Search Results

Search found 1693 results on 68 pages for 'hostname'.

Page 36/68 | < Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >

  • What's required to configure Ubuntu to use a specific DNS server?

    - by ks78
    I've setup two Amazon EC2 instances, both running Ubuntu Server. One is configured as a DNS server running bind9, which will be used to allow EC2 instances to communicate with each other based on hostname rather than IP, since their private IPs may change. I think I have the DNS server setup correctly. I want to use the second EC2 instance to test the DNS server. Using Webmin, I've added the DNS server's private IP to the client's DNS Servers list and added the domain to the Search Domains list. I did have to edit /etc/dhcp3/dhclint.conf to make my changes stick. After reboot, I expected I'd be able to ping or nslookup the DNS server from the test client, but it can't seem to find the server. Is there something I'm missing? What's required to configure an Ubuntu client to use a DNS server? I just want to make sure I'm not missing something before I assume the server's the problem.

    Read the article

  • Poor upload/download speed on 2 x ADSL lines into a Cisco 2621XM

    - by 2020mobile
    Hi, Sorry never been on this site before so I apologise if not the right section or even forum. I have users complaining of very slow internetn connectivity on site and have checked with our ISP who have said that the line is testing at 8mb. We have 2 x BT lines that have our ISP broadand on them. Both lines go into a Cisco 2600 series router that then has a PIX firewall off that. Connectivity is successful just gone really slow and unable to download anything. Config is below: version 12.3 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname ROUTER-ADSL-INTERNET ! logging buffered 16384 informational enable secret xxx enable password xxx ! username xxx username xxx clock summer-time UK recurring last Sun Mar 1:00 last Sun Oct 1:00 aaa new-model ! ! aaa authentication login default local aaa authorization exec default local aaa session-id common ip subnet-zero no ip source-route ! ! ! ip audit notify log ip audit po max-events 100 no ip bootp server ip name-server 213.208.106.212 no mpls ldp logging neighbor-changes no ftp-server write-enable ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! ! ! ! ! ! ! interface ATM0/0 description 01270 111111 no ip address no atm ilmi-keepalive pvc 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! dsl operating-mode auto ! interface FastEthernet0/0 ip address 82.133.32.9 255.255.255.248 shutdown speed 100 full-duplex no cdp enable ! interface ATM0/1 description 01270 222222 no ip address no atm ilmi-keepalive pvc 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! dsl operating-mode auto ! interface FastEthernet0/1 ip address 217.146.115.49 255.255.255.240 duplex auto speed auto no cdp enable ! interface Dialer0 ip address 217.146.115.250 255.255.255.248 encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap callin ppp chap hostname [email protected] ppp chap password 7 xxxxx ppp multilink ! ip classless ip route 0.0.0.0 0.0.0.0 Dialer0 ! no ip http server no ip http secure-server ! no logging trap access-list 10 permit 217.146.115.50 access-list 10 permit 82.133.32.10 access-list 10 deny any access-list 22 permit 217.146.115.50 access-list 22 permit 217.206.239.86 access-list 22 permit 82.133.32.10 access-list 22 deny any dialer-list 1 protocol ip permit no cdp run ! ! snmp-server community xxxxxx RO 10 snmp-server enable traps tty radius-server authorization permit missing Service-Type ! ! ! ! ! ! line con 0 exec-timeout 5 0 password 7 xxxxxx line aux 0 no exec line vty 0 4 access-class 22 in exec-timeout 5 0 password 7 xxxxxx transport input telnet ssh transport output none line vty 5 15 password 7 xxxxxx transport input telnet ssh ! ntp clock-period 17180095 ntp server 130.88.200.98 ! ! end Now my knowledge is very limited but ISP have said that while the lines are bonded each needs a seperate login as they've recently changed their L2TP router and that enforces the use of seperate logins - when the lines were configured we were given two logins. So, my question is what changes do I need to make to the config in order to get this working? it was ok before their change and I do have another login :- 01270 111111 - [email protected] 01270 222222 - [email protected] Apologies for the long email and thanks for taking the time to read it. Any more info I can provide please let me know. Thanks,

    Read the article

  • Dynamic DNS registration for VPN clients

    - by Eric Falsken
    I've got a VPN server set up in my Active Directory on a remote network. (VPN Server is separate box from DNS/AD) When I dial into the network (client machine is not a member of the AD) the machine does not register its IP or Hostname in the DNS. I've played with all possible combinations of DHCP and RRAS-allocated IP pools, and none of them seem to cause my client to register. Is it because my client has to be a member of the domain? Are there some security settins I can tweak so that it can register its hostname/ip? I've looked in the event logs (System and Security) for the AD, DNS, DHCP, RRAS, and the client machine, and don't see anything relating to DNS Registration. Here's the IPConfig on the client machine (once connected): PPP adapter My VPN Name: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . . . . . : My VPN Name Physical Address. . . . . . . . . : DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.1.22(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 192.168.1.52 <- DC1 192.168.1.53 <- DC2 NetBIOS over Tcpip. . . . . . . . : Enabled Edit: It looks like my clients are not recieving the DHCP Scoope Options. I found this great article in Microsoft's KB. So the problem here is that the VPN Server "pre-reserves" the DHCP addresses, but then you have to add the DHCP Relay Agent to relay the secondary request for scope options. My problem is that the DHCP Relay Agent isn't relaying to the local DHCP server (same box as the VPN/RRAS). I've configured the DHCP Relay Agent according to this KB, but it dosn't work for a local DHCP server. (I see the request count increasing, but no responses) I was able to get everything working by specifying the DNS server and domain name in the VPN connection properties on the client. But am still unable to assign it (or the default gateway) dynamically via DHCP. The client also has to be a member of the remote domain.

