The following easy steps will install snmp daemon on your CentOS/RHEL server :

1
yum install net-snmp net-snmp-utils
now snmpd simple configuration ( change SECRET_NAME to a complex string ) :

1
echo rocommunity SECRET_NAME > /etc/snmp/snmpd.conf
start snmpd :

1
service snmpd restart
also make sure it starts on boot :

1
chkconfig snmpd on
last step to check snmpd is working ( change SECRET_NAME to the string you have chose before ) :

1
snmpwalk -v 1 -c SECRET_NAME -O e 127.0.0.1
you should get an output like below :

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
SNMPv2-MIB::sysDescr.0 = STRING: Linux 2.6.18-194.11.4.el5xen #1 SMP Tue Sep 21 05:40:24 EDT 201
0 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (242211) 0:40:22.11
SNMPv2-MIB::sysContact.0 = STRING: root@localhost
SNMPv2-MIB::sysName.0 = STRING:
SNMPv2-MIB::sysLocation.0 = STRING: Unknown
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (2) 0:00:00.02
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.3 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.4 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.6 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.7 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.8 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
.
.
.
.

{hosts, [“example.org”, “example.com”]}.

{listen,
[

{5222, ejabberd_c2s, [

%%
%% If TLS is compiled and you installed a SSL
%% certificate, put the correct path to the
%% file and uncomment this line:
%%
%%{certfile, “/path/to/ssl.pem”}, starttls,

%% No need to specify certfile here, check domain_certfile
starttls,

{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536}
]},
…

]
}.

%%
%% domain_certfile: Specify a different certificate for each served hostname.
%%
{domain_certfile, “example.org”, “/path/to/example_org.pem”}.
{domain_certfile, “example.com”, “/path/to/example_com.pem”}.

This is a full list of the skins that have been available within MediaWiki (without the use of additional skin extensions). The version column has not yet been filled in, but this information needs to be added to the page, as not all these skins were introduced at the same time, and some of them are no longer available in a standard installation.

The first column gives the ID which should be used to configure this setting, the second gives the name as it appears within the MediaWiki interface and the third indicates the versions of MediaWiki that this skin is available for:

ID	Name	Versions
standard	Classic	pre-1.0 – 1.21
nostalgia	Nostalgia	pre-1.0 – 1.21
cologneblue	Cologne Blue	pre-1.0+
davinci	DaVinci	?? – 1.4
modern	Modern	1.12+
mono	Mono	??
monobook	MonoBook	1.3+
myskin	MySkin	?? – 1.21
chick	Chick	?? – 1.21
simple	Simple	?? – 1.21
vector	Vector	1.16+

An alternative way of checking which of the above skins are available in your particular version of MediaWiki is to check languages/Language.php

This used to be just my http://testserver/wordpress but using these simple commands you can make any staging environment production.

With that in mind, here is a simple way to duplicate a database from the command line of a windows server:

1. Create the target database using MySQLAdmin or your preferred method. In this example, db2 is the target database, where the source database db1 will be copied.
2. Execute the following statement on a command line:

mysqldump -h [server] -u [user] -p[password] db1 | mysql -h [server] -u [user] -p[password] db2

Note: There is NO space between -p and [password]

I decided to look into Zentyal here is a brief description of a how-to for the install, I will admit, it’s just a repost, but that doesn’t mean it’s not any cooler :P

 

Single domain controller, Zentyal only

This is the most basic scenario, one Zentyal server providing the domain services for the LANs. It’s important to study this case because the best practices and tips explained here will apply to the other cases. Let’s see the diagram:

Note that you will need at least one internal interface to configure Samba. DNS, NTP and Users&Groups modules are pre-requisites for Samba.

Installing Samba using the Zentyal installer & Wizards

• Make sure you have an Internet connection while you install (thus, you need at least two interfaces, the one providing Internet connection and the internal one). This way, you will have the last packages needed by samba.

The “primary network interface” the installer asks for, is the one it will use to retrieve the packages

• Make sure your hostname is a valid DNS A register, with less than 15 characters, and no capital letters.

During the second stage of the installation, you will choose to install the ‘File sharing and Domain Services’ module (Samba4):

The next step will show you the Samba dependencies, you will see also the additional packages and their dependencies here:

Some of the packages and their dependencies have installation wizards, let’s study those related with samba

First of all, the network interface configuration. As previously noted, you will need at least one internal interface to configure Samba:

In the Next step you will configure all your interfaces (see the internal one in the example below):

The next step is the most critical one, you have to choose the “local” DNS domain, this domain will contain the Kerberos SRV and TXT registries and will name your Kerberos realm (Uppercasing the DNS one).

• Double-check that this is the domain name you want your local clients and other controllers to join later on.

• Follow the standard domain naming conventions  http://en.wikipedia.org/wiki/Domain_Name_System#Domain_name_syntax

The domain will be assigned all the IP addresses associated with your interfaces, you will have an A register containing your hostname. This hostname will be assigned all the mentioned IPs as well.

The domain will be automatically “provisioned” with the required TXT and SRV registries.

