<< 15 July 2008 | Home | 17 July 2008 >>

RSS | Atom | E-mail

Navigate

Tags | Advanced Search

Tags

Recent Blog Entries

Space Quest
Kraftwerk, HK See Andreas' pictures on Flickr, he has the better ones. Just follow the Last.fm tag!
About the taifun a while back
I think I sent the pictures from the flooding of the last 颱風 Hagupit to most people. Here's a report from the local TV news on one of the better bookshops BLOOM. If your Portuguese is rusty, skip ahead to 3:00 for some pictures from that night in ...
Regicide
Okay, the next Dwarf Fortress will have a separate floor for nobles and running water (and a good measure of flood gates to drown them in their sleepretire them if necessary). I'm happy with the ban on Adamantine, since I don't have anything that, but ...

Summary of blogs

.\ blogs

Volker's NEXT blog

Still not a blog - Rants, recipes, hints, blurb - eventually some time soon.

ikReview - Irina's review of the week - My humble opinion on books, movies and software.

Machen wir mal wieder ein bißchen Politik...

TELEPOLIS schreibt:

Moderne Demokratien haben seit dem 18. Jahrhundert viel aus einer relativ kurzen Periode des antiken Athen übernommen, die vom Ende des 5. Jahrhunderts bis zum Jahr 322 vor Christus dauerte. Trotzdem gibt es aus dieser Zeit noch viel Interessantes zu entdecken – zum Beispiel die graphe paranomon, die den antiken Athenern eine gewisse Gewähr dafür bot, dass ihre politischen Entscheidungsträger nicht allzu forsch verfassungswidrige Beschlüsse fassten.

Tags : gehmalwiederaufdiestrasse

Add a comment

Posted by Volker Stolz on 16 July 2008 12:08:00 WAT #

Assistant system admin

Apart from teaching Java, I'm also brushing up my admin creds here at AUST, giving the IT guys a helping hand with some teething problems:

tracking down a notorious problem with Ubuntu when you have your own partition for /var
firewall config, they use Firehol -- funny, so far I haven't seen two shops using the same firewall toolkit in my life. Incidentally, OpenVPN still doesn't work through the firewall. And currently the satellite uplink blows hard.
NFS / automounter-fu

and a real novelty for me

getting the Macs to authenticate against LDAP and mount the NFS directories

On an only semi-entertaining issue, let me quickly list the advantages of tin roofs: a) lots of noise when rain is playing the drums, b) almost perfect insulation against wireless and cell phone signals.

Tags : work aust

Add a comment

Posted by Volker Stolz on 16 July 2008 10:14:00 WAT #

LDAP authentication for MacOS clients and NFS mounts

A little exercise that might not apply to your problem

Set TLS_REQCERT to never in /etc/openldap/ldap.conf (unless you know what you're doing - that seems to be the stopper for plaintext passwords)
Go to Applications -> Utilities -> Directory Utility
Toggle the lock at the bottom to "unlocked"
Switch on Advanced mode
Select Services-tab -> LDAPv3
Click on pen-symbol at the bottom, then "Show options"
Add entry for RFC 2307-style server
Edit /etc/auto_home to contain only the line
```
* -resvport,bg nfsserver:/path/to/home/&
```
See 'man mount_nfs' for those two options.

'sudo automount -c' to make the automounter pick up the changed file

Things that should work now:

id someNetworkUser should print UID/GID from LDAP
ssh xxx@localhost should use network password and find home directory
sudo su xxx should work
dirt -u xxx
ls /home
Tags : ldap macos aust

Add a comment
Posted by Volker Stolz on 16 July 2008 10:07:43 WAT #

July 2008
Mon	Tue	Wed	Thu	Fri	Sat	Sun
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31
Jun \| Today \| Aug

Username
Password
Remember me