Novell is now a part of Micro Focus

SLES 10 Tip: SLES 10 and VMWare Server 1.0

Novell Cool Solutions: Tip
By Adam Robinson

Digg This - Slashdot This

Posted: 24 Aug 2006 		 

I wanted to tell you about my experience with SLES 10 and VMWare Server 1.0. I had been running VMWare on an Ubuntu Server and using it to run a server or two and a few workstations for testing software. It was a total pain because I had to make local accounts for each user that needed to use VMWare and the password was not kept in sync anywhere else. Then a few days after SLES 10 came out I had a great idea. I remembered the Linux User Management feature that was on our OES Linux server. I installed SLES 10 and was a little disappointed to see that feature was not included. I could have set up SLES 10 to use LDAP authentication, but I liked how Linux User Management would let you easily restrict which users have access to a machine.

I took these rpms from a SLED 10 install cd:

novell-NLDAPbase-dyn-3.4.1-0.5.i586.rpm
novell-NLDAPsdk-dyn-3.4.1-0.5.i586.rpm
novell-lum-2.2.0-81.12.i586.rpm
yast2-linux-user-mgmt-2.9.83-16.6.noarch.rpm

They installed just fine onto the SLES 10 server. I then configured Linux User Management to authenticate through eDirectory with YaST and made a group called "vmware" containing all the users that needed access. Everything worked great. I knew that VMWare used something called vmware-authd to handle authentications and that it used PAM. I did some searching and I found the file /etc/pam.d/vmware-authd.

Its original contents were:

auth       sufficient       /lib/security/pam_unix2.so shadow nullok
auth       required         /lib/security/pam_unix_auth.so shadow nullok
account    sufficient       /lib/security/pam_unix2.so
account    required         /lib/security/pam_unix_acct.so

I changed the contents of the file to be:

auth       sufficient       /lib/security/pam_unix2.so shadow nullok
auth       sufficient       /lib/security/pam_nam.so
auth       required         /lib/security/pam_unix_auth.so shadow nullok
account    sufficient       /lib/security/pam_unix2.so
account    sufficient       /lib/security/pam_nam.so
account    required         /lib/security/pam_unix_acct.so

After that, all of the users that I had added to the vmware group could login with the VMWare Server Console to this server and just use their normal eDirectory credentials. The only problem I have is the VMWare Management Interface (the web based interface for checking the status of VM or powering it on). When I attempt to login with a LUM enabled user here the web interface crashes. Well anyways, I hope this information might be useful to someone else

SUSE Linux Enterprise Server 10 Cool Stuff

Read other SUSE Linux Enterprise Server 10 Tips and Tricks here

Submit your SUSE Linux Enterprise Server 10 Tips and Tricks here


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© Micro Focus