Installation Wizard for ClearOS 7

clearosNow that you've installed ClearOS you can log on to the server for the first time.  You will be presented with the installation wizard which will allow you to make some initial settings.


You will need a workstation connected to the external side of the ClearOS server.  The IP address should be visible on the ClearOS physical server console.


Initial configuration wizard

  1. Browse to (you will need to add the security certificate as an exception).
  2. Logon with username root and the password you set.
  3. There now follows an installation wizard.
    1. Click Next for the Getting Started screen.
    2. Select Gateway Mode.
    3. Check the Network Interfaces, making sure they are the right way around.
    4. Typically leave DNS to be automatically configured.
    5. Select Community Edition.
    6. Enter your System Registration details (create a new account if needed).
    7. Click Register System.
    8. Click Update All for Software updates.
    9. Internet hostname: yourdomain.local
    10. Hostname: gw.yourdomain.local
    11. Select your Timezone and click Update.
    12. For Marketplace select By category, and click next.
    13. For each App Selection tab, select the Apps that you would like to install.
    14. Click Next and then Download and install.
    15. When update is complete, click Update Navigation Menus.
    16. Click Confirm to complete the install wizard.
    17. Click Use default to initialise the Dashboard.
    18. Go to Cloud > Updates > Software updates.
    19. Apply any updates.
    20. Disable Automatic updates.



You can configure your internal devices to have a DHCP address.  Start by giving your internal NIC a static IP address.

  1. Go to Network > Settings > IP Settings.
    1. In the Network Interfaces section, click Edit for your NIC with the role of LAN.
    2. Change Connection type to Static.
    3. Enter a suitable IP address and Netmask (e.g. and
    4. Click Update.
  2. Go to Network > Infrastructure > DHCP Server.
    1. Click Configure for your LAN interface.
    2. Make any changes that you need and click Update.

The rest of the configuration can and should be completed from the internal LAN.


Directory Server

With ClearOS installed, you can now initialise the Directory Server.

  1. Go to Server > Directory > Directory Server.
  2. Enter a Base domain (e.g. yourdomain.local).
  3. Click Initialise.


Import User Accounts

If you have more that a few users, you will find the Import facility useful.

  1. Go to System > Account Manager > Account Import.
  2. Download the CSV Template, and populate with your user accounts.
  3. Note that your users can be members of the following (comma separated) groups.
  • account_operators
  • administrators
  • backup_operators
  • domain_admins
  • domain_guests
  • guests
  • power_users
  • print_operators
  • server_operators
  • users


Windows Domain Controller

You might like to set up your ClearOS server as a Windows Primary Domain Controller (PDC). Note that this step must be completed from the LAN interface (not the WAN interface).

  1. Go to Server > File > Windows Networking (Samba).
  2. Server name: files
  3. Windows domain: yourdomain (without any .local etc).
  4. Enter and verify a password for the winadmin account.
  5. Click Initialise.



Before allocating shares, you will likely want to create at least a few user groups.

  1. Go to System > Accounts > Groups.
  2. In the User Defined Groups area, click Add.
  3. Enter a Group Name: (e.g. Staff).
  4. Description: (e.g. Staff of the organisation).
  5. Click Add.

Now you can simply tick the check box for any users that you want to be members of the group.



In order for users to collaborate on files, you will need to set up shared areas.

  1. Go to Server > File > Flexshare.
    1. Click Configure Security Certificates.
    2. Enter your details and click Create Certificate.
    3. Click Continue on the warning screen.
    4. You will now need to add a new Exception for the refreshed web page.
  2. Go back to Server > File > Flexshare.
  3. Click Add.
    1. Enter a Share Name (e.g. StaffShare)
    2. Add a Description (e.g. Shared area for stafff).
    3. Select the Group who will be able to access this share (e.g. staff).
  4. Once the Flexshare is created, enable the Windows File Share.


Login Scripts

You might want to automatically map a drive for staff.

  1. Login onto a workstation using the winadmin user account.
  2. Browse to \\servername\netlogon
  3. Add a new file called logon.cmd.
  4. Adjust Read & Execute permissions so that your required user groups can run this script.

Here's some example content for the logon.cmd file.

@echo off
net use s: \\servername\staffshare /persistent:yes


Content Filtering

  1. Go to Gateway > Content Filter and Proxy > Web Proxy Server.
  2. Click the Start button to enable the Web Proxy service.
  3. Go to Gateway > Content Filter and Proxy > Content Filter Engine.
  4. Click the Start button.


Content Filtering Advanced

You might want to filter groups of users, at particular times of day.

  1. Go to Gateway > Content Filter and Proxy > Web Proxy Server.
    1. In the Authentication section, click Edit.
    2. Change Mode to Non Transparent + User Authentication.
  2. Go to Gateway > Content Filter and Proxy > Content Filter Engine.
    1. In the App Policies section click Add.
    2. Give the policy a Name: (e.g. staff_access_policy).
    3. Choose the appropriate user Group: (e.g. staff).




Blocking Facebook can be tricky.  The following seems to work.

  1. Go to Network > Firewall > Incoming Firewall.
  2. Add a Blocked Incoming Connection.
  3. Nickname:
  4. Host:


Thanks for visiting.