Search Results

Search found 8959 results on 359 pages for 'bad decisions'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 337/359 | < Previous Page | 333 334 335 336 337 338 339 340 341 342 343 344  | Next Page >

  • Please Describe Your Struggles with Minimizing Use of Global Variables

    - by MetaHyperBolic
    Most of the programs I write are relatively flowchartable processes, with a defined start and hoped-for end. The problems themselves can be complex but do not readily lean towards central use of objects and event-driven programming. Often, I am simply churning through great varied batches of text data to produce different text data. Only occasionally do I need to create a class: As an example, to track warnings, errors, and debugging message, I created a class (Problems) with one instantiation (myErr), which I believe to be an example of the Singleton design pattern. As a further factor, my colleagues are more old school (procedural) than I and are unacquainted with object-oriented programming, so I am loath to create things they could not puzzle through. And yet I hear, again and again, how even the Singleton design pattern is really an anti-pattern and ought to be avoided because Global Variables Are Bad. Minor functions need few arguments passed to them and have no need to know of configuration (unchanging) or program state (changing) -- I agree. However, the functions in the middle of the chain, which primarily control program flow, have a need for a large number of configuration variables and some program state variables. I believe passing a dozen or more arguments along to a function is a "solution," but hardly an attractive one. I could, of course, cram variables into a single hash/dict/associative array, but that seems like cheating. For instance, connecting to the Active Directory to make a new account, I need such configuration variables as an administrative username, password, a target OU, some default groups, a domain, etc. I would have to pass those arguments down through a variety of functions which would not even use them, merely shuffle them off down through a chain which would eventually lead to the function that actually needs them. I would at least declare the configuration variables to be constant, to protect them, but my language of choice these days (Python) provides no simple manner to do this, though recipes do exist as workarounds. Numerous Stack Overflow questions have hit on the why? of the badness and the requisite shunning, but do not often mention tips on living with this quasi-religious restriction. How have you resolved, or at least made peace with, the issue of global variables and program state? Where have you made compromises? What have your tricks been, aside from shoving around flocks of arguments to functions?

    Read the article

  • Long numbers. Division.

    - by user577395
    Hello, world! I have a problem. Today I tried to create a code, which finds Catalan number. But in my program can be long numbers. I found numerator and denominator. But i can't div long numbers! Also, only standard libraries was must use in this program. Help me please. This is my code #include <vector> #include <iostream> using namespace std; int main(int argc, char *argv[]) { const int base = 1000*1000*1000; vector <int> a, b; int n, carry = 0; cin>>n; a.push_back(n); for (int ii=n+2; ii!=(2*n)+1;++ii) { carry = 0; for (size_t i=0; i<a.size() || carry; ++i) { if (i == a.size()) a.push_back (0); long long cur = carry + a[i] * 1ll * ii; a[i] = int (cur % base); carry = int (cur / base); } } while (a.size() > 1 && a.back() == 0) a.pop_back(); b.push_back(n); for (int ii=1; ii!=n+1;++ii) { carry = 0; for (size_t i=0; i<b.size() || carry; ++i) { if (i == b.size()) b.push_back (0); long long cur = carry + b[i] * 1ll * ii; b[i] = int (cur % base); carry = int (cur / base); } } while (b.size() > 1 && b.back() == 0) b.pop_back(); cout<<(a.empty() ? 0 : a.back()); for (int i=(int)a.size()-2; i>=0; --i) cout<<(a[i]); cout<<" "; cout<<(b.empty() ? 0 : b.back()); for (int i=(int)b.size()-2; i>=0; --i) cout<<(b[i]); //system("PAUSE"); cout<<endl; return 0; } P.S. Sorry for my bad english =)

    Read the article

  • Vector Troubles in C++

    - by DistortedLojik
    I am currently working on a project that deals with a vector of objects of a People class. The program compiles and runs just fine, but when I use the debugger it dies when trying to do anything with the PersonWrangler object. I currently have 3 different classes, one for the person, a personwrangler which handles all of the people collectively, and a game class that handles the game input and output. Edit: My basic question is to understand why it is dying when it calls outputPeople. Also I would like to understand why my program works exactly as it should unless I use the debugger. The outputPeople function works the way I intended that way. Edit 2: The callstack has 3 bad calls which are: std::vector ::begin(this=0xbaadf00d) std::vector ::size(this=0xbaadf00d) PersonWrangler::outputPeople(this=0xbaadf00d) Relevant code: class Game { public: Game(); void gameLoop(); void menu(); void setStatus(bool inputStatus); bool getStatus(); PersonWrangler* hal; private: bool status; }; which calls outputPeople where it promptly dies from a baadf00d error. void Game::menu() { hal->outputPeople(); } where hal is an object of PersonWrangler type class PersonWrangler { public: PersonWrangler(int inputStartingNum); void outputPeople(); vector<Person*> peopleVector; vector<Person*>::iterator personIterator; int totalPeople; }; and the outputPeople function is defined as void PersonWrangler::outputPeople() { int totalConnections = 0; cout << " Total People:" << peopleVector.size() << endl; for (unsigned int i = 0;i < peopleVector.size();i++) { sort(peopleVector[i]->connectionsVector.begin(),peopleVector[i]->connectionsVector.end()); peopleVector[i]->connectionsVector.erase( unique (peopleVector[i]->connectionsVector.begin(),peopleVector[i]->connectionsVector.end()),peopleVector[i]->connectionsVector.end()); peopleVector[i]->outputPerson(); totalConnections+=peopleVector[i]->connectionsVector.size(); } cout << "Total connections:" << totalConnections/2 << endl; }

    Read the article

  • jqgrid modify data returned from ajax call before display in table

    - by user954211
    I have to display some data that I receive from the server as json object like this {"rowndx":"0","rows":"25","rowstotal":"100","rowsdata":[ ["00","DEVICE001","T0_IHOME","1","***","1","10"], ["01","DEVICE002","NO_DEVICE","1","***","1","10"], ["02","DEVICE003","NO_DEVICE","0","***","1","10"], ..... Before displaying the received data in a table I would like to make changes where necessary adding units to the numbers or replacing the numbers with words (eg 0 -OFF 1- ON) To do this I have associated at the ajax option "success" my encoding function. In this case, however, remains always visible the message "Loading ..." and no other action is permitted. I moved my re-encoding procedure to the "complete" ajax option and this time it seems to work. But I did not understand what was my mistake and I do not know if my procedure can work. This is my table ajax configuration url : "devtbl.json", mtype : "POST", datatype : "json", postData : ...... ajaxGridOptions: { type : 'post', contentType: 'application/json', async : false, complete : DEVparse_serverdata, error : function() { alert('Something bad happened. Stopping');}, }, jsonReader : { root : "tablerows", page : "currentpage", total : "totalpages", records : "totalrecords", cell : "", id : "0", userdata : "userdata", repeatitems : true }, and my coding function function DEVparse_serverdata(js , textStatus) { var jsontablereply = {} ; var rowsxpage_int = parseInt(UB.rowsxpage.DEVtable) ; var jsonreply = jQuery.parseJSON(js.responseText) ; jsontablereply.currentpage = "" + (1 + (parseInt(jsonreply.rowndx) / rowsxpage_int)); jsontablereply.totalpages = "" + parseInt((parseInt(jsonreply.rowstotal) + (rowsxpage_int-1)) / rowsxpage_int) ; jsontablereply.totalrecords = jsonreply.rowstotal; jsontablereply.tablerows = [] ; $.each(jsonreply.rowsdata, function(ndx, row) { var rowarray = [] ; rowarray[0] = row[0] ; rowarray[1] = row[1] ; rowarray[2] = row[2] ; rowarray[3] = row[3] ; rowarray[4] = row[4] ; switch (row[2]) { case "NO_DEVICE": rowarray[5] = "***" ; break ; case "T0_IHOME": rowarray[5] = "T=" + row[5] + "°C" ; break ; } jsontablereply.tablerows[ndx] = rowarray ; }) ; // each jQuery("#DEVtbl")[0].addJSONData(jsontablereply); } (I am a beginner with Jquery my coding style is poor)

    Read the article

  • Inputs inside ListView doesn't change values from old to recently set on ItemUpdating event

