Andy Kopciuch's Blog
Tuesday, June 27, 2006
Domain Controllers, NVU & Big Pizza
Man do I hate dealing with windows authentication! As you can probably already tell, I've been dealing in the land of Microsoft for the past few weeks. It has been less than fun. If you log into a *nix machine, and you don't have a .bashrc file, have you ever seen a message saying "I'm sorry we can not find your .bashrc file, a temporary one will be created for you, but it will be removed upon logging out". Those in the crowd now laughing know exactly what I am talking about on windows with user profiles.
First the other samba + LDAP PDC I did a month ago was working fine ... until the building got hit by lightning one day, and everything crashed. Just about the entire LDAP database was missing. And what was there was borked anyways. Running the slapd_db_recover utilities and such. "ERROR, ERROR, ERROR, ERROR, PANIC". Um ... that's not so good. Quick decision time is that there are only a handful of accounts on this one, so lets just recreate them manually. Everyone is good again ... make sure backups are running again. LDIF is useful for things like this. ;-)
So the next Domain Controller was a sweet sweet ride. I spent the weekend working on my auto PDC installation, and had it working perfectly with the windows machine I had. We had a demo on Monday morning which went extremely well. I was quite happy with it. Cudos to the Samba team for everything. I also read awesome things about samba 4. Like an integrated LDAP database, and full AD replacement. The demos of the pre-beta in Australia(?) were crowd inspiring apparently. I can't wait.
The next Domain Controller was a snap to setup, and its ready to go. Enter the windows environment, and some 30+ hours later for myself and another technician ... and the new PDC is still sitting there ready to go. We have no problems with the new PDC ... add users (PHPLDAPAdmin), self add machines, all that works. We can't get the windows network to do what we want first.
We can not get the windows server AD to have roaming profiles, and the local machines push their profiles up to the server. We had all the settings right, Ray followed step by step Microsoft official docs. I sort of got one working. I had to login to a PC, change to my new PDC, logout, login in, then I get a roaming profile on _my_ server, log out, login in as admin, change to workgroup, re-join the original domain, log out, login, log out, log in ... then the original server has a roaming profile pushed up to it.
We figure alright we can copy the profile, and move things to the new server ... well it only half works. Some settings are missing, others are half missing, Outlook is screwed anyways because it is local, and messing with the data file management is not so successful. We spent hours upon hours working with several machines. We had machines now not being able to log into any domain, windows 2000 machines were just broken, It was a mess. We have support calls into Microsoft awaiting responses. All sorts of issues ... and my Linux box is sitting there ... working ... waiting for us to dick around with the windows network and make things work. So I sit and wait now.
In between there I had the task of making some web changes to a site. I managed to get the FTP access, and downloaded the copy of the web site. Lets make a couple of small changes ... and then a couple of navigation panel / menu changes. That when I realize that every page (80) are static, and built with Front Page (also known as the code mangler). ;-) It was going to be insane to make those changes they requested. Even harder since I am a hand code developer.
For something like this ... it just doesn't make sense ... well IMHO Front Page doesn't make sense ... but I understand the need for stupid people to be able to create web sites ... oh wait ... no I don't ... HIRE A WEB DEVELOPER!
So I started searching for an OSS replacement that will let me work with these files spit out by front page. Kontour (KDE) did not work :(, although I did make a KDE attempt before looking elsewhere ... sorry Aaron. I tried Open Office Bluefish ... no go. And then I found NVU (en-view). The project is mostly sponsored by Linspire, and devel headed up by an ex-mozilla guy I believe. I checked for a package , and with a few clicks I had it installed on my kubuntu system.
I must say I was quite impressed. Not to mention it is fully cross platform (Linux, windows, Mac). So I am now recommending this to everyone who ever asks me what to use. It has word editing la Front Page, an HTML code editor, and everything just seems to work. The drop list menus didn't work, but they were also not mangled upon saving. The HTML is relatively clean ... although I am not sure if the code was just so poor from FP that this was the best it could do. The pages I changed turned out good with a few mouse clicks, cut and pasty type things and some table manipulation. All was good.
After some explanation of the time consumption for making menu changes to the client. They looked at my demo of what was added ... and said good enough. No need to waste valuable hours changing navigations unless absolutely necessary. Thank god I don't have to mess with the MS crap from Front Page.
