Nov 2nd, 2006 | Networking, Technology | No Comments
It seems that there is another ISP – OTEnet, which is starting providing ADSL at their own DSL platform in Cyprus. From what I know now is that they do have their own platform (so they do not use I-Choice), that they have competitive prices, that they have options for more than 1.5MBits and that they have quite good channels for going out of Cyprus.
I am working with OTEnet for while already, since I use their service in Greece and they seem to be quite good. I have also heard nice feedback from people who use them in Cyprus, but I never had chance to check them here. What I can tell for sure, is that I had very nice support from them when I was getting a line in Greece.
Sep 23rd, 2006 | Networking, Personal, Technology | No Comments
I just got an internet connection at home :)
it is an ADSL on 512kbps, but unfortunately I can’t afford any better for the time being. Anyway, this is quite enough for web, mail, FreeNX and SSH :)
Sep 14th, 2006 | Directory Service, Linux, NX, Networking, OS, Software, Squid, Technology | 1 Comment
I have managed to set up FreeNX to work quite smoothly with MS Active Directory authentication. Here are few steps to be done (assuming Fedora Core 5 as a FreeNX server):
1. Make the linux server where FreeNX will be installed an AD member
For this we will need samba and kerberos stuff which are either installed or easily retrieved with yum. So I will not bother describing on how to get packages :) If some configs mentioned below are missing, then obviously you are missing some packages
In /etc/samba/smb.conf:
[global]
netbios name = myhost
realm = mydomain.int
workgroup = mydomain
security = ADS
password server = pdc.mydomain.int bdc.mydomain.int
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap uid = 10000-20000
winbind enum users = yes
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = +
winbind use default domain = yes
encrypt passwords = yes
log level = 3 passdb:5 auth:10 winbind:5
template shell = /bin/bash
In /etc/krb5.conf
[libdefaults]
ticket_lifetime = 600
default_realm = mydomain.int
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
mydomain.int = {
kdc = pdc.mydomain.int:88
kdc = bdc.mydomain.int:88
admin_server = pdc.mydomain.int:749
default_domain = mydomain.int
}
[domain_realm]
.mydomain.int = pdc.mydomain.int
mydomain.int = pdc.mydomain.int
[kdc]
profile = /etc/krb5kdc/kdc.conf
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
This is enough to be a member of AD. Just make sure that smbd and winbindd are running. To join the domain, use net join ads command with required options (see net help join for more info)
2. Make domain users be able to login to linux server with SSH
I suppose there are many ways to do this, but I went with modifying the /etc/pam.d/ssh the next way
#%PAM-1.0
#auth include system-auth
#account required pam_nologin.so
#account include system-auth
#password include system-auth
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_unix.so use_first_pass shadow nullok
account sufficient /lib/security/pam_winbind.so
account required pam_nologin.so
account include system-auth
session include system-auth
session required pam_loginuid.so
and now make system look for AD users by modifying the /etc/nsswitch.conf to contain the next lines:
passwd: files winbind
shadow: files
group: files winbind
#hosts: db files nisplus nis DNS
hosts: files DNS winbind
From now on the system will allow domain users to login with SSH.
3. Make it work
Now just install freenx:
# yum install freenx
Optionally make it work with default nomachine keys (so that clients will have less configurations to do) by reconfiguring freenx:
# nxsetup --override --install --setup-nomachine-key --clean --purge)
start nxserver
# nxserver --start
create home for desired domain users
# mkdir /home/mydomain/myusername
and finally allow the user to use FreeNX
# nxserver --adduser mydomain+myusername
4. Troubleshooting
All problems are seen in log files under /var/log
5. Other benefits
The way the samba is configured now, it is very easy to add SQUID with NTLM auth ;) If you are interested in this - just let me know in the comments - I will post the samples of config files.
Jul 10th, 2006 | Education, Linux, MS Office, Networking, OS, Personal, Programming, Software, Technology, Windows | No Comments
I was planning to take a couple of tests and pass certifications from Brainbench for a while already but I never came back to actually do it. This Friday I occasionally got near by the Brainbench site and finally went to the test section. I found all the free/sponsored tests and I took almost all of the ones I thought I had some knowledge in. I ended up with 9 certificates:
- Linux Administration (General)
- MS Office 2003 Fundamentals
- Computer Fundamentals (Win 95/98)
- HTML 3.2
- Computer Fundamentals (Win XP)
- PHP 5
- Cisco Routers Fundamentals
- Network Security
- MS Windows Server 2003 Administration
Only two of the above (no 7 and no 9) are not very well, but still ok due to the reason that I am not too much into Cisco (consider myself a beginner) and I am more a Linux administrator, so I do not spend much time on Windows Servers and that is why my Windows Servers test was not as good.
Anyhow, I think that it is quite good for the time being. I hope that I will get better results on the two not-so-good tests and that I will take more tests later on (especially if they will be free/sponsored).
My transcript number is 6210735 and my results (and other stuff related to Brainbench) can be seen here
Jun 1st, 2006 | Hardware, Networking, OS, Technology, Windows | No Comments
If you will ever have to install win XP on the HP nx6xxx series laptop – switch off the WiFi both with button and from BIOS, otherwise the installation process will hang in the very beginning during the hardware detection process.