    - by Tema
    Hi, I would appreciate if someone help me to understand this situation. I do not know why but when i edit selected ListView item (containing few TextBoxes) and then press Update button in the ItemUpdating event i always get old values instead of those which were typed recently. Why? I do not use Page_Load event so i do not need check on PostBack I try to get value before i bind data from DB to ListView, so it can't override recently typed values I tried to get TextBoxes values in different Event handlers - ItemCommand, ItemUpdating, ItemDataBound - result si always the same Collection NewValues and OldValues are always empty (i think this is because i don't use SqlDataSource control) The only one way i can get new values - is to check Request, but in this case i can't use control validators ... so probably it is bad idea to work with only request. This is the code of ItemUpdating method: ListViewItem editItem = AdminUsersListView.EditItem; Guid userId = new Guid((editItem.FindControl("UserId") as HiddenField).Value); Hashtable dataUpdate = new Hashtable { { "UserName", Request[ (editItem.FindControl("UserNameNew") as TextBox).UniqueID ] }, { "Email", Request[ (editItem.FindControl("Email") as TextBox).UniqueID ] }, { "IsApproved", Request[ (editItem.FindControl("IsApproved") as CheckBox).UniqueID ] == "on" }, { "IsLockedOut", Request[ (editItem.FindControl("IsLockedOut") as CheckBox).UniqueID ] == "on" } }; var x1 = dataUpdate["UserName"]; // this is corrent new value from Request var x2 = (editItem.FindControl("UserNameNew") as TextBox).Text; // this is WRONG! OLD! value from TextBox ... Why??? using (Entities entities = new Entities()) { aspnet_Membership membershipItem = entities.aspnet_Membership.Where(MBS => MBS.UserId == userId).FirstOrDefault(); membershipItem.Email = dataUpdate["Email"].ToString(); membershipItem.LoweredEmail = membershipItem.Email.ToLower(); membershipItem.IsApproved = Convert.ToBoolean(dataUpdate["IsApproved"]); membershipItem.IsLockedOut = Convert.ToBoolean(dataUpdate["IsLockedOut"]); entities.SaveChanges(); aspnet_Users userItem = entities.aspnet_Users.Where(USR => USR.UserId == userId).FirstOrDefault(); userItem.UserName = dataUpdate["UserName"].ToString(); userItem.LoweredUserName = userItem.UserName.ToLower(); entities.SaveChanges(); } AdminUsersListView.EditIndex = -1; AdminUsersListView.DataSource = _getDataList(); AdminUsersListView.DataBind(); Thanks, Art

    Read the article

  • Php random row help...

    - by Skillman
    I've created some code that will return a random row, (well, all the rows in a random order) But i'm assuming its VERY uneffiecent and is gonna be a problem in a big database... Anyone know of a better way? Here is my current code: $count3 = 1; $count4 = 1; //Civilian stuff... $query = ("SELECT * FROM `*Table Name*` ORDER BY `Id` ASC"); $result = mysql_query($query); while($row = mysql_fetch_array($result)) { $count = $count + 1; $civilianid = $row['Id']; $arrayofids[$count] = $civilianid; //echo $arrayofids[$count]; } while($alldone != true) { $randomnum = (rand()%$count) + 1; //echo $randomnum . "<br>"; //echo $arrayofids[$randomnum] . "<br>"; $currentuserid = $arrayofids[$randomnum]; $count3 += 1; while($count4 < $count3) { $count4 += 1; $currentarrayid = $listdone[$count4]; //echo "<b>" . $currentarrayid . ":" . $currentuserid . "</b> "; if ($currentarrayid == $currentuserid){ $found = true; //echo " '" .$found. "' "; } } if ($found == true) { //Reset array/variables... $count4 = 1; $found = false; } else { $listdone[$count3] = $currentuserid; //echo "<u>" . $count3 .";". $listdone[$count3] . "</u> "; $query = ("SELECT * FROM `*Tablesname*` WHERE Id = '$currentuserid'"); $result = mysql_query($query); $row = mysql_fetch_array($result); $username = $row['Username']; echo $username . "<br>"; $count4 = 1; $amountdone += 1; if ($amountdone == $count) { //$count $alldone = true; } } } Basically it will loop until its gets an id (randomly) that hasnt been chosen yet. -So the last username could take hours :P Is this 'bad' code? :P :(

    Read the article

  • What is the best approach in SQL to store multi-level descriptions?

    - by gime
    I need a new perspective on how to design a reliable and efficient SQL database to store multi-level arrays of data. This problem applies to many situations but I came up with this example: There are hundreds of products. Each product has an undefined number of parts. Each part is built from several elements. All products are described in the same way. All parts would require the same fields to describe them (let's say: price, weight, part name), all elements of all parts also have uniform design (for example: element code, manufacturer). Plain and simple. One element may be related to only part, and each part is related to one product only. I came up with idea of three tables: Products: -------------------------------------------- prod_id prod_name prod_price prod_desc 1 hoover 120 unused next Parts: ---------------------------------------------------- part_id part_name part_price part_weight prod_id 3 engine 10 20 1 and finally Elements: --------------------------------------- el_id el_code el_manufacturer part_id 1 BFG12 GE 3 Now, select a desired product, select all from PARTS where prod_id is the same, and then select all from ELEMENTS where part_id matches - after multiple queries you've got all data. I'm just not sure if this is the right approach. I've got also another idea, without ELEMENTS table. That would decrease queries but I'm a bit afraid it might be lame and bad practice. Instead of ELEMENTS table there are two more fields in the PARTS table, so it looks like this: part_id, part_name, part_price, part_weight, prod_id, part_el_code, part_el_manufacturer they would be text type, and for each part, information about elements would be stored as strings, this way: part_el_code | code_of_element1; code_of_element2; code_of_element3 part_el_manufacturer | manuf_of_element1; manuf_of_element2; manuf_of_element3 Then all we need is to explode() data from those fields, and we get arrays, easy to display. Of course this is not perfect and has some limitations, but is this idea ok? Or should I just go with the first idea? Or maybe there is a better approach to this problem? It's really hard to describe it in few words, and that means it's hard to search for answer. Also, understanding the principles of designing databases is not that easy as it seems.

    Read the article

  • When i add a bitmap to an array list the last element is duplicated in previous indexes

    - by saxofone2
    I'm trying to implement a personal way of undo/redo in a finger paint-like app. I have in synthesis three objects: the Main class (named ScorePadActivity), the relative Main Layout (with buttons, menus, etc, as well as a View object where I create my drawings), and a third object named ArrayList where i'm writing the undo/redo code. The problem is, when I press the undo button nothing happens, but if I draw anything again "one-time" and press undo, the screen is updated. If I draw many times, to see any changes happen on screen I have to press the undo button the same number of times I have drawn. Seems like (as in title) when I add a bitmap to the array list the last element is duplicated in previous indexes, and for some strange reason, everytime I press the Undo Button, the system is ok for one time, but starts to duplicate until the next undo. The index increase is verified with a series of System.out.println inserted in code. Now when I draw something on screen, the array list is updated with the code inserted after the invocation of touchup(); method in motionEvent touch_up(); } this.arrayClass.incrementArray(mBitmap); mPath.rewind(); invalidate(); and in ArrayList activity; public void incrementArray(Bitmap mBitmap) { this._mBitmap=mBitmap; _size=undoArray.size(); undoArray.add(_size, _mBitmap); } (All Logs removed for clear reading) The undo button in ScorePadActivity calls the undo method in View activity: Button undobtn= (Button)findViewById(R.id.undo); undobtn.setOnClickListener(new View.OnClickListener() { public void onClick(View v) { mView.undo(); } }); in View activity: public void undo() { this.mBitmap= arrayClass.undo(); mCanvas = new Canvas(mBitmap); mPath.rewind(); invalidate(); } that calls the relative undo method in ArrayList activity: public Bitmap undo() { // TODO Auto-generated method stub _size=undoArray.size(); if (_size>1) { undoArray.remove(_size-1); _size=undoArray.size(); _mBitmap = ((Bitmap) undoArray.get(_size-1)).copy(Bitmap.Config.ARGB_8888,true); } return _mBitmap; } return mBitmap and invalidate: Due to my bad English I have made a scheme to make the problem more clear: I have tried with HashMap, with a simple array, I have tried to change mPath.rewind(); with reset();, new Path(); etc but nothing. Why? Sorry for the complex answer, i want give you a great thanks in advance. Best regards

