Citrix XenApp

Your Journey towards cloud.

Virtualization Picking up Speed

Are your Skills keeping up? Skill up. Be Relevant

Are you a System Admin

Learn Citrix XenApp, Its future.

Citrix XenApp

Industry-leading virtualization platform for building cloud.

Cloud Computing in Demand

Learn how to build cloud on Citrix XenApp.

Thursday, 31 March 2011

Installing Windows Remote Management (WinRM) and PowerShell 2.0 on Windows Server 2003 / XP

Windows Remote Management WinRM and PowerShell 2.0 are two very versatile tools that can greatly increase the manageability of your Windows hosts.  Unfortunately it has been somewhat difficult for me locating the most up to date versions of this software.  Basically the package available that installs PowerShell 2.0 also includes the WinRM 2.0 release as well.  Also available at the link below are WinRM/PowerShell 2.0 releases for Windows Vista and Server 2008 R1.
There is a prerequisite that the computer is running Microsoft .Net Framework 2.0 SP1.  I have included a link below to .Net 2.0 SP2:
Now you can install the WinRM 2.0/PowerShell 2.0 Management Framework package here:

Friday, 25 March 2011

Install Samba Server on Red Hat Enterprise Linux/CentOS/Scientific Linux 6

Recently the latest version of Scientific Linux 6 was released. Scientific Linux is a distribution which uses Red Hat Enterprise Linux as its upstream and aims to be compatible with binaries compiled for Red Hat Enterprise. I am really impressed with the quality of this distro and the timeliness with which updates and security fixes are distributed. Thanks to all the developers and testers on the Scientific Linux team!
In this post I will discuss installing Red Hat Enterprise Linux/CentOS/Scientific Linux 6 as a Samba server. The instructions should also be relevant to other Linux distros including CentOS. This example will rely on a local user database as the mechanism to provide security. In future posts I may discuss more complex scenarios including integrating the Samba server into Windows domains and Active Directory.
Let’s start off by installing the Samba server package and its dependencies:
# yum -y install samba
It is a good idea to set up a distinct group to allow access to the directory we will share. I will specify a group ID to prevent any overlap with the default groups created when individual users are added, which on most Linux distros these days start at 500 or 1000.
# groupadd -g 10000 fileshare
Now we will create a directory that will host our Samba share:
# mkdir /home/data
We need to modify the permissions on the directory to allow write access for users in our new group:
# chgrp fileshare /home/data
# chmod g+w /home/data
SELinux
UPDATE (5/10/2011): Recently I was setting up a Samba share on an existing file system that already contained files and I was unable to get SELinux configured to allow Samba to function correctly. This occurred even with using the -R option specified below to re-curse and relabel the existing files. So be aware that you may have problems like I did and you may need to set SELinux to permissive or disabled in the “/etc/selinux/config” file. In my case there were no denials logged in the “/var/log/audit/audit.log” so it was very difficult to troubleshoot.
Now we need to modify SELinux to allow access privilege to our new Samba share. By default this is denied and users will be unable to write files to the share. Details of the SELinux configuration needed can be found in the default config file “/etc/samba/smb.conf”.
Here are some good references regarding SELinux:
Now run the SELinux config command to allow user access to the Samba share directory. New directories and files created under our Samba share directory will be automatically inherit the SELinux context of the parent directory.  Use the -R option with “chcon” to re-curse if there are existing files in the directory you are sharing:
# chcon -t samba_share_t /home/data
Now we will create a user to access the Samba share. The command options specify to add the user to a supplementary group “fileshare”, do not create a home directory, and set the login shell to “/sbin/nologin” to prevent logins to the console. We only want the user access to the Samba file share:
# useradd -G fileshare -u 1000 -M -s /sbin/nologin aaron
Assign a password to this user, although the user shouldn’t have any console login privileges:
# passwd aaron
Now we need to set up our Samba configuration file.  I will move the existing config file and create a fresh copy to be more concise. But don’t delete it, as it contains a good amount of documentation so it is a handy resource if you want to add directives later.
Move the existing file and edit the new file:
# mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
# vi /etc/samba/smb.conf
Now edit the new “smb.conf” file and add parameters like this:
[global]
workgroup = WORKGROUP
server string = samba
security = user
passdb backend = tdbsam
load printers = no
[data]
comment = data directory
path = /home/data
writeable = yes
public = no
The “global” section contains directives that apply to the whole Samba instance. We can define the workgroup or domain this server is a member of, what security mechanism to use (user, share, domain), and the password database type “tdb”. The old “smbpasswd” password file is no longer recommended for use on new installations. The “load printers” directive I set to “no” because I won’t be using the CUPS printing system and connection refused errors will show up in “/var/log/messages” unless this is specified.
The 2nd section (and on if you have more than one share) has details on each Samba file share. In this case the share is named “data”, we can define if it is writeable, and “public” defines whether users not in the Samba password database can access the share.
We should test the parameters of the “smb.conf” file to make sure there are no errors:
# testparm
Once you’ve run the “testparm” command and received no errors in the output you should be set to go. You may notice that some of the parameters won’t show in the output, this is fine and indicates that some are the Samba default. We’ll now make the Samba password for the user we are adding:
# smbpasswd -a aaron
New SMB password:
Retype new SMB password:
I received a bunch of output after entering the password that you can see below. From what I can tell this not a problem and it printed a message at the bottom that the user was added. Later when I fired up Samba and connected to the share with this user everything worked normally.
tdbsam_open: Converting version 0.0 database to version 4.0.
tdbsam_convert_backup: updated /var/lib/samba/private/passdb.tdb file.
account_policy_get: tdb_fetch_uint32 failed for type 1 (min password length), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 2 (password history), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 3 (user must logon to change password), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 4 (maximum password age), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 5 (minimum password age), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 6 (lockout duration), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 7 (reset count minutes), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 8 (bad lockout attempt), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 9 (disconnect time), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 10 (refuse machine password change), returning 0
Added user aaron.
To confirm that the user was added to the Samba tdb database use the “pdbedit” command:
# pdbedit -w -L
Now we need to make changes to the “iptables” firewall startup config file. Backup the file and edit:
# cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak
# vi /etc/sysconfig/iptables
Add the first line accepting packets on TCP/445. Be sure and add it above the last line of the “input” chain with the “Reject” target, that way the rule will be processed.
-A INPUT -p tcp --dport 445 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
Now you can edit the “smb” daemon to start automatically, then start “smb”:
# chkconfig smb on
# service smb start
If you now switch over to a Samba/SMB client you should now be able to map a drive or browse the shares on the Samba server. If you want to browse the shares available you will need to manually enter something like “\\server1″ or “\\192.168.100.1″ without quotes in the address bar of Windows Explorer, the server won’t appear in Network Places. To enable full network browsing more configuration would be needed and you would probably need to enable the “nmb” daemon.

