• A corporate image
• A customized KDE Menu for applications
• Various usability enhancements related to the user profiles

In addition to these customizations, to encourage widespread use mEDUXa has been tailored to work with the diverse assortment of machines found in the educational centers.

Authentication against Active Directory

One of the requirements to be fulfilled was that the users and groups, and their associated privileges, could be managed centrally using the Canary Islands Government's Active Directory Services (ADS). Although ADS is a technology developed for another platform, we are adapting the mEDUXa Linux systems so that they access the ADS when the user starts a session, or tries to access remote resources.

It uses the MIT Kerberos system and OpenLDAP LDAP on the client, along with the corresponding PAM modules. Information obtained via these queries, gives details of the shared volumes that can be mounted via the network, so that the user has their own storage space ($HOME) and assorted common folders, that are all stored in centralized servers, which can be backed up periodically.

WiFi Validation

Some parts of the Medusa network have a WiFi based infrastructure to access the computer network. To allow secure access it uses WPA authentication against a RADIUS server (integrated with Active Directory Services), when users or an autonomous machine try to establish a WiFi connection.

The mEDUXa Linux system uses wireless card drivers for various purposes (hostap, to ndiswrapper, ipw2100, ipw2200…), and pays special attention to ensure they are compatible with wpa_requestor, Jouni Malinen's implementation of the WPA/WPA2/IEEE 802.1X Protocol (from the HostAP project), using it to connect to the WiFi network, and authenticate users, and to negotiate the keys for secure network traffic. The authentication can be for equipment registered in the Directory Assets, or alternatively provided by a user when initiating a session to check that the user and password are registered.

System for Identifying and Assigning IP Addresses

mEDUXa is compatible with Medusa's current addressing scheme, incorporating automatic and flexible address assignment. Thus, mEDUXa is ready for any future changes the Medusa project addressing. This flexibility is a common characteristic of the project. The present system has only one distribution for the workstations and school servers, and it can autoconfigured and installed to work anywhere. In addition, thanks to the way internal DNS aliases abstract away the addressing details, all the applications in the distribution can work without change at any site.

System for autogenerating user home directories in the local file system

mEDUXa incorporates a set of local accounts (one for each profile) so that, in the event of a disconnection from the school server, it can continue working without interruption. The usual way this system works is that the local user home directories are autogenerated, once the user has been validated against Active Directory. This is a temporary solution, until an architecture based on having the home directories held in the school servers can be implemented.

Authentication System and access to storage space on the school servers (Windows 2003)

User profiles

mEDUXa incorporates five types of user profile. The configuration is based on the kiosk mode feature of the KDE desktop, used in conjunction with the 'sudo' command. This capability of the desktop is one of the strongpoints of the project from the point of view of the end user. These user profiles have the following specific configurations:

• Primary school pupil profile
• Secondary school pupil profile
• Basic teacher profile
• Advanced teacher profile
• Profile for classroom administrators

The set of applications chosen for mEDUXa

Taking account of diverse criteria, a set of applications has been chosen for mEDUXa. The selection criteria can be summarized as follows:

• Compatibility with the legal requirements of the project.
• Technical criteria. Specifically, they must be technically compatible with the distribution. Simplicity, from the technical point of view, as well as being “actively maintained” are requisites that would favor the selection of an application or package.
• Technical quality of the application.
• Compatibility and integration. We gave priority to those applications that interact well with others, in order to give the feeling that all the elements of the distribution are well integrated. As a result of this, we selected a great number of applications from the KDE project in general, and from KDE-Edu in particular.
• Applications with similar functionality to existing ones in the Windows partition.
• To avoid duplications, which is is to say, only offer a single application for each use case. However, this requirement can be relaxed as the use of mEDUXa increases..

mEDUXa allows the incorporation of new applications at any time, the reason being that applications might need to be changed or extra ones added based on user demand and feedback from the educational centers. Thanks to the Update System, the practice of frequent Linux distribution releases is no problem, as it allows for continuous updates.

Configurations oriented to have multilingual systems

All the customizations have been made with consideration of the need to incorporate the following languages in Medusa (in addition to Spanish):

• English
• French
• German
• Arabic

Thus, mEDUXa will be available in these languages. By means of a menu before logging into the desktop, the users will be able to change them for the desktop and the applications. This is an excellent way of advancing foreign language studies, and cultural integration programs.

Reporting bugs and failures

The Medusa project has collaborated with the Technical High School of Computer Engineering (ETSII) at the University of La Laguna (ULL) and the Ejercicios company Ejercicios Resueltos S.L.U. (Grupo CPD)' by completing an end of course project with the title “Design and Development of the Maintenance and Support Infrastructure of the Linux Distribution mEDUXa”. As part of this project, an application was developed to facilitate the reporting of failures detected in the distribution.

The failure notifier is a a wizard which, step by step, asks the user all the necessary information, to allow the technicians to reproduce and correct the problem. At the same time, the application compiles that information of the distribution that can be of interest, like for example, the system registries or the failure information of the applications. All this documentation is enclosed and sent by email automatically to the central system, where it is used to create incident reports without any operator intervention. Thus, through the incident report system's interface, the technicians in charge of the maintenance can have access to the exact information on the causes and consequences of the failures.

Artwork

Taking advantage of the many options offered by the KDE desktop, a specific corporate image for this project has been created. Also, many UI elements been modified such as mouse pointers, icons, names, sizes, etc.

One main new feature is the customized KDE menu. All are driven from the various kiosk profiles which handle general policies established by the Medusa project for this purpose. Meduxa specific ones have been included, and including any others will depend on whether there is any demand reported back from the classrooms.

Back a to the home page of the article (mEDUXa 1.0 released).