    Read the article

  • Installing ZendServer on IIS6

    - by Wayne M
    I need to run ASP and PHP applications side by side, so I installed ZendServer Community Edition on our existing Server 2003 platform. I specified it to use the existing IIS instance so I don't have to deal with multiple ports (we use ZoneEdit to manage our DNS and they don't seem to allow anything other than port 80 without forwarding). The install went smooth but when I try to configure and manage the install by going to http://localhost/ZendServer (or even just localhost) I get a Bad Request (Invalid Hostname) error. I haven't done anything except install the server, and this is my first time working with ZendServer. How do I fix this so I can get things set up?

    Read the article

  • How to go to a website on a shared server by its ip address?

    - by user1502776
    I have a few questions, please help: Fist, I can access google search just by typing http://74.125.224.211 because this is the ip address returned by nslookup. However, I could not do so with ip addresses returned from www.yahoo.com. How do I go to yahoo search page by its ip ? Another example, http://www.allaboutcircuits.com will resolve to 68.233.243.63 by DNS server, but if I go to http://68.233.243.63 I got "Hello world!" , lol ! Second, for some reason, there is something wrong with DNS resolvers with my web hosting service (it will not be fixed !!). So command like, get_file_contents("http://www.allaboutcircuits.com"); will return php_network_getaddresses: getaddrinfo failed: Name or service not known How do I get around this with IP address , 68.233.243.63 I mean somehow attach the HTTP hostname parameter to get_file_contents() ? I would like to solve this on my own side (in my code), no troubleshooting/adjustment will be done by server admin.

    Read the article

  • sqlcmd won't execute - Claims Native Client not installed properly

    - by nuit9
    I'm trying to use sqlcmd to execute some SQL scripts. Using a test command with a simple query like: sqlcmd -S HOSTNAME -d MYDATABASE -Q 'SELECT Names FROM Customers' sqlcmd does not appear to make any attempt to connect to the server as it displays this message: Sqlcmd: Error: Connection failure. SQL Native Client is not installed correctly. To correct this, run SQL Server Setup. The native client was presumably installed as part of the SQL Server setup and likely correctly. I actually get this message on any machine with SQL server installed trying to use sqlcmd so it's not a matter of the installation being corrupt. Unfortunately the message really tells me nothing about the problem so I don't know what the real issue is. I know the SQL Native client is working properly since a vbscript was able to execute SQL queries against the database. Is there some additional configuration needed to use sqlcmd?

    Read the article

  • Stop single NLB node at command line

    - by Patrik Hägne
    We have a NLB cluster set up for our public web servers. I'm trying to stop the "localhost" in the cluster from the command line using NLB.EXE. When I write "nbl stop" it seems that all nodes are stopped but I only want the local node (the server I'm running the command prompt on) to be stopped in the cluster. When I try specifying the node using the command "nlb stop 192.168.182.104:HOSTNAME" it fails, saying "Did not receive response from the cluster". Am I not specifying the cluster and the host correctly?

    Read the article

  • SSH tunnel over http proxy with blocked 443 (SSL)

    - by Evgeny Zhulenev
    Is it possible to create an SSH tunnel over http-proxy when https access is denied? I had such configuration in .ssh\config Host home User root Hostname *my-home-pc-with-ssh-access-allowed* Port 8090 ProxyCommand corkscrew db-isa-01 8080 %h %p ~/.ssh/.corkscrew-db-isa-auth IdentityFile ~/.ssh/id_rsa Where db-isa-01 is my corporate proxy server. Today the admins blocked all https access and allowed it only for few servers on the white list. I used this command to create a tunnel: ssh -D 7070 -o 'GatewayPorts yes' -A -q -g -t root@home and now it doesn't work. As I can understand, that's because our proxy denies all https connections Proxy could not open connnection to ***: Proxy Error ( The specified Secure Sockets Layer (SSL) port is not allowed. Forefront TMG is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. ) P.S. I use Windows 7, and corscskrew with cygwin, so Linux solutions not suitable for me.

    Read the article

  • SSL cert issued to and SAN attribute

    - by Jai
    I have added a cert to my application cacerts file. The new cert is issued to one DNS(abc.com) and they have added few other DNS(XYZ.com, TEST.com) to the SAN attribute while creating. I tried accessing one of the DNS(XYZ.com) given in SAN attribute, it throws me the below mentioned error. <Certificate chain received from XYZ.com failed hostname verification check. Certificate contained abc.com but check expected XYZ.com> If we have more DNS for an application, Do we need to generate cert for every single DNS?

