Archy's Blog

What is spacewalk? Spacewalk is a free version of Red Hat Satellite, a system nanagement solution. What you can do with spacewalk: - Kickstart Distributions - Deploy updates on your systems using a centralized management solution - Execute remote commands using rhncfg-actions - Create local repositories So let's get started. First we have to install the spacewalk repo. We can do that by using the following command [archy@spacewalk ~]$ sudo rpm -Uvh http://yum.spacewalkproject.org/2.6/RHEL/7/x86_64/spacewalk-repo-2.6-0.el7.noarch.rpm Also we will have to add the JPackage repository. [archy@spacewalk ~]$ sudo bash -c 'cat > /etc/yum.repos.d/jpackage-generic.repo << EOF [jpackage-generic] name=JPackage generic baseurl=http://mirrors.dotsrc.org/pub/jpackage/5.0/generic/free/ #mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=generic&type=free&release=5.0 enabled=1 gpgcheck=1 gpgkey=http://www.jpackage.org/jpackage.asc E...

I've stumbled upon this a few times now. A user cannot login to the Terminal Server or his local machine. There are a couple of suggestions on the web but these didn't help me. What finally helped me was doing the following: First open up the windows explorer and locate the user's home folder. Next select 'properties' in the context menu: Click on security. We are searching for the permissions and inheritance. Click on Advanced Tick the 2 boxes and apply Your user should now be able to login again. I've figured out, it was caused by the file 'NTUSER.dat' for some reason. The User that tried to login had no read access to the file even though it was in his own home folder. Feel free to comment and / or suggest a topic.

At this point, I'm assuming you have a functional zimbra-server up and running including dns-records. In my case, I was using my 2 FreeIPA-Servers to handle DNS and authentication. You can add a MX-Record to integrated DNS by running [archy@ipa01 ~]$ ipa dnsrecord-add archyslife.lan zimbra --mx-preference=0 --mx-exchanger=zimbra.archyslife.lan or [archy@ipa01 ~]$ ipa dnsrecord-add archyslife.lan zimbra --mx-rec="0 zimbra.archyslife.lan" Note: the hostname of the machine I'm using is zimbra and the dns-zone is archyslife.lan. The 'mx-rec' option is used for raw mx-records meaning the preference and exchanger must be given. First we will have to ensure, that we will still be able to access the administration panel even though there is no connection to the LDAP server. You can do this by issuing the following command: [archy@zimbra ~]$ sudo su -l zimbra [zimbra@zimbra ~]$ zmprov modifydomain archyslife.lan zimbraAuthFallbackToLocal TRUE W...

As the headline suggests, I'm going to talk about Knowledge that isn't so common to everyone of us. Atleast that's what it seems like to me. A short background info on why I am writing this today. I had to troubleshoot our network today because one of my colleagues told me that he can't reach the server. After I asked him what he already tried to troubleshoot, he told me "nothing, I can't reach it". It ended up being a DNS problem. It's always DNS!  But that moment got me thinking and I thought that there might be knowledge we take as common that is not as common as we think it is. The topic I'm talking about is Networking. Networking is essential in my opinion because if there are no roads, how are you going to get moving? There are quite a few guys I've talked to which were familiar with their applications and a special OS like Windows Server but they just knew the very basics of networking such as routing and switching, vlans and ...

Image by fedorapeople.org In an earlier post, I've explained how to install the first IPA-Server. This time I'll explain how to create a replica. First, I will add the server to our idm domain and promote the server to be a replica afterwards ( domain level 1 ). To have the necessary steps working, I'll have to use the IPA-Master-Server as the first DNS. Otherwise autodiscovery won't work. Let's start with /etc/hosts [root@ipa02 ~]$ echo "$(hostname -I | awk '{print $1}') $(hostname) $(hostname -s)" >> /etc/hosts The output should look like this: 172.31.10.251 ipa02.archyslife.lan ipa02 Next up, we install the needed packages and update our system [root@ipa02 ~]$ yum -y update && yum -y install ipa-server ipa-server-dns epel-release Using this command, we add the server to our domain. [root@ipa02 ~]$ ipa-client-install --mkhomedir You can switch to your normal user now. Before we can create the replica, we...

FreeIPA is a solution for managing users, groups, services, hosts and services. Its functionality is almost identical to Microsoft's Active Directory. Inside FreeIPA are common software projects working together to build the the whole solution. The applications I am talking about are 389-Directory-Server MIT-Kerberos BIND Dogtag and the Apache Webserver. Following, I will explain the installation of the master-IPA server. First we have to edit the hosts file (/etc/hosts) and fill in our IP, FQDN and Short-FQDN. [root@ipa01 ~]$ echo "$(hostname -I | awk '{print $1}') $(hostname) $(hostname -s)" >> /etc/host The output should look like the following: 172.31.10.250 ipa01.archyslife.lan ipa01 Next up we update the machine to be on the latest software and install IPA-Server and IPA-DNS. [root@ipa01 ~]$ yum -y update && yum -y install ipa-server ipa-server-dns epel-release We can start the installation script by running the followi...