Achtung:

Sie haben Javascript deaktiviert!
Sie haben versucht eine Funktion zu nutzen, die nur mit Javascript möglich ist. Um sämtliche Funktionalitäten unserer Internetseite zu nutzen, aktivieren Sie bitte Javascript in Ihrem Browser.

Info-Icon This content is partly available in English
Studierende auf der Lernfläche des Instituts für Informatik, Foto: Universität Paderborn, Fotografin: Judith Kraft
Show image information

Studierende auf der Lernfläche des Instituts für Informatik, Foto: Universität Paderborn, Fotografin: Judith Kraft

Network Access, Login Troubleshooting & Backup

University Network Access from Your own Device

Connecting your personal Computer to the University Network

I. Usage of the Wireless Network

  • The IMT Wireless network is available to students and employees.
  • In case of problems with the IMT wireless network, contact the IMT for support.

II. Useage of Public Ethernet Ports (Green Ethernet Ports)

  • The green ethernet port may be used in stead of the wireless network.
  • DHCP is required to obtain an IP address  subnet access. his is usually already enabled.
  • Green Ports are available in the Campus Poolroom E1.316 and the Fürstenallee rooms F1.520, F1.540, and F2.520, F2.540

WARNING: It is not permitted to use other ethernet ports to connect to our network. Trying to do this, will, in fact, lock the port in question, and your offense will be logged. In particular, unplugging pool computers and reusing their ports WILL NOT WORK.

Remotely Accessing the University Subnet

Set up a VPN-Connection to our VPN servers, as detailed here. In case of problems, contact the IRB hostmaster.

Troubleshooting Login Problems

Typical cause: Disk Quota is Full

Typically, login problems are caused by a full disk quota, which does not leave enough space for temporary files necessary for the start up of some types of graphical sessions (such as GNOME or KDE). You are granted 1 GB of space in your home directory by default.

Typically, logging in via console (Ctrl+ALT+F1) will work, and you will be able to clean up your home directory manually. Use "du -h -a -d 1" to determine large files in your home directory, 'cd <directoryname>' to change directory, and 'rm <file>' or 'rm -r <directory>' to delete files and directories. For help on these and other commands see the manual page, accessible via 'man <command>'.

Browser caches are common culprits here; we recommend reducing the disk cache usage of these programs, and setting them to delete their cache on program exit. The firefox file urlclassifier3.sqlite, for phishing protection, may also grow considerably. Symlinks to /tmp can help here.

Important: Do not forget to log out from the console. Use 'logout' or Ctrl+D to terminate your session, and  (Ctrl+ALT+F1) to switch back to the graphical X sessions.

In case you do require more space, the IMT may be able to increase your quota, as our Fileserver was retired in favor of IMT managed user data. Also, consider using scratch space.

Other Causes

Less common, but possible causes of login failure are

  • Login was suspended
    • Your accound may be suspended in case of forbidden or suspicious activity on university computers. Appeals are handled on a case-by-case basis. Contact us to submit an appeal.

  • Computer is experiencing a network outage or is actually Broken
    • Please inform us of the issue in person or via irb-support[at]uni-paderborn.de. Use a different, functional computer in the mean time. Do not attempt fixing computers yourself.

  • Central Server Unavailable
    • In uncommon cases, the IMT LDAP or Fileservers may become unavailable, usually as scheduled downtime. This makes logging in to our computers using user accounts impossible. Please wait until the IMT has restored service on their end.

  • Computer is reserved
    • Rarely, a computer will be reserved for a specific purpose, for a longer period of time, such as simulations for bachelor theses running for two or three weeks, or other, similar computations. Please use a different comptuer in the meantime, as these computers are not made available for general purpose use during this time.