    Read the article

  • Help Desk Database Design

    - by user237244
    The company I work at has very specific and unique needs for a help desk system, so none of the open source systems will work for us. That being the case, I created a custom system using PHP and MySQL. It's far from perfect, but it's infinitely better than the last system they were using; trust me! It meets most of our needs quite nicely, but I have a question about the way I have the database set up. Here are the main tables: ClosedTickets ClosedTicketSolutions Locations OpenTickets OpenTicketSolutions Statuses Technicians When a user submits a help request, it goes in the "OpenTickets" table. As the technicians work on the problem, they submit entries with a description of what they've done. These entries go in the "OpenTicketSolutions" table. When the problem has been resolved, the last technician to work on the problem closes the ticket and it gets moved to the "ClosedTickets" table. All of the solution entries get moved to the "ClosedTicketSolutions" table as well. The other tables (Locations, Statuses, and Technicians) exist as a means of normalization (each location, status, and technician has an ID which is referenced). The problem I'm having now is this: When I want to view a list of all the open tickets, the SQL statement is somewhat complicated because I have to left join the "Locations", "Statuses", and "Technicians" tables. Fields from various tables need to be searchable as well. Check out how complicated the SQL statement is to search closed tickets for tickets submitted by anybody with a first name containing "John": SELECT ClosedTickets.*, date_format(ClosedTickets.EntryDate, '%c/%e/%y %l:%i %p') AS Formatted_Date, date_format(ClosedDate, '%c/%e/%y %l:%i %p') AS Formatted_ClosedDate, Concat(Technicians.LastName, ', ', Technicians.FirstName) AS TechFullName, Locations.LocationName, date_format(ClosedTicketSolutions.EntryDate, '%c/%e/%y') AS Formatted_Solution_EntryDate, ClosedTicketSolutions.HoursSpent AS SolutionHoursSpent, ClosedTicketSolutions.Tech_ID AS SolutionTech_ID, ClosedTicketSolutions.EntryText FROM ClosedTickets LEFT JOIN Technicians ON ClosedTickets.Tech_ID = Technicians.Tech_ID LEFT JOIN Locations ON ClosedTickets.Location_ID = Locations.Location_ID LEFT JOIN ClosedTicketSolutions ON ClosedTickets.TicketNum = ClosedTicketSolutions.TicketNum WHERE (ClosedTickets.FirstName LIKE '%John%') ORDER BY ClosedDate Desc, ClosedTicketSolutions.EntryDate, ClosedTicketSolutions.Entry_ID One thing that I'm not able to do right now is search both open and closed tickets at the same time. I don't think a union would work in my case. So I'm wondering if I should store the open and closed tickets in the same table and just have a field indicating whether or not the ticket is closed. The only problem I can forsee is that we have so many closed tickets already (nearly 30,000) so the whole system might perform slowly. Would it be a bad idea to combine the open and closed tickets?

    Read the article

  • safe dereferencing and deletion

    - by serejko
    Hi, I'm relatively new to C++ and OOP in general and currently trying to make such a class that allows to dereference and delete a dead or invalid pointer without any care of having undefined behavior or program fault in result, and I want to ask you is it a good idea and is there something similar which is already implemented by someone else? or maybe I'm doing something completely wrong? I've just started making it and here is the code I currently have: template<class T> class SafeDeref { public: T& operator *() { hash_set<T*>::iterator it = theStore.find(reinterpret_cast<T*>(ptr)); if (it != theStore.end()) return *this; return theDefaultObject; } T* operator ->() { hash_set<T*>::iterator it = theStore.find(reinterpret_cast<T*>(ptr)); if (it != theStore.end()) return this; return &theDefaultObject; } void* operator new(size_t size) { void* ptr = malloc(size * sizeof(T)); if (ptr != 0) theStore.insert(reinterpret_cast<T*>(ptr)); return ptr; } void operator delete(void* ptr) { hash_set<T*>::iterator it = theStore.find(reinterpret_cast<T*>(ptr)); if (it != theStore.end()) { theStore.erase(it); free(ptr); } } protected: static bool isInStore(T* ptr) { return theStore.find(ptr) != theStore.end(); } private: static T theDefaultObject; static hash_set<T*> theStore; }; The idea is that each class with the safe dereference should be inherited from it like this: class Foo : public SafeDeref<Foo> { void doSomething(); }; So... Any advices? Thanks in advance. P.S. If you're wondering why I need this... well, I'm creating a set of native functions for some scripting environment, and all of them use pointers to internally allocated objects as handles to them and they're able to delete them as well (input data can be wrong), so this is kinda protection from damaging host application's memory And I really sorry for my bad English

    Read the article

  • PHP send batch email [closed]

    - by qalbiol
    Possible Duplicate: Sending mass email using PHP I have a PHP script that sends an individual email to all users in my DB, such as a monthly / weekly newsletter. The code I am using goes as follows: $subject = $_POST['subject']; $message = $_POST['message']; // Get all the mailing list subscribers. $query = $db->prepare("SELECT * FROM maildb"); $query->execute(); // Loop through all susbcribers, and send and individual email. foreach ($query as $row) { // Setting maximum time limit to infinite. set_time_limit(0); $newMessage = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> </head> <body>'; // Search for the [unsubscribe] tag and replace it with a URL for the user to unsubscribe $newMessage .= str_replace("[unsubscribe]", "<a href='".BASE_URL."unsubscribe/".$row['hash']."/".$row['email']."'>unsubscribe</a>", $message); $newMessage .= '</body></html>'; $to = $row['email']; // Establish content headers $headers = "From: [email protected]"."\n"; $headers .= "Reply-To: [email protected]"."\n"; $headers .= "X-Mailer: PHP v.". phpversion()."\n"; $headers .= "MIME-Version: 1.0"."\n"; $headers .= "Content-Type: text/html; charset=iso-8859-1"."\n"; $headers .= "Content-Transfer-Encoding: 8bit;"; mail($to, $subject, $newMessage, $headers); // Send email to each individual user } This code works perfectly with a REALLY small database... I recently populated my test db with 200k+ users, and obviously this script fails, gets out of memory, and dies... I know this is a bad way to send so many emails, thats why I'd like to ask you for much more efficient ways to do this! Thank you very much!

    Read the article

  • Resource id #45 [on hold]

    - by user2916506
    What is this error? I am trying to connect from PHP to Traffic Live mysql and do a POST and at some id's I get this error. With the biggest part of contacts my code works just fine but it keeps getting this trouble maker. What can I do? Here is the trouble making code:if ($sales_datemodified[$h] $traffic_datemodified[$t]) { //if ($traffic_id[$t] != 22033) { $postrequestclient = $clients - post("staff/employee", null, '{"@class": "com.sohnar.trafficlite.transfer.trafficcompany.TrafficEmployeeTO", "id": ' . $traffic_id[$t] . ',"locationId":' . $traffic_locationid[$t] . ', "departmentId": ' . $traffic_departmentid[$t] . ', "ownerCompanyId": ' . $traffic_ownercompanyid[$t] . ',"userId": ' . $traffic_userid[$t] . ',"userName": "' . $traffic_username[$t] . '","employeeDetails": {"id": ' . $traffic_id[$t] . ',"jobTitle": "' . $sales_title[$h] . '","costPerHour": { "amountString": ' . $traffic_amountString[$t] . ', "currencyType": "' . $traffic_currencyType[$t] . '"},"hoursWorkedPerDayMinutes": ' . $traffic_hwpdm[$t] . ', "personalDetails": {"id": ' . $traffic_persdetId[$t] . ', "firstName": "' . $sales_firstname[$h] . '","middleName": "' . $traffic_middleName[$t] . '","lastName": "' . $sales_lastname[$h] . '", "emailAddress": "' . $traffic_username[$t] . '","workPhone": "' . $sales_phone[$h] . '","mobilePhone": "' . $sales_mobilephone[$h] . '" }}}') - setAuth(user, password); $postresponseclient = $postrequestclient - send() - json(); I don't have any errors in my code. That commented "if" is for excluding the trouble making contact on which I get this error. If I uncomment that the program runs fine without any problems. The problem is that this test is made on a small number of contacts and if I add more contacts to the test I get more errors of this kind. this should be a synchronization job so excluding all the "bad" contacts won't work

