Posts Tagged ‘debian’

NO_PUBKEY error in apt-get update

Wednesday, January 25th, 2012

After editing Your /etc/apt/sources.list file, probably you will get a warning message in the output of the apt-get update command. The warning message will be like this:

W: GPG error: http://ppa.launchpad.net natty Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY E9DDA5AAC586799E

You can remove this message in two step:

root@myhost:~# gpg —-keyserver pgpkeys.mit.edu —-recv-key 2E2BCDBCB38A8516

gpg: requesting key B38A8516 from hkp server pgpkeys.mit.edu

gpg: /root/.gnupg/trustdb.gpg: trustdb created

gpg: key B38A8516: public key “Oracle OSS group (Open Source Software group) ” imported

gpg: Total number processed: 1

gpg: imported: 1

root@myhost:~# gpg -a —-export 2E2BCDBCB38A8516 | sudo apt-key add –

OK

Tags:,
Posted in Notes | No Comments »

How to make a Debian Lenny Box leave a M$ Active Directory Domain

Thursday, July 9th, 2009

In order to remove a linux box from an Active Directory domain, just do a

# net ads leave  -U adminaccount -W DOMAIN

Tags:, ,
Posted in Notes | No Comments »

Joining a Debian Lenny Box to a M$ Active Directory Domain

Thursday, May 7th, 2009

Install the software You need:

# apt-get install samba-common heimdal-clients winbind ntpdate ntp samba

set the right timezone and the righ system time

# /etc/init.d/ntp stop
# dpkg-reconfigure tzdata
# ntpdate your.domain.controller

then insert Your domain controller into the time servers list:

# vi /etc/ntp.conf

add in the right place the line

# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example
server your.domain.controller
# /etc/init.d/ntp start

Edit Your file /etc/krb5.conf

# cat /etc/krb5.conf
[libdefaults]
default_realm = DOMAIN.NAME
clockskew = 300
[realms]
DOMAIN.NAME = {
kdc = your.domain.controller IP Address
admin_server = your.domain.controller IP Address
}

Edit Your file /etc/samba/smb.conf

# cat /etc/samba/smb.conf
[global]
realm = DOMAIN.NAME
workgroup = domain
security = ADS
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
template homedir = /home/%D/%U
winbind use default domain = yes

[homes]
valid users = %U

check your modification with

# testparm

and then

# mkdir /home/DOMAIN

Then edit the /etc/nsswitch.conf file:

passwd:        files winbind
group:          files winbind
#passwd:         compat
#group:          compat

Now issue the command:

# net ads join -U DomainAdminUsername -W DOMAIN.NAME

Ignoring the error notice saying something like “Unable to perform DNS Update”.

Then restart some services:

# /etc/init.d/samba restart
# /etc/init.d/winbind restart

And verify You have joined the Domain, e.g. asking for some data to be displayed:

# wbinfo -u |xargs getent passwd

… and remember to modify theese files

# cat /etc/pam.d/common-account:
account    sufficient    pam_winbind.so
account    required    pam_unix.so

# cat /etc/pam.d/common-auth:
auth    sufficient    pam_winbind.so
auth    required    pam_unix.so use_first_pass

# cat /etc/pam.d/common-session:
session    required    pam_mkhomedir.so skel=/etc/skel/ umask=0022
session    sufficient    pam_winbind.so
session required    pam_unix.so

Tags:, ,
Posted in Notes | No Comments »

Static IP address for a VirtualBox Debian Lenny

Wednesday, May 6th, 2009

In order to give a static adress instead of the DHCP assigned one, You can chose bridge network in the mail VirtualBox Control panel for You host (in settings -> Network).

If during the boot You see the error

SIOCSIFADDR: no such device
eth0 ERROR …. etc….

maybe You have a wrong MAC address in your file /etc/udev/rules.d/70-persistent-net.rules matching the eth0 interface. So verify

  • the MAC address assigned by VirtualBox from the VirtualBox console,
  • the MAC showed by /sbin/ifconfig and
  • the /etc/udev/rules.d/70-persistent-net.rules file one assigned to eth0.

Obviously the MAC address for this interface have to be the same!

Tags:, ,
Posted in Notes | No Comments »