Header Shadow Image


Archive for the 'NIX Posts' Category

OpenVPN Setup on Ubuntu

To get the latest version of OpenVPN, which will be 2.6 since files for 3.0 are still not yet available at the time of this article, we first need to import the OpenVPN repository key: # ls -altri /etc/apt/keyrings/ # curl -fsSL https://swupdate.openvpn.net/repos/repo-public.gpg | gpg –dearmor > /etc/apt/keyrings/openvpn-repo-pub-key.gpg Change ‘arch’ to match your CPU architecture. […]

IPA Fails to start: Timeout Exceeded and No Route to Host when IPV6 disabled

IPA doesn’t start? Just prints the following when an attempt is made to start it? # strace -f -s 256 ipactl start . . . . socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_IP) = 4 connect(4, {sa_family=AF_INET, sin_port=htons(389), sin_addr=inet_addr(“127.0.0.1”)}, 16) = 0 getsockname(4, {sa_family=AF_INET, sin_port=htons(51027), sin_addr=inet_addr(“127.0.0.1”)}, [28->16]) = 0 close(4) = 0 socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_IP) = 4 connect(4, {sa_family=AF_INET6, […]

Find Which Device Is Connected to a Cisco Switch Port

Issue the following: mdscisco07#sh mac address-table interface gigabitEthernet 1/19 Unicast Entries vlan mac address type protocols port ——-+—————+——–+———————+——————– 5 abcd.1234.wxyz dynamic ip,ipx GigabitEthernet1/19 HTH

Configuring an Ubuntu Workstation with XRDP, SSHD, VNC, FreeIPA, SSSD, Java, NetBeans

Building an Ubuntu Workstation for development and general use, one that can be accessed remotely with central authentication.  Most of the commands below will be ran as the root user, hence # sudo su – to root will be needed.  Let’s get going: ALIAS SETUP Personally, the following alias just makes it a tad easier […]

HAproxy Configuration to AD Active Directory Servers

Quick configuration to proxy AD requests through another server. Set the following on the proxy server. Note the frontend server is on port 443 whereas the backend server is on port 389: # vi /etc/haproxy18/haproxy.cfg global log 127.0.0.1 local0 debug stats socket /var/run/haproxy.sock mode 0600 level admin # stats socket /var/lib/haproxy/stats maxconn 4000 user haproxy […]

klist: Improper format of Kerberos configuration file while initializing krb5

There were extra spaces or space with a different font, in front of “” that got copied over from an editor.  Once replaced, everything worked fine: root@g73sw01:/etc# klist -kte klist: Improper format of Kerberos configuration file while initializing krb5 root@g73sw01:/etc# vi /etc/krb5.conf root@g73sw01:/etc# klist -kte Keytab name: FILE:/etc/krb5.keytab KVNO Timestamp Principal —- ——————- —————————————————— 6 […]

[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failename mismatch, certificate is not valid for ‘idmipa01.nix.mds.xyz’

When joining a new client to the FreeIPA servers: # ipa-client-install –uninstall; ipa-client-install –force-join -p USER -w “SECRET” –fixed-primarver=idmipa01.nix.mds.xyz –server=idmipa02.nix.mds.xyz –domain=nix.mds.xyz –realm=NIX.MDS.XYZ -U the following  message is visible: Connection to https://idmipa01.nix.mds.xyz/ipa/json failed with [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failename mismatch, certificate is not valid for ‘idmipa01.nix.mds.xyz’. (_ssl.c:1007) Connection to https://idmipa02.nix.mds.xyz/ipa/json failed with [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify […]

Ping resolves internal DNS entries with external IP’s. Nslookup works fine.

Ping resolves internal DNS entries with external IP’s: C:\Windows\system32>ping atlas-c01 Pinging atlas-c01.nix.mds.xyz [3.64.163.50] with 32 bytes of data: Control-C ^C C:\Windows\system32>ping atlas-c01 Pinging atlas-c01.nix.mds.xyz [3.64.163.50] with 32 bytes of data: Control-C ^C C:\Windows\system32> Nslookup works great: C:\Windows\system32>nslookup atlas-c01.nix.mds.xyz Server: dns.mds.xyz Address: 192.168.0.224 Non-authoritative answer: Name: atlas-c01.nix.mds.xyz Address: 10.0.0.77 C:\Windows\system32> Even from a locally installed Ubuntu […]

Set Static IP on Ubuntu Server

Via the CLI: root@tom-G73Sw:~# cd /etc/netplan/ root@tom-G73Sw:/etc/netplan# cat 01-network-manager-all.yaml # Let NetworkManager manage all devices on this system network: version: 2 renderer: NetworkManager ethernets: enp5s0: dhcp4: no addresses: [192.168.0.15/24] gateway4: 192.168.0.1 nameservers: addresses: [192.168.0.224,192.168.0.46,192.168.0.51] root@tom-G73Sw:/etc/netplan# Then issue: netplan try so changes take effect.  Via UI, go to Activities then Settings, select Network or WiFi, based […]

BitDefender Parental Control

BitDefender updates resulted in this message being printed: “we could not verify the certificate: reason = wrongHost” “we could not verify the certificate: reason = untrusted” And on further inspection, it is revealed the BitDefender is indeed the culprit via it’s Parental Controls: To fix this, I uninstalled BitDefender Parental Control in Windows, as it […]


     
  Copyright © 2003 - 2013 Tom Kacperski (microdevsys.com). All rights reserved.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License