Setup & Install OCSng on CentOS 7
What is OCSng?:
“Open Computers and Software Inventory” or OCS for short, is an open source assets management and deployment solution. OCS contains tons of great features and has come a long way from when they first launched back in 2005. One of the amazing features of OCS are the agents, OCS’s agents gather the software and hardware composition of every computer or server and in turn send that off to an on-prem OCS server for centralized management.
Now since version 2.0, OCS Inventory works and is compatible with SNMP. With the new SNMP scans functionality OCS can now inventory assets that cannot except an agent like: printers, scanner, routers, computer without agents… and much more. Another great feature to mention is the new plugins that OCS supports and offers. Two of my personal favorites are the BitLocker and Uptime plugins that you can install.
Goal of this Article:
In this article, my goal is to go over how to setup & install OCSng from the beginning to the end including the proper SELinux commands. This will be a very basic configuration, just to give you a proof of concept. To learn more about OCS and its features please come back later as I plan on making a lot more articles on the ins and outs of OCS.
Before we begin the setup & installation of OCS, I would like to go over from a high level the tools and packages that I will be using for this guide. I will be using CentOS 7 minimal 1804 with some extra repositories (epel-release, REMI, and MariaDB). Along with those extra packages there are a lot of smaller packages that you will not need right away but will prove useful as you build out your own OCS instance later on.
|Name:||CentOS 7||Web Server||Database||PHP|
|Description:||1804 minimal installation||Apache 2.4.x +||MariaDB 10.0+||7.x +|
- If you have installed GLPI on the box already, please skip to “Prerequisite Setup:” section where you are installing extra php and perl modules.
- I will do my best to explain what each package and command does so that you have a better understanding of what you are going to be installing.
To start you will need to open an ssh session to your CentOS 7 machine, if you are on windows you can use putty to achieve this. Once you are logged into your system run the following commands:
yum -y install epel-release
yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum -y install yum-utils
yum -y install net-tools vim wget mlocate
After downloading and installing some baseline packages you will need to create and enable a MariaDB repository.
Edit the newly created file with the following information
Remember earlier in this article when we used “yum” to install the REMI repo? Now it’s time to enable the REMI repo and select the PHP package\version to install that is needed for OCS to run properly.
yum-config-manager --enable remi-php73 [Install PHP 7.3]
Please note, we are going to download the OCS server from github in this command but we wont use it right now.
[—If GLPI is installed, run the following command and then skip to the “Database Setup and Configurations:” section of this article below.—]
yum -y install http mariadb mariadb-server php php-common php-domxml php-gd php-imap php-ldap php-mbstring php-mysql php-opcache php-pdo php-pear-CAS php-pecl-apcu php-pecl-zip php-soap php-xmlrpc perl-Archive-Zip perl-Compress-Zlib perl-DBD-MySQL perl-DBI perl-Mojolicious perl-Net-IP perl-Plack perl-SOAP-Lite perl-Switch perl-XML-Entities perl-XML-Simple
Now that we have all our preq’s and packages installed lets makes some slight tweaks to the “php.ini” file.
php -i | grep "Loaded Configuration File"
Locate the following lines in the “php.ini” file and make the appropriate changes with what is listed below. Please note in the newer version of PHP the limits are usually much greater then what is recommend by OCS. This is fine, as what is listed below is the recommend minimum that is need for OCS.
- (PHP7.x) memory_limit = 128M (This is the default right out of the gate for PHP 7.x)
Next we need to allow communications though the CentOS firewall service so that Apache will work correctly.
firewall-cmd --permanent --add-service=http
Then we will enable apache and the mariadb services so that they will auto start on reboots.
systemctl enable httpd
systemctl enable mariadb
After we have enabled both apache and the mariadb database service, you will need to start them.
systemctl start httpd
systemctl start mariadb
Database Setup and Configurations:
Now that the MariaDB database is up and running we need to change its default configuration to be more secure.
You can read through the following section or you can check out the condensed commands below of what you will need to fill out.
After securing the mariadb database we can now prep a OCS database as well as create a service account for OCS. Login to mariadb using the username and password you specified earlier during the initial “mysql_secure_installation” process.
- Please Note:
- I recommend during the initial setup to use the default database,username and password, as I have run across issues where the setup will not work correctly if altered. You can change the username and password later from the default without any issues.
mysql -u root -p
create database ocsweb;
CREATE USER 'ocs'@'localhost' IDENTIFIED BY 'ocs';
GRANT ALL PRIVILEGES ON ocsweb. * TO 'ocs'@'localhost' IDENTIFIED BY 'ocs';
Install OCS Inventory Server:
After prepping a database we will now go ahead and install the OCS server from a repo. This is not the complete setup as OCS has multiple server types.
yum install ocsinventory-release-latest.el7.ocs.noarch.rpm
Now run the following command to install the OCS inventory server
yum install ocsinventory-server
Install the OCS Management Server:
Remember the OCS server package that was download earlier? Locate the OCS package and run the following commands against it.
tar -xvzf OCSNG_UNIX_SERVER_2.5.tar.gz
In your terminal you will see a list of files and folders, look for the file called setup.sh and run the following command against it
I wont show the entire OCS setup dump here, as it’s a lot of information to look through. Instead you can check out the gallery or you can glance over the condensed output below of what you will need to fill out during the installation process.
Configuring the OCS Management Server:
Since we are installing OCS from its source, the permissions get a little funky so we will need to assign the correct user and permissions.
chmod -R 766 /usr/share/ocsinventory-reports
chown -R apache:apache /usr/share/ocsinventory-reports/
chown -R apache:apache /var/lib/ocsinventory-reports/
chcon -R -t httpd_sys_rw_content_t /usr/share/ocsinventory-reports/
After all that we will need to do some clean up on the installation files and database. First we will need to move OCS’s default “install.php” file or the web interface will throw a warning if you don’t.
mv /usr/share/ocsinventory-reports/ocsreports/install.php /usr/share/ocsinventory-reports/ocsreports/install.php.bck
Now lets change the default password that was setup on the OCS database in the beginning.
MySQL -u root -p
update mysql.user set password = password ('NEW-PASSWORD') where user = 'ocs';
After changing the default password we will now need to update our OCS configuration files to reflect that change.
And last but not least don’t forget to restart both your apache and mariadb services.
systemctl restart httpd
systemctl restart mariadb
Finish OCS Installation via Web Interface:
The rest of the installation is very simple and easy to do. Please refer to the pictures below to finish getting your OCS installation up and running.
Installing the Windows OCS Agent:
Now that the server is setup, lets get an agent installed so you can have a proof of concept. On a windows machine download the agent from OCS’s site.
After you have the windows agent downloaded, extract the contents and follow along with the gallery below making the necessary changes to fit the IP or name of your server.
Give the windows agent a few minutes, then back in the OCS interface refresh the page and go to the “All Computers” section and you should now see the windows machine you just installed the agent on.
Thank you for taking the time to read this article, I hope that it was helpful in some way to you. If you noticed anything wrong or have a better way of doing this please don’t hesitate to comment below or send me a email. Thank you!
- OCS Documentation —
- DigitalOceans —
- DigitalOceans —