Remote Control Sun Ray Session with SGD
One thing I love about the Internet, is the ability to bring us closer. You have noticed a post for DJ.
DJ asked me, in the comments of one of my blogs to go more in-depth in
some of the serial ports to work with VDI, so I did. Come to find out
DJ works in Europe for a Sun Reseller, and was on-site at a customer
looking for help. With out even knowing it, my blog post helped a
customer out and Sun sold the customer on Sun as a company.
All
that to say, DJ wanted to return something back to the community, so
below is a script he wrong integrating SGD and SRSS. This is what Open
Source is all about. People doing some cool things and returning them
to the community to make the community stronger!
Thanks DJ for the script, it's been great meeting you, and I am still working on the open LDAP integration.
__________________
Here we go:
I
gave my users a new menu option in their SSGD menus: "My Sun Ray
Session". When they click on it a new window opens and taaadaaa! they
are indeed back into their Sun Ray session which they left at the
office.
Here is how it works:
The menu point "My Sun Ray
Session" is a script that resides on the Sun Ray server itself, e.g.
/usr/bin/my_sunray.sh ... so when a user clicks on this menu entry
inside their SSGD webtop then SSGD does a "ssh -X" connection to the
Sun Ray server and launches this script:
#! /bin/bash
# set -x
VNCDISPLAY=`grep 'VNCDISPLAY' /tmp/RemoteControl/$LOGNAME.agent.settings.vnc | cut -d'=' -f2`
FCPASS=`grep 'FCPASS' /tmp/RemoteControl/$LOGNAME.agent.settings.vnc | cut -d'=' -f2`
if [ -z $VNCDISPLAY ]
then
# echo "You don't seem to have a Sun Ray session."
/usr/bin/zenity --error --text="You don't seem to have a Sun Ray session."
exit 1
fi
/usr/bin/create_vnc_passwd.sh $FCPASS > /dev/null
/usr/bin/vncviewer -shared -passwd $HOME/.vnc/passwd $VNCDISPLAY > /dev/null
As
explained above: My script assumes that the "Remote Control Toolkit" is
installed and working in "agent mode". You can get it from here: http://wiki.sun-rays.org/index.php/SRSS_Addon:_Remote_Control_Toolkit
So
this explains the first few lines in my script: The "Remote Control
Toolkit" stores the information you'd need to access the VNC session in
a file called "/tmp/RemoteControl/YourUserNameHere.agent.settings.vnc"
The
problem with this file is that there does not seem to be an automatic
way how the password that gets randomly generated could be transferred
over into a format that is readable for the "vncviewer" program. Hence
I need a little "expect" script to help me out with this .... so that
explains the "/usr/bin/create_vnc_passwd.sh" script which I am calling
in the second-last line:
#! /usr/bin/expect --
spawn /usr/bin/vncpasswd
sleep 1
expect "Password:"
send "$argv\r"
expect "Verify:"
send "$argv\r"
send "\r"
expect "$"
...
this script takes the "full-controll password" ($FCPASS) as argument
("$argv") and then calls "vncpasswd" so it generates the VNC-readable
"~/.vnc/passwd" file.
Once that file is generated we can call
"vncviewer" (last line in the "my_sunray.sh" script) and supply the
newly generated "passwd" file as argument. Voila.
Result: even
though the password was randomly generated when the Sun Ray session
started the user is not prompted to type a password when he connects to
his session via SSGD, my quick + dirty scripts do all that
automagically.
I had to come up with this stuff for a customer
company ... on one hand their users would like to have access to their
Sun Ray sessions from home, on the other hand the company's
policy-makers don't want to open any additional ports on the outside
firewalls, they don't want any VPN or IPSEC solution (because that's
exactly why they bought SSGD as a sort of a "VPN-replacement"...) and
they don't want to give their users Sun Ray thin-client units for home
use ... Voila. With these scripts they can now use SSGD and access
their Sun Ray sessions remotely (if they have an open session).
DJ asked me, in the comments of one of my blogs to go more in-depth in
some of the serial ports to work with VDI, so I did. Come to find out
DJ works in Europe for a Sun Reseller, and was on-site at a customer
looking for help. With out even knowing it, my blog post helped a
customer out and Sun sold the customer on Sun as a company.
All
that to say, DJ wanted to return something back to the community, so
below is a script he wrong integrating SGD and SRSS. This is what Open
Source is all about. People doing some cool things and returning them
to the community to make the community stronger!
Thanks DJ for the script, it's been great meeting you, and I am still working on the open LDAP integration.
__________________
Here we go:
I
gave my users a new menu option in their SSGD menus: "My Sun Ray
Session". When they click on it a new window opens and taaadaaa! they
are indeed back into their Sun Ray session which they left at the
office.
Here is how it works:
The menu point "My Sun Ray
Session" is a script that resides on the Sun Ray server itself, e.g.
/usr/bin/my_sunray.sh ... so when a user clicks on this menu entry
inside their SSGD webtop then SSGD does a "ssh -X" connection to the
Sun Ray server and launches this script:
#! /bin/bash
# set -x
VNCDISPLAY=`grep 'VNCDISPLAY' /tmp/RemoteControl/$LOGNAME.agent.settings.vnc | cut -d'=' -f2`
FCPASS=`grep 'FCPASS' /tmp/RemoteControl/$LOGNAME.agent.settings.vnc | cut -d'=' -f2`
if [ -z $VNCDISPLAY ]
then
# echo "You don't seem to have a Sun Ray session."
/usr/bin/zenity --error --text="You don't seem to have a Sun Ray session."
exit 1
fi
/usr/bin/create_vnc_passwd.sh $FCPASS > /dev/null
/usr/bin/vncviewer -shared -passwd $HOME/.vnc/passwd $VNCDISPLAY > /dev/null
As
explained above: My script assumes that the "Remote Control Toolkit" is
installed and working in "agent mode". You can get it from here: http://wiki.sun-rays.org/index.php/SRSS_Addon:_Remote_Control_Toolkit
So
this explains the first few lines in my script: The "Remote Control
Toolkit" stores the information you'd need to access the VNC session in
a file called "/tmp/RemoteControl/YourUserNameHere.agent.settings.vnc"
The
problem with this file is that there does not seem to be an automatic
way how the password that gets randomly generated could be transferred
over into a format that is readable for the "vncviewer" program. Hence
I need a little "expect" script to help me out with this .... so that
explains the "/usr/bin/create_vnc_passwd.sh" script which I am calling
in the second-last line:
#! /usr/bin/expect --
spawn /usr/bin/vncpasswd
sleep 1
expect "Password:"
send "$argv\r"
expect "Verify:"
send "$argv\r"
send "\r"
expect "$"
...
this script takes the "full-controll password" ($FCPASS) as argument
("$argv") and then calls "vncpasswd" so it generates the VNC-readable
"~/.vnc/passwd" file.
Once that file is generated we can call
"vncviewer" (last line in the "my_sunray.sh" script) and supply the
newly generated "passwd" file as argument. Voila.
Result: even
though the password was randomly generated when the Sun Ray session
started the user is not prompted to type a password when he connects to
his session via SSGD, my quick + dirty scripts do all that
automagically.
I had to come up with this stuff for a customer
company ... on one hand their users would like to have access to their
Sun Ray sessions from home, on the other hand the company's
policy-makers don't want to open any additional ports on the outside
firewalls, they don't want any VPN or IPSEC solution (because that's
exactly why they bought SSGD as a sort of a "VPN-replacement"...) and
they don't want to give their users Sun Ray thin-client units for home
use ... Voila. With these scripts they can now use SSGD and access
their Sun Ray sessions remotely (if they have an open session).
