30.4.14

sssd - ad backend with Samba4

Great news for Linux machines in Active Directory. Our file server configuration recently went from a 30 line essay to this:
[sssd]
services = nss, pam
config_file_version = 2
domains = hh3.site
[nss]
[pam]
[domain/hh3.site]
id_provider = ad
auth_provider = ad
access_provider = ad
ldap_id_mapping = False


That's it. It takes care of all the rfc2307 mapping and gssapi keytab stuff. Just make sure you have the MACHINE$ key available in the keytab. Oh, don't forget to clear the cache:
rm /usr/local/var/lib/sss/db/*
It throws in A, AAAA and PTR updates for free. Great if you're on dhcp. A big thanks to the sssd devs.

Add autofs to taste with this configuration. Unfortunately, there is no autofs_provider = ad. Yet:(
[sssd]
services = nss, pam, autofs
config_file_version = 2
domains = default
[nss]
[pam]
[autofs]
[domain/default]
dyndns_update_ptr=true
ad_hostname = catral.hh3.site
ad_server = hh16.hh3.site
ad_domain = hh3.site
ldap_schema = ad
id_provider = ad
access_provider = ad
auth_provider = ad
chpass_provider = ad
ldap_id_mapping=false

ldap_sasl_mech = gssapi
ldap_sasl_authid = CATRAL$@HH3.SITE
krb5_keytab = /etc/krb5.keytab
ldap_krb5_init_creds = true

autofs_provider=ldap
autofs_search_base = OU=automount,DC=hh3,DC=site
ldap_autofs_map_object_class = automountMap
ldap_autofs_entry_object_class = automount
ldap_autofs_map_name = automountMapName
ldap_autofs_entry_key = automountKey
ldap_autofs_entry_value = automountInformation


autofs schema details here

25.4.14

Madrid wrapping up

A warm Madrid [1] in April among company who understand (almost) everything I say. A big thanks to all for the warm welcome, lentil burgers, relaxing atmosphere and super fast cable.

Clockwise from left: Alabal 1, Albal 2, patatas, outer wrapper,
inner wrapper
The journey home was made possible due to first class wrapping up following the much acclaimed traditional Spanish method which is of course now a legal requirement-B.O.E 167-2014. I opened the outer wrapper to reveal lentil burger with designer bread and olive oil expertly wrapped not only in the regulation Albal, but also in an expert bocata 'sleeve' which was resealable. Next came oat and chocolate a las tablas biscuit also expertly wrapped in the second of the Albal doses. Below this was to be found a pristine nitrogen cushioned set of perfectly random crisps which exist to this very day awaiting suitable occasion for consumption. Much has been solved. Thanks again. It means a lot.

[1] Madrid: Everyone is very well behaved these days with up to date driving licences and everything. They are much smaller, whiter and younger than I remember. You get the idea that the Ayuntamiento would ban anything remotely risky such as a firework display, and that anyone caught planning a mascletà would be jailed for life. If they didn't ban it, the authorities would make you stand in straight lines far away from said risk, like in Preston for example. C'mon guys, you're in Spain. Let's smile and make a bit of noise!

7.4.14

n-Gem.com launch

Not the usual mass produced tat, n-Gem take unusual minerals, gemstones and crystals, incorporating them in stunning designs to compliment any outfit, day and night.

It's great to be working on such an unusual project. They've even asked me to give the chemical formula for the minerals. Try us: n-gem.com