So Marshall and Brooklyn came into town last week. They had a wedding on Sat night. We hung out at my place on Thurs for a while. Then I introduced them to Verns Pizza. We order a momma mia ... It weighs over 10 lbs! One pizza! 10 lbs! Marshall handed it to Brooklyn when we picked it up, and she almost fell over. She had trouble walking with it ... I found it humorous. Marshall was excited about it. The pieces stand about 3 inches high, and they are all toppings. He was even telling people at the bar about it the next night. I'm glad I could make Marshall's trip worth while. Brooklyn just giggled. I miss being in Victoria! Cheers, ¶ 12:49:00 PM 0 comments
First the other samba + LDAP PDC I did a month ago was working fine ... until the building got hit by lightning one day, and everything crashed. Just about the entire LDAP database was missing. And what was there was borked anyways. Running the slapd_db_recover utilities and such. "ERROR, ERROR, ERROR, ERROR, PANIC". Um ... that's not so good. Quick decision time is that there are only a handful of accounts on this one, so lets just recreate them manually. Everyone is good again ... make sure backups are running again. LDIF is useful for things like this. ;-)
So the next Domain Controller was a sweet sweet ride. I spent the weekend working on my auto PDC installation, and had it working perfectly with the windows machine I had. We had a demo on Monday morning which went extremely well. I was quite happy with it. Cudos to the Samba team for everything. I also read awesome things about samba 4. Like an integrated LDAP database, and full AD replacement. The demos of the pre-beta in Australia(?) were crowd inspiring apparently. I can't wait.
The next Domain Controller was a snap to setup, and its ready to go. Enter the windows environment, and some 30+ hours later for myself and another technician ... and the new PDC is still sitting there ready to go. We have no problems with the new PDC ... add users (PHPLDAPAdmin), self add machines, all that works. We can't get the windows network to do what we want first.
We can not get the windows server AD to have roaming profiles, and the local machines push their profiles up to the server. We had all the settings right, Ray followed step by step Microsoft official docs. I sort of got one working. I had to login to a PC, change to my new PDC, logout, login in, then I get a roaming profile on _my_ server, log out, login in as admin, change to workgroup, re-join the original domain, log out, login, log out, log in ... then the original server has a roaming profile pushed up to it.
We figure alright we can copy the profile, and move things to the new server ... well it only half works. Some settings are missing, others are half missing, Outlook is screwed anyways because it is local, and messing with the data file management is not so successful. We spent hours upon hours working with several machines. We had machines now not being able to log into any domain, windows 2000 machines were just broken, It was a mess. We have support calls into Microsoft awaiting responses. All sorts of issues ... and my Linux box is sitting there ... working ... waiting for us to dick around with the windows network and make things work. So I sit and wait now.
In between there I had the task of making some web changes to a site. I managed to get the FTP access, and downloaded the copy of the web site. Lets make a couple of small changes ... and then a couple of navigation panel / menu changes. That when I realize that every page (80) are static, and built with Front Page (also known as the code mangler). ;-) It was going to be insane to make those changes they requested. Even harder since I am a hand code developer.
For something like this ... it just doesn't make sense ... well IMHO Front Page doesn't make sense ... but I understand the need for stupid people to be able to create web sites ... oh wait ... no I don't ... HIRE A WEB DEVELOPER!
So I started searching for an OSS replacement that will let me work with these files spit out by front page. Kontour (KDE) did not work :(, although I did make a KDE attempt before looking elsewhere ... sorry Aaron. I tried Open Office Bluefish ... no go. And then I found NVU (en-view). The project is mostly sponsored by Linspire, and devel headed up by an ex-mozilla guy I believe. I checked for a package , and with a few clicks I had it installed on my kubuntu system.
I must say I was quite impressed. Not to mention it is fully cross platform (Linux, windows, Mac). So I am now recommending this to everyone who ever asks me what to use. It has word editing la Front Page, an HTML code editor, and everything just seems to work. The drop list menus didn't work, but they were also not mangled upon saving. The HTML is relatively clean ... although I am not sure if the code was just so poor from FP that this was the best it could do. The pages I changed turned out good with a few mouse clicks, cut and pasty type things and some table manipulation. All was good.
After some explanation of the time consumption for making menu changes to the client. They looked at my demo of what was added ... and said good enough. No need to waste valuable hours changing navigations unless absolutely necessary. Thank god I don't have to mess with the MS crap from Front Page.