    Read the article

  • Can't SSH into a Vagrant Virtual Machine

    - by Christopher Ickes
    Local Vagrant machine installed at ip address 10.0.0.23 and hostname lamp-vm. Using vagrant ssh I can connect just fine and do everything I need. This creates an ERROR - ssh vagrant@lamp-vm -v -v and I get debug1: connect to address 10.0.0.23 port 22: Connection timed out ssh: connect to host lamp-vm port 22: Connection timed out My etc/hosts file contains 10.0.0.23 lamp-vm. My .ssh/config file looks like Host lamp-vm User vagrant IdentityFile ~/.ssh/vagrant I have tried the ssh command with and without the -i /path/to/.sh/identity_file as well. How do I connect to my Vagrant Virtual Machine using SSH?

    Read the article

  • migrating puppet clients to a new puppet master (old puppet master server gone, only using backup)

    - by user47650
    My puppet master server had a hardware failure, and I have restored to another box. However this box has different hardware and hostname. If I restore the existing /etc/puppet directory to the new server, the puppetmaster will not start with the following error; # puppetmasterd --debug --verbose Could not prepare for execution: Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key So what steps do I need to take to allow the new puppetmaster to start, and to generate a new puppetmaster certificate using the old ca.. Also will the puppet clients actually report in to a different puppet server using a server certificate that has been generated with the old CA?

    Read the article

  • Is there a way to capture the "network user name" and the "host name" during a "login failed" alert

    - by Jorge Rivera
    I am a SQL Server 7 DBA and I would like to "improve" the default "Login failed" alert that brings SQL 7. I need a way to know what "user" (network user name) was trying to connect to the server (not only the SQL user account) and I would like to know from where the user was trying to connect (the hostname). Does someone know if this is possible? Using the SQL Profiler is not the best way since is a resource consuming task. Would be a way to setup an alert for doing this? Thanks in advance.

    Read the article

  • Redmine on Redhat/CentOS 5 Without using virtual hosts

    - by flyclassic
    I've have followed all the steps to install Redmine on CentOS 5, except for the Apache part: http://www.redmine.org/projects/redmine/wiki/HowTo_install_Redmine_on_CentOS_5 I do not want to configure a virtualhost as we are not using virtual hosts. Can I configure Redmine to run with http://hostname/redmine? Apparently it doesn't work for my case. Redmine was extracted in to the webserver document root /var/www/html/ called /var/www/html/redmine What I did was added a redmine.conf to /etc/httpd/conf.d/ with the following configuration and restarted the server: <Location "/redmine"> Options Indexes ExecCGI FollowSymLinks -MultiViews Order allow,deny Allow from all AllowOverride all PassengerEnabled On RailsBaseURI /var/www/html/redmine RailsEnv production </Location> now i got this error Further information about the error may have been written to the application's log file. Please check it in order to analyse the problem. Error message: No such file or directory - config/environment.rb Exception class: Errno::ENOENT Application root: /var/www/html Where have I gone wrong?

    Read the article

  • how connect to local mysql server (LAN)

    - by clarkk
    I got two Debian 6 servers - one for web and one for the database.. How can I connect through the local area network? On both servers I have permanently changed the hostnames /etc/hostname /etc/hosts web => web-server db => db-server In the privileges in mysql I have set the root user to accept requests from web-server (instead of localhost) and from the web-server I connect to db-server in my.cnf I have escaped the following line: # bind-address = 127.0.0.1 error Warning: mysqli::mysqli(): (HY000/2005): Unknown MySQL server host 'db-server' (1)

    Read the article

  • How do I make Linux recognize a new SATA /dev/sda drive I hot swapped in without rebooting?

