Archive for the ‘Notes’ Category

Newer Entries »

Joining a Debian Lenny Box to a M$ Active Directory Domain

Thursday, May 7th, 2009

Install the software You need:

# apt-get install samba-common heimdal-clients winbind ntpdate ntp samba

set the right timezone and the righ system time

# /etc/init.d/ntp stop
# dpkg-reconfigure tzdata
# ntpdate your.domain.controller

then insert Your domain controller into the time servers list:

# vi /etc/ntp.conf

add in the right place the line

# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example
server your.domain.controller
# /etc/init.d/ntp start

Edit Your file /etc/krb5.conf

# cat /etc/krb5.conf
[libdefaults]
default_realm = DOMAIN.NAME
clockskew = 300
[realms]
DOMAIN.NAME = {
kdc = your.domain.controller IP Address
admin_server = your.domain.controller IP Address
}

Edit Your file /etc/samba/smb.conf

# cat /etc/samba/smb.conf
[global]
realm = DOMAIN.NAME
workgroup = domain
security = ADS
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
template homedir = /home/%D/%U
winbind use default domain = yes

[homes]
valid users = %U

check your modification with

# testparm

and then

# mkdir /home/DOMAIN

Then edit the /etc/nsswitch.conf file:

passwd:        files winbind
group:          files winbind
#passwd:         compat
#group:          compat

Now issue the command:

# net ads join -U DomainAdminUsername -W DOMAIN.NAME

Ignoring the error notice saying something like “Unable to perform DNS Update”.

Then restart some services:

# /etc/init.d/samba restart
# /etc/init.d/winbind restart

And verify You have joined the Domain, e.g. asking for some data to be displayed:

# wbinfo -u |xargs getent passwd

… and remember to modify theese files

# cat /etc/pam.d/common-account:
account    sufficient    pam_winbind.so
account    required    pam_unix.so

# cat /etc/pam.d/common-auth:
auth    sufficient    pam_winbind.so
auth    required    pam_unix.so use_first_pass

# cat /etc/pam.d/common-session:
session    required    pam_mkhomedir.so skel=/etc/skel/ umask=0022
session    sufficient    pam_winbind.so
session required    pam_unix.so

Tags:, ,
Posted in Notes | No Comments »

Static IP address for a VirtualBox Debian Lenny

Wednesday, May 6th, 2009

In order to give a static adress instead of the DHCP assigned one, You can chose bridge network in the mail VirtualBox Control panel for You host (in settings -> Network).

If during the boot You see the error

SIOCSIFADDR: no such device
eth0 ERROR …. etc….

maybe You have a wrong MAC address in your file /etc/udev/rules.d/70-persistent-net.rules matching the eth0 interface. So verify

  • the MAC address assigned by VirtualBox from the VirtualBox console,
  • the MAC showed by /sbin/ifconfig and
  • the /etc/udev/rules.d/70-persistent-net.rules file one assigned to eth0.

Obviously the MAC address for this interface have to be the same!

Tags:, ,
Posted in Notes | No Comments »

Cloning a VirtualBox host

Wednesday, May 6th, 2009

VirtualBox is a very nice GPL alternative to vmWare if You are looking for a general-purpose x86 hardware virtualizer.

The VirtualBox Installation is very easy: in many case You have only to download the righ file (.rpm, .deb, etc…) and install it as a normal software package.

If You need to clone quickly a virtual host, stop this, then cd where your system are storing your virtual box hard disk and issue the command VBoxManage specifying the action (clonehd), the input file name (the virtual hard disk file), and the output file. E.G.

cd ~/.VirtualBox/HardDisks
VBoxManage clonehd vbox-lenny1.vdi vbox-lenny2.vdi

This command duplicates a registered virtual hard disk image to a new image file with
a new unique identifier (UUID), that will be shown at the end of the copy output:

VirtualBox Command Line Management Interface Version 2.2.2
(C) 2005-2009 Sun Microsystems, Inc.
All rights reserved.

0%…10%…20%…30%…40%…50%…60%…70%…80%…90%…100%
Clone hard disk created in format ‘VDI’. UUID: 42bf1adb-e7f7-4993-b8e8-739aca77e092

Then, from Your VirtualBox main console, start the new host wizard, followin the defaults just to the point to specify Your hard disk. Here check for “Use existing hard disk” and browse to look for the file You have just created with the VBoxManage clonehd command.
Remember You have to click on the “Add” icon to see and import your new hard disk file.

vbox-hd-clone

Then, just end the wizard and start your new virtual host.

Tags:,
Posted in Notes | No Comments »

virus filtering on courier-mta

Monday, March 23rd, 2009

A simple way to add virus filtering on a mail server running courier-mta.

  1. install clamav , a good free virus scanner.
    You may download it following this link: http://www.clamav.net/download/sources
    Follow instructions in the downloaded package for a correct install, usually  You need only to create clamav user, clamav group, then
    mkdir /var/lib/clamav (or whatever is set as clamav home dir in /etc/passwd)
    chown clamav:clamav /var/lib/clamav
    open clamav package, cd clamav package
    ./configure
    make
    make install
  2. install python-dev package (apt-get install python-dev)
  3. install pyClamd
    wget http://xael.org/norman/python/pyclamd/pyclamd.py
    cp pyclamd.py /usr/lib/python2.3/site-packages/
  4. install courier pythonfilter
    Standard installation steps are:
    python setup.py install
    mkdir /var/lib/pythonfilter
    chown daemon:daemon /var/lib/pythonfilter
    ln -s /usr/bin/pythonfilter /usr/lib/courier/filters
    filterctl start pythonfilter

Tags:,
Posted in Notes | 1 Comment »

How to get the ext3 filesystem UUID

Tuesday, March 3rd, 2009

If You need to know the UUID of an ext3 filesystem (say the one on /dev/hdd1 partition), just issue the command

vol_id -u /dev/hdd1

Posted in Notes | No Comments »

encoding LATIN1 does not match server’s locale

Wednesday, February 18th, 2009

If creating a postgres database on just upgraded Ubuntu box to the 8.10 release

postgres@somehost$ createdb -E latin1 dbname

You get the error

ERROR:  encoding LATIN1 does not match server’s locale es_ES.UTF-8
DETAIL:  The server’s LC_CTYPE setting requires encoding UTF8.

You have to follow some steps to create the database You need:

# /etc  init.d/postgresql stop
# mv /var/lib/postgresql/8.3/main /var/lib/postgresql/8.3/main.old
# mkdir /var/lib/postgresql/8.3/main
# chown postgres:postgres /var/lib/postgresql/8.3/main
# chmod 700 /var/lib/postgresql/8.3/main

Then as postgres user:

postgres@somehost $ /usr/lib/postgresql/8.3/bin/initdb -D /var/lib/postgresql/8.3/main –locale=es_ES.ISO88591 –encoding=Latin1 –lc-collate=Latin1

And finally as root:
# ln -s /etc/postgresql-common/root.crt root.crt
# ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem server.crt
# ln -s /etc/ssl/private/ssl-cert-snakeoil.key server.key
# /etc  init.d/postgresql start

thanks to Julio Cesar.

Posted in Notes | No Comments »

bacula setup

Tuesday, January 13th, 2009
How to fix Authorization Errors

How to fix Authorization Errors

I’ve just found very useful this diagram.

Now my bacula environment works fine without “Authorization Error”.

Tags:
Posted in Notes | No Comments »

Newer Entries »