So Marshall and Brooklyn came into town last week. They had a wedding on Sat night. We hung out at my place on Thurs for a while. Then I introduced them to Verns Pizza. We order a momma mia ... It weighs over 10 lbs! One pizza! 10 lbs! Marshall handed it to Brooklyn when we picked it up, and she almost fell over. She had trouble walking with it ... I found it humorous. Marshall was excited about it. The pieces stand about 3 inches high, and they are all toppings. He was even telling people at the bar about it the next night. I'm glad I could make Marshall's trip worth while. Brooklyn just giggled. I miss being in Victoria! Cheers, ¶ 12:49:00 PM 0 comments
Sunday, June 04, 2006
Staffing, Tomcat & Graduation
Wow has the last month been tiring. A good kind of tiring, but very tiring. It seems I have lost a new work partner due to non work circumstances, and some other staff have moved on. This left the bulk of work for Ray and myself. Oh yeah ... Gord was in Hawaii for a week too. Not to slight a man some vacation ... it just felt over whelming some days ... Ray and I look like we feel I think. It's all good ... we are big boys ... I'd say we handled it fairly well. A few things got delayed, but it has all worked out in the end. Maybe we should leave the computer industry and become professional jugglers. ;)
While sitting at one clients, dealing with another, I got an interesting phone call from Gregg. He has been talking with the president from a new potential company in the states. They seem to be having problems with an Apache Tomcat setup. Can you call these people and see what you can do? So of course I jumped right into it.
So dealing with several people involved, all of which are in different locations. California, and who knows where else. I supposed I could find out, but I was on a mission to find out what I needed. When asked about working with Tomcat I gave the professional contractors answer ... "Oh sure ... very familiar". ;) So often all of the conference calls while I was in the pub, I went home to tackle this issue.
I was provided with root access to the system, which is in Newport Beach, CA. I believe. I logged in and started to investigate. The system was SuSE 10.0. I had the default apache install, the default tomcat, and even had the mod_jk installed. So they were on the right track. After some reading, and some googling, all I did to get it up and running was copy the default config files provided by SuSE to the right place and restart some services.
So that was about 75 of the battle. I had to go in and change some settings. Configure the CATALINA path for tomcat to launch apps from the base. There were a couple of errors I found ... mostly it was just permission problems. I created a new runtime dir for tomcat to place the PID file. I had the serverlets working from the examples without any work. The jsp pages needed a bit of tweaking. Following through the tomcat log is a little different, but I found the problems. Fixed the web.xml file and things seemed to work like a charm now.
They had already installed some test apps of their own, and I tried to use those. The launch attempt was made, but the error report showed that the actual java programs were not installed, so it's not going to run. I sent out my findings in an email, and I'll probably end up documenting my efforts more formally later. It sure is nice to be the hero.
So my little sister is graduating with distinction from the University Of Winnipeg (Manitoba, Canada) tomorrow. Apparently the graduation will be broadcast online so I can actually watch it. I have an appointment with my mom on the phone to walk her through any problems she may have. My brother registered the account for her to watch ... so she should be good to go. Congratulations Diana! We are all really proud of you! We'll be watching and cheering you on tomorrow! ¶ 2:26:00 AM 0 comments
While sitting at one clients, dealing with another, I got an interesting phone call from Gregg. He has been talking with the president from a new potential company in the states. They seem to be having problems with an Apache Tomcat setup. Can you call these people and see what you can do? So of course I jumped right into it.
So dealing with several people involved, all of which are in different locations. California, and who knows where else. I supposed I could find out, but I was on a mission to find out what I needed. When asked about working with Tomcat I gave the professional contractors answer ... "Oh sure ... very familiar". ;) So often all of the conference calls while I was in the pub, I went home to tackle this issue.
I was provided with root access to the system, which is in Newport Beach, CA. I believe. I logged in and started to investigate. The system was SuSE 10.0. I had the default apache install, the default tomcat, and even had the mod_jk installed. So they were on the right track. After some reading, and some googling, all I did to get it up and running was copy the default config files provided by SuSE to the right place and restart some services.
So that was about 75 of the battle. I had to go in and change some settings. Configure the CATALINA path for tomcat to launch apps from the base. There were a couple of errors I found ... mostly it was just permission problems. I created a new runtime dir for tomcat to place the PID file. I had the serverlets working from the examples without any work. The jsp pages needed a bit of tweaking. Following through the tomcat log is a little different, but I found the problems. Fixed the web.xml file and things seemed to work like a charm now.
They had already installed some test apps of their own, and I tried to use those. The launch attempt was made, but the error report showed that the actual java programs were not installed, so it's not going to run. I sent out my findings in an email, and I'll probably end up documenting my efforts more formally later. It sure is nice to be the hero.