  • Desktop Session configs are broken
    • It is rare, but possible, that a specific combination of user configuration and version upgrades causes configurations for desktop sessions to cease to function, and instead make logging in impossible. We recommend logging in using a different session type, or the console, and deleting the relevant configurations (e.x.: .kde or .gnome)

  • No Computer Science login permissions
    • Logging in to our computers requires a Computer-Science-enabled account. Request 'Informatikzugang' in the 'IMT Benutzerverwaltung' web interface. If you stop by one of our offices we can also do this for you in person. You must, however have an IMT account before obtaining the Computer Science permissions will be possible. If you do not have one, stop by the IMT user support in N5.216.

  • Passwort not working
    • In very rare cases your password will cease to work, with seemingly no cause. Try resetting it in the 'IMT Benutzerverwaltung'. This seems to help.

In case none of these steps help, or you would like assistance, visit us during our office hours, or email us at irb-support[at]uni-paderborn.de.

Intergating Ubuntu with NFS and LDAP

You can take advantage of our infrastructure by enabling NFS and LDAP on your Ubuntu Linux System. Ubuntu still requires a patch for nfs, while OpenSuSE, Arch, Debian jessie and some others do not.

NFS /upb mount

Execute the following commands with root permissions:

  1. apt-get install nfs-common curl
  2. apt-get build-dep nfs-utils
  3. apt-get source nfs-utils
  4. cd nfs-utils-*
  5. curl "http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=patch;\
    h=a402f768db1dc6497cf7f592b33e142936897de2" | patch -p1
  6. cd ..
  7. apt-get source --compile nfs-utils
  8. dpkg -i nfs-common_*.deb
  9. sed "s/exec rpc\.gssd\\s*$/exec rpc.gssd -l -R CS.UNI-PADERBORN.DE/"\
    -i /etc/init/gssd.conf
  10. echo 'fs-nfs.uni-paderborn.de:/ifs/upb /upb nfs4 sec=krb5i 0 0' >> /etc/fstab
  11. mkdir /upb
  12. service gssd restart
  13. mount /upb

/upb should now be present and mounted. You will, hoverver need to sign on using your IMT accout (via ldap) to access your directories in the nfs mount.

Login per IMT-Account (via LDAP)

Execute the following commands with root permissions:

  1. apt-get install krb5-user
    Default Realm ist UNI-PADERBORN.DE
  2. Kopiere /etc/krb5.conf aus Anhang oder von einem Poolrechner
  3. Kopiere /etc/sssd/sssd.conf aus Anhang. Ersetze dabei <LDAPPASSWORT> durch ein Ldap-Passwort, welches beim IMT angefragt werden kann
  4. chmod 600 /etc/sssd/sssd.conf
  5. service sssd restart
  6. hostnamen überprüfen (fqdn (z.b. my-host.cs.upb.de) in /etc/hosts hinzufügen)
  7. Kopiere /etc/lightdm/lightdm.conf aus Anhang

Appendix

Using the RWTH-Aachen Archive Server & Tivoli Storage Manager

The RWTH-Aachen runs a central, enterprize-scale backup service for universities in the state of NRW.

To use this service, we have installed the Tivoli Storage Manager (TSM) on our x2go server at x2go.cs.upb.de.

Access credentials to the archive server are required, and are available from an IMT person of contact, currently mister Odenbach. Use TSM to back up data stored on the Isilon Storage Cluster, which is mounted as /upb on the x2go server.

The TSM on our x2go server may be accessed via the x2go-Client or via ssh, per console or, with X forwarding (ssh -Y x2go.cs.upb.de), graphically.

TSM can be used in two ways:

  • Graphically via $ dsmj -server=archive -virtualnodename=[Login]
  • Per console via $ dsmc -server=archive -virtualnodename=[Login]

Further information is available in the archive server pages of the RWTH-Achen and in the relevant IMT support pages.

Connecting to Computer Science Systems

VPN

You able to connect to our Computers through the IMT VPN, which grants a university-internal IP Address. This address is treated like any other university address, so you can reach services only normally available from within the univerty's networks. The IMT provides a guide for setting up and connecting to their VPN service.

Accessing your Home Directory

Access via SCP/SFTP

To transfer data to and from your home directory, using a client that supports the SCP/SFTP tranfer protocols, connect to the server sshgate.cs.uni-paderborn.de and log in with your IMT credentials or Kerberos ticket.

WinSCP

The IMT provides a detailled guide for WinSCP. To access Computer Science Accounts, use the server sshgate.cs.uni-paderborn.de instead of the server nfs-gate.uni-paderborn.de given in the guide.

FileZilla

The platform-independant FTP/SFTP Client can be used to establish reach your home directory using the following steps:

  1. Select 'File' > 'Server Manager'
  2. Click "New Server" and enter any alias for the connections. (z.B. Uni Home)
  3. Enter the hostname sshgate.cs.uni-paderborn.de ein.
  4. Select 'SFTP' as the protocol, and 'Normal' as the connection type.
  5. Use your IMT credentials for user and password. Your setting should look as shown below.
  6. Click connect to save the data for later use, and connect to our server. The left window shows local data, the right one the data in your UPB home directory. Drag and drop files between the windows to transfer them.

Next time you would like to connect, select the remebered connection from the 'Site Manager''.

Further information is provided on the IMT Support pages for Windows 7 and Windows 8.

Access via samba

Samba also allows accessing your home directory. The access path for this is:

\\fs-cifs.uni-paderborn.de\home

Further information is avaliable in the IMT support pages.

NOTE: Access via samba is only possible from within the university. A VPN may be used to allow remote access.

Linux

Linux users can mount samba paths as the root user:

mount -t cifs -o domain=ad,username=<Username> //fs-cifs.uni-paderborn.de/home <Path>

e.x. mount -t cifs -o domain=ad,username=mustermann //fs-cifs.uni-paderborn.de/home /mein/ziel/pfad

Credentials will need to be provided before the mount completes.

To mount the Linux home directory (a child directory of the user home directory), specify the complete path:

mount -t cifs -o domain=ad,username=<Benutzername> //fs-cifs.uni-paderborn.de/home/profiles/unix/cs <Zielverzeichnis>

Windows:

Simply provide the access path in Windows Explorer, and enter your IMT credentials when prompted.

Note: Prepend "AD\" or "ad\" to your user name; e.x.: "AD\mustermann".

To mount the Windows home directory (a child directory of the user home directory), use the following acces path:

\\fs-cifs.uni-paderborn.de\home\profiles\win\imt.V2

Mac OSX:

Information is provided in the IMT Support Pages.

Remote Connection using the Console

SSH connections to University computers are possible via Kerberos ticket or username and password.

The SSH gateway servers are the only reachable SHH servers from outside the university network. These are reachable under the DNS round-robin sshgate.cs.uni-paderborn.de, which in turn, allow connections to other servers in the network.

Authentication via Kerberos Ticket

Kerberos is the preferred (and stronly recommended) form of authentication, which eliminates the need to enter your password over and over again. Help setting up Kerberos is available here.

Authentication via Password

Authentication via IMT credentials is discouraged. We recommend using Kerberos instead. When connecting to the sshgates, you will be prompted for your IMT username and password if your are not using kerberos or SSH key-based authentication.

Linux und MacOS

To connect to a Linux or Mac OSX computer once inside the network, use:

ssh <imt-username>@sshgate.cs.uni-paderborn.de

Kerberos

Obtain a Kerberos ticket, which is done, if kerberos is installed, via:

kinit -f benutzername@UNI-PADERBORN.DE

You are prompted for your IMT credentials, and granted a Kerberos-TGT-Ticket. This ticket can then be used to connect to our computers withour password. Ensure that your  ~/.ssh/config contains the entries

Host *.upb.de *.uni-paderborn.de sshgate

GSSAPIAuthentication yes

GSSAPIDelegateCredentials yes

Also provide a /etc/krb5.conf, or obtain a copy from one of our pool computers.

