Wednesday, June 11, 2014

Ubuntu Vnc Remote login authentication security type.

if you have ubuntu vnc (for remote client) connection issue. (security type)

use the following command :


gsettings set org.gnome.Vino require-encryption false













/*


$ pkill vino
$ export DISPLAY=:0.0
$ /usr/lib/vino/vino-server &


*/

Sunday, September 1, 2013

HE tunnel update directly through ddclient


Example configuration /etc/ddclient.conf

daemon=5m
use=web, web=dyndns
protocol=noip,server=ipv4.tunnelbroker.net 12345 username password

Friday, August 23, 2013

Import Custom attributes to exchange mailbox using CSV values



Import-Csv C:\test\a.csv | ForEach {Set-Mailbox $_.user -CustomAttribute5 $_.dept -CustomAttribute6 $_.dept}


CSV example below a.csv file.


user,dept
wilson,8898
localuser03,9989

Wednesday, August 14, 2013

PostFix Permission Denied to /var/mail/user



If you get the permission denied from postfix use the following commands to give permission to users.

please note: test is username change to your own username.

sudo touch /var/mail/test
sudo chown test:mail /var/mail/test
sudo chmod o-r /var/mail/test
sudo chmod g+rw /var/mail/test

Tuesday, August 6, 2013

Bind9 From Source

Install OpenSSL.


The steps to install it are as follows:

Download the latest stable release from OpenSSL.orge
Extract the tarball like so:
tar zxvf openssl-0.96b.tar.gz
cd openssl-0.96b
Configure the software:
perl util/perlpath.pl `which perl`
./config --prefix=/usr --openssldir=/usr/ssl shared
Compile it:
make
Remove all existing OpenSSL software:
rpm -q -a | grep openssl | while read line
do
rpm -e --nodeps $line
done
Install your new OpenSSL:
make install
Update your library resolutions:
ldconfig -v


Download the latest stable release from ISC.org *

Extract the tarball like so:
tar zxvf bind-9.x.tar.gz
cd bind-9.x

Configure the software:
./configure --prefix=/usr \
--sysconfdir=/etc \
--enable-threads \
--localstatedir=/var/state \
--with-libtool \
--with-openssl=/usr/ssl

Compile it:
make

Remove all existing Bind software:
rpm -q -a | grep '^bind' | while read line
do
rpm -e --nodeps $line
done

Install your new Bind:
make install
cd doc/man/bin (not needed on 9.2.0 and above)
for i in 1 5 8 (not needed on 9.2.0 and above)
do (not needed on 9.2.0 and above)
install *.$i /usr/man/man$i (not needed on 9.2.0 and above)
done (not needed on 9.2.0 and above)
cd ../dnssec (not needed on 9.2.0 and above)
install *.8 /usr/man/man8 (not needed on 9.2.0 and above)

Update your library resolutions:
ldconfig -v

Create the Bind user and group
groupadd named
useradd -d /var/named -g named -s /bin/false named

Adjust the group/perms on /var/run
vigr (add named to the 'daemon' group)
chown root:daemon /var/run
chmod 775 /var/run

Create the Bind rundir
mkdir -p /var/named/pz
chown -R named:named /var/named
chmod -R 755 /var/named

Create a script to maintain the root.hints file
cat << "EOF" > update_named
#!/bin/sh
cd /var/named
wget http://dns.vrx.net/tech/rootzone/db.root
if [ -s /var/named/db.root ] ; then
chown named:named /var/named/db.root
/etc/rc.d/named stop
mv /var/named/root.hints /var/named/root.hints.old
mv /var/named/db.root /var/named/root.hints
/etc/rc.d/named start
fi
EOF

Make the script executable, and execute it (Bind will probably fail, but your root.hints file will get updated like we wanted)
chmod 700 update_named
./update_named

Move the script to your monthly cron directory
mv update_named /etc/cron.monthly
Create /var/named/pz/127.0.0 as below,
$TTL 1D

@           1D IN SOA   localhost. root.localhost. (
                    42      ; serial (d. adams)
                    3H      ; refresh
                    15M     ; retry
                    1W      ; expiry
                    1D )        ; minimum

            1D IN NS    localhost.
1           1D IN PTR   localhost.



