import os
os.putenv('URE_BOOTSTRAP','vnd.sun.star.pathname:/usr/lib/ooo-3.0/program/fundamentalrc')Otherwise both scripts will throw out the following error:
AttributeError: loadComponentFromURL
Thursday, October 30, 2008
PyUNO broken in OOo 3.0 with system-python
The issue was reported at here. And the solution is also there. I had to add the following lines to the beginning of the scripts DocumentConverter.py and pdfgen.py that come with KnowledgeTree to make them work with OpenOffice.org 3.0 of Mandriva 2009.0:
Otherwise both scripts will throw out the following error:
Otherwise both scripts will throw out the following error:
Saturday, October 25, 2008
LILO with /boot on a Raid 1 mirror
- I ran mcc in Mandriva 2009.0 and selected /dev/md0 as the Boot Device. The lilo.conf generated is shown below:
default="linux"
boot=/dev/md0
map=/boot/map
install=menu
keytable=/boot/us.klt
raid-extra-boot=mbr-only
menu-scheme=wb:bw:wb:bw
compact
prompt
nowarn
timeout=10
message=/boot/message
#disk=/dev/sdb bios=0x80
image=/boot/vmlinuz
label="linux"
root=/dev/md0
initrd=/boot/initrd.img
append="scsi_mod.scan=sync"
- To migrate a OS partition from a non-raid drive to a raid volume, one must reinstall lilo after the partition was cloned. And that has to be done after chroot: (assuming the new raid volume is mounted in /mnt/newsys)
chroot /mnt/newsys
mount /proc
lilo -H
Otherwise lilo will fail to boot.
Ref:
Lilo.conf man page
Thursday, October 23, 2008
Mod_authnz_ldap cause Apache2 to dump core
I installed mod_authnz_ldap on Mandriva 2009.0 with urpmi apache-mod_ldap and only got httpd to dump core every time I tried to authenticate with openldap server. Later I found urpmi didn't install a required library apr-util-dbd-ldap when it installed apache-mod_ldap. So the fix is to run urpmi apr-util-dbd-ldap.
I had the following settings in /etc/httpd/modules.d/47_mod_authnz_ldap.conf:
I had the following settings in /etc/httpd/modules.d/47_mod_authnz_ldap.conf:
AuthType basic
AuthName "Restricted area"
AuthBasicProvider ldap
AuthLDAPBindDN "uid=ldap,dc=example,dc=com"
AuthLDAPBindPassword secret
AuthLDAPURL "ldap://server/ou=people,dc=example,dc=com?uid?one"
Require valid-user
Tuesday, October 14, 2008
dotproject default user role for LDAP
Default user role can be changed in file classes/authenticator.class.php
LDAP users are created in function createsqluser the first time they log in. So the line to modify is
update it to
LDAP users are created in function createsqluser the first time they log in. So the line to modify is
$acl->insertUserRole($acl->get_group_id('anon'), $this->user_id);update it to
$acl->insertUserRole($acl->get_group_id('normal'), $this->user_id);
Thursday, October 9, 2008
Apache serve Subversion with LDAP authentication
Apache2 modules apache-mod_dav and apache-mod_dav_svn are required to serve Subversion by httpd. I also installed apache-mod_ldap as well as apr-util-dbd-ldap to authenticate against a openldap server.
Using ldapi://
OpenLDAP needs to be configured to accept conections via ldapi://, a local unix socket. This is done in the /etc/sysconfig/ldap file. Change the SLAPD URL list to the following:
OpenLDAP will need to be restarted, of course.
A great reference on cyrus SASL and LDAP
DAV svn
SVNParentPath /home/apps/svnrepo
SVNListParentPath on
Order deny,allow
Deny from all
allow from 192.168.
