[arch-general] Arch Linux PC as a Remote Desktop Node

[Foxtrot Mike]

On 07/27/2018 11:17 PM, Giancarlo Razzolini wrote:
> Em julho 27, 2018 14:46 Foxtrot Mike via arch-general escreveu:
>>
>> The issue with x2go and ltsp is that I'll have to separately manage 
>> username and passwords for local Linux login. The solution that I'd 
>> rather prefer would use Active directory authentication so the 
>> current system administrator won't have to do anything extra. The 
>> group policies are already there. Once the Arch system is properly 
>> configured, I'd disable local logins so there will be very limited 
>> chance for a user to corrupt/modify Arch system. And ideally, the 
>> user would have no way to interact with the local system. Thats why I 
>> want to limit the user to freeRDP. Anything else, and the X-session 
>> expires.
>
> You have more than one option to authenticate to windows AD servers 
> [0] . You
> have PAM Ldap, winbind, making a samba server the secondary 
> controller, etc.
I thought these options worked together, i.e, I'd to use samba PAM and 
winbing all together. Thanks for the info. I'll look deeper into it.
>
> You will probably need a local home dir for storing session data, but 
> this can
> be created/destroyed on demand.
>
>>
>> Plus, I am very much into embedded linux systems (routers, SBCs, 
>> etc). I think putting the various pieces together would be give me a 
>> lot more to learn as compared to using a third party specialized 
>> software such as a kiosk script.
>>
>
> Why reinvent the wheel here? I understand the need for learning, but I 
> wouldn't
> do this on something that is intended as a production system. Again, 
> don't use
> plain X protocol over the network, it's very wasteful.

I plan to use RDP. I think it's not the same as using 'plain X protocol 
over the network' since RDP includes encryption and compression, afaik. 
Please correct me if I'm wrong.
>
> Regards,
> Giancarlo Razzolini
>
> [0] https://wiki.archlinux.org/index.php/Active_Directory_Integration