Categories
Ash cloud azure dnsmasq Domain Exim Linux oracle SQL Server

Its altogether LDAP

This past week I had two signifiant events. Well, three really. First I one a Innovation Voucher which will hopefully allow some research into a new product offering to occur. I say “hopefully” because so far all the NWDA has done so far is to ensure that my application meets some basic requirements. Then it will be up to some suppliers to show interest and see what happens from there.

Then I upgraded one my Linux Ubuntu machines to the latest Ubuntu. This took quite some time! The machine is quite a slow machine – its a Celeron 667Mhz. But it plays a critical role in the network as it runs DHCP, DNS, Backup, NAS, Samba and WINS. Overall the upgrade went through clean, but Ubuntu needs to ask a few more questions upfront – especially relating to config files. I would walk away from the machine, the display would turn off and then when I came back I was aprehensive to hitting a key lest I answer a critical prompt incorrectly. Maybe there is a way to keep the display on all the time. Another issue I ran into is the GDM login. I had turned this off. So users logging in at the console would login to text and then issue ‘startx’ if they wanted XWindows. The upgrade ignored that setting and reset the GDM login. I removed GDM from the startup but that still didn’t help. So I just removed all the Xstuff. And then I have to tell GRUB2 to go to a text screen.

Once all that is done and you’ve upgrade GRUB fully to GRUB2 the boot time is minimal. It really is fast!

The next event was changing ly local domain. I had a local domain which ended in .local. local is a public domain which, quite often would mess up my VPN users. And in certain versions of Linux, some utilities like ping will not work properly with a .local domain. So I decided to change it – to .localdom. My what a process. I had to change LDAP and all its config files and such. Surprisingly this was the easy part. Then all the ldap.conf files in all the Linux machines and the samba setup on the PDC, DNS settings (of course), my Exim setting – more on this below, Backuppc setting for e-mail domain.

Most things worked, except for the PDC. I determined through the logs that this was because the bind password was not reset. Once that was done things worked. That exposed a configuration issue with the way the NetBIOS browsing was being done. Apparently it is an absolute must that the PDC be the master browser. So back into smb.conf to correct. But nothing I did fixed the problem. Eventually I gave up and rebooted the machine. Things worked! Sigh. All that hassle and it was just a reboot needed.

Then, however a couple of days later I got complaints about e-mails bouncing. Upon enquiry with the receivers it seems the local domain name was being left in outgoing e-mails. The problem? The ldap query inside the exim config file which does that was not updated for the new base DN.

This week I’ve been looking into SQL Azure. This is Microsoft’s cloud version of SQL Server. Its quite basic to start but with Microsoft the best is usually yet to come. I’m sure this will be a very popular service. One that I may use in the future. I’ll be doing some of my data mining testing on it. Oracle does offer Oracle in the cloud, but its through Amazon ECC.

Categories
dnsmasq fridge knowledgeroot ssh

It sure is hot in there

Hello all. I’ve been a bit better and managed to post another blog entry this month. Recently I’ve been having “fun” with dnsmasq and ssh. As well I think I’ve found a good tool for internal wikis.

I’ve lately experienced a “problem” with dsnmasq where if I try and apply aliases to a machine by adding them into the /etc/hosts file and where the machine is setup to obtain its address by DHCP, then the machine’s name is not registered into dnsmasq. So a ping machine-name will return not found. Which I found bizarre but sensible. It took me a while to understand that. Now I’m seeking a way to create alias records in dnsmasq. There was a directive cname in a older copy of the documentation, but not in the version I have. Adding this to the dnsmasq.conf file created an error, so if it ever was possible it isn’t now.

The other issue I was having was a delay of about 10seconds logging into one of my linux machines through ssh. I hunted around the internet for a reason for this. There seemed to be many. Some have suggested setting the option GSSAPIAuthentication no, but this did not work for me. However another suggestion to add the line UseDNS no did work. Presumably the specific version of Ubuntu (Jaunty 9.04) was compiled with this option turned on. I wonder why it would be slow, given that I run dnsmasq. perhaps dnsmasq does not perform reverse lookups very well? Its a mystery.