AuthType basic
AuthName "Restricted area"
AuthBasicProvider ldap
AuthLDAPBindDN "uid=ldap,dc=example,dc=com"
AuthLDAPBindPassword secret
AuthLDAPURL "ldap://server/ou=people,dc=example,dc=com?uid?one"
Require valid-user
Using ldapi://
OpenLDAP needs to be configured to accept conections via ldapi://, a local unix socket. This is done in the /etc/sysconfig/ldap file. Change the SLAPD URL list to the following:
# SLAPD URL list
SLAPDURLLIST="ldap:/// ldaps:/// ldapi:///"OpenLDAP will need to be restarted, of course.
A great reference on cyrus SASL and LDAP
Thursday, October 2, 2008
Enable UNC file link access in Firefox
Close firefox, add the following lines to Program files/Mozilla Firefox/defaults/pref/firefox.js and restart Firefox
Click here for more information.
pref("capability.policy.policynames", "localfilelinks");
pref("capability.policy.localfilelinks.sites", "http://examples.com");
pref("capability.policy.localfilelinks.checkloaduri.enabled", "allAccess");
Click here for more information.
Wednesday, October 1, 2008
Samba 3 user authentication against OpenLDAP server
Samba 3 daemon is running on the same host as the LDAP server (openldap 2.4) and only the following settings related to LDAP are added into /etc/samba/smb.conf:
Then run testparm to make sure the smb.conf file is OK. New Samba users can be added to the LDAP directory by running the command "pdbedit -a -u username" if username exists in the system (e.g. /etc/passwd). Otherwise run "useradd username" first.
At the LDAP server, there's an entry sambaDomainName=XXX,dc=examples,dc=com created by pdbedit. Note XXX must be the netbios name of the Samba server. It has an attribute sambaSID=S-YYY which is required. The Samba user entry created by pdbedit has the following attributes:
Note the sambaPwdLastSet attritube is required for the windows client to authenticate properly. Otherwise net use would report the following error:
The required attributes can be easily added to all the user account entries with the perl module Net::LDAP
passdb backend = ldapsam:ldap://127.0.0.1/
#Specifies the base for all ldap suffixes and for storing the sambaDomain object
ldap suffix = dc=examples,dc=com
ldap ssl = off
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap machine suffix = ou=Hosts
ldap delete dn = no
ldap admin dn = cn=manager,dc=examples,dc=com
# You will need to give samba the password for this dn, by
# running 'smbpasswd -w mypassword'
Then run testparm to make sure the smb.conf file is OK. New Samba users can be added to the LDAP directory by running the command "pdbedit -a -u username" if username exists in the system (e.g. /etc/passwd). Otherwise run "useradd username" first.
At the LDAP server, there's an entry sambaDomainName=XXX,dc=examples,dc=com created by pdbedit. Note XXX must be the netbios name of the Samba server. It has an attribute sambaSID=S-YYY which is required. The Samba user entry created by pdbedit has the following attributes:
objectClass: sambaSamAccount
sambaAcctFlags: [U ]
sambaLMPassword: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
sambaNTPassword: yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
sambaPwdLastSet: 1222817828
sambaSID: S-YYY-ZZZ
Note the sambaPwdLastSet attritube is required for the windows client to authenticate properly. Otherwise net use would report the following error:
System error 1907 has occurred.
The user's password must be changed before logging on the first time.
Your password must be at least x characters; cannot repeat any of your previous x passwords; must contain capitals, numerals or punctuation; and cannot contain your account or full name. Please type a different password. Type a password which meets these requirements in both text boxes.The required attributes can be easily added to all the user account entries with the perl module Net::LDAP
Close unwanted SAMBA or NTLM sessions in Windows
As an administrator, type in CMD
Any of the methods above will close all remote connections this computer made as client. Then type the in CMD
net use \\Server\share * /user:username
- net stop WORKSTATION then Y then N.
- net use /persistent:no
net use * /delete /yes
Any of the methods above will close all remote connections this computer made as client. Then type the in CMD
net use \\Server\share * /user:username
Subscribe to:
Posts (Atom)