Wednesday, 23 March 2011

Install Open Source VMware Tools on Red Hat Enterprise/CentOS/Scientific Linux 6

VMware now makes a repository available for us to install the VMware tools for a variety of Linux distributions including Red Hat, Scientific, CentOS, and Ubuntu.  In this example I will install VMware tools on a Red Hat Enterprise/CentOS/Scientific Linux 6 guest running on a VMware ESXi 4.1 host.
First import the VMware repository GPG signing public keys:
Now add the VMware repository.  If you’d like you can use the “echo” command below or simply create the file and its contents are listed below it.  There are other packages available in the repository for other Linux distros, architectures, and ESX host versions.  Again I am using the Red Hat Enterprise 6/VMware ESXi 4.1 version.
# echo -e "[vmware-tools]\nname=VMware Tools\nbaseurl=http://packages.vmware.com\
/tools/esx/4.1latest/rhel6/\$basearch\nenabled=1\ngpgcheck=1" > /etc/yum.repos.d\
/vmware-
tools.repo
Now we can list the contents of the new repo file:
[root@server1 ~]# cat /etc/yum.repos.d/vmware-tools.repo
Here is what the contents should look like:
[vmware-tools]
name=VMware Tools
baseurl=http://packages.vmware.com/tools/esx/4.1latest/rhel6/$basearch
enabled=1
gpgcheck=1
It is now time to run the actual install of VMware tools.  In my case I am installing on a server system without X11 graphical interface so this is the minimum install:
# yum -y install vmware-open-vm-tools-nox
If you are installing on a workstation or server with X11 installed and would like the VMware display adapter and mouse drivers loaded use this command.  The install will be a bit bigger:
# yum -y install vmware-open-vm-tools
You are now up and running with VMware tools!

Sunday, 6 March 2011

Install Vmware tools in Linux

1.Mount Vmware Tools to cdrom

2.Copy it to Home directory
   cp /mnt/cdrom/VMwareTools-8.8.2-590212.tar.gz /

3.Untar
    tar zxf VMwareTools-8.8.2-590212.tar.gz

4.change to the unzipped directory
   cd vmware-tools-distrib/

5.Install
   ./vmware-install.pl                 

Wednesday, 2 March 2011

Shutdown or Restart redhat Linux

1.For Shutdown
          poweroff

2.For Restart
          reboot

       

Tuesday, 1 March 2011

Configure Dhcp Server with Red Hat Linux

1. Configure /etc/dhcpd.conf -
                  Does not exist by default
          Copy sample from the DHCP documentation.[ i.e Do this : # cp dhcpd.conf.sample /etc/dhcpd.conf ]
                  Delete everyting in it and keep this much