Lastly, I have been searching many systems for use as a basis of a simple document handling product. I came across something which could be used as a basic wiki tool. Knowledgeroot (http://www.knowlegeroot.org/) is a basic wiki type tool which is very open and easy to use. I plan on setting it up internally for use as a systems and development documentation tool. I will post an update on that when I get it going. I think I’ll firs post a blog on setting up Apache and mySQL first!

I’ve cut the blog short as I’ve had a bit of a domestic problem. my fridge started putting out heat rather than sucking it up! Its been a struggle to get a newish one.

Categories
Alfresco CUPS dnsmasq freenx

Further Down the Road

Hmmm..I do seem to be taking a while with these blog entries. Well and I’ve no excuses as I am in between contracts and well, quite frankly, have nothing better to do.

This time I’ve been having interesting issues with my CUPS server. I’m the only one in the office which uses CUPS BTW. The remaining PC’s (aside from the Linux servers) talk directly to the network printers. Cups is great in my opinion, and it can only get better. There is perhaps some work on the Samba side to get it work better there. My Windows PC doesn’t get the printer icon in the task bar when I sent a job for example. I still have some problems with the printer drivers stored on the Samba server and I’ve essentially had to clear them out. More on this later.

The issue I have noticed is when bringing up the CUPS server home page. When our internet link went down, and we lost our DNS connection, The CUPS page came up very very slowly. And this is for a page which is for a local machine and should come up instantly. I did some digging and came up with the idea that perhaps CUPS was doing reverse DNS lookups. By default CUPS reverse DNS lookups is off, so it should not do them. To check this I installed dnsmasq onto our RAID & CUPS server.

dnsmasq is a very nice small DNS cache which runs on Linux machines. After I had this installed and setup my machine to use it I then accessed the CUPS page and then checked the log. Sure enough I could see the reverse name lookups. I posted the problem onto the CUPS home site (CUPS.org) and within a couple of days the developers noted the problem and updated their source code. The only problem is that I am on whatever came with Ubuntu 8.04 (CUPS 1.3.7) and the fix is in 1.4. i don’t know if the fix will be trickled down into patches for earlier versions but I’ll have to wait and see. CUPS doesn’t do binaries nor does it make RPM’s or Debian packages so I’ll have to rely on Ubuntu putting in a update to its repository.

Another nice tool which I’ve managed to install, and which has made my life simpler. A tool should do that shouldn’t it? I’ve now got freenx installed on my maine CentOS box. It was always a hassle to have to walk over to the CentOS machine and have to do any configuration or maintenence from there. Freenx (freenx.berlios.de) is a free available virtual desktop implementation of the nx server – the NX server is a commercial software from NOMACHINE in italy. It is spawned from sshd and uses a unique compression technology to speed the display on the client machine. It is not like VNC. VNC allows you to access the desktop of a machine. Freenx creates a virtual desktop – on a virtual X display and displays it on your client. This is similar to Windows Terminal Services. Perhaps overkill for what I needed, but then, if I’m at home and I need to get to the servers and I’ve not left a session running – VNC would not help me out.

The basic install of freenx was easy, but getting it configured was not. This is purely because there really are no documents at all. There are no man pages at all. You spend a lot of time searching the internet for help. The first thing that bit me was the key which freenx uses to authenticate the client before starting your session. The key needs to be copied to the client machine and loaded into the client. And, there are a few ways to generate this key – but usually the package install will generate one for you.

The second thing was the user authentication. I wasn’t sure if I needed to add users to the nxserver or it would use the Linux passdb to authenticate. I’m still not sure. Anyway I struggles through and did eventually get it going. It took me two days however. It works brilliantly! One thing that happens on my setup is that if I start a session for a user logged in at the console, I get errors about various applets failing. Not sure if that is freenx’s fault however.

In between this I have been flip flopping between building a product on Alfresco or on Sharepoint. I must say that I am much more confortable on Sharepoint because it is Microsoft and .Net and I can use VB or C++. Two languages and architectures I am fully comfortable with. Alfresco, on the other hand, is in java and uses tomcat and I would be starting from scratch. But, I have the feeling that its lower cost could be enticing to clients. From a cost perspective it would also be interesting to me. No need to licence a Windows Server and the Visual Studio tools.

I think I’ll have to base my choice on my clients. I’m going for the small legal office and building a document management system and records management just for them. I’m sure the cost saving of a open source product running on a open source OS on cheap hardware would appeal. Choice made? You tell me!