We have a Windows Server 2008 with DHCP server running.
I can see the current leases and reservations, is there a way to see the status of yesterday (or at least what IP a particular client had yesterday).
I know the odds are it would be the same IP address but given that the client is a laptop and lease time is 4hours...
The behavior of dig +short is to return nothing (null) when running a query that returns no answer (nothing to do with the timeout, just a definite null answer).
It is ok when running a query by itself, but when combining with an -f parameter and running a batch of queries, it is terrible!
dig +short -f queries.txt
queries.txt:
A somedomain.com
TXT otherdomain.com
A somedomain.com
Now, if the DNS server returns nothing for TXT otherdomain.com (i.e., ANSWER: 0), not timeout or something else, then the output of the above dig command will be something like:
dig +short -f queries.txt
1.2.3.4
1.2.3.4
i.e., only two lines. Not suitable for "paste" and other similar commands. You can no longer merge the output of queries.txt and the production output of dig.
Anything elegant can be done here?
Is there a way to auto-fill a field or set of fields for all AD accounts in one go?
For example if I want to set address field for all employees or in a specific OU? Or perhaps if I need to set their email field to [email protected]
Usually output of ps has a pid somewhere. Is there a way to combine this, preferably with a one-liner, with an output of lsof ?
e.g.
27915 ? Ss 0:03 gpg-agent --daemon
gpg-agent 27915 httpd mem REG 104,1 144776 229236 /lib64/ld-2.5.so
gpg-agent 27915 httpd mem REG 104,1 1718232 229237 /lib64/libc-2.5.so
gpg-agent 27915 httpd mem REG 104,1 23360 229238 /lib64/libdl-2.5.so
...
6139 ? Ss 0:00 /usr/sbin/restorecond
restoreco 6139 root mem REG 104,1 53880 228954 /lib64/libnss_files-2.5.so
restoreco 6139 root 0u CHR 1,3 0t0 1771 /dev/null
...
Note: the first block's first line is output of ps for pid 27915 followed by output lsof -p 27915; the second block is same for pid 6139.
Essentially I would like a join by pid between two commands but output line(s) of first command first and then output lines of second command with same pid. The output is not the same as running something like join -1 2 -2 2 <(ps aux | sort -nk2) <(lsof | sort -nk2) -- this works great but merges two outputs together on same line, producing left side repetition.
For udevd there is no init.d script and manual page is not indicating how to restart it either. The process is holding a deleted file (lsof shows) and I need to release it by restarting udevd.
How to reload/restart udevd on CentOS?
When using combination of Postfix/Dovecot, is there a way to tell smtp server (Postfix) not to store mails on disk but hold/add them to queue until "maintenance finished"?
Useful for disk upgrades, volume extensions, chkdisk etc.
Does an imap proxy with full message list and message body caching exist?
I see two possible variations, one with on-demand caching (user clicks on a mailbox and a message list is fetched from "master" and cached for next click from another mail client / webmail connected to the proxy. Same for clicking on a message with message body cache). Another variation is auto-fetch, some kind of script or daemon that fetches messages on background.
After restarting storage controller a datastore dissapeared from vSphere client view. The VM using the datastore was shutdown prior to controller restart. However, after refreshing and rescan in "Config -> Storage" the existing datastore did not re-import, even thou the LUN is still visible! What can be done in this case?
There are many articles explaining many ways to attack webservers (generic or specific) and even listing general rules for mitigating such attacks, e.g.:
Range)Are there ready to use, tested on prod configuration examples specific to webserver (we use Apache and Nginx) or system wide (Linux) that cover most common attacks?
We used to have 1 VPN tunnel over 1 Internet connection, connecting 2 datacenters into 1 virtual LAN (10.x.x.x). It was very simple with route tables etc.
Now that we added another tunnel on the second independent physical connection it becomes very difficult to handle routing. It's easy enough to route everything the new connection, but what if we want to route only specific host to host or subnet to subnet??
e.g.
client1-site1 <--> vpn-on-site1 <--tun1--> vpn-on-site2 <--> service1-on-site2
client2-site1 <--> vpn-on-site1 <--tun2--> vpn-on-site2 <--> service2-on-site2
Note that there is only 1 vpn node on each side. What we manage to do is for packets to be routed properly from client2-site1 to service2-on-site2 but the returning packets go sometimes to tun1...