Create /var/named/pz/192.168.1
ln -s 127.0.0 192.168.1


Create /etc/resolv.conf
echo "nameserver 127.0.0.1" > /etc/resolv.conf
Create your rndc password (we'll use "hush" for ours)
mmencode (this command is part of the metamail package)
hush
aHVz (mmencode returns this)
^C



Create /etc/rndc.conf
   // this file is used by the rndc utility
        options {
        // what host should rndc attempt to control by default
            default-server localhost;
        // and what key should it use to communicate with named
            default-key "rndc-key";
        };

        server localhost {
        // always use this key with this host
            key "rndc-key";
        };

        key "rndc-key" {
        // how was the key encoded
            algorithm hmac-md5;
        // what's the password
            secret "aHVz";
        };

        // secret was generated by running mmencode on command line
        // and then entering a secret phrase
   


Create /etc/rndc.key
   // this file is used when named starts up and sees that
        // there is a key assigned to the control channel
        key "rndc-key" {
        // how was the key encoded
            algorithm hmac-md5;
        // what's the password
            secret "aHVz" ;
        };
   



And finally, create /etc/named.conf as below
   // This is a configuration file for named (from BIND 9.0 or later).
        // It would normally be installed as /etc/named.conf.
        //
        // Changed to match secure example from LASG 5/17/00
        // Changed to match Linux Journal example 9/17/00
        // Added new "view' sections to stop fingerprinting of Bind 9.x per
        // Bugtraq 1/31/00
        // Added rndc key stuff per DNS & Bind (Rev. 4) Chapter 11
        // added use-id-pool and more comments based on above chapter

             options {
            // Directory where bind should create files if
            // not explicitly stated
            directory "/var/named";

            // whom do we allow to do zone tranfers
            allow-transfer { 192.168.1.0/24; };

            // new in Bind 9.x to allow RFC1886 -> RFC2874 conversion
            // to support IPv6
            // allow-v6-synthesis { 192.168.1.10; };
            // OBSOLETED in 9.3.0 + !!

            // tell Bind to check the names in zone files
            // since it no longer does this by default
            // (unimplemented 9.3.0+)
            check-names master warn;

            // sets the size of something or other to 20Mb ;)
            datasize 20M;

            // sets the size of the journal to 5Mb
            max-journal-size 5M;

            // Bind 9.x doesn't recognize this yet :(
            // deallocate-on-exit no;

            // where should Bind put a dump of its cache
            // if told to dump it
            dump-file "named_dump.db";

            // how often should bind check for new
            // interfaces toi listen on. we turn
            // this off by setting it to 0
            interface-interval 0;

            // specify what interfaces/ips to listen on
            // as the default is all of them
            listen-on { 192.168.1.10; 127.0.0.1; };

            // define a mximum size of cached records
            // new in Bind 9.x
            max-cache-size 20M;

            // where to right stats of memory usage
            // Bind 9.x doesn't recognize this yet :(
            memstatistics-file "named.memstats";

            // where to put out pid file
            // absolute path since we don't want
            // it in /var/named
            pid-file "/var/run/named.pid";

            // force Bind to use port 53 for its
            // network operation to other DNS
            // servers (Bind 9 uses high ports
            // by default). Makes firewalling easier
            query-source address * port 53;
            transfer-source * port 53;
            notify-source * port 53;

            // where to dump Bind server stats
            statistics-file "named.stats";

            // force Bind to be "more" random in assiging
            // message ids
            use-id-pool yes;

            // If the chaos view below doesn't work
            // for some reason, still give out a bogus
            // answer for Bind version requests
            version "This is not the port you're looking for.";

