In a post a couple of years ago I gave an example on how to configure an Ubuntu 12.04 server to authenticate to Active Directory. Things used to be hard back then. Now we have the realmd realm enrollment manager to do the hard work of joining the host to an Active Directory domain, and the System Security Services Daemon or SSSD to do the actual authentication and authorization work whenever it is needed. And things are much easier to configure and get running. Continue reading Ubuntu 14.04 Active Directory Authentication
Installing Python on Windows is a bit more laborious than on Mac or Linux, because there’s a bit of manual configuring to do. Here’s an installation checklist to go through to get it done so that you have IPython ready, and you can install packages from PyPI. These instructions are for Python 2.7. Continue reading Python 2.7 Windows Installation Checklist
Update 2015-06-16: Ubuntu 14.04 Active Directory Authentication
Authenticating Linux users against Active Directory has traditionally been hard. There’s a multitude of HOWTOs on how to do it, and every one of them seems to do it a bit differently. This is because environments and goals vary, and there are many ways to achieve a particular goal. I will add my version to the mix. This one fetches users and groups from Active Directory LDAP using a machine account added using the Samba tools, and authenticates users to the Active Directory Key Distribution Center using Kerberos. Continue reading Ubuntu 12.04 Active Directory Authentication
If IE7 just keeps opening the runonce3.aspx, you can use this to make it forget about it:
Disable ptrace security (please don’t do this on a multi-user machine – see the codeweavers support wiki instructions regarding security):
echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope
I always forget what the correct options for the Windows xcopy command are when I simply want to synchronize one directory over another one, so that only changed files are overwritten. To do it well, you need to remember too many options. And robocopy is never installed when you need it.
Here’s how to configure a Windows domain controller to act as an NTP client and server for your network. You may then sync all your hosts, Windows or other, to that server. To achieve this, configure one (or more) of your domain controllers to retrieve time from the atomic clocks of the Internet. Rest of you servers should follow suit and sync their time to this domain controller after a little while.
Make a backup copy of your AD before you go any further.
Install your new server, and join it to the domain as a member server. Before you can run dcpromo on the new 2008 server, you must run adprep on your schema master, to prepare the Active Directory schema to support Windows 2008 domain controllers. The installation DVD contains a directory called sourcesadprep. Go there and run:
Here are two simple scripts written in Python to fetch information about users from Active Directory. The AD schema has been augmented with the Microsoft Services For Unix schema, which will allow to map Unix uids to Windows user accounts.
First, create a user account for your Apache in the Active Directory. Let’s assume the AD Kerberos realm is KOO.FI, and the user name we have created is “apache”. Also create a computer account, let’s call that “apachesrv”.
This short list should apply to a situation where an organization with one domain and a simple Exchange environment wants to upgrade from Exchange 2003 to 2007. It assumes everything will be installed on a single server with a fresh installation of Windows 2003 R2, joined as a member server into the domain.
An SSH server can be handy on a Windows machine, too. Cygwin comes with OpenSSH, and provides a lot of useful tools which you can use over the SSH connection. Here’s how to install Cygwin and OpenSSH server on a Windows machine.