I have read that I can do this to make a smaller footprint Nginx when used as static content cache/reverse proxy:
--without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module
What other options are safe to disable? SSI, FastCGI? Others? The only requirements for the reverse proxy is to be able to do https and gzip compression. Will disabling all the module really help with footprint and/or performance?
Every time I restart my OpenVPN tunnel it increments interface's number and breaks MRTG graph for the interface.
IF-MIB::ifName.76 = STRING: tun_w
after restart:
IF-MIB::ifName.77 = STRING: tun_w
Any way to fix it?
On Linux there is a nice tool for testing connections, bandwidth, opening temp. connections etc: nc
What is equivalent on Juniper firewalls?
As per title. Basically what are Dell's online tools for checking or changing BIOS/RAID-controller level conf. For Linux.
How do Active Directory domain joined computers (native MS Windows or Linux with winbind) determine the closest password server? This question implies a cluster with 2+ Active Directory servers in different locations.
On Windows there is no apparent option for preference over which Active Directory server will be used to authenticate, etc.
On Linux (with samba/winbind) there is a setting for smb.cfg ("password server") but it is optional (when used in combination with setting "security = ads").
Successfully compiled and installed the latest version of samba.
Started winbindd and the following diagnostic commands work:
wbinfo -p, wbinfo -c, net ads testjoin, etc...
However! when using built-in Linux command like id or when using pam with pam_winbind module to login. They fail and there is nothing in the logs referring to winbind. What could be the issue?
e.g.
[root ~]# wbinfo -i testuser
testuser:*:10708:1513:Test User:/home/domain.ad/testuser:/bin/bash
but !
[root ~]# id testuser
id: testuser: No such user
Note: previous versions (samba 3.5.x) worked well on our systems so it's not bad domain or configuration.
/etc/nsswitch.conf:
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files dns wins
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
switch1#show interfaces descri
...
Fa0/13 up up
Fa0/14 down down
Fa0/15 up up
...
(the lights are also on on both ports 13 and 15)
However:
switch1#show mac-address-table
24 x.dc15.93a9 DYNAMIC Fa0/13
24 x.9931.296d DYNAMIC Fa0/11
24 x.2196.cf24 DYNAMIC Gi0/1
24 x.a947.fb81 DYNAMIC Fa0/11
24 x.b954.90c2 DYNAMIC Fa0/8
24 x.b976.a45c DYNAMIC Fa0/2
24 x.8f1c.f11b DYNAMIC Fa0/11
24 x.ba8e.f467 DYNAMIC Fa0/11
28 x.2196.cf24 DYNAMIC Gi0/1
28 x.f08a.6025 DYNAMIC Fa0/20
28 x.f08a.6026 DYNAMIC Fa0/19
28 x.f08a.6027 DYNAMIC Fa0/22
21 x.2196.cf24 DYNAMIC Gi0/1
20 x.2196.cf24 DYNAMIC Gi0/1
We are planning to implement 802.1X. What is not clear is whether a switch supporting 802.1X can successfully and correctly authenticate multiple devices connected to the same switch port (e.g. if we have a department using a hub with a bunch of computers to "share" the port)? If so, how does the protocol validate the source of packets?
Or does implementing 802.1X will require us to purchase huge expensive 802.1X supporting switches, for one port per device?
Is there way to tell the bash find command to output what it is doing (verbose mode)?
For example for the command:
find /media/1Tb/videos -maxdepth 1 -type d -mtime +7 -exec rm -rf {} \; to output:
Found /media/1Tb/videos/102, executing rm -rf /media/1Tb/videos/102
...
What would be an ideal time and timezone setup for multi-country servers? Especially considering one central IT team managing these servers.
Currently we have each server using a local timezone. e.g. servers in the Chinese datacenter are set with CST. Servers in our German datacenter are set to CEST. Time is set as local time at the datacenter. (note: in total we have servers in 6 countries).
The current setup is useful when it comes to looking at logs locally on the server (knowing exactly when event happened relative to current server local time). However, when looking at events from a central syslog server it becomes a nightmare.