search for: summitnjhom

...sudoers list into my ldap configuration and I used an application called sudoers2ldif to generate the ldif. I used the following command to import the file: ============================================= [root at bluethundr-desktop:~/txt/ldif ] $:ldapadd -h ldap -a -W -x -D "cn=Manager,dc=summitnjhome,dc=com" -f /home/bluethundr/txt/sudoers2.ldif Enter LDAP Password: adding new entry "cn=defaults,ou=sudoers,ou=Services,dc=summitnjhome,dc=com" ldap_add: Invalid syntax (21) additional info: objectClass: value #1 invalid per syntax ==========================================...

Hello list, I am running an openldap 2.4 server under FreeBSD that was working well until the config was tweaked by someone on the team without properly documenting their work # /usr/local/etc/ldap.con on ldap server (FreeBSD 8.1) host LBSD.summitnjhome.com base dc=summitnjhome,dc=com sudoers_base ou=sudoers,ou=Services,dc=summitnjhome,dc=com binddn cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com bindpw {SSHA}secret scope sub pam_password exop nss_base_passwd ou=staff,dc=summitnjhome,dc=com nss_base_shadow ou=staff,dc=summitnjhome,dc=com # grep...

...users that I have derived from /etc/passwd. for some reason ldapadd is choking on the first entry... I've also tried removing the first one and predictably each one fails in exactly the same way...may I ask how best to correct this? Here is the error: LDAP# ldapadd -x -D "cn=Manager,dc=summitnjhome,dc=com" -W -f /tmp/passwd.ldif adding new entry "uid=root,ou=People,dc=summitnjhome,dc=com" ldap_add: Invalid syntax (21) additional info: objectClass: value #6 invalid per syntax Here is the first entry which presented a problem when I attempted to add it: dn: uid=root,ou=...

Hello, I am attempting to grep the contents of a key file I have SCP'd to a remote server. I am able to cat it: [code] [bluethundr at LBSD2:~]$:ssh root at sum1 cat /root/id_rsa.pub root at lcent01.summitnjhome.com's password: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApnUSYyrM96qIBZKjwSNYycgeSv/FAKE-KEY-DATA--KEY-DATA-PWReyVuOn9Fb/uH/FAKE-KEY-DATA-+ttLzUELGrfn/n+FAKE-KEY-DATA-/FAKE-KEY-DATA-/FAKE-KEY-DATA-/FAKE-KEY-DATA-== bluethundr at lbsd8-2.summitnjhome.com [/code] But I cannot cat / grep it in order...

...n all hosts on my network: [bluethundr at LCENT03:~]#df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/VolGroup00-LogVol00 140G 4.4G 128G 4% / /dev/sda1 99M 35M 60M 37% /boot tmpfs 1.6G 0 1.6G 0% /dev/shm nas.summitnjhome.com:/mnt/nas 903G 265G 566G 32% /mnt/nas nas2.summitnjhome.com:/mnt/store 1.4T 187G 1.1T 15% /mnt/store nas2.summitnjhome.com:/mnt/home 903G 47G 784G 6% /home none 1.6G 136K 1.6G 1% /var/lib/xenstored...

...plementation I put my cert file, key file and CA certfile in a directory called /usr/local/etc/openldap/cacerts Here's how it looks: [root at LBSD2:/usr/local/etc/openldap/cacerts]#ls -l total 48 dr--r----- 2 root ldap 512 Nov 21 17:12 bak -r--r----- 1 root ldap 1960 Nov 21 07:05 bsd2.summitnjhome.com.crt -r--r----- 1 root ldap 4604 Nov 21 17:16 gd_bundle.crt -r--r----- 1 root ldap 4689 Nov 21 18:59 sf_bundle.crt -r--r----- 1 root ldap 1537 Nov 21 17:16 sf_issuing.crt -r--r----- 1 root ldap 1090 Nov 21 12:29 slapd.csr -r--r----- 1 root ldap 1743 Nov 21 12:26 slapd.key -r--r--...

...ge that I currently have installed: [root at VIRTCENT01:~]#rpm -qa | grep heartbeat | grep -v -e stonith -e pils heartbeat-2.1.4-11.el5 heartbeat-2.1.4-11.el5 I have /etc/ha/.d authkeys setup this way: # auth 2 #1 crc 2 sha1 {SHA}secret I have /etc/ha.d/resources setup like this: VIRTCENT01.summitnjhome.com 192.168.1.23 And I have /etc/ha.cf setup like this: # What UDP port to use for udp or ppp-udp communication? # udpport 694 bcast eth0 mcast eth0 225.0.0.1 694 1 0 ucast eth0 192.168.1.200 # What interfaces to heartbeat over? udp eth0 # # Facility to use for sys...

