Monday, December 20, 2010

Samba PDC domain controller on RedHat /Cent OS

Samba PDC is used for centralized authentication and domain control of Windows
operating systems.

Here we will set a samba PDC machine with domain name lap.work and create some
users. And we will check whether these users are able to login to this domain from different
machines.

In this example we are working on rhel5. It will also work on other distributions like RedHat, Centos, Fedora, etc.

Samba PDC Machine:
rhel 5.4
IP : 192.168.0.1

Windows Client:
Windows  XP Professional SP2
Computer Name : lap-xp
Domain Name : lap.work
IP : 192.168.0.2

Installation:

Install samba packages:
[root@sambapdc ~]# yum install samba*

Configuration:

open the samba configuration file and make the following edits.
[root@sambapdc ~]# vim /etc/samba/smb.conf

Uncomment or edit the lines as shown below.

In global settings:

workgroup = lap.work #domain name
server string = Samba PDC Server #as host name. just to identify
netbios name = samba #netbios name for communication
local master = yes
preferred master = yes
domain master = yes
domain logons = yes
logon path = \\%L\Profiles\%U #profile entry
security = user
passdb backend = tdbsam

In share definishions:

[homes]
browseable = yes
writable = yes

[netlogon]
path = /home/netlogon
writable = no

[Profiles]
path = /home/profiles
create mask = 0755
directory mask = 0755
writable = yes #should give. Else you will get ACCESS DENIED errors

Now create the following directories:

[root@sambapdc ~]# mkdir -m 1777 /home/profiles
[root@sambapdc ~]# mkdir -m 1777 /home/netlogon

Attaching a windows machine:

Now create a group named machine and add a user with the name of windows client
[root@sambapdc ~]# groupadd -g 200 machine
[root@sambapdc ~]# useradd -d /dev/null -g 200 -s /sbin/nologin lap-xp$
Where lap-xp is the name of the machine we are attaching to samba PDC
[root@sambapdc ~]# smbpasswd -m -a lap-xp

Start the samba service:

[root@sambapdc ~]# service smb start
[root@sambapdc ~]# chkconfig smb on
Run testparm and test your configuration settings:
[root@sambapdc ~]# testparm
[root@sambapdc ~]# smbpasswd -a root
[root@sambapdc ~]# smbpasswd -e root

Add two more users for testing:

#useradd user1
#smbpasswd -a user1
#smbpasswd -e user
#useradd user2
#smbpasswd -a user2
#smbpasswd -e user2
[root@sambapdc ~]# service smb restart

On windows machine:

Right click the My Computer icon
Take properties
Take Computer name tab
Add the system to lap.work domain
you will be prompted for a username and password. Give root and its password.
System may need to restart

you can see that when we are logged as user1 a directory user1 will be created in /home/profiles
in samba PDC machine. This will be the home directory of that user. He will he able to login
from all machines in this domain and will be getting to this same directory.
:)
Posted by at 9 comments:

RedHat /Cent OS/ Fedora/ Ubuntu TOP command


TOP

Top command provides a real-time look at what is happening with your system. Top produces so much output that a new user may get over whelmed with all thats presented and what it means.
Lets take a look at TOP one line at a time. The server has been flooded with http requests to create some load on the server.
top output:
top - 22:09:08 up 14 min,  1 user,  load average: 0.21, 0.23, 0.30
Tasks:  81 total,   1 running,  80 sleeping,   0 stopped,   0 zombie
Cpu(s):  9.5%us, 31.2%sy,  0.0%ni, 27.0%id,  7.6%wa,  1.0%hi, 23.7%si,  0.0%st
Mem:    255592k total,   167568k used,    88024k free,    25068k buffers
Swap:   524280k total,        0k used,   524280k free,    85724k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
 3166 apache    15   0 29444 6112 1524 S  6.6  2.4   0:00.79 httpd
 3161 apache    15   0 29444 6112 1524 S  5.9  2.4   0:00.79 httpd
 3164 apache    15   0 29444 6112 1524 S  5.9  2.4   0:00.75 httpd
 3169 apache    15   0 29444 6112 1524 S  5.9  2.4   0:00.74 httpd
 3163 apache    15   0 29444 6112 1524 S  5.6  2.4   0:00.76 httpd
 3165 apache    15   0 29444 6112 1524 S  5.6  2.4   0:00.77 httpd
 3167 apache    15   0 29444 6112 1524 S  5.3  2.4   0:00.73 httpd
 3162 apache    15   0 29444 6112 1524 S  5.0  2.4   0:00.77 httpd
 3407 root      16   0  2188 1012  816 R  1.7  0.4   0:00.51 top
  240 root      15   0     0    0    0 S  0.3  0.0   0:00.08 pdflush
  501 root      10  -5     0    0    0 S  0.3  0.0   0:01.20 kjournald
 2794 root      18   0 12720 1268  560 S  0.3  0.5   0:00.73 pcscd
    1 root      15   0  2060  636  544 S  0.0  0.2   0:03.81 init
    2 root      RT  -5     0    0    0 S  0.0  0.0   0:00.00 migration/0
    3 root      34  19     0    0    0 S  0.0  0.0   0:00.00 ksoftirqd/0
    4 root      RT  -5     0    0    0 S  0.0  0.0   0:00.00 watchdog/0
    5 root      10  -5     0    0    0 S  0.0  0.0   0:00.07 events/0
The first line in top:
top - 22:09:08 up 14 min,  1 user,  load average: 0.21, 0.23, 0.30
“22:09:08″ is the current time; “up 14 min” shows how long the system has been up for; “1 user” how many users are logged in; “load average: 0.21, 0.23, 0.30″ the load average of the system (1minute, 5 minutes, 15 minutes).
Load average is an extensive topic and to understand its inner workings can be daunting. The simplest of definitions states that load average is the cpu utilization over a period of time. A load average of 1 means your cpu is being fully utilized and processes are not having to wait to use a CPU. A load average above 1 indicates that processes need to wait and your system will be less responsive. If your load average is consistently above 3 and your system is running slow you may want to upgrade to more CPU’s or a faster CPU.
The second line in top:
Tasks:  82 total,   1 running,  81 sleeping,   0 stopped,   0 zombie
Shows the number of processes and their current state.
The third lin in top:
Cpu(s):  9.5%us, 31.2%sy,  0.0%ni, 27.0%id,  7.6%wa,  1.0%hi, 23.7%si,  0.0%st
Shows CPU utilization details. “9.5%us” user processes are using 9.5%; “31.2%sy” system processes are using 31.2%; “27.0%id” percentage of available cpu; “7.6%wa” time CPU is waiting for IO.
When first analyzing the Cpu(s) line in top look at the %id to see how much cpu is available. If %id is low then focus on %us, %sy, and %wa to determine what is using the CPU.
The fourth and fifth lines in top:
Mem:    255592k total,   167568k used,    88024k free,    25068k buffers
Swap:   524280k total,        0k used,   524280k free,    85724k cached
Describes the memory usage. These numbers can be misleading. “255592k total” is total memory in the system; “167568K used” is the part of the RAM that currently contains information; “88024k free” is the part of RAM that contains no information; “25068K buffers and 85724k cached” is the buffered and cached data for IO.
So what is the actual amount of free RAM available for programs to use ?
The answer is: free + (buffers + cached)
88024k + (25068k + 85724k) = 198816k
How much RAM is being used by progams ?
The answer is: used – (buffers + cached)
167568k – (25068k + 85724k) = 56776k
The processes information:
Top will display the process using the most CPU usage in descending order. Lets describe each column that represents a process.
 PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
3166 apache    15   0 29444 6112 1524 S  6.6  2.4   0:00.79 httpd
PID – process ID of the process
USER – User who is running the process
PR – The priority of the process
NI – Nice value of the process (higher value indicates lower priority)
VIRT – The total amount of virtual memory used
RES – Resident task size
SHR – Amount of shared memory used
S – State of the task. Values are S (sleeping), D (uninterruptible sleep), R (running), Z(zombies), or (stopped or traced)
%CPU – Percentage of CPU used
%MEM – Percentage of Memory used
TIME+ – Total CPU time used
COMMAND – Command issued