    - by Philip Durbin
    Hot swapping out a failed SATA /dev/sda drive worked fine, but when I went to swap in a new drive, it wasn't recognized: [root@fs-2 ~]# tail -18 /var/log/messages May 5 16:54:35 fs-2 kernel: ata1: exception Emask 0x10 SAct 0x0 SErr 0x50000 action 0xe frozen May 5 16:54:35 fs-2 kernel: ata1: SError: { PHYRdyChg CommWake } May 5 16:54:40 fs-2 kernel: ata1: link is slow to respond, please be patient (ready=0) May 5 16:54:45 fs-2 kernel: ata1: device not ready (errno=-16), forcing hardreset May 5 16:54:45 fs-2 kernel: ata1: soft resetting link May 5 16:54:50 fs-2 kernel: ata1: link is slow to respond, please be patient (ready=0) May 5 16:54:55 fs-2 kernel: ata1: SRST failed (errno=-16) May 5 16:54:55 fs-2 kernel: ata1: soft resetting link May 5 16:55:00 fs-2 kernel: ata1: link is slow to respond, please be patient (ready=0) May 5 16:55:05 fs-2 kernel: ata1: SRST failed (errno=-16) May 5 16:55:05 fs-2 kernel: ata1: soft resetting link May 5 16:55:10 fs-2 kernel: ata1: link is slow to respond, please be patient (ready=0) May 5 16:55:40 fs-2 kernel: ata1: SRST failed (errno=-16) May 5 16:55:40 fs-2 kernel: ata1: limiting SATA link speed to 1.5 Gbps May 5 16:55:40 fs-2 kernel: ata1: soft resetting link May 5 16:55:45 fs-2 kernel: ata1: SRST failed (errno=-16) May 5 16:55:45 fs-2 kernel: ata1: reset failed, giving up May 5 16:55:45 fs-2 kernel: ata1: EH complete I tried a couple things to make the server find the new /dev/sda, such as rescan-scsi-bus.sh but they didn't work: [root@fs-2 ~]# echo "---" > /sys/class/scsi_host/host0/scan -bash: echo: write error: Invalid argument [root@fs-2 ~]# [root@fs-2 ~]# /root/rescan-scsi-bus.sh -l [snip] 0 new device(s) found. 0 device(s) removed. [root@fs-2 ~]# [root@fs-2 ~]# ls /dev/sda ls: /dev/sda: No such file or directory I ended up rebooting the server. /dev/sda was recognized, I fixed the software RAID, and everything is fine now. But for next time, how can I make Linux recognize a new SATA drive I have hot swapped in without rebooting? The operating system in question is RHEL5.3: [root@fs-2 ~]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 5.3 (Tikanga) The hard drive is a Seagate Barracuda ES.2 SATA 3.0-Gb/s 500-GB, model ST3500320NS. Here is the lscpi output: [root@fs-2 ~]# lspci 00:00.0 RAM memory: nVidia Corporation MCP55 Memory Controller (rev a2) 00:01.0 ISA bridge: nVidia Corporation MCP55 LPC Bridge (rev a3) 00:01.1 SMBus: nVidia Corporation MCP55 SMBus (rev a3) 00:02.0 USB Controller: nVidia Corporation MCP55 USB Controller (rev a1) 00:02.1 USB Controller: nVidia Corporation MCP55 USB Controller (rev a2) 00:04.0 IDE interface: nVidia Corporation MCP55 IDE (rev a1) 00:05.0 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:05.1 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:05.2 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:06.0 PCI bridge: nVidia Corporation MCP55 PCI bridge (rev a2) 00:08.0 Bridge: nVidia Corporation MCP55 Ethernet (rev a3) 00:09.0 Bridge: nVidia Corporation MCP55 Ethernet (rev a3) 00:0a.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0b.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0c.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0d.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0e.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0f.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:18.0 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] HyperTransport Technology Configuration 00:18.1 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Address Map 00:18.2 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] DRAM Controller 00:18.3 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Miscellaneous Control 00:19.0 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] HyperTransport Technology Configuration 00:19.1 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Address Map 00:19.2 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] DRAM Controller 00:19.3 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Miscellaneous Control 03:00.0 VGA compatible controller: Matrox Graphics, Inc. MGA G200e [Pilot] ServerEngines (SEP1) (rev 02) 04:00.0 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 06) 04:00.1 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 06) Update: In perhaps a dozen cases, we've been forced to reboot servers because hot swap hasn't "just worked." Thanks for the answers to look more into the SATA controller. I've included the lspci output for the problematic system above (hostname: fs-2). I could still use some help understanding what exactly isn't supported hardware-wise in terms of hot swap for that system. Please let me know what other output besides lspci might be useful. The good news is that hot swap "just worked" today on one of our servers (hostname: www-1), which is very rare for us. Here is the lspci output: [root@www-1 ~]# lspci 00:00.0 RAM memory: nVidia Corporation MCP55 Memory Controller (rev a2) 00:01.0 ISA bridge: nVidia Corporation MCP55 LPC Bridge (rev a3) 00:01.1 SMBus: nVidia Corporation MCP55 SMBus (rev a3) 00:02.0 USB Controller: nVidia Corporation MCP55 USB Controller (rev a1) 00:02.1 USB Controller: nVidia Corporation MCP55 USB Controller (rev a2) 00:04.0 IDE interface: nVidia Corporation MCP55 IDE (rev a1) 00:05.0 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:05.1 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:05.2 IDE interface: nVidia Corporation MCP55 SATA Controller (rev a3) 00:06.0 PCI bridge: nVidia Corporation MCP55 PCI bridge (rev a2) 00:08.0 Bridge: nVidia Corporation MCP55 Ethernet (rev a3) 00:09.0 Bridge: nVidia Corporation MCP55 Ethernet (rev a3) 00:0b.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0c.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:0f.0 PCI bridge: nVidia Corporation MCP55 PCI Express bridge (rev a3) 00:18.0 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] HyperTransport Configuration 00:18.1 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] Address Map 00:18.2 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] DRAM Controller 00:18.3 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] Miscellaneous Control 00:18.4 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] Link Control 00:19.0 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] HyperTransport Configuration 00:19.1 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] Address Map 00:19.2 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] DRAM Controller 00:19.3 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] Miscellaneous Control 00:19.4 Host bridge: Advanced Micro Devices [AMD] K10 [Opteron, Athlon64, Sempron] Link Control 03:00.0 VGA compatible controller: Matrox Graphics, Inc. MGA G200e [Pilot] ServerEngines (SEP1) (rev 02) 04:00.0 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 06) 04:00.1 PCI bridge: NEC Corporation uPD720400 PCI Express - PCI/PCI-X Bridge (rev 06) 09:00.0 SCSI storage controller: LSI Logic / Symbios Logic SAS1064ET PCI-Express Fusion-MPT SAS (rev 04)

    Read the article

  • Require TLS on RDP for all connections

    - by MarkM
    I have a 2008 DC and a 2008 AD CS server and a Windows 7 client. What I would like is to require the certificate to be used when RDPing to the server. The certificate is valid, and if I connect using the FQDN I am shown that i was authenticated by both the certificate and Kerberos as expected. When I connect with just the hostname I am allowed to connect and am only authenticated by Kerberos, even though I have Require TLS 1.0 set on the server that I am RDPing to. I fully understand that the certificate will not be valid unless the server is accessed by FQDN, what I want to do is disallow connections that do not use the certificate AND Kerberos. I thought that setting Require TLS 1.0 would do it. What am I missing?

