search for: schlacta

I would like to dnat certain protocols (HTTP, HTTPS, SSH) to the contents of an ipset (lan:+serviceshost or similar) where the ipset is ensured to contain only one host, but can be changed dynamically when services are in maintenance mode and go to the "services are down" message on another server. Will this work, or am I barking up a fish here?

so I have some local users that I'd like to show up in my samba domain a bit more properly, but it's infeasable to add their accounts to the ldap directory proper. I've tried to create an idmap entry (probably wrong) and a structural SID with a sam account pointing to the numeric UID and a proper name for the unix account, but it still shows up as UNIX-USER/accountname. what am

I found a fancy, easy (seeming) way to add printer drivers in windows 7 since the old methods don't seem to work anymore. if you run mmc, you can add a snapin called print management, which enables you to manage various things (drivers, forms, ports, and printers to be most important). Problem is, I can't figure out how to use the "Drivers" method to add drivers. I get a

...e issues I've come across in setting up my test domain. I've let my google-fu fail me one too many times, and these questions answered clearly and concisely are difficult to come by. Any help you can provide me in answering these questions would be a big help! Thank you again, Christ Schlacta

Hi, I''ve been working the past 8 hrs combatting DDoS attacks on websites and dedicated servers I host for clients. They''re hitting one specific IP address, but coming from thousands of external IP addresses. I use: shorewall-4.0.10-3.noarch How can I tackle this? I''ve blocked many subnets in the blacklist file but it''s made very little difference. If

how to do only users from ldap? i'm not running in domain mode, I'd just like to be able to have the same username and password for users from ldap. there are no machines, and nothing else, just users and groups. all the guides I find have machines in ldap too, and require domain mode, I'm not sure which pieces need tobe changed.

I have some shares on a media server that are considdered "Local, offline content", namely they should be accessible if the rest of the network is down, and each system has it's own group of users who are allowed to maintain it. the media servers in the livingroom are only for my wife and I, but each person can modify the one in their own bedroom and noone elses bedroom.

I''m converting my network from a "one interface per segment" to a "single connection with vlans", well, some hardware I have requires using different vlan IDs. suffice it to say I need bridges to connect a few different vlans that should all be one but can''t be because of firmware constraints. so my first step is to get shorewall to know about bridges.

I have an admin machine, and a backup server which does backups. The backup server has IPMI so I can do lights-out admin, and I want to allow this from the admin machine only. IPMI is completely unfirewalled, and so it must have a different class C than working networks.... this is just how it is. I''ve set the IPMI IP on the backup server to 192.168.10.4, and created a virtual

Thanks to both of you - exactly the piece I was missing. -----Original Message----- From: tms3 at tms3.com [mailto:tms3 at tms3.com] Sent: Monday, January 10, 2011 12:52 PM To: Christ Schlacta Cc: samba at lists.samba.org Subject: Re: [Samba] Reestablishing trust with PDC > > > you haven't tried experimenting with backing up and restoring the > samba password cache. look in /var/*/samba and /var/*/*/samba for > files related to the password cache to backup and res...

I am in the process of building a new machine to replace several older servers. I am considering running several virtual servers on one box, all linux for host and virtual machines using VirtualBox. Is it possible/advisable to configure shorewall on the host to act as a firewall for the virtual machines, each having one or more static public IP address? Any pointers, suggestions and/or

I've got a standalone host with an SID that matches exactly a domain SID. for some (fairly obvious) reason, windows machines get confused by this, so I need to change one of the two SIDs. I decided (for simplicity's sake) to change the machine. it broke a bunch of permissions in some silent way, and I couldn't solve a printing related issue as a result (see my other post).

http://samba.org/samba/docs/man/Samba-HOWTO-Collection/ This document has provided more information to me than I can adequately express, and as masochistic as it sounds, I'd kinda like to pop a copy on my nook and devour it. along with any of the other docs hosted on the samba website. has anyone prepared epubs of the documentation? if not epubs, than at least xhtml files in a zip

None of my systems can use lld2d to map the network when connected via wireless, but it works fine over the wireful network. the wireless is client -> hostapd -> ath5k -> bridge -> kernel with shorewall handling the bridge and kernel, as best I can explain it. on the bridge is also a wired device and a bunch of other PCs. the wired PCs can all map using lld2d just fine. lld2d

Hi, I am building a firewall that will have two groups of subnets behind it which I''ll provision via vlans. The upstream provider will be supplying a router with a single interface with two subnets routed into it, one is a private connection to the corporate WAN and the other is a public (Internet) block. One group of subnets behind the firewall will be SNAT''d out through a

I need to temporarily disable a share for a few days, I remember there was an entry I could add to the share definition to temporarily disable the share (I think it was disabled=true or enabled=false) but I can't remember what it was for sure, nor can I find it in the manual. what is it ?

The Shorewall Team is pleased to announce the availability of Shorewall 4.5.0. ---------------------------------------------------------------------------- P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- 1) This release includes all defect repair included in 4.4.27.1-4.4.27.3. 2) The start

I'm trying to figure out why I'm getting permission denied when trying to print from one user account only. all others work fine. the print server is configured as a domain controller backed by ldap. aarcane at density:/var/log$ sudo testparm -s Load smb config files from /etc/samba/smb.conf rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) Processing section

I've got an ldap directory, but no PDC yet. I want to set up a test PDC, and once things work, I want to be able to set a more appropriate system to be teh PDC using teh same login informations (replica of existing authzn databases). where's the documentation of how to do this? what do I need to know about this process (I'm not sure what it's even called >,.,< in

must a domain controller have the same machine SID as the domain (as I've read), or is will windows and linux function acceptably with the domain having one SID and the domain controllers having different SIDs ?