20250429 push notes

2025-04-29 16:29:52 +02:00
parent 214941710d
commit 0cb3f588fa
69 changed files with 944 additions and 61 deletions
--- a/archive/ssr-kwa/manual/Checkliste-apple-geraete.md
+++ b/archive/ssr-kwa/manual/Checkliste-apple-geraete.md
@@ -0,0 +1,28 @@
+
+## iPhone
+
+- <https://mail.studio-stadt-region.de> besuchen - oder analog fuer kwa - und UNTER der login maske "profil runterladen" anklicken und anmelden ==> dies synced CalDAV, CardDAV, WebDAV aufs Handy
+- VPN  einstellen - Lokalen User im Kerio anlegen und Berechtigung fuer VPN geben. Am Handy in nativen VPN Einstellungen anlegen mit Typ: L2TP
+
+## MacBook
+
+### Checkliste
+
+1. Mail Postfach anlegen (In Kerio Connect User anlegen)
+1. Nutzer Profil in AD anlegen (In Univention User anlegen)
+1. Nutzer Profil am Mac anlegen (Lokalen User an Mac Book anlegen)
+1. iCloud (Sie erstellen selber ein iCloud Acc)
+1. In M365 User anlegen und mit Lizenz versehen (Iwas mit Bussines-teuer-und-unverschaemt)
+1. Mail Client (imap und smtp. Server: `mail.<domain.de>`, Credentials: Siehe Punkt 1.)
+1. Calendar Config (manuell CalDAV. Server: `mail.<domain.de>`, Credentials: Siehe Punkt 1. )
+1. Filewave Kiosk Client (https://kb.filewave.com/books/downloads/page/filewave-version-1542)
+1. BusyContacts (manuell CardDAV. Server: `mail.<domain.de>`, Credentials: Siehe Punkt 1. )
+1. icloud raumkalendar hinzufuegen (siehe IT-Glue. MFA otp auf sbx Smartphone)
+1. NinjaOne Client (U know it)
+1. Kerio VPN Client (Filewave Kiosk)
+1. Projekt Pro (FileMaker Pro aus Filewave Kiosk. Projekt Pro ueber FileMaker einrichten und oeffnen bis zum Anmeldefenster)
+1. Vectorworks (Filewave)
+1. Microsoft Word/Excell/Powerpoint installieren und testen
+1. Druckertreiber runterladen
+
+https://eu.ninjarmm.com/agent/installer/665ef278-986b-4969-b436-26b1b254d6d5/studiostadtregionarchitekturstadtentwicklunghauptsitz-6.0.1816-installer.dmg
--- a/archive/ssr-kwa/manual/iphone-onboarding.md
+++ b/archive/ssr-kwa/manual/iphone-onboarding.md
@@ -0,0 +1,22 @@
+## Intro
+
+Here, we shortly summarize how to onboard an iPhone.
+
+### CheckList
+
+- mail
+- cal
+- busycontacts
+- teams
+- vpn
+
+## Mail, Contacts, Calendar
+
+Follow:
+
+- [Kerio Anleitung](https://manuals.gfi.com/en/kerio/connect/content/email-clients/mobile-devices/synchronizing-your-iphone-with-kerio-connect-251.html)
+
+## Kerio VPN
+
+1. Create a local user on the Kerio Firewall specific for VPN usage. Usage of the VPN has to be enabled explicitly.
+2. Follow: <https://support.keriocontrol.gfi.com/hc/en-us/articles/360015189519-Configure-VPN-on-iOS-and-Android-devices>. (L2TP with Pre-Shared Key)
--- a/archive/ssr-kwa/manual/kerio-vpn-apple-silicon.html
+++ b/archive/ssr-kwa/manual/kerio-vpn-apple-silicon.html
@@ -0,0 +1,3 @@
+<h2 id="problem">Problem</h2>
+<p>On apple silicon hardware the Kerio VPN service is not enabled natively. Third party kernel extensions have to be enable on Apple silicon-based Macs.</p>
+<p>Follow this <a href="https://macsupport.tuxera.com/hc/en-gb/articles/4409208805522-How-do-I-enable-third-party-kernel-extensions-on-Apple-silicon-based-Macs">guide</a>.</p>
--- a/archive/ssr-kwa/manual/kerio-vpn-apple-silicon.md
+++ b/archive/ssr-kwa/manual/kerio-vpn-apple-silicon.md
@@ -0,0 +1,5 @@
+## Problem
+
+On apple silicon hardware the Kerio VPN service is not enabled natively. Third party kernel extensions have to be enable on Apple silicon-based Macs.
+
+Follow this [guide](https://macsupport.tuxera.com/hc/en-gb/articles/4409208805522-How-do-I-enable-third-party-kernel-extensions-on-Apple-silicon-based-Macs).
--- a/archive/ssr-kwa/manual/smb-server-centos.md
+++ b/archive/ssr-kwa/manual/smb-server-centos.md
@@ -0,0 +1,75 @@
+## Ressources
+
+- <https://wiki.archlinux.org/index.php/samba#Server>
+- <https://wiki.archlinux.org/title/Samba#Client>
+
+## Intro
+
+As is often the case the [Arch Wiki](https://wiki.archlinux.org/index.php/samba#Server) has a fantactically detailed entry on setting up and configuring a samba server.
+
+## Simple Config
+Login at the server which should act as the samba server.
+
+- First, install samba:
+```sh 
+yum check-update && yum install samba
+```
+- Next, modify/create a file at `/etc/samba/smb.conf` with the following contents (adapt this for your needs):
+```sh 
+[global]
+        workgroup = SAMBA
+        server string = petar
+        security = user
+        guest ok = yes
+        map to guest = Bad Password
+        log file = /var/log/samba/%m.log
+        max log size = 50
+        printcap name = /dev/null
+        load printers = no
+
+
+        # Install samba-usershares package for support
+        include = /etc/samba/usershares.conf
+
+[Share]
+    comment = Folder to share
+    path = /path/to/share
+    browseable = yes
+    read only = no
+    guest ok = no
+```
+- Samba requires setting a password separately from that used for login. You may use an existing user or create a new one for this purpose.
+```sh
+smbpasswd -a sbxadmin
+```
+- Existing samba users can be listed with:
+```sh 
+pdbedit -L -v
+```
+- Once finished, ensure the samba service is restarted with:
+```sh
+systemctl restart smbd
+```
+
+## Security config on server
+
+### Firewalld
+- CentOS uses as standard local firewall `firewalld`.
+
+```sh
+firewall-cmd --permanent --add-service={samba,samba-client,samba-dc} --zone=public
+```
+
+### SELinux
+SELinux not allow samba to access folders by default, to solve this, run:
+```sh 
+setsebool -P samba_export_all_ro 1
+```
+
+## Client
+Depends on client OS. Just use Windows. Noob! 
+
+
+
+
+