    Read the article

  • Active directory authentication for Ubuntu Linux login and cifs mounting home directories...

    - by Jamie
    I've configured my Ubuntu 10.04 Server LTS Beta 2 residing on a windows network to authenticate logins using active directory, then mount a windows share to serve as there home directory. Here is what I did starting from the initial installation of Ubuntu. Download and install Ubuntu Server 10.04 LTS Beta 2 Get updates # sudo apt-get update && sudo apt-get upgrade Install an SSH server (sshd) # sudo apt-get install openssh-server Some would argue that you should "lock sshd down" by disabling root logins. I figure if your smart enough to hack an ssh session for a root password, you're probably not going to be thwarted by the addition of PermitRootLogin no in the /etc/ssh/sshd_config file. If your paranoid or not simply not convinced then edit the file or give the following a spin: # (grep PermitRootLogin /etc/ssh/sshd_conifg && sudo sed -ri 's/PermitRootLogin ).+/\1no/' /etc/ssh/sshd_conifg) || echo "PermitRootLogin not found. Add it manually." Install required packages # sudo apt-get install winbind samba smbfs smbclient ntp krb5-user Do some basic networking housecleaning in preparation for the specific package configurations to come. Determine your windows domain name, DNS server name, and IP address for the active directory server (for samba). For conveniance I set environment variables for the windows domain and DNS server. For me it was (my AD IP address was 192.168.20.11): # WINDOMAIN=mydomain.local && WINDNS=srv1.$WINDOMAIN If you want to figure out what your domain and DNS server is (I was contractor and didn't know the network) check out this helpful reference. The authentication and file sharing processes for the Windows and Linux boxes need to have their clocks agree. Do this with an NTP service, and on the server version of Ubuntu the NTP service comes installed and preconfigured. The network I was joining had the DNS server serving up the NTP service too. # sudo sed -ri "s/^(server[ \t]).+/\1$WINDNS/" /etc/ntp.conf Restart the NTP daemon # sudo /etc/init.d/ntp restart We need to christen the Linux box on the new network, this is done by editing the host file (replace the DNS of with the FQDN of the windows DNS): # sudo sed -ri "s/^(127\.0\.0\.1[ \t]).*/\1$(hostname).$WINDOMAIN localhost $(hostname)/" /etc/hosts Kerberos configuration. The instructions that follow here aren't to be taken literally: the values for MYDOMAIN.LOCAL and srv1.mydomain.local need to be replaced with what's appropriate for your network when you edit the files. Edit the (previously installed above) /etc/krb5.conf file. Find the [libdefaults] section and change (or add) the key value pair (and it is in UPPERCASE WHERE IT NEEDS TO BE): [libdefaults] default_realm = MYDOMAIN.LOCAL Add the following to the [realms] section of the file: MYDOMAIN.LOCAL = { kdc = srv1.mydomain.local admin_server = srv1.mydomain.local default_domain = MYDOMAIN.LOCAL } Add the following to the [domain_realm] section of the file: .mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL Conmfigure samba. When it's all said done, I don't know where SAMBA fits in ... I used cifs to mount the windows shares ... regardless, my system works and this is how I did it. Replace /etc/samba/smb.conf (remember I was working from a clean distro of Ubuntu, so I wasn't worried about breaking anything): [global] security = ads realm = MYDOMAIN.LOCAL password server = 192.168.20.11 workgroup = MYDOMAIN idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes encrypt passwords = yes winbind use default domain = yes restrict anonymous = 2 Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start Setup the authentication. Edit the /etc/nsswitch.conf. Here are the contents of mine: passwd: compat winbind group: compat winbind shadow: compat winbind hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start At this point I could login, home directories didn't exist, but I could login. Later I'll come back and add how I got the cifs automounting to work. Numerous resources were considered so I could figure this out. Here is a short list (a number of these links point to mine own questions on the topic): Samba Kerberos Active Directory WinBind Mounting Linux user home directories on CIFS server Authenticating OpenBSD against Active Directory How to use Active Directory to authenticate linux users Mounting windows shares with Active Directory permissions Using Active Directory authentication with Samba on Ubuntu 9.10 server 64bit How practical is to authenticate a Linux server against AD? Auto-mounting a windows share on Linux AD login

    Read the article

  • Setting alias for DynDNS domain

    - by metalball
    Hey all, I've created DynDNS domain for testing my local sites, and i'm having trouble with pointing to root domain. From my registrar (GoDaddy) I've created a CNAME for www to point my example.dyndns.com so going to url www.example.com I'm reaching my site. But if I'm going to example.com I'm reaching to the IP of the A record. I can't set the IP for the A record to be my IP because I have dynamic IP, and it changes constatly, and I can't point the A record to domain, only IP. When trying to create CNAME record @ to point example.dyndns.com I'm getting error "A record of a different type exists for the hostname @, could not create CNAME" The only record using the '@' host are NS record, which I can't delete, and when tried to set another NS record with @ point to example.dyndns.com, I've lost connection to my site :) So what can I do to get example.com url reach my site? Thanx!