    Read the article

  • Apache SSO through Kerberos using Machine Account

    - by watkipet
    I'm attempting to get Apache on Ubuntu 12.04 to authenticate users via Kerberos SSO to a Windows 2008 Active Directory server. Here are a few things that make my situation different: I don't have administrative access to the Windows Server (nor will I ever have access). I also cannot have any changes to the server made on my behalf. I've joined Ubuntu server to the Active Directory using PBIS open. Users can log into the Ubuntu server using their AD credentials. kinit also works fine for each user. Since I can't change AD (except for adding new machines and SPNs), I cannot add a service account for Apache on Ubuntu. Since I can't add I service account, I have to use the machine keytab (/etc/krb5.keytab), or at least use the machine password in another keytab. Right now I'm using the machine keytab and giving Apache readonly access (bad idea, I know). I've already added the SPN using net ads keytab add HTTP -U Since I'm using Ubuntu 12.04, the only encoding types that get added during "net ads keytab add" are arcfour-hmac, des-cbc-crc, and des-cbc-md5. PBIS adds the AES encoding types to the host and cifs principals when it joins the domain, but I have yet to get "net ads keytab add" to do this. ktpass and setspn are out of the question because of #1 above. I've configured (for Kerberos SSO) and tested both IE 8 Firefox. I'm using the following configuration in my Apache site config: <Location /secured> AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd On KrbAuthRealms DOMAIN.COM Krb5KeyTab /etc/krb5.keytab KrbLocalUserMapping On require valid-user </Location> When Firefox tries to connect get the following in Apache's error.log (LogLevel debug): [Wed Oct 23 13:48:31 2013] [debug] src/mod_auth_kerb.c(1628): [client 192.168.0.2] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos [Wed Oct 23 13:48:31 2013] [debug] mod_deflate.c(615): [client 192.168.0.2] Zlib: Compressed 477 to 322 : URL /secured [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(1628): [client 192.168.0.2] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(994): [client 192.168.0.2] Using HTTP/[email protected] as server principal for password verification [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(698): [client 192.168.0.2] Trying to get TGT for user [email protected] [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(609): [client 192.168.0.2] Trying to verify authenticity of KDC using principal HTTP/[email protected] [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(652): [client 192.168.0.2] krb5_rd_req() failed when verifying KDC [Wed Oct 23 13:48:37 2013] [error] [client 192.168.0.2] failed to verify krb5 credentials: Decrypt integrity check failed [Wed Oct 23 13:48:37 2013] [debug] src/mod_auth_kerb.c(1073): [client 192.168.0.2] kerb_authenticate_user_krb5pwd ret=401 user=(NULL) authtype=(NULL) [Wed Oct 23 13:48:37 2013] [debug] mod_deflate.c(615): [client 192.168.0.2] Zlib: Compressed 477 to 322 : URL /secured When IE 8 tries to connect I get: [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1628): [client 192.168.0.2] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos [Wed Oct 23 14:03:30 2013] [debug] mod_deflate.c(615): [client 192.168.0.2] Zlib: Compressed 477 to 322 : URL /secured [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1628): [client 192.168.0.2] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1240): [client 192.168.0.2] Acquiring creds for HTTP@apache_server [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1385): [client 192.168.0.2] Verifying client data using KRB5 GSS-API [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1401): [client 192.168.0.2] Client didn't delegate us their credential [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1420): [client 192.168.0.2] GSS-API token of length 9 bytes will be sent back [Wed Oct 23 14:03:30 2013] [debug] src/mod_auth_kerb.c(1101): [client 192.168.0.2] GSS-API major_status:000d0000, minor_status:000186a5 [Wed Oct 23 14:03:30 2013] [error] [client 192.168.0.2] gss_accept_sec_context() failed: Unspecified GSS failure. Minor code may provide more information (, ) [Wed Oct 23 14:03:30 2013] [debug] mod_deflate.c(615): [client 192.168.0.2] Zlib: Compressed 477 to 322 : URL /secured Let me know if you'd like additional log and config files--the initial question is getting long enough.

    Read the article

  • Run CGI in IIS 7 to work with GET without Requiring POST Request

    - by Mohamed Meligy
    I'm trying to migrate an old CGI application from an existing Windows 2003 server (IIS 6.0) where it works just fine to a new Windows 2008 server with IIS 7.0 where we're getting the following problem: After setting up the module handler and everything, I find that I can only access the CGI application (rdbweb.exe) file if I'm calling it via POST request (form submit from another page). If I just try to type in the URL of the file (issuing a GET request) I get the following error: HTTP Error 502.2 - Bad Gateway The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are "Exception EInOutError in module rdbweb.exe at 00039B44. I/O error 6. ". This is a very old application for one of our clients. When we tried to call the vendor they said we need to pay ~ $3000 annual support fee in order to start the talk about it. Of course I'm trying to avoid that! Note that: If we create a normal HTML form that submits to "rdbweb.exe", we get the CGI working normally. We can't use this as workaround though because some pages in the application link to "rdbweb.exe" with normal link not form submit. If we run "rdbweb.exe". from a Console (Command Prompt) Window not IIS, we get the normal HTML we'd typically expect, no problem. We have tried the following: Ensuring the CGI module mapped to "rdbweb.exe".in IIS has all permissions (read, write, execute) enabled and also all verbs are allowed not just specific ones, also tried allowing GET, POST explicitely. Ensuring the application bool has "enable 32 bit applications" set to true. Ensuring the website runs with an account that has full permissions on the "rdbweb.exe".file and whole website (although we know it "read", "execute" should be enough). Ensuring the machine wide IIS setting for "ISAPI and CGI Restrictions" has the full path to "rdbweb.exe".allowed. Making sure we have the latest Windows Updates (for IIS6 we found knowledge base articles stating bugs that require hot fixes for IIS6, but nothing similar was found for IIS7). Changing the module from CGI to Fast CGI, not working also Now the only remaining possibility we have instigated is the following Microsoft Knowledge Base article:http://support.microsoft.com/kb/145661 - Which is about: CGI Error: The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are: the article suggests the following solution: Modify the source code for the CGI application header output. The following is an example of a correct header: print "HTTP/1.0 200 OK\n"; print "Content-Type: text/html\n\n\n"; Unfortunately we do not have the source to try this out, and I'm not sure anyway whether this is the issue we're having. Can you help me with this problem? Is there a way to make the application work without requiring POST request? Note that on the old IIS6 server the application is working just fine, and I could not find any special IIS configuration that I may want to try its equivalent on IIS7.

    Read the article

  • Getting hp-snmp-agents on HP ProLiant DL360 on Lenny working

    - by mark
    After receiving our HP ProLiant DL360 I'd like to integrate the machine into our Munin system and thus enable ProLiant specific information to be exposed via SNMP. I'm running Debian Lenny with kernel 2.6.26-2-vserver-amd64 . I've followed http://downloads.linux.hp.com/SDR/getting_started.html and the HP repository has been added to /etc/apt/sources.list.d/HP-ProLiantSupportPack.list . Setting up Lenny SNMP itself is not a problem, I configure it to have a public v1 community string to read all data and it works. I install hp-snmp-agents and run hpsnmpconfig and it adds additional lines to the top of /etc/snmp/snmpd.conf : dlmod cmaX /usr/lib64/libcmaX64.so snmpd gets restarted. Via lsof I can see that libcmaX64 was loaded and is used by snmpd, put I do not get any additional information out of snmp. I use snmpwalk -v 1 -c public ... and I can see many OIDs but I do not see the new ones I'd expect, most notably temperatures, fan speed and such. The OIDs I'm expecting are e.g. 1.3.6.1.4.1.232.6.2.6.8.1.4.1 , this is from the existing munin plugins from http://exchange.munin-monitoring.org/plugins/snmp__hp_temp/version/1 . snmpd[19007]: cmaX: Parsing shared as a type was unsucessful snmpd[19007]: cmaX: listening for subagents on port 25375 snmpd[19007]: cmaX: subMIB 1 handler has disconnected snmpd[19007]: cmaX: subMIB 2 handler has disconnected snmpd[19007]: cmaX: subMIB 3 handler has disconnected snmpd[19007]: cmaX: subMIB 5 handler has disconnected snmpd[19007]: cmaX: subMIB 6 handler has disconnected snmpd[19007]: cmaX: subMIB 8 handler has disconnected snmpd[19007]: cmaX: subMIB 9 handler has disconnected snmpd[19007]: cmaX: sent ColdStarts on ports 25376 to 25393 snmpd[19007]: cmaX: subMIB 10 handler has disconnected snmpd[19007]: cmaX: subMIB 11 handler has disconnected snmpd[19007]: cmaX: subMIB 14 handler has disconnected snmpd[19007]: cmaX: subMIB 15 handler has disconnected snmpd[19007]: cmaX: subMIB 16 handler has disconnected snmpd[19007]: cmaX: subMIB 21 handler has disconnected snmpd[19007]: cmaX: subMIB 22 handler has disconnected snmpd[19007]: cmaX: subMIB 23 handler has disconnected snmpd[19007]: cmaX: subMIB 1 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 2 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 3 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 5 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 6 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 8 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 9 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 10 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 11 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 14 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 15 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 16 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 21 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 22 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 23 will be sent on port 25376 to hp Advanced Server Management_Peer snmpd[19007]: cmaX: subMIB 18 handler has disconnected snmpd[19007]: cmaX: subMIB 18 will be sent on port 25393 to cpqnicd snmpd[19007]: NET-SNMP version 5.4.1 This doesn't look particular bad for me, it's just informational I guess. I've compared the walking OID output with and without the module and there's no difference in the OID served back at all. Are there any other prerequisites I'm missing? I've also noticed that from the time I installed hp-snmp-agents it adds a lot of additional daemons and that my load suddenly jumps to 1. I've uninstalled the package for now. Is this expected behavior?

