The system is now installed, but not yet configured for use. The hardware, the network and other services are not yet set up.
Having rebooted, the system starts the manual configuration. If the configuration fails at one of the steps of this stage, it restarts and continues from the last successful step.
root
root is the name of the superuser, the administrator of the system. Unlike regular users, who may or may not have permission to execute administrative commands on the system, root has unlimited command capacity, for instance changing the system configuration, installing programs, and setting up new hardware. If users forget their passwords or have other problems with the system, root can help. The root account should only be used for system administration, maintenance, and repair. Logging in as root for daily work is rather risky: a single mistake could lead to the irretrievable loss of system files.
For verification purposes, the password for root must be entered twice. Do not forget the root password. Once entered, this password cannot be retrieved.
When typing passwords, the characters are replaced by dots, so you do not see the string you are typing. If you are unsure whether you have typed the correct string, use the field for testing purposes.
SUSE Linux Enterprise Server can use the DES, MD5, or Blowfish encryption algorithms for passwords. The default encryption type is Blowfish. To change the encryption type, click and select the new type.
The root can be changed any time later in the installed system. To do so run YaST and start .
The hostname is the computer's name in the network. The domain name is the name of the network. A hostname and domain are proposed by default. If your system is part of a network, the hostname has to be unique in this network, whereas the domain name has to be common to all hosts on the network.
In many networks, the system receives its name over DHCP. In this case it is not necessary to modify the proposed hostname and domain name. Select instead. To be able to access your system using this hostname, even when it is not connected to the network, select . Do not enable this option when your machine provides network services. If you often change networks without restarting the desktop environment (e.g. when switching between different WLANs), do not enable this option either, because the desktop system may get confused when the hostname in /etc/hosts changes.
To change hostname settings at any time after installation, use YaST
. For more information, see
Section 20.4.1, Configuring the Network Card with YaST,
(↑ Administration Guide ).
HINT: IBM System z: Network Configuration
For the IBM System z platforms, a working network connection is needed at installation time to connect to the target system, the installation source, and the YaST terminal controlling the process. The steps to set up the network are discussed in Section 4.2.5, Network Configuration. The IBM System z platforms only support the types of network interfaces mentioned there (OSA Ethernet, OSA Gigabit Ethernet, OSA Express Fast Ethernet, Escon, and IUCV). The YaST dialog simply displays the interface with its settings as already configured. Just confirm this dialog to continue.
By default,
is enabled. If desired, you can also use NetworkManager to manage all your
network devices. However, the traditional method is the preferred
option for server solutions. Find detailed information about NetworkManager in
Section 25.0, Using NetworkManager,
(↑ Administration Guide ).
The network can also be configured after the system installation has been completed. If you skip it now, your system is left offline unable to retrieve any available updates. To configure your network connection later, select and click .
The following network settings can be configured in this step:
Enable or disable the use of NetworkManager as described above. Also change
the IPv6 support here. By default the IPv6 support is enabled. To
disable it, click . For more
information about IPv6, see Section 20.2, IPv6—The Next Generation Internet,
(↑ Administration Guide ).
By default SuSEFirewall2 is enabled on all configured network
interfaces. To globally disable the firewall for this computer,
click on . If the firewall is enabled, you
may the SSH port in order to allow remote
connections via secure shell. To open the detailed firewall
configuration dialog, click on . See
Section 15.4.1, Configuring the Firewall with YaST,
(↑ Security Guide ) for detailed information.
All network cards detected by YaST are listed here. If you have already set up a network connection during the installation (as described in Network Setup) the card used for this connection is listed as . A click on opens the dialog, where you can change existing configurations, set up networks cards not configured yet, or add and configure additional cards.
If your computer is equipped with an internal DSL modem, an internal ADSL Fritz Card, an ISDN card or a modem, clicking on the respective headline opens the configuration dialog. Refer to Section 11.0, Accessing the Internet for further information.
To enable remote administration of your machine via VNC, click . Choose in the following dialog and adjust your firewall settings accordingly.
If you have a proxy server controlling the Internet access in your network, configure the proxy URLs and authentication details in this dialog.
HINT: Resetting the Network Configuration to the Default Values
Reset the network settings to the original proposed values by clicking . This discards any changes made.
After having configured a network connection, you can test it. For this purpose, YaST establishes a connection to the SUSE Linux Enterprise Server server and downloads the latest release notes. Read them at the end of the installation process. A successful test is also a prerequisite for the automatic addition of the default repositories and for updating online.
If you have multiple network interfaces, verify that the desired card is used to connect to the Internet. If not, click .
To start the test, select and click . In the following dialog, view the progress of the test and the results. Detailed information about the test process is available via . If the test fails, click to return to the network configuration to correct your entries.