    Read the article

  • Why does cd print when run in command substitution?

    - by reasgt
    If I use the 'cd' BASH built-in in a command substitution, it prints extra stuff to stdout, but only when piped to, eg., less. $ echo `cd .` # The output is a single newline, appended by echo. $ echo `cd .` | less # less displays: ESC]2;my.hostname.com - tmp/testenv^G (END) What's going on there? This behavior isn't documented in the bash man page for cd. Obviously, running just 'cd' in a command substitution is silly, but something like NEWDIR=`cd mypath; pwd` could be useful. I solved this by instead using NEWVAR=`cd mypath > /dev/null 2>&1; pwd` but I still want to know what's going on. Bash Version: GNU bash, version 3.2.25(1)-release (x86_64-redhat-linux-gnu) Copyright (C) 2005 Free Software Foundation, Inc. Distro: Scientific Linux SL release 5.5 (Boron)

    Read the article

  • Failed reverse DNS and SPF only when using Thunderbird!

    - by TruMan1
    I have a reverse DNS and SPF records correctly setup for my mail server. Sending webmail from it works perfect. The problem is when Thunderbird sends out emails, it is using the client's IP address for the hostname. I have SMTP authentication and specified my mail server's as the outgoing SMTP. Mail is being sent, but it is not "signing" the email with the mail server's IP address.. it is using the client's. Is there any way to fix this? This is the spam error I get when sending from Thunderbird: Spam: Reverse DNS Lookup, SPF_SoftFail

    Read the article

  • mysql remote connection [closed]

    - by Fel
    I spoke with my host supporter to find what is my sql hostname. He said that the only way is add permissions in mysql remote (cpanel) to my actual ip. So the config in heidiSQL for example will be localhost userxxx passxxx But i have a dynamic ip, so i need to change the permissions every time, correct? Add the flag % probably is not a good idea, so how can I solve this problem? Why I dont have something like mysql.something.com ? Sorry, if this question is too basic.