Interacting with TOP

Now that we are able to understand the output from TOP lets learn how to change the way the output is displayed.
Just press the following key while running top and the output will be sorted in real time.
M – Sort by memory usage
P – Sort by CPU usage
T – Sort by cumulative time
z – Color display
k – Kill a process
q – quit
If we want to kill the process with PID 3161, then press “k” and a prompt will ask you for the PID number, and enter 3161.

Command Line Parameters with TOP

You can control what top displays by issuing parameters when you run top.
- d – Controls the delay between refreshes
- p – Specify the process by PID that you want to monitor
-n – Update the display this number of times and then exit
If we want to only monitor the http process with a PID of 3166
$ top -p 3166
If we want to change the delay between refreshes to 5 seconds
$ top -d 5
Posted by at No comments:

Thursday, December 9, 2010

Howto Convert Ext3 filesystem to Ext4 Filesystem without Reinstalling OS in Fedora/CentOS/Ubuntu

Things to remember

  • Unmount the filesystem before convert
  • Filesystem must be non-root
This way you can improve the performance, storage limits and features of your existing filesystem without reformatting and/or reinstalling your OS and softwares.
First, unmount the partition: umount /dev/sda2 (change sda2 with your Drive)
Next, run a filesystem check on it to make sure it is in sane condition.
fsck.ext3 -pf /dev/sda2
Enable new features of ext4 on the filesystem
tune2fs -O extents,uninit_bg,dir_index  /dev/sda2
Run a filesystem check. to make sure that the filesystem is now clean.
fsck -pf /dev/sda2
Now edit your /etc/fstab file and replace "ext3" with "ext4" for /dev/sda1. Other options may differ for your system.
/dev/sda2  /disk ext4 defaults 0 2
Try to mount your new ext4 filesystem: mount /disk
Posted by at No comments:

Sunday, December 5, 2010

Create your own Forums on Cent OS AMIs

[ec2-user@ip-10-112-7-1 ~]$ sudo yum install  mysql mysql-server httpd php php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc phpmyadmin

[ec2-user@ip-10-112-7-1 ~]$ sudo service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd:                                            [  OK  ]
[ec2-user@ip-10-112-7-1 ~]$ sudo service mysqld restart
Stopping mysqld:                                           [  OK  ]
Initializing MySQL database:  Installing MySQL system tables...
OK
Filling help tables...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h ip-10-112-7-1 password 'new-password'

Alternatively you can run:
/usr/bin/mysql_secure_installation

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the manual for more instructions.

You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd /usr/mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

                                                           [  OK  ]
Starting mysqld:                                           [  OK  ]

[ec2-user@ip-10-112-7-1 ~]$ wget http://vanillaforums.org/uploads/addons/LABOJ70HFYO0.zip
--2010-12-06 05:41:39--  http://vanillaforums.org/uploads/addons/LABOJ70HFYO0.zip
Resolving vanillaforums.org... 67.23.13.227
Connecting to vanillaforums.org|67.23.13.227|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2977490 (2.8M) [application/zip]
Saving to: “LABOJ70HFYO0.zip”

100%[======================================>] 2,977,490   3.36M/s   in 0.8s  

2010-12-06 05:41:40 (3.36 MB/s) - “LABOJ70HFYO0.zip” saved [2977490/2977490]

[ec2-user@ip-10-112-7-1 ~]$ unzip LABOJ70HFYO0.zip -d /var/www/html





Posted by at No comments:
Subscribe to: Posts (Atom)