    Read the article

  • sendmail can not relay from itself

    - by Bernie
    I am running 3 centos 5.2 servers and I have configured the server for forward all messages to root to be emailed to me via .forward rule. This is working fine on two of the servers but not on the third. I have also tried copying the mail config files from the backup server and placing them on the file server and restarting sendmail. I also removed and reinstalled sendmail via yum but the results are the same. I am not sure what the issue could be they are all standard centos installs. Here is an example from the backup server which is working and the fileserver which isn't I am also going to include the mail log. good from backup server [root@backup ]# sendmail -v [email protected] < test.mail [email protected]... Connecting to [127.0.0.1] via relay... 220 backup.localhost ESMTP Sendmail 8.13.8/8.13.8; Fri, 16 Oct 2009 10:23:50 -0700 >>> EHLO backup.localhost 250-backup.localhost Hello backup.localhost [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-DELIVERBY 250 HELP >>> MAIL From:<[email protected]> SIZE=73 250 2.1.0 <[email protected]>... Sender ok >>> RCPT To:<[email protected]> >>> DATA 250 2.1.5 <[email protected]>... Recipient ok 354 Enter mail, end with "." on a line by itself >>> . 250 2.0.0 n9GHNoGC020924 Message accepted for delivery [email protected]... Sent (n9GHNoGC020924 Message accepted for delivery) Closing connection to [127.0.0.1] >>> QUIT 221 2.0.0 backup.localhost closing connection bad from file server [root@fileserver bernie]# sendmail -v [email protected] < test.mail [email protected]... Connecting to [127.0.0.1] via relay... 220 fileserver.localhost ESMTP Sendmail 8.13.8/8.13.8; Fri, 16 Oct 2009 10:23:26 -0700 >>> EHLO fileserver.localhost 250-fileserver.localhost Hello fileserver.localhost [127.0.0.1], pleased to meet you 250 ENHANCEDSTATUSCODES >>> MAIL From:<[email protected]> 550 5.0.0 Access denied root... Using cached ESMTP connection to [127.0.0.1] via relay... >>> RSET 250 2.0.0 Reset state >>> MAIL From:<> 550 5.0.0 Access denied postmaster... Using cached ESMTP connection to [127.0.0.1] via relay... >>> RSET 250 2.0.0 Reset state >>> MAIL From:<> 550 5.0.0 Access denied Closing connection to [127.0.0.1] >>> QUIT 221 2.0.0 fileserver.localhost closing connection mail log Oct 16 10:39:13 fileserver sendmail[28059]: n9GHdDom028059: from=root, size=72, class=0, nrcpts=1, msgid=<[email protected]>, relay=root@localhost Oct 16 10:39:13 fileserver sendmail[28060]: n9GHdDwl028060: tcpwrappers (fileserver.localhost, 127.0.0.1) rejection Oct 16 10:39:13 fileserver sendmail[28059]: n9GHdDom028059: [email protected], ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30072, relay=[127.0.0.1] [127.0.0.1], dsn=5.0.0, stat=Service unavailable Oct 16 10:39:13 fileserver sendmail[28059]: n9GHdDom028059: n9GHdDon028059: DSN: Service unavailable Oct 16 10:39:13 fileserver sendmail[28059]: n9GHdDon028059: to=root, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31096, relay=[127.0.0.1], dsn=5.0.0, stat=Service unavailable Oct 16 10:39:13 fileserver sendmail[28059]: n9GHdDon028059: n9GHdDoo028059: return to sender: Service unavailable Oct 16 10:39:13 fileserver sendmail[28059]: n9GHdDoo028059: to=postmaster, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=32120, relay=[127.0.0.1], dsn=5.0.0, stat=Service unavailable Oct 16 10:39:13 fileserver sendmail[28059]: n9GHdDon028059: Losing ./qfn9GHdDon028059: savemail panic Oct 16 10:39:13 fileserver sendmail[28059]: n9GHdDon028059: SYSERR(root): savemail: cannot save rejected email anywhere

    Read the article

  • Cisco VPN Client dropping connection

    - by IT Team
    Using Windows XP and Cisco VPN client version 5.0.4.xxx to connect to a remote customer site. We are able to establish the connection and start an RDP session, but within 1-2 minutes the connection drops and the VPN connection disconnects. The PC making the connection is on a DMZ which is NATed to a public IP address. If we move the PC directly onto the internet without being on the DMZ the connection works and we don't encounter any disconnects. We use a PIX 515E running 7.2.4 and don't have any problems with similar setups connecting to other customer sites from the DMZ. The VPN setup on the client side is pretty basic, using IPSec over TCP port 10000. Not sure what device they are using on the peer, but my guess would be an ASA. Any idea as to what the problem would be? Below is the logs from the VPN client when the problem occurs. The real IP address has been changed to: RemotePeerIP. 4 14:39:30.593 09/23/09 Sev=Info/4 CM/0x63100024 Attempt connection with server "RemotePeerIP" 5 14:39:30.593 09/23/09 Sev=Info/6 CM/0x6310002F Allocated local TCP port 1942 for TCP connection. 6 14:39:30.796 09/23/09 Sev=Info/4 IPSEC/0x63700008 IPSec driver successfully started 7 14:39:30.796 09/23/09 Sev=Info/4 IPSEC/0x63700014 Deleted all keys 8 14:39:30.796 09/23/09 Sev=Info/6 IPSEC/0x6370002C Sent 256 packets, 0 were fragmented. 9 14:39:30.796 09/23/09 Sev=Info/6 IPSEC/0x63700020 TCP SYN sent to RemotePeerIP, src port 1942, dst port 10000 10 14:39:30.796 09/23/09 Sev=Info/6 IPSEC/0x6370001C TCP SYN-ACK received from RemotePeerIP, src port 10000, dst port 1942 11 14:39:30.796 09/23/09 Sev=Info/6 IPSEC/0x63700021 TCP ACK sent to RemotePeerIP, src port 1942, dst port 10000 12 14:39:30.796 09/23/09 Sev=Warning/3 IPSEC/0xA370001C Bad cTCP trailer, Rsvd 26984, Magic# 63697672h, trailer len 101, MajorVer 13, MinorVer 10 13 14:39:30.796 09/23/09 Sev=Info/4 CM/0x63100029 TCP connection established on port 10000 with server "RemotePeerIP" 14 14:39:31.296 09/23/09 Sev=Info/4 CM/0x63100024 Attempt connection with server "RemotePeerIP" 15 14:39:31.296 09/23/09 Sev=Info/6 IKE/0x6300003B Attempting to establish a connection with RemotePeerIP. 16 14:39:31.296 09/23/09 Sev=Info/4 IKE/0x63000013 SENDING ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Unity)) to RemotePeerIP 17 14:39:36.296 09/23/09 Sev=Info/4 IKE/0x63000021 Retransmitting last packet! 18 14:39:36.296 09/23/09 Sev=Info/4 IKE/0x63000013 SENDING ISAKMP OAK AG (Retransmission) to RemotePeerIP 19 14:39:41.296 09/23/09 Sev=Info/4 IKE/0x63000021 Retransmitting last packet! 20 14:39:41.296 09/23/09 Sev=Info/4 IKE/0x63000013 SENDING ISAKMP OAK AG (Retransmission) to RemotePeerIP 21 14:39:46.296 09/23/09 Sev=Info/4 IKE/0x63000021 Retransmitting last packet! 22 14:39:46.296 09/23/09 Sev=Info/4 IKE/0x63000013 SENDING ISAKMP OAK AG (Retransmission) to RemotePeerIP 23 14:39:51.328 09/23/09 Sev=Info/4 IKE/0x63000017 Marking IKE SA for deletion (I_Cookie=AEFC3FFF0405BBD6 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING 24 14:39:51.828 09/23/09 Sev=Info/4 IKE/0x6300004B Discarding IKE SA negotiation (I_Cookie=AEFC3FFF0405BBD6 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING 25 14:39:51.828 09/23/09 Sev=Info/4 CM/0x63100014 Unable to establish Phase 1 SA with server "RemotePeerIP" because of "DEL_REASON_PEER_NOT_RESPONDING" 26 14:39:51.828 09/23/09 Sev=Info/5 CM/0x63100025 Initializing CVPNDrv 27 14:39:51.828 09/23/09 Sev=Info/4 CM/0x6310002D Resetting TCP connection on port 10000 28 14:39:51.828 09/23/09 Sev=Info/6 CM/0x63100030 Removed local TCP port 1942 for TCP connection. 29 14:39:51.828 09/23/09 Sev=Info/6 CM/0x63100046 Set tunnel established flag in registry to 0. 30 14:39:51.828 09/23/09 Sev=Info/4 IKE/0x63000001 IKE received signal to terminate VPN connection 31 14:39:52.328 09/23/09 Sev=Info/6 IPSEC/0x63700023 TCP RST sent to RemotePeerIP, src port 1942, dst port 10000 32 14:39:52.328 09/23/09 Sev=Info/4 IPSEC/0x63700014 Deleted all keys 33 14:39:52.328 09/23/09 Sev=Info/4 IPSEC/0x63700014 Deleted all keys 34 14:39:52.328 09/23/09 Sev=Info/4 IPSEC/0x63700014 Deleted all keys 35 14:39:52.328 09/23/09 Sev=Info/4 IPSEC/0x6370000A IPSec driver successfully stopped Thank you for any help you can provide.