So my little sister is graduating with distinction from the University Of Winnipeg (Manitoba, Canada) tomorrow. Apparently the graduation will be broadcast online so I can actually watch it. I have an appointment with my mom on the phone to walk her through any problems she may have. My brother registered the account for her to watch ... so she should be good to go. Congratulations Diana! We are all really proud of you! We'll be watching and cheering you on tomorrow! ¶ 2:26:00 AM 0 comments
Samba Upgrade, Toolkit & Bees
So I had to build a new PDC. Simple right? Seeing as how I had been working on an installation script for Samba + LDAP + PHPLDAPAdmin on kubuntu, it should be simple enough on RHEL right? ... WRONG! Let me say it's not Red Hat's fault really, it's just a slightly different setup. The major problems were due to the fact the PDC I was upgrading was Samba 2, and LDAP 2. We were moving to Samba 3, and LDAP 3. That proved to be not all that much fun.
Of course there are going to be changes. The samba schemas have changed ... but changed in a big, big way. Oh yeah ... those new things called SIDs? So it was not as simple as an export / import. Thank goodness that the samba group has update scripts to take your LDIF dump and create a new better one. I thought that was going to be easy, but after 4 hours of tweaking the system to install the needed CPAN modules, export the data from the RH8 box, and see if an import worked was more than I bargained for.
After some slight testing, and getting the new PDC working in a test environmment it was ready. So last Tuesady was the day to switch the office over. Too bad it was not a full bore switch, but rather splitting users to the new PDC, and leaving some on the old. Well my sleep schedule is all messed up, I haven't slept the night before, already been at one clients. The new PDC should be as easy as switch the windows domains right? WRONG!
So users with 3GB of MP3s on their desktop, incorrect profiles, LDAP records that do not work, and all sorts of other problems made the night fun, and long. We did not even leave the office until after midnight. Manually copying data into profiles, discovering laptops that have local profiles only, and then joining the new domain the system decides to never ever create and use the network profile. Startup scripts seem to half work, user accounts half work. It seems to be all glued together ... I've only been awake for 40 hours now. The very last thing we discover is that the mail server handling all accounts that have now been split between people is LDAP tied in ... aw crap! So users who we changed to the new PDC, and had to create new accounts for, no longer had email, since their passwords were changed, and the Mail authed against the old LDAP ... so back into the office in the morning ... all seems to be fixed now
In between some of that noise, we have been launching the toolkit web system at another client. I was involved with the user training, and key personnel meetings. It seemed to go rather well. As a developer, I am finally getting feedback from the user base need to make this system move along. I had a few more sleepless nights, but they have a pro rata calculator, global contact books, way better search functionality, reparenting of folder in the DMS, document uploads in the commercial system, and a ton of other smaller cool features and fixes.
AJ and I were talking about how it has gone over much better than we ever expected. There was of course some resistance from certain people which is to be expected, but there was also reall enthusiasm from a large protion of the staff. I've been hearing lots of good comments, and general appreciation for all of the efforts we have put in.
During this time, I wasn't sleeping much, and it was blistering hot for a few days. I got home late one night and stripped down and sat in front of the computer to read email, and unwind. After a few minutes I heard the zzzt zzzt of something baning into the light above me. I figured there was a fly in the house. To my shock when I looked above I saw the BIGGEST bee I have ever seen in my life.
I am deathly afraid of bees / wasps. I am not allergic, but had an incident as a child. You want to see a 400 lb man scream like a girl ... bees. I jumped up and ran into my room and closed the door. After staring at the door for a minute ... completely frozen I thought to myself "what the hell are you doing?". I ventured out into my apartment again. I heard nothing So I sat back down and a couple of minutes later the jumbo jet airplane with a stinger was back. I froze again and try to follow him around the apartment. After a few minutes, realizing I was naked and it would hurt being stung on any portion of my exposed flesh, I went to put some clothes on. So now wearing a hat, sweater, and heavy jeans in 30 degree plus heat I was ready to do battle.
I rolled up a pad of paper in half and decided that would suffice as a weapon. So I began the hunt of the little yellow zebra with wings. So now there is the 400 lb man creeping up inches at a time to the bee crawling around on my ceiling close to the light. Finally I had my chance as he was far enough away from the light as to not shatter glass all over myself. I swung ... hit the bastard and pulled my club away. To my surprise this flying tanker truck now started to head directly at me. HOLY SHIT! Now I've made him mad ... so off I retreat into my room again. Heart pounding ... sweat dripping down ... terrified!
Alright ... one last time to venture into battle. I was not to be defeated this time. I stalked, and watched my arch rival until I had my chance. WHAM! I struck the blow for all mankind once again. And once again he came flying right towards me. In a muppet like flailing I smashed him mid air which knocked him senseless to the kitchen floor. I seized my opportunity and repeatedly smashed the terror of Andy's apartment to death. There was no bug explosion, no mess ... just simply the carcass of the stining winged creature lying on my kitchen floor.
