problems with editing group policy

This one made me feel like a noob!!!  I guess its one of those things that you don’t think about.

I was having problems editing a group policy object on one of my domain servers.  I kept checking permissions and beating my head against the wall, nothing.  Kept getting errors about not having appropriate permissions to access the GPO.  After beating my head on the keyboard for a while I happened to notice the time on the remote server was off.  Way off.  It was running about 90 minutes behind the rest of the system.   I reset the time and presto the GPO lets me in.

The moral of this story is: Keberos will not authenticate when the time is off by more than a few minutes.

bzip2

For a long time the only compression utility that I ever used was gzip, which I used in conjunction with the tar command whenever I was tar-ing data and compressing data.

Recently I learned that using bzip2 to compress data is even better. It is able to compress data to even smaller sizes than gzip.

Basically what I do now is first of all create the tarball with a command like this:

# tar -cvf filename.tar filesources.txt

After I make the tarball, then I use bzip2 on it, like so:

# bzip2 filename.tar

This will create a file that looks like filename.tar.bz2

If I then want to uncompress this file, I do this:

# bunzip2 filename.tar.bz2

This will leave me with a file called filename.tar again.

Here’s a good articleon linux.com.

chkconfig

chkconfig is a nice utility you’ll find in RedHat/Fedora Linux and its derivatives.

This utility enables you to tell the operating sytem what services should be executed and brought to life upon reboot of the server.

To understand chkconfig you have to keep in mind that Linux boots up into different run levels. A run level is a way of specifying what services should run when you boot up the server for different reasons. The main run levels I am concerned with are run levels 3 and 5. Level 3 is console mode, level 5 is full GUI or X Windows mode.

My servers boot into Level 3, so I configure what services will start up on level 3 by using the chkconfig command.

Example:

# chkconfig --level 3 foobar on

This example indicates that the foobar service should start up every time the server is rebooted into Level 3. My server is set to boot into Level 3 by default, so I know if the machine is rebooted the web server will come back on.

It is important for security to turn off as many services as you can get by with.

To get a listing of the services that are on and what ports are open on your server you can use the netstat command, and also use chkconfig like this:

# chkconfig --list | more

If you are looking for a specific service, and trying to determine if it comes on at a certain run level, you can try this:

# chkconfig --list | grep foobar

If you don’t care what run level a service starts up on, and you just want to make sure a service starts no matter what run level the machine starts on, you can do this:

# chkconfig foobar on

Win XP TCP/IP reinstall

Once there was a windows xp desktop that would not connect to the network. I tried to repair the connection but kept getting an error about not being able to query the tcp/ip stats for the adapter. So I think that there is a problem with the card, alas no. Turns out that the TCP/IP stack was corrupt. So how did I fix it….well I tried netsh commands but they did not work. Finally had to reinstall the protocol …

Right click “My Network Places”

Select Properties,

Right click the connection and select Properties,

Click Install >Protocol >add >have disk,

Browse to the location of nettcpip.inf (either on xp cd or windows/i386 folder),

Select TCP/IP click OK

Reboot

’scp’ command

Quick Overview and example:

# scp filetocopy userid@ipaddress:/folder/folder

In the example above, that last part is usually something like:
/home/username/

Also, don’t forget that colon : there in between the ipaddress and the first slash….

To copy one file from one machine to another, do this:

1. Log into the machine that has the file on it.
2. Go to the folder where the file is at.
3. use the scp command like the example above.
4. The scp command will prompt for a password if it is working correctly.
5. Type in your password, and you should see a progress bar indicating that it is working.

‘df’ command

The df (disk free) command displays the amount of free disk space. This is often quite handy when determining if there is enough space to store an image on a particular hard drive. Best used with -h (human readable) flag.

Example:

$ df -h

Example of what output “might” look like:

Filesystem            Size  Used Avail Use% Mounted on
/dev/hda2             9.1G  2.1G  6.6G  25% /
/dev/hda1              97M  9.2M   83M  10% /boot
none                   62M     0   62M   0% /dev/shm

I use this command a lot because I manage disk usage on our mail server. If you manage a mail server for an ISP you know what I mean….

‘date’ command in linux

The command to change the date and time looks like this:

$ date --set="2004-4-07 9:50 AM"

Of course, you would substitute the correct date and time in the quoted string.

open the pod bay door….

Like the picture.