    Read the article

  • DKIM, SPF, PTR records are not working properly with my domain

    - by shihon
    I configured my server and well authenticate email system with DKIM key, SPF record and PTR records, when i start to sent out mails from phplist interface to my users ~50000, my domain is spammed by google. In headers, signed by and mailed by tag shows by my domain : appmail.co, I also test my domain via check mail provide by port25, report is: This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at . Thank you for using the verifier, The Port25 Solutions, Inc. team ========================================================== Summary of Results SPF check: pass DomainKeys check: neutral DKIM check: pass Sender-ID check: pass SpamAssassin check: ham ========================================================== Details: HELO hostname: app.appmail.co Source IP: 108.179.192.148 mail-from: [email protected] SPF check details: Result: pass ID(s) verified: [email protected] DNS record(s): appmail.co. SPF (no records) appmail.co. 14400 IN TXT "v=spf1 +a +mx +ip4:108.179.192.148 ?all" appmail.co. 14400 IN A 108.179.192.148 DomainKeys check details: Result: neutral (message not signed) ID(s) verified: [email protected] DNS record(s): DKIM check details: Result: pass (matches From: [email protected]) ID(s) verified: header.d=appmail.co Canonicalized Headers: content-type:multipart/alternative;'20'boundary=047d7b2eda75d8544d04c17b6841'0D''0A' to:[email protected]'0D''0A' from:shashank'20'sharma'20'<[email protected]>'0D''0A' subject:Test'0D''0A' message-id:<CADnDhbH9aDBk3Ho2-CrG7gwOoD6RNX0sFq4bWL64+kmo=9HjWg@mail.gmail.com>'0D''0A' date:Sat,'20'2'20'Jun'20'2012'20'16:44:50'20'+0530'0D''0A' mime-version:1.0'0D''0A' dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=appmail.co;'20's=default;'20'h=Content-Type:To:From:Subject:Message-ID:Date:MIME-Version;'20'bh=GS6uwlT+weKcrrLJ2I+cjBtWPq9nvhwRlNAJebOiQOk=;'20'b=; Canonicalized Body: --047d7b2eda75d8544d04c17b6841'0D''0A' Content-Type:'20'text/plain;'20'charset=UTF-8'0D''0A' '0D''0A' Hello'20'Senders'0D''0A' '0D''0A' --047d7b2eda75d8544d04c17b6841'0D''0A' Content-Type:'20'text/html;'20'charset=UTF-8'0D''0A' '0D''0A' Hello'20'Senders'0D''0A' '0D''0A' --047d7b2eda75d8544d04c17b6841--'0D''0A' DNS record(s): default._domainkey.appmail.co. 14400 IN TXT "v=DKIM1; k=rsa; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhALGCOdMeZRxRHoatH7/KCvI1CKS0wOOsTAq0LLgPsOpMolifpVQDKOWT2zq/6LHVmDVjXLbnWO2d4ry/riy7ei66pLpnAV5ceIUSjBRusI8jcF9CZhPrh/OImsKVUb9ceQIDAQAB;" NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM. Sender-ID check details: Result: pass ID(s) verified: [email protected] DNS record(s): appmail.co. SPF (no records) appmail.co. 14400 IN TXT "v=spf1 +a +mx +ip4:108.179.192.148 ?all" appmail.co. 14400 IN A 108.179.192.148 SpamAssassin check details: SpamAssassin v3.3.1 (2010-03-16) Result: ham (-0.1 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain 0.0 HTML_MESSAGE BODY: HTML included in message -0.5 BAYES_05 BODY: Bayes spam probability is 1 to 5% [score: 0.0288] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.5 SINGLE_HEADER_1K A single header contains 1K-2K characters ========================================================== Original Email Return-Path: <[email protected]> Received: from app.appmail.co (108.179.192.148) by verifier.port25.com id hp7qqo11u9cc for <[email protected]>; Sat, 2 Jun 2012 07:14:52 -0400 (envelope-from <[email protected]>) Authentication-Results: verifier.port25.com; spf=pass [email protected] Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) [email protected] Authentication-Results: verifier.port25.com; dkim=pass (matches From: [email protected]) header.d=appmail.co Authentication-Results: verifier.port25.com; sender-id=pass [email protected] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=appmail.co; s=default; h=Content-Type:To:From:Subject:Message-ID:Date:MIME-Version; bh=GS6uwlT+weKcrrLJ2I+cjBtWPq9nvhwRlNAJebOiQOk=;b=pNw3UQNMoNyZ2Ujv8omHGodKVu/55S8YdBEsA5TbRciga/H7f+5noiKvo60vU6oXYyzVKeozFHDoOEMV6m5UTgkdBefogl+9cUIbt5CSrTWA97D7tGS97JblTDXApbZH; Received: from mail-pb0-f46.google.com ([209.85.160.46]:57831) by app.appmail.co with esmtpa (Exim 4.77) (envelope-from <[email protected]>) id 1SamIF-00055f-Om for [email protected]; Sat, 02 Jun 2012 16:44:51 +0530 Received: by pbbrp8 with SMTP id rp8so4165728pbb.5 for <[email protected]>; Sat, 02 Jun 2012 04:14:51 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.216.33 with SMTP id on1mr19414885pbc.105.1338635690988; Sat, 02 Jun 2012 04:14:50 -0700 (PDT) Received: by 10.143.66.13 with HTTP; Sat, 2 Jun 2012 04:14:50 -0700 (PDT) Date: Sat, 2 Jun 2012 16:44:50 +0530 Message-ID: <CADnDhbH9aDBk3Ho2-CrG7gwOoD6RNX0sFq4bWL64+kmo=9HjWg@mail.gmail.com> Subject: Test From: shashank sharma <[email protected]> To: [email protected] Content-Type: multipart/alternative; boundary=047d7b2eda75d8544d04c17b6841 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - app.appmail.co X-AntiAbuse: Original Domain - verifier.port25.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - appmail.co --047d7b2eda75d8544d04c17b6841 Content-Type: text/plain; charset=UTF-8 Hello Senders --047d7b2eda75d8544d04c17b6841 Content-Type: text/html; charset=UTF-8 Hello Senders --047d7b2eda75d8544d04c17b6841-- I also tried to send mail on yahoo , rediff but i get mails in spam. Please help me to sort out this issue

    Read the article

  • Digest authentication not working: endless cycles of asking for user/pass

    - by bcmcfc
    I'm trying to setup my SVN repository for access remotely. In doing so I have some settings under Apache's dav_svn.conf file. When navigating to hostname/svn, or using Tortoise to do the same it prompts for the user name and password as expected. However, when entering the correct user name and pass that were set in the password file linked to under AuthUserFile it just asks for the credentials again. I think I'm probably missing something simple? The server is running Ubuntu Server 9.10. Accessing SVN remotely does currently work if the authentication lines of dav_svn.conf are commented out. These are the contents of the dav_svn.conf file: <Location /svn> DAV svn SVNPath /home/svn/repo AuthType Digest AuthName "Subversion Repository" AuthDigestDomain /svn/ AuthUserFile /etc/svn_authfile Require valid-user </Location>

    Read the article

  • configure /etc/hosts file so ALL applications always use local network when it makes sense to do so?

    - by gkdsp
    I have two Linux CentOS servers setup in a local network. ServerA is 192.168.0.1 and serverB is 192.168.0.2. There's an application on serverA that communicates with serverB using host2.serverAname.com. But, the traffic is blocked on serverB because the port being used has a firewall that only allows traffic on the local network to pass. Thus, serverB needs to see traffic from serverA as originating from 192.168.0.1 (instead of host2.serverA.com). Is there a way I can configure the /etc/hosts file to ensure traffic always sent between the two servers uses local IP addresses, regardless of what hostname is in use, and for ALL applications? If so, could someone walk me through an example? I only have 2 servers, so the simpler the better.

