In a post a couple of years ago I gave an example on how to configure an Ubuntu 12.04 server to authenticate to Active Directory. Things used to be hard back then. Now we have the realmd realm enrollment manager to do the hard work of joining the host to an Active Directory domain, and the System Security Services Daemon or SSSD to do the actual authentication and authorization work whenever it is needed. And things are much easier to configure and get running. Continue reading Ubuntu 14.04 Active Directory Authentication
Category Archives: Ubuntu
VPN between StrongSwan and SonicWall
Here’s how to create a site-to-site VPN between StrongSwan and SonicWall. This has been tested with Ubuntu 14.04 and StrongSwan 5.1.2, and SonicWall with SonicOS 5.9 at the other end. Continue reading VPN between StrongSwan and SonicWall
OpenStreetMap Nominatim Server for Geocoding
Here’s how to install the OpenStreetMap Nominatim service on your own server. It can be used to geocode and reverse geocode addresses and map coordinates. You will also get a web interface which loads map tiles from openstreetmap.org while doing geocoding requests using your own server. Continue reading OpenStreetMap Nominatim Server for Geocoding
dpkg cheat sheet
How to install PostgreSQL 9.2 on Ubuntu 13.04
How to install the latest node.js on Ubuntu
How to install the latest node.js on Ubuntu?
1 2 3 4 5 |
sudo apt-get install python-software-properties sudo add-apt-repository ppa:chris-lea/node.js sudo apt-get update sudo apt-get remove nodejs nodejs-dev npm sudo apt-get install nodejs |
SMB and BackupPC on Ubuntu 12.04
Smbclient which works with BackupPC on Ubuntu 12.04:
Linux IPv6 Router: RADVD + DHCPv6
Unlike IPv4, which uses DHCP for configuration, IPv6 uses the Neighbor Discovery Protocol to configure addresses and gateways. Unfortunately, originally the protocol had no means of providing addresses of DNS servers to clients, making it necessary to use DHCPv6 for that purpose. Modern Linux and Mac OS X machines are able to use the IPv6 Router Advertisement Options for DNS Configuration (RFC 6106), but to my knowledge, Windows clients are not able at the moment. Here’s how to configure a Linux router using radvd and the ISC DHCP daemon. Continue reading Linux IPv6 Router: RADVD + DHCPv6
Init Script for Daemonizing Non-Forking Processes
Sometimes you have an executable which does not fork to the background, but you need to control it with init scripts, so that it does indeed run in the background. Here’s a pretty generic init script for that. It allows you to configure these:
1 2 3 4 5 6 7 |
DAEMON_NAME="My Little Daemon" DAEMON_EXECUTABLE="/opt/my_daemon/my_daemon" DAEMON_OPTIONS="" DAEMON_HOMEDIR="/opt/my_daemon" DAEMON_PIDFILE="/var/run/my_daemon.pid" DAEMON_LOGFILE="/var/log/my_daemon.log" INIT_SLEEPTIME="2" |
Continue reading Init Script for Daemonizing Non-Forking Processes
HP ProLiant Management Component Pack on Ubuntu
HP seems to have set up a package repository for Ubuntu 12.04, which is an improvement since I last checked a few years ago. To use the repo, add the following line to /etc/apt/sources.list:
1 |
deb http://downloads.linux.hp.com/downloads/ManagementComponentPack/ubuntu precise current/non-free |
Run “sudo apt-get update”.
You can install a number of software packages from the repository:
- hpsmh: HP System Management Homepage
- hp-smh-template: HP System Management Homepage Templates
- cpqacuxe: HP Array Configuration Utility, web-based
- hp-snmp-agents: Insight Management SNMP Agents for HP ProLiant Systems
- hponcfg: RILOE II/iLO online configuration utility
- hp-health: HP System Health Application and Command line Utility Package
- hpacucli: HP Command Line Array Configuration Utility
- ams: Agentless Monitoring Service for HP ProLiant Gen8 Systems Continue reading HP ProLiant Management Component Pack on Ubuntu
HP iLO2 Virtual Serial Console on Ubuntu
To get a virtual serial console, you need to enable the iLO virtual serial port. I had mine set up like this:
- iLO 2 Virtual Serial Port: COM2 0x2F8 IRQ 3
I also enabled ssh access in the iLO web interface. This way I can ssh into the iLO and see all BIOS messages using the “vsp” command. I can even go to the BIOS setup (RBSU) by pressing “ESC-9”.
To be able to control GRUB via the virtual serial port, it has to be configured. I changed the following lines in /etc/default/grub: Continue reading HP iLO2 Virtual Serial Console on Ubuntu
Upgrading HP Proliant iLO2 Firmware with Ubuntu Server
I downloaded the firmware from HP site. It was named CP019022.scexe. I tried uploading it in the iLO2 web interface, but it was rejected. Next, I copied it to the server, gave it execute permissions and ran it:
1 2 3 4 |
root@host:~# ./CP019022.scexe ./CP019022.scexe: 153: ./CP019022.scexe: pushd: not found ./CP019022.scexe: 158: ./CP019022.scexe: popd: not found ./CP019022.scexe: 96: ./CP019022.scexe: ./flash_ilo2: not found |
Not working. This is a fresh installation of Ubuntu Server 12.04.2 LTS x86_64. So I had to start looking closer. The file is a bash script but the hashbang is #!/bin/sh, which puts bash into old Bourne shell mode. No pushd/popd there. Continue reading Upgrading HP Proliant iLO2 Firmware with Ubuntu Server
Automount Anything over SSH
First, make sure you can use public key authentication or similar means to connect to ssh servers without typing in your password all the time.
Install sshfs for mounting remote filesystems over ssh, and afuse for automounting FUSE filesystems (sshfs uses fuse). Continue reading Automount Anything over SSH
Ubuntu 12.04 Active Directory Authentication
Update 2015-06-16: Ubuntu 14.04 Active Directory Authentication
Authenticating Linux users against Active Directory has traditionally been hard. There’s a multitude of HOWTOs on how to do it, and every one of them seems to do it a bit differently. This is because environments and goals vary, and there are many ways to achieve a particular goal. I will add my version to the mix. This one fetches users and groups from Active Directory LDAP using a machine account added using the Samba tools, and authenticates users to the Active Directory Key Distribution Center using Kerberos. Continue reading Ubuntu 12.04 Active Directory Authentication