Proceed with . If the test was successful, the official software repositories for SUSE Linux Enterprise Server and the update repository will be configured. Downloading the repository data for the first time may take some time.
If you do not want to test the connection at this point, select then . This also skips downloading the release notes, configuring the customer center and updating online. These steps can be performed any time after the system has been initially configured.
To get technical support and product updates, you need to register and activate your product with the Novell Customer Center. The provides assistance for doing so. Find detailed information about Novell Customer Center at http://www.novell.com/documentation/ncc/.
If you are offline or want to skip this step, select . This also skips SUSE Linux Enterprise Server's online update.
In , select whether to send unsolicited additional information, such as your or when registering. This simplifies the registration process. Click on to get in-depth information about how the data will be collected. In order to obtain information about which data will be sent for your specific product, the Novell server will be connected. Upon this initial connect no data other than the ID of your product will be sent to the Novell servers.
In order to become entitled for support, make sure to check . You will be prompted to enter the code when proceeding with . Find more information about the technical support at http://www.novell.com/products/server/services_support.html.
NOTE: Data Privacy
No information is passed to anyone outside Novell. The data is used for statistical purposes and to enhance your convenience regarding driver support and your Web account. Find a link to the detailed privacy policy by clicking on . View the information transmitted in the log file at /root/.suse_register.log.
Apart from activating and registering your product, this module also adds the official update repositories to your configuration. These repositories provide fixes for known bugs or security issues which can be installed via an online update.
To keep your repositories valid, select . This option checks your repositories and adds newly available catalogs or removes obsolete ones. It does not affect manually-added repositories.
Proceed with . A connection with the Novell server is established. Follow the on-screen instructions to finish the registration.
If your organization provides a local registration server instead of using the Novell Customer Center, you need to specify the server's URL. Client and server communicate solely via HTTPS protocol, therefore you also need to enter a path to the server's certificate if the certificate was not issued by a certificate authority. Open the dialog with
URL of the registration server. The URL has a fixed format https://FQN/center/regsvc/ FQN has to be full qualified hostname of the registration server. Example:
https://smt.example.com/center/regsvc/
Location of the registration server's certificate. Specify one of the following locations:
Remote location (http, https or ftp) from which the certificate can be downloaded. Example:
http://smt.example.com/smt-ca.crt
Specifies a location on a floppy. The floppy has to be inserted before proceeding. The value has to start with the string floppy followed by the path to the certificate. Example:
floppy/smt/smt-ca.crt
Absolute path to the certificate on the local machine. Example:
/data/inst/smt/smt-ca.cert
Use ask to open a pop-up menu where you can specify the path to the certificate. Do not use this option with AutoYaST. Example
ask
Use done if either the certificate will be installed by an add-on product, or if you are using a certificate issued by an official certificate authority. Example:
done
If an Internet connection has been established, and updates are
available, select whether to perform a YaST online update. If there
are any patched packages available on the servers, download and install
them now to fix known bugs or security issues. For detailed
instructions see Section 1.0, YaST Online Update,
(↑ Administration Guide ). Directives on
how to perform an online update in the installed system are available
at Section 9.4, Keeping the System Up-to-date or
Section 1.0, YaST Online Update,
(↑ Administration Guide ). This step is skipped if
no updates are available or no Internet connection has been
established. Patches fixing security issues and recommended patches
applying to your installation are automatically preselected. Click
to install them and
to proceed with the system configuration.
IMPORTANT: Downloading Software Updates
The download of updates might take quite some time, depending on the bandwidth of the Internet connection and the size of the update files. In case the patch system itself is updated, the online update will restart and download more patches after the restart. If the kernel was updated, the system will reboot before completing the configuration.
After testing the Internet connection and downloading the first updates, a dialog opens in which to enable and configure three network services.
The purpose of a CA (certificate authority) is to guarantee a trust
relationship among all network services communicating with each
other. Without a CA, you can secure server communications with SSL
and TLS separately for each individual service. By default, a CA is
created and enabled during the installation. Find details about the
creation of a CA with YaST in
Section 17.0, Managing X.509 Certification,
(↑ Security Guide ).
You can run an LDAP service on your host to have a central facility
manage a range of configuration files. Typically, an LDAP server
handles user account data, but with SUSE Linux Enterprise Server it can also be
used for mail, DHCP, and DNS data. By default, an LDAP server is set
up during the installation. If you decide against the use of an LDAP
server, the YaST mail server module does not work because it
depends on LDAP functionality. However, you can still set up a mail
server on your system with the help of the module. Find details about LDAP and its
configuration with YaST in Section 4.0, LDAP—A Directory Service,
(↑ Security Guide ).
The CIM (Common Information Model) Server is started by default.
Click to prevent the server automatically
stating at boot time. For more information on CIM services refer to
Section 32.0, Web Based Enterprise Management using SFCB,
(↑ Administration Guide ).