    Read the article

  • Is there really a need for encryption to have true wireless security? [closed]

    - by Cawas
    I welcome better key-wording here, both on tags and title. I'm trying to conceive a free, open and secure network environment that would work anywhere, from big enterprises to small home networks of just 1 machine. I think since wireless Access Points are the most, if not only, true weak point of a Local Area Network (let's not consider every other security aspect of having internet) there would be basically two points to consider here: Having an open AP for anyone to use the internet through Leaving the whole LAN also open for guests to be able to easily read (only) files on it, and even a place to drop files on Considering these two aspects, once everything is done properly... What's the most secure option between having that, or having just an encrypted password-protected wifi? Of course "both" would seem "more secure". But it shouldn't actually be anything substantial. That's the question, but I think it may need more elaborating on. If you don't think so, please feel free to skip the next (long) part. Elaborating more on the two aspects ... I've always had the feeling using any kind of the so called "wireless security" methods is actually a bad design. I'm talking mostly about encrypting and pass-phrasing (which are actually two different concepts), since I won't even consider hiding SSID and mac filtering. I understand it's a natural way of thinking. With cable networking nobody can access the network unless they have access to the physical cable, so you're "secure" in the physical way. In a way, encrypting is for wireless what building walls is for the cables. And giving pass-phrases would be adding a door with a key. But the cabling without encryption is also insecure. If someone plugin all the data is right there. So, while I can see the use for encrypting data, I don't think it's a security measure in wireless networks. It's wasting resources for too little gain. I believe we should encrypt only sensitive data regardless of wires. That's already done with HTTPS, so I don't really need to encrypt my torrents, for instance. They're torrents, they are meant to be freely shared! As for using passwords, they should be added to the users, always. Not to wifi. For securing files, truly, best solution is backup. Sure all that doesn't happen that often, but I won't consider the most situations where people just don't care. I think there are enough situations where we actually use passwords on our OS users, so let's go with that in mind. I keep promoting the Fonera concept as an instance. It opens up a free wifi port, if you choose so, and anyone can connect to the internet through that, without having any access to your LAN. It also uses a QoS which will never let your bandwidth drop from that public usage. That's security, and it's open. But it's lacking the second aspect. I'll probably be bashed for promoting the non-usage of WPA 2 with AES or whatever, but I wanted to know from more experienced (super) users out there: what do you think?

    Read the article

  • Dual head setup for Ubuntu 10.04.1 and Windows XP Pro with same hardware configuration

    - by mejpark
    Hello. I have a Dell OptiPlex 360 workstation at work, with 2 x ATI RV280 [Radeon 9200 PRO] graphics cards installed, which are attached to two identical 19" HII flat panel monitors. I'm using the open source Radeon driver with Ubuntu, and the proprietary drivers with Windows. The good news is that dual head configuration works for both OSes. The bad news is, I have to use a different hardware configuration for each OS to achieve this. Hardware config #1: Dual monitors work for Windows XP Pro like this: First display -> external VGA port Second display -> DVI input on gfx card Hardware config #2: Dual monitors work for Ubuntu 10.04.1 like this: First display -> VGA port on gfx card Second display -> DVI input on gfx card I connected up the displays according to Config #2 and booted up Windows, which resulted in a mirror image on both screens. I was unable to login, as the login box was not visible. I unplugged the VGA lead from gfx card and plugged it into the external VGA port (Config #1) - Windows dual head works again, but the VGA-connected screen is not recognised by Ubuntu and remains in standby mode. Is it possible to configure a dual head setup for Ubuntu using Config #1, or am I missing something? I tried setting up dual monitors using Config #1, this morning which didn't work. By default, there is no xorg.conf file in Ubuntu 10.04.1, so I generated one using: $ sudo X :2 -configure X.Org X Server 1.7.6 Release Date: 2010-03-17 X Protocol Version 11, Revision 0 Build Operating System: Linux 2.6.24-27-server i686 Ubuntu Current Operating System: Linux harrier 2.6.32-24-generic #42-Ubuntu SMP Fri Aug 20 14:24:04 UTC 2010 i686 Kernel command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-24-generic root=UUID=a34c1931-98d4-4a34-880c-c227a2936c4a ro quiet splash Build Date: 21 July 2010 12:47:34PM xorg-server 2:1.7.6-2ubuntu7.3 (For technical support please see http://www.ubuntu.com/support) Current version of pixman: 0.16.4 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/Xorg.2.log", Time: Mon Sep 13 10:02:02 2010 List of video drivers: apm ark intel mach64 s3virge trident mga tseng ati nouveau neomagic i740 openchrome voodoo s3 i128 radeon siliconmotion nv ztv vmware v4l chips rendition savage sisusb tdfx geode sis r128 cirrus fbdev vesa (++) Using config file: "/home/michael/xorg.conf.new" (==) Using config directory: "/usr/lib/X11/xorg.conf.d" (II) [KMS] No DRICreatePCIBusID symbol, no kernel modesetting. Xorg detected your mouse at device /dev/input/mice. Please check your config if the mouse is still not operational, as by default Xorg tries to autodetect the protocol. Xorg has configured a multihead system, please check your config. Your xorg.conf file is /home/michael/xorg.conf.new To test the server, run 'X -config /home/michael/xorg.conf.new' ddxSigGiveUp: Closing log $ sudo X -config /home/michael/xorg.conf.new Fatal server error: Server is already active for display 0 If this server is no longer running, remove /tmp/.X0-lock and start again. Please consult the The X.Org Foundation support at http://wiki.x.org for help. ddxSigGiveUp: Closing log I then booted Ubuntu in failsafe mode, dropped into root shell, and executed $ X -config /home/michael/xorg.conf.new again. The screen went blank and turned off, so I reset the machine. There must be a way round this. Any help to set up a dual head config for Ubuntu using Config #1 would be hugely appreciated. TIA, Mike

    Read the article

  • Windows 7 Samba issue

    - by abduls85
    We have a strange samba issue affecting only one user. Our samba setup is as follow : Red Hat Enterprise Linux Server release 5.4 (Tikanga) - Samba Server Samba version 3.0.33-3.14.el5 - Samba version Domain Controller WIN2008R2 Standard - Windows DC Windows 7 64 bit - Client PCs User mentioned that he faced this problem after he force shutdown his PC few weeks ago. By right, for all users when we access \\sambaservername in windows it will show all the shares in the samba server but for this user once he startup his PC he will not be able to access \\sambaservername, Error message Windows cannot access \\sambaservername Current workaround to solve the problem : Try to access one share in \\sambaservername for instance \\sambaservername\sharedfolder1. But even when doing so, it will first prompt an error in the beginning, error message is as follows Logon failure: unknown user name or bad password. user need to enter the credentials again and he can access the share. Thereafter, he will be able to access \\sambaservername without any issues. But once he reboots his computer the problem will persists. Troubleshooting done so far: Ensure the following settings: Go to: Control Panel → Administrative Tools → Local Security Policy Select: Local Policies → Security Options "Network security: LAN Manager authentication level" → Send LM & NTLM responses "Minimum session security for NTLM SSP" → uncheck: Require 128-bit encryption Advise user to reset his password and try again but problem still persists Tried my account on users' PC, there is no issues. Tried user account on serveral other Windows 7 PC including mine but problem still persists. Windows XP does not have this problem. Ensure that there is no stored crendentials on the windows 7 PC. Checked the credentials manager in Control Panel as well as typing this command rundll32.exe keymgr.dll, KRShowKeyMgr Restart winbindd daemon on samba server but to no avail. I suspect this is due to some caching issue but not sure where is the issue. Whenever the user has error accessing \\sambaservername, the following errors will be logged in the samba server : [2012/10/10 17:10:26, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! [2012/10/10 17:10:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! But after workaround, there will be no more errors. I suspect after reading the article listed below some amendments need to be made to the \var\samba\cache directory : http://www.linuxquestions.org/questions/linux-server-73/getent-passwd-dont-show-ad-groups-and-users-745829/ http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/tdb.html http://lists.samba.org/archive/samba/2010-May/155521.html http://lists.samba.org/archive/samba/2011-March/161912.html http://lzeit.blogspot.sg/2009/10/samba-shares-inaccessible-after-power.html There are several users using the samba server and i would like to solve this problem without any impacts. I saw the following article : http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#WINBINDCACHETIME "winbind offline logon (G) This parameter is designed to control whether Winbind should allow to login with the pam_winbind module using Cached Credentials. If enabled, winbindd will store user credentials from successful logins encrypted in a local cache. Default: winbind offline logon = false Example: winbind offline logon = true " Any idea on how to delete the entry for one user in the local cache ?

