iDogg

I forgot a username/password for a website that I needed access to.  I had to wait until I got home to dig up a hard copy that had my account# on it.  That’s a pain in the butt.  Opensuse 11 comes preloaded with gpg.  Below is a link to a quick tutorial on how to use it to encrypt single files.  I’m thinking I’m going to put my obscure usernames/passwords in a file, encrypt it with gpg, and be able to access it whenever I have a machine with gpg on it.

On the other hand though, putting anything private in electronic form is a risk.  Anyone ever do this?  What are your opinions?  Drop me a message.

http://www.cyberciti.biz/tips/linux-how-to-encrypt-and-decrypt-files-with-a-password.html

Work was empty on Friday so I had planned on moving the GWIA from an old 4u Dell Poweredge running NetWare 5.1 to a nice and tidy 1u PE 1950 running SLES 10.  Actually, I ended up not transfering the domain and gateway, rather I created both new.  The domain install and config was quick and painless.  The GWIA install and config was not quick and painless.  There were two “gotchas” which I ran into.  The first gotcha was that the GroupWise system needs to be told which GWIA to send outbound mail to.  Makes perfect sense.  You can find that setting in C1:

Tools/GW System Operations>Internet Addressing>Internet Agent for outbound SMTP/MIME messages:

That got outbound message flowing.  The next step was inbound.  I couldn’t figure out why inbound message processing just wasn’t working.  I was banging my head against the wall until I saw a vague novell forum posting mentioning postfix fighting with the GWIA.  A quick trip into yast’s runlevel module showed that postfix was indeed running.  Shutting that off and restarting the gwia agent allowed inbound messages to flow in.

1pm:  Feeling my oats I decided to move the domain for some large post offices to the cluster.  The domain resided on the other remaining Netware 5.1 server.  This server has some mental issues.  It has been around for longer than I have, logically anyway.  What I mean by that is the server began life as a Netware 3.12 server on different hardware.  It then got a software upgrade to Netware 4.11.  Then a hardware upgrade to a Dell PE server.  Then another software upgrade to NetWare 5.1.  And finally another hardware upgrade to a Dell PE 2650.  This happened over roughly a ten to fifteen year period.  I’ve had plenty of problems with this server.  Disk I/O is completely screwed up.  Writing to or deleting from the volumes takes multiple times over the amount of time it should.  GW domain maintenance operations on the box generally called for a database rebuild to get anything moving.  I had GWAVA 3.6 which vomited tens of thousands of .log files for every piece of mail recieved into the files system, already straining the tired traditional file system based volumes.  In the event of a server abend, an automatic vrepair to the sys volume(I didn’t mention everything was loaded on the sys volume for some unknown reason) would render the server useless for up to 7 hours.  To sum it all up, a painful experience.

At any rate, I shut down the MTA and GWAVA.  I copied the domain to the cluster resource(NetWare).  I installed GWAVA4 on the resource as well.  I got the MTA up and running, but the post offices wouldn’t see a differnet outbound MTP IP address.  I tried rebuilding the domain, restarting the POAs, nothing seemed to work.  I decided to pull the plug due to the time.  I moved the domain back and all of the sudden the POAs were seeing the new domain IP.  Crap!  I moved the domain back to the new location and messages finally started to flow.  I created a new GWAVA4 scanner and set up basic notification digests and called it a day.

Fast forward to today.  I came in and started to do some cleanup work, specifically fixing the cluster resource load scripts to load the MTA up and shut it down.  I noticed that one of the cluster nodes, the node that was running GWAVA and the MTA wiped out early this morning at some point.  So, GWAVA loaded up on the next node, but no MTA.  I fixed that piece and got the busted node back online.  I migrated the resource and the server immediately abended.  It migrated the resource over to the next node, which promptly abended.  Thankfully the resource went comatose before it could completely wipe out the entire cluster.  To get to the point, GWMTAVS.NLM has some serious bug which will drag NetWare to its knees.  I quickly decided to ditch GWAVA on NetWare and put in on the SLES box with the GWIA and just do a GWIA scanner.

Things to remember:

• Disable postfix on install of SLES
• Tell the system which GWIA to use
• C1 sucks, groupwise administration sucks, and file based administration should have been eliminated in GroupWise 7.  Everything should be TCP/IP.
• GroupWise is very flexible, sometimes to a fault
• Aside from file sharing duties, Novell’s own GroupWise modules, and Zenworks, don’t use NetWare for anything else important.  It will eat itself to death given the opportunity.  It’s like “Pizza the Hut” from Spaceballs.  Yes, I went there.
• Don’t make any critical changes on a friday afternoon if you don’t have the time to deal with it over the weekend.  It doesn’t help with stress.