That’s why your hostname needs to be a valid DNS A register.

Currently there is no way of migrating Samba – Kerberos provisioning from one domain to another, in future Zentyal versions you will have graphical menus to promote/demote between plain DNS domains and Samba-provisioned domains.

If you have completed all the steps, you will be redirected to the Dashboard. Accessing to Module Status, the File Sharing module should appear as enabled

In the next section we will explain how to configure samba in an already installed Zentyal 3.0 server, so you can jump directly to the ‘Client configuration’ section.

Configuring Samba in an already installed Zentyal 3.0 server

In case you have an already installed Zentyal 3.0 and some modules and/or don’t want to use the wizards, this section explains how to achieve a correct Samba4/Kerberos configuration using Zentyal Web administration. In any case, you are encouraged to read the former section since lot of the tips are the same (choosing a hostname, interface config, etc)

Fist of all, make sure that all software packages are up to date

You can access Software Management –> Zentyal components and then click on ‘Update List’

After updating, you can go to Software Management –> Zentyal components and make sure you update all the components available in the Update tab:

From Software Management –> System Updates you can check and update other available packages:

You can also perform it from the CLI

sudo apt-get update && sudo apt-get dist-upgrade

You need one internal interface properly configured.

Apart from the network configuration, you need to have the DNS, NTP and Users&Groups modules installed and enabled before installing&enabling ‘File Sharing and Domain Services’ (Samba)

• You can change the hostname from System –> General, it is recommended to reboot the machine after saving changes if you do this.

• You can’t change the provisioned domain, as explained in the former section.

• Make sure the DNS domain contains the local IP(s) that you intend to use to communicate with your clients.

• Make sure your hostname is added as an A register to the provisioned domain and also assigned the mentioned local IP(s).

• Check from System –> General that your timezone is correct.

• Make sure that the NTP is enabled and you are syncing with external NTP servers from the Infrastructure –> NTP menu

If all the former steps are verified, you can now install and enable the samba module, first time you enable it, it has to integrate Samba’s subsystems with the existing ones, so it may take a few minutes, please be patient.

Windows Client configuration

To join a Windows client to the domain, you first need a domain admin. This domain admin will be an LDAP user who belongs to the ‘Doman Admins’ group, and thus, different administrator account you created for Zentyal server.

You can create the user yourself, the group ‘Domain Admins’ will be available if Samba is installed.

• Make sure client time and server time are sync’ed, preferably by setting Zentyal’s own NTP server in the clients.

• Make sure the default DNS server of the client is Zentyal server.

Typically, you will fulfill the last two points by using DHCP, but there is not problem configuring it by hand if you follow the tips.

Now you can join your client to the domain, note that the Kerberos realm is the uppercase version of your provisioned DNS domain

You will be asked for the login credentials of (one of) the domain admin.

If you intend to use the Kerberos / Single Sign On capabilities, to automatically identify users in the different services, always configure the client (proxy in the web browser, IMAP and SMTP in the mail client, etc) using the local FQDN of the server, never the IP address. This way, the client is able to locate the Kerberos server configured in the domain.

Linux Client configuration

There is no native “join a domain” mechanism available today using Linux clients, however, you can use the SSSD daemon to be able to log in using an LDAP user and to retrieve the initial Kerberos ticket needed for Single Sign On

SSSD config?

Even if you don’t want to use SSSD, you can still use the Kerberos ticket system installing the package heimdal-clients, editing your /etc/krb5.conf to look like this:

[libdefaults]
  default_realm = YOURREALM.COM
  dns_lookup_kdc = true
  dns_lookup_realm = true

and then performing

     kinit user

You will be asked for the LDAP, password, with klist you can list the kerberos tickets currently assigned to this client.

Editing GPOs and other AD attributes

If you have a Windows client already joined to the domain and have logged in with one of the domain admins Zentyal users, you can download the RSAT (Remote Server Administration Tools) and edit the GPOs for your domain exactly like you will do with Active Directory:

Link for Windows 7:  http://www.microsoft.com/en-us/download/details.aspx?id=7887

Follow the instructions available on this webpage to enable the different features on your machine after the installation.

A very typical example of GPO is to automatically set the proxy for Internet Explorer, a possibility that you can combine with Single-Sign-On to have seamless per-usergroup proxy policies.

Using the RSAT tool Group Policy Management, you can traverse the tree Group Policy Management –> Forest<your domain> –> Domains –> <yourdomain> –> Group Policy Objects, in this example we are going to use the Default Domain Policy

Editing the policy, you can go to User Configuration –> Windows Settings –> Internet Explorer –> Connection, double clicking on the Proxy Settings attribute:

Editing this setting, you can make sure that any machine joining the domain uses your Zentyal proxy by default

Known issues ¶

It’s not possible to combine Master / Slave synchronization with Samba4 synchronization, check http://trac.zentyal.org/wiki/Documentation/Community/Document/SambaAndMasterSlave for more information.

This is the first post for the site, I have never used WordPress before and with all the things I have heard, I anticipate that it will be a fun experience.

Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!