    Read the article

  • Sharing the same `ssh-agent` among multiple login sessions

    - by intuited
    Is there a convenient way to ensure that all logins from a given user (ie me) use the same ssh-agent? I hacked out a script to make this work most of the time, but I suspected all along that there was some way to do it that I had just missed. Additionally, since that time there have been amazing advances in computing technology, like for example this website. So the goal here is that whenever I log in to the box, regardless of whether it's via SSH, or in a graphical session started from gdm/kdm/etc, or at a console: if my username does not currently have an ssh-agent running, one is started, the environment variables exported, and ssh-add called. otherwise, the existing agent's coordinates are exported in the login session's environment variables. This facility is especially valuable when the box in question is used as a relay point when sshing into a third box. In this case it avoids having to type in the private key's passphrase every time you ssh in and then want to, for example, do git push or something. The script given below does this mostly reliably, although it botched recently when X crashed and I then started another graphical session. There might have been other screwiness going on in that instance. Here's my bad-is-good script. I source this from my .bashrc. # ssh-agent-procure.bash # v0.6.4 # ensures that all shells sourcing this file in profile/rc scripts use the same ssh-agent. # copyright me, now; licensed under the DWTFYWT license. mkdir -p "$HOME/etc/ssh"; function ssh-procure-launch-agent { eval `ssh-agent -s -a ~/etc/ssh/ssh-agent-socket`; ssh-add; } if [ ! $SSH_AGENT_PID ]; then if [ -e ~/etc/ssh/ssh-agent-socket ] ; then SSH_AGENT_PID=`ps -fC ssh-agent |grep 'etc/ssh/ssh-agent-socket' |sed -r 's/^\S+\s+(\S+).*$/\1/'`; if [[ $SSH_AGENT_PID =~ [0-9]+ ]]; then # in this case the agent has already been launched and we are just attaching to it. ##++ It should check that this pid is actually active & belongs to an ssh instance export SSH_AGENT_PID; SSH_AUTH_SOCK=~/etc/ssh/ssh-agent-socket; export SSH_AUTH_SOCK; else # in this case there is no agent running, so the socket file is left over from a graceless agent termination. rm ~/etc/ssh/ssh-agent-socket; ssh-procure-launch-agent; fi; else ssh-procure-launch-agent; fi; fi; Please tell me there's a better way to do this. Also please don't nitpick the inconsistencies/gaffes ( eg putting var stuff in etc ); I wrote this a while ago and have since learned many things.

    Read the article

  • Useful Command-line Commands on Windows

    - by Sung Meister
    The aim for this Wiki is to promote using a command to open up commonly used applications without having to go through many mouse clicks - thus saving time on monitoring and troubleshooting Windows machines. Answer entries need to specify Application name Commands Screenshot (Optional) Shortcut to commands && - Command Chaining %SYSTEMROOT%\System32\rcimlby.exe -LaunchRA - Remote Assistance (Windows XP) appwiz.cpl - Programs and Features (Formerly Known as "Add or Remove Programs") appwiz.cpl @,2 - Turn Windows Features On and Off (Add/Remove Windows Components pane) arp - Displays and modifies the IP-to-Physical address translation tables used by address resolution protocol (ARP) at - Schedule tasks either locally or remotely without using Scheduled Tasks bootsect.exe - Updates the master boot code for hard disk partitions to switch between BOOTMGR and NTLDR cacls - Change Access Control List (ACL) permissions on a directory, its subcontents, or files calc - Calculator chkdsk - Check/Fix the disk surface for physical errors or bad sectors cipher - Displays or alters the encryption of directories [files] on NTFS partitions cleanmgr.exe - Disk Cleanup clip - Redirects output of command line tools to the Windows clipboard cls - clear the command line screen cmd /k - Run command with command extensions enabled color - Sets the default console foreground and background colors in console command.com - Default Operating System Shell compmgmt.msc - Computer Management control.exe /name Microsoft.NetworkAndSharingCenter - Network and Sharing Center control keyboard - Keyboard Properties control mouse(or main.cpl) - Mouse Properties control sysdm.cpl,@0,3 - Advanced Tab of the System Properties dialog control userpasswords2 - Opens the classic User Accounts dialog desk.cpl - opens the display properties devmgmt.msc - Device Manager diskmgmt.msc - Disk Management diskpart - Disk management from the command line dsa.msc - Opens active directory users and computers dsquery - Finds any objects in the directory according to criteria dxdiag - DirectX Diagnostic Tool eventvwr - Windows Event Log (Event Viewer) explorer . - Open explorer with the current folder selected. explorer /e, . - Open explorer, with folder tree, with current folder selected. F7 - View command history find - Searches for a text string in a file or files findstr - Find a string in a file firewall.cpl - Opens the Windows Firewall settings fsmgmt.msc - Shared Folders fsutil - Perform tasks related to FAT and NTFS file systems ftp - Transfers files to and from a computer running an FTP server service getmac - Shows the mac address(es) of your network adapter(s) gpedit.msc - Group Policy Editor gpresult - Displays the Resultant Set of Policy (RSoP) information for a target user and computer httpcfg.exe - HTTP Configuration Utility iisreset - To restart IIS InetMgr.exe - Internet Information Services (IIS) Manager 7 InetMgr6.exe - Internet Information Services (IIS) Manager 6 intl.cpl - Regional and Language Options ipconfig - Internet protocol configuration lusrmgr.msc - Local Users and Groups Administrator msconfig - System Configuration notepad - Notepad? ;) mmsys.cpl - Sound/Recording/Playback properties mode - Configure system devices more - Displays one screen of output at a time mrt - Microsoft Windows Malicious Software Removal Tool mstsc.exe - Remote Desktop Connection nbstat - displays protocol statistics and current TCP/IP connections using NBT ncpa.cpl - Network Connections netsh - Display or modify the network configuration of a computer that is currently running netstat - Network Statistics net statistics - Check computer up time net stop - Stops a running service. net use - Connects a computer to or disconnects a computer from a shared resource, or displays information about computer connections odbcad32.exe - ODBC Data Source Administrator pathping - A traceroute that collects detailed packet loss stats perfmon - Opens Reliability and Performance Monitor ping - Determine whether a remote computer is accessible over the network powercfg.cpl - Power management control panel applet quser - Display information about user sessions on a terminal server qwinsta - See disconnected remote desktop sessions reg.exe - Console Registry Tool for Windows regedit - Registry Editor rasdial - Connects to a VPN or a dialup network robocopy - Backup/Restore/Copy large amounts of files reliably rsop.msc - Resultant Set of Policy (shows the combined effect of all group policies active on the current system/login) runas - Run specific tools and programs with different permissions than the user's current logon provides sc - Manage anything you want to do with services. schtasks - Enables an administrator to create, delete, query, change, run and end scheduled tasks on a local or remote system. secpol.msc - Local Security Settings services.msc - Services control panel set - Displays, sets, or removes cmd.exe environment variables. set DIRCMD - Preset dir parameter in cmd.exe start - Starts a separate window to run a specified program or command start. - opens the current directory in the Windows Explorer. shutdown.exe - Shutdown or Reboot a local/remote machine subst.exe - Associates a path with a drive letter, including local drives systeminfo -Displays a comprehensive information about the system taskkill - terminate tasks by process id (PID) or image name tasklist.exe - List Processes on local or a remote machine taskmgr.exe - Task Manager telephon.cpl - Telephone and Modem properties timedate.cpl - Date and Time title - Change the title of the CMD window you have open tracert - Trace route wmic - Windows Management Instrumentation Command-line winver.exe - Find Windows Version wscui.cpl - Windows Security Center wuauclt.exe - Windows Update AutoUpdate Client