On Novell’s Communities site, I stumbled onto this posting.  I’m not sure if I agree with all of the points made, but it certainly hits on some major issues.  In my own personal viewpoint, the management tool piece is one that I’ve complained about myself.  If you’re an experienced GroupWise admin, it’s worth a read.

Maybe this is just a Suse thing I’m going to complain about, but I can’t stand having to deal with Samba.  Any time I have to set up Samba shares on one of our suse boxes, it always seems more difficult than it needs to be.  Maybe this is due to a lack of formal training on my part.

I like NCP, the Novell Client and eDirectory.  I hate SMB, smbmount, Windows Domains, Primary Domain Controllers, Backup Domain Controllers and basically anything derived from the windows network/directory model.

All I want to do is login to a tree, map a drive, or even just put in \\server\volume as a path and start working.  There seems to be a rather large disconnect in my mind when it comes to workstations interacting with non NCP based servers.  NFS is an option that I will have to look into at some point.

Again, my lack of knowledge in this area is probably a large source of my frustration.  If anyone has any proper tutorials or reading material on this subject that might help me, I’d apprecaite it.

NCPMount command:

# ncpmount -A 10.10.10.10 -S server1 -U username.context -V sys /media/whatev

I’ve spent a good portion of the morning figuring out a replacement for Adrem.  I’ve settled on a cobbled together solution of VNC for NetWare and a spiffy little program called Terminals.  It’s not the ideal solution, but it will get the job done for now.  A word to the wise, bare VNC will whip your security types into a frenzy, so watch your ass!

VNC for Netware is as easy as dumping the contents of the zip file onto the sys volume and running the following commands.

load vncpass

load vncsrv

The other benefit going this route, is that Terminals will allow for “Favorites” of servers, “tabbed browsing”, and multiple protocols so I can add all my servers to this one utility.  Still not as nice as Adrem, but it has features that the AWOL freecon didn’t have.

I almost forgot, Adremsoft used to make something called freecon.  It was a nice little client side tool which dumped an NLM on your Netware server and allowed for quick console access to your servers.  It seems as if they discontinued freecon and replaced it with litecon, the same exact piece of software, which costs $500.  Good one fellas.

I’m not in 3rd party software sales, but one the biggest problems I see as a consumer, is the pricing put on some of these products.  Many times, they blow the pricing of the parent software(NetWare in this case) right out of the water.  When you’re paying as much for a 3rd party utility as you are a mature operating system or a complete email solution, your product starts to look less attractive.  For what it’s worth, that is coming from the viewpoint of someone who works and purchases software for a non profit organization.

At any rate, time to find a replacement.

Opensuse 11 was officially released a couple weeks ago.  I’ve install it onto my work laptop.  Overall I like the distro.  Compiz works well right out of the box, at least with my hardware.  I even got the wireless to work, sort of.  Unfortunatly, the network manager applet doesn’t seem to work all of the time.  When I boot up, the laptop might or might not attach to the wireless network.  There’s no ryhme or reason why either, it seems completely random.  The applet also doesn’t seem to like it when I try to delete and add the wireless network connection profile.  It tells me I need to use YaST.  Ok then.  This causes another problem to become apparent.  Whenever I try to make a change to a NIC, wired or wireless, a software update process tries to run.  And in my case, if I’m mucking with network configurations, chances are I’m not connected to the network.  Since I did a “network” install, it needs to access the internet to run the updater.  Someone screwed that one up.  Wireless continues to be the only barrier that keeps me from using any Linux distro and going back to Windows.  Windows support for wireless still beats the hell out of Linux in general.  I’m not even refering to hardware support but rather the ability to actually connect to a wireless network and possibly provide errors when a connection failed.

I’m getting a new boss.  I’m not entirely sure what to expect.  My fear is that the person will come in and start making unilateral technical decisions based soley on past history(exchange, active directory, sharepoint!!!1one).  Conversely, this person might be forward thinking and push for some things which I think would help with our server infrastructure.  Mainly things with SAN and “virtual servers” within the same context. 

Courtesy of PacketLife.net

http://www.packetlife.net/static/cheatsheets/common-ports.pdf

This will be a nice sheet to have taped to the wall at work.

http://www.proprofs.com/certification/cisco/ccna/index.shtml