Posipiet's questions

We have a webserver which offers svn, websvn and trac using ApacheAuth, which we are in the process of moving to a new domain. I am looking for a way to have a translation Logonname -> Username.

This is why:

• For external reasons, the samAccountName is a 6-char string which is randomly assigned at account creation. This cannot be changed.
• In a collaboration context, it is preferrable to see a cleartext name.
• We have two persons with the same name, so the attribute displayName is problematic.
• Mail-Address is also problematic, because of the @ sign.
• We chose to use MailNickname, which proved to be unpopular with users, especially people with longer names. Also, for technical reasons, MailNickname is a bad choice, because it can change when users take a new mail alias.

Question:

In what way can I have people login using samAccountName, but display any other AD or LDAP attribute which is different from samAccountName, within svn, websvn, trac?

This is the Auth part of sites-available/svn:

    AuthType Basic
    AuthName "Username: your logon name"
    Require valid-user

    AuthLDAPBindDn CN=$account
    AuthLDAPBindPassword $password

    AuthBasicProvider ldap
    AuthzLDAPAuthoritative on
    AuthLDAPURL ldap://$server:389/$path?mailNickname?sub
    AuthLDAPGroupAttribute memberOf
    AuthLDAPGroupAttribute member
    AuthLDAPGroupAttributeIsDN on
    Require ldap-group CN=$groupname
    AuthzSVNAccessFile /srv/svn/auth/authz

We have a former Win2k AD domain, which is migrated to W2k3 servers, and has a slew of schema extensions (Exchange, msSFU, and self-defined) from the past and various parts of the forest.

Searching users works just fine, I get the complete list of users. However, if I query the user objects, I get only an incomplete list of properties:

$user.properties.propertynames

delivers

objectClass
cn
distinguishedName
instanceType
whenCreated
whenChanged
uSNCreated
uSNChanged
name
objectGUID
userAccountControl
badPwdCount
codePage
countryCode
badPasswordTime
lastLogoff
lastLogon
pwdLastSet
primaryGroupID
objectSid
accountExpires
logonCount
sAMAccountName
sAMAccountType
objectCategory
isCriticalSystemObject
nTSecurityDescriptor

This response lacks quite a few properties that AD Explorer shows.

How can I list all the properties and values that really exist? Any other hint for a tool to achieve that besides Powershell?

Background: We need to check the consistency of the user objects. It seems like if the object was created back then with W2k the user has a more complete set of properties than when they are set up on a W2k3 ADUC. Some problems seem to arise from that, but I am not yet sure, and would like to sanity check the user properties.

I know how to use $objSearcher.PropertiesToLoad.Add (). But that is of no help since I also want to find if there are any unknown properties lurking in some user objects.

Some old user objects have up to 150 properties. But not all old users have the same set. I want to get a list of who has what.

How can I get the total list of available properties, that are used on any objects?

We are in the process of replacing a selection of different old black&white and color printers with several new color multifunction devices. This might lead to greatly increased printing costs.

This year, we had about 400k b&w and 100k color prints.

So far, most of the b&w prints are pdfs with a bit if color, like a logo. Most of the color prints were posters or powerpoint presentations with plenty color. Speaking of 500k pages a year, even marginal savings amount to quite a sum.

We have a Printserver Win 2003 R2.

Clients are WinXP and Win7, 32 and 64 bit.

Printer(s): Canon iR 2380i. Printer driver is up to date.

Our users print plenty documents which are partly color. Default Printer setting is automatic, therefore stuff gets printed in color.

We do not want to introduce printing policies or counters or bureaucracy.

The preferred setup would print b&w by default, and color only if the user wants to, by clicking "color" in the printer settings. This setting should reset after each print job. The current functionality is "print automatic color/b&w by default, user can switch to color or b&w, resets after each print job".

The Settings dialog does allow to change the default settings, but this does not include the color choice!

Is there a way to set this up? How do you handle color printing cost?

Hardware: one virtualization server. Dual Nehalem, 24GB RAM, 2 TB mirrored HD.

Software: Debian, KVM, virt-manager on the server with several virtual machines that use Linux too. 2 TB Disk is a big LVM, each VM gets a logical volume and makes its own partitions in that.

Problem: One of the programs that runs on one of the VMs creates huge disk load. This never was an issue, because the program never ran on such a powerful hardware. Now the CPUs are fast, and lots of I/O is the result. We cant do much against that at the moment, because the tool is a black box. On the other hand, the speedy computation is welcome. The program creates about 5 GB of temp files which get overwritten during the next iteration.

Question: How can we limit the disk I/O for the process?