Category: system configuration RSS feed for this category
Freeradius configuration
Freeradius is powerful, however, you may find it is difficult to do configuration. This post try to include common configuration such that you may find useful for your setup.
TL-WN722N usb wireless stick in Linux
Using TP-Link, TL-WN722N usb wifi dongle in Linux, you could use the dongle to access wifi hotspot or you could using it as a access point to provide wifi connectivity for other devices.
JASIG-CAS debug trace
JASIG-CAS provide SSO for web application. CASify a web application could make your application enjoy SSO. Debug trace a CAS session Getting the lt ticket from login screen, e.g. curl –cookie-jar /tmp/c1.cookie -X GET -v https://cas.example.com/cas/login?service=http://www.abc.com|grep lt Get the login ticket,LT-XXXXXX…, ready for the step. Provide username & password & the LT ticket curl -X POST -d “username=usrsid&password=verysecret<=LT-XXXXX…” –cookie /tmp/c1.cookie –cookie-jar /tmp/c2.cookie -v https://cas.example.com/cas/login?service=http://www.abc.com You may need to include execution & _eventId in the post data for recent version of CAS server Afterward, you should get the service ticket, ST-XXXXX…., now. Also, /tmp/c2.cookie contain the cookie of TGC. Laster, you
Password sychronize between Samba & Linux
As Samba & LDAP are using difference password storing scheme, their password value cannot be share even store on the LDAP. There are several ways to synchronize them, as following only point out one of the possible ways.
Master browser for the DOMAIN in SAMBA
Network browsing is convenient but causing a lot of headaches for administrator. The most 1st rule is setting up a WINS server could help a lot. When your network environment having multiple-domains and some of them are crossing multiple-subnets will cause you a lot or troubles.
File sharing supporting NT ACL as most possible
The file access control in NT is much more complex than UNIX. In general, UNIX only support the ACL in read/write/execute for User/Group/Other of a file or directory. While NT could be far more complex than that, e.g. granting read permission for group1 and all access for group2.
Samba as a PDC for pre 2k domain
In conclude, our setup should meet the following requirement: ADS domain controller is not supported Domain user DB is stored in the LDAP User entries are shared with UNIX Password of the user for windows & Linux are synchronized Domain group is supported
Daily operation for Samba
User operation To add/delete/modify user in the DOMAIN you could using Running USRMGR.exe in a domain workstation with privilege user pdbedit net sam set, e.g, force user to change their password Group operation Running USRMGR.exe in a domain workstation with privilege user net rpc group Windows joining the domain Windows machine could join the domain as usual, there are no special precaution. Samba joining the domain Some notes for Samba domain member server. Since, Samba require physical user passwd entries exist for correct operation. To let samba joining the domain, the samba member server should install nss_ldap & configure the
Samba & LDAP
Our aim is setting up a SAMBA server under Linux and making it as a PDC for windows machine.