    Read the article

  • PHP Mail() to Gmail = Spam

    - by grantw
    Recently Gmail has started marking emails sent directly from my server (using php mail()) as spam and I'm having problems trying to find the issue. If I send an exact copy of the same email from my email client it goes to the Gmail inbox. The emails are plain text, around 7 lines long and contain a URL link in plain text. As the emails sent from my client are getting through fine I'm thinking that the content isn't the issue. It would be greatly appreciated if someone could take a look at the the following headers and give me some advice why the email from the server is being marked as spam. Email from Server: Delivered-To: [email protected] Received: by 10.49.98.228 with SMTP id el4csp101784qeb; Thu, 15 Nov 2012 14:58:52 -0800 (PST) Received: by 10.60.27.166 with SMTP id u6mr2296595oeg.86.1353020331940; Thu, 15 Nov 2012 14:58:51 -0800 (PST) Return-Path: [email protected] Received: from dom.domainbrokerage.co.uk (dom.domainbrokerage.co.uk. [174.120.246.138]) by mx.google.com with ESMTPS id df4si17005013obc.50.2012.11.15.14.58.51 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Nov 2012 14:58:51 -0800 (PST) Received-SPF: pass (google.com: domain of [email protected] designates 174.120.246.138 as permitted sender) client-ip=174.120.246.138; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 174.120.246.138 as permitted sender) [email protected]; dkim=pass [email protected] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=domainbrokerage.co.uk; s=default; h=Date:Message-Id:Content-Type:Reply-to:From:Subject:To; bh=2RJ9jsEaGcdcgJ1HMJgQG8QNvWevySWXIFRDqdY7EAM=; b=mGebBVOkyUhv94ONL3EabXeTgVznsT1VAwPdVvpOGDdjBtN1FabnuFi8sWbf5KEg5BUJ/h8fQ+9/2nrj+jbtoVLvKXI6L53HOXPjl7atCX9e41GkrOTAPw5ZFp+1lDbZ; Received: from grantw by dom.domainbrokerage.co.uk with local (Exim 4.80) (envelope-from [email protected]) id 1TZ8OZ-0008qC-Gy for [email protected]; Thu, 15 Nov 2012 22:58:51 +0000 To: [email protected] Subject: Offer Accepted X-PHP-Script: www.domainbrokerage.co.uk/admin.php for 95.172.231.27 From: My Name [email protected] Reply-to: [email protected] Content-Type: text/plain; charset=Windows-1251 Message-Id: [email protected] Date: Thu, 15 Nov 2012 22:58:51 +0000 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - dom.domainbrokerage.co.uk X-AntiAbuse: Original Domain - gmail.com X-AntiAbuse: Originator/Caller UID/GID - [500 500] / [47 12] X-AntiAbuse: Sender Address Domain - domainbrokerage.co.uk X-Get-Message-Sender-Via: dom.domainbrokerage.co.uk: authenticated_id: grantw/from_h Email from client: Delivered-To: [email protected] Received: by 10.49.98.228 with SMTP id el4csp101495qeb; Thu, 15 Nov 2012 14:54:49 -0800 (PST) Received: by 10.182.197.8 with SMTP id iq8mr2351185obc.66.1353020089244; Thu, 15 Nov 2012 14:54:49 -0800 (PST) Return-Path: [email protected] Received: from dom.domainbrokerage.co.uk (dom.domainbrokerage.co.uk. [174.120.246.138]) by mx.google.com with ESMTPS id ab5si17000486obc.44.2012.11.15.14.54.48 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Nov 2012 14:54:49 -0800 (PST) Received-SPF: pass (google.com: domain of [email protected] designates 174.120.246.138 as permitted sender) client-ip=174.120.246.138; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 174.120.246.138 as permitted sender) [email protected]; dkim=pass [email protected] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=domainbrokerage.co.uk; s=default; h=Content-Transfer-Encoding:Content-Type:Subject:To:MIME-Version:From:Date:Message-ID; bh=bKNjm+yTFZQ7HUjO3lKPp9HosUBfFxv9+oqV+NuIkdU=; b=j0T2XNBuENSFG85QWeRdJ2MUgW2BvGROBNL3zvjwOLoFeyHRU3B4M+lt6m1X+OLHfJJqcoR0+GS9p/TWn4jylKCF13xozAOc6ewZ3/4Xj/YUDXuHkzmCMiNxVcGETD7l; Received: from w-27.cust-7941.ip.static.uno.uk.net ([95.172.231.27]:1450 helo=[127.0.0.1]) by dom.domainbrokerage.co.uk with esmtpa (Exim 4.80) (envelope-from [email protected]) id 1TZ8Ke-0001XH-7p for [email protected]; Thu, 15 Nov 2012 22:54:48 +0000 Message-ID: [email protected] Date: Thu, 15 Nov 2012 22:54:50 +0000 From: My Name [email protected] User-Agent: Postbox 3.0.6 (Windows/20121031) MIME-Version: 1.0 To: [email protected] Subject: Offer Accepted Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - dom.domainbrokerage.co.uk X-AntiAbuse: Original Domain - gmail.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - domainbrokerage.co.uk X-Get-Message-Sender-Via: dom.domainbrokerage.co.uk: authenticated_id: [email protected]

    Read the article

< Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >