| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Comments:
<0> morning? It's 10:30pm, jb!
<1> Good morning, jblack.
<2> Yeah. I'm trapped on a night schedule and can't get off
<3> hm
<3> you can't get off, so everyone goes and hides..
<2> Seems like it.
<3> seems like a perfect opportunity to learn something
<2> That seems true too.
<3> If I were to set up kerberos, are apps directed to it via things like nsswitch... or does the app itself have to be "kerberized"?
<2> If you set up pam, then apps that use pam will invisibly switch to using kerberos.
<2> That's the magic of pam
<3> hmm
<3> and since I was previously using ldap.. it appears pam is set up
<2> For ldap, presumably.
<3> yes, but I meant it was there.. waiting for me to tell it to do kerberos instead
<3> I ***ume it's just a matter of making changes in the common-* files?
<3> in /etc/pam.d
<2> Yeah. I think so. I've not done anything with kerberos, so I can't be too much help other that point in the direction of the way things 'should' be
<3> I did a little reading on it, but before I went deeper on wanted that part clarified
<2> Then yeah. You're headed in the same direction I would go in too. :)
<3> cool, ssh keys are cool for p***wordless bouncing around from machine to machine.. but it would be nice to be able to log in once and have that auth carry over
<3> not only to ssh sessions, but imap, etc
<3> I was actually going to write an article for the site about samba and ldap... but before I could get all my notes and walk through the process with them, a storm took out the drives on that machine
<2> Ouch.
<3> yeah
<2> That would be a really valuable thing.
<3> it wasn't really that hard
<2> Nah, ldap isn't that hard in and of itself.
<3> especially after I found some scripts to help set up the schema
<2> Its just integrating with everything.
<2> And yeah, deciding on a good schema
<3> I even had a 2-way trust going with me AD domain
<2> You can do that?
<3> yup yup
<3> rebooted the XP machine and I had both domains in the drop down, worked pretty as you please
<4> all this windows talk
<3> gave permissions to shares on the windows boxes as sambadomain\linuxuser
<2> It would be pretty cool if you could hook it up with xdmcp.
<2> If you could illustrate that
<3> that was something I was trying to finger out
<3> how to get GDM to let me log in using the AD credentials
<3> but I think I read somewhere about doing domain+user as the username
<3> we're really trying to push our smaller customers away from Microsoft
<2> Disseminating credenditials would certainly be part of that.
<3> we already save them tons by using postfix/imap/webmail solutions.. and linux for file/print instead of all that licensing crap
<5> ahoy all
<3> If I could come up with a set procedure for mimicing a domain controller, they could do away with that as well
<2> to be honest, I gave up on ldap about two years ago.
<2> Just didn't feel far enough along.
<3> of course, you lose things like GPO
<3> yeah, the tools don't compare to something like "AD Users & Computers" :(
<2> gpo?
<3> group policy
<2> Yeah. I had unreasonable expectations after spending a couple years with novell's stuff.
<3> you can duplicate all of group policy with scripting and whatnot... but man, it's a lot more work
<2> Yeah.
<5> whats new all
<2> Not much. Talking about ldap.
<3> ubuntu has a package "directory-administrator", I think that's the only gui ldap tool I found
<3> and people need gui's <ugh>
<3> I guess he wasn't interested
<2> That's chills for ya. He just did his first ubuntu install a few days ago
<3> yay!
<2> Well, he's trying. He's having trouble getting an iso through his dialup. ;)
<3> heh, and I'm using mirc on XP... cause I can only get on my other boxes as root
<3> and ircing as root is bad :)
<2> Ya know that you can su down to a user, right?
<3> root@workstation-4:/etc/pam.d# su kevin
<3> Unknown id: kevin
<6> LOL
<3> I had moved all the accounts over to ldap
<3> and they'll be back, as soon as I can find another scsi drive
<2> You can hook ssh and nss into ldap and fix that. :)
<2> Ahh
<3> or, get and IDE controller in that box
<2> I have a spare one if you're close.
<3> it's actually on my list of things to do tomorrow, ***uming I get the pool vacuumed and the hottub cleaned, and the garage straight, and all the other honey-do's
<3> near Louisville, KY
<3> a bit far to drive for a drive
<2> Yeah.
<3> wanna do an IOS upgrade, too. New version supports webvpn
<3> I'm getting sick of being at a machine that doesn't have putty or cisco client and not being able to get to anything
<2> That was actually part of why I moved away from centralized services.
<2> I'm still stuck in road warrier mode.
<3> I need to find a solution for mail... most of mine comes gpg encrypted and I wind up in places that don't have in-room access.
<2> how about uucp over ssh?
<3> a wyse box with rdp to a locked down desktop
<2> Thats left me pretty happy. I'm even able to pull and send mail over networks in which the only thing available is http.
<2> (via tor)
<3> I can get TO the mail, just don't have any way to decrypt it..
<5> damn linuxant driver :(
<3> I suppose I could copy/print it, go back to the room, feed it into gpg, then read the resulting message
<3> but even I don't want to read my mail that bad
<2> I'm using a different approach. I consider this laptop and extension of my presense.
<2> Where I go, it goes.
<5> jblack : any serial modem will work with linux right without the driver problem
<2> And I aggregate my needs here.
<3> same here, but if there's nothing to connect it to... kinda screwed
<2> chills: An external serial modem, yeah. Generally external usb modems are o.k.
<3> my last trip to florida, I finally got set up with a nation-wide dial-up thing
<3> I just have to remember to get the local dial-in numbers for the city I'm going to be in
<2> Yeah. I bounce between hotspots and a nationwide wireless.
<5> k thanks jblack. i guess i have to get 1 :d now
<5> hehe
<3> my boss had a neat idea
<2> A 20kb/sec connection anywhere in the country is worth the $50/mo to me
<3> get a cell modem and an 800 series cisco, mount it in the car
<3> wireless bubble wherever I go with a tunnel to the office.. throw in a wireless IP phone and instant mobile office
<5> dialup in pakistan costs more then :P DSl :d
<5> heh
<2> I was thinking about doing a bubble too, by setting up my wireless card in ap mode. My daughter is in minnesota with my card.
<2> So, I won't be doing tha tfor a couple more weeks yet.
<3> use the laptop as a bridge between cell and wireless?
<2> Yeah.
<2> Using the 802.11g adaptor in ap mode and feeding the verizon network via masq
<3> handy
<3> I think verizon was who we were looking at too
<2> Definitely worth playing with. I'm not sure how good coverage is in ky. Its excellent down the corridor.
<2> I irc all the way to and from philly and new york.
<3> haha
<3> one of the other channels I'm in is visited from time to time by an over the road truck driver
<3> I guess a similar setup
<2> Yeah. The process works something like "I've gotta go to BigCity. I need an excuse for getting the ex-wife to drive"
<3> I get carsick when I try to read in the car though
<5> hehe
<5> daucus_carota : me to :\
<7> Can some one help me or direct me to a how-to on configuring sasl2 and a virtual mailbox with a postfix mailserver? I need to configure some users' mailboxes without giving them a Linux username/p***word.
<3> scary stuff there
<3> but I know I saw something on it somewhere... name lookups with mysql?
<3> it _might_ have been howtoforge
<3> I just found my rj-45/11 crimper.
<3> This makes me extremely happy!
<2> Heh.
<3> now, if I could find the punch down tool, I'd be in business
<7> Boy, the spammers are working overtime tonight. Watching the maillog scroll past with spam all over it.
<7> It's getting ridiculous.
<5> p3nguin: thanks for the email you can ban the range
<3> I just implemented rbls on a postfix box today
<7> chills: I did already.
<3> mailq went from 10,000+ to ~100
<5> ah right :)
<5> p3nguin: why do you need mail anywys ?
<2> There are a handful of postfix rules that cut back bogus connections
<7> Speaking of that... why is there so much spam comming from the 202/8 range?
<2> s
<5> p3nguin : misconfigured socks i guess
<2> give: smtpd_client_restrictions = reject_unauth_destination, reject_unknown_sender_domain, reject_non_fqdn_sender
<2> a try
<3> is the a way to squash some of the mailer-daemon mails?
<5> man i get so much spam to my hotmail
<2> daucus_carota: The line above will help a lot.
Return to
#linux
or
Go to some related
logs:
#india
#allnitecafe
suse 10 change kernel version
#india
#chat-world
#allnitecafe
new radicals mother enough.mp3
#linux
#linux
strings chupte gaate
|
|