...1.4.18 Here is the stanza in the config regarding SSL: listen https 192.168.1.200:443 mode tcp balance roundrobin option forwardfor except 192.168.1.200 option redispatch maxconn 10000 reqadd X-Forwarded-Proto:\ https server web1 web1.summitnjhome.com:443 maxconn 5000 server web2 web2.summitnjhome.com:443 maxconn 5000 I can connect to https on each web server and have it serve content. the IP 192.168.1.200 is a virtual IP created with keepalived and floating between two load balancers. I can connect to the virtual ip via opens...

...sections/modules # defining where files are served from and to whom # Define a section ''files'' # Adapt the allow/deny settings to your needs. Order # for allow/deny does not matter, allow always takes precedence # over deny [snjh] path /etc/puppet/manifests/files/snjh allow *.summitnjhome.com # deny *.evil.example.com # allow 192.168.0.0/24 Here is the class manifest I am using: class basefiles { file { "/etc/ldap.conf": source => "puppet://puppet/snjh/ldap.conf" } file { "/etc/haha.txt": source => "puppet://puppet/...

...source LDAP server implementation I have setup the certificate chain in my slapd.conf like so: [root at LBSD2:/usr/home/bluethundr]#grep -i tls /usr/local/etc/openldap/slapd.conf## TLS options for slapd TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCertificateFile /usr/local/etc/openldap/cacerts/LBSD2.summitnjhome.com.crt TLSCertificateKeyFile /usr/local/etc/openldap/cacerts/slapd.pem TLSCACertificateFile /usr/local/etc/openldap/cacerts/sf_issuing.crt I have tried each of the following certs with no luck in getting my cert to talk to it's CA: -rw-r--r-- 1 root bluethundr 2604 Nov 25 11:37 ca_bundl...

...Enter passphrase for /home/bluethundr/.ssh/id_rsa: Identity added: /home/bluethundr/.ssh/id_rsa (/home/bluethundr/.ssh/id_rsa) [bluethundr at LCENT01:~]#ssh sum3 Last login: Sun Nov 28 14:32:34 2010 from localhost.localdomain ######################################################### # SUMMITNJHOME.COM # # TITLE: LCENT03 BOX # # LOCATION: SUMMIT BASEMENT # # # ######################################################### [bluethundr at LCENT03:~]# Does any...

...ing like that among the PADL migration tools. So in short the user info is there in LDAP but no one can log in because all the password fields look like this: userPassword: {crypt}* Here is a more complete user entry that is currently in the system: 73 uid=bluethundr,ou=summitnjops,ou=staff,dc=summitnjhome,dc=com uid: bluethundr cn: Timothy P. givenName: Timothy P. sn: Dunphy objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount loginShell: /usr/local/bin/bash uidNumber: 1001 gidNumber: 1002 homeDirectory: /home/bluethundr gecos: Timothy P. userPa...

...mdump.pub 100% 408 0.4KB/s 00:00 ssh (w/passwd) to remote host [amandabackup at VIRTCENT18 ~]$ ssh lb1 amandabackup at lb1's password: Last login: Fri Dec 31 10:57:05 2010 from 192.168.1.40 ######################################################### # SUMMITNJHOME.COM # # TITLE: LB1 BOX # # HOST: VIRTCENT01 # # LOCATION: SUMMIT BASEMENT # ######################################################### check to see if the key exists in a...

...le is already loaded, skipping Warning: DocumentRoot [/var/www/html/example.com/jokefire/project_files] does not exist Warning: DocumentRoot [/var/www/html/example.com/store] does not exist VirtualHost configuration: wildcard NameVirtualHosts and _default_ servers: _default_:443 VIRTCENT07.summitnjhome.com (/etc/httpd/conf.d/ssl.conf:81) *:80 is a NameVirtualHost default server blog.example.com (/etc/httpd/conf.d/blog.conf:1) port 80 namevhost blog.example.com (/etc/httpd/conf.d/blog.conf:1) port 80 namevhost example.com (/etc/httpd/conf.d/jfprod.conf...

...cation request accepted on channel 0 debug2: channel 0: rcvd adjust 2097152 debug2: channel_input_status_confirm: type 99 id 0 debug2: shell request accepted on channel 0 Last login: Fri Dec 31 00:23:45 2010 from 192.168.1.40 ######################################################### # SUMMITNJHOME.COM # # TITLE: LB1 BOX # # HOST: VIRTCENT01 # # LOCATION: SUMMIT BASEMENT # ######################################################### -sh-3.2$ [root at VIRTCENT01 x86_64...