Setting up an OpenVZE CN
========================

Create

cn-dev-2.dataone.org
IP 129.24.0.48
DNS 8.8.8.8
DNS 8.4.4.4
300GB disk
8192 RAM
2048 swap

Start

Open console, update distro::

  apt-get update
  apt-get upgrade

Create localadmin account::

  adduser localadmin
  usermod -a -G sudo localadmin

Now login through SSH and user terminal for remainder of configuration.

  apt-get install dialog ca-certificates

  apt-get install dnsutils curl wget libnss-ldap nscd nano man acpid ntp

  apt-get install denyhosts

Configure LDAP user authentication

Replace /etc/ldap.conf::

  sudo mv /etc/ldap.conf /etc/ldap.conf.original
  sudo nano /etc/ldap.conf
    ...

Edit ``/etc/pam.d/common-session`` and add the ``pam_mkhomedir`` entry::

  # here are the per-package modules (the "Primary" block)
  session	[default=1]     pam_permit.so
  # here's the fallback if no module succeeds
  session	requisite       pam_deny.so
  # prime the stack with a positive return value if there isn't one already;
  # this avoids us returning an error just because nothing sets a success code
  # since the modules above will each just jump around
  session	required        pam_permit.so
  # and here are more per-package modules (the "Additional" block)
  session	required        pam_unix.so 
  session required        pam_mkhomedir.so skel=/etc/skel/
  session	optional        pam_ldap.so 
  # end of pam-auth-update config

Add users to /etc/passwd

Restart libnss-ldap and nscd