XDMCP Configuration

This section gives instructions on configuring some of the commonest Linux distributions to enable remote X access. The instructions relate to default installs of the distros, so if a firewall is enabled by default during the install, instructions are given on how and what to let through the firewall.

I'll add some generic instructions when I re-arrange this page into individual pages (one per distro). However, the main steps are: Edit Xaccess so that it allows access for remote hosts. Edit either gdm.conf or kdmrc to enable XDMCP. Open port 177/tcp+udp on your firewall, if you have one running. Restart GDM if you're using it using your system's scripts (e.g. /etc/init.d/xdm restart or /etc/init.d/gdm restart). It's not enough simply to log out with GDM - that will restart the X server but it won't make GDM re-read its configuration. If you're using KDM, a logout is enough.
 

Ubuntu Linux 6.06 LTS

Login as your normal user (the one created when Ubuntu was installed - this user can carry out admin tasks). In the top desktop bar, select "System" -> "Administration" -> "Login Window". You will be prompted for your password and then the "Login Window Preferences" window will appear. Choose the "Remote" tab and change the "Style" combobox from "Remote Login Disabled" to "Same as Local". That's it. You may additionally want to press the "Configure XDMCP" button to fine-tune XDMCP settings. I often increase the numbers in that window a bit as sometimes the server can get hung up if they're too low.

Now you have to re-start the login display manager, GDM. The simplest way is to restart your computer, but this is Linux, so lets avoid the restart. Logout, then press Ctrl-Alt-F1 to get a text terminal. Login as your normal user, then type:

sudo /etc/init.d/gdm restart

The display manager will re-start and you can now point your WML Thin Client at your Ubuntu server and get a login window.

OpenSUSE 10.1

Assumptions: gdm is the display manager, as it is by default for OpenSUSE 10.x.

Firewall

Login as your normal user and  run Yast (Applications Menu -> "System" -> "YaST"). You'll be prompted for your password. Go to the Firewall configuration section ("Security and Users" -> "Firewall". The firewall was running on my default install of OpenSUSE, so it's necessary to allow access for xdmcp packets. In the left hand window, click on "Allowed Services". In the right hand window, choose "Remote Access to Display Manager" from the "Service to Allow" drop-down menu and then press the "Add" button (This opens port 177/tcp+udp). You're allowing access for the "External Zone" if it's a simple single network interface PC. That is, you're allowing packets into your computer from the outside LAN/world. Now press "Next" then "Accept". The firewall is now configured.

Display Manager

There are two files which need to be edited for a default install of OpenSUSE. The first can be edited in YaST - go to "System" -> "/etc/sysconfig Editor". You'll get a window with a tree of all the settings on the left. Choose "Desktop" -> "Display Manager" then highlight the DISPLAYMANAGER_REMOTE_ACCESS setting. In the right window you can now set this to "yes" and press the "Finish" button.
Now you need to close YaST and open a terminal window, and type "su" to become the root user. edit /etc/opt/gnome/gdm/gdm.conf (I used nano to edit the file) and scroll down to about line 229 and set Enable=true within the [xdmcp] section of the file.
Now you need to re-start xdm to make the changes stick. Logout, then either reboot, or: Press Ctrl-Alt-F1 to get a text terminal. Login as the root user, then type:

/etc/init.d/xdm restart

The display manager will re-start and you can now point your WML Linux Thin Client at your OpenSUSE server and get a login window. Note that if you want the remote login window to look the same as the local login window, then go back to /etc/opt/gnome/gdm/gdm.conf and look for the relevant setting to change.

Novell SuSE Linux Enterprise Desktop 10

SLED 10 is at its core very similar to OpenSuSE 10.1, with the difference that XDMCP is enabled by default on a fresh install of Novell SuSE Linux Enterprise Desktop 10.

Firewall

Login as your normal user and  run Yast (Applications Menu -> "System" -> "YaST"). You'll be prompted for your password. Go to the Firewall configuration section ("Security and Users" -> "Firewall". The firewall was running on my default install of SLED 10, so it's necessary to allow access for xdmcp packets. In the left hand window, click on "Allowed Services". In the right hand window, choose "Remote Access to Display Manager" from the "Service to Allow" drop-down menu and then press the "Add" button (opening port 177/tcp+udp). You're allowing access for the "External Zone" if it's a simple single network interface PC. That is, you're allowing packets into your computer from the outside LAN/world. Now press "Next" then "Accept". The firewall is now configured.