 Now your new /etc/dhcpd.conf should look like this :
  vi /etc/dhcpd.conf
   ================
   ddns-update-style interim;
   ignore client-updates;
   
    subnet 192.168.0.0 netmask 255.255.255.0
    {
   
      # The range of IP addrs the server will issue to DHCP enabled PC clients
      # booting up on the network
   
        range 192.168.0.100 192.168.0.120;   

      # Set the amount of time in seconds that a client may keep the IP address
     
    default-lease-time 21600;
    max-lease-time 43200;

      # Set the default Gateway to be used by the PC clients
      # This put the word --> GATEWAY=192.168.0.1 in ../ifcfg-eth0

        option routers 192.168.0.1;

      # Don't forward DHCP requests from this NIC interface to any other NIC
      # interfaces
      # Put this on if you have multiple NICs

        option ip-forwarding off;

      # Set the broadcast address and subnet mask to be used by the DHCP clients

        option broadcast-address 192.168.0.255;
    option subnet-mask 255.255.255.0;

      # Set the DNS server to be used by the DHCP clients
      # This puts the word --> nameserver=192.168.0.100 in /etc/resolv.conf

        option domain-name-servers 192.168.0.100;

      # If you specify a WINS server for your Windows clients, include this :
 
        option netbios-name-servers 192.168.1.100;

      # You can also assign specific IP addresses based on the clients'
      # ethernet MAC address as follows (Host's name is "laser-printer")
       
    host laser-printer
    {
      hardware ethernet 08:00:2b:4c:59:23;
      fixed-address 192.168.0.222;
    }
    }

2. touch /var/lib/dhcp/dhcpd.leases   or else DHCP server will NEVER start
                                      and not required from RH7.2 onwards  bcos it already exists

3. service dhcpd start

4.set dhcpd for auto run
       chkconfig --list dhcpd
      dhcpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off

      chkconfig dhcpd on
     dhcpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off


 Testing :-------

 dhcpd -f  - whether DHCP server is up and running
 dhcpd -T  - if dhcpd.leases is OK
 dhcpd -t  - if dhcpd.conf syntax is OK

See man dhcp-options

  Client ------

1. /etc/sysconfig/network-scripts/ifcfg-eth0    Change static to dhcp
    or
    use netconfig

2. reboot or service network restart or even better "ifdown/ifup eth0"

What all can a DHCP server provide Clients ?

1. IP                  - range
2. netmask             - option subnet-mask
3. BC                  -  boot Client
4. nameserver          - 'option domain-name-servers'
5. domain              - 'option domain-name'
6. NIS domain          - 'option nis-domain-name'
6. MAC addr-based IP   - 'hardware ethernet' and 'fixed-address'
7. default lease time  - 'default-lease-time'
8. max lease time      - 'max-lease-time'
9  gateway             - 'option routers'
   For netbios/Samba      option netbios-node-type 2
                          option netbios-name-server


Transform your Windows7 laptop into a Wi-Fi hotspot




In today's time, not even  every home has a laptop or computer, but every member of family also own separate laptops or any other device with internet connection. And everyone want to use internet, prefect if you have a Wi-Fi at home, but what if you have an Ethernet?
For the same purpose, I remember the time when we bought a Ethernet switch to that every laptop connects using a cord, which solved the problem of connection laptops and computer. Luckily, my windows phone also connects to internet just by using a data cable plugged to a system with internet.
But now when I have a iPad, i wanted an another solution as it does not have Ethernet port, through data cable also, it does not connect to Internet. So i was searching on web for some hardwares or softwares  to get Wi-Fi hotspot in my home , and found a very awesome, easy and free way to do so, using the softwares Connectify. Thanks to connectify, Now I dont get bore anymore while cooking  ;)Connectify:

Connectify is a software, that transform your laptop into a Wi-Fi- Hotespot and enables to share your internet for other laptops, smartphones, PDAs, Ipods, tablet-pcs, Ipads, gameboids and every wifi enabled devices through wifi. The best thing is, it require No router or external hardware for this purpose.But, it do works on Windows 7 only.


How to use connectify:
1. Download connectify lite and install it on your windows 7 system.


2. Run connectify, fill Hotspot Name, password, Internet connection and then click on Start Hotspot. Now Wi-Fi hotspot is ready, you can connect other devices with it.



3. Now from other devices  search for wi-Fi, it will show your newly created Wi-Fi's name, you can connect to it as usual you connect to any other Wi-Fi  network.


4. You can also check the name and list of devices connected and disconnected recetly to your Wi-Fi hotspot from the client tab in connectify.