    Read the article

  • Increase samba space on open suse 12.1

    - by Kapil Sharma
    I know linux basics but not an expert. IT guy left the job here and there is some time before new hire. So sorry if question is very basic. We have local testing server based on Open SUSE 12.1, which also act as shared drive between dev/mgmt team here and using Samba for that. Now we are running out of space on samba, even though server's 2*1TB harddisk is nearly 90% free. My question is, what is limiting Samba and how can I increase its limit? We need around at least 500 GB as shared drive but currently its just 25 GB. I don't need step by step answer, just a link to any helpful article would be sufficient. Probably I'm putting wrong keywords in google so not getting any helpful link. EDIT: Output of commands in the first comment. All commands were run as root user df -h (getting error with df -ht) Filesystem Size Used Avail Use% Mounted on rootfs 30G 5.1G 23G 19% / devtmpfs 2.0G 36K 2.0G 1% /dev tmpfs 2.0G 1.1M 2.0G 1% /dev/shm tmpfs 2.0G 676K 2.0G 1% /run /dev/sda2 30G 5.1G 23G 19% / tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup tmpfs 2.0G 676K 2.0G 1% /var/run tmpfs 2.0G 0 2.0G 0% /media tmpfs 2.0G 676K 2.0G 1% /var/lock /dev/sda3 36G 31G 3.3G 91% /home fdisk -l /dev/[hmsv]d* Disk /dev/sda: 80.0 GB, 80026361856 bytes 255 heads, 63 sectors/track, 9729 cylinders, total 156301488 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x2d4a2d49 Device Boot Start End Blocks Id System /dev/sda1 2048 16771071 8384512 82 Linux swap / Solaris /dev/sda2 * 16771072 79681535 31455232 83 Linux /dev/sda3 79681536 156301311 38309888 83 Linux Disk /dev/sda1: 8585 MB, 8585740288 bytes 255 heads, 63 sectors/track, 1043 cylinders, total 16769024 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/sda1 doesn't contain a valid partition table Disk /dev/sda2: 32.2 GB, 32210157568 bytes 255 heads, 63 sectors/track, 3915 cylinders, total 62910464 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Device Boot Start End Blocks Id System Disk /dev/sda3: 39.2 GB, 39229325312 bytes 255 heads, 63 sectors/track, 4769 cylinders, total 76619776 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/sda3 doesn't contain a valid partition table vgs No volume groups found lvs No volume groups found output of vi /etc/samba/smb.conf # smb.conf is the main Samba configuration file. You find a full commented # version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the # samba-doc package is installed. # Date: 2011-11-02 [global] workgroup = WORKGROUP passdb backend = tdbsam printing = cups printcap name = cups printcap cache time = 750 cups options = raw map to guest = Bad User include = /etc/samba/dhcp.conf logon path = \\%L\profiles\.msprofile logon home = \\%L\%U\.9xprofile logon drive = P: usershare allow guests = Yes [homes] comment = Home Directories valid users = %S, %D%w%S browseable = No read only = No inherit acls = Yes [profiles] comment = Network Profiles Service path = %H read only = No store dos attributes = Yes create mask = 0600 directory mask = 0700 [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 [allusers] comment = All Users path = /home/shares/allusers valid users = @users force group = users create mask = 0660 directory mask = 0771 writable = yes

    Read the article

  • Setting up RADIUS + LDAP for WPA2 on Ubuntu

    - by Morten Siebuhr
    I'm setting up a wireless network for ~150 users. In short, I'm looking for a guide to set RADIUS server to authenticate WPA2 against a LDAP. On Ubuntu. I got a working LDAP, but as it is not in production use, it can very easily be adapted to whatever changes this project may require. I've been looking at FreeRADIUS, but any RADIUS server will do. We got a separate physical network just for WiFi, so not too many worries about security on that front. Our AP's are HP's low end enterprise stuff - they seem to support whatever you can think of. All Ubuntu Server, baby! And the bad news: I now somebody less knowledgeable than me will eventually take over administration, so the setup has to be as "trivial" as possible. So far, our setup is based only on software from the Ubuntu repositories, with exception of our LDAP administration web application and a few small special scripts. So no "fetch package X, untar, ./configure"-things if avoidable. UPDATE 2009-08-18: While I found several useful resources, there is one serious obstacle: Ignoring EAP-Type/tls because we do not have OpenSSL support. Ignoring EAP-Type/ttls because we do not have OpenSSL support. Ignoring EAP-Type/peap because we do not have OpenSSL support. Basically the Ubuntu version of FreeRADIUS does not support SSL (bug 183840), which makes all the secure EAP-types useless. Bummer. But some useful documentation for anybody interested: http://vuksan.com/linux/dot1x/802-1x-LDAP.html http://tldp.org/HOWTO/html_single/8021X-HOWTO/#confradius UPDATE 2009-08-19: I ended up compiling my own FreeRADIUS package yesterday evening - there's a really good recipe at http://www.linuxinsight.com/building-debian-freeradius-package-with-eap-tls-ttls-peap-support.html (See the comments to the post for updated instructions). I got a certificate from http://CACert.org (you should probably get a "real" cert if possible) Then I followed the instructions at http://vuksan.com/linux/dot1x/802-1x-LDAP.html. This links to http://tldp.org/HOWTO/html_single/8021X-HOWTO/, which is a very worthwhile read if you want to know how WiFi security works. UPDATE 2009-08-27: After following the above guide, I've managed to get FreeRADIUS to talk to LDAP: I've created a test user in LDAP, with the password mr2Yx36M - this gives an LDAP entry roughly of: uid: testuser sambaLMPassword: CF3D6F8A92967E0FE72C57EF50F76A05 sambaNTPassword: DA44187ECA97B7C14A22F29F52BEBD90 userPassword: {SSHA}Z0SwaKO5tuGxgxtceRDjiDGFy6bRL6ja When using radtest, I can connect fine: > radtest testuser "mr2Yx36N" sbhr.dk 0 radius-private-password Sending Access-Request of id 215 to 130.225.235.6 port 1812 User-Name = "msiebuhr" User-Password = "mr2Yx36N" NAS-IP-Address = 127.0.1.1 NAS-Port = 0 rad_recv: Access-Accept packet from host 130.225.235.6 port 1812, id=215, length=20 > But when I try through the AP, it doesn't fly - while it does confirm that it figures out the NT and LM passwords: ... rlm_ldap: sambaNTPassword -> NT-Password == 0x4441343431383745434139374237433134413232463239463532424542443930 rlm_ldap: sambaLMPassword -> LM-Password == 0x4346334436463841393239363745304645373243353745463530463736413035 [ldap] looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? [ldap] user testuser authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Normalizing NT-Password from hex encoding [pap] Normalizing LM-Password from hex encoding ... It is clear that the NT and LM passwords differ from the above, yet the message [ldap] user testuser authorized to use remote access - and the user is later rejected...

    Read the article

  • DHCP and DNS services configuration for VOIP system, windows domain, etc

    - by Stemen
    My company has numerous physical offices (for purposes of this discussion, 15 buildings). Some of them are well-connected to our primary data center via fiber. Others will be connected to the data center by P2P T1. We are in the beginning stages of implementing an Avaya VOIP telephone system, and we will be replacing a significant portion of our network infrastructure in the process. In tandem with the phone system implementation, we are going to be re-addressing some of our networks, and consolidating most of our Windows domains into one (not all domains, just most). We currently have quite a few Windows domains, and they of course each have their own DNS zones. A few of those networks currently use DHCP, but the majority use static IP assignments for every device. I'm tired of managing static assignments -- I want to use DHCP configuration on everything except servers. Printers and etc will have DHCP reservations. The new IP phones will need to get IP addresses from DHCP, though they need to be in a separate VLAN from the computers/printers/etc. The computers and printers need to be registered in DNS. That's currently handled by the Windows DHCP servers on each of the respective domains. We need to place a priority on DHCP and DNS being available on a per-site basis (in case something were to interrupt the WAN connection) for computers and (primarily) phones. Smaller locations (which will have IP phones but not be a member of any Windows domain) will not have any Windows DNS/DHCP server(s) available. We also are looking for the easiest way to replace a part if it were to fail. That is to say, if a server/appliance/router hosting DHCP were to crash hard, and we couldn't extremely quickly recover the DHCP reservations and leases (and subsequently restore them onto a cold spare), we anticipate that bad things could happen. What is the best idea for how to re-implement DNS and DHCP keeping all of the above in mind? Some thoughts that have been raised (by myself or my coworkers): Use Windows DNS and DHCP servers, where they exist, and use IP helpers to route DHCP requests to some other Windows server if necessary. May not be acceptable if the WAN goes down and clients don't get a DHCP response. Use Windows DNS (everywhere, over WAN in some cases) and a mix of Windows DHCP and DHCP provided by Cisco routers. Every site would be covered for DHCP, but from what I've read, Cisco routers can't handle dynamic registration of DHCP clients to Windows DNS servers, which might create a problem where Cisco routers are used for DHCP. Use Windows DNS (everywhere, over WAN in some cases) and a mix of Windows DHCP and DHCP provided by some service running on an extremely low-price linux server. Is there any such software that would allow DHCP leases granted by these linux boxes to be dynamically registered on the Windows DNS servers? Come up with a Linux solution for both DNS and DHCP, and deploy low-price linux servers to every site. Requirements would be that the DNS zone be multi-master (like Windows DNS integrated with Active Directory), that DHCP be able to make dynamic DNS registrations in that zone, for every lease (where a hostname is provided and is thus possible), and that multiple servers be either authoritative for the same DHCP scope or at least receiving a real-time copy / replication / sync of the leases table so that if one server dies, we still know which MAC has what address. Purchase dedicated DNS/DHCP appliances, deploying to all sites. From what I read/see, this solves all of our technical problems. Then come the financial problems... I don't have a ton of money to spend on this. Or, some other solution that we've thus far overlooked and will consider upon recommendation. Can Cisco routers or Windows servers sync DHCP lease tables so that multiple servers can be authoritative (or active/passive for all I care) for the same scope, in case one of the partners were to fail? I've read online (repeatedly) that ISC's DHCP is able to maintain the same lease table across multiple servers, in order to solve this problem. Does anyone have any experience or advice to regarding that?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 333 334 335 336 337 338 339 340 341 342 343 344  | Next Page >