It took my heart about 3 hours to get back to normal. And I was simply to drained to deal with the remains of the deceased. He lay there for a day, until I finally scooped him up into the trash, and tossed the bag into the dumpster. I really, really don't like bees. ¶ 1:50:00 AM 0 comments
Of course there are going to be changes. The samba schemas have changed ... but changed in a big, big way. Oh yeah ... those new things called SIDs? So it was not as simple as an export / import. Thank goodness that the samba group has update scripts to take your LDIF dump and create a new better one. I thought that was going to be easy, but after 4 hours of tweaking the system to install the needed CPAN modules, export the data from the RH8 box, and see if an import worked was more than I bargained for.
After some slight testing, and getting the new PDC working in a test environmment it was ready. So last Tuesady was the day to switch the office over. Too bad it was not a full bore switch, but rather splitting users to the new PDC, and leaving some on the old. Well my sleep schedule is all messed up, I haven't slept the night before, already been at one clients. The new PDC should be as easy as switch the windows domains right? WRONG!
So users with 3GB of MP3s on their desktop, incorrect profiles, LDAP records that do not work, and all sorts of other problems made the night fun, and long. We did not even leave the office until after midnight. Manually copying data into profiles, discovering laptops that have local profiles only, and then joining the new domain the system decides to never ever create and use the network profile. Startup scripts seem to half work, user accounts half work. It seems to be all glued together ... I've only been awake for 40 hours now. The very last thing we discover is that the mail server handling all accounts that have now been split between people is LDAP tied in ... aw crap! So users who we changed to the new PDC, and had to create new accounts for, no longer had email, since their passwords were changed, and the Mail authed against the old LDAP ... so back into the office in the morning ... all seems to be fixed now
In between some of that noise, we have been launching the toolkit web system at another client. I was involved with the user training, and key personnel meetings. It seemed to go rather well. As a developer, I am finally getting feedback from the user base need to make this system move along. I had a few more sleepless nights, but they have a pro rata calculator, global contact books, way better search functionality, reparenting of folder in the DMS, document uploads in the commercial system, and a ton of other smaller cool features and fixes.
AJ and I were talking about how it has gone over much better than we ever expected. There was of course some resistance from certain people which is to be expected, but there was also reall enthusiasm from a large protion of the staff. I've been hearing lots of good comments, and general appreciation for all of the efforts we have put in.
During this time, I wasn't sleeping much, and it was blistering hot for a few days. I got home late one night and stripped down and sat in front of the computer to read email, and unwind. After a few minutes I heard the zzzt zzzt of something baning into the light above me. I figured there was a fly in the house. To my shock when I looked above I saw the BIGGEST bee I have ever seen in my life.
I am deathly afraid of bees / wasps. I am not allergic, but had an incident as a child. You want to see a 400 lb man scream like a girl ... bees. I jumped up and ran into my room and closed the door. After staring at the door for a minute ... completely frozen I thought to myself "what the hell are you doing?". I ventured out into my apartment again. I heard nothing So I sat back down and a couple of minutes later the jumbo jet airplane with a stinger was back. I froze again and try to follow him around the apartment. After a few minutes, realizing I was naked and it would hurt being stung on any portion of my exposed flesh, I went to put some clothes on. So now wearing a hat, sweater, and heavy jeans in 30 degree plus heat I was ready to do battle.
I rolled up a pad of paper in half and decided that would suffice as a weapon. So I began the hunt of the little yellow zebra with wings. So now there is the 400 lb man creeping up inches at a time to the bee crawling around on my ceiling close to the light. Finally I had my chance as he was far enough away from the light as to not shatter glass all over myself. I swung ... hit the bastard and pulled my club away. To my surprise this flying tanker truck now started to head directly at me. HOLY SHIT! Now I've made him mad ... so off I retreat into my room again. Heart pounding ... sweat dripping down ... terrified!
Alright ... one last time to venture into battle. I was not to be defeated this time. I stalked, and watched my arch rival until I had my chance. WHAM! I struck the blow for all mankind once again. And once again he came flying right towards me. In a muppet like flailing I smashed him mid air which knocked him senseless to the kitchen floor. I seized my opportunity and repeatedly smashed the terror of Andy's apartment to death. There was no bug explosion, no mess ... just simply the carcass of the stining winged creature lying on my kitchen floor.
It took my heart about 3 hours to get back to normal. And I was simply to drained to deal with the remains of the deceased. He lay there for a day, until I finally scooped him up into the trash, and tossed the bag into the dumpster. I really, really don't like bees. ¶ 1:50:00 AM 0 comments