There may be issues then connecting to our sshgates. Oftentimes, specifying a specifc server in our sshgate round-robin solves the issues. Simple provide a number from 1 to 4 after the sshgate hostname to reach a specific gate. (e.x.: sshgate3.cs.uni-paderborn.de) Abbreviating the hostname may also lead to issues, so we recommend typing out  sshgate2(at)uni-paderborn(dot)de instead of using shorthand such as sshgate4or sshgate4.cs.upb.de.

Windows

The telnet client PuTTY allows connections to our servers. Use sshgate.cs.uni-paderborn.de as the hostname, and 22 as the port. You will be asked for your IMT credentials when not using Kerberos.

Kerberos

The most recent version of  Kerberos for Windows allos for PuTTY connections with Kerberos. We also recommend setting 'Connection'>'Data'>'Auto-login Username' to your IMT username so that entering your username is not required on every single connections.

If you cannot connect via PuTTY using Kerberos, try specifying the path to your Kerberos dll (gssapi32.dll) in "User-supplied GSSAPI library path."

Remotely Connecting - Linux via x2go

Using Windows Pools

We offer standard pool installations (wich are graphical linux sessions) remotely via x2go. Use IMT credentials to log in.

x2go connections from windows PCs

Before using your own Windows computer to connect to our X2go pool installations, ensure that your have an X2Go-Client for Windos installed. There is a bug in new X2Go Windows Client versions, so only Version 4.0.5.0 or older is recommended for connecting to our X2Go server. To use this client from home, you will need to connect via VPN to the university network.

Setting up x2go

You are prompted to configure x2go when starting it for the first time; alternatively, start the prompt via Session>New Session.

Step 1: Enter session information

  • a name for the session (zB.: uni-x2go).
  • x2go server hostname: x2go.cs.uni-paderborn.de
  • x2go server port number: 22
  • Select the session type/Window-Manager (z.B. Gnome, KDE, ...)

Step 2: Select graphical options under Settings

  • window size (default: 800x600)
  • fullscreen

Step 3 : confirm and connect

Troubleshooting

If your keyboard layout is misconfigured, add the variable LANG=de_DE.UTF-8 to your ~/.bashrc

Neither GNOME nor KDE 5 (prior versions work) are supported in x2go, as the required hardware acceleration is not present under x2go. We recommend using Xfce, i3, or LXDE instead.

Remotely Connecting - Windows VMs

Employees, who require a Windows System may connect via Remote Desktop (in the start menu in Windos, or via xfreerdp in Linux) to one of our virtual Windows Pool Systems.

Use vm-mit.cs.uni-paderborn.de as the hostname, and your IMT credentials, prepending 'ad\' to your username.

Students may use VMs from a seperate pool, only accessible from our pool computers, due to license restrictions. These are reachable via the hostname vm-pool.cs.uni-paderborn.de.

vm-mit/vm-pool are dns round-robins, and distribute connections to the actual VMs. Please log out after you are done using our VM, and do not just kill the connection, as this may cause issues with login authorization. It may not be possible to determine the actual VM you used to to the round-robin policy used.

Windows VMs may automatically reboot and delete local profiles. This happens every day at  05:00 am, and may occasionally happen at other times. Please be prepared and adjust your workflow accordingly.

You will not be able to log in if someone is using the VM to which you have just connected. In this case, terminate the connection and try again in hopes of reaching an unoccupied VM.

IMPORTANT: Windows VMs are an experimental service. You may find them unavailable at times, so prepare accordingly.

Hinweis: Your mouse may not be optimally visible when using xfreerdp (from Linux). To fix this, diable the mouse shadow:

  1. Right click on the Desktop
  2. Personalize
  3. Change mouse pointers (top left)
  4. Uncheck "Enable Pointer shadow"
  5. OK to apply settings

Settings are stored centrally, and will be used next time you log into the Windows VMs.

Note for Mac OS X: Do not use the app "Remote Desktop Connection', published by Microsoft, as it is not compatible with current versions of Windows. A working alternative is the newest version of the app App "Microsoft Remote Desktop" , available in the appstore.

The University for the Information Society