Display Manager

It's enabled by default on SLED 10, so just point your WML Linux Thin Client's X server at your SLED 10 machine to get a login window.

Gentoo

How to coming soon.

Fedora Core 5 and Fedora Core 6

Follow the same procedure for both versions of Fedora.

Firewall

Bring down the "System" menu and choose "Administration"->"Security Level Configuration". Enter the root password when prompted. In the "Firewall Options" tab bring down the "Other Ports" field and press "Add". Add port 177/tcp and 177/udp. Now press "OK" and confirm that you want to update the firewall settings.

Display Manager

Bring down the "System" menu and choose "Administration"->"Login Screen". Enter the root password, then select the "Remote" tab of the Login Screen window (it's the program gdmsetup). Select Style to be "Same as local" then close the window.

Now it's necessary to re-start GDM. Logout of your current session, then press Ctrl-Alt-F1 to get a console. Login as root and execute the following command:

[root@localhost ~]# init 3 && init 5 

You should now be able to point an X session at your server.

CentOS 4.3

Our default install of CentOS has Firewall and selinux enabled.

Display Manager

CentOS has gdm as login manager, configured in /etc/X11/gdm/gdm.conf. The Xaccess file is in /etc/X11/xdm/Xaccess. Xaccess is set up by default to allow XDMCP logins, so XDMCP can be enabled either by manually editing gdm.conf; see the [xdmcp] section, or using the program gdmsetup. Run gdmsetup at a terminal, and you will be prompted for the root password. Go to the XDMCP Tab of gdmsetup, and check the "Enable" box. Close gdmsetup.

Firewall

Open the "Applications" menu from the Desktop, then select "System Settings" and then "Security Level". Enter the root password when prompted.

In this "Security Level Configuration" window, the "Security Level" for "Firewall Options" is set to "Enable firewall" on our default CentOS install. To allow XDMCP access, we need to open port 177/tcp and port 177/udp. In the box labelled "Other ports" enter:

177:tcp,177:udp 

Close the Security Level Configuration window and confirm that you want to change the firewall settings.

Finishing Up

Before you can access your box using xdmcp, you need to re-start gdm. Log out, then press Ctrl-Alt-F1 to get a text login. Login as root. We'll change the runlevel to re-start gdm; though there is probably a better way to do it than this.

Enter these commands:

[root@localhost ~]# init 3

This switches to multi-user/non-graphical mode, shutting down gdm.

[root@localhost ~]# init 5

This switches back to multi-user/graphical mode, starting gdm again.

You should now be able to log in using xdmcp. You can use gdmsetup again to change the chooser; you'll notice that the login screen for xdmcp logins is simpler than the one that you get at the PC itself.

Mandriva Linux 2007.0 Free

Mandriva 2007.0 Free installs by default with the KDM display manager, so this is the assumption here. KDM uses its own kdmrc configuration file, which is the equivalent of gdm.conf for GDM. kdmrc is located in /etc/kde/kdm/kdmrc on Mandriva 2007.0. It refers to Xaccess in /etc/X11/xdm/Xaccess. By default Xaccess is configured so that the machine will respond to XDMCP broadcast requests, so there is no need to alter Xaccess. In fact, the only thing you need to do is to change the line in kdmrc which enables XDMCP.

Become root, using the su command.

Edit the file: kwrite /etc/kde/kdm/kdmrc

Scroll to the [Xdmcp] section. Edit line 112, changing it from:

Enable=false

to

Enable=true

Log out which will re-start KDM and you will be able to get an X login window on your Mandriva 2007.0 box.

If you use GDM with Mandrive 2007.0, then instead of enabling XDMCP in kdmrc, enable it in gdm.conf, but note that we didn't test that configuration.

By default, Mandriva 2007.0 installs without a firewall, so we haven't included instructions here for modifying the firewall to allow XDMCP packets through.