Windows file sharing fix

And now you have successfully configured your Linux server to get authenticated via AD, Hooray!

Wait a minute, why can't I connect to my \\ files on Linux from Windows?

Here's the changes you need to make on your Windows Server local policy:-
1.Open the Run command and type "secpol.msc".

2. Click on "Local Policies" --> "Security Options"

3. Navigate to the policy "Network Security: LAN Manager authentication level" and open it.

4. Change the policy to "Send LM and NTLM – use NTLMV2 session security if  negotiated".

Linux - how to show the memory usage per process

Top is a very useful command to show real time overall system health like CPU,memory and  swap status
 

But when come to memory leak detection, we will need more detail information like which process consumes how much memory

Command below comes handy:-

ps -e -orss=,args= | sort -b -k1,1n | pr -TW$COLUMNS

Disable Auto-Restart after Windows Update

If you often receive alert at 3 in the morning about your lovely Windows servers restart by itself.

Chances are Auto-restart has been set to on on Windows Update configuration and Windows Update is normally scheduled to restart at 3:00a.m. by default.

To disable Auto Restart after Windows Update. You can set it from Group Policy.

Run gpedit.msc

Computer Configuration-> Admin Template->Windows Component-> Windows Update
Enable - No auto-restart with...

You can now have a good night sleep. Zz.zz..

Authenticating Linux against Active Directory

When you only have few Linux machines and sysadmins, a simple local machine authentication would do a fairy good job.

Imaging if you have 64 Linux box(and growing) and 4 sysadmins. To keep and maintain sudo access up-to-update would be a daunting task.

Why not get Linux and Windows talk to each other if you already have Active Directory on your environment?

- First you will need to ensure Linux machine A record added to AD DNS server

- create a AD group called linixadmin and add admin user to the group

- Next run the following command on Linux client box

yum install samba-common samba-winbind pam_krb5 sudo authconfig;
chkconfig winbind on;
mkdir /home/[your domain name-mycompany];
chmod 0777 /home/mycompany;
echo "%linuxadmin ALL=(ALL) ALL" >> /etc/sudoers;

authconfig \
--disablecache \
--enablewinbind \
--enablewinbindauth \
--smbsecurity=ads \
--smbworkgroup=MYCOMPANY \
--smbrealm=MYCOMPANY.LOCAL \
--enablewinbindusedefaultdomain \
--winbindtemplatehomedir=/home//%U \
--winbindtemplateshell=/bin/bash \
--enablekrb5 \
--krb5realm=MYCOMPANY.LOCAL \  
--enablekrb5kdcdns \
--enablekrb5realmdns \
--enablelocauthorize \
--enablemkhomedir \
--enablepamaccess \
--updateall \

net ads join -U "AD Admin account i.e. joesoh";
 

service winbind restart

===

Note: MYCOMPANY.LOCAL is your AD domain name

Try logon using you Windows ID and password.

Now who says Windows and Linux don't talk?

php installation

Steps to install php APC

1. # yum install pcre-devel
2. # pecl install apc

Build process completed successfully
Installing '/usr/lib64/php/modules/apc.so'
Installing '/usr/include/php/ext/apc/apc_serializer.h'
install ok: channel://pecl.php.net/APC-3.1.9
configuration option "php_ini" is not set to php.ini location
You should add "extension=apc.so" to php.ini
 

Opsview

Install solr_check  with sudo cpan -i XML::XPath fail

which make

cpan> o conf make /usr/bin/make
    make               /usr/bin/make

cpan> o conf commit
commit: wrote /etc/perl/CPAN/Config.pm

https://github.com/rbramley/Opsview-solr-checks
http://johnbokma.com/mexit/2010/09/22/cpan-writing-makefile-not-ok.html