            // keep stats on a zone basis
            zone-statistics yes;
             };

             controls {
            // this allows rndc to be used from the localhost
            // to talk to bind on the loopback interface
            // using the key defined as 'rndc-key'
            inet 127.0.0.1 allow { localhost; } keys { rndc-key; };
             };

             // the rest of the key configuration is in
             // /etc/rndc.conf and the key itself is in
             // /etc/rndc.key
             key "rndc-key" {
            // how was key encoded
            algorithm hmac-md5;
            // what is the pass-phrase for the key
            secret "aHVz" ;
             };

             logging {
            channel named_info {
                // log to syslog instead of a file
                syslog;
                // include the category of the event in the log
                print-category yes;
                // include the severity of the event in the log
                print-severity yes;
                // include the time of the event in the log
                print-time yes;
            };

            // Processing of client requests
            category client { named_info; };

            // named.conf parsing and processing
            category config { named_info; };

            // Messages relating to internal memory structures
            category database { named_info; };

            // This is the default for any category not specifically defined
            category default { named_info; };

            // The catch-all. Anything without a category of its own
            category general { named_info; };

            // Uncomment if you dont want to know about lame server.
            // Leave commented and it defaults to the
            // value of default above
            // category lame-servers { null; };

            // The NOTIFY protocol
            category notify { named_info; };

            // Network operations
            category network { named_info; };

            // DNS resolution like recursive lookups, etc..
            category resolver { named_info; };

            // Approval and denial of requests
            category security { named_info; };

            // Dynamic updates
            category update { named_info; };

            // Queries. Duh.
            category queries { named_info; };

            // Zone transfers received
            category xfer-in { named_info; };

            // Zone transfers sent
            category xfer-out { named_info; };
            };

            // this is where we define different versions
            // of our zones based on where the client is
            // coming from.
            // the first view that matches a client is
            // the one that gets used, so order can be
            // important
            view "external-chaos" chaos {
                // you could use 'any' or even 'localnets' here
                // instead of specifying each IP range
                // however, it should be noted that 'localnets'
                // means ANY network Bind is directly connected
                // to which might include your ISP
                match-clients { 192.168.1.0/24; 127/8; };
                recursion no;
                zone "." {
                    type hint;
                    // this causes a null response to queries
                    // about the Bind version
                    file "/dev/null";
                };
            };
   
            view "external" {
                // you could use 'any' or even 'localnets' here
                // instead of specifying each IP range
                // however, it should be noted that 'localnets'
                // means ANY network Bind is directly connected
                // to which might include your ISP
                match-clients { 192.168.1.0/24; 127/8; };
                zone "." {
                    type hint;
                    file "root.hints";
                };
            };
   
            view "external-127" {
                // you could use 'any' or even 'localnets' here
                // instead of specifying each IP range
                // however, it should be noted that 'localnets'
                // means ANY network Bind is directly connected
                // to which might include your ISP
                match-clients { 192.168.1.0/24; 127/8; };
                zone "0.0.127.in-addr.arpa" {
                    type master;
                    file "pz/127.0.0";
                    allow-update {
                        none;
                    };
                };
            };
   
            view "external-192" {
                // you could use 'any' or even 'localnets' here
                // instead of specifying each IP range
                // however, it should be noted that 'localnets'
                // means ANY network Bind is directly connected
                // to which might include your ISP
                match-clients { 192.168.1.0/24; 127/8; };
                zone "1.168.192.in-addr.arpa" {
                    type master;
                    file "pz/192.168.1";
                    allow-update {
                        none;
                    };
                };
            };
   


The only thing left to do is start Bind:
/usr/sbin/named -u named






Wednesday, July 10, 2013

active directory using samba

http://www.matrix44.net/cms/notes/gnulinux/samba-4-ad-domain-with-ubuntu-12-04

Saturday, May 4, 2013

Telnet to windows 7

Install Telnet Client to windows 7 using commandline.

pkgmgr /iu:"TelnetClient"