If preferred, you can skip this configuration proposal for now. After the installation is finished, configure and start the same services with the help of YaST.
HINT: Resetting the Service Configuration to Defaults
Restore the defaults by clicking . This discards any changes made.
If network access was configured successfully during the previous steps of the installation, you can now choose from several user management options. If a network connection has not been configured, create local user accounts. You may also, if present, import users from a previous installation. Also change the password encryption type in this dialog.
You can also add additional user accounts or change the user authentication method in the installed system. For detailed information about user management, see Section 12.0, Managing Users with YaST.
The default authentication method is . If a former version of SUSE Linux Enterprise Server or another system using /etc/passwd is detected, you may import local users. To do so, check and click . In the next dialog, select the users to import and finish with .
Manually enter local users by clicking . The New Local User dialog opens. After entering the first name and last name, either accept the proposal or specify a new that will be used to log in. Finally, enter a password for the user. Reenter it for confirmation (to ensure that you did not type something else by mistake). To provide effective security, a password should be between five and eight characters long. The maximum length for a password is 72 characters. However, if no special security modules are loaded, only the first eight characters are used to discern the password. Passwords are case-sensitive. Special characters (7-bit ASCII) and the digits 0 to 9 are allowed. Other special characters like umlauts or accented characters are not allowed.
Passwords you enter are checked for weakness. When entering a password that is easy to guess, such as a dictionary word or a name, you will see a warning. It is a good security practice to use strong passwords.
Two additional options are available:
Checking this box sends messages created by the system services to the user. These are usually only sent to root, the system administrator. This option is useful for the most frequently used account, because it is highly recommended to log in as root only in special cases.
The mails sent by system services are stored in the local mailbox /var/spool/mail/username, where username is the login name of the selected user. To read e-mails after installation, you can use any e-mail client, for example KMail or Evolution.
This option automatically logs the current user in to the system on startup. This is mainly useful if the computer is operated by only one user. For automatic login to work, the option must be explicitly enabled.
WARNING: Automatic Login
With automatic login enabled, the system boots straight to your desktop with no authentication at all. If you store sensitive data on your system, you should not enable this option if the computer can also be accessed by others.
Enter more users by calling the module described in Section 12.0, Managing Users with YaST.
When using a network server for user authentication, access to the following services can be configured:
Users are administered centrally on an LDAP server for all systems
in the network. More information is available in
Section 4.4, Configuring an LDAP Client with YaST,
(↑ Security Guide ).
Users are administered centrally on a NIS server for all systems in
the network. See Section 3.2, Configuring NIS Clients,
(↑ Security Guide ) for more
information.
SMB authentication is often used in mixed Linux and Windows
networks. Detailed information is available in
Section 26.6, Samba Server in the Network with Active Directory,
(↑ Administration Guide ) and
Section 5.3, Configuring a Linux Client for Active Directory,
(↑ Security Guide ).
Along with user administration via and
, you can use Kerberos authentication. To use it,
select . For more
information on Kerberos, refer to
Section 6.0, Network Authentication with Kerberos,
(↑ Security Guide ).
After completing the user authentication setup, YaST displays the release notes. Reading them is recommended, because they contain important up-to-date information which was not available when the manuals were printed. If you successfully tested the Internet connection, read the most recent version of the release notes, as fetched from SUSE Linux Enterprise Server's servers. Use in YaST or start the SUSE Help Center to view the release notes after installation.
At the end of the installation, YaST opens a dialog for the configuration of > and . Click the individual components to start the hardware configuration. For the most part, YaST detects and configures the devices automatically.
HINT: IBM System z: Hardware Configuration
On the IBM System z, there is no display that would be supported by XFree. Accordingly, you do not find a entry on these systems.
You can skip any peripheral devices and configure them later, as described in Section 8.0, Setting Up Hardware Components with YaST. To skip the configuration, select and click .
However, when setting up a desktop system you should configure the graphics card right away. Although the display settings as configured by YaST should be generally acceptable, most users have very strong preferences as far as resolution, color depth, and other graphics features are concerned. To change these settings, select the respective item and set the values as desired.
HINT: Resetting Hardware Configuration to the Default Values
You can cancel any changes to the hardware configuration by clicking . YaST then shows the original proposal again.
After a successful installation, YaST shows the Installation Completed dialog. In this dialog, select whether to clone your newly installed system for AutoYaST. To clone your system, select . The profile of the current system is stored in /root/autoyast.xml. Cloning is selected by default.
AutoYaST is a system for installing one or more SUSE Linux Enterprise Server systems automatically without user intervention. AutoYaST installations are performed using a control file with installation and configuration data.For detailed information, refer to Section 21.0, Automated Installation. Finish the installation of SUSE Linux Enterprise Server with in the final dialog.