike Nolan says:

    You just broke my head.

  2. Johan says:

    Great work !
    As i’m not good with tcl can you post your : “/opt/SUNWutMenu/menu.tcl” in order to have an idea of the menu ?
    I’d like to make the same thing in my university

    thanks in advance

  3. Matt says:

    Nice reading, great work!
    You mention DHCP/DNS, but it is not clear to me, whether the SunRay DHCP is used, or some external DHCP. We have some problems to set up DHCP (as part of the SunRayServer) on an ESX-Server.
    At the moment, I believe it is not possible to use the SunRay DHCP, as soon as the SunRayServer is running inside a virtual machine.
    It would be nice if you could clarify this.
    Thank you!

Leave a Reply

Your email address will not be published. Required fields are marked *