Show pagesourceOld revisionsBacklinksBack to top Share via Share via... Twitter LinkedIn Facebook Pinterest Telegram WhatsApp Yammer RedditRecent ChangesSend via e-MailPrintPermalink × Table of Contents MeshCentral (web remote management) Description Installation Valid Certificate and Virtualhost needed mrmarkuz repo NethServer MeshCentral Virtualhost Security Customize MeshCentral AD/LDAP VPS configuration Apply configuration change Admin user Upgrade MeshCentral Intel AMT Issues Links Maintainer Is this Nethserver module helpful to you? Please consider donating to the author Thank you kindly! 2019/03/04 12:06 · HF MeshCentral (web remote management) Description Meshcentral is a web-based remote monitoring and management tool. Installation Valid Certificate and Virtualhost needed MeshCentral needs a valid certificate to work. You may use a Letsencrypt certificate. To be reachable for users and agents, MeshCentral needs a dedicated virtualhost, an FQDN like mydomain.org. You may use a Dynamic DNS provider. mrmarkuz repo Install mrmarkuz repo to ease installation/updates. NethServer MeshCentral Install nethserver-meshcentral: yum -y --enablerepo=mrmarkuz install nethserver-meshcentral Virtualhost Set the domain to reach the MeshCentral instance. config setprop meshcentral VirtualHost mydomain.org Security IP Filter IP Filtering can be done for users and agents. By default access is allowed from everywhere for both, users and agents. I recommend to use the IP filter. In this example agents and web users from local network 192.168.0.0/24 are allowed and the external agent with ip 1.2.3.4 is allowed too. config setprop UserAllowedIP 192.168.0.0/24 config setprop AgentAllowedIP 192.168.0.0/24,1.2.3.4 2FA MeshCentral supports 2FA. It's fully manageable via the web UI in the “My Account” tab go to “Manage authenticator app”. I recommend 2FA when using MeshCentral over WAN or on a VPS. Mail Validation It's possible to validate users by email. To enable mail validation: config setprop meshcentral MailValidation enabled If you do not use the local mail server or like to edit “From” address config setprop meshcentral MailHost mail.somehost.tld config setprop meshcentral MailPort 993 config setprop meshcentral MailFrom user@somehost.tld config setprop meshcentral MailTLS enabled Customize MeshCentral To customize the title or the pictures: config setprop meshcentral Title 'My NethCentral' config setprop meshcentral Title2 'This is my NethCentral Server' config setprop meshcentral TitlePicture 'title.png' config setprop meshcentral LoginPicture 'login.png' AD/LDAP MeshCentral uses internal authentication by default, you can enable AD/LDAP authentication but there's no way to use both auth methods so you have to decide. It's possible to create an internal user, enable AD/LDAP, login with AD/LDAP users, disable AD/LDAP and login with the created internal user. This way you always have an untouched backup admin. config setprop meshcentral ldap enabled VPS configuration For VPS it's recommended to disable the LAN mode and just run in WAN mode: config setprop meshcentral WANOnly enabled Apply configuration change signal-event nethserver-meshcentral-update Admin user Browse to your virtualhost domain and you should see the MeshCentral login page. The first account created or logging in (AD/LDAP) is the administrator. Upgrade MeshCentral To upgrade meshcentral to the latest version: signal-event nethserver-meshcentral-upgrade Intel AMT MeshCentral supports Intel AMT, it's running on port 4433 but you need to open the port in the firewall or service settings. I did not test AMT yet. Issues Please raise Issues on NethServer Community Links Community threads: https://community.nethserver.org/t/meshcentral-web-based-remote-computer-management/15257 https://community.nethserver.org/t/howto-install-meshcentral-on-nethserver/15331 Maintainer mrmarkuz | dev@markusneuberger.at | https://www.markusneuberger.at module mrmarkuzrepo meshcentral.txt Last modified: 2020/12/14 23:21by Markus Neuberger